v0.0.0-...-8a8b58e Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Dec 6, 2018 License: Apache-2.0



Kunlun is to tool for deploying and managing common OSS based workloads on Azure. Using Kunlun allows users with no familiarity with Azure to deploy Java and LAMP applications in an optimized way.

Build Status


Go Report Card

Building Kunlun from Source

go get github.com/Microsoft/kunlun/cmd/kl

Now you will have a kl command. To validate the install run:

kl help

If you get a No command 'kl' found error then you like neglected to add your $GOPATH/bin to the path when installing Go.

export PATH=$PATH:$GOTPATH/bin

If you hit the error undefined: strings.Builder, please upgrade your Go to version 1.10 or later.

Using Kunlun

Prepare the Environment
  • Install Go version 1.10 or later

  • Install Terraform

    • Note that you need to ensure that the terraform binary is on your path
  • Install Ansible

Login to Azure
az login

If you have more than one subscription you should check you have the right one activated with az account show. If necessary change it with az account set --subscription ..., you can view your avilable subscriptions with az account list.

Once you are sure you are using the correct subscription place it's ID in an environment variable, while we are at it we'll grab the Tenant ID too:

export KL_AZURE_SUBSCRIPTION_ID=$(az account show --output tsv --query id)
export KL_AZURE_TENANT_ID="$(az account show --output tsv --query tenantId)"
Service Principle for Kunlun

If you don't already have a service principle for Kunlun we need to create one now. If you have already created one you simply need to grab its client id, see the last command in this section.

To create/use a Service Principle for Kunlun to use to manage your resources we will first capture some important values in environment variables. First we need a name for the service principle. The below command generates a name that includes a UUID, you may choose to provide a more memorable name:

export KL_AZURE_APP_NAME=kunlun-$(uuidgen)

For convenience for this tutorial ONLY we'll store the client secret in an environment variable. Obviously you don't want to do this in the real world.

export KL_AZURE_CLIENT_SECRET=password

Now we are ready to create the service principle:

az ad sp create-for-rbac --name $KL_AZURE_APP_NAME --password $KL_AZURE_CLIENT_SECRET

For convenience we will store the Client ID in an environment variable:

export KL_AZURE_CLIENT_ID="$(az ad sp show --id http://$KL_AZURE_APP_NAME --output tsv --query appId)"
A Few More Environment Variables

It is also useful to set a few other convenience environment variables:

export KL_IAAS=azure
export KL_AZURE_REGION=southcentralus
Check Environment Setup

At this point you should have a set of environment variables that will be used to make Kunlun use easier. To view the current setup use:

env | grep '^KL_'

This will give you an output something like:

Analyze the Application you wish to deploy

Change into your project working directory. For our demo we will create a new project directory:

mkdir kunlun-test
cd kunlun-test

And now we will analyze our application in order to select the correct infrastrcuture.

kl analyze

This will ask a number of questions, for the most part you can safely use the defaults. You will, however, need to provide a resource group name. This is the name of the Azure Resource Group into which Kunlun will place all created resources (e.g. virtual machines, networks, storage). The resource group name must be unique to your subscription.

When asked for your application code you should provide a public Git repository. For your convenience we provide a couple of simple sample applications:

PHP : https://github.com/kun-lun/2048php.git Java : https://github.com/kun-lun/2048java.git

You will get one folder called artifacts in your working dir. With a main.yml file and one patches folder. The format of these outputs is unique to Kunlun and, for the most part you will not work with them. However, they are provided so that advanced users have a significant amount of control over their deployed resources. See the 'Advanced Users' section for more information.

Plan the infrastructure

Now we need to convert this Kunlun spec into something that can be used to deploy the infrastrcuture required. the plan_infra command will do this:

kl plan_infra

The outputs of this command are Terraform templates, which can be found in the infra folder. If the gnerated Terraform is not sufficient for your needs you can customize the plan, see the 'Advanced Users' section below.

Infrastrcuture Configuration

Now it is time to deploy the infrastrcuture we need. This can be done with:

kl apply_infra

This command creates an outputs.yml in the artifacts/patches folder. This contains contents such as:

- type: replace
  path: /vm_groups/name=jumpbox/networks/0/outputs?
    - public_ip:
- type: replace
  path: /vm_groups/name=web-servers/networks/0/outputs?
    - ip:

[FIXME: what does this next sentence mean?] This file will be applied to the original artifact, and then our deployment component would digest and produce the deployment script, now, in ansible.

Plan Software Deployment

We can now plan our software deployment to this infrastructure:

kl plan_deployment

After running this command you will see a folder called deployments. This folder contains the ansible deployment scripts for your application. If this doesn't look like it covers your requirements you can customize it. See the 'Advanced Users' section below.

Deploy Software

Run kl apply_deployment to do the real deployment.

Advanced Users

Kunlun is designed to be very flexible. As such it provides a number of ways advanced users can tune it for their specific purposes.


The analyze command outputs a main.yml file that contains a description of the system that will be deployed. If you think the infrastrcuture selected for your application does not meet your requirements, you can create a patch file under the patches folder to change the final configuration:

- type: replace
  path: /vm_groups/name=jumpbox/sku
  value: Standard_DS2_v2
- type: replace
  path: /vm_groups/name=web-servers/sku
  value: Standard_DS2_v2

The plan_infra command creates Terraform templates to deploy the actual resources. If you want to setup some additional resources, you can add additional Terraform files in the infra folder.

The plan_deployment command attempts to build Ansible deployments for your software code. If you think our built-in artifacts do not meet your requirements, you can create a patch file to add more roles into the artifact and run kl plan_deployment again. For example, you might want to add a firewall component:

- type: replace
  path: /vm_groups/name=web-servers/roles/-
    name: geerlingguy.firewall

SSH into your VMs

Run kl ssh -group <YOUR VM GROUP NAME> -index <YOUR NODE INDEX> to ssh into your vm instance in one group.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL