Skip to content

Commit

Permalink
Merge pull request #2621 from zaidmohd/arcbox_3.0
Browse files Browse the repository at this point in the history
Arcbox 3.0 - Fixed app and ingress
  • Loading branch information
janegilring authored Jul 24, 2024
2 parents 6e92e2c + 125fef3 commit 7d43192
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 108 deletions.
55 changes: 14 additions & 41 deletions azure_jumpstart_arcbox/artifacts/DataOpsAppDRScript.ps1
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
$Env:ArcBoxLogsDir = "C:\ArcBox\Logs"

$CName = "dataops"
$certdns = "$CName.jumpstart.local"
# $certdns = "$CName.jumpstart.local"
$appNamespace = "arc"
$sqlInstance = "aks-dr"

Expand All @@ -10,16 +10,6 @@ Start-Transcript -Path $Env:ArcBoxLogsDir\DataOpsAppDRScript.log
# Switch kubectl context to AKS DR
kubectx $sqlInstance

Write-Header "Adding CName Record for App"
$dcInfo = Get-ADDomainController
Do
{
$appIpaddress= kubectl get svc "dataops-ingress-nginx-ingress-controller" -o jsonpath="{.status.loadBalancer.ingress[0].ip}"
Start-Sleep -Seconds 5
} while ($null -eq $appIpaddress)
Add-DnsServerResourceRecord -ComputerName $dcInfo.HostName -ZoneName $dcInfo.Domain -A -Name "$CName-$sqlInstance" -AllowUpdateAny -IPv4Address $appIpaddress -TimeToLive 01:00:00 -AgeRecord
Add-DnsServerResourceRecordCName -Name $CName -ComputerName $dcInfo.HostName -HostNameAlias "$CName-$sqlInstance.jumpstart.local" -ZoneName jumpstart.local -TimeToLive 00:05:00

# Deploy the App and service
$appK3s = @"
apiVersion: apps/v1
Expand All @@ -40,7 +30,7 @@ spec:
spec:
containers:
- name: web
image: azurearcjumpstart.azurecr.io/demoapp:dr
image: jumpstartdev.azurecr.io/demoapp:dr
ports:
- containerPort: 80
volumeMounts:
Expand All @@ -59,7 +49,7 @@ metadata:
spec:
selector:
app: web
type: ClusterIP
type: LoadBalancer
ports:
- protocol: TCP
port: 80
Expand All @@ -69,34 +59,17 @@ spec:
Write-Header "Deploying App Resource"
$appK3s | kubectl apply -n $appNamespace -f -

# Deploy an Ingress Resource for the app
$appIngress = @"
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-tls
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
tls:
- hosts:
- "$certdns"
secretName: "$CName-secret"
rules:
- host: "$certdns"
http:
paths:
- pathType: ImplementationSpecific
backend:
service:
name: web-app-service
port:
number: 80
path: /
"@
Write-Header "Deploying App Ingress Resource"
$appIngress | kubectl apply -n $appNamespace -f -
# Write-Header "Adding CName Record for App"
$dcInfo = Get-ADDomainController
Do
{
Write-Host "Waiting for Web App Service, hold tight..."
$appIpaddress= kubectl get svc "web-app-service" -o jsonpath="{.status.loadBalancer.ingress[0].ip}"
Start-Sleep -Seconds 5
} while ($null -eq $appIpaddress)
Add-DnsServerResourceRecord -ComputerName $dcInfo.HostName -ZoneName $dcInfo.Domain -A -Name "$CName-$sqlInstance" -AllowUpdateAny -IPv4Address $appIpaddress -TimeToLive 01:00:00 -AgeRecord
Add-DnsServerResourceRecordCName -Name $CName -ComputerName $dcInfo.HostName -HostNameAlias "$CName-$sqlInstance.jumpstart.local" -ZoneName jumpstart.local -TimeToLive 00:05:00


Do {
Write-Host "Waiting for Web App pod, hold tight..."
Expand Down
104 changes: 38 additions & 66 deletions azure_jumpstart_arcbox/artifacts/DataOpsAppScript.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -3,54 +3,44 @@ $Env:ArcBoxLogsDir = "C:\ArcBox\Logs"
$Env:ArcBoxIconDir = "C:\ArcBox\Icons"

$CName = "jumpstartbooks"
$certdns = "$CName.jumpstart.local"
$password = "arcbox"
# $certdns = "$CName.jumpstart.local"
# $password = "arcbox"
$appNamespace = "arc"
$sqlInstance = "k3s"

