From 06b20eeb36640e85ca562a68e682c8e4c14fffa2 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Thu, 8 Aug 2024 11:11:05 -0400 Subject: [PATCH 01/12] comment istio install --- azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 index 7f15d1fc5a..b6b8ea77bd 100644 --- a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 @@ -101,8 +101,8 @@ foreach ($cluster in $clusters) { $nicName = $cluster.clusterName + "-NIC" $k3sVIP = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``true``].privateIPAddress" -otsv - Write-Header "Installing istio on K3s cluster" - istioctl install --skip-confirmation + # Write-Header "Installing istio on K3s cluster" + # istioctl install --skip-confirmation # Apply kube-vip RBAC manifests https://kube-vip.io/manifests/rbac.yaml $kubeVipRBAC = @" From 4ce6f8e71af217f9eae744ac72f3342b039e63bb Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Thu, 8 Aug 2024 23:12:23 -0400 Subject: [PATCH 02/12] remove kubevip and osm reference --- .../artifacts/DevOpsLogonScript.ps1 | 317 +++++++++--------- .../artifacts/devops_ingress/bookbuyer.yaml | 30 +- .../artifacts/devops_ingress/bookstore.yaml | 38 +-- 3 files changed, 193 insertions(+), 192 deletions(-) diff --git a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 index b6b8ea77bd..b28489ddef 100644 --- a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 @@ -98,164 +98,164 @@ foreach ($cluster in $clusters) { $Env:KUBECONFIG=$cluster.kubeConfig kubectx - $nicName = $cluster.clusterName + "-NIC" - $k3sVIP = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``true``].privateIPAddress" -otsv + # $nicName = $cluster.clusterName + "-NIC" + # $k3sVIP = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``true``].privateIPAddress" -otsv - # Write-Header "Installing istio on K3s cluster" - # istioctl install --skip-confirmation - -# Apply kube-vip RBAC manifests https://kube-vip.io/manifests/rbac.yaml -$kubeVipRBAC = @" -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kube-vip - namespace: kube-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - rbac.authorization.kubernetes.io/autoupdate: "true" - name: system:kube-vip-role -rules: - - apiGroups: [""] - resources: ["services/status"] - verbs: ["update"] - - apiGroups: [""] - resources: ["services", "endpoints"] - verbs: ["list","get","watch", "update"] - - apiGroups: [""] - resources: ["nodes"] - verbs: ["list","get","watch", "update", "patch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["list", "get", "watch", "update", "create"] - - apiGroups: ["discovery.k8s.io"] - resources: ["endpointslices"] - verbs: ["list","get","watch", "update"] ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: system:kube-vip-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:kube-vip-role -subjects: -- kind: ServiceAccount - name: kube-vip - namespace: kube-system -"@ - -$kubeVipRBAC | kubectl apply -f - - -# Apply kube-vip DaemonSet -$kubeVipDaemonset = @" -apiVersion: apps/v1 -kind: DaemonSet -metadata: - creationTimestamp: null - labels: - app.kubernetes.io/name: kube-vip-ds - app.kubernetes.io/version: v0.7.0 - name: kube-vip-ds - namespace: kube-system -spec: - selector: - matchLabels: - app.kubernetes.io/name: kube-vip-ds - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/name: kube-vip-ds - app.kubernetes.io/version: v0.7.0 - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - containers: - - args: - - manager - env: - - name: vip_arp - value: "true" - - name: port - value: "6443" - - name: vip_interface - value: eth0 - - name: vip_cidr - value: "32" - - name: dns_mode - value: first - - name: cp_enable - value: "true" - - name: cp_namespace - value: kube-system - - name: svc_enable - value: "true" - - name: svc_leasename - value: plndr-svcs-lock - - name: vip_leaderelection - value: "true" - - name: vip_leasename - value: plndr-cp-lock - - name: vip_leaseduration - value: "5" - - name: vip_renewdeadline - value: "3" - - name: vip_retryperiod - value: "1" - - name: address - value: "$k3sVIP" - - name: prometheus_server - value: :2112 - image: ghcr.io/kube-vip/kube-vip:v0.7.0 - imagePullPolicy: Always - name: kube-vip - resources: {} - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - hostNetwork: true - serviceAccountName: kube-vip - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - updateStrategy: {} -status: - currentNumberScheduled: 0 - desiredNumberScheduled: 0 - numberMisscheduled: 0 - numberReady: 0 -"@ - -$kubeVipDaemonset | kubectl apply -f - - - # Kube vip cloud controller - kubectl apply -f https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/main/manifest/kube-vip-cloud-controller.yaml - - # Set kube-vip range-global for kubernetes services - $serviceIpRange = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``false``].privateIPAddress" -otsv - $sortedIps = $serviceIpRange | Sort-Object {[System.Version]$_} - $lowestServiceIp = $sortedIps[0] - $highestServiceIp = $sortedIps[-1] - - kubectl create configmap -n kube-system kubevip --from-literal