DocsICP FilingConsole
官方文档
首页

Quick Start

更新时间:
复制 MD 格式
产品详情
我的收藏

This topic shows you how to get started with AKS on the public cloud or Apsara Stack.

Step 1: Create a standard workspace

A workspace is a group of resources that share the same network, security policies, and low-latency access. You can use workspaces to group and manage resources. For example, you can create development, testing, and production workspaces for different delivery requirements. Resources in different workspaces are isolated from each other.

  1. Log on to the SOFAStack console.

  2. In the navigation pane on the left, click Global Settings to go to the workspace list page.

  3. Click Create Workspace, select the Standard Workspace type, and then click Create.

  4. On the Create Workspace page, enter the following basic information.

    • Workspace ID: Enter an ID for the workspace. The ID must be 2 to 64 characters in length, globally unique, and cannot be changed after it is created. Examples: dev, test, and prod. In this example, enter DemoWS.

    • Workspace Name: Enter a display name for the workspace. The name must be 1 to 64 characters in length. Examples: Development Workspace, Testing Workspace, and Production Workspace. In this example, enter DemoWS.

    • Region: The region where the workspace resides. A workspace must belong to a region.

      Note

      The available regions are China (Shanghai) and China (Hangzhou) (Finance Cloud).

    • Network Type: Select VPC.

    • Import VPC: Keep this option disabled.

    • Zone: Select the zones for the workspace. You can select up to two zones. You can import resources only from the selected zones. Features such as deployment and disaster recovery also use these zones. We recommend that you select two zones to support high availability (HA) architectures.

  5. Click Next. On the Create VPC page, enter the following configuration information:

    • VPC Name: The name must be 2 to 128 characters in length. It must start with a letter and can contain digits, underscores (_), or hyphens (-). The name cannot start with http:// or https://. You can use the auto-generated name cell-workspace-id-vpc.

    • VPC CIDR Block: The CIDR block for the Virtual Private Cloud (VPC). This cannot be changed after the VPC is created. The private IP addresses of all resources in the VPC, such as Elastic Compute Service (ECS) instances, ApsaraDB RDS instances, and Server Load Balancer (SLB) instances, are allocated from this CIDR block. The following CIDR blocks are available:

      • 10.0.0.0/8

      • 172.16.0.0/12

      • 192.168.0.0/16

    • vSwitch: Click Add vSwitch. In the Create vSwitch window that appears, enter the following information and click Submit.

      • Name: The name of the vSwitch. The name must be 2 to 128 characters in length. It must start with a letter and can contain digits, underscores (_), and hyphens (-). The system automatically generates a default name in the format cell-workspace-id-vsw.

      • Zone: The zone of the vSwitch. vSwitches in different zones within the same VPC can communicate with each other. Create one vSwitch for each zone.

      • Custom CIDR Block: This option is disabled by default. If you enable it, you must specify a CIDR block. The CIDR block of the vSwitch can be the same as or a subnet of the CIDR block of its VPC.

      • Subnet Mask: If Custom CIDR Block is disabled, select a subnet mask and a CIDR block. The default subnet mask is /24, such as 172.31.0.0/24, which provides up to 65,536 private IP addresses. The value can range from /16 to /29, which provides 4 to 65,532 addresses.

      • Description: Enter a description for the vSwitch. The description can be 2 to 256 characters in length and cannot start with http:// or https://.

  6. Click Next. On the Create Security Group page, click Add Security Group. In the Add Security Group window that appears, enter the following information and click Submit.

    • Security Group Name: The name must be 2 to 128 characters in length. It must start with a letter and cannot start with http:// or https://. It can contain digits, colons (:), underscores (_), or hyphens (-). The system automatically generates a default name in the format cell-workspace-id-sg.

    • Description: The description can be 2 to 256 characters in length and cannot start with http:// or https://.

    • Rule: Keep the default settings to allow all inbound and outbound traffic.

  7. Click OK to return to the Create Security Group page, and then click Submit.

Step 2: Create a cluster

A cluster is a logical group of workloads that contains a set of cloud server resources. Each cloud server is a node in the cluster. When you use AKS for the first time, you must create an initial cluster and add at least one node.

Prerequisites

  • You have administrative permissions for AKS.

  • A standard workspace is created.

  • Before you use a Container Service for Kubernetes (ACK) cluster for the first time, grant ACK the permissions to access your cloud resources. For more information, see First time use of Container Service for Kubernetes.

Procedure

  1. Log on to the AKS console. In the navigation pane on the left, click Cluster Management > Cluster Details.

  2. On the cluster list page, click Create Cluster.

  3. On the Create Cluster page, the system automatically runs a precheck to ensure that the required products are activated and your account balance is greater than 100 CNY. After the precheck passes, click Next.

    Note

    If the precheck fails, fix the failed items and click Recheck.