Start-Transcript -Path $Env:ArcBoxLogsDir\DataOpsAppScript.log

# Add OpenSSL to path environment variable
$openSSL = "C:\Program Files\FireDaemon OpenSSL 3\bin"
$currentPathVariable = [Environment]::GetEnvironmentVariable("PATH", [EnvironmentVariableTarget]::Process)
$newPathVariable = $currentPathVariable + ";" + $openSSL
[Environment]::SetEnvironmentVariable("PATH", $newPathVariable, [EnvironmentVariableTarget]::Process)
# # Add OpenSSL to path environment variable
# $openSSL = "C:\Program Files\FireDaemon OpenSSL 3\bin"
# $currentPathVariable = [Environment]::GetEnvironmentVariable("PATH", [EnvironmentVariableTarget]::Process)
# $newPathVariable = $currentPathVariable + ";" + $openSSL
# [Environment]::SetEnvironmentVariable("PATH", $newPathVariable, [EnvironmentVariableTarget]::Process)

Write-Host "Generating a TLS Certificate"
$cert = New-SelfSignedCertificate -DnsName $certdns -KeyAlgorithm RSA -KeyLength 2048 -NotAfter (Get-Date).AddYears(1) -CertStoreLocation "Cert:\CurrentUser\My"
$certPassword = ConvertTo-SecureString -String $password -Force -AsPlainText
Export-PfxCertificate -Cert "cert:\CurrentUser\My\$($cert.Thumbprint)" -FilePath "$Env:TempDir\$CName.pfx" -Password $certPassword
Import-PfxCertificate -FilePath "$Env:TempDir\$CName.pfx" -CertStoreLocation Cert:\LocalMachine\Root -Password $certPassword
# Write-Host "Generating a TLS Certificate"
# $cert = New-SelfSignedCertificate -DnsName $certdns -KeyAlgorithm RSA -KeyLength 2048 -NotAfter (Get-Date).AddYears(1) -CertStoreLocation "Cert:\CurrentUser\My"
# $certPassword = ConvertTo-SecureString -String $password -Force -AsPlainText
# Export-PfxCertificate -Cert "cert:\CurrentUser\My\$($cert.Thumbprint)" -FilePath "$Env:TempDir\$CName.pfx" -Password $certPassword
# Import-PfxCertificate -FilePath "$Env:TempDir\$CName.pfx" -CertStoreLocation Cert:\LocalMachine\Root -Password $certPassword

openssl pkcs12 -in "$Env:TempDir\$CName.pfx" -nocerts -out "$Env:TempDir\$CName.key" -password pass:$password -passout pass:$password
openssl pkcs12 -in "$Env:TempDir\$CName.pfx" -clcerts -nokeys -out "$Env:TempDir\$CName.crt" -password pass:$password
openssl rsa -in "$Env:TempDir\$CName.key" -out "$Env:TempDir\$CName-dec.key" -passin pass:$password
# openssl pkcs12 -in "$Env:TempDir\$CName.pfx" -nocerts -out "$Env:TempDir\$CName.key" -password pass:$password -passout pass:$password
# openssl pkcs12 -in "$Env:TempDir\$CName.pfx" -clcerts -nokeys -out "$Env:TempDir\$CName.crt" -password pass:$password
# openssl rsa -in "$Env:TempDir\$CName.key" -out "$Env:TempDir\$CName-dec.key" -passin pass:$password

Write-Header "Creating Ingress Controller"
foreach ($cluster in @('k3s', 'aks-dr')) {
# Create K8s Ingress TLS secret
kubectx $cluster
kubectl -n $appNamespace create secret tls "$CName-secret" --key "$Env:TempDir\$CName-dec.key" --cert "$Env:TempDir\$CName.crt"
# Write-Header "Creating Ingress Controller"
# foreach ($cluster in @('k3s', 'aks-dr')) {
# # Create K8s Ingress TLS secret
# kubectx $cluster
# kubectl -n $appNamespace create secret tls "$CName-secret" --key "$Env:TempDir\$CName-dec.key" --cert "$Env:TempDir\$CName.crt"

# Deploy NGINX Ingress Controller
helm repo add nginx-stable https://helm.nginx.com/stable
helm repo update
helm install dataops-ingress nginx-stable/nginx-ingress
}
# # Deploy NGINX Ingress Controller
# helm repo add nginx-stable https://helm.nginx.com/stable
# helm repo update
# helm install dataops-ingress nginx-stable/nginx-ingress
# }

