Deploying Azure Container Service using the azurerm Python library


Azure Container Service is an easy to deploy container framework for Azure. It’s an open framework that among other things lets you choose whether to deploy DCOS or Swarm based cluster orchestration. You can deploy ACS directly from the Azure Portal or command line, and it has a convenient set of REST APIs to deploy and manage the service programmatically, which is supported by the standard Azure SDKs. The azurerm Python library of Azure REST wrappers also recently added support for ACS.

Here’s an example showing how you can deploy a new Container Service with azurerm. You can see a similar example in the examples section of the azurerm github repo:, and see all the ACS API calls exercised in the azurerm ACS unit tests.

import azurerm
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend
from haikunator import Haikunator  # used to generate random word strings
import json
import sys

tenant_id = "your tenant id"
app_id = "your application id"
app_secret = "your application secret"
subscription_id = "your Azure subscription id"

# authenticate
access_token = azurerm.get_access_token(tenant_id, app_id, app_secret)

# set Azure data center location
location = 'eastus'

# create resource group - use Haikunator to generate a random name
rgname = Haikunator.haikunate() 
print('Creating resource group: ' + rgname)
response = azurerm.create_resource_group(access_token, subscription_id, rgname, location)
if response.status_code != 201:
    print(json.dumps(response.json(), sort_keys=False, indent=2, separators=(',', ': ')))
    sys.exit('Expecting return code 201 from create_resource_group(): ')

# create Container Service name and DNS values - random names again
service_name = Haikunator.haikunate(delimiter='')
agent_dns = Haikunator.haikunate(delimiter='')
master_dns = Haikunator.haikunate(delimiter='')

# generate RSA Key for container service - put your own public key here instead
key = rsa.generate_private_key(backend=default_backend(), public_exponent=65537, \
public_key = key.public_key().public_bytes(serialization.Encoding.OpenSSH, \

# create container service (orchestrator will default to DCOS)
agent_count = 3                # the container hosts which will do the work
agent_vm_size = 'Standard_A1'
master_count = 1               # use 3 for production deployments
admin_user = 'azure'
print('Creating container service: ' + service_name)
print('Agent DNS: ' + agent_dns)
print('Master DNS: ' + master_dns)
print('Agents: ' + str(agent_count) + ' * ' + agent_vm_size)
print('Master count: ' + str(master_count))

response = azurerm.create_container_service(access_token, subscription_id, \
    rgname, service_name, agent_count, agent_vm_size, agent_dns, \
    master_dns, admin_user, public_key, location, master_count=master_count)
if response.status_code != 201:
    sys.exit('Expecting return code 201 from create_container_service(): ' + str(response.status_code))

print(json.dumps(response.json(), sort_keys=False, indent=2, separators=(',', ': ')))
This entry was posted in Cloud, Computers and Internet, Containers, Python and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s