GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → denniszielke → blue-green-with-containerapps

denniszielke / blue-green-with-containerapps

Licence: MIT license
This is a demo scenario for implementing continuous blue/green deployments on containerapps using GitHub actions

Programming Languages

shell
77523 projects
javascript
184084 projects - #8 most used programming language
Bicep
55 projects
HTML
75241 projects
Dockerfile
14818 projects

Labels

nodejsserverlessazuregithub-actionsbluegreen-deploymentdaprcontainerapps

Projects that are alternatives of or similar to blue-green-with-containerapps

dapr-gbb-workshop
Details regarding the customer-ready Dapr workshop created by the Microsoft Cloud Native Global Black Belt Team
Stars: ✭ 27 (-37.21%)
Mutual labels:  dapr
Book k8sInfra
< 컨테이너 인프라 환경 구축을 위한 쿠버네티스/도커 >
Stars: ✭ 176 (+309.3%)
Mutual labels:  bluegreen-deployment
Coolstore Microservices
A full-stack .NET microservices build on Dapr and Tye
Stars: ✭ 1,903 (+4325.58%)
Mutual labels:  dapr
dashboard
General purpose dashboard for Dapr
Stars: ✭ 110 (+155.81%)
Mutual labels:  dapr
dapr-sidekick-dotnet
Dapr Sidekick for .NET - a lightweight lifetime management component for Dapr
Stars: ✭ 113 (+162.79%)
Mutual labels:  dapr
ZeroToHeroDaprCon
Demos from my Zero to Hero with Dapr session @ DaprCon
Stars: ✭ 36 (-16.28%)
Mutual labels:  dapr
MASA.Contrib
The purpose of MASA.Contrib is based on MASA.BuildingBlocks to provide open, community driven reusable components for building mesh applications. These components will be used by the MASA Stack and MASA Labs projects.
Stars: ✭ 102 (+137.21%)
Mutual labels:  dapr
Phenix.NET7
Phenix Framework 7 for .NET 6
Stars: ✭ 31 (-27.91%)
Mutual labels:  dapr
dapr-store
Sample application showcasing the use of Dapr to build microservices based apps
Stars: ✭ 89 (+106.98%)
Mutual labels:  dapr
dapr-workshop
Workshop that teaches how to apply Dapr to an existing .NET, Java or Python based microservices application.
Stars: ✭ 118 (+174.42%)
Mutual labels:  dapr
MASA.BuildingBlocks
Building blocks of the MASA Stack, provides a unified interface standard for MASA Contrib's implementation specifications and process connector.
Stars: ✭ 119 (+176.74%)
Mutual labels:  dapr
Dapr-Microservice-Template
A Microservice Template using Dapr.io and Kubernetes
Stars: ✭ 31 (-27.91%)
Mutual labels:  dapr
dapr-wasm
A template project to demonstrate how to run WebAssembly functions as sidecar microservices in dapr
Stars: ✭ 168 (+290.7%)
Mutual labels:  dapr
showcase
A Full Stack Journey with Micro Services and Micro Front Ends. Using dapr, kubernetes, react module federation and web assembly,
Stars: ✭ 45 (+4.65%)
Mutual labels:  dapr

Blue green deployments on Azure Container Apps using GitHub Actions

This reposistory hosts the calculator sample application to demonstrate continuous blue/green application deployments using GitHub Action on Azure Container Apps.

In order to set up this demo you need to follow the instructions below.

