What kind of change does this Pull Request introduce?
[ ] Bugfix
[x] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Documentation content changes
[ ] Other... Please describe:
How to Test
Get the code
git clone https://github.com/pauldotyu/aks-store-demo
cd aks-store-demo
git checkout modular_terraform
Login to Azure CLI and Azure Developer CLI
az login
azd auth login
Test the code
Run a simple deployments with no additional services
azd up
When prompted for a location, you need to pick a region that supports all Azure services in the Terraform templates. So choose eastus2.
Add AI to the app deployment
azd env set DEPLOY_AZURE_OPENAI true
azd up
Add workload identity auth for ai-service
azd env set DEPLOY_AZURE_WORKLOAD_IDENTITY true
azd up
Add servicebus
azd env set DEPLOY_AZURE_SERVICE_BUS true
azd up
Add cosmosdb
azd env set DEPLOY_AZURE_COSMOSDB true
azd up
Optionally set the cosmosdb account kind to GlobalDocumentDB (SQL API)
azd env set AZURE_COSMOSDB_ACCOUNT_KIND GlobalDocumentDB
azd up
This will make a change to the makeline-service's configmap and will require kubectl rollout restart deploy makeline-service for the connection string changes to apply
Add observability stack
azd env set DEPLOY_OBSERVABILITY_TOOLS true
azd up
Add azure container registry
azd env set DEPLOY_AZURE_CONTAINER_REGISTRY true
azd up
Optionally have azure container registry build containers
azd env set BUILD_CONTAINERS true
azd up
What to Check
Verify that the following are valid based on tests listed above:
Verify the default deployment only deploys the store-front and store-admin without ai-services
Verify the ai-service is deployed with OpenAI key authentication to Azure OpenAI (key is in a k8s secret)
Verify the ai-service now uses workload identity authentication and pod now uses serviceaccount for auth
Verify the order-service now writes orders to azure servicebus and the rabbitmq container is no longer deployed
Verify the makeline-service now writes orders to azure cosmosdb and the mongodb container is no longer deployed
Optionally verify the azure cosmosdb is of GlobalDocumentDB kind
Verify the observability tools (e.g., prometheus, grafana, container insights are all configured for aks cluster)
Verify the container images are imported from ghcr.io (see output in azd up command) and deployment images are sourced from azure container registry
Optionally verify the containers are built from source (see output in azd up command)
Purpose
resolves #112
Does this introduce a breaking change?
Pull Request Type
What kind of change does this Pull Request introduce?
How to Test
What to Check
Verify that the following are valid based on tests listed above:
Other Information