- Install Kubenetes CLI tool - kubectl. Instructions can be found here: https://kubernetes.io/docs/tasks/tools/install-kubectl/
- Install the command line tool of the Kubernetes hosting system:
- SQL Server connection string.
- The SQL connection user account must have permission create new databases and db_owner of the databases.
- SSL certificate and private key without password
- Request the container registry login from IQX for pulling OneList images
- SMTP server login and email address if email approval channel is enabled
- Generate the Machine key for each environment. This is a Base64 string representing an array of 50 bytes.
- Use tools like https://generate.plus/en/base64 to generate a random string of the required length.
- Download these Yaml files
...
Enviroment | AKS | SQL |
---|---|---|
Production | Cluster nodes:3; Cluster node size: 2 vCPU, 8GB RAM | Elastic pool: Standard, eDTU: 100, Data size: 100GB Firewall settings: Allow Azure services and resources to access this server = ON Database collation: SQL_Latin1_General_CP1_CI_AS Databases:
|
Non-production | Cluster nodes:1; Cluster node size: 2 vCPU, 8GB RAM | Elastic pool: Standard, eDTU: 50, Data size: 50GB Firewall settings: Allow Azure services and resources to access this server = ON Database collation: SQL_Latin1_General_CP1_CI_AS Databases: the "x" represents the environment tag, e.g. d for Development, q for QA.
|
Log on to Azure Kubernetes Service (AKS)
...
kubectl create namespace <ONELIST_NAMESPACE>
2. Create ConfigMap and Secret
...
kubectl apply -f config.yaml --namespace <ONELIST_NAMESPACE>
3. Create the Secrete for pulling OneList images
Replace placeholders in the command below and run it.
kubectl create secret docker-registry iqx.acr --docker-server=https://iqxbusiness.azurecr.io --docker-username=<ACR_USERNAME> --docker-password=<ACR_PASSWORD> --docker-email=<YOUR_EMAIL_ADDRESS> --namespace <ONELIST_NAMESPACE>
4. Deploy OneList containers for the apps and services
Run the 2 commands below.
kubectl apply -f onelist6-deployment.yaml --namespace <ONELIST_NAMESPACE>
kubectl apply -f onelist6-service.yaml --namespace <ONELIST_NAMESPACE>
5. Create Nginx ingress service
Run the 2 commands below.
kubectl create -f ingress-nginx-controller.yaml
kubectl create -f onelist6-ingress.yaml --namespace <ONELIST_NAMESPACE>
6. Create the TLS secrete
Run the command below.
kubectl create secret tls tls.onelist --cert <SSL_CERTIFICATE_FILE> --key <PRIVATE_KEY_FILE> --namespace ingress-nginx
7. Create the administrator user account
...