Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Managing Azure services and related components
DuploCloud provides a number of configurable components when running Microsoft Azure's Managed Kubernetes Service (AKS).
Applications involve many Azure Services like Storage Account, RDS for RDBS (MySQL), Redis, VM Scale Sets, Ingress, ALB/NLB load balancers, and so on. While each of their configurations needs a few application-centric inputs, there are scores of lower-level nuances around access control, security, and compliance.
Using DuploCloud you can create virtually any service within the Tenant using basic application-centric inputs. At the same time, the platform will make sure the lower-level nuances are programmed to best practices for security and compliance.
Supported Services are listed in alphabetical order, following the core services: Containers, Load Balancers, and Storage.
Add and configure Load Balancers with DuploCloud Azure
Load Balancers are essential when running a service. They expose the containers and images in which your application resides. When your containers are run inside a private network, you need a load balancer to listen on the correct ports to access the application.
If you need to create an Ingress Load Balancer, refer to the AKS Ingress page in the DuploCloud Kubernetes User Guide.
DuploCloud allows no more than one (0 or 1) Load Balancer per DuploCloud Service.
Add a load balancer listener that uses the Kubernetes NodePort (K8S NodePort).
Several Load Balancers are available for Azure. See the Azure Documentation for a comparison of each option.
Application LB (Standard load balancer)
Shared App Gateway
Classic (Basic load balancer)
Health Check - Selecting this load balancer allows the Application LB (Standard load balancer) to use Kubernetes Health Check to determine whether your service is running properly.
You must create Services before adding load balancers and listeners. In this example, we name these services s1-alb and s4-nlb, respectively.
In the DuploCloud Portal, navigate Kubernetes -> Services.
On the Services page, select the Service name in the Name column.
Click the Load Balancers tab.
Click Configure Load Balancer. The Add Load Balancer Listener pane appears.
Select a type (such as K8S Node Port) in the Select Type field.
Add the Kubernetes Health Check URL for this container in the Health Check field.
Complete the other fields in the Add Load Balancer Listener and click Add.
Rules specify specific configurations for various types of Load Balancers.
See the Ingress use case for an example of how to configure Load Balancers using rules.
Set Docker registry credentials
In the DuploCloud Portal, navigate to Docker -> Services. Docker registry credentials are passed to the Kubernetes cluster as kubernetes.io/dockerconfigjson
.
Click Docker Credentials. The Set Docker registry Creds pane displays.
Supply the credentials and click Submit.
Enable the Docker Shell Service by clicking Enable Docker Shell.
You can pull images from multiple Docker registries by adding multiple Docker Registry Credentials.
In the DuploCloud Portal, click Administrator -> Plan. The Plans page displays.
Select the Plan in the Name column.
Click the Config tab.
Click Add. The Add Config pane displays.
See the Prerequisite section for details.
Using containers and DuploCloud Services with Azure AKS
You can deploy any native Docker container in a virtual machine (VM) with the DuploCloud platform. Adding a Service in the DuploCloud Platform is not the same as adding a Kubernetes service.
Deploying DuploCloud Services, by clicking the Add button in the Services page, implicitly converts services into either a deployment set or a StatefulSet. If there are no volume mappings, then the service is mapped to a deployment set. Otherwise, it is mapped to a StatefulSet. Most configuration values are self-explanatory, such as Images, Replicas, and Environmental Variables.
You can supply advanced configuration options in the Other K8s Config field. The content of this field maps one-to-one with the Kubernetes API. Configurations for deployment are StatefulSets and are supported by placing the appropriate JSON code in the Other K8s Config section. For example, to reference Kubernetes Secrets using a YAML config map, create the following JSON code:
In the DuploCloud Portal, Navigate to Kubernetes -> Services from the navigation pane.
Click Add. The Add Service page displays.
Complete the fields on the page, including Service Name, Docker Image name, and number of Replicas. Use Allocation Tags to deploy the container in a specific set of Hosts.
Do not use spaces when creating Service or Docker image names.
The number of Replicas that you define must be less than or equal to the number of hosts in the fleet.
Once the deployment commands run successfully, click the Services tile on the Tenants page. Your deployments are displayed and you can now attach load balancers for the services.
