This quickstart walks through using the Open Service Broker for Azure (OSBA) to deploy WordPress on a local Minikube cluster.
WordPress requires a back-end MySQL database. Without OSBA, we would create a database in the Azure portal, and then manually configure the connection information. Now with OSBA our Kubernetes manifests can provision an Azure MySQL database on our behalf, save the connection information in Kubernetes secrets, and then bind them to our WordPress instance.
- A Microsoft Azure account.
- Install Minikube.
- Install the Azure CLI.
- Install the Kubernetes CLI.
- Install the Helm CLI.
Minikube is a tool that makes it easy to run Kubernetes locally. Minikube runs a single-node Kubernetes cluster inside a VM on your computer.
Some older versions of Minikube, as well as some newer ones, suffer from bugs that can be worked around, but only with moderate effort. We therefore recommend that if you are using Minikube that you use v0.25.2.
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.25.2/minikube-darwin-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/- Download the minikube-windows-amd64.exe file.
- Rename it to minikube.exe.
- Add it to a directory on your PATH.
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.25.2/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/Install az by following the instructions for your operating system.
See the full installation instructions if yours isn't listed below.
brew install azure-cliDownload and run the Azure CLI Installer (MSI).
- Add the azure-cli repo to your sources:
echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ wheezy main" | \ sudo tee /etc/apt/sources.list.d/azure-cli.list
- Run the following commands to install the Azure CLI and its dependencies:
sudo apt-key adv --keyserver packages.microsoft.com --recv-keys 52E16F86FEE04B979B07E28DB02C46DF417A0893 sudo apt-get install apt-transport-https sudo apt-get update && sudo apt-get install azure-cli
Install kubectl by running the following command:
az aks install-cliHelm is a tool for installing pre-configured applications on Kubernetes.
Install helm by running the following command:
brew install kubernetes-helm- Download the latest Helm release.
- Decompress the tar file.
- Copy helm.exe to a directory on your PATH.
curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bashNow that we have all the tools, we need a Kubernetes cluster with Open Service Broker for Azure configured.
First let's identify your Azure subscription and save it for use later on in the quickstart.
-
Run
az loginand follow the instructions in the command output to authorizeazto use your account -
List your Azure subscriptions:
az account list -o table -
Copy your subscription ID and save it in an environment variable:
Bash
export AZURE_SUBSCRIPTION_ID="<SubscriptionId>"PowerShell
$env:AZURE_SUBSCRIPTION_ID = "<SubscriptionId>"
Create a resource group to contain the resources you'll be creating with the quickstart.
az group create --name osba-quickstart --location eastusThis creates an identity for Open Service Broker for Azure to use when provisioning resources on your account on behalf of Kubernetes.
-
Create a service principal with RBAC enabled for the quickstart:
az ad sp create-for-rbac --name osba-quickstart -o table -
Save the values from the command output in environment variables:
Bash
export AZURE_TENANT_ID=<Tenant> export AZURE_CLIENT_ID=<AppId> export AZURE_CLIENT_SECRET=<Password>
PowerShell
$env:AZURE_TENANT_ID = "<Tenant>" $env:AZURE_CLIENT_ID = "<AppId>" $env:AZURE_CLIENT_SECRET = "<Password>"
Next we will create a local cluster using Minikube. You can also try OSBA on the Azure Container Service (AKS).
-
Create a Minikube Cluster:
minikube start --bootstrapper=kubeadmNote: Service Catalog may not work with Kubernetes versions less than 1.9.0. If you are using a version of Minikube older than 0.25, you will need to upgrade to at least 0.25 to ensure the cluster is compatible with Service Catalog and OSBA.
-
Before we can use Helm to install applications such as Service Catalog and WordPress on the cluster, we first need to prepare the cluster to work with Helm:
kubectl create -f https://raw.githubusercontent.com/Azure/helm-charts/master/docs/prerequisities/helm-rbac-config.yaml helm init --service-account tiller
-
Deploy Service Catalog on the cluster:
helm repo add svc-cat https://svc-catalog-charts.storage.googleapis.com helm install svc-cat/catalog --name catalog --namespace catalog \ --set apiserver.storage.etcd.persistence.enabled=true
Note: the command above enables persistence for the embedded etcd used by Service Catalog. Using this flag will create a persistent volume for the etcd instance to use. Enabling the persistent volume is recommended for evaluation of Service Catalog because it allows you to restart Service Catalog without data loss. For production use, we recommend a dedicated etcd cluster with appropriate persistent storage and backup.
-
Check the status of Service Catalog: Run the following command and checking that every pod is in the
Runningstate. You may need to wait a few minutes, rerunning the command until all of the resources are ready.$ kubectl get pods --namespace catalog NAME READY STATUS RESTARTS AGE po/catalog-catalog-apiserver-5999465555-9hgwm 2/2 Running 4 9d po/catalog-catalog-controller-manager-554c758786-f8qvc 1/1 Running 11 9d
-
Deploy Open Service Broker for Azure on the cluster:
Bash
helm repo add azure https://kubernetescharts.blob.core.windows.net/azure helm install azure/open-service-broker-azure --name osba --namespace osba \ --set azure.subscriptionId=$AZURE_SUBSCRIPTION_ID \ --set azure.tenantId=$AZURE_TENANT_ID \ --set azure.clientId=$AZURE_CLIENT_ID \ --set azure.clientSecret=$AZURE_CLIENT_SECRET
PowerShell
helm repo add azure https://kubernetescharts.blob.core.windows.net/azure helm install azure/open-service-broker-azure --name osba --namespace osba ` --set azure.subscriptionId=$env:AZURE_SUBSCRIPTION_ID ` --set azure.tenantId=$env:AZURE_TENANT_ID ` --set azure.clientId=$env:AZURE_CLIENT_ID ` --set azure.clientSecret=$env:AZURE_CLIENT_SECRET
Note: to install OSBA with experimental modules enabled, use the
--set modules.minStability=experimentalargument. -
Check on the status of Open Service Broker for Azure by running the following command and checking that every pod is in the
Runningstate. You may need to wait a few minutes, rerunning the command until all of the resources are ready.$ kubectl get pods --namespace osba NAME READY STATUS RESTARTS AGE po/osba-azure-service-broker-8495bff484-7ggj6 1/1 Running 0 9d po/osba-redis-5b44fc9779-hgnck 1/1 Running 0 9d
Now that we have a cluster with Open Service Broker for Azure, we can deploy WordPress to Kubernetes and OSBA will handle provisioning an Azure MySQL database and binding it to our WordPress installation.
helm install azure/wordpress --name osba-quickstart --namespace osba-quickstartUse the following command to tell when WordPress is ready:
$ kubectl get deploy osba-quickstart-wordpress -n osba-quickstart -w
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
osba-quickstart-wordpress 1 1 1 0 1m
...
osba-quickstart-wordpress 1 1 1 1 2m-
Run the following command to open WordPress in your browser:
open http://$(minikube ip):$(kubectl get service osba-quickstart-wordpress -n osba-quickstart -o jsonpath={.spec.ports[?\(@.name==\"http\"\)].nodePort})/adminNote: We are using the
minikube ipto get the WordPress URL, instead of the command from the WordPress deployment output because with Minikube the WordPress service won't have a public IP address assigned. -
To retrieve the password, run this command:
kubectl get secret osba-quickstart-wordpress -n osba-quickstart -o jsonpath="{.data.wordpress-password}" | base64 --decode -
Login using the username
userand the password you just retrieved.
Using Helm to uninstall the osba-quickstart release will delete all resources
associated with the release, including the Azure MySQL database.
helm delete osba-quickstart --purgeSince deprovisioning occurs asynchronously, the corresponding serviceinstance
resource will not be fully deleted until that process is complete. When the
following command returns no resources, deprovisioning is complete:
$ kubectl get serviceinstances -n osba-quickstart
No resources found.At this point, the Azure MySQL database should have been fully deprovisioned. In the unlikely event that anything has gone wrong, to ensure that you are not billed for idle resources, you can delete the Azure resource group that contained the database. In the case of the WordPress chart, Azure MySQL was provisioned in a resource group whose name matches the Kubernetes namespace into which WordPress was deployed.
az group delete --name osba-quickstart --yes --no-waitTo remove the service principal:
az ad sp delete --id http://osba-quickstartTo tear down minikube:
minikube deleteMinikube may seem like an odd choice for an Azure quickstart, but it demonstrates that Open Service Broker for Azure isn't limited to clusters running on Azure! Our local Kubernetes cluster communicated with Azure via OSBA, provisioned an Azure MySQL database, and bound our local WordPress installation to that new database.
With OSBA any cluster can rely on Azure to provide all those pesky "as a service" goodies that make life easier.
Now that you have a cluster with OSBA, adding more applications is quick. Try out another to see for yourself:
All of our OSBA-enabled helm charts are available in the Azure/helm-charts repository.
Do you have an application in mind that you'd like to use with OSBA? We'd love to have it! Learn how to contribute a new chart to our helm repository.