- Notifications
You must be signed in to change notification settings - Fork909
docs: add documentation for installing Coder on Azure with Kubernetes#16216
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Draft
EdwardAngert wants to merge7 commits intomainChoose a base branch
base:main
Could not load branches
Branch not found:{{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline, and old review comments may become outdated.
+182 −4
Draft
Changes fromall commits
Commits
Show all changes
7 commits Select commitHold shift + click to select a range
3ba3ba1 add kubernetes azure app gateway doc
EdwardAngert63954f1 link to k8s-azure-app-gateway
EdwardAngertffc1093 Update docs/install/kubernetes/kubernetes-azure-app-gateway.md
EdwardAngert315b07f add step to create postgresql secret
EdwardAngertf2206b6 version bump
EdwardAngert35cff83 Merge remote-tracking branch 'origin/main' into 16074-azure-app-gateway
EdwardAngert08b4aa4 Merge branch 'main' into 16074-azure-app-gateway
EdwardAngertFile filter
Filter by extension
Conversations
Failed to load comments.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Jump to
Jump to file
Failed to load files.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Diff view
Diff view
There are no files selected for viewing
10 changes: 7 additions & 3 deletionsdocs/install/kubernetes.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
167 changes: 167 additions & 0 deletionsdocs/install/kubernetes/kubernetes-azure-app-gateway.md
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Since this is a tutorial, should we move it to the tutorials section? We can still link to it from the installation section. Another suggestion is to update the documentation engine to list all documents with a These comments are non-blocking, so please proceed, and you can consider them at a later time. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. I haven't really decided on what should definitely be Tutorials vs what shouldn't - in this case, I think this is closest to steps a user would take as part of a K8s install whereas something in Tutorials might combine several different processes in one place. also:#16428 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,167 @@ | ||
| # Deploy Coder on Azure with an Application Gateway | ||
| In certain enterprise environments, the [Azure Application Gateway](https://learn.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview) is required. | ||
| These steps serve as a proof-of-concept example so that you can get Coder running with Kubernetes on Azure. Your deployment might require a separate Postgres server or signed certificates. | ||
| The Application Gateway supports: | ||
| - Websocket traffic (required for workspace connections) | ||
| - TLS termination | ||
| Refer to Microsoft's documentation on how to [enable application gateway ingress controller add-on for an existing AKS cluster with an existing application gateway](https://learn.microsoft.com/en-us/azure/application-gateway/tutorial-ingress-controller-add-on-existing). | ||
| The steps here follow the Microsoft tutorial for a Coder deployment. | ||
| ## Deploy Coder on Azure with an Application Gateway | ||
| 1. Create Azure resource group: | ||
| ```sql | ||
| az group create --name myResourceGroup --location eastus | ||
| ``` | ||
| 1. Create AKS cluster: | ||
| ```sql | ||
| az aks create --name myCluster --resource-group myResourceGroup --network-plugin azure --enable-managed-identity --generate-ssh-keys | ||
| ``` | ||
| 1. Create public IP: | ||
| ```sql | ||
| az network public-ip create --name myPublicIp --resource-group myResourceGroup --allocation-method Static --sku Standard | ||
| ``` | ||
| 1. Create VNet and subnet: | ||
| ```sql | ||
| az network vnet create --name myVnet --resource-group myResourceGroup --address-prefix 10.0.0.0/16 --subnet-name mySubnet --subnet-prefix 10.0.0.0/24 | ||