  4. On the Basic Configurations page, complete the following basic cluster configurations.

    • Basic Information:

      • VPC: The VPC of the current workspace. This parameter cannot be modified.

      • Cluster Name: The name must be 1 to 63 characters in length and can contain digits, Chinese characters, letters, or hyphens (-). In this example, enter democluster1 and democluster2.

      • Kubernetes Version: Select a Kubernetes version. The supported versions are 1.16.9-aliyun.1 and 1.18.8-aliyun.1. In this example, select 1.18.8-aliyun.1.

      • Container Runtime: The supported runtimes are docker 19.03.5 and containerd 1.4.3. In this example, select docker 19.03.5.

    • Network Configuration:

      • vSwitch: Select the required vSwitches from the list based on the zones. If no vSwitches are available, click the link to create one. For more information, see Create a vSwitch.

      • Network Plugin: Select a network plugin. Currently, only the Terway plugin is supported.

        Note

        Terway is a network plugin developed by Alibaba Cloud Container Service. It assigns elastic network interfaces (ENIs) from Alibaba Cloud to containers. Terway supports Kubernetes Network Policies to define access policies between containers and lets you limit the bandwidth of a single container. For more information, see Terway.

      • Pod vSwitch: When you use the Terway network plugin, you must specify vSwitches to assign IP addresses to pods. Each Pod vSwitch corresponds to a vSwitch of a worker instance. If no vSwitches are available, click the link to create one. For more information, see Create a vSwitch.

      • Service CIDR: Set the Service CIDR. The CIDR block cannot overlap with the VPC CIDR block or the pod CIDR block. This parameter cannot be modified after the cluster is created. The valid range is 10.0.0.0/16-24, 172.16-31.0.0/16-24, or 192.168.0.0/16-24.

    • Advanced Configuration: Keep the default settings. For more information, see Create a cluster.

  5. On the Node Configuration page, complete the following worker node configurations.

    • Billing Method: The supported billing methods are Pay-as-you-go and Subscription. If you select Subscription, configure the following parameters.

      • Subscription Duration: You can select 1, 2, 3, or 6 months, or 1 to 5 years.

      • Auto-renewal: Specify whether to enable auto-renewal.

    • Number of Nodes: The number of worker instances (ECS instances) to create.

    • Instance Type: Select one or more instance types. For more information, see Instance families. You can select up to 10 instance types.

      Note

      You can select multiple instance types. The system attempts to purchase them in order until one is successfully created. The final instance type depends on inventory availability.

    • System Disk: The supported disk types are Ultra Disk and ESSD.

    • Mount Data Disk: The supported disk types are Ultra Disk and ESSD.

    • Operating System: The supported operating systems are CentOS and Alibaba Cloud Linux.

    • Logon Password: Set the logon password for the nodes. The password must be 8 to 30 characters in length and contain three types of characters: letters, digits, and special characters.

    • Confirm Password: Confirm the logon password.

  6. After you complete the configurations, click Next.

  7. On the Configuration Preview page, confirm the configurations and click Submit.

    Note

    • It takes about 10 minutes to create a Kubernetes cluster with multiple nodes.

    • The system automatically navigates to the Create Cluster Details page. If a task fails during cluster creation, you can click the event to view error details, or click Retry or Ignore.

Step 3: Create applications

You will create two applications: aks-vote-front and aks-vote-redis.

Procedure

  1. Log on to the application management console. In the navigation pane on the left, click Application List.

  2. On the Application List page, click Create Application.

  3. On the creation page, enter the application information and click OK.

    • Application Name: Enter aks-vote-front.

      Note

      The application name must be unique within the same tenant.

    • Technology Stack: Select Spring Boot.

    • Application Group: Select the group to which the application belongs. If you have not created a custom group, you can select the default system group.

    • Application Tags: Application classification tags that help you quickly retrieve applications. You can add system tags and custom tags.

    • Application Description: Optional. The description cannot exceed 500 characters. For example, enter This is a sample application.

The new application appears at the top of the application list. Its status changes from Creating to Created in a few seconds.

Follow the same steps to create another application named aks-vote-redis.

Step 4: Prepare images

AKS deploys application services from images. Before you create an application service, you must prepare an image. For testing purposes, AKS provides the following publicly accessible sample images:

Image Name

Image Address

sofa-samples/aks-vote-front

registry-vpc.cn-shanghai.aliyuncs.com/sofa-samples/aks-vote-front:v1

sofa-samples/aks-vote-redis

registry-vpc.cn-shanghai.aliyuncs.com/sofa-samples/aks-vote-redis:v1

Step 5: Create application services

Create two application services with a dependency: aks-vote-redis-appservice and aks-vote-front-appservice.

Procedure

  1. Log on to the Container Application Service console. In the navigation pane on the left, click Application Release > Application Service.

