azure 使用自托管代理的 devops：无法部署到 aks 集群

Question

i want to create azure devops release pipeline that build a docker image and deploy it to aks cluster.

the build and deployment to acr work well but the deployment to aks doesn't work.

this is the results after runing the pipeline:

and this is the error logs:

2023-01-08T22:20:48.7666031Z ##[section]Starting: deploy
2023-01-08T22:20:48.7737773Z ==============================================================================
2023-01-08T22:20:48.7741356Z Task         : Deploy to Kubernetes
2023-01-08T22:20:48.7745738Z Description  : Use Kubernetes manifest files to deploy to clusters or even bake the manifest files to be used for deployments using Helm charts
2023-01-08T22:20:48.7750005Z Version      : 0.212.0
2023-01-08T22:20:48.7752721Z Author       : Microsoft Corporation
2023-01-08T22:20:48.7755489Z Help         : https://aka.ms/azpipes-k8s-manifest-tsg
2023-01-08T22:20:48.7757618Z ==============================================================================
2023-01-08T22:20:49.2976400Z Downloading: https://storage.googleapis.com/kubernetes-release/release/stable.txt
2023-01-08T22:20:49.8627101Z Found tool in cache: kubectl 1.26.0 x64
2023-01-08T22:20:50.6940515Z ==============================================================================
2023-01-08T22:20:50.6942077Z            Kubectl Client Version: v1.26.0
2023-01-08T22:20:50.6943172Z            Kubectl Server Version: v1.23.12
2023-01-08T22:20:50.6944430Z ==============================================================================
2023-01-08T22:20:50.7161602Z [command]/azp/_work/_tool/kubectl/1.26.0/x64/kubectl apply -f /azp/_work/_temp/Deployment_acrdemo2ss-deployment_1673216450713,/azp/_work/_temp/Service_acrdemo2ss-loadbalancer-service_1673216450713 --namespace dev
2023-01-08T22:20:50.9679948Z Unable to connect to the server: dial tcp: lookup tfkcluster-dns-074e9373.hcp.canadacentral.azmk8s.io on 192.168.1.1:53: no such host
2023-01-08T22:20:50.9771688Z ##[error]Unable to connect to the server: dial tcp: lookup tfkcluster-dns-074e9373.hcp.canadacentral.azmk8s.io on 192.168.1.1:53: no such host
2023-01-08T22:20:50.9809463Z ##[section]Finishing: deploy

this is my service connection:

Answer 1

Unable to connect to the server: dial tcp: lookup xxxx on 192.168.1.1:53: no such host

It appears that you are using a private cluster (The Private Cluster option is enabled while creating the AKS cluster).

Kubectl is a kube.netes control client. It is an external connectivity provider to connect with kube.netes cluster. We can't connect with the private cluster externally.

However, we can't disable this option after the cluster creation. We need to delete the cluster and create a new one with the option " Private Cluster " disabled.

Alternately, you can set up another self-hosted agent which will be in the same .net as the cluster and have access to AKS and the Azure Pipelines.

See Options for connecting to the private cluster

The API server endpoint has no public IP address. To manage the API server, you'll need to use a VM that has access to the AKS cluster's Azure Virtual Network (VNet). There are several options for establishing.network connectivity to the private cluster.

• Create a VM in the same Azure Virtual Network (VNet) as the AKS cluster.
• Use a VM in a separate.network and set up Virtual.network peering. See the section below for more information on this option.
• Use an Express Route or VPN connection.
• Use the AKS command invoke feature.
• Use a private endpoint connection.

Creating a VM in the same .NET as the AKS cluster is the easiest option. Express Route and VPNs add costs and require additional.networking complexity. Virtual.network peering requires you to plan your.network CIDR ranges to ensure there are no overlapping ranges.