Add a public service

Abstract

Learn how to add an additional service.

Sitecore comes with four public services: Content Management, Continuous Delivery, Identity, and Grafana. You can also add additional services. For example, Horizon.

To add a public service:

  1. Create a new service names in the DNS zone that points to Azure Frontdoor. Alternatively, if you use managedcloud.sitecore.com you can create a service request.

  2. Add the new hostname as a secret to Azure Key Vault. The name of the secret must have the following pattern:

    sitecore-{your service name}-host-name.

  3. In the Infrastructure repository, create a pull request with the following changes:

    • Extend the frontdoor/backend-config.json file with a new service.

    • Retrieve the Azure Keyvault secrets with new hostnames created in step 2.

    • Add an Azure Frontdoor routing rule at the frontdoor/main.tf to point the new service backend pool routing_rule. View HTTPS-cd as an example.

    • Add the Azure Frontdoor frontend endpoint to register the hostname on the Azure Frontdoor side at the frontdoor/main.tf.

      View cm-frontend-endpoint as an example. If you want the service to be protected by WAF, view cd-frontend-endpoint as an example.

  4. To apply the changes, complete the pull request and run the Frontdoor pipeline.

  5. In the Infrastructure repository, create a second pull request with the following changes:

    • Add the Azure Frontdoor custom HTTPS configuration at the frontdoor/main.tf . View cm_https_configuration as an example (and replace the frontend_endpoints with the correct service endpoint).

      Note

      Wait until the previously triggered pipeline is finished.

  6. In the Application repository, create a pull request and include the following items:

    • Declare a deployment for a particular application and two services. Add the deployment and the first service to the Sitecore namespace. View CM declaration under /platform-artifacts/cm.yaml as an example.

    • Add the second service to the Nginx namespace to route traffic from the Nginx to the Sitecore role and prepare the Kubernetes deployment for the service external-services-example.yaml:

      ---
      kind: Service
      apiVersion: v1
      metadata:
        name: service-name-external
      spec:
        type: ExternalName
        externalName: service-name-example.{{ solution_id }}.svc.cluster.local
        ports:
        - port: 80
      
    • Declare an Ingress for the service and prepare the Kubernetes deployment for the Ingress configuration ingress-config-example.yaml:

      ---
      apiVersion: extensions/v1beta1
      kind: Ingress
      metadata:
        name: service-name-example-ingress
        annotations:
          kubernetes.io/ingress.class: "nginx"
          nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
          nginx.ingress.kubernetes.io/rewrite-target: /
      spec:
        rules:
        - host: "example.sitecore"
          http:
            paths:
            - path: /
              backend:
                serviceName: service-name-example
                servicePort: 80
      
    • Add an Ansible role to run these deployments. It must contain at least two tasks to run the deployments (the deployment files must be under the templates folder inside the role):

      ---
      - name: Install external services
        k8s:
          apply: true
          namespace: "nginx"
          state: present
          definition: "{{ lookup('template', 'external-services-example.yaml') }}"
          validate:
            fail_on_error: yes
      
      - name: Install ingress
        k8s:
          apply: true
          namespace: "nginx"
          state: present
          definition: "{{ lookup('template', 'ingress-config-example.yaml') }}"
          validate:
            fail_on_error: yes
      

      The value of the host field must be the same as the host_header property in /frontdoor/backend-config.json file in the Infrastructure repository. The value of serviceName property must be the same as service name declared in the Nginx namespace.

  7. Complete the pull request.