sassoftware / viya4-iac-azure

This project contains Terraform configuration files to provision infrastructure components required to deploy SAS Viya platform products on Microsoft Azure Cloud.
Apache License 2.0
74 stars 89 forks source link
aks azure cloud-resources iac sas-osp sas-viya terraform

SAS Viya 4 Infrastructure as Code (IaC) for Microsoft Azure

Overview

This project helps you to automate the cluster-provisioning phase of SAS Viya platform deployment. It contains Terraform scripts to provision the Microsoft Azure Cloud infrastructure resources that are required to deploy SAS Viya platform product offerings. Here is a list of resources that this project can create:

  • Azure resource group(s): primary resource group and AKS resource group
  • Virtual network, network security groups, and network security rules
  • Managed Azure Kubernetes Service (AKS) cluster
  • System and User AKS Node pools with required Labels and Taints
  • Infrastructure to deploy SAS Viya platform CAS in SMP or MPP mode
  • Storage options for SAS Viya platform - NFS Server (Standard) or Azure NetApp Files (HA)
  • Azure DB for PostgreSQL, optional
  • Azure Container Registry, optional

Architecture Diagram

This project addresses the first of three steps in Steps for Getting Started in SAS® Viya® Platform Operations:

  1. Provision resources.
  2. Prepare for the deployment.
  3. Customize and deploy the SAS Viya platform.

Note: The scripts in this project are provided as examples. They do not provide comprehensive configuration. The second and third steps include additional configuration tasks. Some of those tasks (for example, enabling logging and specifying available IP addresses) are essential for a more secure deployment.

Once the cloud resources are provisioned, use the viya4-deployment project to deploy the SAS Viya platform in your cloud environment. To learn about all phases and options of the SAS Viya platform deployment process, see Getting Started with SAS Viya and Azure Kubernetes Service in SAS Viya Platform Operations.

This project follows the SemVer versioning scheme. Given a version number MAJOR.MINOR.PATCH, we increment the:

  • MAJOR version when we make changes that are incompatible with the functionality of a previous component
  • MINOR version when we add functionality that is backwards-compatible
  • PATCH version when we make bug fixes that are backwards-compatible

Note: You must take down your existing infrastructure and rebuild it when you are upgrading to a new major version because of potential backward incompatibility. For details about the changes that are added in each release, see the Release Notes.

Prerequisites

Use of these tools requires operational knowledge of the following technologies:

Technical Prerequisites

This project supports two options for running Terraform scripts:

Access to an Azure Subscription and an Identity with the Contributor role are required.

Terraform Requirements:

Docker Requirements:

Getting Started

When you have prepared your environment with the prerequisites, you are ready to obtain and customize the Terraform scripts that will set up your Kubernetes cluster.

Clone this Project

Run the following commands from a terminal session:

# clone this repo
git clone https://github.com/sassoftware/viya4-iac-azure

# move to the project directory
cd viya4-iac-azure

Authenticating Terraform to Access Microsoft Azure

The Terraform process manages Microsoft Azure resources on your behalf. In order to do so, it needs your Azure account information and a user identity with the required permissions. See Terraform Azure Authentication for details.

Customizing Input Values

Terraform scripts require variable definitions as input. Review and modify default values to meet your requirements. Create a file named terraform.tfvars to customize any input variable value documented in the CONFIG-VARS.md file.

To get started, you can copy one of the example variable definition files provided in the ./examples folder. For more information about the variables that are declared in each file, refer to the CONFIG-VARS.md file.

You have the option to specify variable definitions that are not included in terraform.tfvars or to use a variable definition file other than terraform.tfvars. See Advanced Terraform Usage for more information.

Creating and Managing the Cloud Resources

Create and manage the required cloud resources. Perform one of the following steps, based on whether you are using Docker:

Troubleshooting

See the Troubleshooting page for information about possible issues that you might encounter.

Security

Additional configuration to harden your cluster environment is supported and encouraged. For example, you can limit cluster access to specified IP addresses. You can also deploy a load balancer or application gateway to mediate data flows between SAS Viya platform components and the ingress controller.

Contributing

We welcome your contributions! See CONTRIBUTING.md for information about how to submit contributions to this project.

License

This project is licensed under the Apache 2.0 License.

Additional Resources

Azure Resources

Terraform Resources