/
Installing DIGIT on Azure

Installing DIGIT on Azure

Owned by Sri Padma
Sept 21, 2023
2 min read

DIGIT services deployment in azure cloud platform

Pre-requisites

  • Make sure you have your azure account with necessary credentials.

  • Install golang Use these links to install- Linux or Windows or Mac

  • ​All DIGIT services are packaged using helm charts, Install helm using the link.

  • kubectl is a CLI to connect to the Kubernetes cluster on your machine

  • Install CURL for making API calls

  • Install Visualstudio IDE Code for better code visualization/editing capabilities

  • Install Postman to run digit bootstrap scripts

  • Install Terraform to provide infrastructure on Azure

  • Install Azure CLI and git

Infra-Setup

  • Clone the DIGIT-DevOps Repo and checkout to azure branch

    git clone https://github.com/egovernments/DIGIT-DevOps.git cd DIGIT-DevOps git checkout azure-install code .

  • go to the remote state in sample-azure directory

    cd infra-as-code/terraform/sample-azure/remote-state

  • login to azure using the below command in terminal

    az login

  • In variables.tf file update the variables

  • Run the below commands to create resource-group, storage-account and container

    terraform init terraform plan terraform apply

  • Copy the storage account name and go to sample-azure directory

    cd ..

  • Open main.tf file and update the below placeholder details

    ``` terraform { backend "azurerm" { resource_group_name = "<resource_group>" storage_account_name = "<storage_account>" container_name = "<container>" key = "terraform.tfstate" } } ```

  • To create client-id and client-secret with necessary permissions

    az ad sp create-for-rbac --name <sp_name> \ --role owner \ --scopes /subscriptions/<subscription_id>

  • Open variables.tf file and update the variables and run the below commands

    terraform init terraform plan terraform apply

Make a note of db_name and server_name

Use the below commad to get kubeconfig. It will automatically store your kubeconfig in .kube folder

az aks get-credentials --resource-group <resource_group_name> --name <cluster_name>

Check the kubeconfig and pods by running below commands

kubectl config get-contexts kubectl config use-context <cluster_name> kubectl get pods -A

Deployment

Go to environments directory and open egov-demo.yaml

cd ../../.. cd config-as-code/environments

Update the below configurations in egov-demo.yaml

global: domain: <domain_name> ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup cluster-configs: configmaps: egov-config: namespace: [ egov, monitoring ] data: db-host: <db_server_name>.postgres.database.azure.com ## Add db-host name eg: egov-demo.database.azure.com db-name: <db_name> ## Add db-name db-url: jdbc:postgresql://<db_host_name>/<db_name> ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: <domain_name> ## Add your Domain Name egov-services-fqdn-name: https://<domain_name>/ ## Add your Domain Name

Now, open egov-demo-secrets.yaml file and update db details and private key

cluster-configs: secrets: db: # update the postgres db credentials username: <db_username> password: <db_pwd> # must be more than 8 characters flywayUsername: <db_username> flywayPassword: <db_pwd> git-sync: ssh: | -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAg5idfPBCic+oyvNH4pkRm7OAO6bLDJT2sFtNHkXmVN3OGLUZ NBnXUEJS8Gkdal1JOhWSZBv6YBpOXX7m/sI3B3klxj5sLayyj9p21Yrc+Jcadsam XZWvl8nI1VZDBgmddnnWSHcYP+3kD6ChxykoVrbJKKi0PGNDYEKOLHvbQ/Qy5x6M w73xSlvF+80A3f7JhcssW/aZOIscTcNB8dAi84csjLcGIKQLKKB9omFbnd9Jh5V4 TipjkYWhxpYo3bRGL3MfwYjzq/dGHT0I72XoeD8TT5TqYATV05KSwYPWOfDoRSp6 LX3gyWFlibzwUkblL0rQqqEYXeXMpvUM3HadnQIDAQABAoIBACRz4Bw9yZC3L0CY x27ji9cfkAP2HgTsNrF/eQtLvZQApRh/Ae5Gwjf/R05FL9rI4IHwe86zWVXJs69+ eapUTj4JtwcFP54fWo8yqvxYLQHHiZMhT/BYiH15beJ6tLI1c6Lf+RW1t8fts+EI VAgBRKVQmMRkhxi7Pmypwwxbes+FrZKK28CkkE6oyTXNco1Fpw/Txn93bscHgf3+ 3bHjKJw6y3e+Zgg73oLdLRSUUgrgWRlb0ShlrGrgu1hXANFGLoRGPNas4AcbqzRZ 34a1ddroiXpcZdY+XHkLn1SupWyS0lj//EvGG0DjILjWYH1mLVsas/PB/l83T/O+ UyQ8OdkCgYEAx23W6NndOq6tPnGMdP1NUxXGy7WwahSszNy7PWzBmfYP5yByncWi lBNT2ahl26qiPt98EuHEotm2lVN+yF+8sVWZJeGYNp3A5CP/plkRfPeEmKP0sqyK 4BXgLca440/EsJnkwUOV26OOMnRu72wzJ2aUZO7l7bkyVZk7kwaIHN8CgYEAqOzg 5F1kuAd8qwodrquVc8P+iO8uJtBMZqjjwLVw/DyfA4Eq6kdLCWQMByRojXiFYg/1 X5xNiwLs/0qzEfh3ruBFahUNC2dzlEJwochDfXaKpCUDkxH7fKUhbMmij3s/C07Y js9OGdzxU3X/cGOSXONdHWDjuItoQkyANgcDmQMCgYA2uOYSqM1yr8Gr875lz6er F7uf5DAPO7Ma16qtNS1+kK1Wb2nj7voohZEplXK1rwGsHOjPyZGKWhEmsm2Ej/iX 9HP8mAWLXwgx0crxm1kYIFcLB1o6uOu2h2onRXMwNJA1IVVKzr/NL/jx0U8rdVYo BpbLh14iOAIeyNg3BMDOowKBgEK/lv2lia7OBozvKltioWNlBqbFG89qb0YBZj03 dLW2nn6cA4EfOp8zUS1hTY7ZGJtvAt4MvPc46LzXn3pyW5hWNhd8yfK/pgPnXOoQ X9qrhIzns0nhySWvek2qPvnDEV4+gYOslofRren0rkKSlbrufFSnfFPnggLwh5jR nLJRAoGAcQFfoWwwP5cpPM9g4WgaYENbV0BQchwwqti0TQWXrTUsgHCdHj+mrTv4 F0R/hKrVuk1WrWDK/nkL94gTytLsjS5wF84Na+QZKcVxEUqRhndHZomPX3iVRLkV MvayNKpGzZEs+Qd3WyJq4y19vWwhCFQ802Pa5IAOz+tPWNi/6v4= -----END RSA PRIVATE KEY-----

Generate ssh key pairs (Use either method (a) or method (b)) to update private key. a. Using online website (not recommended in prod setup. To be only used for demo setups):

https://8gwifi.org/sshfunctions.jsp

b. Using openssl :

openssl genpkey -algorithm RSA -out private_key.pem openssl rsa -pubout -in private_key.pem -out public_key.pem

Add the public key to your github account (reference:https://www.youtube.com/watch?v=9C7_jBn9XJ0&ab_channel=AOSNote )

Now, go to deployer directory

cd ../.. cd deploy-as-code/deployer go run standalone_installer.go

To deploy nginx-ingress run the below command

kubectl apply -f ../../config-as-code/helm/charts/backbone-services/azure-nginx/ingress.yaml

After successfully deploying all the services. Check the pods

kubectl get pods -A

Related content