Integrating Azure Container Instances in AKS

In a previous blog post, I talked about how excellent the managed Kubernetes service is in Azure and in another blog post I spoke about Azure Container Instances. In this blog post, we will be combining them so that we get the best of both worlds.

We know that we can use ACI for some simple scenarios like task automation, CI/CD agents like VSTS agents (Windows or Linux), simple web servers and so on but it’s another thing that we need to manage. Even though that ACI has almost no strings attached, e.g. no VM management, custom resource sizing and fast startup, we still may want to control them from a single pane of glass.

ACI doesn’t provide you with auto-scaling, rolling upgrades, load balancing and affinity/anti-affinity, that’s the work of a container orchestrator. So if we want the best of both worlds, we need an ACI connector.

The ACI Connector is a virtual kubelet that get’s installed on your AKS cluster, and from there you can deploy containers just by merely referencing the node.

If you’re interested in the project, you can take a look here.

To install the ACI Connector, we need to cover some prerequisites.
The first thing that we need to do is to do is to create a service principal for the ACI connector. You can follow this document here on how to do it.

When you’ve created the SPN, grant it contributor rights on your AKS Resource Group and then continue with the setup.

I won’t be covering the Windows Subsystem for Linux or any other bash system as those have different prerequisites. What I will cover in this blog post is how to get started using the Azure Cloud Shell.

So pop open an Azure Cloud Shell and (assuming you already have an AKS cluster) get the credentials.

After that, you will need to install helm and upgrade tiller. For that, you will run the following.

The reason that you need to initialize helm and upgrade tiller is not very clear to me but I believe that helm and tiller should be installed and upgraded to the latest version every time.

Once those are installed, you’re ready to install the ACI connector as a virtual kubelet. Azure CLI installs the connector using a helm chart. Type in the command below using the SPN you created.

As you can see the in command from above, I typed both for the –os-type. ACI supports Windows and Linux containers so there’s no reason not to get both 🙂

After the install, you can query the Kubernetes cluster for the ACI Connector.

Now that the kubelet is installed, all you need to do is just to run kubectl -f create YAML file, and you’re done 🙂

If you want to target the ACI Connector with the YAML file, you need to reference a nodeName of virtual-kubelet-ACICONNECTORNAME-linux or windows.

You run that example from above and the AKS cluster will provision an ACI for you.

What you should know

The ACI connector allows the Kubernetes cluster to connect to Azure and provision Container Instances for you. That doesn’t mean that it will provision the containers in the same VNET as the K8 is so you can do some burst processing or those types of workloads. This is let’s say an alpha concept which is being built upon and new ways of using it are being presented every day. I have been asked by people, what’s the purpose of this thing because I cannot connect to it, but the fact is that you cannot expect that much from a preview product. I have given suggestions on how to improve it, and I suggest you should too.

Well that’s it for today. As always have a good one!

Hosting a single container in Azure – Azure Container Instances

You’ve probably heard of containers and what you can do with them in some simple scenarios. Containers brought an exciting concept in application development and infrastructure management. Containerizing an application removes the ping-pong between Dev and Ops and the famous phrase “it works on my machine”. You get a docker file or the actual container image from a public/private repository and just run it. If it worked in the development environment, then it will work correctly in the staging and production environment without any changes.

The problem with containers is that they need to be hosted in a container orchestration system like Docker Swarm, DC/OS or Kubernetes. These systems are not cheap to run and not easy to maintain. If you have a significant application that requires a container orchestration tool then that’s a no-brainer but what if you need to run one single container for one hour because I need something processed and then I’m done? Well, you didn’t have any other possibility other than running it on your machine or in a container orchestrator, but recently Azure introduced a public preview of Azure Container Instances that allow you to run single containers at a per second billing.

Azure Container Instances

An Azure Container Instance is a single container that starts in seconds/minutes (depends if you’re using Linux or Windows) and you are billed by the second. You can pretty much call it a Container as a Service offering or CaaS 🙂

This concept is pretty sweet from multiple standpoints. I for one found some significant use cases for my needs. For example, when I’m doing workshops or training classes, I usually use VSTS to show off the possibilities of deploying applications to Azure. The problem I have is that the hosted agent free time is not enough for my preparation of demos and I usually spend some time setting up Windows and Linux agents. With ACI, I just create a Windows and Linux container with the agents and only deploy them from an Azure Container Registry or Docker Hub.

Another use case I found is web application load testing. I can just spin up a couple of containers and do load tests on my web application, pay for a minute of usage and be done with it.

I just thought of two useful things that you can do with ACI but that’s just the tip of the iceberg and at the moment they are preview which means MS is not done working on them and awesome stuff should appear soon 🙂
If you only have a 150$ Azure MSDN Subscription then you know that you have to do a lot of micro-management to just keep that credit when you’re doing presentations / workshops or training classes.

Getting started

Spinning up a container instance is extremely simple. You can either spin up an ACI by using the Azure Portal, or you can use the Azure CLI via the Cloud Shell to run some simple commands to provision your container.
If you’re using the Azure Portal, you go to new -> Search MarketPlace for Azure Container Instance -> Go through the steps where you reference a public or private registry, specify the amount of CPU and Memory you need and presto, DONE 🙂


The commands for doing it in the Azure CLI are like this:

Billing

This service looks great and sounds like a good idea for load testing, VSTS agents and other types of one-off things that you may need, but the billing is not straightforward. You have a flat fee for when you’re creating the container, and after that, you get billed by the second for the memory and CPU that you’re using.

I won’t reference pricing on this one because prices change but what I can say is that if you leave one running for a day, you will pay around 6 EUR which is not much 🙂

In my opininon ACI is a great Azure service addition and I’m waiting to find out what will Azure bring next 🙂

That being said, have a good one!

Pin It on Pinterest