search

Azure-Samples / aks-store-demo

Sample microservices app for AKS demos, tutorials, and experiments
MIT License
136 stars 216 forks source link

feat: modularize tf deployment #113

Closed pauldotyu closed 6 months ago

pauldotyu commented 6 months ago

Purpose

resolves #112

Does this introduce a breaking change?

[ ] Yes
[x] No

Pull Request Type

What kind of change does this Pull Request introduce?

[ ] Bugfix
[x] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Documentation content changes
[ ] Other... Please describe:

How to Test

git clone https://github.com/pauldotyu/aks-store-demo
cd aks-store-demo
git checkout modular_terraform
az login
azd auth login
  1. Run a simple deployments with no additional services 
azd up

When prompted for a location, you need to pick a region that supports all Azure services in the Terraform templates. So choose eastus2.

  1. Add AI to the app deployment
azd env set DEPLOY_AZURE_OPENAI true
azd up
  1. Add workload identity auth for ai-service
azd env set DEPLOY_AZURE_WORKLOAD_IDENTITY true
azd up
  1. Add servicebus
azd env set DEPLOY_AZURE_SERVICE_BUS true
azd up
  1. Add cosmosdb
azd env set DEPLOY_AZURE_COSMOSDB true
azd up
  1. Optionally set the cosmosdb account kind to GlobalDocumentDB (SQL API)
azd env set AZURE_COSMOSDB_ACCOUNT_KIND GlobalDocumentDB
azd up

This will make a change to the makeline-service's configmap and will require kubectl rollout restart deploy makeline-service for the connection string changes to apply

  1. Add observability stack
azd env set DEPLOY_OBSERVABILITY_TOOLS true
azd up
  1. Add azure container registry
azd env set DEPLOY_AZURE_CONTAINER_REGISTRY true
azd up
  1. Optionally have azure container registry build containers
azd env set BUILD_CONTAINERS true
azd up

What to Check

Verify that the following are valid based on tests listed above:

  1. Verify the default deployment only deploys the store-front and store-admin without ai-services
  2. Verify the ai-service is deployed with OpenAI key authentication to Azure OpenAI (key is in a k8s secret)
  3. Verify the ai-service now uses workload identity authentication and pod now uses serviceaccount for auth
  4. Verify the order-service now writes orders to azure servicebus and the rabbitmq container is no longer deployed
  5. Verify the makeline-service now writes orders to azure cosmosdb and the mongodb container is no longer deployed
  6. Optionally verify the azure cosmosdb is of GlobalDocumentDB kind
  7. Verify the observability tools (e.g., prometheus, grafana, container insights are all configured for aks cluster)
  8. Verify the container images are imported from ghcr.io (see output in azd up command) and deployment images are sourced from azure container registry
  9. Optionally verify the containers are built from source (see output in azd up command)

Other Information