range-global=$lowestServiceIp-$highestServiceIp - Start-Sleep -Seconds 30 + Write-Header "Installing istio on K3s cluster" + istioctl install --skip-confirmation + +# # Apply kube-vip RBAC manifests https://kube-vip.io/manifests/rbac.yaml +# $kubeVipRBAC = @" +# apiVersion: v1 +# kind: ServiceAccount +# metadata: +# name: kube-vip +# namespace: kube-system +# --- +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: ClusterRole +# metadata: +# annotations: +# rbac.authorization.kubernetes.io/autoupdate: "true" +# name: system:kube-vip-role +# rules: +# - apiGroups: [""] +# resources: ["services/status"] +# verbs: ["update"] +# - apiGroups: [""] +# resources: ["services", "endpoints"] +# verbs: ["list","get","watch", "update"] +# - apiGroups: [""] +# resources: ["nodes"] +# verbs: ["list","get","watch", "update", "patch"] +# - apiGroups: ["coordination.k8s.io"] +# resources: ["leases"] +# verbs: ["list", "get", "watch", "update", "create"] +# - apiGroups: ["discovery.k8s.io"] +# resources: ["endpointslices"] +# verbs: ["list","get","watch", "update"] +# --- +# kind: ClusterRoleBinding +# apiVersion: rbac.authorization.k8s.io/v1 +# metadata: +# name: system:kube-vip-binding +# roleRef: +# apiGroup: rbac.authorization.k8s.io +# kind: ClusterRole +# name: system:kube-vip-role +# subjects: +# - kind: ServiceAccount +# name: kube-vip +# namespace: kube-system +# "@ + +# $kubeVipRBAC | kubectl apply -f - + +# # Apply kube-vip DaemonSet +# $kubeVipDaemonset = @" +# apiVersion: apps/v1 +# kind: DaemonSet +# metadata: +# creationTimestamp: null +# labels: +# app.kubernetes.io/name: kube-vip-ds +# app.kubernetes.io/version: v0.7.0 +# name: kube-vip-ds +# namespace: kube-system +# spec: +# selector: +# matchLabels: +# app.kubernetes.io/name: kube-vip-ds +# template: +# metadata: +# creationTimestamp: null +# labels: +# app.kubernetes.io/name: kube-vip-ds +# app.kubernetes.io/version: v0.7.0 +# spec: +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: node-role.kubernetes.io/master +# operator: Exists +# - matchExpressions: +# - key: node-role.kubernetes.io/control-plane +# operator: Exists +# containers: +# - args: +# - manager +# env: +# - name: vip_arp +# value: "true" +# - name: port +# value: "6443" +# - name: vip_interface +# value: eth0 +# - name: vip_cidr +# value: "32" +# - name: dns_mode +# value: first +# - name: cp_enable +# value: "true" +# - name: cp_namespace +# value: kube-system +# - name: svc_enable +# value: "true" +# - name: svc_leasename +# value: plndr-svcs-lock +# - name: vip_leaderelection +# value: "true" +# - name: vip_leasename +# value: plndr-cp-lock +# - name: vip_leaseduration +# value: "5" +# - name: vip_renewdeadline +# value: "3" +# - name: vip_retryperiod +# value: "1" +# - name: address +# value: "$k3sVIP" +# - name: prometheus_server +# value: :2112 +# image: ghcr.io/kube-vip/kube-vip:v0.7.0 +# imagePullPolicy: Always +# name: kube-vip +# resources: {} +# securityContext: +# capabilities: +# add: +# - NET_ADMIN +# - NET_RAW +# hostNetwork: true +# serviceAccountName: kube-vip +# tolerations: +# - effect: NoSchedule +# operator: Exists +# - effect: NoExecute +# operator: Exists +# updateStrategy: {} +# status: +# currentNumberScheduled: 0 +# desiredNumberScheduled: 0 +# numberMisscheduled: 0 +# numberReady: 0 +# "@ + +# $kubeVipDaemonset | kubectl apply -f - + +# # Kube vip cloud controller +# kubectl apply -f https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/main/manifest/kube-vip-cloud-controller.yaml + +# # Set kube-vip range-global for kubernetes services +# $serviceIpRange = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``false``].privateIPAddress" -otsv +# $sortedIps = $serviceIpRange | Sort-Object {[System.Version]$_} +# $lowestServiceIp = $sortedIps[0] +# $highestServiceIp = $sortedIps[-1] + +# kubectl create configmap -n kube-system kubevip --from-literal range-global=$lowestServiceIp-$highestServiceIp +# Start-Sleep -Seconds 30 Write-Header "Creating longhorn storage on $($cluster.clusterName)" kubectl apply -f "$Env:ArcBoxDir\longhorn.yaml" --kubeconfig $cluster.kubeConfig @@ -263,6 +263,7 @@ $kubeVipDaemonset | kubectl apply -f - Write-Host "`n" } +# Switch Kubernetes context to ArcBox-DataSvc-K3s cluster foreach ($cluster in $clusters) { if ($cluster.context -like '*-datasvc-k3s') { $Env:KUBECONFIG=$cluster.kubeConfig @@ -343,7 +344,7 @@ $configs = $(az k8s-configuration flux list --cluster-name $Env:k3sArcDataCluste foreach ($configName in $configs) { Write-Host "Checking GitOps configuration $configName on $Env:k3sArcDataClusterName" $retryCount = 0 - $maxRetries = 5 + $maxRetries = 10 do { $configStatus = $(az k8s-configuration flux show --name $configName --cluster-name $Env:k3sArcDataClusterName --cluster-type connectedClusters --resource-group $Env:resourceGroup -o json 2>$null) | convertFrom-JSON if ($configStatus.ComplianceState -eq "Compliant") { diff --git a/azure_jumpstart_arcbox/artifacts/devops_ingress/bookbuyer.yaml b/azure_jumpstart_arcbox/artifacts/devops_ingress/bookbuyer.yaml index