Using the Kubernetes -> Containers page in the DuploCloud Portal, you can display and manage the Containers you have defined.
Use the Options Menu ( ) in each Container row to display Logs, State, Container Shell, Host Shell, and Delete options.
Option | Functionality |
---|---|
There are many ways to pass configurations to containers at run-time. Although simple to set up, using Environmental Variables can become complex if there are too many configurations, especially files and certificates. In Kubernetes, you also have the option to populate environment variables from or .
See the section.
Logs
Displays container logs.
State
Displays container state configuration, in YAML code, in a separate window.
Container Shell
Accesses the Container Shell. To access the Container Shell option, you must first set up Shell access for Docker.
Host Shell
Accesses the Host Shell.
Delete
Deletes the container.
Create a PostgreSQL database instance in DuploCloud
In the DuploCloud Portal, navigate to Cloud Services -> Database -> PostgreSQL.
Click Add. The Create PostgreSQL Instance pane displays.
Provide Name, Database Username, and Password with Service Tier details to create a PostgreSQL database. DuploCloud provides a configuration to support backup retention for your database when you complete the other fields in the pane.
Click Submit.
By selecting your database in DuploCloud from the PostgreSQL page, you can view the created database's Name, Tier, Status, and Version.
You can reboot the database instance and configure Virtual Network and Firewall Rules from the Actions menu.
Meet performance demand in AKS workloads by organizing Azure agents into agent pools
When you create agent pools to run Azure Kubernetes (AKS) workloads, you create groups of agents available to a pipeline. When you run the pipeline, the pipeline selects the agent that best meets the performance demands of that pipeline.
Agent pools can be autoscaled when the Enable Autoscaling option is selected in the DuploCloud Portal. Each agent pool contains nodes backed by virtual host machines.
Use the DuploCloud Portal Hosts page to create and edit Azure agent pools.
Create an Azure agent pool for an existing Host in the DuploCloud Portal:
Select Cloud Services -> Hosts from the navigation menu.
Select the Azure Agent Pool tab. The Azure Agent Pool page is displayed.
Click Add. The Add Azure Agent Pool page is displayed.
Provide inputs for the Instance Type, Min Capacity, and Max Capacity fields.
Optionally, select Enable Autoscaling to autoscale the pool.
Click Add. When the agent pool is created, Succeeded is displayed in the Status column. It may take some time to create the agent pool.
Edit an agent pool:
Select Cloud Services -> Hosts from the navigation menu.
Select the Azure Agent Pool tab. The Azure Agent Pool page displays.
In the Name column, select the agent pool that you want to edit.
Select the Actions menu and choose Edit.
In the Update agent pool capacity pane, edit the pool configuration.
Click Update.
Databases supported by DuploCloud Azure
A number of databases are supported for DuploCloud and Microsoft Azure. Use the procedures in this section to set them up.
When using Azure Databases, select a Tenant other than the Default Tenant.
Create a MSSQL Server database in DuploCloud
In the DuploCloud Portal, navigate to Cloud Services -> Database -> MSSQLServer.
Click Add.
Provide the database Name, Username, Password, and Database Version.
Click Submit.
You can view database details and configure Elastic Pools, Network Rules, and Firewall Rules by selecting the database from the MSSQL Server page in the DuploCloud Portal and clicking the appropriate tab.
Create a Redis database in DuploCloud
In the DuploCloud Portal, navigate to Cloud Services -> Database -> Redis. The Create Redis Instance pane displays.
Click Add.
Provide the database Name.
From the Subnet list box, select an available subnet you have defined in your Infrastructure.
Modify values for Service Tier, Shards, and Non TLS Port, as needed.
Click Submit.
View Alerts by selecting the Redis instance you created, from the Redis page in the DuploCloud Portal.
Create a MySQL Server single server database in DuploCloud
Azure Database for MySQL Single Server has been deprecated. You can no longer create a database with MySQL Single Server. Use Azure CLI to create a new MySQL Single Server instance.
In the DuploCloud Portal, navigate to Cloud Services -> Database -> MySQL to view database details, reboot, delete a database, and perform supported actions by selecting the MySQL instance you created, from the Name column on the MySQL page.
