I am using Azure DevOps create pipeline for deploy to azure kubernetes service. during create new pipeline for Deploy Azure Kubernetes Services private cluster encounter error like below.
on azure devops already create services principle for connection to AKS
Create pipeline error
Some user found like this.
How should I fix it?
BR, Za_phu
I am using Azure DevOps create pipeline for deploy to azure kubernetes service. during create new pipeline for Deploy Azure Kubernetes Services private cluster encounter error like below.
on azure devops already create services principle for connection to AKS
Create pipeline error
Some user found like this.
How should I fix it?
BR, Za_phu
Share Improve this question asked Feb 18 at 1:03 powerfulpowerful 572 silver badges8 bronze badges1 Answer
Reset to default -2When you use "Deploy to Azure Kubernetes Service" template to create an Azure pipeline, Azure DevOps will access your Subscription and resources inside it. If the user doesn't have permissions to access the Subscription/AKS, he will get permission-related error as shown in your second screenshot.
About error "The remote name could not be resolved "..azmk8s.io", it's a DNS resolution issue with your Azure Kubernetes Service (AKS) cluster. Please
- Ensure that your AKS cluster's DNS configuration is correct.
- Ensure that your network settings allow connectivity from Azure DevOps to the AKS cluster. Ensure that there are no firewall rules or network security groups blocking access.
As a workaround, you can create a pipeline manually and use the service connection created before. The following YAML is automatically created. Replace parameters with your actual values. If your AKS has Vnet configured, you may consider add the ip of MS-hosted agent to your allow list or set up a self-hosted agent in the same network.
# Deploy to Azure Kubernetes Service
# Build and push image to Azure Container Registry; Deploy to Azure Kubernetes Service
# https://docs.microsoft/azure/devops/pipelines/languages/docker
trigger:
- main
resources:
- repo: self
variables:
# Container registry service connection established during pipeline creation
dockerRegistryServiceConnection: '{DockerRegistrySC}'
imageRepository: '{ImageName}'
containerRegistry: '{RegistryName}.azurecr.io'
dockerfilePath: '**/Dockerfile'
tag: '$(Build.BuildId)'
imagePullSecret: '{SecretName}'
# Agent VM image name
vmImageName: 'ubuntu-latest'
stages:
- stage: Build
displayName: Build stage
jobs:
- job: Build
displayName: Build
pool:
vmImage: $(vmImageName)
steps:
- task: Docker@2
displayName: Build and push an image to container registry
inputs:
command: buildAndPush
repository: $(imageRepository)
dockerfile: $(dockerfilePath)
containerRegistry: $(dockerRegistryServiceConnection)
tags: |
$(tag)
- upload: manifests
artifact: manifests
- stage: Deploy
displayName: Deploy stage
dependsOn: Build
jobs:
- deployment: Deploy
displayName: Deploy
pool:
vmImage: $(vmImageName)
environment: 'pipelinesjavascriptdocker.default'
strategy:
runOnce:
deploy:
steps:
- task: KubernetesManifest@0
displayName: Create imagePullSecret
inputs:
action: createSecret
secretName: $(imagePullSecret)
dockerRegistryEndpoint: $(dockerRegistryServiceConnection)
- task: KubernetesManifest@0
displayName: Deploy to Kubernetes cluster
inputs:
action: deploy
manifests: |
$(Pipeline.Workspace)/manifests/deployment.yml
$(Pipeline.Workspace)/manifests/service.yml
imagePullSecrets: |
$(imagePullSecret)
containers: |
$(containerRegistry)/$(imageRepository):$(tag)