diff --git a/docs/devops/Deploy/Care/Azure/1_Infra.md b/docs/devops/Deploy/Care/Azure/1_Infra.md new file mode 100644 index 0000000..64e969d --- /dev/null +++ b/docs/devops/Deploy/Care/Azure/1_Infra.md @@ -0,0 +1,238 @@ +# Infrastructure Setup + +This guide covers the core infrastructure setup for deploying Care on Azure Container Apps. + +## Core Infrastructure Setup + +### 1. Resource Group Configuration + +Resource groups are logical containers for Azure resources that share the same lifecycle, permissions, and policies. + +```bash +# Create resource group in specified location +az group create --name [RESOURCE_GROUP] --location [LOCATION] +``` + +### 2. Database Services + +The following commands set up a PostgreSQL flexible server with high performance characteristics suitable for production workloads. + +```bash +# Create PostgreSQL flexible server +az postgres flexible-server create \ + --name [POSTGRES_SERVER_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --location [LOCATION] \ + --admin-user [ADMIN_USER] \ + --admin-password [ADMIN_PASSWORD] \ + --database-name [DATABASE_NAME] \ + --sku-name Standard_D4ds_v5 \ + --storage-size 32 \ + --version 16 \ + --tier GeneralPurpose \ + --public-access 0.0.0.0 \ + --yes +``` + +Key flag explanations: +- `--sku-name Standard_D4ds_v5`: Performance tier for compute resources (4 vCores, memory-optimized) +- `--storage-size 32`: Allocated storage in GB +- `--version 16`: PostgreSQL version to deploy +- `--tier GeneralPurpose`: Service tier determines available features and performance levels +- `--public-access 0.0.0.0`: Allow connections from any IP address (will be restricted by firewall rules) +- `--yes`: Automatic confirmation to proceed without prompting + +```bash +# Configure PostgreSQL firewall (allow Azure services) +az postgres flexible-server firewall-rule create \ + --name [POSTGRES_SERVER_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --rule-name AllowAzureServices \ + --start-ip-address 0.0.0.0 \ + --end-ip-address 0.0.0.0 +``` + +Key flag explanations: +- `--rule-name AllowAzureServices`: Name for the firewall rule +- `--start-ip-address 0.0.0.0` and `--end-ip-address 0.0.0.0`: Special IP range that allows Azure services to connect + +### 3. Redis Cache Setup + +Redis provides in-memory data structure storage for caching, session management, and message brokering. + +```bash +# Create Redis Cache +az redis create \ + --name [REDIS_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --location [LOCATION] \ + --sku Basic \ + --vm-size C1 \ + --redis-version 6 +``` + +Key flag explanations: +- `--sku Basic`: Service tier (Basic is suitable for development/test workloads) +- `--vm-size C1`: Compute size (C1 = 1GB cache) +- `--redis-version 6`: Redis version to deploy + +### 4. Application Gateway with WAF + +Application Gateway provides a web application firewall (WAF) to protect your application from common exploits and vulnerabilities. + +```bash +# Create Application Gateway with WAF +az network application-gateway create \ + --name [APP_GATEWAY_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --location [LOCATION] \ + --sku WAF_v2 \ + --capacity 2 \ + --gateway-ip-configurations "name=appGatewayIpConfig subnet=[SUBNET_ID]" \ + --frontend-ports "name=appGatewayFrontendPort port=80" \ + --http-settings "name=appGatewayHttpSettings port=80 cookie-based-affinity Disabled" \ + --backend-pool "name=appGatewayBackendPool backend-addresses=[\"[BACKEND_FQDN]\"]" \ + --waf-configuration "enabled=true firewall-mode=Prevention" +``` + +Key flag explanations: +- `--sku WAF_v2`: Tier/version with Web Application Firewall included +- `--capacity 2`: Number of instances for high availability +- `--gateway-ip-configurations`: Network configuration information +- `--frontend-ports`: Ports where the gateway accepts traffic +- `--http-settings`: Backend connection settings (port, affinity) +- `--backend-pool`: Target servers to route traffic to +- `--waf-configuration`: WAF settings (Prevention mode actively blocks detected threats) + +## Cost Estimates + +Below is an estimated monthly