# Switch kubectl context to k3s
kubectx $sqlInstance

Write-Header "Adding CName Record for App"
$dcInfo = Get-ADDomainController
Do
{
$appIpaddress= kubectl get svc "dataops-ingress-nginx-ingress-controller" -o jsonpath="{.status.loadBalancer.ingress[0].ip}"
Start-Sleep -Seconds 5
} while ($null -eq $appIpaddress)
Add-DnsServerResourceRecord -ComputerName $dcInfo.HostName -ZoneName $dcInfo.Domain -A -Name "$CName-$sqlInstance" -AllowUpdateAny -IPv4Address $appIpaddress -TimeToLive 01:00:00 -AgeRecord
Add-DnsServerResourceRecordCName -Name $CName -ComputerName $dcInfo.HostName -HostNameAlias "$CName-$sqlInstance.jumpstart.local" -ZoneName jumpstart.local -TimeToLive 00:05:00

# Deploy the App and service
$appK3s = @"
apiVersion: apps/v1
Expand All @@ -71,7 +61,7 @@ spec:
spec:
containers:
- name: web
image: azurearcjumpstart.azurecr.io/demoapp
image: jumpstartdev.azurecr.io/demoapp
ports:
- containerPort: 80
volumeMounts:
Expand All @@ -90,7 +80,7 @@ metadata:
spec:
selector:
app: web
type: ClusterIP
type: LoadBalancer
ports:
- protocol: TCP
port: 80
Expand All @@ -100,34 +90,16 @@ spec:
Write-Header "Deploying App Resource"
$appK3s | kubectl apply -n $appNamespace -f -

# Deploy an Ingress Resource for the app
$appIngress = @"
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-tls
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
tls:
- hosts:
- "$certdns"
secretName: "$CName-secret"
rules:
- host: "$certdns"
http:
paths:
- pathType: ImplementationSpecific
backend:
service:
name: web-app-service
port:
number: 80
path: /
"@
Write-Header "Deploying App Ingress Resource"
$appIngress | kubectl apply -n $appNamespace -f -
Write-Header "Adding CName Record for App"
$dcInfo = Get-ADDomainController
Do
{
Write-Host "Waiting for Web App Service, hold tight..."
$appIpaddress= kubectl -n $appNamespace get svc "web-app-service" -o jsonpath="{.status.loadBalancer.ingress[0].ip}"
Start-Sleep -Seconds 5
} while ($null -eq $appIpaddress)
Add-DnsServerResourceRecord -ComputerName $dcInfo.HostName -ZoneName $dcInfo.Domain -A -Name "$CName-$sqlInstance" -AllowUpdateAny -IPv4Address $appIpaddress -TimeToLive 01:00:00 -AgeRecord
Add-DnsServerResourceRecordCName -Name $CName -ComputerName $dcInfo.HostName -HostNameAlias "$CName-$sqlInstance.jumpstart.local" -ZoneName jumpstart.local -TimeToLive 00:05:00

Do {
Write-Host "Waiting for Web App pod, hold tight..."
Expand All @@ -139,7 +111,7 @@ Do {
$shortcutLocation = "$Env:Public\Desktop\Bookstore.lnk"
$wScriptShell = New-Object -ComObject WScript.Shell
$shortcut = $wScriptShell.CreateShortcut($shortcutLocation)
$shortcut.TargetPath = "https://$certdns"
$shortcut.TargetPath = "http://$CName.jumpstart.local"
$shortcut.IconLocation="$Env:ArcBoxIconDir\bookstore.ico, 0"
$shortcut.WindowStyle = 3
$shortcut.Save()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ var networkInterfaceName = '${vmName}-NIC'
var osDiskType = 'Premium_LRS'
var k3sControlPlane = 'true' // deploy single-node k3s control plane
var diskSize = (flavor == 'DataOps') ? 512 : 64
var numberOfIPAddresses = (flavor == 'DataOps') ? 7 : 5 // The number of IP addresses to create
var numberOfIPAddresses = (flavor == 'DataOps') ? 8 : 5 // The number of IP addresses to create

// Create multiple public IP addresses if deployBastion is false
resource publicIpAddresses 'Microsoft.Network/publicIpAddresses@2022-01-01' = [for i in range(1, numberOfIPAddresses): {
Expand Down

0 comments on commit 7d43192

Please sign in to comment.