Skip to content

Latest commit

 

History

History
75 lines (43 loc) · 2.32 KB

README.md

File metadata and controls

75 lines (43 loc) · 2.32 KB
Raw

Deployment

Pre-requisites

Windows

# run as Admin
choco install kubernetes-helm

Local environment

./run-dapr-local.ps1

Azure Kubernetes Services (AKS)

# Change ./vars.ps1 to suit
./deploy.ps1

K8s cheatsheet

# Get list of pods
kubectl get pods

# Get metrics for the app and container
kubectl logs --selector=app=tournaments -c gameontournaments --tail 100
kubectl logs --selector=app=users -c gameonusers --tail 100

# Restart pods (deployment)
kubectl rollout restart deployment tournaments
kubectl rollout restart deployment users

Manual steps

Create/renew SSL cert

Can't automate SSL certs for Apex domains 😢

https://docs.microsoft.com/en-us/azure/key-vault/certificates/create-certificate-signing-request?tabs=azure-portal#add-certificates-in-key-vault-issued-by-non-partnered-cas

  1. Create CSR in Key Vault
  2. Request cert in DigiCert
  3. Merge cert

Grant KV permission to AFD: https://docs.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain-https#option-2-use-your-own-certificate

  1. Create a new access policy
  2. Search for ad0e1c7e-6d38-4ba4-9efd-0bc77ba9f037 and choose Microsoft.Azure.Frontdoor
  3. Grant Secret=Get and Certificate=Get permisions
  4. Make sure click all of the save buttons! 😬

Now you are ready to run deploy-storage.ps1

Testing

See test/example.http for requests you can use for testing with VSCode REST Extension.

If you need a bearer token, visit https://gameon.nz/developer. Or https://mobilefirstcloudfirst.net/2019/09/use-vscode-rest-client-plugin-oauth-azure-active-directory/.

References & links

Troubleshooting Issuing ACME Certificates

How to configure Azure Key Vault and Kubernetes to use Azure Managed Identities to access secrets

Running your first app in Kubernetes

Dapr K8s annotations

Debugging Common Dapr Issues