  2. On the application service list page, click Create.

  3. On the Create Application Service page, enter the following information and click Submit.

    • Basic Information

      • Namespace: Keep the default value `default`.

      • Application Service Name and Application are described in the following table.

        Application Service Name

        Application

        Dependent Application

        aks-vote-front-appservice

        aks-vote-front

        aks-vote-redis

        aks-vote-redis-appservice

        aks-vote-redis

        -

      • Stateful Application: This option is disabled by default.

    • Pod Template Configuration

      • Container Name: Enter a name.

      • Image Selection: Select Image Repository. For the image address, see Prepare images.

      • CPU Configuration: Set Request to 500 millicores and Limit to 1 core.

      • Memory Configuration: Set Request to 128 MiB and Limit to 1 GiB.

      • In Advanced Configuration > Environment Variable Configuration, add the DNS name of the Redis application service as an environment variable for the aks-vote-front-appservice application service. The following figure shows an example.

    • Scaling Configuration

      • Replica Scaling Policy: The default policy is Fixed Number of Replicas.

      • Number of Replicas: The default value is 1. This is the number of pod replicas to maintain at runtime.

    • Access Configuration

      Application services support three access methods: Intra-cluster Access, Internal Network Access, and Public Network Access. Plan the access method as needed.

      Set the access method for the Redis service to intra-cluster access

      If you select Intra-cluster Access, a Service of the ClusterIP type is created to forward traffic to the corresponding container port. You can set the access method when you create the application service, or add an access method after the service is created.

      1. On the Access Configuration page, click Create Service.

      2. In the Create Service window, enter the following information and click Submit.

        • Service Name: Enter aks-vote-redis-appservice.

        • Access Method: Select Intra-cluster Access.

        • Port Mapping: Click + and enter the following information. Keep the default settings for other parameters.

          • Protocol: Select TCP. The supported protocols are TCP and UDP.

          • Service Port: The port that the workload program in the container image listens on. Enter 6379.

          • Container Port: The port on the cluster virtual IP to which the container port is mapped. Enter 6379.

      Set the access method for the Vote service to public network access

      This creates a public-facing SLB instance and forwards traffic to the corresponding container port. The endpoint is composed of the public SLB endpoint and the service port, for example, 10.117.117.117:80.

      1. On the Access Configuration page, click Create Service.

      2. In the Create Service window, enter the following information and click Submit.

        • Service Name: Enter aks-vote-front-appservice.

        • Access Method: Select Public Network Access.

        • Port Mapping: Click Add Port Mapping, enter the following information, and keep the default settings for other parameters.

          • Protocol: Select TCP. The supported protocols are TCP, HTTP, and HTTPS.

          • Forwarding Rule: Select By Weight. The supported rules are By Weight and By Weight and Least Connections.

          • Frontend Port: The port that the workload program in the container image listens on. Enter 80.

          • Backend Port: The port on the cluster virtual IP to which the container port is mapped. Enter 80.

    • Deployment and Scheduling Configuration

      Keep the default system configurations for the aks-vote-redis-appservice and aks-vote-front-appservice application services.

    • Preview and Submit

      On the application service Preview page, confirm that the information is correct.

Step 6: Create a release order

Use a release order to deploy the two application services with a dependency that you created in the previous step.

Procedure

  1. Log on to the Container Application Service console. In the navigation pane on the left, click Application Release.

  2. Click Release Order to go to the release dashboard.

  3. On the release dashboard, click Create Release Order.

  4. On the Create Release Order page, enter the following release information and click Next.

    • Basic Information

      • Title: The title of the release.

      • Deployment Unit: Displays all deployment units in the current workspace.

      • Application Service Release List: In the Available Application Services list, select the required application services: aks-vote-redis-appservice and aks-vote-front-appservice. Click the > icon to add the application services to the Selected Application Services list.

    • Advanced Configuration

      • Set Application Service Dependencies: aks-vote-front-appservice depends on aks-vote-redis-appservice.

  5. On the Preview page, confirm that the information is correct and click Create. The system automatically navigates to the Release Order Details page. Click Release All to start the deployment.

Step 7: Verify the result

Verify that the aks-vote-front-appservice and aks-vote-redis-appservice application services are successfully deployed.

Procedure

  1. Log on to the Container Application Service console. In the navigation pane on the left, click Application Release.

  2. In the application service list, click aks-vote-front-appservice to go to the instance details page.

  3. On the Service tab, copy the service endpoint.

  4. In the address bar of your browser, enter http://<SLB_instance_endpoint>:80, for example, http://10.10.10.1:80.

    If the page displays the following content, the aks-vote-front-appservice is successfully deployed.

    Click the Kubernetes or Serverless option. If the page displays the correct voting data, the aks-vote-redis-appservice is successfully deployed. The following figure shows an example.

    For more information about application services, see View application service details.

Previous:LimitsNext:Clusters