I've spent one day this weekend learning how to deploy Sitecore 10 to Azure Kubernetes Service (AKS). I started this adventure by watching some Sitecore training videos on Youtube to understand the infrastructure on Azure. I learnt many new things such as container registry, master node and worker nodes, pods, kubelet, ingress controllers and secrets. I also learnt how to use Azure CLI, kubectl and helm to deploy resources to AKS. I also followed along with the Installation Guide for Production Environment with Kubernetes to use the Container Deployment Package which you should download from the dev.sitecore.net website.
Voila! I deployed a new Sitecore site to AKS 🎊
I used XM1 topology for this non-production environment so I had the following containers which I could access from some temporary local domains via a reverse proxy:
- CD: cd.globalhost
- CM: cm.globalhost
- ID: id.globalhost
The Installation Guide for Production Environment with Kubernetes is very helpful but the steps are pretty manual so you have to copy the scripts to a PowerShell prompt. Therefore, I've set up a new Github repo to save the Container Deployment Package and deployment scripts so you can learn and run these scripts to deploy your project more quickly. In this blog post, I'll show you how to use my sample project to deploy a new Sitecore 10 website to AKS in less than 30 minutes! Another blog post will be written to show you how to deploy and pull your custom images from Azure Container Registry to Azure Kubernetes Service in the future.
Download Visual Studio Code and Azure CLI
You don't need to use Visual Studio or Azure Portal for this tutorial. Instead, you only need to install Visual Studio Code and the latest release of Azure CLI on your machine so that you can try it out on both Windows and Linux. I like using Visual Studio Code so I can easily navigate to files and execute scripts from the Terminal window.
I assume that you have an active Azure account and subscription so you can log in to create resources using the Azure CLI.
Read the Installation Guide for Production Environment with Kubernetes
Don't try googling any tutorial on the Internet before reading the official installation guide. You should download it from the dev.sitecore.net website.
Download the sample project from Github
This sample project only includes the deployment files for the XM1 topology for learning purposes. If you need to deploy an XP1 topology, you can find it in the Container Deployment Package in the dev.sitecore.net website.
Have a valid Sitecore license
You will need to encode and compress your Sitecore license and add it as a secret in AKS.
When you accomplish all these prerequisites, you are ready to start!
Understand the architecture
I'd recommend you to read through this blog by Rob Earlam to understand the end-to-end process:
For this lesson, we'll pull the base images from the public Sitecore Container Registry scr.sitecore.com only. We will focus on utilising the CI/CD pipelines to roll out custom images at another time in the future.
Explore the sample project
Open the k8s folder in Visual Studio Code (Run as administrator) and explore it.
- The configmaps folder is where you can configure the host names for the CM, CD and ID containers
- The external folder contains the deployment templates for MSSQL, Redis and Solr
- The ingress-nginx folder contains the deployment templates for NGINX ingress controllers
- The init folder contains the templates to initialise MSSQL and Solr
- The secrets folder contains all secrets and TLS files that will be deployed to AKS
- The volumes folder contains the deployment templates for persistent volume claim (Azure file)
- PowerShell scripts are prefixed by the execution order. I'll show you how to execute these scripts in the following sections.
Encode and compress the Sitecore license
.\1.EncodeAndCompressLicense.ps1 -path <Sitecore License Path>
Go to secrets\sitecore-license.txt to see the license is encoded and compressed.
Sitecore Kubernetes deployments use Secrets to securely store the strings the containers in the cluster use. The Secrets are used to store database user names, passwords, and TLS certificates. You must deploy the Secrets to the K8s cluster before you deploy any Sitecore containers.
Generate SSL certificates
The generated SSL certificates will be added to secrets\tls.
Generate Sitecore identity token
Find the SitecoreIdentityTokenSigning.pfx and the new secret added to secrets\sitecore-identitycertificate.txt file.
Login AZ CLI
This will open a new browser so you can log in with your Azure account.
Create resource group and container registry
.\5.CreateResourceGroupAndContainerRegistry.ps1 -region australiaeast -resourcegroup sckrg -myregistry sckacr1 -skuacr standard
This commands Azure CLI to create a new resource group with the name sckrg in AustraliaEast region and add a new Azure container registry with the name sckacr1 to this resource group.
Next, we will provision a new AKS with the name sckaks1 to the sckrg resource group and link it with the ACR created in the previous step:
.\6.CreateAKS.ps1 -region australiaeast -resourcegroup sckrg -aksname sckaks1 -acrname sckacr1 -azurewindowspassword Password!12345
Install Helm and Kubectl
.\7.InstallHelmAndKubectl.ps1 -region australiaeast -resourcegroup sckrg -aksname sckaks1 -acrname sckacr1
This commands PowerShell to download helm.exe and kubectl.exe to the k8s folder so they will be used to deploy NGINX and other services in the next steps.
Create NGINX ingress controller
An ingress controller acts as a reverse proxy and load balancer. It implements a Kubernetes Ingress. The ingress controller adds a layer of abstraction to traffic routing, accepting traffic from outside the Kubernetes platform and load balancing it to Pods running inside the platform.
Check out what rules are specified for cm, cd and id in the ingress-nginx\ingress.yaml file.
Secrets can be viewed in AKS > Configuration > Secrets in the Azure portal
This commands the Azure CLI to deploy the external services specified in the kustomization.yaml file in the ./external folder. Refer to the Installation Guide for Production Environment with Kubernetes to learn more about the Kubernetes specification files.
Init Solr and MSSQL
Deploy Sitecore solutions (CM, CD, ID)
You can find the specification for these services in cm.yaml, cd.yaml and id.yaml and notice how they specify Sitecore images to be pulled from the sitecore-docker-registry:
imagePullSecrets: - name: sitecore-docker-registry
Add hosts entries
One last thing to do before we can launch the new website from our local is to add hosts entries to the hosts file in our machine but first, you need to get the external IP from the load balancer (NGINX) by running this command:
.\kubectl get ingress
Then, use the IP address to add these entries to your hosts file:
<some IP> cm.globalhost <some IP> id.globalhost <some IP> cd.globalhost
Launch the sites
To log in as the admin, enter admin:b. The password can be changed in your secret: sitecore-adminpassword.
Stop and restart an existing cluster (Optional)
az aks stop --name sckaks1 --resource-group sckrg
# Start the AKS cluster az aks start --name sckaks1 --resource-group sckrg # Delete the existing SQL and Solr init jobs .\kubectl delete job mssql-init .\kubectl delete job solr-init # Deploy SQL and Solr init jobs .\kubectl apply -f ./init/
kubectl get namespaces
Get deployment statuses
kubectl get deployments
kubectl get svc
kubectl get pods
kubectl describe nodes|pods <node or pod name>
Create resources from a manifest file from a directory
kubectl apply -f ./dir
In this blog post, I've shown you how to follow the Installation Guide for Production Environment with Kubernetes and Container Deployment Package provided by Sitecore to deploy a new Sitecore 10 website to Azure Kubernetes Service using Azure CLI and kubectl.
You can download the sample project from my Github repository and try it out. Let me know if you find this helpful. Thanks for reading as always and good luck! ☕