Configure and deploy an Azure App Service #74
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| ## Azure App Service | ||
|
|
||
| Build, deploy, and scale enterprise-grade web, mobile, and API apps running on any platform. Meet rigorous performance, scalability, security and compliance requirements while using a fully managed platform to perform infrastructure maintenance. | ||
|
|
||
| More information for Azure App Services can be found [here](https://azure.microsoft.com/en-us/services/app-service/) | ||
|
|
||
| Cobalt gives ability to specify following settings for App Service based on the requirements: | ||
| - name : The name of the App Service. | ||
| - resource_group_name : The Name of the Resource Group where the App Service exists. | ||
| - location : The Azure location where the App Service exists. | ||
| - app_service_plan_id : The ID of the App Service Plan within which the App Service exists. | ||
| - tags : A mapping of tags to assign to the resource. | ||
|
|
||
| Please click the [link](https://www.terraform.io/docs/providers/azurerm/d/app_service.html) to get additional details on settings in Terraform for Azure App Service. | ||
|
|
||
| ## Usage | ||
erikschlegel marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| ``` | ||
| variable "name" { | ||
| default = "prod" | ||
| } | ||
|
|
||
| variable "location" { | ||
| default = "eastus" | ||
| } | ||
|
|
||
| resource "azurerm_app_service" "appsvc" { | ||
|
There was a problem hiding this comment. The documented usage should be aligned with how we're using these modules in our own templates. That being said, we should reference our own modules as terraform modules. There was a problem hiding this comment. The module is being defined here. And the module usage is defined below. There was a problem hiding this comment. the goal of these modules is for developers to avoid explicitly defining resource like this There was a problem hiding this comment. But the actual usage is after the definition. A couple more lines down, the example usage specifies how it has to be used. There was a problem hiding this comment. my comment was not addressed. The documentation seems a bit confusing as this section represents how a developer would use the There was a problem hiding this comment. Here's an usage documentation example for how the load balancer module is defined https://github.com/Azure/terraform-azurerm-loadbalancer |
||
| name = "${var.app_service_name}" | ||
| location = "${azurerm_resource_group.appsvc.location}" | ||
| resource_group_name = "${azurerm_resource_group.appsvc.name}" | ||
| app_service_plan_id = "${var.app_service_plan_id}" | ||
| tags = "${var.resource_tags}" | ||
| } | ||
| ``` | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| resource "azurerm_resource_group" "appsvc" { | ||
manojvazirani marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| name = "${var.resource_group_name}" | ||
| location = "${var.resource_group_location}" | ||
| tags = "${var.resource_tags}" | ||
| } | ||
|
|
||
| resource "azurerm_app_service" "appsvc" { | ||
| name = "${var.app_service_name}" | ||
| location = "${azurerm_resource_group.appsvc.location}" | ||
| resource_group_name = "${azurerm_resource_group.appsvc.name}" | ||
|
There was a problem hiding this comment. to be clear, the resource group reference should be the one from the app service plan. There was a problem hiding this comment. The referencing happens at azure-simple level as compared to module definition level as explained above. There was a problem hiding this comment. the variable name is There was a problem hiding this comment. There are a couple of reasons for this approach:
|
||
| app_service_plan_id = "${var.app_service_plan_id}" | ||
|
There was a problem hiding this comment. the |
||
| tags = "${var.resource_tags}" | ||
| } | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| output "resource_group_name" { | ||
| description = "The name of the resource group created" | ||
| value = "${azurerm_resource_group.appsvc.name}" | ||
| } | ||
|
|
||
| output "app_service_uri" { | ||
| description = "The URL of the app service created" | ||
| value = "${azurerm_app_service.appsvc.default_site_hostname}" | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| variable "resource_group_name" { | ||
| description = "The name of the resource group in which to create the storage account. Changing this forces a new resource to be created. If omitted, will create a new RG based on the `name` above" | ||
| type = "string" | ||
| } | ||
|
|
||
| variable "resource_group_location" { | ||
| description = "Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. The full list of Azure regions can be found at https://azure.microsoft.com/regions" | ||
| type = "string" | ||
| } | ||
|
|
||
| variable "resource_tags" { | ||
| description = "Map of tags to apply to taggable resources in this module. By default the taggable resources are tagged with the name defined above and this map is merged in" | ||
| type = "map" | ||
| default = {} | ||
| } | ||
|
|
||
| variable "app_service_plan_id" { | ||
| description = "The ID of the service plan under which the app service needs to be created" | ||
| type = "string" | ||
| } | ||
|
|
||
| variable "app_service_name" { | ||
| description = "The name of the app service to be created" | ||
| type = "string" | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -65,4 +65,4 @@ resource "null_resource" "example" { | |
| command = "execute shell script" | ||
| } | ||
| } | ||
| ``` | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -12,4 +12,4 @@ provider "null" { | |
|
|
||
| provider "azuread" { | ||
| version = "~>0.1" | ||
| } | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -5,6 +5,7 @@ variable "resource_group_name" { | |
|
|
||
| variable "resource_group_location" { | ||
| description = "Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. The full list of Azure regions can be found at https://azure.microsoft.com/regions" | ||
| type = "string" | ||
| } | ||
|
|
||
| variable "resource_tags" { | ||
|
|
@@ -19,18 +20,18 @@ variable "service_plan_name" { | |
| } | ||
|
|
||
| variable "service_plan_tier" { | ||
| description = "The tier under which the service plan is created. Details can be found at https://docs.microsoft.com/en-us/azure/app-service/overview-hosting-plans" | ||
manojvazirani marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| default = "Isolated" | ||
|
There was a problem hiding this comment. This should not default to isolated as some developers will not need to run this on a private vnet. If a developer needs to run this in a vnet then we should provide a template to automate that and add this default in the relevant TF template(s). There was a problem hiding this comment. This is what we had discussed in the meeting on call with @code4clouds. I did not have a default value before but we agreed to add this default for Service plans inside vnet based on the Game plan document. There was a problem hiding this comment. we discussed adding this default in the template There was a problem hiding this comment. This is a design decision that should be approved by @James-Nance @day-jeff . If we are building an Enterprise level App Reference then Isolated should be mandatory as this is the most secure way to protect the information flowing between the services. Enterprise App Reference in my head = PII, information that shouldn't be tampered or exposed outside of a VNET. There was a problem hiding this comment. This isn’t a design decision as vnets are out of scope for this particular user story🙂. Generally speaking, we still need to do more research to double check whether isolated app service is required for private vnets / app services. This particular module will be used by developers for app service plans which don’t necessarily require a private vnet. Isolated app services may make sense in certain scenarios but are expensive Instance. This decision is specific to the deployment environment(template) as this module will be used for azure customer / developer(s) interested in deploying app services. |
||
| } | ||
|
|
||
| variable "service_plan_size" { | ||
| description = "The compute and storage needed for the service plan to be deployed. Details can be found at https://azure.microsoft.com/en-us/pricing/details/app-service/windows/" | ||
| default = "S1" | ||
| } | ||
|
|
||
| variable "service_plan_kind" { | ||
| description = "The kind of Service Plan to be created. Possible values are Windows/Linux/FunctionApp/App" | ||
erikschlegel marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| default = "Linux" | ||
| } | ||
|
|
||
| variable "service_plan_capacity" { | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
General note, please update the usage section of the readme for the service plan module so that cobalt users have more context on how to define and configure there module.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, let me open a new PR with the documentation changes for service plan.