Skip to content

mfdotnetmicroservices/play.infra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
cert-manager
cert-manager
 
 
emissary-ingress
emissary-ingress
 
 
helm/microservice
helm/microservice
 
 
prometheus
prometheus
 
 
.DS_Store
.DS_Store
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Play Infra

Play Economy Infrastructure components

Add the GitHub package source

For Windows (Powershell)

$owner="mfdotnetmicroservices"
$gh_pat="[PAT HERE]"

dotnet nuget add source --username USERNAME --password $gh_pat --store-password-in-clear-text --name github "https://nuget.pkg.github.com/$owner/index.json"

Add the GitHub package source

For Mac

owner="mfdotnetmicroservices"
gh_pat="[PAT HERE]"
dotnet nuget add source --username USERNAME --password "$gh_pat" --store-password-in-clear-text --name github "https://nuget.pkg.github.com/$owner/index.json"

To confirm that the package was made

For Mac and Powershell

dotnet nuget list source

Creating the Azure resource group

For Windows (Powershell)

$appname="playeconomy"
az group create --name $appname --location eastus

For Mac

appname="playeconomy"
az group create --name "$appname" --location eastus

Creating the Cosmos DB account

For PC

$app_cosmosdb_account="playeconomy-cosmosdb-account"
$appname="playeconomy"
az cosmosdb create --name $app_cosmosdb_account --resource-group $appname --kind MongoDB

For Mac

app_cosmosdb_account="playeconomy-cosmosdb-account"
appname="playeconomy"
az cosmosdb create --name $app_cosmosdb_account --resource-group $appname --kind MongoDB

Creating the Service Bus namespace

For windows

az servicebus namespace create --name $appname --resource-group $appname --sku Standard

For mac

appnamenamespace="playeconomy-servicebus-namespace"
appname="playeconomy"
az servicebus namespace create --name "$appnamenamespace" --resource-group "$appname" --sku Standard

Creating the Container Registry

PC

$appnameAcr ="playeconomyacr"    
$appname="playeconomy"
az acr create --name $appnameAcr --resource-group $appname --sku Basic

Mac

appnameAcr="playeconomyacr"    
appname="playeconomy"
az acr create --name $appnameAcr --resource-group $appname --sku Basic

Creating the AKS cluster

For Windows

$appnameAcr="playeconomyacr"   
$appnameRg="playeconomy"
$appnamecluster = "playeconomy_cluster"
az aks create -n $appnamecluster -g $appnameRg --node-vm-size Standard_B2s --node-count 2 --attach-acr $appnameAcr --enable-oidc-issuer --enable-workload-identity --generate-ssh-keys


az aks get-credentials --name $appnamecluster --resource-group $appnameRg

For mac

appnameAcr="playeconomyacr"
appnameRg="playeconomy"
appnamecluster="playeconomy_cluster"
az aks create -n "$appnamecluster" -g "$appnameRg" --node-vm-size Standard_B2s --node-count 2 --attach-acr "$appnameAcr" --enable-oidc-issuer --enable-workload-identity --generate-ssh-keys


az aks get-credentials --name "$appnamecluster" --resource-group "$appnameRg"

Creating the Azure Key Vault

For Windows

$appnamekv="playeconomy-key-vault"
$appnameRg="playeconomy"
az keyvault create -n $appnamekv -g $appnameRg

For Mac

appnamekv="playeconomy-key-vault"
appnameRg="playeconomy"
az keyvault create -n "$appnamekv" -g "$appnameRg"

Installing Emissary-ingress

$namespace_dns_name="playeconomy_dns_service"
helm repo add datawire https://app.getambassador.io
helm repo update

kubectl create namespace emissary && \
kubectl apply -f https://app.getambassador.io/yaml/emissary/3.9.1/emissary-crds.yaml

kubectl wait --timeout=90s --for=condition=available deployment emissary-apiext -n emissary-system

