-
Notifications
You must be signed in to change notification settings - Fork 77
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configure and deploy an Azure App Service #74
Changes from 16 commits
1560daf
915db60
21f6622
c2ae75c
75349a7
8f06b15
9956e8f
abbf4cb
9ae78d9
f0b3190
e023a40
0f58958
d5eee4e
5731e96
caad189
8c5160d
d9a5c17
a990bea
cf12dea
4c4348b
2b8c7df
d2215f7
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
## Azure App Service | ||
|
||
Build, deploy, and scale enterprise-grade web, mobile, and API apps running on any platform. Meet rigorous performance, scalability, security and compliance requirements while using a fully managed platform to perform infrastructure maintenance. | ||
|
||
More information for Azure App Services can be found [here](https://azure.microsoft.com/en-us/services/app-service/) | ||
|
||
Cobalt gives ability to specify following settings for App Service based on the requirements: | ||
- name : The name of the App Service. | ||
- resource_group_name : The Name of the Resource Group where the App Service exists. | ||
- location : The Azure location where the App Service exists. | ||
- app_service_plan_id : The ID of the App Service Plan within which the App Service exists. | ||
- tags : A mapping of tags to assign to the resource. | ||
|
||
Please click the [link](https://www.terraform.io/docs/providers/azurerm/d/app_service.html) to get additional details on settings in Terraform for Azure App Service. | ||
|
||
## Usage | ||
erikschlegel marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
``` | ||
variable "name" { | ||
default = "prod" | ||
} | ||
|
||
variable "location" { | ||
default = "eastus" | ||
} | ||
|
||
resource "azurerm_app_service" "appsvc" { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The documented usage should be aligned with how we're using these modules in our own templates. That being said, we should reference our own modules as terraform modules. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The module is being defined here. And the module usage is defined below. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. the goal of these modules is for developers to avoid explicitly defining resource like this There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. But the actual usage is after the definition. A couple more lines down, the example usage specifies how it has to be used. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. my comment was not addressed. The documentation seems a bit confusing as this section represents how a developer would use the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Here's an usage documentation example for how the load balancer module is defined https://github.com/Azure/terraform-azurerm-loadbalancer |
||
name = "${var.app_service_name}" | ||
location = "${azurerm_resource_group.appsvc.location}" | ||
resource_group_name = "${azurerm_resource_group.appsvc.name}" | ||
app_service_plan_id = "${var.app_service_plan_id}" | ||
tags = "${var.resource_tags}" | ||
} | ||
``` |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
resource "azurerm_resource_group" "appsvc" { | ||
manojvazirani marked this conversation as resolved.
Show resolved
Hide resolved
|
||
name = "${var.resource_group_name}" | ||
location = "${var.resource_group_location}" | ||
tags = "${var.resource_tags}" | ||
} | ||
|
||
resource "azurerm_app_service" "appsvc" { | ||
name = "${var.app_service_name}" | ||
location = "${azurerm_resource_group.appsvc.location}" | ||
resource_group_name = "${azurerm_resource_group.appsvc.name}" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. to be clear, the resource group reference should be the one from the app service plan. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The referencing happens at azure-simple level as compared to module definition level as explained above. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. the variable name is There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. There are a couple of reasons for this approach:
|
||
app_service_plan_id = "${var.app_service_plan_id}" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. the |
||
tags = "${var.resource_tags}" | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
output "resource_group_name" { | ||
description = "The name of the resource group created" | ||
value = "${azurerm_resource_group.appsvc.name}" | ||
} | ||
|
||
output "app_service_uri" { | ||
description = "The URL of the app service created" | ||
value = "${azurerm_app_service.appsvc.default_site_hostname}" | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
variable "resource_group_name" { | ||
description = "The name of the resource group in which to create the storage account. Changing this forces a new resource to be created. If omitted, will create a new RG based on the `name` above" | ||
type = "string" | ||
} | ||
|
||
variable "resource_group_location" { | ||
