This project helps you to automate the cluster-provisioning phase of SAS Viya platform deployment. It contains Terraform scripts to provision the Microsoft Azure Cloud infrastructure resources that are required to deploy SAS Viya platform product offerings. Here is a list of resources that this project can create:
- Azure resource group(s): primary resource group and AKS resource group
- Virtual network, network security groups, and network security rules
- Managed Azure Kubernetes Service (AKS) cluster
- System and User AKS Node pools with required Labels and Taints
- Infrastructure to deploy SAS Viya platform CAS in SMP or MPP mode
- Storage options for SAS Viya platform - NFS Server (Standard) or Azure NetApp Files (HA)
- Azure DB for PostgreSQL, optional
- Azure Container Registry, optional
This project addresses the first of three steps in Steps for Getting Started in SAS® Viya® Platform Operations:
Note: The scripts in this project are provided as examples. They do not provide comprehensive configuration. The second and third steps include additional configuration tasks. Some of those tasks (for example, enabling logging and specifying available IP addresses) are essential for a more secure deployment.
Once the cloud resources are provisioned, use the viya4-deployment project to deploy the SAS Viya platform in your cloud environment. To learn about all phases and options of the SAS Viya platform deployment process, see Getting Started with SAS Viya and Azure Kubernetes Service in SAS Viya Platform Operations.
This project follows the SemVer versioning scheme. Given a version number MAJOR.MINOR.PATCH, we increment the:
- MAJOR version when we make changes that are incompatible with the functionality of a previous component
- MINOR version when we add functionality that is backwards-compatible
- PATCH version when we make bug fixes that are backwards-compatible
Note: You must take down your existing infrastructure and rebuild it when you are upgrading to a new major version because of potential backward incompatibility. For details about the changes that are added in each release, see the Release Notes.
Use of these tools requires operational knowledge of the following technologies:
This project supports two options for running Terraform scripts:
Using a Docker container to run Terraform
For more information, see Docker Usage. Using Docker to run the Terraform scripts is recommended.
Access to an Azure Subscription and an Identity with the Contributor role are required.
When you have prepared your environment with the prerequisites, you are ready to obtain and customize the Terraform scripts that will set up your Kubernetes cluster.
Run the following commands from a terminal session:
# clone this repo
git clone https://github.com/sassoftware/viya4-iac-azure
# move to the project directory
cd viya4-iac-azure
The Terraform process manages Microsoft Azure resources on your behalf. In order to do so, it needs your Azure account information and a user identity with the required permissions. See Terraform Azure Authentication for details.
Terraform scripts require variable definitions as input. Review and modify default values to meet your requirements. Create a file named
terraform.tfvars
to customize any input variable value documented in the CONFIG-VARS.md file.
To get started, you can copy one of the example variable definition files provided in the ./examples
folder. For more information about the
variables that are declared in each file, refer to the CONFIG-VARS.md file.
You have the option to specify variable definitions that are not included in terraform.tfvars
or to use a variable definition file other than
terraform.tfvars
. See Advanced Terraform Usage for more information.
Create and manage the required cloud resources. Perform one of the following steps, based on whether you are using Docker:
See the Troubleshooting page for information about possible issues that you might encounter.
Additional configuration to harden your cluster environment is supported and encouraged. For example, you can limit cluster access to specified IP addresses. You can also deploy a load balancer or application gateway to mediate data flows between SAS Viya platform components and the ingress controller.
We welcome your contributions! See CONTRIBUTING.md for information about how to submit contributions to this project.
This project is licensed under the Apache 2.0 License.