$namespace="emissary"
helm install emissary-ingress datawire/emissary-ingress --set service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"= --namespace $namespace_dns_name --create-namespace

kubectl -lapp.kubernetes.io/instance=emissary-ingress deploy --timeout=90s --for condition=available -n $namespace wait
namespace_dns_name="playeconomy-dns-service"
helm repo add datawire https://app.getambassador.io
helm repo update

kubectl create namespace emissary && \
kubectl apply -f https://app.getambassador.io/yaml/emissary/3.9.1/emissary-crds.yaml

kubectl wait --timeout=90s --for=condition=available deployment/emissary-apiext -n emissary-system

namespace="emissary"
helm install emissary-ingress datawire/emissary-ingress --set service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"="$namespace_dns_name" --namespace "$namespace" --create-namespace

kubectl -n "$namespace" wait --for condition=available --timeout=90s deploy -lapp.kubernetes.io/instance=emissary-ingress

Configuring Emissary-ingress routing

$namespace="emissary"

kubectl apply -f .\emissary-ingress\listener.yaml -n $namespace 
namespace="emissary"

kubectl apply -f ./emissary-ingress/listener.yaml -n "$namespace"
kubectl apply -f ./emissary-ingress/mappings.yaml -n "$namespace"

Installing cert-manager

namespace="emissary"

helm repo add jetstack https://charts.jetstack.io --force-update
helm repo update 

helm install cert-manager jetstack/cert-manager --version v1.18.0 --set crds.enabled=true --namespace "$namespace"

Creating the cluster issuer

namespace="emissary"
kubectl apply -f ./cert-manager/cluster-issuer.yaml -n "$namespace"
kubectl apply -f ./cert-manager/acme-challenge.yaml -n "$namespace"

Creating the tls certificate

namespace="emissary"
kubectl apply -f ./emissary-ingress/tls-certificate.yaml -n "$namespace"

Enabling TLS and HTTPS

namespace="emissary"
kubectl apply -f ./emissary-ingress/host.yaml -n "$namespace"

Packaging and publishing the microservice Helm chart

$appnameAcr="playeconomyacr"    

helm package ./helm/microservice

$helmUser=[guid]::Empty.Guid
$helmPassword = az acr login --name $appnameAcr --expose-token --output tsv --query accessToken

helm registry login "$appnameAcr.azurecr.io" --username $helmUser --password $helmPassword

helm push microservice-0.1.0.tgz oci://$appnameAcr.azurecr.io/helm
appnameAcr="playeconomyacr"

helm package ./helm/microservice

helmUser="00000000-0000-0000-0000-000000000000"
helmPassword=$(az acr login --name "$appnameAcr" --expose-token --output tsv --query accessToken)

helm registry login "$appnameAcr.azurecr.io" --username "$helmUser" --password "$helmPassword"

helm push microservice-0.1.0.tgz oci://$appnameAcr.azurecr.io/helm

Create GitHub service principal

$appId = az ad sp create-for-rbac -n "GitHub" --query appId --output tsv 
$subId = "[SUBSCRIPTION ID HERE]"

# az role assignment create --assignee $appId --role "ArcPush" --resource-group $appname
az role assignment create --assignee "$appId" --role "AcrPush" --scope "/subscriptions/$subId/resourceGroups/$appname"
az role assignment create --assignee $appId --role "Azure Kubernetes Service Cluster User Role"  --scope "/subscriptions/$subId/resourceGroups/$appname"
az role assignment create --assignee $appId --role "Azure Kubernetes Service Contributor Role"  --scope "/subscriptions/$subId/resourceGroups/$appname"
appname="playeconomy"
appId=$(az ad sp create-for-rbac -n "GitHub" --query appId --output tsv)
subId="[AZURE SUBSCRIPTION ID HERE]"

az role assignment create --assignee "$appId" --role "AcrPush" --scope "/subscriptions/$subId/resourceGroups/$appname"

az role assignment create --assignee "$appId" --role "Azure Kubernetes Service Cluster User Role" --scope "/subscriptions/$subId/resourceGroups/$appname"


az role assignment create --assignee "$appId" --role "Azure Kubernetes Service Contributor Role" --scope "/subscriptions/$subId/resourceGroups/$appname"

About

Play EconomyInfrastructure components

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published