本文逐步展示了我如何完成我的最终项目,以编码非洲云学校计划2023。
我设法在几天之内完成了该项目,并采用了Docker,Azure Container Registry,Azure Kubernetes服务和Azure SQL数据库等技术。
我决定使用Terraform将基础设施提供:
- Azure容器注册表
- Azure Kubernetes服务
- 带有示例数据库的Azure SQL数据库
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 2.65"
}
random = {
source = "hashicorp/random"
version = "3.1.0"
}
}
}
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "emmilly-rg" {
name = "emmilly_mssql_acr_aks_rg"
location = "South Africa North"
}
resource "azurerm_container_registry" "emmilly-acr" {
name = "emmillyacr"
sku = "Premium"
resource_group_name = azurerm_resource_group.emmilly-rg.name
location = azurerm_resource_group.emmilly-rg.location
}
resource "azurerm_kubernetes_cluster" "emmilly-k8s-cluster" {
name = "emmilly-aks"
location = azurerm_resource_group.emmilly-rg.location
resource_group_name = azurerm_resource_group.emmilly-rg.name
dns_prefix = "emmilly-dns"
public_network_access_enabled = true
network_profile {
network_plugin = "kubenet"
load_balancer_sku = "standard"
}
default_node_pool {
name = "default"
node_count = 1
vm_size = "Standard_D2_v2"
}
identity {
type = "SystemAssigned"
}
tags = {
Environment = "Production"
}
}
resource "azurerm_role_assignment" "enablePulling" {
principal_id = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kubelet_identity[0].object_id
role_definition_name = "AcrPull"
scope = azurerm_container_registry.emmilly-acr.id
skip_service_principal_aad_check = true
}
resource "azurerm_mssql_server" "test-server" {
name = "sqltest-server-emmilly"
resource_group_name = azurerm_resource_group.emmilly-rg.name
location = azurerm_resource_group.emmilly-rg.location
version = "12.0"
administrator_login = "emmilly"
administrator_login_password = "emily@256"
minimum_tls_version = "1.2"
}
resource "azurerm_mssql_database" "test-db" {
name = "sqltest"
server_id = azurerm_mssql_server.test-server.id
collation = "SQL_Latin1_General_CP1_CI_AS"
license_type = "LicenseIncluded"
read_scale = false
sku_name = "S0"
zone_redundant = false
sample_name = "AdventureWorksLT"
tags = {
dev = "Production"
}
}
output "client_certificate" {
value = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kube_config.0.client_certificate
}
output "kube_config" {
value = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kube_config_raw
sensitive = true
}
因此,在写Terraform文件后,我使用。
验证并应用了该文件。终端中的初始地形。
terraform init
terraform validate
terraform apply -auto-approve
配置资源后,我可以在门户网站上看到它们。
接下来,我在我的节点JS应用程序中添加了一个Docker文件,并从中构建了一个图像并标记
docker build . -t shecloud
docker tag shecloud <loginservername/shecloud>
用
检查建造的图像
docker images
接下来,我们必须使用Docker登录雷克蒂
docker login <login server name>
查看您的注册表登录器
docker push shecloud <loginservername>/shecloud
推动后,我们应该能够在Azure容器注册表中的存储库下查看图像。
下一个登录
az login
az account set --subscription xxxxxx-xxxx-xxxx-xxxxxx
az aks get-credentials --resource-group <resource group nae> --name <aks name>
kubectl get nodes
接下来我使用此YAML文件部署。
apiVersion: apps/v1
kind: Deployment
metadata:
name: azure-shecloud
spec:
replicas: 1
selector:
matchLabels:
app: azure-shecloud
template:
metadata:
labels:
app: azure-shecloud
spec:
nodeSelector:
"kubernetes.io/os": linux
containers:
- name: azure-shecloud
image: emmillyacr.azurecr.io/shecloud:latest
env:
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 256Mi
ports:
- containerPort: 3000
name: azure-shecloud
---
apiVersion: v1
kind: Service
metadata:
name: azure-shecloud
spec:
type: LoadBalancer
ports:
- port: 3000
selector:
app: azure-shecloud
---
kubectl apply -f node_sql.yaml
网络要查看应用程序的外部IP,我们使用
kubectl get svc
接下来,我们将移至数据库服务器网络的门户网络允许IPS访问。
单击保存以保存更改。
当我们检查外部IP时20.87.94.72:3000