I wrote a script in Powershell to automate the deployment of a serverless apps and its CI pipeline to Azure with a single command (see A Step Toward DevOps Friendly Azure. That was my first attempt to mimic Heroku’s functions in Azure. Today I’ll extend the script to support the concept of database add-on.
Heroku add-ons are components that support your application, such as data storage, monitoring, analytics, data processing, and more. These are fully maintained for you by either a third-party provider or by Heroku.
Add-ons Overview
PostgresDB is in the heart of Heroku’s data architecture. It probably is the most popular add-on in Heroku. Spinning out an instance of managed database in Azure is easy but it’s not really an add-on to the app. Following the principle of least privilege we want to restrict the traffic to the database to the app it was added to (Figure 1).
By default managed database in Azure is public facing. With Microsoft’s latest offering it is possible to hide it inside a private network. Figure 2 describes an approach involves the use of VNET, VNET integration and private endpoints.
To be fair, the network configuration in Figure 2 is not simple. My aim is to encapsulate the knowledge of this complex network configurations in the script. In an logical order, the script will create:
- a VNet
- a database
- a private endpoints assigned to the database and
- a VNet integration from the App to the VNet
Again Azure CLI makes it technically possible. As usual the source code of the script is in Github:
https://github.com/gaogang/windermere/blob/master/we-addon.ps1
Running the script is straightforward. You can simply key in the following command in Powershell:
. .\we-addon.ps1; Add-WeDB -solutionName <solutionName> -database cosmosThe only supported database type is cosmos currently. I’m hoping I can extend it to other database types in the future. Please be noted Azure CLI doesn’t support the free tier discount to the Cosmos DB. Hopefully this will change soon in the future.
Top Cloud Solutions 