Skip to main content

Infrastructure

The way of working to deploy the data engine solution is to:

  1. Utilize pulumi to deploy the infrastructure
  2. For each application, a webhook is set-up to that deploys the app to App Service
  3. For each application, we then build and push the container to its designated container registry

The above way of working has several advantages:

  • It isolates the infrastructure from the application code
  • It isolates the team concerns for respectively the infrastructure team and application team
  • It creates an easy CI/CD integration flow, only requiring a build + push action to deploy the application

Deploying the Infrastructure

The infrastructure is deployed using pulumi and the code is located in the internal/iot-platform/infrastructure/iot-platform folder.

Prerequisites

To deploy the instrastructure, you need to have the following installed:

Deployment

To deploy the infrastructure, you need to configure Pulumi to utilize:

  1. The correct Azure subscription (through az subscription set -s <subscription-id>)
  2. The access to the state file repository (through export AZURE_STORAGE_ACCOUNT=<storage-account-name> and export AZURE_STORAGE_KEY=<storage-account-key>)
  3. The correct state file (through pulumi login azblob://<state-file-name>)
# 1. Configure the correct subscription
az account set --subscription 84f5ee7f-ee87-4518-bfa9-65a42b169881

# 2. Configure the state file
export PULUMI_CONFIG_PASSPHRASE=""
export AZURE_STORAGE_ACCOUNT="sapxspulumistatefilesdev"
export AZURE_STORAGE_KEY=$(az storage account keys list --account-name sapxspulumistatefilesdev -g rg-pulumi-state-files --query '[0].value' | tr -d '"')

# 3. Select the state file from the container
pulumi login azblob://iotplatformstate

Once this is done, you can deploy the infrastructure by running the following command:

pulumi up \
    --stack pxs-iot-platform\
    -c glb-location=westeurope \
    -c glb-project-name=pxs-iot-platform\
    -c glb-project-env=prd \
    -c cumulio_plugin_secret="CUMULIO_PLUGIN_SECRET_VALUE" \
    -c glb-subscription-name=pxs-cn-s-pde-sub

To run the "pxs-iot-platform" project stack "sbx" for subscription "pxs-cn-s-pde-sub" use:

 pulumi up --stack sbx -c glb-location=westeurope -c glb-project-name=pxs-data-engine -c glb-project-env=sbx -c cumulio_plugin_secret=oR5vMDyfGv6dYmkEtt1MHr0Az -c glb-subscription-name=pxs-cn-s-pde-sub

To run the "pxs-data-engine-la" project stack "sbx" for subscription "pxs-cn-s-pde-sub" use:

 pulumi up --stack pxs-data-engine-la -c glb-location=westeurope -c glb-project-name=pxs-data-engine-la -c glb-project-env=sbx -c glb-subscription-name=pxs-cn-s-pde-sub

Azure Maps

As requirement from CCOE, Azure Maps has to have CORS allowed origins defined. Unfortunately Pulumi is not supporting this setting (tried to set it as in bicep/arm template, but didn't pass either). Therefore as workaround, the Azure Maps are deployed using Bicep template and Azure CLI. The deployment of this resource is happening during the Pulumi pipeline execution. If the main Resource Group exists, the Maps will be deployed (unless they exists already). It's integrated in this way, as for Azure Maps integration with other resources, its ClientID and resourceID are necessary. If it's the first deployment, Maps won't be deployed and the pipeline has to be rerun (Maps can be deployed only if the Resource Group is created, which is happening normally during the 1st Pulumi pipeline run).

Deploying the Applications

The applications are deployed using the webhook functionality of Azure App Service. This functionality allows you to trigger a deployment of the application by calling a specific URL. This URL is then called whenever a new version of the application is pushed to the container registry.

Prerequisites

To deploy the applications, you need to have the following installed:

Deployment

Backoffice - Backend

cd internal/iot-platform/core/backoffice/backend
./deploy/production/deploy.sh <ACR_NAME>

Backoffice - Frontend