- Install Kubenetes CLI tool - kubectl. Instructions can be found here: https://kubernetes.io/docs/tasks/tools/install-kubectl/
- Install the command line tool of the Kubernetes hosting system:
- SQL Server connection string.
- The SQL connection user account must have permission create new databases and db_owner of the databases.
- SSL certificate and private key without password
- Request the container registry login from IQX for pulling OneList images
- SMTP server login and email address if email approval channel is enabled
- Generate the Machine key and encode it to a base64 string for each environmentfor each environment. This is a Base64 string representing an array of 50 bytes.
- Use tools like https://generate.plus/en/base64 to generate a random string of the required length.
- Download these Yaml files
...
Enviroment | AKS | SQL |
---|---|---|
Production | Cluster nodes:3; Cluster node size: 2 vCPU, 8GB RAM | Elastic pool: Standard, eDTU: 100, Data size: 100GB Firewall settings: Allow Azure services and resources to access this server = ON Database collation: SQL_Latin1_General_CP1_CI_AS Databases:
|
Non-production | Cluster nodes:1; Cluster node size: 2 vCPU, 8GB RAM | Elastic pool: Standard, eDTU: 50, Data size: 50GB Firewall settings: Allow Azure services and resources to access this server = ON Database collation: SQL_Latin1_General_CP1_CI_AS Databases: the "x" represents the environment tag, e.g. d for Development, q for QA.
|
Log on to Azure Kubernetes Service (AKS)
...
kubectl create namespace <ONELIST_NAMESPACE>
2. Create ConfigMap and Secret
These Kubernetes ConfigMap and Secret defines the required environment variables that are used by OneList services. Open the "config.yaml" in notepad and update the following fields with the actual value.
- RoleManager__MachineKey
This is a base64 string representing an array of 44 bytes. Use this online tool: https://www.base64encode.org/. Input 44 characters to encodeThe value is the generated machine key. - Database__ConnectionString
The value is the SQL Server connection string. The name of the databases will be automatically specified by the services. - Smtp__UserName
- Smtp__Password
- ASPNETCORE_ENVIRONMENT
The value specifies the environment. It can be one of the following Production, Dev, QA. - Smtp__From
This is the sender email address of notifications from OneList - Smtp__Host
This is the SMTP server OneList use to send notifications. - Smtp__Port
This is the port of SMTP server. - Smtp__UseSsl
Define if SMTP server uses SSL connection.
...
kubectl apply -f config.yaml --namespace <ONELIST_NAMESPACE>
3. Create the Secrete for pulling OneList images
Replace placeholders in the command below and run it.
kubectl create secret docker-registry iqx.acr --docker-server=https://iqxbusiness.azurecr.io --docker-username=<ACR_USERNAME> --docker-password=<ACR_PASSWORD> --docker-email=<YOUR_EMAIL_ADDRESS> --namespace <ONELIST_NAMESPACE>
4. Deploy OneList containers for the apps and services
Run the 2 commands below.
kubectl apply -f onelist6-deployment.yaml --namespace <ONELIST_NAMESPACE>
kubectl apply -f onelist6-service.yaml --namespace <ONELIST_NAMESPACE>
5. Create Nginx ingress service
Run the 2 commands below.
kubectl create -f ingress-nginx-controller.yaml
kubectl create -f onelist6-ingress.yaml --namespace <ONELIST_NAMESPACE>
6. Create the TLS secrete
Run the command below.
kubectl create secret tls tls.onelist --cert <SSL_CERTIFICATE_FILE> --key <PRIVATE_KEY_FILE> --namespace ingress-nginx
7. Create the administrator user account
...