feb77ea40a..2147a3bfd8 100644 --- a/azure_jumpstart_arcbox/artifacts/devops_ingress/bookbuyer.yaml +++ b/azure_jumpstart_arcbox/artifacts/devops_ingress/bookbuyer.yaml @@ -17,18 +17,18 @@ spec: port: number: 14001 path: /bookbuyer ---- -kind: IngressBackend -apiVersion: policy.openservicemesh.io/v1alpha1 -metadata: - name: backend -spec: - backends: - - name: bookbuyer - port: - number: 14001 - protocol: http - sources: - - kind: Service - namespace: ingress-nginx - name: ingress-nginx-controller +# --- +# kind: IngressBackend +# apiVersion: policy.openservicemesh.io/v1alpha1 +# metadata: +# name: backend +# spec: +# backends: +# - name: bookbuyer +# port: +# number: 14001 +# protocol: http +# sources: +# - kind: Service +# namespace: ingress-nginx +# name: ingress-nginx-controller diff --git a/azure_jumpstart_arcbox/artifacts/devops_ingress/bookstore.yaml b/azure_jumpstart_arcbox/artifacts/devops_ingress/bookstore.yaml index 7cf3770a2e..a759ad6eb1 100644 --- a/azure_jumpstart_arcbox/artifacts/devops_ingress/bookstore.yaml +++ b/azure_jumpstart_arcbox/artifacts/devops_ingress/bookstore.yaml @@ -24,22 +24,22 @@ spec: port: number: 14001 path: /bookstore-v2 ---- -kind: IngressBackend # Ingress Backend for Bookstore App -apiVersion: policy.openservicemesh.io/v1alpha1 -metadata: - name: backend -spec: - backends: - - name: bookstore - port: - number: 14001 - protocol: http - - name: bookstore-v2 - port: - number: 14001 - protocol: http - sources: - - kind: Service - namespace: ingress-nginx - name: ingress-nginx-controller +# --- +# kind: IngressBackend # Ingress Backend for Bookstore App +# apiVersion: policy.openservicemesh.io/v1alpha1 +# metadata: +# name: backend +# spec: +# backends: +# - name: bookstore +# port: +# number: 14001 +# protocol: http +# - name: bookstore-v2 +# port: +# number: 14001 +# protocol: http +# sources: +# - kind: Service +# namespace: ingress-nginx +# name: ingress-nginx-controller From 8306f798010c808dab033784c5f7dabd95088d5c Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Thu, 8 Aug 2024 23:43:09 -0400 Subject: [PATCH 03/12] remove multiple pip for devops --- azure_jumpstart_arcbox/bicep/main.bicepparam | 30 ++++++++++++++------ 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/azure_jumpstart_arcbox/bicep/main.bicepparam b/azure_jumpstart_arcbox/bicep/main.bicepparam index 9db53aff1a..64e8eb52af 100644 --- a/azure_jumpstart_arcbox/bicep/main.bicepparam +++ b/azure_jumpstart_arcbox/bicep/main.bicepparam @@ -1,19 +1,33 @@ using 'main.bicep' -param sshRSAPublicKey = '' +param flavor = 'DevOps' -param tenantId = '' +param sshRSAPublicKey = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDW6ZkCrWcuvDn7y9XbEulOSwx44wus3KLG8vOtFB+9m9YfTt/9RLJKD7ZiidvFQdD/ahKzLrdjJuUlcjsS6uqxvRBM+VUNY4O1zV+c7Zl6rHC7C/Ov9hB0wFW71ftUvKMwqIMFASh7etT0aW8FsSYnxRHf9hsYG5znwZTWsoxJO30gQOxwiLw+M1DCYmbOU3iOJuCyeG9VmzAfn/szXHDBogtkSx/ymiSCoJ3UbYmMqqoWNhfjfFTaLxZk7kkEDW6iFsIflsZOwZuB+tTOiOHE0KbgFyEtpzP3d+dfcSqgay6nb6RuzhZpthW42/qEmeqa16AkYLkYcgWl8DSqW/dRHq84MhVxggO7Shy+evuJpOTBp2SqplyYLRg3ScEe/BgyijN3Mo/baAYtGTbi3UAQKR0o/Ja9tm5DLOIuJM+fvKKCOU2yAQFeuc5xTl1gvYctevHjSEKUeE2tDkwHORPe7dZNVrSTAWNl3nLaIiauWzDKi1eMV3piao9om8Vg1uyYK3jI9AzH3uEH3cB9DqlNEhtHjz4ClFOkjAsTtf4xlkMkOfeGTRFgMpMwBsS46cKumy7PoMZnVowvUzDCsojqLdPpUHYM6vzGMvaovqg800mufxfEpiL/GIxU+KNgpbl9QxnFeoE5ZeHXWHdfczQSE0xi29x+6SLZ2F4YPQQKEw== mozaid@microsoft.com' -param windowsAdminUsername = 'arcdemo' +param tenantId = '16b3c013-d300-468d-ac64-7eda0820b6d3' -param windowsAdminPassword = '' +param windowsAdminUsername = 'arcdemo' -param logAnalyticsWorkspaceName = '' +param windowsAdminPassword = 'ArcPassword123!!' -param flavor = 'ITPro' +param logAnalyticsWorkspaceName = 'arcbox-la' param deployBastion = false -param vmAutologon = true +param customLocationRPOID = 'af89a3ae-8ffe-4ce7-89fb-a615f4083dc3' + +param resourceTags = { + Solution: 'jumpstart_arcbox' + Environment: 'sandbox' + CostCenter: 'it' +} + +param vmAutologon = false + +param rdpPort = '13389' + +param githubAccount = 'zaidmohd' + +param githubBranch = 'arcbox_3.0' -param resourceTags = {} // Add tags as needed +param githubUser = 'zaidmohd' From 4f6e6a5b7dd4a9c2c310307023ba401f485b54e2 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Fri, 9 Aug 2024 00:17:12 -0400 Subject: [PATCH 04/12] remove multiple pip for devops --- azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 | 2 +- azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 index b28489ddef..8c69930429 100644 --- a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 @@ -362,7 +362,7 @@ foreach ($configName in $configs) { } } elseif ($configStatus.ComplianceState -eq "Non-compliant" -and $retryCount -eq $maxRetries) { - Write-Host "GitOps configuration $configName has failed on $Env:k3sArcDataClusterName. Exiting..." + Write-Host "GitOps configuration $configName has failed on $Env:k3sArcDataClusterName. Exiting..." -ForegroundColor Red break } } diff --git a/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep b/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep index 973524e48f..0335738722 100644 --- a/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep +++ b/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep @@ -52,7 +52,7 @@ var networkInterfaceName = '${vmName}-NIC' var osDiskType = 'Premium_LRS' var k3sControlPlane = 'true' // deploy single-node k3s control plane var diskSize = (flavor == 'DataOps') ? 