DEV Community

Cover image for Deploying a fullstack app using terraform to provision ACR,AKS,and Azure SQL database.
emmilly immaculate
emmilly immaculate

Posted on • Updated on

Deploying a fullstack app using terraform to provision ACR,AKS,and Azure SQL database.

#devops #kubernetes #azure #node

This article shows a step by step of how i accomplished my final project fro the She Code Africa Cloud School Program 2023.

I managed to complete the project within a few days and with technologies such as Docker, Azure Container registry ,Azure kubernetes Service and Azure SQL Database.

I decide to use terraform to provison the infrastructure which included :

  • Azure Container Registry
  • Azure Kubernetes Service
  • Azure SQL Database with sample database

Image

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 2.65"
    }

    random = {
      source  = "hashicorp/random"
      version = "3.1.0"
    }
  }
}

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "emmilly-rg" {
  name     = "emmilly_mssql_acr_aks_rg"
  location = "South Africa North"
}

resource "azurerm_container_registry" "emmilly-acr" {
  name                = "emmillyacr"
  sku                 = "Premium"
  resource_group_name = azurerm_resource_group.emmilly-rg.name
  location            = azurerm_resource_group.emmilly-rg.location
}

resource "azurerm_kubernetes_cluster" "emmilly-k8s-cluster" {
  name                = "emmilly-aks"
  location            = azurerm_resource_group.emmilly-rg.location
  resource_group_name = azurerm_resource_group.emmilly-rg.name
  dns_prefix          = "emmilly-dns"
  public_network_access_enabled = true

  network_profile {
    network_plugin = "kubenet"
    load_balancer_sku = "standard"  
  }

  default_node_pool {
    name       = "default"
    node_count = 1
    vm_size    = "Standard_D2_v2"
  }

  identity {
    type = "SystemAssigned"
  }

  tags = {
    Environment = "Production"
  }
}
resource "azurerm_role_assignment" "enablePulling" {
  principal_id                     = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kubelet_identity[0].object_id
  role_definition_name             = "AcrPull"
  scope                            = azurerm_container_registry.emmilly-acr.id
  skip_service_principal_aad_check = true
}



resource "azurerm_mssql_server" "test-server" {
  name                         = "sqltest-server-emmilly"
  resource_group_name          = azurerm_resource_group.emmilly-rg.name
  location                     = azurerm_resource_group.emmilly-rg.location
  version                      = "12.0"
  administrator_login          = "emmilly"
  administrator_login_password = "emily@256"
  minimum_tls_version          = "1.2"

}

resource "azurerm_mssql_database" "test-db" {
  name           = "sqltest"
  server_id      = azurerm_mssql_server.test-server.id
  collation      = "SQL_Latin1_General_CP1_CI_AS"
  license_type   = "LicenseIncluded"
  read_scale     = false
  sku_name       = "S0"
  zone_redundant = false
  sample_name    = "AdventureWorksLT"

  tags = {
    dev = "Production"
  }
}
output "client_certificate" {
  value = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kube_config.0.client_certificate
}

output "kube_config" {
  value = azurerm_kubernetes_cluster.emmilly-k8s-cluster.kube_config_raw

  sensitive = true
}
Enter fullscreen mode Exit fullscreen mode

So after i wrote the terraform file, i validated and applied the file using.

Initialise terraform in the terminal.

terraform init
Enter fullscreen mode Exit fullscreen mode

rinit

terraform validate
Enter fullscreen mode Exit fullscreen mode

terraform

terraform apply -auto-approve
Enter fullscreen mode Exit fullscreen mode

apply

After provisioning the resources, i could see them on my portal.

provisioned

Next i added a docker file to my node js application and built an image from it and tag it

docker build . -t shecloud
Enter fullscreen mode Exit fullscreen mode 
docker tag shecloud <loginservername/shecloud>
Enter fullscreen mode Exit fullscreen mode

build

Check built images with

docker images
Enter fullscreen mode Exit fullscreen mode

Images

Next we had to log into the regisrty using docker

docker login <login server name>
Enter fullscreen mode Exit fullscreen mode

To see your server username an password, enable the button.
I

login

login2

To see your registry loginserver

reg

docker push shecloud <loginservername>/shecloud
Enter fullscreen mode Exit fullscreen mode

push

After pushing, we should be able to see out image under repositories in the Azure Container registry.

registry

Next login to be able to deploy to kubernetes.

az login
Enter fullscreen mode Exit fullscreen mode 
az account set --subscription xxxxxx-xxxx-xxxx-xxxxxx
Enter fullscreen mode Exit fullscreen mode 
az aks get-credentials --resource-group <resource group nae> --name <aks name>
Enter fullscreen mode Exit fullscreen mode

credential

kubectl get nodes
Enter fullscreen mode Exit fullscreen mode

nodes

Next i deployed using this yaml file.


apiVersion: apps/v1
kind: Deployment
metadata:
  name: azure-shecloud
spec:
  replicas: 1
  selector:
    matchLabels:
      app: azure-shecloud
  template:
    metadata:
      labels:
        app: azure-shecloud
    spec:
      nodeSelector:
        "kubernetes.io/os": linux
      containers:
      - name: azure-shecloud
        image: emmillyacr.azurecr.io/shecloud:latest
        env:
        - name: ALLOW_EMPTY_PASSWORD
          value: "yes"
        resources:
          requests:
            cpu: 100m
            memory: 128Mi
          limits:
            cpu: 250m
            memory: 256Mi
        ports:
        - containerPort: 3000
          name: azure-shecloud
---
apiVersion: v1
kind: Service
metadata:
  name: azure-shecloud
spec:
  type: LoadBalancer  
  ports:
  - port: 3000
  selector:
    app: azure-shecloud
---
Enter fullscreen mode Exit fullscreen mode 
 kubectl apply -f node_sql.yaml
Enter fullscreen mode Exit fullscreen mode

yaml file

Net to see the external ip Of the app we use

kubectl get svc
Enter fullscreen mode Exit fullscreen mode

service

Next we move to the portal to the database server network allow ips access.

ips
NB: be sure to tick the box allowing services access server.

tick

Click save to save the changes .

When we check the External ip 20.87.94.72:3000

webapp

Top comments (0)

Read next

rose_rusell_8839af0b0bba5 profile image

AlmaLinux vs Rocky Linux: Which CentOS Replacement is Right for You?

rose rusell -

minab profile image

The perfect blend: Coffee and Cyber

Mina -

notharshhaa profile image

Python for DevOps: A Comprehensive Guide from Beginner to Advanced

H A R S H H A A -

s3cloudhub profile image

AWS SysOps Administrator: A Complete Guide to Cloud Management

S3CloudHub -