diff --git a/01-terraform-provision-aks-cluster-pipeline-QA.yml b/01-terraform-provision-aks-cluster-pipeline-QA.yml new file mode 100644 index 0000000..4227b13 --- /dev/null +++ b/01-terraform-provision-aks-cluster-pipeline-QA.yml @@ -0,0 +1,102 @@ +trigger: +- beta + +pool: + vmImage: 'ubuntu-latest' +# Definicion de Variales para Ambientes +variables: +- name: QA_ENVIRONMENT + value: qa +# Stage-1: Terraform Validate Stage +## Step-1: Publish Artifacts to Pipeline (Pipeline artifacts provide a way to share files between stages in a pipeline or between different pipelines. ) +## Step-2: Install Latest Terraform (0.13.5) (Ideally not needed if we use default Ubuntu Agents) +## Step-3: Validate Terraform Manifests (terraform init, terraform validate) + +stages: +- stage: TerraformValidate + jobs: + - job: TerraformValidateJob + continueOnError: false + steps: + - task: PublishPipelineArtifact@1 + displayName: Publish Artifacts + inputs: + targetPath: '$(System.DefaultWorkingDirectory)/terraform-manifests' + artifact: 'terraform-manifests-out' + publishLocation: 'pipeline' + - task: TerraformInstaller@0 + displayName: Terraform Install + inputs: + terraformVersion: 'latest' + - task: TerraformCLI@0 + displayName: Terraform Init + inputs: + command: 'init' + workingDirectory: '$(System.DefaultWorkingDirectory)/terraform-manifests' + backendType: 'azurerm' + backendServiceArm: 'SVC-Terraform-Azure-Connection' + ensureBackend: true + backendAzureRmResourceGroupName: 'terraform-storage-rg' + backendAzureRmStorageAccountName: 'terraformstatechallenge' + backendAzureRmContainerName: 'tfstatefiles' + backendAzureRmKey: 'aks-base.tfstate' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: Terraform Validate + inputs: + command: 'validate' + workingDirectory: '$(System.DefaultWorkingDirectory)/terraform-manifests' + allowTelemetryCollection: false + +# Stage-2: Despliegues de Stages para Dev & QA +# Deployment-1: Despliegue de Dev AKS Cluster +## Step-1: DEfinir Variables para los ambientes +## Step-2: Descarga de SSH Secure File +## Step-3: Terraform Initialize (State Storage to store in Azure Storage Account for Dev AKS Cluster) +## Step-4: Terraform Plan (Creacion del Plan) +## Step-5: Terraform Apply (Uso del plan en el paso anterior) + +- stage: DeployAKSClusters + jobs: + - deployment: DeployQAAKSCluster + displayName: DeployQAAKSCluster + pool: + vmImage: 'ubuntu-latest' + environment: $(QA_ENVIRONMENT) + strategy: + runOnce: + deploy: + steps: + - task: DownloadSecureFile@1 + displayName: Download SSH Key + name: sshkey + inputs: + secureFile: 'id_rsa.pub' + - task: TerraformCLI@0 + displayName: Terraform Init + inputs: + command: 'init' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + backendType: 'azurerm' + backendServiceArm: 'SVC-Terraform-Azure-Connection' + backendAzureRmResourceGroupName: 'terraform-storage-rg' + backendAzureRmStorageAccountName: 'terraformstatechallenge' + backendAzureRmContainerName: 'tfstatefiles' + backendAzureRmKey: 'aks-$(QA_ENVIRONMENT).tfstate' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: Terraform Plan + inputs: + command: 'plan' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + environmentServiceName: 'SVC-Terraform-Azure-Connection' + commandOptions: '-var ssh_public_key=$(sshkey.secureFilePath) -var environment=$(QA_ENVIRONMENT) -out $(Pipeline.Workspace)/terraform-manifests-out/$(QA_ENVIRONMENT)-$(Build.BuildId).out' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: Terraform Apply + inputs: + command: 'apply' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + environmentServiceName: 