512 : 64 -var numberOfIPAddresses = (flavor == 'DataOps') ? 8 : 5 // The number of IP addresses to create +var numberOfIPAddresses = (flavor == 'DataOps') ? 8 : 1 // The number of IP addresses to create // Create multiple public IP addresses if deployBastion is false resource publicIpAddresses 'Microsoft.Network/publicIpAddresses@2022-01-01' = [for i in range(1, numberOfIPAddresses): { From 497ca54ecf2442d8653f06a7ca23d4ffe68719a1 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Fri, 9 Aug 2024 01:25:23 -0400 Subject: [PATCH 05/12] push default param --- azure_jumpstart_arcbox/bicep/main.bicepparam | 30 ++++++-------------- 1 file changed, 8 insertions(+), 22 deletions(-) diff --git a/azure_jumpstart_arcbox/bicep/main.bicepparam b/azure_jumpstart_arcbox/bicep/main.bicepparam index 64e8eb52af..9db53aff1a 100644 --- a/azure_jumpstart_arcbox/bicep/main.bicepparam +++ b/azure_jumpstart_arcbox/bicep/main.bicepparam @@ -1,33 +1,19 @@ using 'main.bicep' -param flavor = 'DevOps' +param sshRSAPublicKey = '' -param sshRSAPublicKey = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDW6ZkCrWcuvDn7y9XbEulOSwx44wus3KLG8vOtFB+9m9YfTt/9RLJKD7ZiidvFQdD/ahKzLrdjJuUlcjsS6uqxvRBM+VUNY4O1zV+c7Zl6rHC7C/Ov9hB0wFW71ftUvKMwqIMFASh7etT0aW8FsSYnxRHf9hsYG5znwZTWsoxJO30gQOxwiLw+M1DCYmbOU3iOJuCyeG9VmzAfn/szXHDBogtkSx/ymiSCoJ3UbYmMqqoWNhfjfFTaLxZk7kkEDW6iFsIflsZOwZuB+tTOiOHE0KbgFyEtpzP3d+dfcSqgay6nb6RuzhZpthW42/qEmeqa16AkYLkYcgWl8DSqW/dRHq84MhVxggO7Shy+evuJpOTBp2SqplyYLRg3ScEe/BgyijN3Mo/baAYtGTbi3UAQKR0o/Ja9tm5DLOIuJM+fvKKCOU2yAQFeuc5xTl1gvYctevHjSEKUeE2tDkwHORPe7dZNVrSTAWNl3nLaIiauWzDKi1eMV3piao9om8Vg1uyYK3jI9AzH3uEH3cB9DqlNEhtHjz4ClFOkjAsTtf4xlkMkOfeGTRFgMpMwBsS46cKumy7PoMZnVowvUzDCsojqLdPpUHYM6vzGMvaovqg800mufxfEpiL/GIxU+KNgpbl9QxnFeoE5ZeHXWHdfczQSE0xi29x+6SLZ2F4YPQQKEw== mozaid@microsoft.com' - -param tenantId = '16b3c013-d300-468d-ac64-7eda0820b6d3' +param tenantId = '' param windowsAdminUsername = 'arcdemo' -param windowsAdminPassword = 'ArcPassword123!!' - -param logAnalyticsWorkspaceName = 'arcbox-la' - -param deployBastion = false +param windowsAdminPassword = '' -param customLocationRPOID = 'af89a3ae-8ffe-4ce7-89fb-a615f4083dc3' +param logAnalyticsWorkspaceName = '' -param resourceTags = { - Solution: 'jumpstart_arcbox' - Environment: 'sandbox' - CostCenter: 'it' -} +param flavor = 'ITPro' -param vmAutologon = false - -param rdpPort = '13389' - -param githubAccount = 'zaidmohd' +param deployBastion = false -param githubBranch = 'arcbox_3.0' +param vmAutologon = true -param githubUser = 'zaidmohd' +param resourceTags = {} // Add tags as needed From 79477085e7bab2da673e3b786f36b4cce25eb274 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Fri, 9 Aug 2024 01:33:38 -0400 Subject: [PATCH 06/12] remove istio --- .../artifacts/DevOpsLogonScript.ps1 | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 index 8c69930429..6ee826b33c 100644 --- a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 @@ -101,8 +101,8 @@ foreach ($cluster in $clusters) { # $nicName = $cluster.clusterName + "-NIC" # $k3sVIP = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``true``].privateIPAddress" -otsv - Write-Header "Installing istio on K3s cluster" - istioctl install --skip-confirmation + # Write-Header "Installing istio on K3s cluster" + # istioctl install --skip-confirmation # # Apply kube-vip RBAC manifests https://kube-vip.io/manifests/rbac.yaml # $kubeVipRBAC = @" @@ -277,11 +277,11 @@ foreach ($namespace in @('bookstore', 'bookbuyer', 'bookwarehouse', 'hello-arc', kubectl create namespace $namespace } -# Label Bookstore Namespaces for Istio injection -Write-Header "Labeling K8s Namespaces for Istio Injection" -foreach ($namespace in @('bookstore', 'bookbuyer', 'bookwarehouse')) { - kubectl label namespace $namespace istio-injection=enabled -} +# # Label Bookstore Namespaces for Istio injection +# Write-Header "Labeling K8s Namespaces for Istio Injection" +# foreach ($namespace in @('bookstore', 'bookbuyer', 'bookwarehouse')) { +# kubectl label namespace $namespace istio-injection=enabled +# } ############################# # - Apply GitOps Configs @@ -310,7 +310,7 @@ az k8s-configuration flux create ` --name config-bookstore ` --cluster-type connectedClusters ` --url $appClonedRepo ` - --branch arcbox_3.0 --sync-interval 3s ` + --branch main --sync-interval 3s ` --kustomization name=bookstore path=./bookstore/yaml # Create GitOps config for Bookstore RBAC From f7d14b43e698e48bd3d0615709d76f968655bf03 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Fri, 9 Aug 2024 12:56:14 -0400 Subject: [PATCH 07/12] add kube-vip --- .../artifacts/DevOpsLogonScript.ps1 | 334 +++++++++--------- .../bicep/kubernetes/ubuntuRancher.bicep | 2 +- 2 files changed, 168 insertions(+), 168 deletions(-) diff --git a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 index 6ee826b33c..a268bc3114 100644 --- a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 @@ -98,164 +98,164 @@ foreach ($cluster in $clusters) { $Env:KUBECONFIG=$cluster.kubeConfig kubectx - # $nicName = $cluster.clusterName + "-NIC" - # $k3sVIP = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``true``].privateIPAddress" -otsv + $nicName = $cluster.clusterName + "-NIC" + $k3sVIP = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``true``].privateIPAddress" -otsv # Write-Header "Installing istio on K3s cluster" # istioctl install --skip-confirmation -# # Apply kube-vip RBAC manifests https://kube-vip.io/manifests/rbac.yaml -# $kubeVipRBAC = @" -# apiVersion: v1 -# kind: ServiceAccount -# metadata: -# name: kube-vip -# namespace: kube-system -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: ClusterRole -# metadata: -# annotations: -# rbac.authorization.kubernetes.io/autoupdate: "true" -# name: system:kube-vip-role -# rules: -# - apiGroups: [""] -# resources: ["services/status"] -# verbs: ["update"] -# - apiGroups: [""] -# resources: ["services", "endpoints"] -# verbs: ["list","get","watch", "update"] -# - apiGroups: [""] -# resources: ["nodes"] -# verbs: ["list","get","watch", "update", "patch"] -# - apiGroups: ["coordination.k8s.io"] -# resources: ["leases"] -# verbs: ["list", "get", "watch", "update", "create"] -# - apiGroups: ["discovery.k8s.io"] -# resources: ["endpointslices"] -# verbs: ["list","get","watch", "update"] -# --- -# kind: ClusterRoleBinding -# apiVersion: rbac.authorization.k8s.io/v1 -# metadata: -# name: system:kube-vip-binding -# roleRef: -# apiGroup: rbac.authorization.k8s.io -# kind: ClusterRole -# name: system:kube-vip-role -# subjects: -# - kind: ServiceAccount -# name: kube-vip -# namespace: kube-system -# "@ - -# $kubeVipRBAC | kubectl apply -f - - -# # Apply kube-vip DaemonSet -# $kubeVipDaemonset = @" -# apiVersion: apps/v1 -# kind: DaemonSet -# metadata: -# creationTimestamp: null -# labels: -# app.kubernetes.io/name: kube-vip-ds -# app.kubernetes.io/version: v0.7.0 -# name: kube-vip-ds -# namespace: kube-system -# spec: -# selector: -# matchLabels: -# app.kubernetes.io/name: kube-vip-ds -# template: -# metadata: -# creationTimestamp: null -# labels: -# app.kubernetes.io/name: kube-vip-ds -# app.kubernetes.io/version: v0.7.0 -# spec: -# affinity: -# nodeAffinity: -# requiredDuringSchedulingIgnoredDuringExecution: -# nodeSelectorTerms: -# - matchExpressions: -# - key: node-role.kubernetes.io/master -# operator: Exists -# - matchExpressions: -# - key: node-role.kubernetes.io/control-plane -# operator: Exists -# containers: -# - args: -# - manager -# env: -# - name: vip_arp -# value: "true" -# - name: port -# value: "6443" -# - name: vip_interface -# value: eth0 -# - name: vip_cidr -# value: "32" -# - name: dns_mode -# value: first -# - name: cp_enable -# value: "true" -# - name: cp_namespace -# value: kube-system -# - name: svc_enable -# value: "true" -# - name: svc_leasename -# value: plndr-svcs-lock -# - name: vip_leaderelection -# value: "true" -# - name: vip_leasename -# value: plndr-cp-lock -# - name: vip_leaseduration -# value: "5" -# - name: vip_renewdeadline -# value: "3" -# - name: vip_retryperiod -# value: "1" -# - name: address -# value: "$k3sVIP" -# - name: prometheus_server -# value: :2112 -# image: ghcr.io/kube-vip/kube-vip:v0.7.0 -# imagePullPolicy: Always -# name: kube-vip -# resources: {} -# securityContext: -# capabilities: -# add: -# - NET_ADMIN -# - NET_RAW -# hostNetwork: true -# serviceAccountName: kube-vip -# tolerations: -# - effect: NoSchedule -# operator: Exists -# - effect: NoExecute -# operator: Exists -# updateStrategy: {} -# status: -# currentNumberScheduled: 0 -# desiredNumberScheduled: 0 -# numberMisscheduled: 0 -# numberReady: 0 -# "@ - -# $kubeVipDaemonset | kubectl apply -f - - -# # Kube vip cloud controller -# kubectl apply -f https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/main/manifest/kube-vip-cloud-controller.yaml - -# # Set kube-vip range-global for kubernetes services -# $serviceIpRange = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``false``].privateIPAddress" -otsv -# $sortedIps = $serviceIpRange | Sort-Object {[System.Version]$_} -# $lowestServiceIp = $sortedIps[0] -# $highestServiceIp = $sortedIps[-1] - -# kubectl create configmap -n kube-system kubevip --from-literal range-global=$lowestServiceIp-$highestServiceIp -# Start-Sleep -Seconds 30 +# Apply kube-vip RBAC manifests https://kube-vip.io/manifests/rbac.yaml +$kubeVipRBAC = @" +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kube-vip + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" + name: system:kube-vip-role +rules: + - apiGroups: [""] + resources: ["services/status"] + verbs: ["update"] + - apiGroups: [""] + resources: ["services", "endpoints"] + verbs: ["list","get","watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["list","get","watch", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["list", "get", "watch", "update", "create"] + - apiGroups: ["discovery.k8s.io"] + resources: ["endpointslices"] + verbs: ["list","get","watch", "update"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: system:kube-vip-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:kube-vip-role +subjects: +- kind: ServiceAccount + name: kube-vip + namespace: kube-system +"@ + +$kubeVipRBAC | kubectl apply -f - + +# Apply kube-vip DaemonSet +$kubeVipDaemonset = @" +apiVersion: apps/v1 +kind: DaemonSet +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/name: kube-vip-ds + app.kubernetes.io/version: v0.7.0 + name: kube-vip-ds + namespace: kube-system +spec: + selector: + matchLabels: + app.kubernetes.io/name: kube-vip-ds + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/name: kube-vip-ds + app.kubernetes.io/version: v0.7.0 + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + containers: + - args: + - manager + env: + - name: vip_arp + value: "true" + - name: port + value: "6443" + - name: vip_interface + value: eth0 + - name: vip_cidr + value: "32" + - name: dns_mode + value: first + - name: cp_enable + value: "true" + - name: cp_namespace + value: kube-system + - name: svc_enable + value: "true" + - name: svc_leasename + value: plndr-svcs-lock + - name: vip_leaderelection + value: "true" + - name: vip_leasename + value: plndr-cp-lock + - name: vip_leaseduration + value: "5" + - name: vip_renewdeadline + value: "3" + - name: vip_retryperiod + value: "1" + - name: address + value: "$k3sVIP" + - name: prometheus_server + value: :2112 + image: ghcr.io/kube-vip/kube-vip:v0.7.0 + imagePullPolicy: Always + name: kube-vip + resources: {} + securityContext: + capabilities: + add: + - NET_ADMIN + - NET_RAW + hostNetwork: true + serviceAccountName: kube-vip + tolerations: + - effect: NoSchedule + operator: Exists + - effect: NoExecute + operator: Exists + updateStrategy: {} +status: + currentNumberScheduled: 0 + desiredNumberScheduled: 0 + numberMisscheduled: 0 + numberReady: 0 +"@ + +$kubeVipDaemonset | kubectl apply -f - + + # Kube vip cloud controller + kubectl apply -f https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/main/manifest/kube-vip-cloud-controller.yaml + + # Set kube-vip range-global for kubernetes services + $serviceIpRange = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``false``].privateIPAddress" -otsv + $sortedIps = $serviceIpRange | Sort-Object {[System.Version]$_} + $lowestServiceIp = $sortedIps[0] + $highestServiceIp = $sortedIps[-1] + + kubectl create configmap -n kube-system kubevip --from-literal range-global=$lowestServiceIp-$highestServiceIp + Start-Sleep -Seconds 30 Write-Header "Creating longhorn storage on $($cluster.clusterName)" kubectl apply -f "$Env:ArcBoxDir\longhorn.yaml" --kubeconfig $cluster.kubeConfig @@ -289,18 +289,18 @@ foreach ($namespace in @('bookstore', 'bookbuyer', 'bookwarehouse', 'hello-arc', Write-Header "Applying GitOps Configs" -# Create GitOps config for NGINX Ingress Controller -Write-Host "Creating GitOps config for NGINX Ingress Controller" -az k8s-configuration flux create ` - --cluster-name $Env:k3sArcDataClusterName ` - --resource-group $Env:resourceGroup ` - --name config-nginx ` - --namespace $ingressNamespace ` - --cluster-type connectedClusters ` - --scope cluster ` - --url $appClonedRepo ` - --branch main --sync-interval 3s ` - --kustomization name=nginx path=./nginx/release +# # Create GitOps config for NGINX Ingress Controller +# Write-Host "Creating GitOps config for NGINX Ingress Controller" +# az k8s-configuration flux create ` +# --cluster-name $Env:k3sArcDataClusterName ` +# --resource-group $Env:resourceGroup ` +# --name config-nginx ` +# --namespace $ingressNamespace ` +# --cluster-type connectedClusters ` +# --scope cluster ` +# --url $appClonedRepo ` +# --branch main --sync-interval 3s ` +# --kustomization name=nginx path=./nginx/release # Create GitOps config for Bookstore application Write-Host "Creating GitOps config for Bookstore application" @@ -344,7 +344,7 @@ $configs = $(az k8s-configuration flux list --cluster-name $Env:k3sArcDataCluste foreach ($configName in $configs) { Write-Host "Checking GitOps configuration $configName on $Env:k3sArcDataClusterName" $retryCount = 0 - $maxRetries = 10 + $maxRetries = 5 do { $configStatus = $(az k8s-configuration flux show --name $configName --cluster-name $Env:k3sArcDataClusterName --cluster-type connectedClusters --resource-group $Env:resourceGroup -o json 2>$null) | convertFrom-JSON if ($configStatus.ComplianceState -eq "Compliant") { diff --git a/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep b/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep index 0335738722..973524e48f 100644 --- a/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep +++ b/azure_jumpstart_arcbox/bicep/kubernetes/ubuntuRancher.bicep @@ -52,7 +52,7 @@ var networkInterfaceName = '${vmName}-NIC' var osDiskType = 'Premium_LRS' var k3sControlPlane = 'true' // deploy single-node k3s control plane var diskSize = (flavor == 'DataOps') ? 