This scenarios will make use of the following new features:

  • Azure Container Apps as runtime for our containers
  • Builtin Dapr for solving service-to-service invocation inside the cluster
  • Builtin Keda for automatically scaling containers based on traffic
  • Builtin Envoy for implementing traffic splits between releases
  • Builtin Distributed Tracing in Application Insights
  • GitHub Actions with Federated Service Identity support for Azure

The calculator application

A couple of details on the application that is part of this scenario:

  • The calculator application is multi service app written in Node that calculates prime factors for random numbers.
  • The frontend application is making use of the dapr state store component to cache already calcualted results in an Azure Redis Cache instance.
  • The backend application is beeing called by the frontend application via dapr service invocation to calculate the prime factors and return the results.
  • The number of replicas of both frontend and backend Container App instances is beeing determined by the number of requests per second.
  • All traces will be agregated using the dapr side cars in Application Insights

Deployment of the Azure resources and GitHub configuration

Set up workload Identity for your GitHub Actions to use federated trust

Official documentation: https://docs.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation-create-trust-github?tabs=azure-portal

We will create a service principal and grant it permissions on a dedicated resource group

DEPLOYMENT_NAME="dzapps5" # here the deployment
RESOURCE_GROUP=$DEPLOYMENT_NAME # here enter the resources group
LOCATION="canadacentral" # azure region can only be canadacentral or northeurope
AZURE_SUBSCRIPTION_ID=$(az account show --query id -o tsv) # here enter your subscription id
GHUSER="denniszielke" # replace with your user name
GHREPO="blue-green-with-containerapps" # here the repo name
AZURE_TENANT_ID=$(az account show --query tenantId -o tsv)
GHREPO_BRANCH=":ref:refs/heads/main"
az group create -n $RESOURCE_GROUP -l $LOCATION -o none

AZURE_CLIENT_ID=$(az ad sp create-for-rbac --name "$DEPLOYMENT_NAME" --role contributor --scopes "/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP" -o json | jq -r '.appId')

AZURE_CLIENT_OBJECT_ID="$(az ad app show --id ${AZURE_CLIENT_ID} --query objectId -o tsv)"

az rest --method POST --uri "https://graph.microsoft.com/beta/applications/$AZURE_CLIENT_OBJECT_ID/federatedIdentityCredentials" --body "{'name':'$DEPLOYMENT_NAME','issuer':'https://token.actions.githubusercontent.com','subject':'repo:$GHUSER/$GHREPO$GHREPO_BRANCH','description':'GitHub Actions for $DEPLOYMENT_NAME','audiences':['api://AzureADTokenExchange']}"

If the last step did not work, you need to grant your service principal the ability to issue a azure ad authentication token to your GitHub Action pipelines that are part of the main branch by going into Azure Active Directory -> App registrations -> YourApp -> Certificates & secrets -> Federated credentials.

Next you need to add the following secrets to your github repository:

  • AZURE_CLIENT_ID
  • AZURE_SUBSCRIPTION_ID
  • AZURE_TENANT_ID
  • RESOURCE_GROUP

The nice thing about this is that you do NOT need to configure a client secret.

Deployment of the azure resources

If the permission and the application registration are set up correctly you can trigger the deployment of the Azure resources by running the deploy-infrastructure workflow manually.

Deployment of the azure resources via cli

DEPLOYMENT_NAME="dzca13cgithub" # here the deployment
RESOURCE_GROUP=$DEPLOYMENT_NAME # here enter the resources group
LOCATION="canadacentral" # azure region can only be canadacentral or northeurope
bash ./scripts/deploy-infra-bicep.sh $DEPLOYMENT_NAME $LOCATION

Deployment of the apps via cli

GHUSER="denniszielke" 
DEPLOYMENT_NAME="dzapps5" # here the deployment
VERSION="latest" # here enter the resources group
REGISTRY="$GHUSER"
bash ./deploy-apps-bicep.sh $DEPLOYMENT_NAME $VERSION $REGISTRY

Triggering blue/green deployments

Once the infrastructure is deployed you can trigger a first deployment by changing any part of the apps or scripts folder contents. By changing content again you can see the new version slowly beeing rolled out (after it has been validated) in the frontend container app user interface.

The logic for the blue green deployment is implemented in the deploy script.

You can also see what is happening in Application Insights

Contributing

This project welcomes contributions and suggestions.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].