Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing documentation for non-Kubernetes Azure setup #59

Open
wimdeblauwe opened this issue Sep 29, 2020 · 12 comments
Open

Missing documentation for non-Kubernetes Azure setup #59

wimdeblauwe opened this issue Sep 29, 2020 · 12 comments
Labels
documentation question

Comments

@wimdeblauwe
Copy link

I would like to deploy Hawkbit on Azure using a Docker image on App Service.

I have it working with the standard Hawkbit Docker image connecting to an Azure SQL server by setting the environment variables like SPRING_DATASOURCE_URL, SPRING_DATASOURCE_USERNAME, ...

I want to configure the storage now, but there is very little documentation here on how to do that. I suppose I need to create an own docker image after building this project with Maven and publish that on a public Docker registry if I want to use Azure Storge. But what after that?

I created a Blob Storage Container on Azure, but how do I connect the deployed Hawkbit with that? How should the security of the Blob Storage be set up?
@schabdo
Copy link
Contributor

schabdo commented Sep 29, 2020

I suppose I need to create an own docker image after building this project with Maven

Exactly I think so too. Frankly speaking I do not know the state of this container and if it will work without Kubernetes.

@kaizimmerm can you maybe shed some light on this?

@kaizimmerm
Copy link
Contributor

Hi, its ORG_ECLIPSE_HAWKBIT_REPOSITORY_AZURE_CONNECTION_STRING you can see all the variables here: https://github.com/eclipse/hawkbit-extensions/blob/master/hawkbit-extended-runtimes/hawkbit-update-server-azure/deployment/helm/hawkbit/templates/deployment.yaml

@kaizimmerm
Copy link
Contributor

@schabdo there is no k8s dependency in the docker image.

@wimdeblauwe
Copy link
Author

Thanks for that. How can I know the version of Hawkbit and the version of the used Hawkbit extensions for the images at https://hub.docker.com/r/hawkbit/hawkbit-update-server-azure ?

@wimdeblauwe
Copy link
Author

I can confirm I got it working by locally building this repo using Maven 3.6.3 and Java 1.8. After that, I pushed the image to Docker and used the ORG_ECLIPSE_HAWKBIT_REPOSITORY_AZURE_CONNECTION_STRING env variable on the Azure App Service that runs the Docker container.
For those wondering, the connection string can be found under 'Settings' > 'Access Keys' on the Azure Storage Account that you need to create first on Azure. There is no need to manually create a container inside the Storage Account, Hawkbit will do that on startup.

@rwiglenda
Copy link

Hi @wimdeblauwe, i have a question on this. I've got a similar setup but i am using Azure Container Instances. As you already have described you connected the Azure SQL DB with the env variables SPRING_DATASOURCE_URL, SPRING_DATASOURCE_USERNAME & SPRING_DATASOURCE_PASSWORD. I did the same abut does your container start properly with that? My container seems to be connected to the DB (atleast i got no errors with DB the connection) but i get several errors like:

  • Error creating bean with name 'org.eclipse.hawkbit.autoconfigure.security.SecurityManagedConfiguration$ControllerSecurityConfigurationAdapter'
  • Error creating bean with name 'org.springframework.orm.jpa.SharedEntityManagerCreator#0
  • Error creating bean with name 'controllerManagement': Unsatisfied dependency expressed through field 'entityManager'
    ans so on...

@wimdeblauwe
Copy link
Author

Did you also set the following env variables?

SERVER_USEFORWARDHEADERS=true
SPRING_JPA_DATABASE=SQL_SERVER
SPRING_DATASOURCE_DRIVERCLASSNAME=com.microsoft.sqlserver.jdbc.SQLServerDriver

Futher, I also set HAWKBIT_DMF_RABBITMQ_ENABLED=false to avoid a constant logging about rabbitmq (we are not using that, not sure why that is needed or for what people use that).

@rwiglenda
Copy link

rwiglenda commented Oct 2, 2020
edited
Loading

Not yet. I will try that out and edit my message here later.

Thanks a lot for your help!

edit: i added also these env variables unfortunately i still don't get the container running with that.

As already said the DB seems to be connected: o.f.core.internal.command.DbValidate : Successfully validated 10 migrations (execution time 00:00.103s)

But i get a lot of errors regarding this schema. I though flyway will create everything on it's own do i have to change something in the SQL settings?

 Found non-empty schema(s) [dbo] without schema history table! Use baseline() or set baselineOnMigrate to true to initialize the schema history table.
	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:769) ~[spring-beans-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]

@drewf7
Copy link

drewf7 commented Jul 12, 2021

Hi,

I have this successfully deployed on an Azure App Service (Web App For Containers).

If one of the maintainers can let me know what format you want that documentation in (Just in the README? Do you guys have docs pages?) I'd be happy to take a stab at writing it up.