512 : 64 -var numberOfIPAddresses = (flavor == 'DataOps') ? 8 : 1 // The number of IP addresses to create +var numberOfIPAddresses = (flavor == 'DataOps') ? 8 : 5 // The number of IP addresses to create // Create multiple public IP addresses if deployBastion is false resource publicIpAddresses 'Microsoft.Network/publicIpAddresses@2022-01-01' = [for i in range(1, numberOfIPAddresses): { From 307644dde7979396670c03de90b25abe743cd39f Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Mon, 12 Aug 2024 10:16:18 -0400 Subject: [PATCH 08/12] add nodes for devops --- .../artifacts/DevOpsLogonScript.ps1 | 44 +++++++++---------- azure_jumpstart_arcbox/bicep/main.bicep | 2 +- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 index a268bc3114..9046ce9df8 100644 --- a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 @@ -101,8 +101,8 @@ foreach ($cluster in $clusters) { $nicName = $cluster.clusterName + "-NIC" $k3sVIP = az network nic ip-config list --resource-group $Env:resourceGroup --nic-name $nicName --query "[?primary == ``true``].privateIPAddress" -otsv - # Write-Header "Installing istio on K3s cluster" - # istioctl install --skip-confirmation + Write-Header "Installing istio on K3s cluster" + istioctl install --skip-confirmation # Apply kube-vip RBAC manifests https://kube-vip.io/manifests/rbac.yaml $kubeVipRBAC = @" @@ -277,11 +277,11 @@ foreach ($namespace in @('bookstore', 'bookbuyer', 'bookwarehouse', 'hello-arc', kubectl create namespace $namespace } -# # Label Bookstore Namespaces for Istio injection -# Write-Header "Labeling K8s Namespaces for Istio Injection" -# foreach ($namespace in @('bookstore', 'bookbuyer', 'bookwarehouse')) { -# kubectl label namespace $namespace istio-injection=enabled -# } +# Label Bookstore Namespaces for Istio injection +Write-Header "Labeling K8s Namespaces for Istio Injection" +foreach ($namespace in @('bookstore', 'bookbuyer', 'bookwarehouse')) { + kubectl label namespace $namespace istio-injection=enabled +} ############################# # - Apply GitOps Configs @@ -289,18 +289,18 @@ foreach ($namespace in @('bookstore', 'bookbuyer', 'bookwarehouse', 'hello-arc', Write-Header "Applying GitOps Configs" -# # Create GitOps config for NGINX Ingress Controller -# Write-Host "Creating GitOps config for NGINX Ingress Controller" -# az k8s-configuration flux create ` -# --cluster-name $Env:k3sArcDataClusterName ` -# --resource-group $Env:resourceGroup ` -# --name config-nginx ` -# --namespace $ingressNamespace ` -# --cluster-type connectedClusters ` -# --scope cluster ` -# --url $appClonedRepo ` -# --branch main --sync-interval 3s ` -# --kustomization name=nginx path=./nginx/release +# Create GitOps config for NGINX Ingress Controller +Write-Host "Creating GitOps config for NGINX Ingress Controller" +az k8s-configuration flux create ` + --cluster-name $Env:k3sArcDataClusterName ` + --resource-group $Env:resourceGroup ` + --name config-nginx ` + --namespace $ingressNamespace ` + --cluster-type connectedClusters ` + --scope cluster ` + --url $appClonedRepo ` + --branch main --sync-interval 3s ` + --kustomization name=nginx path=./nginx/release # Create GitOps config for Bookstore application Write-Host "Creating GitOps config for Bookstore application" @@ -310,7 +310,7 @@ az k8s-configuration flux create ` --name config-bookstore ` --cluster-type connectedClusters ` --url $appClonedRepo ` - --branch main --sync-interval 3s ` + --branch arcbox_3.0 --sync-interval 3s ` --kustomization name=bookstore path=./bookstore/yaml # Create GitOps config for Bookstore RBAC @@ -398,7 +398,7 @@ foreach ($configName in $configs) { # --release-namespace kube-system ` # --configuration-settings 'secrets-store-csi-driver.enableSecretRotation=true' 'secrets-store-csi-driver.syncSecret.enabled=true' -# # Replace Variable values +# Replace Variable values Get-ChildItem -Path $Env:ArcBoxKVDir | ForEach-Object { # (Get-Content -path $_.FullName -Raw) -Replace '\{JS_CERTNAME}', $certname | Set-Content -Path $_.FullName @@ -407,7 +407,7 @@ Get-ChildItem -Path $Env:ArcBoxKVDir | # (Get-Content -path $_.FullName -Raw) -Replace '\{JS_TENANTID}', $Env:tenantId | Set-Content -Path $_.FullName } -Write-Header "Creating Ingress Controller" +# Write-Header "Creating Ingress Controller" # Deploy Ingress resources for Bookstore and Hello-Arc App foreach ($namespace in @('bookstore', 'bookbuyer', 'hello-arc')) { diff --git a/azure_jumpstart_arcbox/bicep/main.bicep b/azure_jumpstart_arcbox/bicep/main.bicep index 4b1daceecd..747ffd9288 100644 --- a/azure_jumpstart_arcbox/bicep/main.bicep +++ b/azure_jumpstart_arcbox/bicep/main.bicep @@ -98,7 +98,7 @@ module ubuntuRancherK3sDataSvcDeployment 'kubernetes/ubuntuRancher.bicep' = if ( } } -module ubuntuRancherK3sDataSvcNodesDeployment 'kubernetes/ubuntuRancherNodes.bicep' = [for i in range(0, k3sClusterNodesCount): if (flavor == 'Full' || flavor == 'DataOps') { +module ubuntuRancherK3sDataSvcNodesDeployment 'kubernetes/ubuntuRancherNodes.bicep' = [for i in range(0, k3sClusterNodesCount): if (flavor == 'Full' || flavor == 'DataOps' || flavor == 'DevOps') { name: 'ubuntuRancherK3sDataSvcNodesDeployment-${i}' params: { sshRSAPublicKey: sshRSAPublicKey From b828c40b84388f9da22b6c9764405df636d821c1 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Mon, 12 Aug 2024 13:18:30 -0400 Subject: [PATCH 09/12] remove condition for dataops --- azure_jumpstart_arcbox/bicep/main.