-
Notifications
You must be signed in to change notification settings - Fork 866
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1257 from Infisical/self-hosting-azure-container-…
…instances Add self-hosting docs for Azure Container Instances
- Loading branch information
Showing
13 changed files
with
101 additions
and
1 deletion.
There are no files selected for viewing
Binary file added
BIN
+319 KB
...eployment-options/azure-container-instances/aci-container-instance-overview.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+258 KB
...nt-options/azure-container-instances/aci-create-container-instance-advanced.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+302 KB
...nt-options/azure-container-instances/aci-create-container-instance-basics-1.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+291 KB
...nt-options/azure-container-instances/aci-create-container-instance-basics-2.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+265 KB
...-options/azure-container-instances/aci-create-container-instance-networking.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+259 KB
...ment-options/azure-container-instances/aci-create-container-instance-review.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+208 KB
.../deployment-options/azure-container-instances/aci-create-container-instance.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+428 KB
...deployment-options/azure-container-instances/aci-select-container-instances.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+294 KB
...self-hosting/deployment-options/gcp-cloud-run/gcp-cloud-run-service-details.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
87 changes: 87 additions & 0 deletions
87
docs/self-hosting/deployment-options/azure-container-instances.mdx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,87 @@ | ||
| --- | ||
| title: "Azure Container Instances" | ||
| description: "Deploy Infisical with Azure Container Instances" | ||
| --- | ||
|
|
||
| Prerequisites: | ||
| - Have an account with [Microsoft Azure](https://azure.microsoft.com/en-us) | ||
|
|
||
| <Note> | ||
| This brief goes over how to deploy an instance of Infisical with Azure Container Instances without TLS/SSL configuration. | ||
|
|
||
| There are various options for enabling TLS/SSL with Azure Container Instances more suitable for production including: | ||
| - [Enabling a TLS endpoint in a sidecar container](https://learn.microsoft.com/en-us/azure/container-instances/container-instances-container-group-ssl). | ||
| - [Enabling automatic HTTPS with Caddy in a sidecar container](https://learn.microsoft.com/en-us/azure/container-instances/container-instances-container-group-automatic-ssl). | ||
| - Using Azure Function Proxies, Application Gateway, etc. | ||
| </Note> | ||
|
|
||
| <Steps> | ||
| <Step title="Create a container instance in Azure Container Instances"> | ||
| 1.1. In Azure, navigate to the **Container Instances** solution and press **Create**. | ||
|
|
||
|  | ||
|
|
||
|  | ||
|
|
||
| 1.2. In the **Basics** section, specify the **Subscription** and **Resource group** to manage the deployed resource. | ||
|
|
||
| Also, give the container a friendly name like Infisical and specify a **Region** for it to be deployed to. | ||
|
|
||
|  | ||
|
|
||
| Next, select the **Public** option under **Image type** and fill in your intended [Infisical public Docker image](https://hub.docker.com/r/infisical/infisical) in the **Image** field; this will pull the image from Docker Hub. | ||
|
|
||
| For example, in order to opt for Infisical `v0.43.4`, you would input: `infisical/infisical:v0.43.4`. | ||
|
|
||
|  | ||
|
|
||
| <Note> | ||
| Depending on your use-case and requirements, you may find it helpful to further configure your Azure container instance. | ||
|
|
||
| For example, you may want to adjust the **Region** option to specify which region to deploy the container for your | ||
| instance of Infisical to minimize distance and therefore latency between the instance and your infrastructure. | ||
| </Note> | ||
|
|
||
| 1.3. In the **Networking** section, select the **Public** option under **Networking type**; this will make the container accessible over the public internet. | ||
|
|
||
| Next, under the **Ports** section, add an entry for port `8080` and protocol `TCP`. | ||
|
|
||
|  | ||
|
|
||
| 1.4. Running Infisical requires a few environment variables to be set for the GCP Cloud Run service. | ||
| At minimum, Infisical requires that you set the variables `ENCRYPTION_KEY`, `AUTH_SECRET`, `MONGO_URL`, and `REDIS_URL` | ||
| which you can read more about [here](/self-hosting/configuration/envars). | ||
|
|
||
| In the **Advanced** section, fill in the required environment variables. | ||
|
|
||
| <Note> | ||
| To use more features like emailing and single sign-on, you can set additional configuration options [here](/self-hosting/configuration/envars). | ||
| </Note> | ||
|
|
||
|  | ||
|
|
||
| 1.5. Finally, in the **Review + create** section, double check the information from the previous steps and press **Create** to create the Azure container instance. | ||
|
|
||
|  | ||
| </Step> | ||
| <Step title="Navigate to your deployed instance of Infisical"> | ||
|
|
||
| Head to the **Overview** page of the newly-created container instance to view its **IP address (Public)**; you can access your instance of Infisical by this IP address under the port `:8080`. | ||
|
|
||
| For example, in the image below, the IP address of the sample deployed container instance is `4.255.87.109`; the instance would be accessible in the browser by heading to `4.255.87.109:8080`. | ||
|
|
||
|  | ||
| </Step> | ||
| </Steps> | ||
|
|
||
| <AccordionGroup> | ||
| <Accordion title="Do you have any recommendations for deploying Infisical with Azure Container Instances?"> | ||
| Yes, here are a few that come to mind: | ||
| - In step 1.2, we recommend pinning the Docker image to a specific [version of Infisical](https://hub.docker.com/r/infisical/infisical/tags) | ||
| instead of referring to the `latest` tag to avoid any unexpected version-to-version migration issues. | ||
| - In step 1.2, we recommend selecting a **Region** option that is closest to your infrastructure/clients to reduce latency. | ||
| - Enable TLS/SSL with Azure Container Instances. There are various options for doing so including [enabling a TLS endpoint in a sidecar container](https://learn.microsoft.com/en-us/azure/container-instances/container-instances-container-group-ssl), [enabling automatic HTTPS with Caddy in a sidecar container](https://learn.microsoft.com/en-us/azure/container-instances/container-instances-container-group-automatic-ssl), and using Azure Function Proxies, Application Gateway, etc. | ||
|
|
||
| We're working on putting together a fuller list of deployment best practices as well as minimum resource configuration requirements for running Infisical so stay tuned! | ||
| </Accordion> | ||
| </AccordionGroup> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters