aks: workshop (patched)

1. ```
2. REGION=westeurope
3. RG_NAME=akschallenge
4.  
5. az group create --name $RG_NAME --location $REGION
6.  
7. az resource create \
8. --resource-group $RG_NAME \
9. --resource-type "Microsoft.Insights/components" \
10. --name $RG_NAME \
11. --location $REGION \
12. --properties '{"Application_Type":"web"}'
13.  
14. APP_INSIGHTS_KEY=$(az resource show -g $RG_NAME -n $RG_NAME --resource-type "Microsoft.Insights/components" --query properties.InstrumentationKey --output tsv)
15.  
16. version=$(az aks get-versions -l $REGION --query 'orchestrators[-1].orchestratorVersion' -o tsv)
17.  
18. az group create --name $RG_NAME --location $REGION
19.  
20. AKS_NAME=aksworkshop-$RANDOM
21.  
22. az extension add --name aks-preview
23. az feature register --name VMSSPreview --namespace Microsoft.ContainerService
24. az provider register --namespace Microsoft.ContainerService
25. az feature list -o table --query "[?contains(name, 'Microsoft.ContainerService/VMSSPreview')].{Name:name,State:properties.state}"
26.  
27. az aks create --resource-group $RG_NAME \
28. --name $AKS_NAME \
29. --location $REGION \
30. --enable-addons monitoring,http_application_routing \
31. --kubernetes-version $version \
32. --generate-ssh-keys \
33. --enable-vmss \
34. --enable-cluster-autoscaler \
35. --min-count 1 \
36. --max-count 3
37.  
38. AKS_NAME=$(az aks list --query [].name --output tsv)
39. az aks get-credentials --resource-group $RG_NAME --name $AKS_NAME
40.  
41.  
42. kubectl apply -f https://aksworkshop.io/yaml-solutions/01.%20challenge-02/helm-rbac.yaml
43. helm init --service-account tiller
44. kubectl get pod -n kube-system -l name=tiller --watch
45.  
46. helm install stable/mongodb --name orders-mongo --set mongodbUsername=orders-user,mongodbPassword=orders-password,mongodbDatabase=akschallenge
47. kubectl get pods --watch
48.  
49. TEAMNAME=LucyInTheSkyWithDiamonds
50. CHALLENGEAPPINSIGHTS_KEY=$APP_INSIGHTS_KEY
51. MONGOHOST=$RG_NAME
52. MONGOUSER=orders-user
53. MONGOPASSWORD=orders-password
54.  
55. kubectl create secret generic mongodb --from-literal=mongoHost="orders-mongo-mongodb.default.svc.cluster.local" --from-literal=mongoUser="orders-user" --from-literal=mongoPassword="orders-password"
56.  
57. kubectl apply -f https://aksworkshop.io/yaml-solutions/01.%20challenge-02/captureorder-deployment.yaml
58. kubectl get pods -l app=captureorder --watch
59.  
60. kubectl apply -f https://aksworkshop.io/yaml-solutions/01.%20challenge-02/captureorder-service.yaml
61.  
62. while : ; do
63. IP=$(kubectl get service captureorder -o jsonpath="{.status.loadBalancer.ingress[*].ip}")
64. [ -z "$IP" ] || break
65. done
66.  
67. curl -d '{"EmailAddress": "email@domain.com", "Product": "prod-1", "Total": 100}' -H "Content-Type: application/json" -X POST http://$IP/v1/order
68.  
69. # This is the quicker way to update the templated yaml
70.  
71. curl -s https://aksworkshop.io/yaml-solutions/01.%20challenge-02/frontend-deployment.yaml | sed "s/_PUBLIC_IP_CAPTUREORDERSERVICE_/$IP/g" | kubectl apply -f -
72.  
73. kubectl get pods -l app=frontend --watch
74.  
75. # More on Http Application Routing: https://docs.microsoft.com/en-us/azure/aks/http-application-routing?wt.mc_id=aksworkshop
76. # This is going to take some minutes
77.  
78. az aks enable-addons --resource-group $RG_NAME --name $AKS_NAME --addons http_application_routing
79.  
80.  
81. kubectl apply -f https://aksworkshop.io/yaml-solutions/01.%20challenge-02/frontend-service.yaml
82.  
83. AKS_DNS=$(az aks show --resource-group $RG_NAME --name $AKS_NAME --query addonProfiles.httpApplicationRouting.config.HTTPApplicationRoutingZoneName -o tsv)
84.  