Create a MySQL Flexible Server database service in DuploCloud
Use a Microsoft Azure MySQL Flexible Server managed database service in DuploCloud. Flexible Server is designed for more granular control and flexibility over database management functions and configuration settings and allows users access to High Availability (HA) in both single availability zones and across multiple availability zones. Flexible servers provide better cost optimization and are ideal for workloads that don’t need continuous full-compute capacity.
In the DuploCloud Portal, navigate to Cloud Services -> Database -> MySQL Flexible.
Click Add. The MySQL Flexible page displays.
Provide the database Name, User Name, Service Tier, Password, Database Version, and other required fields. As you complete the fields on the page, additional fields display, such as High Availability, if applicable.
Click Submit.
You cannot change the value of the High Availability field, once the MySQL Flexible Server is created.
Setup Database Backup and choose the number of days (1-35) to backup databases in the DuploCloud Portal System Settings. First, enable Redundant Backup, and then set the Backup Retention Period.
In the DuploCloud Portal, navigate to Administrator -> System Settings.
Select the System Config tab.
Click Add. The Add Config pane displays.
From the Config Type list box, select AppConfig.
From the Key list box, select "AZURE_DEFAULT_MYSQL_GEO_REDUNDANT_BACKUP_ENABLED".
In the Value field, enter "True". Click Submit. Redundant backup is enabled.
In the DuploCloud Portal, navigate to Administrator -> System Settings.
Select the System Config tab.
Click Add. The Add Config pane displays.
From the Config Type list box, select AppConfig.
From the Key list box, select "AZURE_DEFAULT_MYSQL_BACKUP_RETENTION_DAYS".
In the Value field, enter the number of days to retain the backup, from one (1) to thirty-five (35).
Click Submit. Backup retention is configured for the selected number of days.
Once set, the Backup Retention Period will apply to all new databases. When creating a new database, you can override this by entering a value into the Backup Retention field on the Create MySQL Flexible Instance page.
You can view details and configure other options by selecting the MySQL Flexible Server you created, from the MySQL Flexible page in the DuploCloud Portal.
From the MySQL Flexible page, you can click the Actions menu for each Flexible Server and select the appropriate option to enter the Azure Portal, Reboot the server, or Stop the server.
Create an Azure Managed Instances in DuploCloud
In the DuploCloud Portal, navigate to Cloud Services -> Database -> Managed Instances. The Create Managed SQL Instance pane displays.
Click Add.
Provide the database Name, Username, Password, and vCore. Modify other values as needed.
Click Submit.
You can view Azure Managed Instances and configure other options by selecting the instance you created, from the Managed Instances page in the DuploCloud Portal.
Using Function Apps in DuploCloud Azure
Function Apps can be created from the DuploCloud Portal by navigating to Cloud Services -> Serverless and selecting the Function Apps tab.
Fill in the details: the function app Name, the Publish method, Runtime Stack, Version, and Plan Type.
Once created, the Function App URL is published in the DuploCloud portal. Users can view the function app by opening the URL in the browser.
DuploCloud provides support to secure the storage of secrets, such as passwords and database connection strings.
User can add a secret to the Keyvault by navigating to Cloud Services -> Keyvault, and selecting the Secrets tab.
Use a Public IP Address to reserve a range of consecutive public IPs
A Public IP Address Prefix reserves a range of consecutive public IP addresses that you can individually assign to public resources. This is useful for scaling because it provides a globally unique address space, supports expansion across locations, facilitates load balancing, enables secure access control, and is fundamental for connecting to multiple ISPs and participating in internet routing protocols.
Select the correct Tenant from the Tenant list in the upper left.
In the DuploCloud Portal, navigate to Cloud Services -> App Integration.
Click on the Public IP Prefix tab.
Click Add. The Add Public IP Prefix pane displays.
In the Name field, enter a name. Select your desired length (number of addresses) from the Prefix Length item list. Select the resource type from the Resource Type item list.
Click Add. Your Public IP Prefix is created.
In this demo, we will deploy a simple Hello World NodeJS web app. DuploCloud pulls Docker images from Docker Hub. You can choose a public image or provide credentials to access your private repository. For the sake of this demo, we will use a ready-made image available on DuploCloud’s repository on Docker Hub.
