Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/clarenceb/aks-mariner-demo

Demo of using CBL-Mariner 2.0 on AKS
https://github.com/clarenceb/aks-mariner-demo

aks azure demo linux

Last synced: 1 day ago
JSON representation

Demo of using CBL-Mariner 2.0 on AKS

Host: GitHub
URL: https://github.com/clarenceb/aks-mariner-demo
Owner: clarenceb
Created: 2022-12-01T00:12:31.000Z (about 2 years ago)
Default Branch: main
Last Pushed: 2022-12-01T00:17:01.000Z (about 2 years ago)
Last Synced: 2024-12-30T08:41:25.838Z (about 2 months ago)
Topics: aks, azure, demo, linux
Language: HTML
Homepage:
Size: 957 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

CBL-Mariner 2.0 use in AKS
==========================

This is a simple demo based on the Mariner OS preview for AKS.

Create AKS cluster with Mariner system nodepool
-----------------------------------------------

```sh
az group create --name MarinerTest --location australiasoutheast
az aks get-versions -l australiasoutheast -o table
az aks create --name testMarinerCluster --resource-group MarinerTest --os-sku mariner -c 3 -k 1.24.6 -a monitoring
az aks get-credentials --resource-group MarinerTest --name testMarinerCluster

kubectl get pods --all-namespaces
kubectl get nodes -o wide

# NAME STATUS ROLES AGE VERSION ... OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
# aks-nodepool1-67251971-vmss000000 Ready agent 161m v1.24.6 ... CBL-Mariner/Linux 5.15.70.1-1.cm2 containerd://1.6.6
# ...
```

Create a .NET 6 app based on Mariner distroless image
-----------------------------------------------------

```sh
dotnet --version
# 6.0.100

dotnet new webapp -n webapp
cd webapp
```

Update file `webapp/Pages/Index.cshtml.cs` to log some info for ContainerInsights:

```C#
public void OnGet()
{
_logger.LogInformation("IndexModel - OnGet accessed from {IP} ({UserAgent}",
HttpContext.Connection.RemoteIpAddress,
HttpContext.Request.Headers["User-Agent"]);
}
```

Test webapp locally first:

```sh
dotnet dev-certs https --trust
dotnet run
# CTRL+C
```

(Optional) Build Docker image locally and test it (requires Docker Desktop or alternative container engine)
-----------------------------------------------------------------------------------------------------------

```sh
cd webapp/
docker build -t webapp:mariner .
docker run --rm -ti -p 8080:8080 webapp:mariner
# Access http://localhost:8080 in your browser
```

Create an Azure Container Registry (ACR)
----------------------------------------

```sh
az acr create -n marineracrtest -g MarinerTest -l australiasoutheast --sku Standard
```

Publish image to ACR
--------------------

```sh
az acr build -t webapp:mariner -r marineracrtest webapp/
```

Grant access to ACR for the AKS cluster
---------------------------------------

```sh
az aks update -n testMarinerCluster -g MarinerTest --attach-acr marineracrtest
```

Deploy webapp to AKS using Mariner image
----------------------------------------

```sh
kubectl apply -k overlays/production

kubectl get all -n marinertest

# Access the load balancer external IP to test the app
```

Check logs are collected via Container Insights
-----------------------------------------------

* Access your AKS resouce blade
* Go to Monitoring / Insights
* Select the `mariner` pod under "Containers"
* Select "Live logs"
* Access the webapp home page to generate some logs
* Click "View in Log Analytics" to see the KQL query and results

References
----------

* https://learn.microsoft.com/EN-us/azure/aks/use-mariner
* https://learn.microsoft.com/EN-us/azure/aks/cluster-configuration#mariner-os
* https://faithlife.codes/blog/2022/05/using-cbl-mariner-for-asp-net-core-apps/