85. curl -s https://aksworkshop.io/yaml-solutions/01.%20challenge-02/frontend-ingress.yaml | sed "s/_CLUSTER_SPECIFIC_DNS_ZONE_/$AKS_DNS/g" | kubectl apply -f -
86.  
87. # You will need to wait a few minutes until you get the response
88. kubectl logs -f deploy/addon-http-application-routing-external-dns -n kube-system
89.  
90. # Now open http://frontend.$AKS_DNS
91.  
92. curl -s https://aksworkshop.io/yaml-solutions/01.%20challenge-03/logreader-rbac.yaml | kubectl apply -f -
93.  
94.  
95. # this is going to take some time to start
96. az container create -g $RG_NAME -n loadtest --image azch/loadtest --restart-policy Never -e SERVICE_IP=$IP
97.  
98. az container logs -g $RG_NAME -n loadtest --follow
99. az container delete -g $RG_NAME -n loadtest
100.  
101. # Remove explicit number of replicas from deployment (for autoscaling)
102. # kubectl patch deploy captureorder -p '{"op" : "remove", "path" : "/spec/replicas"}'
103.  
104. wget https://aksworkshop.io/yaml-solutions/01.%20challenge-02/captureorder-deployment.yaml
105. code captureorder-deployment.yaml
106. # Edit the line containing `replicas: 2`
107. kubectl apply -f captureorder-deployment.yaml
108. ...
109.  
110. kubectl apply -f https://aksworkshop.io/yaml-solutions/01.%20challenge-04/captureorder-hpa.yaml
111.  
112.  
113. # This will take some time!
114.  
115. az container create -g $RG_NAME -n loadtest --image azch/loadtest --restart-policy Never -e SERVICE_IP=$IP
116. kubectl get pods -l app=captureorder --watch
117. az container logs -g $RG_NAME -n loadtest --follow
118.  
119. az aks update \
120. --resource-group $RG_NAME \
121. --name $AKS_NAME \
122. --update-cluster-autoscaler \
123. --min-count 1 \
124. --max-count 5
125.  
126.  
127. REGION=westeurope
128. REGISTRY_NAME=aksworkshopreg$RANDOM
129. az acr create --resource-group $RG_NAME --name $REGISTRY_NAME --sku Standard --location $REGION
130.  
131. REGISTRY_SERVER=$(az acr show -n $REGISTRY_NAME --query loginServer --output tsv)
132.  
133. git clone https://github.com/Azure/azch-captureorder.git && cd azch-captureorder
134.  
135. az acr build -t "captureorder:{{.Run.ID}}" -r $REGISTRY_NAME .
136.  
137. IMAGE_NAME=$REGISTRY_SERVER/captureorder:$(az acr repository show-tags -n $REGISTRY_NAME --repository captureorder --query [0] --output tsv)
138.  
139. # Assign permission to AKS service principal to pull from ACR
140.  
141. CLIENT_ID=$(az aks show --resource-group $RG_NAME --name $AKS_NAME --query "servicePrincipalProfile.clientId" --output tsv)
142. ACR_ID=$(az acr show --name $REGISTRY_NAME --resource-group $RG_NAME --query "id" --output tsv)
143.  
144. az role assignment create --assignee $CLIENT_ID --role acrpull --scope $ACR_ID
145.  
146. # Alternative: activate admin user
147. # az acr update -n $REGISTRY_NAME --admin-enabled true
148. # REGISTRY_SERVER=$(az acr show -n $REGISTRY_NAME --query loginServer)
149. # REGISTRY_USERNAME=$(az acr credential show --name $REGISTRY_NAME --query username --output tsv)
150. # REGISTRY_PASS=$(az acr credential show --name $REGISTRY_NAME --query passwords[0].value --output tsv)
151. # kubectl create secret docker-registry acr-auth --docker-server $REGISTRY_SERVER --docker-username $REGISTRY_USERNAME --docker-password $REGISTRY_PASS
152. # now you need to update the deployment:
153. #```
154. #spec:
155. # imagePullSecrets:
156. # - name: acr-auth
157. # containers:
158. #```
159.  
160. # Patch the new image
161.  
162. CONTAINER_NAME=$(kubectl get pods -l app=captureorder -o jsonpath={.items[*].spec.containers[*].name})
163. kubectl set image deployments captureorder $CONTAINER_NAME=$IMAGE_NAME
164.  
165. kubectl get deployments captureorder -o wide --watch
166. kubectl get deployment captureorder -ojsonpath='{$.spec.template.spec.containers[:1].image}'