Common
Azure Prerequisites
- An active Azure account
- A subscription available for deployment into, where you have
Ownerprivileges
DNS Domain Name / Zone resource in Azure
The reference architecture takes advantage of Azure DNS for create and allocate DNS host names to service APIs and web endpoints programmatically through code.
Please see the following guide for setting up a domainin in Azure DNS.
Required Azure Preview features
Please ensure that the following Azure Preview features listed in the table below are registered on the Azure subscription.
| Name | Documentation | Name Space | Feature Flag | Description | Azure PowerShell Command | Azure CLI Command |
|---|---|---|---|---|---|---|
| Host-based encryption on Azure Kubernetes Service (AKS) | docs.microsoft.com | “Microsoft.Compute” | “EncryptionAtHost” | The data stored on the VM host of your AKS agent nodes' VMs is encrypted at rest and flows encrypted to the Storage service. This means the temp disks are encrypted at rest with platform-managed keys | Register-AzProviderFeature -FeatureName "EncryptionAtHost" -ProviderNamespace "Microsoft.Compute" |
az feature register --namespace "Microsoft.Compute" --name "EncryptionAtHost" |
After applying all the feature registrations, please check that the registration state have fully registered, as it may take a few minutes, before deploying this reference architecture.
PowerShell
Get-AzProviderFeature -FeatureName "<Feature_Flag>" -ProviderNamespace "<NAME_SPACE>"
AZ CLI
az feature show --namespace "<NAME_SPACE>" --name "<Feature_Flag>"
Read about setting up Azure DNS in the next section.
Terraform State Managment
This reference architecture uses Terraform’s state store to manage the infrastructure and configuration lifecycle.
This state is used by Terraform to map real world resources to your configuration, keep track of metadata, and to improve performance for large infrastructures.
Ideally the state store should be stored and accessed remotely, but for simplicity for this blueprint Terraform’s state store locally in files named terraform.tfstate.
Export Terraform State Store, Terraform Varable and Certs
Runing this command will generate a export.zip in the root on the project, while you can right click on and download if on Github Codespaces.
$ make state-export
Import Terraform State Store, Terraform Varable and Certs
Importing a zip file called import.zip in the root on the project.
$ make state-import
Calls to Action
Read about the Azure DNS in the next section.