'SVC-Terraform-Azure-Connection' + commandOptions: '$(Pipeline.Workspace)/terraform-manifests-out/$(QA_ENVIRONMENT)-$(Build.BuildId).out' + allowTelemetryCollection: false \ No newline at end of file diff --git a/A-Provision-por-Terraform-de-AKS-Cluster-PL.yml b/A-Provision-por-Terraform-de-AKS-Cluster-PL.yml new file mode 100644 index 0000000..3d0402e --- /dev/null +++ b/A-Provision-por-Terraform-de-AKS-Cluster-PL.yml @@ -0,0 +1,154 @@ +trigger: +- beta + +pool: + vmImage: 'ubuntu-latest' +# Definicion de Variales para Ambientes +variables: +- name: DEV_ENVIRONMENT + value: dev +- name: QA_ENVIRONMENT + value: qa +# Stage-1: Terraform Validate Stage +## Step-1: Publish Artifacts to Pipeline (Pipeline artifacts provide a way to share files between stages in a pipeline or between different pipelines. ) +## Step-2: Install Latest Terraform (0.13.5) (Ideally not needed if we use default Ubuntu Agents) +## Step-3: Validate Terraform Manifests (terraform init, terraform validate) + +stages: +- stage: TerraformValidate + jobs: + - job: TerraformValidateJob + continueOnError: false + steps: + - task: PublishPipelineArtifact@1 + displayName: Publish Artifacts + inputs: + targetPath: '$(System.DefaultWorkingDirectory)/terraform-manifests' + artifact: 'terraform-manifests-out' + publishLocation: 'pipeline' + - task: TerraformInstaller@0 + displayName: Terraform Install + inputs: + terraformVersion: 'latest' + - task: TerraformCLI@0 + displayName: Terraform Init + inputs: + command: 'init' + workingDirectory: '$(System.DefaultWorkingDirectory)/terraform-manifests' + backendType: 'azurerm' + backendServiceArm: 'SVC-Terraform-Azure-Connection' + ensureBackend: true + backendAzureRmResourceGroupName: 'terraform-storage-rg' + backendAzureRmStorageAccountName: 'terraformstatechallenge' + backendAzureRmContainerName: 'tfstatefiles' + backendAzureRmKey: 'aks-base.tfstate' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: Terraform Validate + inputs: + command: 'validate' + workingDirectory: '$(System.DefaultWorkingDirectory)/terraform-manifests' + allowTelemetryCollection: false + +# Stage-2: Despliegues de Stages para Dev & QA +# Deployment-1: Despliegue de Dev AKS Cluster +## Step-1: DEfinir Variables para los ambientes +## Step-2: Descarga de SSH Secure File +## Step-3: Terraform Initialize (State Storage to store in Azure Storage Account for Dev AKS Cluster) +## Step-4: Terraform Plan (Creacion del Plan) +## Step-5: Terraform Apply (Uso del plan en el paso anterior) + +- stage: DeployAKSClusters + jobs: + - deployment: DeployDevAKSCluster + displayName: DeployDevAKSCluster + pool: + vmImage: 'ubuntu-latest' + environment: $(DEV_ENVIRONMENT) + strategy: + runOnce: + deploy: + steps: + - task: DownloadSecureFile@1 + displayName: Download SSH Key + name: sshkey + inputs: + secureFile: 'id_rsa.pub' + - task: TerraformCLI@0 + displayName: Terraform Init + inputs: + command: 'init' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + backendType: 'azurerm' + backendServiceArm: 'SVC-Terraform-Azure-Connection' + backendAzureRmResourceGroupName: 'terraform-storage-rg' + backendAzureRmStorageAccountName: 'terraformstatechallenge' + backendAzureRmContainerName: 'tfstatefiles' + backendAzureRmKey: 'aks-$(DEV_ENVIRONMENT).tfstate' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: Terraform Plan + inputs: + command: 'plan' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + environmentServiceName: 'SVC-Terraform-Azure-Connection' + commandOptions: '-var ssh_public_key=$(sshkey.secureFilePath) -var environment=$(DEV_ENVIRONMENT) -out $(Pipeline.Workspace)/terraform-manifests-out/$(DEV_ENVIRONMENT)-$(Build.BuildId).out' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: Terraform Apply + inputs: + command: 'apply' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + environmentServiceName: 'SVC-Terraform-Azure-Connection' + commandOptions: '$(Pipeline.Workspace)/terraform-manifests-out/$(DEV_ENVIRONMENT)-$(Build.BuildId).out' + allowTelemetryCollection: false +# Stage-3: Despliegues de Stages para Dev & QA +# Deployment-1: Despliegue de Dev AKS Cluster +## Step-1: DEfinir Variables para los ambientes +## Step-2: Descarga de SSH Secure File +## Step-3: Terraform Initialize (State Storage to store in Azure Storage Account for Dev AKS Cluster) +## Step-4: Terraform Plan (Creacion del Plan) +## Step-5: Terraform Apply (Uso del plan en el paso anterior) + + - deployment: DeployQAAKSCluster + displayName: DeployQAAKSCluster + pool: + vmImage: 'ubuntu-latest' + environment: $(QA_ENVIRONMENT) + strategy: + runOnce: + deploy: + steps: + - task: DownloadSecureFile@1 + displayName: Download SSH Key + name: sshkey + inputs: + secureFile: 'id_rsa.pub' + - task: TerraformCLI@0 + displayName: Terraform Init + inputs: + command: 'init' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + backendType: 'azurerm' + backendServiceArm: 'SVC-Terraform-Azure-Connection' + backendAzureRmResourceGroupName: 'terraform-storage-rg' + backendAzureRmStorageAccountName: 'terraformstatechallenge' + backendAzureRmContainerName: 'tfstatefiles' + backendAzureRmKey: 'aks-$(QA_ENVIRONMENT).tfstate' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: Terraform Plan + inputs: + command: 'plan' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + environmentServiceName: 'SVC-Terraform-Azure-Connection' + commandOptions: '-var ssh_public_key=$(sshkey.secureFilePath) -var environment=$(QA_ENVIRONMENT) -out $(Pipeline.Workspace)/terraform-manifests-out/$(QA_ENVIRONMENT)-$(Build.BuildId).out' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: Terraform Apply + inputs: + command: 'apply' + workingDirectory: '$(Pipeline.Workspace)/terraform-manifests-out' + environmentServiceName: 'SVC-Terraform-Azure-Connection' + commandOptions: '$(Pipeline.Workspace)/terraform-manifests-out/$(QA_ENVIRONMENT)-$(Build.BuildId).out' + allowTelemetryCollection: false diff --git a/README.md b/README.md index 6a89acf..3634516 100644 --- a/README.md +++ b/README.md @@ -1,4 +1 @@ -# Provision Azure AKS Cluster using Terraform and Azure DevOps - -## For Step by Step Instructions -- [Step by Step Instructions](https://github.com/stacksimplify/azure-aks-kubernetes-masterclass/tree/master/25-Azure-DevOps-Terraform-Azure-AKS) \ No newline at end of file +RETO GLOBANT BETA diff --git a/backend/backend-deploy.yaml b/backend/backend-deploy.yaml new file mode 100644 index 0000000..b75dcdd --- /dev/null +++ b/backend/backend-deploy.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: reto-backend +spec: + replicas: 1 + selector: + matchLabels: + app: reto-backend + template: + metadata: + labels: + app: reto-backend + spec: + containers: + - image: mongo:latest + name: reto-backend + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 3000 + name: http + env: + - name: DATABASE_URI + value: "{}" + - name: DATABASE_DBNAME + value: DemoDB-beta diff --git a/backend/backend-network.yaml b/backend/backend-network.yaml new file mode 100644 index 0000000..b8ff1d0 --- /dev/null +++ b/backend/backend-network.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: Service +metadata: + name: reto-backend +spec: + selector: + app: reto-backend + ports: + - name: http + port: 80 + targetPort: 3000 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: reto-backend + annotations: + kubernetes.io/ingress.class: addon-http-application-routing +spec: + rules: + - host: reto-backend.