Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Prerequisites

...

EnviromentAKSSQL
Production

Cluster nodes:3;

Cluster node size: 2 vCPU, 8GB RAM

Elastic pool: Standard,

eDTU: 100,

Data size: 100GB

Firewall settings: Allow Azure services and resources to access this server = ON

Database collation: SQL_Latin1_General_CP1_CI_AS

Databases: 

  • OneList_p
  • RoleManager_p
  • Comms_p
Non-production

Cluster nodes:1;

Cluster node size: 2 vCPU, 8GB RAM

Elastic pool: Standard,

eDTU: 50,

Data size: 50GB

Firewall settings: Allow Azure services and resources to access this server = ON

Database collation: SQL_Latin1_General_CP1_CI_AS

Databases: the "x" represents the environment tag, e.g. d for Development, q for QA.

  • OneList_x
  • RoleManager_x
  • Comms_x

Log on to Azure Kubernetes Service (AKS)

...

kubectl create namespace <ONELIST_NAMESPACE>

2. Create ConfigMap and Secret

...

  • RoleManager__MachineKey 
    This is a base64 string representing an array of 44 50 bytes. Use this online tool: https://www.base64encode.org/. Input 44 50 characters to encode.
  • Database__ConnectionString
    The value is the SQL Server connection string. The name of the databases will be automatically specified by the services.
  • Smtp__UserName 
  • Smtp__Password
  • ASPNETCORE_ENVIRONMENT
    The value specifies the environment. It can be one of the following Production, Dev, QA.
  • Smtp__From
    This is the sender email address of notifications from OneList
  • Smtp__Host
    This is the SMTP server OneList use to send notifications.
  • Smtp__Port
    This is the port of SMTP server.
  • Smtp__UseSsl
    Define if SMTP server uses SSL connection.

...

kubectl apply -f config.yaml --namespace <ONELIST_NAMESPACE>

3. Create the Secrete for pulling OneList images

Replace placeholders in the command below and run it.

kubectl create secret docker-registry iqx.acr --docker-server=https://iqxbusiness.azurecr.io --docker-username=<ACR_USERNAME> --docker-password=<ACR_PASSWORD> --docker-email=<YOUR_EMAIL_ADDRESS> --namespace <ONELIST_NAMESPACE>

4. Deploy OneList containers for the apps and services

Run the 2 commands below.

kubectl apply -f onelist6-deployment.yaml --namespace <ONELIST_NAMESPACE>

kubectl apply -f onelist6-service.yaml --namespace <ONELIST_NAMESPACE>

5. Create Nginx ingress service

Run the 2 commands below.

kubectl create -f ingress-nginx-controller.yaml

kubectl create -f onelist6-ingress.yaml --namespace <ONELIST_NAMESPACE>

6. Create the TLS secrete

Run the command below.

kubectl create secret tls tls.onelist --cert <SSL_CERTIFICATE_FILE> --key <PRIVATE_KEY_FILE> --namespace ingress-nginx

7. Create the administrator user account

...