Skip to main content

Migration plan to ACA

Migration to ACA consists of 2 major changes in the architecture of Data Engine:

  1. replacing Web Apps by Azure Container Apps
  2. replacing EMQX by Event Grid MQTT Broker

In order to keep Data Engine operational, the migration should happen over 2 big stages, with small steps to follow on each stage.

1st stage

As some configurations are out of our hands, and need to be submitted to Proximus teams, that takes time, the 1st stage will be to deploy ACAs in parallel to Web Apps.

  • TODO before start the migration:
    • request an Application creation to Office365 OPS team via IT portal (iotde-mqtt-auth-webhook-'env')
    • overwrite temporarily event grid subscriptions for action processor to the webapp, until the ACA is deployed, so actions are not disturbed,
    • keep Nbiot Inbound traffic on webapp address until Protocol Converter and Backend are stable on ACAs
    • request a MQTT Broker certificate in Venafi tool with SAN of MQTT Broker domain name
  1. Pulumi deployment that will:
    • deploy ACAs
    • remove EMQX container instance (only DEV case)
    • deploy Event Grid MQTT Broker
  2. Adjust APIM pipelines to read OpenAPI spec from endpoint of Container App
  3. Change in the DevOps Library for Frontend Build -> SIGNALING_URL to ACA address, to ensure websocket works fine.
  4. Ensure that ACAs and MQTT Broker are up and healthy
  5. once Protocol Converter NbIoT ACA is up and Backend ACA is up, switch manually destination of Nb-IoT inbound data (logger) as Enco is using old API, not managed by Pulumi, so to ensure that data will go through even after disabling WebApps.
  6. For DEV: Request DNS team to:
    • modify DNS mapping to point to ACAs or Event Grid MQTT endpoint:
      • dev/uat/..-iot.proximus.be
      • dev/uat/..-api-iot.proximus.be
      • dev/uat/..-mqtt-iot.proximus.be
  7. For UAT and PROD: request OpenIG team to change mappings to ACAs or Event Grid MQTT endpoint:
    • www(-uat).proximus.be/iot-dataengine
    • www(-uat).proximus.be/api-iot-dataengine
    • www(-uat).proximus.be/sig-iot-dataengine
    • /uat/..-mqtt-iot.proximus.be
  8. Update plugin configuration - URLs on Luzmo side, to point to the Container App
  9. Update MQTT Broker custom domain configuration (adding the TXT records data - check MQTT broker Event grid doc)
  10. Disable App Services

2nd Stage

By this time, all traffic (inbound from devices and from UI for users) should be going over ACAs already, as well as MQTT connections should be running via Event Grid. This stage should be a clean up after old installations

  1. Pulumi deployment that will:
  • remove EMQX related resources (VNets, private endpoints etc)
  • remove Web Apps and all related resources to them
  1. Remove all pipelines related to Web Apps from the code
  2. EMQX docs (how to's) can be removed too

After this run, we should have cleaned up architecture and code from the old installations.

To be decided: when ACAs will be deployed on DEV or UAT, the resource assignment and autoscaling should be applied to make sure that once on PROD, we have enough compute power allocated to those apps.