{DNS} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: reto-backend + port: + number: 80 diff --git a/frontend/frontend-deploy.yaml b/frontend/frontend-deploy.yaml new file mode 100644 index 0000000..c6a0e42 --- /dev/null +++ b/frontend/frontend-deploy.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: reto-frontend +spec: + replicas: 1 + selector: + matchLabels: + app: reto-frontend + template: + metadata: + labels: + app: reto-frontend + spec: + containers: + - image: mcr.microsoft.com/mslearn/samples/contoso-ship-manager:frontend + name: ship-manager-frontend + imagePullPolicy: Always + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 80 + name: http + volumeMounts: + - name: config + mountPath: /usr/src/app/dist/config.js + subPath: config.js + volumes: + - name: config + configMap: + name: frontend-config +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: frontend-config +data: + config.js: | + const config = (() => { + return { + 'VUE_APP_BACKEND_BASE_URL': 'http://reto-backend.5200834be53f4b05b214.eastus.aksapp.io', + } + })() diff --git a/frontend/frontend-network.yaml b/frontend/frontend-network.yaml new file mode 100644 index 0000000..005ab6b --- /dev/null +++ b/frontend/frontend-network.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: Service +metadata: + name: reto-frontend +spec: + selector: + app: reto-frontend + ports: + - name: http + port: 80 + targetPort: 80 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: reto-frontend + annotations: + kubernetes.io/ingress.class: addon-http-application-routing +spec: + rules: + - host: reto.5200834be53f4b05b214.eastus.aksapp.io + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: reto-frontend + port: + number: 80 diff --git a/terraform-manifests/01-main.tf b/terraform-manifests/01-main.tf index 95834e0..dc788e0 100644 --- a/terraform-manifests/01-main.tf +++ b/terraform-manifests/01-main.tf @@ -24,6 +24,10 @@ terraform { source = "hashicorp/random" version = "~> 3.0" } + helm = { + source = "hashicorp/helm" + version = "~> 2.0" + } } # Terraform State Storage to Azure Storage Container @@ -49,3 +53,8 @@ resource "random_pet" "aksrandom" { } +provider "helm" { + kubernetes { + config_path = "~/.kube/config" # Path to your kubeconfig file + } +} diff --git a/terraform-manifests/02-variables.tf b/terraform-manifests/02-variables.tf index 9c4abb0..31e0707 100644 --- a/terraform-manifests/02-variables.tf +++ b/terraform-manifests/02-variables.tf @@ -1,5 +1,5 @@ # Define Input Variables -# 1. Azure Location (CentralUS) +# 1. Azure Location (EastUS) # 2. Azure Resource Group Name # 3. Azure AKS Environment Name (Dev, QA, Prod) @@ -7,7 +7,7 @@ variable "location" { type = string description = "Azure Region where all these resources will be provisioned" - default = "Central US" + default = "East US" } # Azure Resource Group Name @@ -43,7 +43,20 @@ variable "windows_admin_username" { # Windows Admin Password for k8s worker nodes variable "windows_admin_password" { type = string - default = "P@ssw0rd1234" + default = "P@ssw0rd123456" description = "This variable defines the Windows admin password k8s Worker nodes" } +variable "cosmosdbaccountname" { + type = string + default = "retocosmosdb-beta" +} +variable "cosmosdbname" { + type = string + default = "DemoDB-beta" +} + +variable "cosmosdbcollection" { + type = string + default = "DemoCollection-beta" +} diff --git a/terraform-manifests/05-log-analytics-workspace.tf