description = "Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. The full list of Azure regions can be found at https://azure.microsoft.com/regions" | ||
type = "string" | ||
} | ||
|
||
variable "resource_tags" { | ||
description = "Map of tags to apply to taggable resources in this module. By default the taggable resources are tagged with the name defined above and this map is merged in" | ||
type = "map" | ||
default = {} | ||
} | ||
|
||
variable "app_service_plan_id" { | ||
description = "The ID of the service plan under which the app service needs to be created" | ||
type = "string" | ||
} | ||
|
||
variable "app_service_name" { | ||
description = "The name of the app service to be created" | ||
type = "string" | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -65,4 +65,4 @@ resource "null_resource" "example" { | |
command = "execute shell script" | ||
} | ||
} | ||
``` | ||
``` |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -12,4 +12,4 @@ provider "null" { | |
|
||
provider "azuread" { | ||
version = "~>0.1" | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,6 +5,7 @@ variable "resource_group_name" { | |
|
||
variable "resource_group_location" { | ||
description = "Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. The full list of Azure regions can be found at https://azure.microsoft.com/regions" | ||
type = "string" | ||
} | ||
|
||
variable "resource_tags" { | ||
|
@@ -19,18 +20,18 @@ variable "service_plan_name" { | |
} | ||
|
||
variable "service_plan_tier" { | ||
description = "The tier under which the service plan is created. Details can be found at https://docs.microsoft.com/en-us/azure/app-service/overview-hosting-plans" | ||
default = "Isolated" | ||
description = "The tier under which the service plan is created. Details can be found at https://docs.microsoft.com/en-us/azure/app-service/overview-hosting-plans" | ||
manojvazirani marked this conversation as resolved.
Show resolved
Hide resolved
|
||
default = "Isolated" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This should not default to isolated as some developers will not need to run this on a private vnet. If a developer needs to run this in a vnet then we should provide a template to automate that and add this default in the relevant TF template(s). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is what we had discussed in the meeting on call with @code4clouds. I did not have a default value before but we agreed to add this default for Service plans inside vnet based on the Game plan document. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. we discussed adding this default in the template There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is a design decision that should be approved by @James-Nance @day-jeff . If we are building an Enterprise level App Reference then Isolated should be mandatory as this is the most secure way to protect the information flowing between the services. Enterprise App Reference in my head = PII, information that shouldn't be tampered or exposed outside of a VNET. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This isn’t a design decision as vnets are out of scope for this particular user story🙂. Generally speaking, we still need to do more research to double check whether isolated app service is required for private vnets / app services. This particular module will be used by developers for app service plans which don’t necessarily require a private vnet. Isolated app services may make sense in certain scenarios but are expensive Instance. This decision is specific to the deployment environment(template) as this module will be used for azure customer / developer(s) interested in deploying app services. |
||
} | ||
|
||
variable "service_plan_size" { | ||
description = "The compute and storage needed for the service plan to be deployed. Details can be found at https://azure.microsoft.com/en-us/pricing/details/app-service/windows/" | ||
default = "S1" | ||
description = "The compute and storage needed for the service plan to be deployed. Details can be found at https://azure.microsoft.com/en-us/pricing/details/app-service/windows/" | ||
default = "S1" | ||
} | ||
|
||
variable "service_plan_kind" { | ||
description = "The kind of Service Plan to be created. Possible values are Windows/Linux/FunctionApp/App" | ||
default = "Linux" | ||
description = "The kind of Service Plan to be created. Possible values are Windows/Linux/FunctionApp/App" | ||
erikschlegel marked this conversation as resolved.
Show resolved
Hide resolved
|
||
default = "Linux" | ||
} | ||
|
||
variable "service_plan_capacity" { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
General note, please update the usage section of the readme for the service plan module so that cobalt users have more context on how to define and configure there module.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, let me open a new PR with the documentation changes for service plan.