Getting Started with Acorn and Azure Kubernetes Service (AKS)

Nov 16, 2022 by Janakiram MSV
Getting Started with Acorn and Azure Kubernetes Service (AKS)

This is the first in a series of articles on using Acorn with Azure AKS. Part two explains how to use TLS certificates to secure endpoints, and part three discusses running stateful workloads.

Starting from Acorn 0.3, you can install the Acorn framework, deploy Acorn applications on Azure Kubernetes Service (AKS), and store the images in Azure Container Registry (ACR). This tutorial walks you through the steps involved in installing Acorn and then deploying an application on AKS.

Prerequisites

You need to install the below tools on your development workstation before getting started with the tutorial:

This tutorial assumes that you have an active Azure subscription to launch an AKS cluster and other resources.

Step 1 – Create Azure Resources

Let’s start by creating an AKS cluster. Replace the value of the Azure region with your choice.

export AZ_REGION=southindia Create an Azure resource group for the AKS cluster and ACR.

az group create
--name acorndemo
--location $AZ_REGION

We will now create an ACR resource to store Acorn images.

az acr create
--resource-group acorndemo
--name acornreg
--admin-enabled true
--sku Basic

The below command launches a 3-node AKS cluster in the resource group created above and associates it with ACR:

az aks create
--resource-group acorndemo
--name acorn-demo-aks
--node-count 3
--generate-ssh-keys
--attach-acr acornreg

Once the cluster is ready, install NGINX ingress, which is a prerequisite for Acorn.

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx helm repo update

helm install ingress-nginx ingress-nginx/ingress-nginx
--create-namespace
--namespace ingress-nginx
--set controller.service.annotations."service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path"=/healthz

Step 2 – Deploy Acorn Framework

Run the below command to install Acorn by pointing it to the ingress class name:

acorn install --ingress-class-name nginx

Verify Acorn installation with the following command.

acorn info

Step 3 – Creating and Deploying an Acorn Application

Start by creating a directory and the files needed to build a simple Python Flask application.

mkdir flask && cd flask mkdir app && cd app

Create a file called app.py that acts as a web server.

from flask import Flask app = Flask(__name__) @app.route('/') def hello(): return "Hello AKS World from Acorn!" if __name__ == '__main__': app.run(host='0.0.0.0', port=8000)

Create requirements.txt to define the dependencies. This will have only one line for now.

echo "flask" > requirements.txt

Let’s create the Dockerfile to create the container image.

FROM python:3.10-alpine WORKDIR /app COPY requirements.txt /app RUN --mount=type=cache,target=/root/.cache/pip
pip3 install -r requirements.txt COPY . /app ENTRYPOINT ["python3"] CMD ["app.py"]

Finally, create an Acornfile in the parent directory to package the application as an OCI artifact.

containers: { "flask-acorn": { build: { context: "./app" } ports: publish: "8000/http" } }

Let’s go ahead and deploy the Acorn application in the AKS cluster.

acorn run -n flask-acorn .

This command builds a new application package based on the existing Dockerfile and stores it within the internal registry of Acorn. We gave a name to the application with -n switch.

Verify the app with the below command:

acorn apps

When you access the URL shown in output, you should get the response.

While storing the images in the internal registry of Acorn is good for developing and testing applications, we need to store the OCI artifacts in an external repository for production scenarios.

In the next step, we will move the Acorn image to ACR and update the Acorn file to pull from the external registry.

Step 3 – Pushing Acorn OCI Images to ACR

Get the ACR URL and credentials needed to authenticate Acorn.

az acr show -n acornreg | jq .loginServer az acr credential show --name acornreg

In its current version (0.3.x), Acorn depends on Docker to authenticate itself with external registries. This will be fixed in future releases.

Let’s log on to ACR through Docker CLI.

docker login -u $USERNAME -p $PASSWORD acornreg.azurecr.io

Now, log onto the Azure registry through the acorn CLI.

acorn login -u $USERNAME -p $PASSWORD acornreg.azurecr.io

We must build, tag and push the Flask application image for ACR.

acorn build -t acornreg.azurecr.io/flask-acorn:v1 .

acorn push acornreg.azurecr.io/flask-acorn:v1

Finally, update the image of the running application with the artifact stored in ACR.

acorn update --image acornreg.azurecr.io/flask-acorn:v1 flask-acorn

Check the application to verify the new image. It should be updated.

acorn apps

Step 4 – Clean up

Run the below commands to delete the Acorn application and the Azure resource group.

acorn stop flask-acorn acorn rm flask-acorn az group delete -g acorndemo

This concludes the first part in our tutorial on using Acorn with Azure AKS. Part two dives into using TLS certificates to secure endpoints, and part three discusses running stateful workloads. To learn more about using Acorn, visit the getting started guide, or join an upcoming training.