зеркало из
1
0
Форкнуть 0
This commit is contained in:
Simona Toader 2020-09-02 16:02:06 +02:00
Родитель c1804e7508 2fb871f06c
Коммит 1a9e4d0972
5 изменённых файлов: 69 добавлений и 9 удалений

Двоичные данные
images/Contoso-details.png Normal file

Двоичный файл не отображается.

После

Ширина:  |  Высота:  |  Размер: 113 KiB

Двоичные данные
images/Customers-Overview.png Normal file

Двоичный файл не отображается.

После

Ширина:  |  Высота:  |  Размер: 103 KiB

Двоичные данные
images/Management-groups.png Normal file

Двоичный файл не отображается.

После

Ширина:  |  Высота:  |  Размер: 46 KiB

Двоичные данные
images/Wiki-main.png Normal file

Двоичный файл не отображается.

После

Ширина:  |  Высота:  |  Размер: 64 KiB

Просмотреть файл

@ -3,7 +3,7 @@ This will require you to have understanding of git, installing software and how
For the setup - we will be using Github - but scripts used in workflows will work for Azure DevOps as well and steps can easily be modified for Azure DevOps. For the setup - we will be using Github - but scripts used in workflows will work for Azure DevOps as well and steps can easily be modified for Azure DevOps.
## Prepare local dev machine & accounts ## 1. Prepare local dev machine & accounts
The following should be installed on your workstation: The following should be installed on your workstation:
- VSCode - VSCode
@ -13,14 +13,14 @@ The following should be installed on your workstation:
- Az CLI - Az CLI
- Access to Azure subscription as a global admin - Access to Azure subscription as a global admin
## Prepare repository & Azure ## 2. Prepare repository & Azure
- Create a github account if you don't have one already - Create a github account if you don't have one already
- Fork this repository - Fork this repository
- Create a wiki for the newly forked project - Create a wiki for the newly forked project
- Clone the two repositories on your local machine - Clone the two repositories on your local machine
## Create storage account used for artifacts ## 3. Create storage account used for artifacts
All the artifacts defined in the artifacts repo will be published in a storage account. All the customer deployments will use that storage account to access the templates/definitions that need to be deployed. All the artifacts defined in the artifacts repo will be published in a storage account. All the customer deployments will use that storage account to access the templates/definitions that need to be deployed.
cd .\src\platform-automation cd .\src\platform-automation
@ -122,20 +122,80 @@ cd src\platform-automation
- Verify that the Workflow Test-And-Upload-Dev-Artifacts are running succesfully. - Verify that the Workflow Test-And-Upload-Dev-Artifacts are running succesfully.
- From the Azure portal - check that you have a new json file in your storage account targeted for 'dev' - From the Azure portal - check that you have a new json file in your storage account targeted for 'dev'
- Do a pull request onto master - Do a pull request onto master
- Verify that the Arm-TTK tests are running - Verify that the Arm-TTK tests are running successfully
- Merge the changes onto the master branch - Merge the changes onto the master branch
- Verify that the Publish-Artifacts-ToAzureStorage have run succesfully - Verify that the Publish-Artifacts-ToAzureStorage have run succesfully
- Verify that you now have the template available in your production account ready for use. - Verify that you now have the template available in your production account ready for use.
Congrats! You now have a succesful pipeline! Congrats! You now have a succesful pipeline to validate, approve and publish components for re-use!
## Create manifest and provision customer ## Create manifest and provision customer
- Create a new folder under 'customers' called 'Contoso' We will now create a manifest that will be used to bootstrap a tenant (or customer). For the simplicity of this - we focus on the previous building block you created - but remember that deployments can happen on any scope (tenant, management group, subscription or resource group).
- Create a manifest.json under customers\contoso
- Validate that this manifest is 'legal' - Create a new feature branch called 'feature\customer_contoso'
- Create a new folder under 'cmdb\customers' called 'contoso'
- Create an empty manifest.json under cmdb\customers\contoso (see reference)
- Validate that this manifest is legal
```
# Powershell
cd src\platform-automation
.\tests\Artifacts.tests.ps1
```
- Update the settings in the manifest defaultDeploymentScope
- Test the deployment
```
cd src\platform-automation
# Run all deployments with -WhatIf
.\platform-scripts\Deploy-Customer.ps1 -customer 'contoso' -Verbose -DryRun
# Run the manifest with the current session - this will create and update Azure Resources
.\platform-scripts\Deploy-Customer.ps1 -customer 'contoso' -Verbose
```
- Commit and push the change to your feature branch
- Verify that the workflow "Update wiki" is running successfully and building the wiki pages for your managed customers. You should be seeing something similar to this:
[![Wiki](../images/Wiki-main.png)](#)
- Click on the customers and you should be seeing Contoso listed as one of your customers managed as code:
[![Wiki](../images/Customers-Overview.png)](#)
- Do a pull request onto master and merge this request. Verify that the workflow "Deploy-Contoso" runs. This workflow will run anytime anyone have approved changes to be rolled out for Contoso.
## Expanding the Manifest
You will now expand the Manifest - to include more useful features. To help you along the way - we have included a few, simple artifacts for you to build a management structure, do some operations and deploy some services and show how you can manage & deliver at scale. Remember - any ARM template can be an artifact and used in composing value.
***NB: When running this on a management group or tenant deployment - you will need elevated privileges that you so far cannot have through Azure Lighthouse.***
- Create a management group structure as shown by adding the artifacts in the manifest:
[![Wiki](../images/Management-Groups.png)](#)
- Create a new branch 'feature/customer_contoso_change_1'
- Move your subscription in under the 'platform' management group
- Add the Lighthouse offer 'lighthouseManagedSubscription' and make sure you have updated the parameters to your management tenant.
- Test and deploy the updated manifest locally.
- Verify that the subscription is now added to your management tenant.
- You can use the Build-DelegationList to list events on what customers have onboarded you, or you can verify this through the Azure Portal.
- Push your changes, do a pull request and merge the changes on master
- Verify that the Deploy-Contoso workflow is running successully
## Expand with the Sandbox-CAF-Foundation LandingZone ## Self-documenting Governance
A part have been added to automatically build and update each customer that is managed by code. If workflow have run - it should show you an overview of what have been provisioned and the current scanned governance structure for a customer as shown below:
- Verify that the Contoso Governance workflow has run (** this workflow builds the details page for Contoso). There's a known limitation in the Mermaid toolkit that is known to hang - so be aware if the workflow executes for more than 10 minutes - you should kill it.
[![Wiki](../images/Contoso-details.png)](#)
## Subscription democratization
Subscriptions can be automated and democratized in the same manner by triggering on git events.
To show a 'demo' on how this can be triggered :
- Create a new file in 'cmdb\customers\contoso' called new_subscription - with content "Contoso Subscription1"
- Commit and push this new file
- Verify that the workflow have run successfully, it have triggered the script with the correct parameters and the output is a subscription
***Note: This is just for demo - a partner/customer would implement and use PartnerCenter SDK in the Script demo, use the ARM deployment for new subscriptions or use the REST Apis to create subscriptions - depending on what lisencing model to use***
## Resources ## Resources
#### Creating workflows / Pipelines #### Creating workflows / Pipelines