Versions Compared

Version Old Version 7 New Version 8
Changes made by

Alex Xie

Alex Xie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The purpose of this document is to provide instructions for deploying OneList Application to be hosted in EKS. Networking, security and firewall design and configuration is not in the scope of this document.

Prerequisites

  • Install Kubernetes CLI tool - kubectl. Instructions can be found here: https://kubernetes.io/docs/tasks/tools/install-kubectl/

  • Install the AWS CLI version 2:

  • SQL Server connection string.

    • The SQL user account specified in the connection string must have the db_owner role of the databases so it can create or change tables.

  • Request the container registry login from IQX for pulling OneList images;

  • SMTP server login and sender email address. A full mailbox is required if email approval channel is enabled;

  • Generate the Machine Key for each environment. This is a Base64 string representing an array of 50 bytes.

  • Define the Kubernetes namespace for the OneList environment to be deployed. E.g. onelist-dev, onelist-qa, onelist-prod. It may be required to follow your company's naming standard for these namespaces.

    • Use this value to  replace the <ONELIST_NAMESPACE> placeholder in the instructions below.

  • Define the label for the OneList environment to be deployed. This is a short label, e.g. dev, qa, prod. The first letter must be unique in all the environments planned and it is used as the suffix of the database names.

    • Use this value to replace the <environment> placeholder in the instructions below.

  • Request a Public Certificate using ACM or Import a Certificate into ACM.

  • Download these Yaml files

Recommended Configuration

Environments

EKS

SQL

Production

Worker node: EC2 T3.large, 2 vCPU, 8 GiB RAM

Worker node count: 3;

 

Amazon RDS for SQL Server

  • collation: SQL_Latin1_General_CP1_CI_AS

  • size: Standard instance, db.t3.2xlarge

Databases: 

  • OneList_p

  • RoleManager_p

  • Comms_p

Non-production

Worker node: EC2 T3.large, 2 vCPU, 8 GiB RAM

Worker node count: 3;

Amazon RDS for SQL Server

  • collation: SQL_Latin1_General_CP1_CI_AS

  • size: Standard instance, db.t3.xlarge

Databases: the "x" represents the environment tag, e.g. d for Development, q for QA.

  • OneList_x

  • RoleManager_x

  • Comms_x

Connect to EKS cluster

  1. Configure your AWS CLI credential if it is not yet configured.
    Run command below andinput information prompted.
    aws configure
    For more information, see Configuring the AWS CLI.

  2. Set context to the EKS cluster. Run the command below.
    aws eks --region <region> update-kubeconfig --name <cluster_name>

Deployment steps

Open a command prompt from the folder that contains the YAML deployment files. Flow steps below to deploy OneList.

1. Create the Kubernetes namespace

Run the command below to create the Kubernetes namespace for the OneList environment, e.g. onelist-dev.

...

kubectl create namespace onelist-dev

2. Create ConfigMap and Secret

These Kubernetes ConfigMap and Secret contains the required environment variables that are used by OneList services.

...

kubectl apply -f config.yaml --namespace onelist-dev

3. Create the Secrete for pulling OneList images

Replace placeholders in the command below and run it.

...

For example: kubectl create secret docker-registry iqx.acr --docker-server=https://iqxbusiness.azurecr.io/ --docker-username=acr_username --docker-password=acr_password --docker-email=myemail@example.com --namespace onelist-dev

4. Deploy OneList containers for the apps and services

Run the 2 commands below.

...

kubectl apply -f onelist-service.yaml --namespace onelist-dev

5. Create Ingress object and ALB load balancer

Follow the instructions in 5.1 to deploy the first OneList environment and the instructions in 5.2 to deploy the additional environments. 

5.1  Deploy the first OneList environment (namespace)

Create ALB Ingress Controller

...

kubectl apply -f alb-onelist-ingress.yaml --namespace onelist-dev

5.2 Deploy additional OneList environment (namespace)

Open alb-onelist-ingress.yaml in notepad.

...

kubectl apply -f alb-onelist-ingress.yaml --namespace onelist-dev

6. Get the generated AWS public URL for OneList DNS configuration

Run the following command to discover the public URL of the environment for configuring the OneList DNS alias.

...

The AWS public URL is similar to this: e6325261-onelist650-onelis-7461-1342161572.ap-southeast-2.elb.amazonaws.com

7. Create the administrator user account

  • Navigate to the OneList URL in the browser, you will be presented to the following page to create the first user account. The System Administrator access is automatically granted to this user account.

...