Create a new Host
Create a Service
Create a Load Balancer
Login to your DuploCloud console.
Click on Cloud Services -> Hosts
Select the Host tabs. A Host is an instance in which your Docker container will run. You should choose a Host with the appropriate processing capacity for your application.
You should see the Host listed under the Hosts Listing table.
Next, we can create a Service. A Service is nothing but a container with user-specified image and environment variables. Let’s go ahead and click the + icon to create a new service.
Name the service “test-service“. For this demo, we will use the latest, nodejs-hello image from Duplo’s public Docker hub repository. Fill in duplocloud/nodejs-hello:latest
in the Docker Image field.
Enter the desired number of replicas you want in the swarm. Please note that each replica runs in an individual Host. The number of replicas must equal the number of Hosts. For the sake of this demo, we will choose 1.
Fill in the desired environment variables, this is ideal for credentials or application specific configurations.
Volume mapping is super easy, simply give the host path and container path as shown.
NOTICE: We highly recommend keeping the Hosts stateless and using Azure Storage for static assets. We will keep this field empty for this demo.
Almost there. Since the hello-nodejs image serves on port 3000 we need to create a load balancer (LB) configuration to map the external port (LB) to the internal port (container).
Select the Test-service and click the plus icon on the load balancer configuration table. Fill the menu as shown below and click submit.
Please wait for ~5 minutes as it can take a while for the Load Balancer to get provisioned.
For configuring a Web App in Azure, first we need to create an App Service Plan.
App Service Plan can be created by navigating to Cloud Services -> Serverless, and clicking on the App Service Plan tab.
Refer below for the sample App Service Plan.
Once we have App Service Plan, Create a Web App Resource. App Service Plan can be created with Publish option as Code or Docker.
A list of the platform (NodeJs, python, etc) is available when Publish value as Code is selected. If Publish as Docker is selected, the User needs to enter the Docker Image to configure for creating a web app.
Create an Azure Service Bus in the DuploCloud Portal
Azure Service Bus is a fully managed enterprise message broker with message queues and publish-subscribe topics (residing in a Namespace). Service Bus is used to decouple applications and services from each other for load-balancing across competing workers. It also ensures secure routing and transferring of data and controls across service and application boundaries or coordinating transactional work requiring a high degree of reliability.
Adding an Azure Service Bus requires:
Creating a Service Bus Namespace.
Creating a Service Bus Queue.
Creating a Service Bus Access Policy.
When you have created the Namespace, Queue, and Access Policy, the Service Bus is added to the DuploCloud Portal and can be viewed.
In the DuploCloud Portal, navigate to Cloud Services -> App Integration.
In the Service Bus tab, click Add. The Create Namespace page displays.
In the Name field, enter the Service Bus name.
From the Pricing Tier list box, select a pricing tier based on your projected usage.
From the Minimum TLS Version list box, select the TLS version that supports the NameSpace you are creating.
Select Local Authentication to disable local or SAS key authentication for the Service Bus namespace, allowing only Microsoft Entra authentication.
Click Submit. When your Service Bus Namespace is available, an Active Status is displayed in the Service Bus tab.
After you have created a Service Bus Namespace, you create a queue to enable communication between Web and Worke r roles in a multi-tier Azure application. A Web role is a Microsoft server VM running Internet Information Services (IIS); a Worker role is a Microsoft server VM not running IIS. Service Bus queues also enable communication between on-premises apps and Azure-hosted apps in a hybrid solution.
In the DuploCloud Portal, navigate to Cloud Services -> App Integration.
In the Service Bus tab, select the Service Bus for which you want to add a Service Bus Queue.
Click the Queue tab.
Click Add. The Create Queue page displays.
In the Name field, enter a name for the Service Bus Queue.
Edit or accept the defaults for Max Queue Size, Lock duration (in seconds), and Max Delivery Count.
Optionally, select Enable dead lettering or message expiration and Enable partitioning. See the Azure Documentation for detailed descriptions of these options.
Set Message time to live in the format HOURS:MINUTES:SECONDS:MILLISECONDS to control when messages go live and to prevent them from being sent to the Dead Letter Queue after they expire. Setting Message time to live defers delivery of the message for the amount of time you specify. For example, to defer message delivery by fourteen (14) hours, set Message time to live to 14:00:00:00.