cost breakdown for the infrastructure components: + +| Service | Tier/Size | Estimated Monthly Cost (INR) | +|---------|-----------|------------------------------| +| PostgreSQL Flexible Server | Standard_D4ds_v5 | ~₹XXX | +| Redis Cache | Basic C1 | ~₹XXX | +| Application Gateway | WAF_v2 | ~₹XXX | +| Container Apps | Standard | ~₹XXX | +| Storage | Standard_LRS | ~₹XXX | +| **Total** | | **~₹XXX** | + +## Storage Configuration + +### 1. S3-Compatible Storage Options + +> **Note:** Azure Blob Storage is **not** S3-compatible, and Care's backend requires S3 compatibility. You will need to use one of these alternative storage solutions below. + +#### Option A: Google Cloud Storage (GCS) +```bash +# GCS bucket configuration +STORAGE_ENDPOINT="https://storage.googleapis.com" +BUCKET_NAME="[GCS_BUCKET_NAME]" +ACCESS_KEY="[GCS_ACCESS_KEY]" +SECRET_KEY="[GCS_SECRET_KEY]" +``` + +#### Option B: DigitalOcean Spaces +```bash +# DigitalOcean Spaces configuration +STORAGE_ENDPOINT="https://[REGION].digitaloceanspaces.com" +BUCKET_NAME="[SPACES_NAME]" +ACCESS_KEY="[SPACES_ACCESS_KEY]" +SECRET_KEY="[SPACES_SECRET_KEY]" +``` + +### 2. Azure Blob Storage (Alternative) + +Azure Blob Storage provides scalable object storage for unstructured data like documents, images, and videos. + +> **Warning:** Using Azure Blob Storage directly requires code modifications to Care's backend as it's not S3-compatible. + +```bash +# Create storage account +az storage account create \ + --name [STORAGE_ACCOUNT_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --location [LOCATION] \ + --kind StorageV2 \ + --sku Standard_LRS \ + --enable-https-traffic-only true +``` + +```bash +# Create container for files +az storage container create \ + --name [CONTAINER_NAME] \ + --account-name [STORAGE_ACCOUNT_NAME] \ + --public-access container +``` + +Key flag explanations: +- `--public-access container`: Access level (container = files are publicly readable but not listable) + +## Container App Environment + +Container App Environment provides a managed Kubernetes-based environment for running containerized applications. + +```bash +# Create Container App Environment +az containerapp env create \ + --name [ENV_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --location [LOCATION] +``` + +```bash +# Optional: Configure logging +az containerapp env update \ + --name [ENV_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --logs-destination log-analytics \ + --logs-workspace-id [WORKSPACE_ID] \ + --logs-workspace-key [WORKSPACE_KEY] +``` + +Key flag explanations: +- `--logs-destination log-analytics`: Specifies Log Analytics as the logging provider +- `--logs-workspace-id` and `--logs-workspace-key`: Authentication details for the Log Analytics workspace + +## Application Monitoring + +Application Insights provides application performance monitoring and telemetry collection to help diagnose issues and analyze usage. + +```bash +# Configure application insights +az monitor app-insights component create \ + --app [APP_INSIGHTS_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --location [LOCATION] \ + --kind web \ + --application-type web + +# Get instrumentation key +APPINSIGHTS_KEY=$(az monitor app-insights component show \ + --app [APP_INSIGHTS_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --query instrumentationKey \ + --output tsv) +``` + +## Verification + +These commands verify that your resources were created successfully and are running properly. + +```bash +# Verify PostgreSQL server +az postgres flexible-server show \ + --name [POSTGRES_SERVER_NAME] \ + --resource-group [RESOURCE_GROUP] + +# Verify Redis cache +az redis show \ + --name [REDIS_NAME] \ + --resource-group [RESOURCE_GROUP] + +# Verify Container App Environment +az containerapp env show \ + --name [ENV_NAME] \ + --resource-group [RESOURCE_GROUP] +``` diff --git a/docs/devops/Deploy/Care/Azure/2_Deployment.md b/docs/devops/Deploy/Care/Azure/2_Deployment.md new file mode 100644 index 0000000..3fcf5d6 --- /dev/null +++ b/docs/devops/Deploy/Care/Azure/2_Deployment.md @@ -0,0 +1,251 @@ +# Deployment Process + +This guide covers the deployment process for Care components on Azure Container Apps. + +## Pre-deployment Steps + +### 1. Connection String Configuration + +These commands help you build the connection strings needed for your application to connect to the database and cache services. + +```bash +# Get PostgreSQL connection details +POSTGRES_HOST="[POSTGRES_SERVER_NAME].postgres.database.azure.com" +DATABASE_URL="postgresql://[USERNAME]:[PASSWORD]@${POSTGRES_HOST}:5432/[DATABASE_NAME]?sslmode=require" + +# Get Redis connection details +REDIS_HOST="[REDIS_NAME].redis.cache.windows.net" +REDIS_PORT="6380" +REDIS_KEY=$(az redis list-keys --name [REDIS_NAME] --resource-group [RESOURCE_GROUP] --query primaryKey -o tsv) +REDIS_URL="rediss://:${REDIS_KEY}@${REDIS_HOST}:${REDIS_PORT}/0" +``` + +### 2. Environment Variable Preparation + +```bash +# Define common environment variables array +COMMON_ENV_VARS=( + "DJANGO_SETTINGS_MODULE=config.settings.production" # Specifies which settings file Django should use + "DISABLE_COLLECTSTATIC=1" # Prevents automatic static file collection during deployment + "DATABASE_URL=$DATABASE_URL" # Connection string for PostgreSQL database + "POSTGRES_USER=$POSTGRES_USER" # PostgreSQL username + "POSTGRES_PASSWORD=$POSTGRES_PASSWORD" # PostgreSQL password + "POSTGRES_HOST=$POSTGRES_HOST" # PostgreSQL server hostname + "POSTGRES_PORT=$POSTGRES_PORT" # PostgreSQL server port + "POSTGRES_DB=$POSTGRES_DB" # PostgreSQL database name + "REDIS_URL=$REDIS_URL" # Connection string for Redis + "CELERY_BROKER_URL=$REDIS_URL" # Message broker URL for Celery tasks + "REDIS_AUTH_TOKEN=$REDIS_KEY" # Redis authentication token + "REDIS_HOST=$REDIS_HOST" # Redis server hostname + "REDIS_PORT=$REDIS_PORT" # Redis server port + "REDIS_DATABASE=0" # Redis database number + "CORS_ALLOWED_ORIGINS=[\"https://care.example.com\"]" # Domains allowed to make cross-origin requests + "BUCKET_PROVIDER=aws" # Storage provider type (S3-compatible) + "BUCKET_REGION=$LOCATION" # Storage region + "BUCKET_KEY=$S3_ACCESS_KEY" # Storage access key + "BUCKET_SECRET=$S3_SECRET_KEY" # Storage secret key + "BUCKET_ENDPOINT=$S3_ENDPOINT" # Storage endpoint URL + "BUCKET_HAS_FINE_ACL=True" # Enables fine-grained access control for S3 objects + "FILE_UPLOAD_BUCKET=$STORAGE_CONTAINER_NAME" # Bucket for file uploads + "FILE_UPLOAD_BUCKET_ENDPOINT=$S3_ENDPOINT" # Endpoint for file uploads + "FACILITY_S3_BUCKET=$STORAGE_CONTAINER_NAME" # Bucket for facility data + "FACILITY_S3_BUCKET_ENDPOINT=$S3_ENDPOINT" # Endpoint for facility data + "JWKS_BASE64=$JWKS_BASE64" # Base64-encoded JSON Web Key Set +) +``` + +## Deployment Steps + +### 1. Main Application Deployment + +```bash +# Deploy main app +DOCKER_IMAGE="ghcr.io/ohcnetwork/care:production-latest" + +az containerapp create \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --environment [ENV_NAME] \ + --image ${DOCKER_IMAGE} \ + --env-vars "${COMMON_ENV_VARS[@]}" \ + --target-port 9000 \ + --ingress external \ + --min-replicas 1 \ + --max-replicas 3 \ + --command "./app/start.sh" +``` + +Key flag explanations: +- `--name`: Unique identifier for the container app +- `--image ${DOCKER_IMAGE}`: Uses the Care application's official container image +- `--target-port 9000`: Internal container port that will be exposed +- `--ingress external`: Makes the app publicly accessible from the internet +- `--min-replicas 1`: Minimum number of container instances to maintain +- `--max-replicas 3`: Maximum number of instances allowed during auto-scaling + +### 2. Worker Deployment + +```bash +# Deploy worker app +az containerapp create \ + --name [WORKER_APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --environment [ENV_NAME] \ + --image ${DOCKER_IMAGE} \ + --env-vars "${COMMON_ENV_VARS[@]}" \ + --min-replicas 1 \ + --max-replicas 3 \ + --command "./app/celery_worker.sh" +``` + +Key flag explanations: +- No `--ingress` parameter: Workers don't need external HTTP access +- `--command "./app/celery_worker.sh"`: Runs the worker process instead of web server + +### 3. Beat Scheduler Deployment + +```bash +# Deploy beat