Implementing CI/CD for Azure Kubernetes Service (AKS)

Published: October 26, 2023 | Last Updated: November 1, 2023

Continuous Integration (CI) and Continuous Deployment (CD) are fundamental practices for modern software development, enabling faster, more reliable releases. Integrating CI/CD pipelines with Azure Kubernetes Service (AKS) allows for automated building, testing, and deployment of containerized applications to your Kubernetes clusters.

Why CI/CD for AKS?

Automating your deployment workflow offers several key benefits:

• Increased Speed: Reduce manual intervention and speed up the release cycle.
• Improved Reliability: Minimize human errors through automated testing and deployment stages.
• Consistency: Ensure that every deployment is performed in the same way, reducing environment drift.
• Faster Feedback: Developers receive quicker feedback on code changes, leading to faster issue resolution.

Key Components of a CI/CD Pipeline for AKS

A typical CI/CD pipeline for AKS involves several stages:

1. Source Code Management: Using Git repositories like Azure Repos, GitHub, or GitLab to store application code.
2. Build: Compiling code, running unit tests, and building Docker images.
3. Container Registry: Storing your Docker images, such as Azure Container Registry (ACR) or Docker Hub.
4. Test: Running integration, end-to-end, and security tests against the built application.
5. Deploy: Applying Kubernetes manifests (YAML files) or Helm charts to your AKS cluster.
6. Monitor & Verify: Post-deployment checks and monitoring to ensure application health.

Setting Up a CI/CD Pipeline with Azure DevOps

Azure DevOps provides a comprehensive set of tools for building and managing CI/CD pipelines. Here's a simplified walkthrough:

1. Prepare Your Application

Ensure your application is containerized with a Dockerfile. For example:

FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /app
COPY *.csproj ./
RUN dotnet restore
COPY . ./
RUN dotnet publish -c Release -o /app/publish

FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS runtime
WORKDIR /app
COPY --from=build /app/publish .
EXPOSE 80
ENTRYPOINT ["dotnet", "YourApp.dll"]
                

2. Set Up Azure Container Registry (ACR)

Create an ACR instance in your Azure subscription to store your container images.

az acr create --resource-group myResourceGroup --name myacrregistry --sku Basic
                

3. Create Azure DevOps Project

If you don't have one, create an Azure DevOps project.

4. Configure CI Pipeline (Build)

In Azure DevOps Pipelines, create a new pipeline:

• Trigger: Set it to trigger on code commits to your repository.
• Agent: Choose a suitable build agent (e.g., `ubuntu-latest`).
• Steps:
  • Use the `Docker@2` task to build your Docker image and push it to ACR.
  • Tag your image with the build ID for traceability.

Example YAML snippet for CI:

trigger:
- main

pool:
  vmImage: 'ubuntu-latest'

variables:
  # Container registry service connection established during pipeline creation
  dockerRegistryServiceConnection: 'your_acr_connection_name'
  imageRepository: 'your_image_repo_name'
  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'
  tag: '$(Build.BuildId)'

  # Agent environment
  vmImageName: 'ubuntu-latest'

stages:
- stage: Build
  displayName: Build and push stage
  jobs:
  - job: Build
    displayName: Build and push job
    pool:
      vmImage: $(vmImageName)
    steps:
    - task: Docker@2
      displayName: Build and push an image to container registry
      inputs:
        command: buildAndPush
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        tags: |
          $(tag)
          latest
                

5. Configure CD Pipeline (Release)

Create a Release Pipeline in Azure DevOps Releases:

• Artifact: Link it to your CI build pipeline.
• Stage: Define a stage for deploying to AKS.
• Deployment Task: Use the `Kubernetes@1` task or the Azure Pipelines tasks for deploying manifests or Helm charts.
• Kubernetes Connection: Configure a service connection to your AKS cluster.
• Deployment Strategy: Choose a strategy like rolling updates or blue/green deployments.

Example YAML snippet for CD:

variables:
  # Container registry service connection established during pipeline creation
  dockerRegistryServiceConnection: 'your_acr_connection_name'
  imageRepository: 'your_image_repo_name'
  containerRegistry: 'myacrregistry.azurecr.io'
  # AKS connection
  aksServiceConnection: 'your_aks_connection_name'
  aksNamespace: 'default'

stages:
- stage: Deploy
  displayName: Deploy to AKS stage
  jobs:
  - deployment: Deploy
    displayName: Deploy to AKS
    environment: 'production' # Or your target environment
    pool:
      vmImage: $(vmImageName)
    strategy:
      runOnce:
        deploy:
          steps:
          - task: Kubernetes@1
            displayName: Deploy to AKS
            inputs:
              connectionType: 'Kubernetes Service Connection'
              kubernetesServiceConnection: $(aksServiceConnection)
              namespace: $(aksNamespace)
              command: 'apply'
              # Use your deployment and service YAML files
              arguments: '-f $(Build.SourcesDirectory)/kubernetes/deployment.yaml -f $(Build.SourcesDirectory)/kubernetes/service.yaml'
              # Optionally, update image tag dynamically
              # You might need to use a script or manifest manipulation task here
              # For simplicity, let's assume deployment.yaml has a placeholder
              # Example: image: $(containerRegistry)/$(imageRepository):$(tag)
              # For dynamic updates, consider Helm or kustomize
          # Example for updating image using kubectl set image (requires kubectl installed on agent)
          - script: |
              kubectl set image deployment/ =$(containerRegistry)/$(imageRepository):$(tag) --namespace $(aksNamespace)
            displayName: 'Update deployment image'
            condition: succeeded()
                

Other CI/CD Tools and Strategies

While Azure DevOps is a powerful option, other popular tools can be integrated:

• GitHub Actions: Native CI/CD within GitHub repositories.
• Jenkins: A widely-used open-source automation server.
• GitLab CI/CD: Integrated CI/CD within GitLab.

For more advanced deployments, consider using:

• Helm: A package manager for Kubernetes that simplifies deployment and management of complex applications.
• Kustomize: A Kubernetes-native configuration management tool that allows for template-free customization of manifest files.

Best Practices

• Secrets Management: Use Kubernetes Secrets or Azure Key Vault for managing sensitive information.
• Environment Promotion: Implement stages for dev, staging, and production environments with appropriate approvals.
• Automated Testing: Include various levels of testing in your pipeline to catch bugs early.
• Infrastructure as Code (IaC): Manage your AKS cluster infrastructure using tools like Terraform or Bicep.
• Monitoring and Alerting: Integrate with Azure Monitor or Prometheus/Grafana for comprehensive cluster and application monitoring.

By implementing robust CI/CD pipelines, you can significantly enhance the efficiency and reliability of delivering applications to Azure Kubernetes Service.