Java: Manage Azure Container Service, Cosmos DB, Active Directory Graph and more

Опубликовано 22 июня, 2017

Principal Program Manager, Azure Developer Experience

We released 1.1 of the Azure Management Libraries for Java. This release adds support for:

Cosmos DB Azure Container Service and Registry Active Directory Graph

https://github.com/Azure/azure-sdk-for-java

Getting started

Add the following dependency fragment to your Maven POM file to use 1.1 version of the libraries:

<dependency>
    <groupId>com.microsoft.azure</groupId>
    <artifactId>azure</artifactId>
    <version>1.1.0</version>
</dependency>

Create a Cosmos DB with DocumentDB API

You can create a Cosmos DB account by using a define() … create() method chain.

DocumentDBAccount documentDBAccount = azure.documentDBs().define("myDocumentDB")
        .withRegion(Region.US_EAST)
        .withNewResourceGroup(rgName)
        .withKind(DatabaseAccountKind.GLOBAL_DOCUMENT_DB)
        .withSessionConsistency()
        .withWriteReplication(Region.US_WEST)
        .withReadReplication(Region.US_CENTRAL)
        .create();

In addition, you can:

Create an Azure Container Registry

You can create an Azure Container Registry by using a define() … create() method chain.

Registry azureRegistry = azure.containerRegistries().define("acrdemo")
       .withRegion(Region.US_EAST)
       .withNewResourceGroup(rgName)
       .withNewStorageAccount(saName)
       .withRegistryNameAsAdminUser()
       .create();

You can get Azure Container Registry credentials by using listCredentials().

RegistryListCredentials acrCredentials = azureRegistry.listCredentials();

Create an Azure Container Service with Kubernetes Orchestration

You can create an Azure Container Service by using a define() … create() method chain.

ContainerService azureContainerService = azure.containerServices().define("myK8S")
      .withRegion(Region.US_EAST)
      .withNewResourceGroup(rgName)
      .withKubernetesOrchestration()
      .withServicePrincipal(servicePrincipalClientId, servicePrincipalSecret)
      .withLinux()
      .withRootUsername(rootUserName)
      .withSshKey(sshKeys.getSshPublicKey())
      .withMasterNodeCount(ContainerServiceMasterProfileCount.MIN)
      .withMasterLeafDomainLabel("dns-myK8S")
      .defineAgentPool("agentpool")
            .withVMCount(1)
            .withVMSize(ContainerServiceVMSizeTypes.STANDARD_D1_V2)
            .withLeafDomainLabel("dns-ap-myK8S")
            .attach()
      .create();

You can instantiate a Kubernetes client using a community developed Kubernetes client library.

KubernetesClient kubernetesClient = new DefaultKubernetesClient(config);

Deploy from Container Registry to Kubernetes in Container Service

You can deploy an image from Azure Container Registry to a Kubernetes cluster using the same community developed Kubernetes client library and an image pull secret associated with the Container Registry.

ReplicationController rc = new ReplicationControllerBuilder()
     .withNewMetadata()
          .withName("acssample-rc")
          .withNamespace(acsNamespace)
          .addToLabels("acssample-nginx", "nginx")
     .endMetadata()
     .withNewSpec()
          .withReplicas(2)
          .withNewTemplate()
               .withNewMetadata()
                    .addToLabels("acssample-nginx", "nginx")
               .endMetadata()
               .withNewSpec()
                    .addNewImagePullSecret(acsSecretName)
                    .addNewContainer()
                         .withName("acssample-pod-nginx")
                         .withImage("acrdemo.azurecr.io/samples/acssample-nginx")
                         .addNewPort()
                              .withContainerPort(80)
                         .endPort()
                    .endContainer()
                .endSpec()
          .endTemplate()
     .endSpec()
     .build();
 
kubernetesClient.replicationControllers().inNamespace(acsNamespace).create(rc);

You can find the full sample code to deploy an image from container registry to Kubernetes in Container Service
Similarly, you can deploy an image from Azure Container Registry to Linux containers in App Service.

Create Service Principal with Subscription Access

You can create a service principal and assign it to a subscription with contributor role by using a define() … create() method chain.

ServicePrincipal servicePrincipal = authenticated.servicePrincipals().define("spName")
     .withExistingApplication(activeDirectoryApplication)
     // define credentials
     .definePasswordCredential("ServicePrincipalAzureSample")
           .withPasswordValue("StrongPass!12")
           .attach()
     // define certificate credentials
     .defineCertificateCredential("spcert")
           .withAsymmetricX509Certificate()
           .withPublicKey(Files.readAllBytes(Paths.get(certificate.getCerPath())))
           .withDuration(Duration.standardDays(7))
           // export credentials to a file
           .withAuthFileToExport(new FileOutputStream(authFilePath))
           .withPrivateKeyFile(certificate.getPfxPath())
           .withPrivateKeyPassword(certPassword)
           .attach()
     .withNewRoleInSubscription(role, subscriptionId)
     .create();

Similarly, you can:

Try it

You can get more samples from  https://github.com/azure/azure-sdk-for-java#sample-code. Give it a try and let us know what do you think (via e-mail or comments below).

You can find plenty of additional info about Java on Azure at http://azure.com/java.