//Cloud notes from my desk -Maheshk

"Fortunate are those who take the first steps.” ― Paulo Coelho

Failed to delete virtual network ‘k8s-vkdemo-2-vnet’. Error: Subnet virtual-node-aci is in use by and cannot be deleted

Recently I tried deleting few resource groups(RG) having AKS cluster with ACI enabled. I couldn’t get them deleted completely for some reason leaving Vnet all those RG’s.

Error message was “Failed to delete virtual network ‘k8s-vkdemo-2-vnet’. Error: Subnet virtual-node-aci is in use by and cannot be deleted.” I got the same error for other 2 cluster RG as well. I tried deleting individual sub-nets there I got an error.

With help of support and this article I was able to delete the RG. It’s is documented here -> https://docs.microsoft.com/en-us/azure/container-instances/container-instances-vnet#delete-network-resources.

Here is the revised script.

# Replace <my-resource-group> with the name of your resource group
RES_GROUP=<my-resource-group>

# Replace <my_vnet_name> with the name of your VNet name
VNET_NAME=<my_vnet_name>

# Replace <my_subnet_name> with the name of your subnet name
SUBNET_NAME=<my_subnet_name>

# Get network profile ID
NETWORK_PROFILE_ID=$(az network profile list --resource-group $RES_GROUP --query [0].id --output tsv)

# Delete the network profile
az network profile delete --id $NETWORK_PROFILE_ID -y

# Get the service association link (SAL) ID
SAL_ID=$(az network vnet subnet show --resource-group $RES_GROUP --vnet-name $VNET_NAME --name $SUBNET_NAME --query id --output tsv)/providers/Microsoft.ContainerInstance/serviceAssociationLinks/default

# Delete the default SAL ID for the subnet
az resource delete --ids $SAL_ID --api-version 2018-07-01

# Delete the subnet delegation to Azure Container Instances
az network vnet subnet update --resource-group $RES_GROUP --vnet-name $VNET_NAME --name $SUBNET_NAME--remove delegations 0

# Delete the subnet
az network vnet subnet delete --resource-group $RES_GROUP --vnet-name $VNET_NAME --name $SUBNET_NAME

# Delete virtual network
az network vnet delete --resource-group $RES_GROUP --name $VNET_NAME

2019-03-18 Posted by | AKS, Azure, Azure Dev, Uncategorized | Leave a comment

Why Azure Kubernetes Service(AKS) vs Others

What is AKS?
– deploy a managed Kubernetes cluster in Azure.
– reduces the complexity and operation overhead of managing
K8s by offloading much of that responsibility to Azure
– handles critical tasks like health monitoring and maintenance for you.
– masters are managed by Azure and You only manage and maintain the agent nodes.
– free, you only pay for the agent nodes and not for the master

tst3

Why AKS vs Others?
– Streamlined application onboarding with integrated VSTS CI/CD via DevOps Project
– Deep integration with Azure Monitor and Log Search
– Using Azure Dev Spaces for AKS – enables multiple developers to collaborate and rapidly iterate/debug microservices directly in AKS dev environment
– Open source thought leadership through projects like Virtual Kubelet, Helm, Draft, Brigade & Kashti & our contribution to the open source community
– Support for scenarios such as elastic bursting using Azure Container Instance (ACI) and Virtual Kubelet
– Users can use Key Vault for increased security and control over Kubernetes keys and passwords, create and import encryption keys in minutes
– Developers and operations can be assured their workloads will have Automated OS & Framework Patching with ACR Build
– Rich Tooling Support  VS Code/VS integration (VSCode is a free code editor; try today, you’ll thank us )

Best practice guidance
———————-
> For integration with existing virtual networks or on-premises networks, use advanced networking in AKS.
> greater separation of resources and controls in an enterprise environment

Two different ways to deploy AKS clusters into virtual networks:
+ Basic networking – Azure manages the virtual network resources as the cluster is deployed and uses the kubenet Kubernetes plugin.
+ Advanced networking – Deploys into an existing virtual network, and uses the Azure Container Networking Interface (CNI) Kubernetes plugin. Pods receive individual IPs that can route to other network services or on-premises resources.
The Container Networking Interface (CNI) is a vendor-neutral protocol that lets the container runtime make requests to a network provider. The Azure CNI assigns IP addresses to pods and nodes, and provides IP address management (IPAM) features as you connect to existing Azure virtual networks. Each node and pod resource receives an IP address in the Azure virtual network, and no additional routing is needed to communicate

$ az aks create –resource-group myAKSCluster –name myAKSCluster –generate-ssh-keys \
–aad-server-app-id \
–aad-server-app-secret \
–aad-client-app-id \
–aad-tenant-id

$ az aks get-credentials –resource-group myAKSCluster –name myAKSCluster –admin
Merged “myCluster” as current context ..

$ kubectl get nodes

NAME STATUS ROLES AGE VERSION
aks-nodepool1-42032720-0 Ready agent 1h v1.9.6
aks-nodepool1-42032720-1 Ready agent 1h v1.9.6
aks-nodepool1-42032720-2 Ready agent 1h v1.9.6

2019-03-06 Posted by | AKS, Azure Dev, Kubernetes, Linux, Microservices, PaaS | | Leave a comment

   

%d bloggers like this: