Update AKS Bicep to use Redis instead of CosmosDB. (#190)

We are facing some issues using actor with a cosmosDB state store. This issue might be related to dapr/dapr#6339. We are moving the setup to use Redis instead of CosmosDB as our state store. This matches our current longhaul setup. While this might seem in contradiction with dapr/components-contrib#2071 and dapr/cli#1328, unblocking this issue will allow for easier and predictable reproductions of our longhaul setup. We might revisit the use of CosmosDB as a state store in the future. Signed-off-by: Tiago Alves Macambira <[email protected]>
dapr · Sep 19, 2023 · c1cbedb · c1cbedb
1 parent 264ef3a
commit c1cbedb
Show file tree

Hide file tree

Showing 4 changed files with 145 additions and 31 deletions.
diff --git a/...aks/daprComponents/cosmos-component.bicep → ...daprComponents/statestore-component.bicep b/...aks/daprComponents/cosmos-component.bicep → ...daprComponents/statestore-component.bicep
@@ -1,10 +1,14 @@
 @secure()
 param kubeConfig string
 param kubernetesNamespace string
-param cosmosUrl string
-param cosmosDatabaseName string
-param cosmosContainerName string
-param cosmosAccountPrimaryMasterKey string
+
+@secure()
+param redisHostnameAndPort string
+
+@secure()
+param redisPassword string
+
+param redisEnableTLS bool
 
 import '[email protected]' with {
   namespace: 'default'
@@ -17,24 +21,20 @@ resource daprIoComponentStatestore 'dapr.io/Component@v1alpha1' = {
     namespace: kubernetesNamespace
   }
   spec: {
-    type: 'state.azure.cosmosdb'
+    type: 'state.redis'
     version: 'v1'
     metadata: [
       {
-        name: 'url'
-        value: cosmosUrl
-      }
-      {
-        name: 'masterKey'
-        value: cosmosAccountPrimaryMasterKey
+        name: 'enableTLS'
+        value: redisEnableTLS ? 'true' : 'false'
       }
       {
-        name: 'database'
-        value: cosmosDatabaseName
+        name: 'redisHost'
+        value: redisHostnameAndPort
       }
       {
-        name: 'collection'
-        value: cosmosContainerName
+        name: 'redisPassword'
+        value: redisPassword
       }
       {
         name: 'actorStateStore'

diff --git a/...rComponents/storage-queue-component.bicep → ...nts/storage-queue-binding-component.bicep b/...rComponents/storage-queue-component.bicep → ...nts/storage-queue-binding-component.bicep
diff --git a/deploy/aks/main.bicep b/deploy/aks/main.bicep
@@ -160,29 +160,40 @@ module servicebus 'services/servicebus.bicep' = {
   }
 }
 
+
+module redis 'services/redis.bicep' = {
+  name: '${clusterName}--services--redis'
+  params: {
+    solutionName: solutionName
+    location: location
+    enableNonSslPort : false // Just to be explicit here: using TLS port 6380
+    // diagnosticsEnabled: false - https://github.com/Azure/azure-quickstart-templates/issues/13566
+  }
+}
+
 //
 // Dapr Components
 //
 
-module cosmosComponent 'daprComponents/cosmos-component.bicep' = {
-  name: '${clusterName}--component--cosmos'
+module statestoreComponent 'daprComponents/statestore-component.bicep' = {
+  name: '${clusterName}--component--redis-statestore'
   params: {
     kubeConfig: aks.listClusterAdminCredential().kubeconfigs[0].value
     kubernetesNamespace: longhaulNamespace.outputs.kubernetesNamespace
-    cosmosUrl: cosmos.outputs.cosmosUrl
-    cosmosContainerName: cosmos.outputs.cosmosContainerName
-    cosmosDatabaseName: cosmos.outputs.cosmosDatabaseName
-    cosmosAccountPrimaryMasterKey: cosmos.outputs.cosmosAccountPrimaryMasterKey
+
+    redisEnableTLS: redis.outputs.redisEnableTLS
+    redisHostnameAndPort: redis.outputs.redisHostnameAndPort
+    redisPassword: redis.outputs.redisPassword
   }
   dependsOn: [
-    cosmos
+    redis
     daprExtension
     longhaulNamespace
   ]
 }
 
-module messageBindingComponent 'daprComponents/storage-queue-component.bicep' = {
-  name: '${clusterName}--component--storageQueue'
+module messageBindingComponent 'daprComponents/storage-queue-binding-component.bicep' = {
+  name: '${clusterName}--component--storageQueue-bindings'
   params: {
     kubeConfig: aks.listClusterAdminCredential().kubeconfigs[0].value
     kubernetesNamespace: longhaulNamespace.outputs.kubernetesNamespace
@@ -199,8 +210,8 @@ module messageBindingComponent 'daprComponents/storage-queue-component.bicep' =
 
 
 
