Defining Backend with Azure Blob Storage

PreviousZebClient with Azure Blob Storage NextMounting ZebClient with Azure Blob Storage

Last updated 1 year ago

Defining Backend with Azure Blob Storage

Install Blob Storage and Database Node

The Goal of This Step

The goal of this step is to set up the storage resources needed for ZebClient. The following components will be deployed in your cloud environment:

1 x db node: Standard D4s v4
1 x Azure blob storage container

The above two components are the minimum requirements for running the ZebClient agent on any machine e.g. your workstation.

Prerequisites

A ZebClient license: A trial license can be ordered for free from www.zebware.com/store.

Install Azure CLI

You can obtain Azure CLI and consult the documentation here:

curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash

Install GIT

Install Terraform

Authenticate with Azure CLI

Once all your dependencies are installed, run az login and authenticate with your credentials.

az login

Supply Necessary Details for the Terraform Deployment

Once authenticated, it's time to check out our git repository which will help you get started.

git clone https://gitlab.com/zebware/public/azure-zebclient-start.git

Switch your directory to checked out repository:

cd $(pwd)/azure-zebclient-start

Then copy the tfvars file:

cp examples/start.tfvars terraform.tfvars

Update the contents of the terraform.tfvars file accordingly

# Azure general
prefix = "<your prefix>" # your cluster's name. Cannot contain the special characters: `\/"[]:|<>+=;,?*@&~!#$%^()_{}'`
location = "<azure region>" # Azure region

# ZebClient
zebclient_license_key = "<your ZebClient license key>" # Provide the "zebClientLicense" part of your zebclient license json file.

# Allow access to your resources on Azure
public_access_cidrs = ["<your ip address>"] # IP addresses that will be allowed to access the cloud resources: the db and the blob storage i.e. [ "xxx.xxx.0.0/16", "xxx.xxx.xxx.xxx/32" ]

To quickly obtain an external IP address of your machine you can run;

curl http://checkip.dyndns.org and obtain external IP that you can use with confidence when setting public_access_cidrs value.

Once this is done save your changes, and you are ready to deploy!

Deploy the Terraform Script

Run the following commands to start the deployment process:

terraform init

terraform plan -out main.tfplan

terraform apply main.tfplan

The deployment process will now start and take a couple of minutes. When it's done, you should see the following output:

_1_keydb_public_ip = "xxx.xxx.xxx.xxx"
_2_keydb_password = "your database password <sensitive>"
_3_zebclient_license = "your ZebClient license <sensitive>"
_4_azure_storage_account_access_key = "your Azure storage account access key <sensitive>"
_5_azure_storage_account_name = "zc{your prefix}"
_6_azure_container_name = tolist([
  "zc{your prefix}",
])
_7_azure_storage_account_endpoint = "https://zc{your prefix}.blob.core.windows.net"
_8_ssh_key = "Your keypair to ssh to the resource on azure i.e. the db node. <sensitive>"

For security reasons, some of the values are hidden. To reveal them, use the command in the example:

terraform output _4_azure_storage_account_access_key

It will print out the value you need. In the next step, you can use it with other sensitive values like _2_keydb_password and others. It is recommended to use two (2) terminal windows for convenience.