Realistically I won't have time till next weekend but this issue has been open for a bit so I'm assuming folks won't mind the wait :)

@adamwendel
Copy link

@drewf7 you wouldn't happen to have any documentation written up on how to do the deployment on Azure App Services would you?

@drewf7
Copy link

drewf7 commented Jun 9, 2022

Hi @adamwendel

It's been a bit haha (almost a year from the comment timestamps)

I don't have anything concrete I can link you too. But here's what I can conjure up from memory, and a poke around our deployment.

I had the best luck bundling hawkbit into a container and deploying that way.

To do I pulled this repo https://github.com/eclipse/hawkbit-extensions.git

The folder that's of interest to you is hawkbit-extended-runtimes/hawkbit-update-server-azure

Before you run a build you'll likely want to change the default credentials. You can do that in src/main/resources/application.properties

I have the following block set in there. Whether it's still neccessary (or ever really was) I don't know.

# Override artifact ports to be compatible with app service
hawkbit.artifact.url.protocols.download-http.port=80
hawkbit.artifact.url.protocols.download-http.ref={protocol}://{hostnameRequest}:{port}/{tenant}/controller/v1/{controllerId}/softwaremodules/{softwareModuleId}/artifacts/{artifactFileName}
hawkbit.artifact.url.http.port=80
hawkbit.artifact.url.https.port=443
hawkbit.artifact.url.https.enabled=true
hawkbit.artifact.url.http.enabled=true

You'll eventually want to read https://www.eclipse.org/hawkbit/concepts/authentication/ to set up a better auth mechanism. But to get things up and running you can just set

# User Security
spring.security.user.name=<admin_username>
spring.security.user.password={noop}<admin_password>

Then from the hawkbit-update-server-azure you can just run a docker build and push to an ACR.

Up in Azure create a resource group to house hawkbit, and inside of it deploy.

  1. A VNET with at least one subnet that has Microsoft.Web, Microsoft.Sql, Microsoft.EventHub, and Microsoft.Storage service endpoints enabled. (You'll use this to connect all the other azure bits securely).
  2. An App Service plan / Web app for containers app service
  3. A SQL Server with one Database for hawkbit (Right now ours is just Standard S0: 10DTU's)
  4. An event hubs namespace
  5. An Azure storage account

Then deploy your hawkbit container to the app service, and set the below environment variables in the "Configuration" section

AZURE_EVENTHUB_CONNECTIONSTRING=Connection string to the event hub, starts with "Endpoint="
AZURE_EVENTHUBS_NAMESPACE=Name of your event hubs namespace
HAWKBIT_SERVER_BUILD_VERSION=The version of hawkbit you're running (Looks like they're on 0.3.0M7 right now)
MANAGEMENT_METRICS_EXPORT_AZUREMONITOR_ENABLED=false #We don't use azure monitor for monitoring our hawkbit. Can't help you if you do
ORG_ECLIPSE_HAWKBIT_REPOSITORY_AZURE_CONNECTION_STRING=The Connection string for you storage account. Starts with "DefaultEndpointsProtocol=". For more context see kaizimmerm's comment above. This is how I landed in this thread :)
SPRING_CLOUD_BUS_ENABLED=true
SPRING_DATASOURCE_DRIVER_CLASS_NAME=com.microsoft.sqlserver.jdbc.SQLServerDriver
SPRING_DATASOURCE_DRIVERCLASSNAME=com.microsoft.sqlserver.jdbc.SQLServerDriver # Never did figure out which of these was the right one
SPRING_DATASOURCE_PASSWORD=Your database users password
SPRING_DATASOURCE_URL=jdbc:sqlserver://<your_server_name>.database.windows.net:1433;databaseName=<your_database_name>;
SPRING_DATASOURCE_USERNAME=Your database users username
SPRING_JPA_DATABASE=SQL_SERVER

From there in theory you should be up and running. Although it's very possible I've missed something.

Hopefully that helps :)

@adamwendel
Copy link

adamwendel commented Jun 9, 2022
edited
Loading

Thank you so much @drewf7! I'm probably 90% of the way there. I've gotten all of the azure resources set up and the VNET and deployed the container on App Services. I can see usage on the SQL Server and the Event Hub, but it seems something with the storage has failed (I get an upload failed message when uploading an artifact). It doesn't seem that hawkbit has actually set up any containers in the storage account.

Is the following block supposed to be set as is?
hawkbit.artifact.url.protocols.download-http.ref={protocol}://{hostnameRequest}:{port}/{tenant}/controller/v1/{controllerId}/softwaremodules/{softwareModuleId}/artifacts/{artifactFileName}.

Edit: Turns out I had missed adding a NIC for the storage on the VNet.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@wimdeblauwe @kaizimmerm @schabdo @drewf7 @adamwendel @rwiglenda