Skip to content
This repository has been archived by the owner on Aug 5, 2024. It is now read-only.

Arc support #4

Closed
wants to merge 7 commits into from
Closed

Arc support #4

wants to merge 7 commits into from

Conversation

mikkelhegn
Copy link

Resolves #2

This PR contains the end-to-end support for deploying web and data services to Arc.

Bicep, install scripts and deployment workflows were updated to support Azure and arc paths. To ensure timing of database availability on Arc when migration scripts and the webapi starts, this also includes retry logic when connecting to the database. This is needed as the Azure deployment succeeds before the DB is guaranteed to be up and running in the K8s cluster. The deploy logic doesn't include checking the status of deployments beyond ARM.

Multiple bicep files for Azure and Arc are needed for two reasons:

  1. For the database, it's different ARM resource types
  2. For the web app, some properties are required for Arc, but will not pass validation if they are empty strings

@mikkelhegn mikkelhegn requested review from jongio and philliphoff June 10, 2021 10:46
appSettingsPgUser: customLocationId == '' ? dbAzure.outputs.pgUser : dbArc.outputs.pgUser //The ternary operator is needed to ensure deployment dependencies are correct
appSettingsPgDb: customLocationId == '' ? dbAzure.outputs.pgDb : dbArc.outputs.pgDb //The ternary operator is needed to ensure deployment dependencies are correct
appSettingsNodeEnv: webapiNodeEnv
appSettingsPgPassword: postgresAdminPassword
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

spell out postgres in the name?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see a combo of pg and postgres. Maybe standardize on one? It's a p3

Copy link
Author

@mikkelhegn mikkelhegn Jun 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is lack of consistensy with the eventual env var being used in code. That one, by convention for postgres uses PGHOST, PGDB etc. Too many cascading changes to make this in this pr.

deploy/infra/webapi/dbArc.bicep Outdated Show resolved Hide resolved
deploy/infra/webapi/webappArc.bicep Outdated Show resolved Hide resolved
- [Regions and resource group support](#regions-and-resource-group-support)
- [Azure Arc enabled App Service](#azure-arc-enabled-app-service)

## Prerequisites
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we not show them the az cli commands to get this setup?

Can we not provision/configure with bicep?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a multitude:

  1. Create a K8s cluster (anywhere)
  2. Arc-enable (connect)
  3. Add extensions (data and app)
  4. Create custom location

The linked article describes the concepts and the pointers to docs. I'm usin gthis script for an environment on AKS:https://github.com/mikkelhegn/arc. The Arc model has this concept of custom locations, which are mapped to namespaces in a K8 cluster. My assumption is that a platform team will provide the namespace (custom location) for the app team, same way as a subscription would be provided by someone else for Azure (in an Enterprise setup). Scope-wise, I belive this is out for the template.

docs/azure_arc.md Outdated Show resolved Hide resolved
Comment on lines +45 to +47
KUBE_ENVIRONMENT_ID: "" #kubeEnvironmentId to host the webapi on Arc
CUSTOM_LOCATION_ID: "" #customLocationId for the kubeEnvironment
DATA_CONTROLLER_ID: "" #dataControllerId
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where does the user find this info?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good callout. They are found on the individual resources (KubeEnvironment, CustomLocation and DataController), these are the resources in ARM, which are tied to the Arc-enabled K8s cluster. I've added some guidance above.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What CLI or script commands can they run to get this info? I'm looking for ways to help them get the info quickly

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Think of this similar to finding a subscription Id, if you didn't create it you have to ask someone. At least they need to get the customlocation resource Id from whomever created that. This is really a Kubernetes namespace on a Kubernetes cluster somewhere, if you installed it, you know the customer location and can retrieve it's Id. - or do 'az customlocation show -g -n '.
Based on that they can get the other Ids using the graph (my new favorite thing :-)):
'az graph query -q "where (type =~ 'Microsoft.Web/kubeEnvironments' or type =~ 'microsoft.azurearcdata/datacontrollers') and extendedLocation.name == '' | where subscriptionId == '' | project name, id"'

Comment on lines +27 to +35
./deploy/scripts/install.sh \
--resource-name-prefix <resource group name> \
--environment-tag <name tag for all resources> \
--resource-group-tag <tag> \
--location <location (eastus or westeurope)> \
--node-env development \
--kube-environment-id <kubeEnvironmentId> \
--custom-location-id <customLocationId> \
--data-controller-id <dataControlleId>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we think deploy.sh is a better name than install?

Copy link
Author

@mikkelhegn mikkelhegn Jun 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might be, but it's already in-use in the existing template. I believe renaming woudl be a new work item, if we want to do that.

run: npm run package --prefix services/webapi

# Currently needed as ORYX builds are not working on Arc
- name: Package application with node_modules for Arc deployment
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this run for non-arc builds as well? Any side-effects on running this in normal mode if so?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're producing two artifacts for the app, one without node_modules, and one with. The one is needed for arc, the other can be used in Azure so that modules will be compiled on the platform where it runs. The impact of always building both is storage taken up in GitHub artifacts. We could look into doing this conditionally if you would like that?

Comment on lines +54 to +56
appSettingsPgHost: customLocationId == '' ? dbAzure.outputs.pgHost : dbArc.outputs.pgHost //The ternary operator is needed to ensure deployment dependencies are correct
appSettingsPgUser: customLocationId == '' ? dbAzure.outputs.pgUser : dbArc.outputs.pgUser //The ternary operator is needed to ensure deployment dependencies are correct
appSettingsPgDb: customLocationId == '' ? dbAzure.outputs.pgDb : dbArc.outputs.pgDb //The ternary operator is needed to ensure deployment dependencies are correct
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we have different bicep files for arc vs regular, then why do we need this conditional?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bicep produces individual deployments for each module. If we don't have this ternary operator, bicep will start referencing deployments, which have not been run and the ARM deployment will fail. According to the Bicep team, this is on the backlog to be fixed. I 'think' this is the issue we're running in to, where the proposed fix is the ternary operator inside the deployment scope: Azure/bicep#1876 (comment)

Comment on lines 24 to 29
--kube-environment-id <kube environment id>
Provide the kube environment id to deploy to Arc
--custom-location-id <custom location id>
Provide the custome location id to deploy to Arc
--data-controller-id <data controller id>
Provide the ResourceId of the Data Controller
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be helpful to mention that these are only needed if deploying to Arc.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Like this?

Comment on lines +45 to +47
KUBE_ENVIRONMENT_ID: "" #kubeEnvironmentId to host the webapi on Arc
CUSTOM_LOCATION_ID: "" #customLocationId for the kubeEnvironment
DATA_CONTROLLER_ID: "" #dataControllerId
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What CLI or script commands can they run to get this info? I'm looking for ways to help them get the info quickly

@mikkelhegn mikkelhegn closed this Nov 5, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Azure Arc support
2 participants