Skip to main content

Installation

AosCloud Azure project

AosEdge cloud infrastructure is dep- loyed with Terraform and requires a few manual steps. This document assumes to use the Ubuntu system. It is possible to use other Linux-like systems, but this document only covers the Ubuntu system.

Currently, AosEdge Azure infrastructure installation supports 3 predefined environments:

  • dev
  • stage
  • prod

Note: You can use both one environment or three, depending on your needs. We recommend using stage and prod environments

Prerequisites

  • Container registry to transfer AosEdge images.
  • Email account for the AosEdge application notifications.
  • Domain name
  • The certificate for the domain has 4 options:
    • Pre-bought wildcard domain certificate
    • Letsencrypt certificate (automatically obtains)
    • Issued by AosCloud CA
    • Issued by Enterprise CA
    • Infrastructure repository on Gitlab
  • Kubernetes repository on Gitlab
  • Azure CLI
  • Azure extension graph
  • Terraform CLI
  • Terraform code provided by AosEdge team
  • Administrative rights for the Azure subscription

Install Azure CLI

sudo apt-get update
sudo apt-get install ca-certificates curl apt-transport-https lsb-release gnupg jq
curl -sL https://packages.microsoft.com/keys/microsoft.asc |
gpg --dearmor |
sudo tee /etc/apt/trusted.gpg.d/microsoft.gpg > /dev/null
AZ_REPO=$(lsb_release -cs)
echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO main" |
sudo tee /etc/apt/sources.list.d/azure-cli.list
sudo apt-get update
sudo apt-get install azure-cli

Install Terraform

sudo apt-get update && sudo apt-get install -y gnupg software-properties-common curl
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt-get update && sudo apt-get install terraform

Install Azure extension graph

az extension add --name resource-graph

Start working with the AosEdge project

This AosEdge project contains Terraform code, scripts, and Gitlab code

Installation flow

  1. setup
  2. infrastructure
  3. configuration
  4. image_build

Setup installation

The initial installation step "setup" starts locally. It assumes of creation the basic infrastructure background for the further installation

  • Move to the "terraform/setup/gitlab/<environment>" directory
  • Configure environment-wide variables in the "configuration-<environment>.auto.tfvars" file. To prevent committing sensitive data Terraform accepts variables from the environment or via the Terraform CLI 
      export TF_VAR_terraform_gitlab_repo_token="XXXXXXXX"
      export TF_VAR_smtp_mail_server_login="XXXXXXXX"
      export TF_VAR_smtp_mail_server_password="XXXXXXXX"
      az login
      terraform apply
    or 
    az login
    terraform apply \
    -var="terraform_gitlab_repo_token="XXXXXXX" \
    -var="smtp_mail_server_login="XXXXXXX" \
    -var="smtp_mail_server_password="XXXXXXX"

The setup code creates:

  • Resource group terraform
  • Resource group base
  • Resource group message-queue
  • Storage account for the Terraform remote state
  • Key Vault for the Terraform sensitive data
  • Network base
  • Network message-queue
  • Virtual machine with gitlab-runner
  • Identities and permissions
  • Variables for the future running with Gitlab CI/CD

After work is done, you can move Terraform tfstate files to the Azure storage account with the command below

az login
export ARM_SAS_TOKEN=$(az keyvault secret show --vault-name <project_name>-<environment>-keys2 -n SasToken --query value -o tsv)
terraform init \
-backend-config 'container_name=terraform' \
-backend-config 'storage_account_name=<project_name><environment><name>' \
-backend-config 'resource_group_name=<project_name>-<environment>-<name>' -reconfigure

To delete the setup deployment move to the "terraform/setup/gitlab/<environment>" directory and use the command below

terraform destroy

Infrastructure installation

  • You need open the previously-created Kubernetes repository on Gitlab (we assume that you use the same Gitlab server) and copy:
    • Kubernetes project id
    • Kubernetes project specific runner token
  • In your Infrastructure Gitlab repo, you need to create CI/CD variables with previously-copied values:
    • TF_VAR_kubernetes_gitlab_project_id
    • TF_VAR_kubernetes_repo_token
  • Configure variables in the "terraform/infrastructure/terraform.tfvars"
  • Commit and push the AosEdge project to the Infrastructure repo

Starting from here, further deployment is done automatically with the runner on Gitlab by committing and pushing the code to the Infrastructure repo

The main part of the Azure infrastructure installation. It may take a lot of time. Also, Terraform may produce unexpected errors. The reasons could be a misconfiguration or Terraform/Microsoft Azure API errors. Try to run a pipeline again and see if the error still exists.

To delete the infrastructure deployment move to the "terraform/infrastructure" directory and use the command below

az login
export ARM_SAS_TOKEN=$(az keyvault secret show --vault-name <project_name>-<environment>-keys2 -n SasToken --query value -o tsv)
terraform init \
-backend-config 'container_name=terraform' \
-backend-config 'storage_account_name=<project_name><environment><name>' \
-backend-config 'resource_group_name=<project_name>-<environment>-<name>' -reconfigure
terraform destroy

Manual steps

Configure CDN manually (this step doesn't have any automation tools): CDN configuration Add a role Virtual Machine Contributor for <project>-<environment>-aks-agentpool on AKS resource group Add the roles Disk Snapshot Contributor and Disk Restore Operator for <project>-<environment>-backup on AKS resource group Add AzureEctokenKey from CDN to appsec and tasksec