Azure

Modzy Deployment Guide

Overview

This guide provides step-by-step instructions for deploying Modzy into a Microsoft Azure Cloud environment using the Modzy Azure Terraform module.

The guide assumes some familiarity with Terraform by Hashicorp/use of Terraform modules to provision infrastructure in the cloud as well as use of the Microsoft Azure Command-line Interface (Azure CLI)

Architecture

Executing the steps outlined in this guide builds the following Modzy infrastructure within the designated Microsoft Azure Cloud subscription :

2424

Azure Services

Microsoft Azure Services used by Modzy


Deployment Steps

Prerequisites

The following tools are required on the client machine from which provisioning of Modzy environment will be executed:

  • Azure CLI

  • Terraform CLI

  • kubectl kubernetes command-line tool

  • kubectl kots plugin

    NOTE: The Modzy platform requires kots plugin version to be at most v1.50.0 which can be installed as follows:

    curl -LJ0 [pending-URL-to-public-repository]/kots-install | bash
    

The following files are needed to configure the Modzy instance :

  • A Modzy license file

  • Certificate and private key files for the fully qualified domain name of the Modzy environment being provisioned

  • The metadata (file) for the SAML Identity Provider to be used

Provisioning Modzy Environment

Provisioning a Modzy Environment is comprised of the following steps:

  • Provision Infrastructure
    1. Setup Modzy module with input variables
    2. Run Terraform Init, Plan and Apply to create the infrastructure

  • Deploy Modzy platform
    1. Install Modzy platform
    2. Upload license, configure and deploy

Provision Infrastructure

  1. Setup Modzy module with input variables

    • Clone the repository {tf-modzy-az-sample} for sample files. The example below creates the folder modzy (this can be any valid name for a directory) and clones the contents of the repository :

      git clone https://[pending-URL-to-public-repository]/tf-modzy-az-sample.git modzy
      

      This should create the directory with content as shown below:

      modzy
      │- providers.tf
      │- modzy.tf
      
  2. In a command-line/shell window, from within modzy directory,

    • Login to Azure

      az login
      

      (Ensure the subscription/tenant id indicated in the resulting output is as expected)

      If you have access to more than one subscription, specify the desired subscription with :

      az account set --subscription name-of-subscription 
      

      If not already installed, install the kubectl Azure CLI plug-in by executing :

      az aks install-cli
      
    • Execute the following in turn, reviewing the output from each :

      • Init
        terraform init
        
      • Plan
        terraform plan
        
      • Apply
        terraform apply
        
    • Successful completion of terraform apply should set the kubernetes cluster context of the current shell window to the newly created Azure Kubernetes (AKS) cluster. This can be verified by executing:

      kubectl config current-context
      

      Expected output: installation-identifier (name of the AKS cluster)

  3. Resources in Azure

    As illustrated in this example of provisioning Modzy into an Azure Subscription called Modzy Development, the resource group modzy-az-[identifier] is created as well as the Azure AKS generated resource group MC_modzy-az-[identifier] :

1804 1960

Deploy Modzy Platform

  • Install Modzy platform

    • Verify you are in the desired kubernetes cluster context by executing

      kubectl config current-context
      

      Expected output: eks_installation-identifier

    • Obtain install command from Terraform output with :

      KOTS_CMD=$(terraform output -raw kots_install_cmd)
      
    • Execute the installation :

      sh -c $KOTS_CMD
      

      The following output should be displayed on completion of execution :

      kubectl kots install modzy/stable \
      --namespace modzy \
      --shared-password "<password-value>" \
      --config-values ./replicated_config_<installation-identifier>.yaml \
      --port-forward=true
      • Deploying Admin Console
          • Creating namespace ✓
          • Waiting for datastore to be ready ✓
      • Waiting for Admin Console to be ready ✓
      
      • Press Ctrl+C to exit
      • Go to http://localhost:8800 to access the Admin Console
      

      (Note the Admin Console Url and password-value for use in next steps)

  • Upload license, configure and deploy

    • In a browser, navigate to the Admin Console as indicated at the bottom of the above output (http://localhost:port-number where port-number in this example is 8800)

      Log in to the Admin Console with the password-value displayed in the output
535
  • Upload Modzy license
629
  • Ensure the kots version indicated at the bottom of the page is <= 1.50.0

  • Select and upload your SSL Certificate and Key in the TLS Configuration Section (following example shows certificate and key files uploaded for a domain called develop.modzy.engineering)
482
  • Specify the Identity Provider metadata xml file in the SSO Settings section
569
  • Specify a From Address value in the SMPT Settings section
497
  • Click the Continue button at the bottom of the page to apply the configuration. Wait for conclusion of the preflight checks on the next screen…
1121
  • Then click on the Continue button at the bottom of the page. You should then be presented with the following status page
1151