Click Submit. When your Service Bus Queue is available, an Active Status is displayed in the Queue tab.
After you create a Service Bus NameSpace and Queue, finish adding your Service Bus by creating an Access Policy.
In Azure, Shared Access Signatures (SAS) and policies give you granular control over the type of access you grant to the clients. SAS authentication enables you to grant a user access to Service Bus resources with specific rights. You create an access policy to configure a cryptographic key with associated rights on a Service Bus resource.
In the DuploCloud Portal, navigate to Cloud Services -> App Integration.
In the Service Bus tab, select the Service Bus for which you want to add a Service Bus Access Policy.
Click the Access Policy tab.
Click Add. The Create Access Policy page displays.
In the Name field, enter the Access Policy name.
Define access rights to the policy by selecting Manage (which automatically selects both Send and Listen), Send, or Listen. See the Azure documentation for additional information on these options.
Click Submit. The Access Policy is displayed in the Access Policy tab.
In the DuploCloud Portal, navigate to Cloud Services -> App Integration.
In the Service Bus tab, select the Service Bus you want to view. The Overview, Queue, Access Policy, and Details tabs display additional information about the Service Bus and its components.
DuploCloud Azure Portal provides the ability to create Storage Accounts, File Shares, and generate Shared Access Signatures (SAS). Storage Accounts with a SKU Type Standard_LRS
are created. Users can view additional details of File Share endpoints from the Portal.
Navigate to Cloud Services -> Storage Account to create Storage Account.
Provide unique name to create Storage Account.
Create File Shares by clicking on Add.
Click on Actions -> Shared Access Signature. Provide access details in the screen below. Review and generate Shared Access Signature(SAS) tokens.
Once Signature Tokens are generated, Azure user can copy paste the token and URL's in a secure location. They'll only be displayed once and cannot be retrieved once the window is closed.
You can configure the Tenant to block public network access to Storage Accounts.
From the DuploCloud Portal navigation, select Administrator -> Tenants.
Select your Tenant name from the list.
In the Settings tab, click Add. The Add Tenant Feature pane displays.
From the Select Feature item list, select Other.
In the Configuration field, enter block_public_network_to_azure_storage.
In the empty field, enter "True".
Click Add. Public access to storage accounts is blocked.
You can view Storage Account Details once created. You can view Endpoint details in the Storage Account table view. Click on the icons under the Actions Column to view and copy the keys of the Storage Account.
Add Azure subscription details
The DuploCloud rules-based expert needs Azure Subscription details to manage cloud resources. Add Cloud Credentials in the DuploCloud Portal to add subscription details.
In the DuploCloud Portal, navigate to Administrator -> Cloud Credentials. The Cloud Credentials page displays.
Click Add.
In the Cloud list box, ensure Azure is selected.
In the Subscription ID field, enter your Azure Subscription ID.
In the Application Secret field, enter secrets.
In the Tenant ID field, enter the Tenant ID.
In the Object ID field, enter the Object ID.
Click Submit. Your credentials are displayed on the Cloud Credentials page.
Using VM Scale Sets to improve performance and redundancy for hosts
Azure Virtual Machine (VM) Scale Sets let you create and manage a group of load-balanced VMs. VM Scale Sets provide you with redundancy and improved performance for applications that are typically distributed across multiple instances. This enables access to your application through a load balancer that distributes requests to one of the application instances.
If you need to perform maintenance or update an application instance, your customers have access to another available application instance. To keep up with customer demand, increase the number of application instances that run your application.
For more information about VM Scale Sets, see the Azure Documentation.
In the DuploCloud Portal, navigate to Cloud Services -> Hosts.
Click the VM Scale Set tab.
Click Add. The Add VM Scale Set page displays.
In the Name field, enter a name for the VM Scale Set.
From the Subnet list box, select the subnet to be used by the VM Scale Set.
From the Instance Type list box, select the size of the VM in the VM Scale Set.
In the Capacity field, enter the number of VMs in the VM Scale Set.
From the Image ID list box, select the image name. The image you select must be compatible with the Agent platform. Select Other if the image is not listed in order to specify your own.
Specify a Username and Password.
Click Add. The VM Scale Set is created.