To deploy a sample of the Java Spring Petclinic micro-services application, Azure Kubernetes Service and supporting infrastructure all using Bicep from a single az deployment command.
Deploying web applications as part of a Bicep deployment is not a production pattern, but is great for producing samples quickly. #iac-code-golf
Rather than use publicly hosted docker images, we will import them into an Azure Container Registry where they can be scanned by Microsoft Defender before being used in Kubernetes.
AKS Construction is being leveraged to deploy a secure cluster in a simple way.
A simple helm chart for the PetClinic application has been created, read more about it here.
| Bicep File | Description |
|---|---|
| main.bicep | Orchestrates creation of all resources |
| aks-construction/main.bicep | Creates AKS and associated infrastructure components |
| importImages.bicep | Imports container images into ACR from DockerHub |
Two public registry bicep modules are leveraged in this sample.
Leveraging bicep modules from the public registry is a great way to save the complexity and repetition in your own IaC library.
module kubeNamespace 'br/public:deployment-scripts/aks-run-command:1.0.1' = {
module acrImport 'br/public:deployment-scripts/import-acr:2.0.1' = {The Azure CLI is the only prerequisite. If you deploy from the Azure CloudShell then this makes the process even simpler.
az group create -n aks-petclinic -l eastus
az deployment group create -g aks-petclinic -f main.bicep
az aks get-credentials -n aks-petclinic -g aks-petclinic
kubectl get pod -n spring-petclinic
kubectl get svc -n spring-petclinic
NAME READY STATUS RESTARTS AGE
api-gateway-5f74c7b69-flxrz 1/1 Running 0 12m
customers-db-mysql-0 1/1 Running 0 50m
customers-service-77449fc644-kfnlr 1/1 Running 0 12m
vets-db-mysql-0 1/1 Running 0 50m
vets-service-56d58bbdcb-vpr5z 1/1 Running 0 12m
visits-db-mysql-0 1/1 Running 0 50m
visits-service-8474b89fdc-g9lvh 1/1 Running 0 12m
wavefront-proxy-648f66bbc5-72gsx 0/1 CreateContainerConfigError 0 12m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
api-gateway LoadBalancer 172.10.122.227 20.232.248.202 80:31524/TCP 12m
customers-db-mysql ClusterIP 172.10.123.52 <none> 3306/TCP 50m
customers-db-mysql-headless ClusterIP None <none> 3306/TCP 50m
customers-service ClusterIP 172.10.79.168 <none> 8080/TCP 12m
vets-db-mysql ClusterIP 172.10.222.167 <none> 3306/TCP 50m
vets-db-mysql-headless ClusterIP None <none> 3306/TCP 50m
vets-service ClusterIP 172.10.247.35 <none> 8080/TCP 12m
visits-db-mysql ClusterIP 172.10.147.205 <none> 3306/TCP 50m
visits-db-mysql-headless ClusterIP None <none> 3306/TCP 50m
visits-service ClusterIP 172.10.184.235 <none> 8080/TCP 12m
wavefront-proxy ClusterIP 172.10.234.200 <none> 2878/TCP,9411/TCP 12m
| Issue | Error | Impact | Summary |
|---|---|---|---|
| Wavefront | Error: secret "wavefront" not found | This is an optional step to make use of VMWare Tanzu Observability. | Ideally we need to enhance helm chart to make wavefront install conditional. Additionally we can look to enable Azure Application Insights as a further option. |
This repo uses git submodules. The following commands were run to clone the respective repositories at a point in time. This was done rather than forking as
- This project will not be contributing back to the Petclinic sample
- Submodules captures the repo at a point in time, which is good for our sample. We can fetch latest and test as this sample is periodically reviewed.
git submodule add https://github.com/Azure/AKS-Construction.git aks-construction
git submodule add https://github.com/spring-petclinic/spring-petclinic-cloud.git spring-petclinic-cloud