-module servicebusComponent 'daprComponents/servicebus-pubsub-component.bicep' = {
-  name: '${clusterName}--component--servicebus'
+module pubSubComponent 'daprComponents/servicebus-pubsub-component.bicep' = {
+  name: '${clusterName}--component--servicebus-pubsub'
   params: {
     kubeConfig: aks.listClusterAdminCredential().kubeconfigs[0].value
     kubernetesNamespace: longhaulNamespace.outputs.kubernetesNamespace
@@ -228,7 +239,7 @@ module feedGenerator 'apps/feed-generator-deploy.bicep' = {
   dependsOn: [
     daprExtension
     longhaulNamespace
-    servicebusComponent
+    pubSubComponent
   ]
 }
 
@@ -242,7 +253,7 @@ module messageAnalyzer 'apps/message-analyzer-deploy.bicep' = {
     daprExtension
     longhaulNamespace
     messageBindingComponent
-    servicebusComponent
+    pubSubComponent
   ]
 }
 
@@ -255,7 +266,7 @@ module hashtagActor 'apps/hashtag-actor-deploy.bicep' = {
   dependsOn: [
     daprExtension
     longhaulNamespace
-    cosmosComponent
+    statestoreComponent
   ]
 }
 
@@ -284,7 +295,7 @@ module pubsubWorkflowApp 'apps/pubsub-workflow-deploy.bicep' = {
   dependsOn: [
     daprExtension
     longhaulNamespace
-    servicebusComponent
+    pubSubComponent
   ]
 }
 
@@ -297,7 +308,7 @@ module snapshotApp 'apps/snapshot-deploy.bicep' = {
   dependsOn: [
     daprExtension
     longhaulNamespace
-    servicebusComponent
+    pubSubComponent
     hashtagActor
   ]
 }

diff --git a/deploy/aks/services/redis.bicep b/deploy/aks/services/redis.bicep
@@ -0,0 +1,103 @@
+// Based on MIT-licensed https://github.com/Azure/azure-quickstart-templates/blob/master/quickstarts/microsoft.cache/redis-cache/main.bicep
+// Updated to default to chepest tier.
+
+@description('Used to create a unique name for this redis instance')
+param solutionName string
+
+@description('Specify the name of the Azure Redis Cache to create.')
+param redisCacheName string = '${solutionName}-redis'
+
+@description('Location of all resources')
+param location string = resourceGroup().location
+
+@description('Specify the pricing tier of the new Azure Redis Cache.')
+@allowed([
+  'Basic'
+  'Standard'
+  'Premium'
+])
+param redisCacheSKU string = 'Basic'
+
+@description('Specify the family for the sku. C = Basic/Standard, P = Premium.')
+@allowed([
+  'C'
+  'P'
+])
+param redisCacheFamily string = 'C'
+
+@description('Specify the size of the new Azure Redis Cache instance. Valid values: for C (Basic/Standard) family (0, 1, 2, 3, 4, 5, 6), for P (Premium) family (1, 2, 3, 4)')
+@allowed([
+  0
+  1
+  2
+  3
+  4
+  5
+  6
+])
+param redisCacheCapacity int = 0
+
+@description('Specify a boolean value that indicates whether to allow access via non-SSL ports.')
+param enableNonSslPort bool = false
+
+resource redisCache 'Microsoft.Cache/Redis@2020-06-01' = {
+  name: redisCacheName
+  location: location
+  properties: {
+    enableNonSslPort: enableNonSslPort
+    minimumTlsVersion: '1.2'
+    sku: {
+      capacity: redisCacheCapacity
+      family: redisCacheFamily
+      name: redisCacheSKU
+    }
+  }
+}
+
+//
+// Diagnostics and Insights settings
+//
+//
+// We are keeping diagnostics code here commented out in case we decide to re-enable it but
+// for the time being it is broken due to https://github.com/Azure/azure-quickstart-templates/issues/13566
+//
+
+// @description('Specify a boolean value that indicates whether diagnostics should be saved to the specified storage account. Requires existingDiagnosticsStorageAccountName and existingDiagnosticsStorageAccountResourceGroup if set.')
+// param diagnosticsEnabled bool = false
+
+// @description('Specify the name of an existing storage account for diagnostics.')
+// param existingDiagnosticsStorageAccountName string
+
+// @description('Specify the resource group name of an existing storage account for diagnostics.')
+// param existingDiagnosticsStorageAccountResourceGroup string
+
+
+// resource diagnosticsStorage 'Microsoft.Storage/storageAccounts@2021-09-01' existing = {
+//   scope: resourceGroup(existingDiagnosticsStorageAccountResourceGroup)
+//   name: existingDiagnosticsStorageAccountName
+// }
+
+// resource Microsoft_Insights_diagnosticsettings_redisCacheName 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (diagnosticsEnabled) {
+//   scope: redisCache
+//   name: redisCache.name
+//   properties: {
+//     storageAccountId: diagnosticsStorage.id
+//     metrics: [
+//       {
+//         timeGrain: 'AllMetrics'
+//         enabled: diagnosticsEnabled
+//         retentionPolicy: {
+//           days: 90
+//           enabled: diagnosticsEnabled
+//         }
+//       }
+//     ]
+//   }
+// }
+
+var redisPort = enableNonSslPort ? '6379' : '6380'
+
+output redisHostnameAndPort string = '${redisCache.properties.hostName}:${redisPort}'
+output redisPassword string = redisCache.listKeys().primaryKey
+output redisEnableTLS bool = !enableNonSslPort
+