Skip to content

Commit

Permalink
Merge pull request #7 from monte-carlo-data/pchawla/mes-294-support-d…
Browse files Browse the repository at this point in the history
…isabling-public-inbound-and-specifying-a-vnet

Private endpoint and vnet support
  • Loading branch information
pxc-dev authored Jun 21, 2024
2 parents a4ee677 + 32a2fbf commit 36ec260
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 14 deletions.
12 changes: 7 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,11 +48,13 @@ for additional details.

## Inputs

| **Name** | **Description** | **Type** | **Default** |
|-------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|-----------------------------------|
| location | The Azure location (region) to deploy the agent into. | string | EAST US |
| image | The image for the agent. | string | montecarlodata/agent:latest-azure |
| remote_upgradable | Allow the agent image to be remotely upgraded by Monte Carlo. Note that this sets a lifecycle to ignore any changes in Terraform to fields like the image used after the initial deployment. If not set to 'true' you will be responsible for upgrading the image (e.g. specifying a new tag) for any bug fixes and improvements. Changing this value after initial deployment will replace your agent and require (re)registration. | bool | true |
| **Name** | **Description** | **Type** | **Default** |
|------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|-----------------------------------|
| disable_public_inbound | Disable inbound public network access. Setting this to true requires enabling the use of Azure Private Endpoints (Private Link). See details here: https://docs.getmontecarlo.com/docs/azure-private-link | bool | false |
| image | The image for the agent. | string | montecarlodata/agent:latest-azure |
| location | The Azure location (region) to deploy the agent into. | string | EAST US |
| remote_upgradable | Allow the agent image to be remotely upgraded by Monte Carlo. Note that this sets a lifecycle to ignore any changes in Terraform to fields like the image used after the initial deployment. If not set to 'true' you will be responsible for upgrading the image (e.g. specifying a new tag) for any bug fixes and improvements. Changing this value after initial deployment will replace your agent and require (re)registration. | bool | true |
| subnet_id | Optionally connect the agent to a Virtual Network by specifying a subnet. Note that the subnet must already be delegated to "Microsoft.Web/serverFarms" or the deployment will fail. The ID can be retrieved using the command `az network vnet subnet list`. | string | null |

## Outputs

Expand Down
4 changes: 1 addition & 3 deletions examples/agent/README.md
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
# Agent Sample

This example deploys a pre-release Agent.

Note that the pre-release agent is in active development and not intended for production usage.
This example deploys an Agent.

## Prerequisites

Expand Down
1 change: 0 additions & 1 deletion examples/agent/main.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
module "apollo" {
source = "../../"
image = "montecarlodata/pre-release-agent:latest-azure"
}

output "resource_group" {
Expand Down
8 changes: 7 additions & 1 deletion main.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
locals {
# Wrapper metadata
mcd_wrapper_version = "0.1.2"
mcd_wrapper_version = "0.1.3"
mcd_agent_platform = "AZURE"
mcd_agent_service_name = "REMOTE_AGENT"
mcd_agent_deployment_type = "TERRAFORM"
Expand Down Expand Up @@ -180,6 +180,9 @@ resource "azurerm_linux_function_app" "mcd_agent_service" {
storage_account_access_key = azurerm_storage_account.mcd_agent_storage[0].primary_access_key
service_plan_id = azurerm_service_plan.mcd_agent_service_plan.id

public_network_access_enabled = !var.disable_public_inbound
virtual_network_subnet_id = var.subnet_id

site_config {
application_insights_key = azurerm_application_insights.mcd_agent_service_insights.instrumentation_key
application_insights_connection_string = azurerm_application_insights.mcd_agent_service_insights.connection_string
Expand Down Expand Up @@ -220,6 +223,9 @@ resource "azurerm_linux_function_app" "mcd_agent_service_with_remote_upgrade_sup
storage_account_access_key = azurerm_storage_account.mcd_agent_storage[0].primary_access_key
service_plan_id = azurerm_service_plan.mcd_agent_service_plan.id

public_network_access_enabled = !var.disable_public_inbound
virtual_network_subnet_id = var.subnet_id

site_config {
application_insights_key = azurerm_application_insights.mcd_agent_service_insights.instrumentation_key
application_insights_connection_string = azurerm_application_insights.mcd_agent_service_insights.connection_string
Expand Down
31 changes: 27 additions & 4 deletions variables.tf
Original file line number Diff line number Diff line change
@@ -1,7 +1,12 @@
variable "location" {
description = "The Azure location (region) to deploy the agent into."
type = string
default = "EAST US"
variable "disable_public_inbound" {
description = <<EOF
Disable inbound public network access. Setting this to true requires enabling the use of Azure Private Endpoints (Private Link).
See details here: https://docs.getmontecarlo.com/docs/azure-private-link
EOF
type = bool
default = false

}

variable "image" {
Expand All @@ -10,6 +15,12 @@ variable "image" {
default = "montecarlodata/agent:latest-azure"
}

variable "location" {
description = "The Azure location (region) to deploy the agent into."
type = string
default = "EAST US"
}

variable "remote_upgradable" {
description = <<EOF
Allow the agent image to be remotely upgraded by Monte Carlo.
Expand All @@ -22,4 +33,16 @@ variable "remote_upgradable" {
EOF
type = bool
default = true
}

variable "subnet_id" {
description = <<EOF
Optionally connect the agent to a Virtual Network by specifying a subnet.
Note that the subnet must already be delegated to "Microsoft.Web/serverFarms" or the deployment will fail.
The ID can be retrieved using the command `az network vnet subnet list`.
EOF
type = string
default = null
}

0 comments on commit 36ec260

Please sign in to comment.