| ``` | ||
| 1. Create Azure application gateway, attach VNet, subnet and public IP: | ||
| ```sql | ||
| az network application-gateway create --name myApplicationGateway --resource-group myResourceGroup --sku Standard_v2 --public-ip-address myPublicIp --vnet-name myVnet --subnet mySubnet --priority 100 | ||
| ``` | ||
| 1. Get app gateway ID: | ||
| ```sql | ||
| appgwId=$(az network application-gateway show --name myApplicationGateway --resource-group myResourceGroup -o tsv --query "id") | ||
| ``` | ||
| 1. Enable app gateway ingress to AKS cluster: | ||
| ```sql | ||
| az aks enable-addons --name myCluster --resource-group myResourceGroup --addon ingress-appgw --appgw-id $appgwId | ||
| ``` | ||
| 1. Get AKS node resource group: | ||
| ```sql | ||
| nodeResourceGroup=$(az aks show --name myCluster --resource-group myResourceGroup -o tsv --query "nodeResourceGroup") | ||
| ``` | ||
| 1. Get AKS VNet name: | ||
| ```sql | ||
| aksVnetName=$(az network vnet list --resource-group $nodeResourceGroup -o tsv --query "[0].name") | ||
| ``` | ||
| 1. Get AKS VNet ID: | ||
| ```sql | ||
| aksVnetId=$(az network vnet show --name $aksVnetName --resource-group $nodeResourceGroup -o tsv --query "id") | ||
| ``` | ||
| 1. Peer VNet to AKS VNet: | ||
| ```sql | ||
| az network vnet peering create --name AppGWtoAKSVnetPeering --resource-group myResourceGroup --vnet-name myVnet --remote-vnet $aksVnetId --allow-vnet-access | ||
| ``` | ||
| 1. Get app gateway VNet ID: | ||
| ```sql | ||
| appGWVnetId=$(az network vnet show --name myVnet --resource-group myResourceGroup -o tsv --query "id") | ||
| ``` | ||
| 1. Peer AKS VNet to app gateway VNet: | ||
| ```sql | ||
| az network vnet peering create --name AKStoAppGWVnetPeering --resource-group $nodeResourceGroup --vnet-name $aksVnetName --remote-vnet $appGWVnetId --allow-vnet-access | ||
| ``` | ||
| 1. Get AKS credentials: | ||
| ```sql | ||
| az aks get-credentials --name myCluster --resource-group myResourceGroup | ||
| ``` | ||
| 1. Create Coder namespace: | ||
| ```shell | ||
| kubectl create ns coder | ||
| ``` | ||
| 1. Deploy non-production PostgreSQL instance to AKS cluster: | ||
| ```shell | ||
| helm repo add bitnami https://charts.bitnami.com/bitnami | ||
| helm install coder-db bitnami/postgresql \ | ||
| --namespace coder \ | ||
| --set auth.username=coder \ | ||
| --set auth.password=coder \ | ||
| --set auth.database=coder \ | ||
| --set persistence.size=10Gi | ||
| ``` | ||
| 1. Create the PostgreSQL secret: | ||
| ```shell | ||
| kubectl create secret generic coder-db-url -n coder --from-literal=url="postgres://coder:coder@coder-db-postgresql.coder.svc.cluster.local:5432/coder?sslmode=disable" | ||
| ``` | ||
| 1. Deploy Coder to AKS cluster: | ||
| ```shell | ||
| helm repo add coder-v2 https://helm.coder.com/v2 | ||
| helm install coder coder-v2/coder \ | ||
| --namespace coder \ | ||
| --values values.yaml \ | ||
| --version 2.18.5 | ||
| ``` | ||
| 1. Clean up Azure resources: | ||
| ```sql | ||
| az group delete --name myResourceGroup | ||
| az group delete --name MC_myResourceGroup_myCluster_eastus | ||
| ``` | ||
| 1. Deploy the gateway - this needs clarification | ||
| 1. After you deploy the gateway, add the following entries to Helm's `values.yaml` file before you deploy Coder: | ||
| ```yaml | ||
| service: | ||
| enable: true | ||
| type: ClusterIP | ||
| sessionAffinity: None | ||
| externalTrafficPolicy: Cluster | ||
| loadBalancerIP: "" | ||
| annotations: {} | ||
| httpNodePort: "" | ||
| httpsNodePort: "" | ||
| ingress: | ||
| enable: true | ||
| className: "azure-application-gateway" | ||
| host: "" | ||
| wildcardHost: "" | ||
| annotations: {} | ||
| tls: | ||
| enable: false | ||
| secretName: "" | ||
| wildcardSecretName: "" | ||
| ``` |
9 changes: 8 additions & 1 deletiondocs/manifest.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.