b/terraform-manifests/05-log-analytics-workspace.tf index d989ed2..8b814b2 100644 --- a/terraform-manifests/05-log-analytics-workspace.tf +++ b/terraform-manifests/05-log-analytics-workspace.tf @@ -1,7 +1,7 @@ # Create Log Analytics Workspace -resource "azurerm_log_analytics_workspace" "insights" { - name = "${var.environment}-logs-${random_pet.aksrandom.id}" - location = azurerm_resource_group.aks_rg.location - resource_group_name = azurerm_resource_group.aks_rg.name - retention_in_days = 30 -} \ No newline at end of file +#resource "azurerm_log_analytics_workspace" "insights" { +# name = "${var.environment}-logs-${random_pet.aksrandom.id}" +# location = azurerm_resource_group.aks_rg.location +# resource_group_name = azurerm_resource_group.aks_rg.name +# retention_in_days = 30 +#} diff --git a/terraform-manifests/07-aks-cluster.tf b/terraform-manifests/07-aks-cluster.tf index 5507179..a20786c 100644 --- a/terraform-manifests/07-aks-cluster.tf +++ b/terraform-manifests/07-aks-cluster.tf @@ -15,8 +15,8 @@ resource "azurerm_kubernetes_cluster" "aks_cluster" { enable_auto_scaling = true max_count = 3 min_count = 1 - os_disk_size_gb = 30 - type = "VirtualMachineScaleSets" + os_disk_size_gb = 35 +# type = "VirtualMachineScaleSets" node_labels = { "nodepool-type" = "system" "environment" = var.environment @@ -37,10 +37,10 @@ resource "azurerm_kubernetes_cluster" "aks_cluster" { # Add On Profiles addon_profile { azure_policy { enabled = true } - oms_agent { - enabled = true - log_analytics_workspace_id = azurerm_log_analytics_workspace.insights.id - } +# oms_agent { +# enabled = true +# log_analytics_workspace_id = azurerm_log_analytics_workspace.insights.id +# } } # RBAC and Azure AD Integration Block @@ -78,4 +78,4 @@ tags = { } -} \ No newline at end of file +} diff --git a/terraform-manifests/09-aks-cluster-linux-user-nodepools.tf b/terraform-manifests/09-aks-cluster-linux-user-nodepools.tf index b816693..fa4832c 100644 --- a/terraform-manifests/09-aks-cluster-linux-user-nodepools.tf +++ b/terraform-manifests/09-aks-cluster-linux-user-nodepools.tf @@ -1,5 +1,4 @@ # Create Linux Azure AKS Node Pool -/* resource "azurerm_kubernetes_cluster_node_pool" "linux101" { availability_zones = [1, 2, 3] enable_auto_scaling = true @@ -25,5 +24,4 @@ resource "azurerm_kubernetes_cluster_node_pool" "linux101" { "nodepoolos" = "linux" "app" = "java-apps" } -} -*/ +} \ No newline at end of file diff --git a/terraform-manifests/12 - azurecosmos.tf b/terraform-manifests/12 - azurecosmos.tf new file mode 100644 index 0000000..3c533be --- /dev/null +++ b/terraform-manifests/12 - azurecosmos.tf @@ -0,0 +1,37 @@ +resource "azurerm_cosmosdb_account" "db" { + name = "retocosmosdb-beta" + location = azurerm_resource_group.aks_rg.location + resource_group_name = azurerm_resource_group.aks_rg.name + offer_type = "Standard" + kind = "MongoDB" + + consistency_policy { + consistency_level = "Session" + } + + geo_location { + location = azurerm_resource_group.aks_rg.location + failover_priority = 0 + } +} + +resource "azurerm_cosmosdb_mongo_database" "db" { + name = var.cosmosdbname + resource_group_name = azurerm_resource_group.aks_rg.name + account_name = azurerm_cosmosdb_account.db.name + throughput = 400 +} + +resource "azurerm_cosmosdb_mongo_collection" "collection" { + name = var.cosmosdbcollection + resource_group_name = azurerm_resource_group.aks_rg.name + account_name = azurerm_cosmosdb_account.db.name + database_name = azurerm_cosmosdb_mongo_database.db.name + default_ttl_seconds = "777" + shard_key = "uniqueKey" + throughput = 400 + index { + keys = ["_id"] + unique = true + } +}