app +az containerapp create \ + --name [BEAT_APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --environment [ENV_NAME] \ + --image ${DOCKER_IMAGE} \ + --env-vars "${COMMON_ENV_VARS[@]}" \ + --min-replicas 1 \ + --max-replicas 1 \ + --command "./app/celery_beat.sh" +``` + +Key flag explanations: +- `--min-replicas 1` and `--max-replicas 1`: Ensures exactly one scheduler instance to prevent duplicate tasks +- `--command "./app/celery_beat.sh"`: Runs the Celery beat scheduler process + +## Custom Domain Configuration + +```bash +# Get current Container App domain +APP_URL=$(az containerapp show \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --query properties.configuration.ingress.fqdn -o tsv) + +# Add custom domain +az containerapp hostname add \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --hostname [CUSTOM_DOMAIN] + +# Generate certificate +az containerapp certificate create \ + --name [CERT_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --hostname [CUSTOM_DOMAIN] \ + --validation-method HTTP +``` + +Key flag explanations: +- `--query properties.configuration.ingress.fqdn -o tsv`: Extracts just the FQDN value in text format +- `--hostname`: The custom domain name to add +- `--validation-method HTTP`: Uses HTTP validation to verify domain ownership +- `--name [CERT_NAME]`: Certificate resource name in Azure + +## Scaling Configuration + +| Component | Min Replicas | Max Replicas | Scale Trigger | +| ---------------- | ------------ | ------------ | ----------------- | +| Web Application | 1 | 3 | HTTP traffic | +| Celery Worker | 1 | 3 | CPU usage | +| Celery Beat | 1 | 1 | Always 1 instance | + +```bash +# Configure HTTP scaling rules +az containerapp update \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --scale-rule-name http-scaling \ + --scale-rule-type http \ + --scale-rule-http-concurrency 50 + +# Configure CPU scaling rules for worker +az containerapp update \ + --name [WORKER_APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --scale-rule-name cpu-scaling \ + --scale-rule-type cpu \ + --scale-rule-cpu-threshold 60 +``` + +Key flag explanations: +- `--scale-rule-name`: Unique identifier for the scaling rule +- `--scale-rule-type http`: Scales based on HTTP request volume +- `--scale-rule-http-concurrency 50`: Target of 50 concurrent requests per instance +- `--scale-rule-type cpu`: Scales based on CPU utilization +- `--scale-rule-cpu-threshold 60`: Triggers scaling when CPU exceeds 60% + +## Environment Updates + +```bash +# Update image version +az containerapp update \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --image [DOCKER_IMAGE_NEW_TAG] + +# Add environment variable +az containerapp update \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --set-env-vars "NEW_ENV_VAR=value" + +# Update secret +az containerapp secret set \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --secrets "secretName=secretValue" +``` + +Key flag explanations: +- `--image`: Updates to a new container image version +- `--set-env-vars`: Adds or updates environment variables +- `--secrets`: Adds or updates secure environment variables + +## Rollback Process + +```bash +# View revision history +az containerapp revision list \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] + +# Activate previous revision +az containerapp revision activate \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --revision [REVISION_NAME] +``` + +Key flag explanations: +- `--revision`: Identifier of a previous deployment to activate + +## Post-Deployment Verification + +```bash +# Check application status +az containerapp show \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] + +# View logs +az containerapp logs show \ + --name [APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --tail 100 + +# Test endpoint +curl -I https://[APP_NAME].