in Azure, Azure Cli, Docker, Service Principal 481 Words

Azure development environment in Docker

As a Windows user I find it difficult to work with Kubernetes in Powershell. So I have build a Docker image to move my execution to Linux, while the coding remains in Windows’ IDE.

The image described in this post has Azure Cli, kubelet and helm installed.

A Service Principal is used to authenticate from the container. Here is a post that explains how this is done.

Build the image

The Dockerfile looks like this:

FROM ubuntu:latest

RUN apt update && \
    apt upgrade -y && \
    apt install curl libicu-dev -y

# azure cli
RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash && \
    az upgrade --yes

# kubectl
RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" && \
    install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

# helm
RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

RUN cat >/login.sh <<EOL
#!/bin/bash
az login --service-principal -u \$AZURE_SERVICE_PRINCIPAL_ID -p \$AZURE_KEY_PATH --tenant \$AZURE_TENANT
EOL

# remove \r and make it executable
RUN sed -i 's/\r$//g' login.sh && \
    chmod 711 login.sh

Installing kubectl and helm is needed only for work with Kubernetes and AKS. Even though the base image is light – 70MB – the image rounds up to 1GB, thanks to 700MB that Azure Cli brings to the table.

The login.sh script that is created is used to login to Azure from the container.

Now the image can be build from the folder where Dockerfile is saved:

docker build . --tag=markokole/azure-dev-env

Create the container and execute it

Environment file envs holds values for variables AZURE_SERVICE_PRINCIPAL_ID, AZURE_TENANT and AZURE_KEY_PATH.

Value for AZURE_KEY_PATH has to be equal to the path where the key is mapped to in the container.

AZURE_SERVICE_PRINCIPAL_ID=
AZURE_TENANT=
AZURE_KEY_PATH=/.azure/key

Run the container:

 docker run -itd --rm --name azure-local `
                      --env-file envs `                      
                      -v C:\marko\git\azure\bicep:/local-git `
                      -v C:\marko\keys\developerCli.pem:/.azure/key:ro `
                      markokole/azure-dev-env

Two volumes are mapped into the container:

  • work folder to allow writing scripts in IDEs in Windows and executing them from container.
  • Key and certificate (in one file) are mapped to a file in the container in order to be able to login to Azure.

The container is entered with the following command:

docker exec -it azure-local /bin/bash

And once in the container, the login script can be executed.

./login.sh

The output, if login is successful, is a JSON object as described in the post about logging to Azure services with service principal.

Make image available on docker hub

Login to docker and push the image if anyone is interested in using it.

docker image push markokole/azure-dev-env

Leave a comment