This is a hello world example to achieve the following goals:
- automatically provision 3 clusters using AKS:
- dev (individual)
- team (test)
- prod (multiple regions) with BCP support
- CI/CD pipeline: from code check in, build (unit tests), deploy to cluster and run integration test, push to team cluster
- multi-tenant support, authenticate individual user and orgnization using AAD B2C, configurable isolation at the following levels:
- cluster (different region/country)
- service namespace
- shared pod/container
- storage: different account/db/collection/partition
- RBAC
- Monitoring, audit, alert
- tracing
- MDS/MDM/IFx (within Microsoft)
- Application Insights
- Prometheus, fluntd
- Storage: elastic search, kusto, azure blob, azure table
- Health metric for node and service
- alert: email, text, phone
- tracing
- The system should be flexible to support multiple technologies (nodejs, java and c#)
- There is one-to-one mapping between feature and microservice
- each microservice is a unit of deployment (pod)
- a microservice is implemented using same language
- each team owns 1 or more microservices, cluster authn/authz is controled at team level (excluding prod cluster)
- Rolling update, support mixed versions
- Flighting and A/B testing
- Auto scale
- worker node count within cluster
- pod/service count within cluster
- Terraform is used to provision/setup baseline
- Helm is used to deploy to AKS
- Service principal (AAD)
The product will be used by other software developers to:
- turn on/off feature of a particular microservice
- route users to particular combination of features
- service dependency is managed by tags, i.e. Service A (v1.0) can only talk to Service B (v1.4)
- realtime dashboard of deployments, health and traffic
- Override settings in .\Setup\Env\dev\values.yaml
- Setup service principal authentication and devbox pre-requirements by running ".\Setup\bootstrap.ps1" in windows or "./Setup/bootstrap.sh" in mac