Azure

Overview

This guide provides step-by-step instructions for deploying Modzy into a Microsoft Azure Cloud environment using the Modzy Azure Terraform module.

The guide assumes some familiarity with Terraform by Hashicorp/use of Terraform modules to provision infrastructure in the cloud as well as use of the Microsoft Azure Command-line Interface (Azure CLI)

Architecture

Executing the steps outlined in this guide builds the following Modzy infrastructure within the designated Microsoft Azure Cloud subscription :

Azure Services

Microsoft Azure Services used by Modzy

• Virtual Network
• Kubernetes
• Key Vault
• PostgreSQL Server
• AD-managed Identities
• Storage

Deployment Steps

Prerequisites

The following tools are required on the client machine from which provisioning of Modzy environment will be executed:

• Azure CLI

• Terraform CLI

• kubectl kubernetes command-line tool

• kubectl kots plugin

  NOTE: The Modzy platform requires kots plugin version to be at most v1.50.0 which can be installed as follows:

  Shell

  curl -LJ0 [pending-URL-to-public-repository]/kots-install | bash
  

The following files are needed to configure the Modzy instance :

• A Modzy license file

• Certificate and private key files for the fully qualified domain name of the Modzy environment being provisioned

• The metadata (file) for the SAML Identity Provider to be used
  
  

Provisioning Modzy Environment

Provisioning a Modzy Environment is comprised of the following steps:

• Provision Infrastructure
  1. Setup Modzy module with input variables
  2. Run Terraform Init, Plan and Apply to create the infrastructure

• Deploy Modzy platform
  1. Install Modzy platform
  2. Upload license, configure and deploy
  
  

Provision Infrastructure

1. Setup Modzy module with input variables

   • Clone the repository {tf-modzy-az-sample} for sample files. The example below creates the folder modzy (this can be any valid name for a directory) and clones the contents of the repository :

     Shell

     git clone https://[pending-URL-to-public-repository]/tf-modzy-az-sample.git modzy
     

     This should create the directory with content as shown below:

     Shell

     modzy
     │- providers.tf
     │- modzy.tf
     

2. In a command-line/shell window, from within modzy directory,

   • Login to Azure

     Shell

     az login
     

     (Ensure the subscription/tenant id indicated in the resulting output is as expected)

     If you have access to more than one subscription, specify the desired subscription with :

     Shell

     az account set --subscription name-of-subscription 
     

     If not already installed, install the kubectl Azure CLI plug-in by executing :

     Shell

     az aks install-cli
     

   • Execute the following in turn, reviewing the output from each :

     • Init
       Shell

       terraform init
       

     • Plan
       Shell

       terraform plan
       

     • Apply

       terraform apply
       

   • Successful completion of terraform apply should set the kubernetes cluster context of the current shell window to the newly created Azure Kubernetes (AKS) cluster. This can be verified by executing:

     Shell

     kubectl config current-context
     

     Expected output: installation-identifier (name of the AKS cluster)

3. Resources in Azure

   As illustrated in this example of provisioning Modzy into an Azure Subscription called Modzy Development, the resource group modzy-az-[identifier] is created as well as the Azure AKS generated resource group MC_modzy-az-[identifier] :

Deploy Modzy Platform

• Install Modzy platform

  • Verify you are in the desired kubernetes cluster context by executing

    Shell

    kubectl config current-context
    

    Expected output: eks_installation-identifier

  • Obtain install command from Terraform output with :

    Shell

    KOTS_CMD=$(terraform output -raw kots_install_cmd)
    

  • Execute the installation :

    Shell

    sh -c $KOTS_CMD
    

    The following output should be displayed on completion of execution :

    Shell

    kubectl kots install modzy/stable \
    --namespace modzy \
    --shared-password "<password-value>" \
    --config-values ./replicated_config_<installation-identifier>.yaml \
    --port-forward=true
    • Deploying Admin Console
        • Creating namespace ✓
        • Waiting for datastore to be ready ✓
    • Waiting for Admin Console to be ready ✓
    
    • Press Ctrl+C to exit
    • Go to http://localhost:8800 to access the Admin Console
    

    (Note the Admin Console Url and password-value for use in next steps)

• Upload license, configure and deploy

  • In a browser, navigate to the Admin Console as indicated at the bottom of the above output (http://localhost:port-number where port-number in this example is 8800)
    
    Log in to the Admin Console with the password-value displayed in the output

• Upload Modzy license

• Ensure the kots version indicated at the bottom of the page is <= 1.50.0
  
  
• Select and upload your SSL Certificate and Key in the TLS Configuration Section (following example shows certificate and key files uploaded for a domain called develop.modzy.engineering)

• Specify the Identity Provider metadata xml file in the SSO Settings section

• Specify a From Address value in the SMPT Settings section

• Click the Continue button at the bottom of the page to apply the configuration. Wait for conclusion of the preflight checks on the next screen…

• Then click on the Continue button at the bottom of the page. You should then be presented with the following status page