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure_jumpstart_arcbox/bicep/main.bicep b/azure_jumpstart_arcbox/bicep/main.bicep index 747ffd9288..7c06111fcb 100644 --- a/azure_jumpstart_arcbox/bicep/main.bicep +++ b/azure_jumpstart_arcbox/bicep/main.bicep @@ -80,7 +80,7 @@ var aksArcDataClusterName = '${namingPrefix}-AKS-Data-${guid}' var aksDrArcDataClusterName = '${namingPrefix}-AKS-DR-Data-${guid}' var k3sArcDataClusterName = '${namingPrefix}-DataSvc-K3s-${guid}' var k3sArcClusterName = '${namingPrefix}-K3s-${guid}' -var k3sClusterNodesCount = 3 // Number of nodes to deploy in the K3s cluster +var k3sClusterNodesCount = (flavor == 'DataOps') ? 3 : 1 // Number of nodes to deploy in the K3s cluster module ubuntuRancherK3sDataSvcDeployment 'kubernetes/ubuntuRancher.bicep' = if (flavor == 'DevOps' || flavor == 'DataOps') { name: 'ubuntuRancherK3sDataSvcDeployment' From 55d0f835a7fa40ada5a54feb9138c9b31c4c6a95 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Mon, 12 Aug 2024 13:18:51 -0400 Subject: [PATCH 10/12] remove condition for dataops --- azure_jumpstart_arcbox/bicep/main.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure_jumpstart_arcbox/bicep/main.bicep b/azure_jumpstart_arcbox/bicep/main.bicep index 7c06111fcb..747ffd9288 100644 --- a/azure_jumpstart_arcbox/bicep/main.bicep +++ b/azure_jumpstart_arcbox/bicep/main.bicep @@ -80,7 +80,7 @@ var aksArcDataClusterName = '${namingPrefix}-AKS-Data-${guid}' var aksDrArcDataClusterName = '${namingPrefix}-AKS-DR-Data-${guid}' var k3sArcDataClusterName = '${namingPrefix}-DataSvc-K3s-${guid}' var k3sArcClusterName = '${namingPrefix}-K3s-${guid}' -var k3sClusterNodesCount = (flavor == 'DataOps') ? 3 : 1 // Number of nodes to deploy in the K3s cluster +var k3sClusterNodesCount = 3 // Number of nodes to deploy in the K3s cluster module ubuntuRancherK3sDataSvcDeployment 'kubernetes/ubuntuRancher.bicep' = if (flavor == 'DevOps' || flavor == 'DataOps') { name: 'ubuntuRancherK3sDataSvcDeployment' From 842c54f29a2daccbc2d00696e99d7c29facc30e7 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Mon, 12 Aug 2024 13:22:26 -0400 Subject: [PATCH 11/12] fix comment --- azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 index 9046ce9df8..5e6957f823 100644 --- a/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 +++ b/azure_jumpstart_arcbox/artifacts/DevOpsLogonScript.ps1 @@ -407,7 +407,7 @@ Get-ChildItem -Path $Env:ArcBoxKVDir | # (Get-Content -path $_.FullName -Raw) -Replace '\{JS_TENANTID}', $Env:tenantId | Set-Content -Path $_.FullName } -# Write-Header "Creating Ingress Controller" +Write-Header "Creating Ingress Controller" # Deploy Ingress resources for Bookstore and Hello-Arc App foreach ($namespace in @('bookstore', 'bookbuyer', 'hello-arc')) { From 9edd79e0f8f6ab1ad6abeeaa67dc7560a704a208 Mon Sep 17 00:00:00 2001 From: Zaid Mohammad Date: Mon, 12 Aug 2024 13:25:20 -0400 Subject: [PATCH 12/12] remove app osm ref --- .../artifacts/devops_ingress/bookbuyer.yaml | 15 --------------- .../artifacts/devops_ingress/bookstore.yaml | 19 ------------------- 2 files changed, 34 deletions(-) diff --git a/azure_jumpstart_arcbox/artifacts/devops_ingress/bookbuyer.yaml b/azure_jumpstart_arcbox/artifacts/devops_ingress/bookbuyer.yaml index 2147a3bfd8..48deae7aa4 100644 --- a/azure_jumpstart_arcbox/artifacts/devops_ingress/bookbuyer.yaml +++ b/azure_jumpstart_arcbox/artifacts/devops_ingress/bookbuyer.yaml @@ -17,18 +17,3 @@ spec: port: number: 14001 path: /bookbuyer -# --- -# kind: IngressBackend -# apiVersion: policy.openservicemesh.io/v1alpha1 -# metadata: -# name: backend -# spec: -# backends: -# - name: bookbuyer -# port: -# number: 14001 -# protocol: http -# sources: -# - kind: Service -# namespace: ingress-nginx -# name: ingress-nginx-controller diff --git a/azure_jumpstart_arcbox/artifacts/devops_ingress/bookstore.yaml b/azure_jumpstart_arcbox/artifacts/devops_ingress/bookstore.yaml index a759ad6eb1..3062d655e3 100644 --- a/azure_jumpstart_arcbox/artifacts/devops_ingress/bookstore.yaml +++ b/azure_jumpstart_arcbox/artifacts/devops_ingress/bookstore.yaml @@ -24,22 +24,3 @@ spec: port: number: 14001 path: /bookstore-v2 -# --- -# kind: IngressBackend # Ingress Backend for Bookstore App -# apiVersion: policy.openservicemesh.io/v1alpha1 -# metadata: -# name: backend -# spec: -# backends: -# - name: bookstore -# port: -# number: 14001 -# protocol: http -# - name: bookstore-v2 -# port: -# number: 14001 -# protocol: http -# sources: -# - kind: Service -# namespace: ingress-nginx -# name: ingress-nginx-controller