Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Prerequisites

...

EnviromentAKSSQL
Production

Cluster nodes:3;

Cluster node size: 2 vCPU, 8GB RAM

Elastic pool: Standard,

eDTU: 100,

Data size: 100GB

Firewall settings: Allow Azure services and resources to access this server = ON

Database collation: SQL_Latin1_General_CP1_CI_AS

Databases: 

  • OneList_p
  • RoleManager_p
  • Comms_p
Non-production

Cluster nodes:1;

Cluster node size: 2 vCPU, 8GB RAM

Elastic pool: Standard,

eDTU: 50,

Data size: 50GB

Firewall settings: Allow Azure services and resources to access this server = ON

Database collation: SQL_Latin1_General_CP1_CI_AS

Databases: the "x" represents the environment tag, e.g. d for Development, q for QA.

  • OneList_x
  • RoleManager_x
  • Comms_x

Log on to Azure Kubernetes Service (AKS)

...

kubectl create namespace <ONELIST_NAMESPACE>

2. Create ConfigMap and Secret

These Kubernetes ConfigMap and Secret defines the required environment variables that are used by OneList services. Open the "config.yaml" in notepad and update the following fields with the actual value. 

  • RoleManager__MachineKey 
    This is a base64 string representing an array of 44 bytes. Use this online tool: https://www.base64encode.org/. Input 44 characters to encodeThe value is the generated machine key.
  • Database__ConnectionString
    The value is the SQL Server connection string. The name of the databases will be automatically specified by the services.
  • Smtp__UserName 
  • Smtp__Password
  • ASPNETCORE_ENVIRONMENT
    The value specifies the environment. It can be one of the following Production, Dev, QA.
  • Smtp__From
    This is the sender email address of notifications from OneList
  • Smtp__Host
    This is the SMTP server OneList use to send notifications.
  • Smtp__Port
    This is the port of SMTP server.
  • Smtp__UseSsl
    Define if SMTP server uses SSL connection.

...

kubectl apply -f config.yaml --namespace <ONELIST_NAMESPACE>

3. Create the Secrete for pulling OneList images

Replace placeholders in the command below and run it.

kubectl create secret docker-registry iqx.acr --docker-server=https://iqxbusiness.azurecr.io --docker-username=<ACR_USERNAME> --docker-password=<ACR_PASSWORD> --docker-email=<YOUR_EMAIL_ADDRESS> --namespace <ONELIST_NAMESPACE>

4. Deploy OneList containers for the apps and services

Run the 2 commands below.

kubectl apply -f onelist6-deployment.yaml --namespace <ONELIST_NAMESPACE>

kubectl apply -f onelist6-service.yaml --namespace <ONELIST_NAMESPACE>

5. Create Nginx ingress service

Run the 2 commands below.

kubectl create -f ingress-nginx-controller.yaml

kubectl create -f onelist6-ingress.yaml --namespace <ONELIST_NAMESPACE>

6. Create the TLS secrete

Run the command below.

kubectl create secret tls tls.onelist --cert <SSL_CERTIFICATE_FILE> --key <PRIVATE_KEY_FILE> --namespace ingress-nginx

7. Create the administrator user account

...