loading...

DotNet Core in kubernetes (Azure Container Registry)

mkokabi profile image Mohsen Kokabi ・3 min read

Here in simplest form we are going to run an Asp.Net core application in local Kubernetes.

Step 1: Creating a container registry

First you need to login to your azure account:

az login

if you don't know the id of the location you can get it with

az account list-locations

I am going to use australiaeast. So I am going to put it in a variable.

bash:

location='australiaeast'

powershell:

$location='australiaeast'

The other parameter I am going to need is a name for resource group
bash:

resource_group_name='ContainerRegistryRG'

powershell:

$resource_group_name='ContainerRegistryRG'

In case you are not using an existing resource group:

az group create --location $location --name $resource_group_name

Next parameter is a name for the container registry. As it needs to be unique I am adding the seconds from Unix Epoch.

bash:

crName=TestCR$(date +'%s')

powershell:

$crName='TestCR' + [int][double]::Parse((get-date -UFormat +%s))

Finally, we create the container registry:

az acr create -g $resource_group_name -n $crName --sku Basic --admin-enabled -l $location

I am going to (manually) store the value of loginServer from the json response in crServerName.

The next parameters we need are credentials.

az acr credential show -g $resource_group_name -n $crName 

Take a note of "username" and password value

Step 2: Creating the docker image

Now we are going to create a dotnet core web application and build a docker image. The complete list is also here

dotnet new webapp -o KTestDotNetCoreWebApp

cd .\KTestDotNetCoreWebApp\

dotnet publish -c Release -o out

new-item -path "Dockerfile" -ItemType "file" -Value 'FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS runtime
WORKDIR /app 
COPY out ./ 
ENTRYPOINT ["dotnet", "KTestDotNetCoreWebApp.dll"]' 


docker build . -t ktest-dotnetcore-webapp-docker-image

We need to tag our docker image with the name of the container registry server.

docker tag ktest-dotnetcore-webapp-docker-image "$crServerName/ktest-dotnetcore-webapp-docker-image"

To be able to push to the registry you first need to login. You can login using either of following ways:

az acr login --name $crName --username $crName

or

docker login "$crServerName"

both of them will use the username and password you got using az acr credential show.

Now we can push our image:

docker push "$crServerName/ktest-dotnetcore-webapp-docker-image"

Step 3: using our docker image in Kubernetes

To allow kubernetes pull down our image, we need to define a image pull policy.
K8s would get the information it needs in a secret object. The type of this secret should be docker-registry. Here I am going to name it myregistrykey. It would be used while defining the container template either for the pod or for the deployment.

ref

kubectl create secret docker-registry myregistrykey --docker-server="https://$crServerName" --docker-username="$crName" --docker-password={replace the password} --docker-email=my@email.com
  • The password is what you get while running the az acr credential show
  • The email can be anything.

Now we are going to create a deployment object using kubectl run. As imagePullSecrets can not be added in the command line of creating the deployment object (or pod object), I would use --dry-run option with -o yaml to only generate the yaml.

kubectl run g5 --image="$crServerName/ktest-dotnetcore-webapp-docker-image:latest" --replicas=2 --port=80 --dry-run -o yaml >g5.yaml

Now, we need to add the imagePullSecrets at the same level of containers.

The final yaml would be like:

apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    run: g5
  name: g5
spec:
  replicas: 1
  selector:
    matchLabels: 
      run: g5
  template:
    metadata:
      labels:
        run: g5
    spec:
      containers:
      - image: testcr{some numbers}.azurecr.io/ktest-dotnetcore-webapp-docker-image:latest
        name: g5
        ports:
          - containerPort: 80
      imagePullSecrets:
        - name: myregistrykey

And now we can create the deployment object using our yaml file.

kubectl apply -f g5.yaml

The last step is exposing the port 8080 using a load balancer service.

kubectl expose deployment g2 --type=LoadBalancer --name=glb --port=8080 --target-port=80

That's it. You can now browse the application on http://localhost:8080.


You might prefer to only create a pod. The only difference is add --restart=Never in kubectl run command and remove the --replicas:

kubectl run g3 --image="$crServerName/ktest-dotnetcore-webapp-docker-image:latest" --restart=Never --port=80 --dry-run -o yaml >g3.yaml

Similarly, edit the yaml file and add under spec add

      imagePullSecrets:
        - name: myregistrykey

and then create the object.

kubectl apply -f g3.yaml

The exposing step would be the same just saying pod instead of deployment.

kubectl expose pod g3 --type=LoadBalancer --name=glb --port=8080 --target-port=80

Posted on by:

Discussion

pic
Editor guide