Azure Installation Requirements
This document describes the requirements for installing the Apcera Platform on Azure using Terraform.
- Terraform Module for Azure
- Cluster Configuration Files for Azure
- Azure Credentials
- Cluster Admin Credentials
- Cluster Ops SSH Key
- Cluster Domain Routing and DNS
- Cluster Name
- Cluster Location
- Cluster Network
- Cluster Subnets
- Apcera Component Count
- Machine Type and Size
- Configure Terraform for Azure
|Terraform 7.4+||The Apcera-provided Terraform module for Azure requires Terraform 0.7.4 or later.|
|Azure CLI||You need this CLI to create Azure resources: https://azure.microsoft.com/en-us/documentation/articles/xplat-cli-install/|
Terraform Module for Azure
Download the Apcera-provided Terraform Module from the Apcera Support web site. Extract the contents of the ZIP to a known directory, such as PATH_TO_TERRAFORM_MODULES/apcera/azure.
|ip-manager.tf||Not enabled by default|
|network.tf||Cluster network definition|
Cluster Configuration Files for Azure
Download the Apcera-provided cluster configuration files for Azure from the Apcera Support web site. Extract the contents of the ZIP to a known directory, such as PATH_TO_CLUSTER_CONFIGURATION/apcera/azure.
|main.tf||Azure subscription ID||string|
|cluster.conf.erb||Apcera-provided configuration file for generating the cluster configuration.|
You will need to provide the following credentials to connect to Azure in the in the main.tf file.
|azure_subscription_id||Azure subscription ID||string|
|azure_client_id||Azure client ID string||string|
|azure_client_secret||Azure client secret||string|
|azure_tenant_id||Azure tenant ID||string|
Cluster Admin Credentials
You need to provide an admin user name and password for the Orchestrator host and an admin user name and password for all other all the other machines in the cluster in the main.tf file. Azure will create the default users that you set on each machine in the cluster.
|orchestrator-admin-username||Admin user name for the Orchestrator host|
|orchestrator-admin-password||Admin password for the Orchestrator host|
|admin-username||Admin user name for all cluster machines|
|admin-password||Admin password for all cluster machines|
Cluster Ops SSH Key
You must generate a SSH key pair, or use an exiting key pair, and add the public key to the cluster.conf.erb file so that it is included in the generated cluster.conf. Note that the SSH key for Azure machines must meet certain criteria.
Cluster Domain Routing and DNS
The Terraform module for Azure does not support the use of Azure load balancers.
By default we provision a single HTTP router with a public IP address. You must create a DNS A record for the cluster domain and update the record with the public IP of the HTTP router BEFORE you deploy the cluster. Refer to the instructions on how to obtain the public IPs so you can update DNS.
You can deploy more than one HTTP router by increasing the component count. If you do you must update the DNS record with the public IP address of each HTTP router.
You will need to provide the name of the cluster in the main.tf file.
In Azure the cluster name is a user-defined alphanumeric string. It must be lower case and cannlot be longer than 10 characters in length.
You must specify the Azure region for the cluster. This is set in the main.tf file.
|cluster_location||Default: West US|
The cluster_subnet variable is the CIDR of the entire cluster network.
The cluster_subnet CIDR range is set in the main.tf and network.tf Terraform module files.
|cluster_subnet||10.0.0.0/16||CIDR range for the entire cluster network.|
See also cluster subnets.
Cluster machines are provisioned in three subnets that are ranges within the cluster_subnet: bastion, dmz, and private.
- The bastion subnet comprises machines used to manage and monitor the cluster: Orchestrator, Zabbix, Splunk Indexer, and Splunk Search.
- The dmz subnet comprises machines that accept connections on behalf of the Apcera cluster: HTTP Router(s) and TCP Router(s).
- The private subnet comprises machines that run the cluster: Centrals, Instance Managers, and Storage hosts.
|subnet_dmz||10.0.0.0/24||CIDR range for the HTTP and TCP routers. The range must be a subset of cluster_subnet.|
|subnet_bastion||10.0.1.0/24||CIDR range for the Orchestrator, Monitoring (Zabbix), and Splunk hosts. Range must be a subset of cluster_subnet.|
|subnet_private||10.0.2.0/24||CIDR range for the Auditlog, Central, Gluster, Instance Manager, IP Manager, Metricslog, NFS, Riak, and Singleton hosts. Range must be a subset of cluster_subnet.|
The subnet_* CIDR ranges are set in the network-*.tf files. If necessary you can update these files accordingly.
Apcera Component Count
The numbers of each type of server can be specified like below. The component count is set in the main.tf file.
auditlog-count = 2 central-count = 3 # Should be a multiple of 3 gluster-count = 0 # Not deployed instance-manager-count = 2 ip-manager = 0 # Not deployed metricslogs-count = 1 monitoring-count = 1 nfs-count = 0 # Not deployed orchestrator-count = 1 riak-count = 3 # Should be a multiple of 3 router-count = 2 singleton-count = 1 # Should only ever be exactly 1 splunk-indexer-count = 0 # Not deployed splunk-search-count = 0 # Not deployed tcp-router-count = 0 # Not deployed
Machine Type and Size
The machine type is set in the
<host>.tf file for each machine. The default Defaults are listed below.
Optionally you can update the machine type to meet needs of the expected use cases for the cluster. More performant instance types might be need in production clusters.
Some machine types need extra disks, and the size of those disks can be set like below. The sizes are in GB.
|Machine Role||Machine Type||Extra Disk Size (GB)|
|metricslogs-size||"Standard_A2"||Disk 1: "50"; Disk 2: "100"|