Add a public service
Learn how to add an additional service.
Sitecore comes with four public services: Content Management, Continuous Delivery, Identity, and Grafana. You can also add additional services. For example, Horizon.
To add a public service:
Create a new service names in the DNS zone that points to Azure Frontdoor. Alternatively, if you use
managedcloud.sitecore.com
you can create a service request.Add the new hostname as a secret to Azure Key Vault. The name of the secret must have the following pattern:
sitecore-{your service name}-host-name
.In the Infrastructure repository, create a pull request with the following changes:
Extend the
frontdoor/backend-config.json
file with a new service.Retrieve the Azure Keyvault secrets with new hostnames created in step 2.
Add an Azure Frontdoor routing rule at the
frontdoor/main.tf
to point the new service backend pool routing_rule. ViewHTTPS-cd
as an example.Add the Azure Frontdoor frontend endpoint to register the hostname on the Azure Frontdoor side at the
frontdoor/main.tf
.View
cm-frontend-endpoint
as an example. If you want the service to be protected by WAF, viewcd-frontend-endpoint
as an example.
To apply the changes, complete the pull request and run the
Frontdoor
pipeline.In the Infrastructure repository, create a second pull request with the following changes:
Add the Azure Frontdoor custom HTTPS configuration at the
frontdoor/main.tf
. Viewcm_https_configuration
as an example (and replace the frontend_endpoints with the correct service endpoint).Note
Wait until the previously triggered pipeline is finished.
In the Application repository, create a pull request and include the following items:
Declare a deployment for a particular application and two services. Add the deployment and the first service to the Sitecore namespace. View CM declaration under
/platform-artifacts/cm.yaml
as an example.Add the second service to the Nginx namespace to route traffic from the Nginx to the Sitecore role and prepare the Kubernetes deployment for the service
external-services-example.yaml
:--- kind: Service apiVersion: v1 metadata: name: service-name-external spec: type: ExternalName externalName: service-name-example.{{ solution_id }}.svc.cluster.local ports: - port: 80
Declare an Ingress for the service and prepare the Kubernetes deployment for the Ingress configuration
ingress-config-example.yaml
:--- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: service-name-example-ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/force-ssl-redirect: "false" nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: "example.sitecore" http: paths: - path: / backend: serviceName: service-name-example servicePort: 80
Add an Ansible role to run these deployments. It must contain at least two tasks to run the deployments (the deployment files must be under the
templates
folder inside the role):--- - name: Install external services k8s: apply: true namespace: "nginx" state: present definition: "{{ lookup('template', 'external-services-example.yaml') }}" validate: fail_on_error: yes - name: Install ingress k8s: apply: true namespace: "nginx" state: present definition: "{{ lookup('template', 'ingress-config-example.yaml') }}" validate: fail_on_error: yes
The value of the host field must be the same as the
host_header
property in/frontdoor/backend-config.json
file in the Infrastructure repository. The value ofserviceName
property must be the same as service name declared in the Nginx namespace.
Complete the pull request.