[REGION].azurecontainerapps.io +``` + +Key flag explanations: +- `--tail 100`: Shows only the last 100 log entries +- `curl -I`: Fetches just the HTTP headers to verify the endpoint is responding diff --git a/docs/devops/Deploy/Care/Azure/3_Configuration.md b/docs/devops/Deploy/Care/Azure/3_Configuration.md new file mode 100644 index 0000000..2e340ad --- /dev/null +++ b/docs/devops/Deploy/Care/Azure/3_Configuration.md @@ -0,0 +1,264 @@ +# Configuration and Monitoring + +This guide covers advanced configuration, monitoring, and troubleshooting for Care deployments on Azure. + +## Monitoring Setup + +### 1. Azure Monitor Configuration + +```bash +# Enable monitoring for container apps +az monitor diagnostic-settings create \ + --name container-app-logs \ + --resource-group [RESOURCE_GROUP] \ + --resource [CONTAINER_APP_NAME] \ + --resource-type Microsoft.App/containerApps \ + --logs '[{"category": "ContainerAppConsoleLogs","enabled": true}]' \ + --workspace [LOG_ANALYTICS_WORKSPACE] +``` + +Key flag explanations: +- `--name`: Identifier for the diagnostic settings configuration +- `--resource-type`: Specifies the Azure resource type to monitor +- `--logs`: JSON array specifying which log categories to collect +- `--workspace`: Log Analytics workspace where logs will be sent for analysis + +```bash +# Set up alerts for high CPU/memory usage +az monitor metrics alert create \ + --name cpu-alert \ + --resource-group [RESOURCE_GROUP] \ + --scopes [CONTAINER_APP_ID] \ + --condition "avg CPU > 80" \ + --window-size 5m \ + --evaluation-frequency 1m +``` + +Key flag explanations: +- `--scopes`: Resource ID(s) to monitor +- `--condition`: Alert trigger criteria using metric name and threshold +- `--window-size 5m`: Time window to evaluate the condition (5 minutes) +- `--evaluation-frequency 1m`: How often to check the condition (every minute) + +### 2. Key Metrics + +| Component | Metrics to Monitor | +| --------------- | -------------------------------------- | +| Container Apps | CPU usage, Memory usage, Request count | +| PostgreSQL | Connection count, Storage usage, IOPS | +| Redis | Cache hits, Memory usage, Connections | +| Network | Latency, Throughput, Error rate | + +## Troubleshooting + +### 1. Container App Issues + +```bash +# Check container app logs +az containerapp logs show \ + --name [CONTAINER_APP_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --tail 100 +``` + +Key flag explanations: +- `--tail 100`: Shows only the most recent 100 log entries +- Default settings include all container logs from all revisions + +```bash +# Check container app status +az containerapp show \ + --name [CONTAINER_APP_NAME] \ + --resource-group [RESOURCE_GROUP] +``` + +```bash +# Restart container app +az containerapp restart \ + --name [CONTAINER_APP_NAME] \ + --resource-group [RESOURCE_GROUP] +``` + +### 2. Database Issues + +```bash +# Check PostgreSQL server status +az postgres flexible-server show \ + --name [POSTGRES_SERVER_NAME] \ + --resource-group [RESOURCE_GROUP] +``` + +```bash +# View PostgreSQL logs +az postgres flexible-server logs list \ + --name [POSTGRES_SERVER_NAME] \ + --resource-group [RESOURCE_GROUP] +``` + +Key flag explanations: +- Lists all available log files for the PostgreSQL server + +```bash +# Test database connectivity +psql "host=[POSTGRES_HOST] port=5432 dbname=[DB_NAME] user=[USERNAME] password=[PASSWORD] sslmode=require" +``` + +Key parameter explanations: +- `sslmode=require`: Forces SSL encryption for the database connection + +### 3. Redis Cache Issues + +```bash +# Check Redis status +az redis show \ + --name [REDIS_NAME] \ + --resource-group [RESOURCE_GROUP] +``` + +```bash +# Flush Redis cache +az redis patch \ + --name [REDIS_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --reboot RebootAllNodes +``` + +Key flag explanations: +- `--reboot RebootAllNodes`: Flushes all cached data by rebooting all nodes in the Redis cluster + +## Maintenance Tasks + +### Daily + +- Monitor container app logs +- Check application error rates +- Review database performance + +### Weekly + +- Review access logs +- Check scaling metrics +- Update security patches + +### Monthly + +- Review backup integrity +- Update SSL certificates if needed +- Optimize resource allocation + +## Cost Management + +```bash +# Get current resource consumption +az monitor metrics list \ + --resource [RESOURCE_ID] \ + --metric "CpuUsage" \ + --interval 1h \ + --output table +``` + +Key flag explanations: +- `--metric "CpuUsage"`: Specifies which metric to query +- `--interval 1h`: Time granularity of the data points (hourly) +- `--output table`: Formats results as a readable ASCII table + +```bash +# View billing data +az consumption usage list \ + --billing-period [YEAR-MONTH] \ + --query "[].