Skip to content

docs: Azure and k8s - deploying Coder on Azure using their Application Gateway #16074

New issue
New issue
Closed
Chore
#16216
Closed
docs: Azure and k8s - deploying Coder on Azure using their Application Gateway#16074
Chore
#16216
Labels
docsArea: coder.com/docs
@EdwardAngert

Description

@EdwardAngert
EdwardAngert
opened on Jan 8, 2025

in the Load balancing considerations section of https://coder.com/docs/install/kubernetes#azure, we have a note re Azure

@dahr outlined a better set of steps in google doc and slack. I'm putting it all together here

  • [google doc] is more of a guidance doc on deploying with AKS than it is about load balancing
  • the App Gateway we currently mention in our docs is a load balancer with an ingress controller.
  • do we want to include the entire process here, or just what is applicable to the load balancing service?

For more information

after the --- break, the 20 steps feels a bit long and out of place in the "Install Kubernetes" doc, and might be better on its own, maybe /docs/install/kubernetes/azure.md?

Azure

In certain enterprise environments, the Azure Application Gateway is required.

These steps serve as a proof of concept so that you can get Coder running with Kubernetes on Azure. Your deployment might require a separate Postgres server or signed certificates.

The Application Gateway supports:

  • Websocket traffic (required for workspace connections)
  • TLS termination

Refer to Microsoft's documentation on how to enable application gateway ingress controller add-on for an existing AKS cluster with an existing application gateway. The steps here follow the Microsoft tutorial for a Coder deployment.

Deploy Coder on Azure with an Application Gateway

  1. Create Azure resource group:

    az group create --name myResourceGroup --location eastus

  2. Create AKS cluster:

    az aks create --name myCluster --resource-group myResourceGroup --network-plugin azure --enable-managed-identity --generate-ssh-keys

  3. Create public IP:

    az network public-ip create --name myPublicIp --resource-group myResourceGroup --allocation-method Static --sku Standard

  4. Create Vnet & subnet:

    az network vnet create --name myVnet --resource-group myResourceGroup --address-prefix 10.0.0.0/16 --subnet-name mySubnet --subnet-prefix 10.0.0.0/24

  5. Create Azure application gateway, attach Vnet & subnet and public IP:

    az network application-gateway create --name myApplicationGateway --resource-group myResourceGroup --sku Standard_v2 --public-ip-address myPublicIp --vnet-name myVnet --subnet mySubnet --priority 100

  6. Get app gateway ID:

    appgwId=$(az network application-gateway show --name myApplicationGateway --resource-group myResourceGroup -o tsv --query "id")

  7. Enable app gateway ingress to AKS cluster:

    az aks enable-addons --name myCluster --resource-group myResourceGroup --addon ingress-appgw --appgw-id $appgwId

  8. Get AKS node resource group:

    nodeResourceGroup=$(az aks show --name myCluster --resource-group myResourceGroup -o tsv --query "nodeResourceGroup")

  9. Get AKS Vnet name:

    aksVnetName=$(az network vnet list --resource-group $nodeResourceGroup -o tsv --query "[0].name")

  10. Get AKS Vnet ID:

    aksVnetId=$(az network vnet show --name $aksVnetName --resource-group $nodeResourceGroup -o tsv --query "id")

  11. Peer Vnet to AKS Vnet:

    az network vnet peering create --name AppGWtoAKSVnetPeering --resource-group myResourceGroup --vnet-name myVnet --remote-vnet $aksVnetId --allow-vnet-access

  12. Get app gateway Vnet ID:

    appGWVnetId=$(az network vnet show --name myVnet --resource-group myResourceGroup -o tsv --query "id")

  13. Peer AKS Vnet to app gateway Vnet:

    az network vnet peering create --name AKStoAppGWVnetPeering --resource-group $nodeResourceGroup --vnet-name $aksVnetName --remote-vnet $appGWVnetId --allow-vnet-access

  14. Get AKS credentials:

    az aks get-credentials --name myCluster --resource-group myResourceGroup

  15. Create Coder namespace:

    kubectl create ns coder

  16. Deploy non-production PostgreSQL instance to AKS cluster:

    helm repo add bitnami https://charts.bitnami.com/bitnami
helm install coder-db bitnami/postgresql \
--namespace coder \
--set auth.username=coder \
--set auth.password=coder \
--set auth.database=coder \
--set persistence.size=10Gi

  17. Deploy Coder to AKS cluster:

    helm repo add coder-v2 https://helm.coder.com/v2
helm install coder coder-v2/coder \
	--namespace coder \
 --values values.yaml \
 --version 2.17.2

  18. Clean up Azure resources:

    az group delete --name myResourceGroup
az group delete --name MC_myResourceGroup_myCluster_eastus

  19. Deploy the gateway - this needs clarification

  20. After you deploy the gateway, add the following entries to Helm's values.yaml file before you deploy Coder:

      service:
    enable: true
    type: ClusterIP
    sessionAffinity: None
    externalTrafficPolicy: Cluster
    loadBalancerIP: ""
    annotations: {}
    httpNodePort: ""
    httpsNodePort: ""

  ingress:
    enable: true
    className: "azure-application-gateway"
    host: ""
    wildcardHost: ""
    annotations: {}
    tls:
      enable: false
      secretName: ""
      wildcardSecretName: ""

Metadata

Metadata

Assignees

No one assigned

    Labels

    docsArea: coder.com/docs

    Type

    Chore

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      pFad - Phonifier reborn

      Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

      Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


      Alternative Proxies:

      Alternative Proxy

      pFad Proxy

      pFad v3 Proxy

      pFad v4 Proxy