Deploy a MEAN Application with CosmosDB on AKS using the Open Service Broker


MEAN is a Javascript framework which simplifies and accelerates web application development. It is based on the Node.js language and it also includes the latest releases of MongoDB, Express, Node.js, and Angular. MEAN allows you to write less code with its predefined layout and additional libraries to simplify the programming of web applications. Running your application in a production environment like Kubernetes is the best way to automate the deployment, scaling and management of the application containers' operations. Microsoft Azure offers you a fully managed Kubernetes service called Azure Container Service (AKS) that allows you to quickly and easily manage application containers in a cloud production environment.

This guide walks you through the process of running an example of MEAN application with an external database (Cosmos DB) on the Azure Container Service (AKS) using both the Open Service Broker for Azure (OSBA) and the Kubernetes Service Catalog.

Watch this video or follow the instructions below to learn how to install the Kubernetes Service Catalog and the Open Service Broker for Azure to deploy a Node.js application with Azure Cosmos DB in AKS.

Assumptions and prerequisites

This guide makes the following assumptions:

Step 1: Install the Kubernetes Service Catalog

The Kubernetes Service Catalog allows you to list, provide, and connect to manage services from Service Brokers (in this case, to the Open Service Broker for Azure- OSBA). That way, your MEAN AKS cluster can use the OSBA services easily. Before installing the Kubernetes Service Catalog, add its repository to Helm. Then, execute the helm install command to install it.

helm repo add svc-cat
helm install catalog svc-cat/catalog  --namespace catalog --set rbacEnable=false --set

You will see an output showing the service catalog status. To further check it, run the get pods command:

kubectl get pods -n catalog -w
Get pods service catalog

Step 2: Install the Open Service Broker for Azure (OSBA)

Now, it is time to install the Open Service Broker for Azure (OSBA). It allows you to connect your application to the services available in the Azure marketplace. That way, you will be able to connect your application to Cosmos DB as we will see later on. Follow these instructions:

  • Export your subscription ID by executing the following commands. Remember to replace the MY-SUBSCRIPTION-ID placeholder with your Azure subscription ID:

    az account list -o table
  • In AKS, a Kubernetes cluster needs an Azure Active Directory service principal to interact with the OSBA. Execute the commands below to create the service principal and to export your credentials. MY-TENTANT-ID, MY-CLIENT-ID, and MY-CLIENT-SECRET are placeholders. Replace them with the corresponding values.

    az ad sp create-for-rbac --name osba-quickstart -o table
  • Install the OSBA using the helm CLI. First, add the repo to your cluster and then, install the broker:

    helm repo add azure
    helm install osba azure/open-service-broker-azure --namespace osba \
        --set azure.subscriptionId=$AZURE_SUBSCRIPTION_ID \
        --set azure.tenantId=$AZURE_TENANT_ID \
        --set azure.clientId=$AZURE_CLIENT_ID \
        --set azure.clientSecret=$AZURE_CLIENT_SECRET \
        --set modules.minStability=EXPERIMENTAL
Install OSBA

To check the status of the OSBA pods, execute the kubectl get pods -w -n osba command.

  • Verify that the service broker has been deployed and also check the installed service classes and plans:

    kubectl get clusterservicebroker -o yaml
    kubectl get clusterserviceclasses,EXTERNAL\ NAME:.spec.externalName
    kubectl get clusterserviceplans,EXTERNAL\ NAME:.spec.externalName,SERVICE\

Step 3: Subscribe to your private registry and container marketplace

Once your AKS cluster is up and running, the next step is to create a private Azure Container Registry (ACR) and a Kubernetes secret to synchronize your registry with the Bitnami container registry. That way, the images will be pulled from your private registry instead of, for example, from the public Docker Hub.

Check the Step 3 of our Get Started With The Azure Container Service (AKS) to learn how to create a private ACR and a Kubernetes secret. You will need these values to deploy the Bitnami Node.js Helm Chart in Step 5.

Step 4: Create a ServiceInstance for a Cosmos DB database

  • To get the Azure Cosmos DB database, first you need to create a new file with the following content:

     kind: ServiceInstance
         name: azure-mongodb-instance
         app: mongodb
         clusterServiceClassExternalName: azure-cosmosdb-mongo-account
         clusterServicePlanExternalName: account
         location: eastus
         resourceGroup: mongodb-k8s-service-catalog
             -  ""
  • Create a ServiceInstance for Cosmos DB as follows:

    kubectl create -f mongodb-service-instance.yaml
    kubectl get serviceinstance
  • Check that the yaml file recently created for the Cosmos DB service contains all the information required to provision the ServiceInstance. Execute the following:

    kubectl get serviceinstance -o yaml azure-mongodb-instance
Check the Cosmos DB service instance

Step 5: Deploy the Bitnami Node.js Helm Chart using the ServiceInstance

  • Once both the OSBA is installed and the ServiceInstance for Cosmos DB is created, deploy the Bitnami Node.js chart on AKS using that ServiceInstance. To do so, first add the Bitnami charts repository to Helm and then execute the helm install command followed by these parameters:


    Replace MY-REGISTRY and the MY-ACR-AUTH placeholders with the values you have defined in Step 3.

    helm repo add bitnami
    helm install node-app bitnami/node \
        --set mongodb.install=false \
        --set \
        --set serviceType=LoadBalancer \
        --set externaldb.ssl=true \
        --set \
        --set image.pullSecrets={MY-ACR-AUTH}

The Node.js application has been successfully deployed on AKS and it is up and running!

Deploy the Bitnami Node.js chart
  • In order to check the current status of the cluster, you can execute the kubectl get pods command to see that both Node.js and MongoDB are running:

    kubectl get pods -w

    To confirm that the secrets have been created correctly, run the kubectl get secrets command.

  • To get the external IP address of the MEAN application, execute the following:

    kubectl get svc -w node-app-node --namespace default

    After a few seconds, the application IP address will be displayed as shown below:

Get the external IP address
  • To access the application, enter its IP address in a web browser. Congratulations, you have a MEAN application with Cosmos DB running on an AKS cluster!
Access the application

Useful links

To learn more about the topics discussed in this tutorial, use the links below: