使用Terraform部署Fullstack应用程序,以提供ACR,AK和Azure SQL数据库。
#node #devops #kubernetes #azure

本文逐步展示了我如何完成我的最终项目,以编码非洲云学校计划2023。

我设法在几天之内完成了该项目,并采用了Docker,Azure Container Registry,Azure Kubernetes服务和Azure SQL数据库等技术。

我决定使用Terraform将基础设施提供:

  • Azure容器注册表
  • Azure Kubernetes服务
  • 带有示例数据库的Azure SQL数据库

Image

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 2.65"
    }

    random = {
      source  = "hashicorp/random"
      version = "3.1.0"
    }
  }
}

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "emmilly-rg" {
  name     = "emmilly_mssql_acr_aks_rg"
  location = "South Africa North"
}

resource "azurerm_container_registry" "emmilly-acr" {
  name                = "emmillyacr"
  sku                 = "Premium"
  resource_group_name = azurerm_resource_group.emmilly-rg.name
  location            = azurerm_resource_group.emmilly-rg.location
}

resource "azurerm_kubernetes_cluster" "emmilly-k8s-cluster" {
  name                = "emmilly-aks"
  location            = azurerm_resource_group.emmilly-rg.location
  resource_group_name = azurerm_resource_group.emmilly-rg.name
  dns_prefix          = "emmilly-dns"
  public_network_access_enabled = true

  network_profile {
    network_plugin = "kubenet"
    load_balancer_sku = "standard"  
  }

  default_node_pool {
    name       = "default"
    node_count = 1
    vm_size    = "Standard_D2_v2"
  }

  identity {
    type = "SystemAssigned"
  }

  tags = {
    Environment = "Production"
  }
}
resource "azurerm_role_assignment" "enablePulling" {
  principal_id                     = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kubelet_identity[0].object_id
  role_definition_name             = "AcrPull"
  scope                            = azurerm_container_registry.emmilly-acr.id
  skip_service_principal_aad_check = true
}



resource "azurerm_mssql_server" "test-server" {
  name                         = "sqltest-server-emmilly"
  resource_group_name          = azurerm_resource_group.emmilly-rg.name
  location                     = azurerm_resource_group.emmilly-rg.location
  version                      = "12.0"
  administrator_login          = "emmilly"
  administrator_login_password = "emily@256"
  minimum_tls_version          = "1.2"

}

resource "azurerm_mssql_database" "test-db" {
  name           = "sqltest"
  server_id      = azurerm_mssql_server.test-server.id
  collation      = "SQL_Latin1_General_CP1_CI_AS"
  license_type   = "LicenseIncluded"
  read_scale     = false
  sku_name       = "S0"
  zone_redundant = false
  sample_name    = "AdventureWorksLT"

  tags = {
    dev = "Production"
  }
}
output "client_certificate" {
  value = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kube_config.0.client_certificate
}

output "kube_config" {
  value = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kube_config_raw

  sensitive = true
}

因此,在写Terraform文件后,我使用。

验证并应用了该文件。

终端中的初始地形。

terraform init

rinit

terraform validate

terraform

terraform apply -auto-approve

apply

配置资源后,我可以在门户网站上看到它们。

provisioned

接下来,我在我的节点JS应用程序中添加了一个Docker文件,并从中构建了一个图像并标记

docker build . -t shecloud
docker tag shecloud <loginservername/shecloud>

build


检查建造的图像

docker images

Images

接下来,我们必须使用Docker登录雷克蒂

docker login <login server name>

要查看您的服务器用户名密码,启用按钮。
I

login

login2

查看您的注册表登录器

reg

docker push shecloud <loginservername>/shecloud

push

推动后,我们应该能够在Azure容器注册表中的存储库下查看图像。

registry

下一个登录

az login
az account set --subscription xxxxxx-xxxx-xxxx-xxxxxx
az aks get-credentials --resource-group <resource group nae> --name <aks name>

credential

kubectl get nodes

nodes

接下来我使用此YAML文件部署。


apiVersion: apps/v1
kind: Deployment
metadata:
  name: azure-shecloud
spec:
  replicas: 1
  selector:
    matchLabels:
      app: azure-shecloud
  template:
    metadata:
      labels:
        app: azure-shecloud
    spec:
      nodeSelector:
        "kubernetes.io/os": linux
      containers:
      - name: azure-shecloud
        image: emmillyacr.azurecr.io/shecloud:latest
        env:
        - name: ALLOW_EMPTY_PASSWORD
          value: "yes"
        resources:
          requests:
            cpu: 100m
            memory: 128Mi
          limits:
            cpu: 250m
            memory: 256Mi
        ports:
        - containerPort: 3000
          name: azure-shecloud
---
apiVersion: v1
kind: Service
metadata:
  name: azure-shecloud
spec:
  type: LoadBalancer  
  ports:
  - port: 3000
  selector:
    app: azure-shecloud
---


 kubectl apply -f node_sql.yaml

yaml file

网络要查看应用程序的外部IP,我们使用

kubectl get svc

service

接下来,我们将移至数据库服务器网络的门户网络允许IPS访问。

ips
nb :一定要打勾允许服务访问服务器的框。

tick

单击保存以保存更改。

当我们检查外部IP时20.87.94.72:3000

webapp