diff --git a/azure_jumpstart_arcbox/artifacts/DataOpsAppDRScript.ps1 b/azure_jumpstart_arcbox/artifacts/DataOpsAppDRScript.ps1 index 2e31ae144b..b0514181d2 100644 --- a/azure_jumpstart_arcbox/artifacts/DataOpsAppDRScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DataOpsAppDRScript.ps1 @@ -1,7 +1,7 @@ $Env:ArcBoxLogsDir = "C:\ArcBox\Logs" $CName = "dataops" -$certdns = "$CName.jumpstart.local" +# $certdns = "$CName.jumpstart.local" $appNamespace = "arc" $sqlInstance = "aks-dr" @@ -10,16 +10,6 @@ Start-Transcript -Path $Env:ArcBoxLogsDir\DataOpsAppDRScript.log # Switch kubectl context to AKS DR kubectx $sqlInstance -Write-Header "Adding CName Record for App" -$dcInfo = Get-ADDomainController -Do -{ - $appIpaddress= kubectl get svc "dataops-ingress-nginx-ingress-controller" -o jsonpath="{.status.loadBalancer.ingress[0].ip}" - Start-Sleep -Seconds 5 -} while ($null -eq $appIpaddress) -Add-DnsServerResourceRecord -ComputerName $dcInfo.HostName -ZoneName $dcInfo.Domain -A -Name "$CName-$sqlInstance" -AllowUpdateAny -IPv4Address $appIpaddress -TimeToLive 01:00:00 -AgeRecord -Add-DnsServerResourceRecordCName -Name $CName -ComputerName $dcInfo.HostName -HostNameAlias "$CName-$sqlInstance.jumpstart.local" -ZoneName jumpstart.local -TimeToLive 00:05:00 - # Deploy the App and service $appK3s = @" apiVersion: apps/v1 @@ -40,7 +30,7 @@ spec: spec: containers: - name: web - image: azurearcjumpstart.azurecr.io/demoapp:dr + image: jumpstartdev.azurecr.io/demoapp:dr ports: - containerPort: 80 volumeMounts: @@ -59,7 +49,7 @@ metadata: spec: selector: app: web - type: ClusterIP + type: LoadBalancer ports: - protocol: TCP port: 80 @@ -69,34 +59,17 @@ spec: Write-Header "Deploying App Resource" $appK3s | kubectl apply -n $appNamespace -f - -# Deploy an Ingress Resource for the app -$appIngress = @" -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: ingress-tls - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/rewrite-target: /$1 -spec: - tls: - - hosts: - - "$certdns" - secretName: "$CName-secret" - rules: - - host: "$certdns" - http: - paths: - - pathType: ImplementationSpecific - backend: - service: - name: web-app-service - port: - number: 80 - path: / -"@ -Write-Header "Deploying App Ingress Resource" -$appIngress | kubectl apply -n $appNamespace -f - +# Write-Header "Adding CName Record for App" +$dcInfo = Get-ADDomainController +Do +{ + Write-Host "Waiting for Web App Service, hold tight..." + $appIpaddress= kubectl get svc "web-app-service" -o jsonpath="{.status.loadBalancer.ingress[0].ip}" + Start-Sleep -Seconds 5 +} while ($null -eq $appIpaddress) +Add-DnsServerResourceRecord -ComputerName $dcInfo.HostName -ZoneName $dcInfo.Domain -A -Name "$CName-$sqlInstance" -AllowUpdateAny -IPv4Address $appIpaddress -TimeToLive 01:00:00 -AgeRecord +Add-DnsServerResourceRecordCName -Name $CName -ComputerName $dcInfo.HostName -HostNameAlias "$CName-$sqlInstance.jumpstart.local" -ZoneName jumpstart.local -TimeToLive 00:05:00 + Do { Write-Host "Waiting for Web App pod, hold tight..." diff --git a/azure_jumpstart_arcbox/artifacts/DataOpsAppScript.ps1 b/azure_jumpstart_arcbox/artifacts/DataOpsAppScript.ps1 index f977232516..66d6846490 100644 --- a/azure_jumpstart_arcbox/artifacts/DataOpsAppScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DataOpsAppScript.ps1 @@ -3,54 +3,44 @@ $Env:ArcBoxLogsDir = "C:\ArcBox\Logs" $Env:ArcBoxIconDir = "C:\ArcBox\Icons" $CName = "jumpstartbooks" -$certdns = "$CName.jumpstart.local" -$password = "arcbox" +# $certdns = "$CName.jumpstart.local" +# $password = "arcbox" $appNamespace = "arc" $sqlInstance = "k3s" Start-Transcript -Path $Env:ArcBoxLogsDir\DataOpsAppScript.log -# Add OpenSSL to path environment variable -$openSSL = "C:\Program Files\FireDaemon OpenSSL 3\bin" -$currentPathVariable = [Environment]::GetEnvironmentVariable("PATH", [EnvironmentVariableTarget]::Process) -$newPathVariable = $currentPathVariable + ";" + $openSSL -[Environment]::SetEnvironmentVariable("PATH", $newPathVariable, [EnvironmentVariableTarget]::Process) +# # Add OpenSSL to path environment variable +# $openSSL = "C:\Program Files\FireDaemon OpenSSL 3\bin" +# $currentPathVariable = [Environment]::GetEnvironmentVariable("PATH", [EnvironmentVariableTarget]::Process) +# $newPathVariable = $currentPathVariable + ";" + $openSSL +# [Environment]::SetEnvironmentVariable("PATH", $newPathVariable, [EnvironmentVariableTarget]::Process) -Write-Host "Generating a TLS Certificate" -$cert = New-SelfSignedCertificate -DnsName $certdns -KeyAlgorithm RSA -KeyLength 2048 -NotAfter (Get-Date).AddYears(1) -CertStoreLocation "Cert:\CurrentUser\My" -$certPassword = ConvertTo-SecureString -String $password -Force -AsPlainText -Export-PfxCertificate -Cert "cert:\CurrentUser\My\$($cert.Thumbprint)" -FilePath "$Env:TempDir\$CName.pfx" -Password $certPassword -Import-PfxCertificate -FilePath "$Env:TempDir\$CName.pfx" -CertStoreLocation Cert:\LocalMachine\Root -Password $certPassword +# Write-Host "Generating a TLS Certificate" +# $cert = New-SelfSignedCertificate -DnsName $certdns -KeyAlgorithm RSA -KeyLength 2048 -NotAfter (Get-Date).AddYears(1) -CertStoreLocation "Cert:\CurrentUser\My" +# $certPassword = ConvertTo-SecureString -String $password -Force -AsPlainText +# Export-PfxCertificate -Cert "cert:\CurrentUser\My\$($cert.Thumbprint)" -FilePath "$Env:TempDir\$CName.pfx" -Password $certPassword +# Import-PfxCertificate -FilePath "$Env:TempDir\$CName.pfx" -CertStoreLocation Cert:\LocalMachine\Root -Password $certPassword -openssl pkcs12 -in "$Env:TempDir\$CName.pfx" -nocerts -out "$Env:TempDir\$CName.key" -password pass:$password -passout pass:$password -openssl pkcs12 -in "$Env:TempDir\$CName.pfx" -clcerts -nokeys -out "$Env:TempDir\$CName.crt" -password pass:$password -openssl rsa -in "$Env:TempDir\$CName.key" -out "$Env:TempDir\$CName-dec.key" -passin pass:$password +# openssl pkcs12 -in "$Env:TempDir\$CName.pfx" -nocerts -out "$Env:TempDir\$CName.key" -password pass:$password -passout pass:$password +# openssl pkcs12 -in "$Env:TempDir\$CName.pfx" -clcerts -nokeys -out "$Env:TempDir\$CName.crt" -password pass:$password +# openssl rsa -in "$Env:TempDir\$CName.key" -out "$Env:TempDir\$CName-dec.key" -passin pass:$password -Write-Header "Creating Ingress Controller" -foreach ($cluster in @('k3s', 'aks-dr')) { - # Create K8s Ingress TLS secret - kubectx $cluster - kubectl -n $appNamespace create secret tls "$CName-secret" --key "$Env:TempDir\$CName-dec.key" --cert "$Env:TempDir\$CName.crt" +# Write-Header "Creating Ingress Controller" +# foreach ($cluster in @('k3s', 'aks-dr')) { +# # Create K8s Ingress TLS secret +# kubectx $cluster +# kubectl -n $appNamespace create secret tls "$CName-secret" --key "$Env:TempDir\$CName-dec.key" --cert "$Env:TempDir\$CName.crt" - # Deploy NGINX Ingress Controller - helm repo add nginx-stable https://helm.nginx.com/stable - helm repo update - helm install dataops-ingress nginx-stable/nginx-ingress -} +# # Deploy NGINX Ingress Controller +# helm repo add nginx-stable https://helm.nginx.com/stable +# helm repo update +# helm install dataops-ingress nginx-stable/nginx-ingress +# } # Switch kubectl context to k3s kubectx $sqlInstance -Write-Header "Adding CName Record for App" -$dcInfo = Get-ADDomainController -Do -{ - $appIpaddress= kubectl get svc "dataops-ingress-nginx-ingress-controller" -o jsonpath="{.status.loadBalancer.ingress[0].ip}" - Start-Sleep -Seconds 5 -} while ($null -eq $appIpaddress) -Add-DnsServerResourceRecord -ComputerName $dcInfo.HostName -ZoneName $dcInfo.Domain -A -Name "$CName-$sqlInstance" -AllowUpdateAny -IPv4Address $appIpaddress -TimeToLive 01:00:00 -AgeRecord -Add-DnsServerResourceRecordCName -Name $CName -ComputerName $dcInfo.HostName -HostNameAlias "$CName-$sqlInstance.jumpstart.local" -ZoneName jumpstart.local -TimeToLive 00:05:00 - # Deploy the App and service $appK3s = @" apiVersion: apps/v1 @@ -71,7 +61,7 @@ spec: spec: containers: - name: web - image: azurearcjumpstart.azurecr.io/demoapp + image: jumpstartdev.azurecr.io/demoapp ports: - containerPort: 80 volumeMounts: @@ -90,7 +80,7 @@ metadata: spec: selector: app: web - type: ClusterIP + type: LoadBalancer ports: - protocol: TCP port: 80 @@ -100,34 +90,16 @@ spec: Write-Header "Deploying App Resource" $appK3s | kubectl apply -n $appNamespace -f - -# Deploy an Ingress Resource for the app -$appIngress = @" -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: ingress-tls - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/rewrite-target: /$1 -spec: - tls: - - hosts: - - "$certdns" - secretName: "$CName-secret" - rules: - - host: "$certdns" - http: - paths: - - pathType: ImplementationSpecific - backend: - service: - name: web-app-service - port: - number: 80 - path: / -"@ -Write-Header "Deploying App Ingress Resource" -$appIngress | kubectl apply -n $appNamespace -f - +Write-Header "Adding CName Record for App" +$dcInfo = Get-ADDomainController +Do +{ + Write-Host "Waiting for Web App Service, hold tight..." + $appIpaddress= kubectl -n $appNamespace get svc "web-app-service" -o jsonpath="{.status.loadBalancer.ingress[0].ip}" + Start-Sleep -Seconds 5 +} while ($null -eq $appIpaddress) +Add-DnsServerResourceRecord -ComputerName $dcInfo.HostName -ZoneName $dcInfo.Domain -A -Name "$CName-$sqlInstance" -AllowUpdateAny -IPv4Address $appIpaddress -TimeToLive 01:00:00 -AgeRecord +Add-DnsServerResourceRecordCName -Name $CName -ComputerName $dcInfo.HostName -HostNameAlias "$CName-$sqlInstance.jumpstart.local" -ZoneName jumpstart.local -TimeToLive 00:05:00 Do { Write-Host "Waiting for Web App pod, hold tight..." @@ -139,7 +111,7 @@ Do { $shortcutLocation = "$Env:Public\Desktop\Bookstore.lnk" $wScriptShell = New-Object -ComObject WScript.Shell $shortcut = $wScriptShell.CreateShortcut($shortcutLocation) -$shortcut.TargetPath = "https://$certdns" +$shortcut.TargetPath = "http://$CName.jumpstart.local" $shortcut.IconLocation="$Env:ArcBoxIconDir\bookstore.ico, 0" $shortcut.WindowStyle = 3 $shortcut.Save() diff --git a/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep b/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep index 6ede81154e..daa28ca621 100644 --- a/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep +++ b/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep @@ -52,7 +52,7 @@ var networkInterfaceName = '${vmName}-NIC' var osDiskType = 'Premium_LRS' var k3sControlPlane = 'true' // deploy single-node k3s control plane var diskSize = (flavor == 'DataOps') ? 512 : 64 -var numberOfIPAddresses = (flavor == 'DataOps') ? 7 : 5 // The number of IP addresses to create +var numberOfIPAddresses = (flavor == 'DataOps') ? 8 : 5 // The number of IP addresses to create // Create multiple public IP addresses if deployBastion is false resource publicIpAddresses 'Microsoft.Network/publicIpAddresses@2022-01-01' = [for i in range(1, numberOfIPAddresses): {