{cost:pretaxCost, product:consumedService, resourceGroup:properties.resourceGroup}" \ + --output table +``` + +Key flag explanations: +- `--billing-period`: Specific month to get billing data for (format: YYYY-MM) +- `--query`: JMESPath query to filter and format the output +- Selected fields: pretaxCost, consumedService, and resourceGroup + +```bash +# Configure budget alerts +az consumption budget create \ + --name monthly-budget \ + --amount 100 \ + --time-grain monthly \ + --category cost \ + --start-date $(date +%Y-%m-01) \ + --notification "actual_gt_80_percent" +``` + +Key flag explanations: +- `--amount 100`: Budget limit in your currency (e.g., $100) +- `--time-grain monthly`: Budget tracking frequency +- `--category cost`: Budget type (actual spending) +- `--start-date $(date +%Y-%m-01)`: First day of current month as start date +- `--notification "actual_gt_80_percent"`: Alert when spending reaches 80% of budget + +## Backup Configuration + +```bash +# Setup PostgreSQL automated backups +az postgres flexible-server update \ + --name [POSTGRES_SERVER_NAME] \ + --resource-group [RESOURCE_GROUP] \ + --backup-retention 7 +``` + +Key flag explanations: +- `--backup-retention 7`: Keeps automated backups for 7 days + +```bash +# Create a backup script for additional files +cat > backup.sh << 'EOF' +#!/bin/bash +TIMESTAMP=$(date +%Y%m%d%H%M) +az storage blob upload-batch \ + --source /path/to/files \ + --destination [BACKUP_CONTAINER] \ + --account-name [STORAGE_ACCOUNT] \ + --destination-path backup-${TIMESTAMP} +EOF +``` + +Key parameters in script: +- `--source`: Local directory containing files to back up +- `--destination`: Storage container to upload files to +- `--destination-path`: Custom path with timestamp for versioning + +```bash +# Configure storage lifecycle management +cat > lifecycle.json << 'EOF' +{ + "rules": [ + { + "name": "backupRetention", + "enabled": true, + "type": "Lifecycle", + "definition": { + "filters": { + "prefixMatch": ["backup-"], + "blobTypes": ["blockBlob"] + }, + "actions": { + "baseBlob": { + "delete": { + "daysAfterModificationGreaterThan": 30 + } + } + } + } + } + ] +} +EOF + +az storage account management-policy create \ + --account-name [STORAGE_ACCOUNT] \ + --policy @lifecycle.json \ + --resource-group [RESOURCE_GROUP] +``` + +Key components in lifecycle policy: +- `"name": "backupRetention"`: Identifier for this lifecycle rule +- `"prefixMatch": ["backup-"]`: Applies only to files starting with "backup-" +- `"daysAfterModificationGreaterThan": 30`: Auto-deletes files older than 30 days +- `--policy @lifecycle.json`: References the local JSON file containing the policy diff --git a/docs/devops/Deploy/Care/Azure/index.md b/docs/devops/Deploy/Care/Azure/index.md new file mode 100644 index 0000000..9e60dfb --- /dev/null +++ b/docs/devops/Deploy/Care/Azure/index.md @@ -0,0 +1,11 @@ +# Azure + +## Deploying Care on Azure using Container Apps + +This is a step-by-step guide to deploying the **Care** application on **Microsoft Azure** using **Azure Container Apps**. The deployment process involves the following steps: + + - [**Setting up the Infrastructure**](./1_Infra.md): This guide walks you through the steps required to set up the main infrastructure components in **Azure**, including resource groups, networking, and database services. + + - [**Deploying Core Components**](./2_Deployment.md): This section covers the deployment of Care components using Azure Container Apps, including the web application, Celery workers, and beat scheduler. + + - [**Advanced Configuration and Monitoring**](./3_Configuration.md): This guide provides details on advanced configuration options, monitoring, and troubleshooting for your Azure deployment.