Deployment steps

Deploy Unity Virtual Private Cloud to Microsoft Azure

Read time 4 minutes

Last updated 6 days ago

Before deployment, perform the prerequisites steps.

1. Initiate the setup

To initiate the setup, follow these steps:

In Microsoft Azure Portal, open Azure Marketplace.
If Unity provides the offer Unity through a private plan, that is, a plan that is restricted to your specific subscription, go to My Marketplace > Private Plans. Otherwise, stay on the home page to get started.
Search for the Virtual Private Cloud offer, and then select it. The search results may include several plans. Ensure that you select the appropriate plan.
To start the setup, select Create.

2. Configure the basics

On the Basics tab, complete these steps:

Select the subscription where you want to deploy the solution. If you have selected a private plan at the previous step, then the list might show all subscriptions. Ensure that you select the appropriate subscription.
Select or create a resource group for the managed application synthetic resource that represents the whole offer. The recommended practice is to have a separate group for this resource to avoid any confusion.
Select a region for the deployment.
Enter a project name prefix with these characteristics:
- The prefix is a string.
- The prefix contains at most six characters.
- The prefix contains only lowercase alphanumeric characters, but no underscores or dashes.
This prefix is used for all the resources that you deploy to Azure for this offer.
Enter the username and the password for the Unity container registry that you previously requested from Unity. Read more about prerequisites.
Enter this information:
- The name of the managed application, which is the name of the above mentioned synthetic resource
- The name of the managed resource group where you want to deploy the solution and that meets these requirements:
  - This resource group is distinct from the resource group for the managed application synthetic resource.
  - The name doesn't already exist.
Select Next.

Warning

Do not select Review + create at this stage.

3. Configure the network settings

On the Network Settings tab, complete these steps:

Select Edit virtual network and enter the VNet IP range that you have chosen when collecting deployment prerequisites. Ensure that the subnet ranges are correct. If required, amend the ranges. For important considerations on selecting an IP range for the solution VNet, refer to the deployment prerequisites. For deployment, Azure doesn't use any other change in the settings on this tab, including the VNet name. Azure uses these values only to collect IP ranges of the VNet and subnets, if they differ from the default range.
Select Next. Do not select Review + create at this stage.

4. Configure the Kubernetes cluster

On the Kubernetes Cluster Configuration tab, complete these steps:

Select the deployment size:
```
Small
```
,
```
Medium
```
, or
```
Large
```
.
Using this setting, Azure prefills the node pool settings, that is, the size of the virtual machine (VM) and the number of nodes for each pool. This prefilling might take 10 to 20 seconds, because Azure initializes several VM size controls.
Optionally, when Azure displays the corresponding values, amend the settings for each node pool.
Tip
At any time after deployment, you can adjust the number of CPUs and the RAM. To do this, the recommended practice is to change the number of nodes in each pool at any time rather than modify the VM size. If you modify the VM size, you must recreate the corresponding node pools, which involves more effort and some downtime for the solution.
Verify that the total number of CPUs and the number of CPUs per each VM family fit into the remaining subscription quotas. If required, request quota increases.
Select Next. Do not select Review + create at this stage.

5. Configure the DNS and TLS settings

On the DNS and TLS Settings tab, complete these steps:

Enter the domain name that the end users will use to access the Virtual Private Cloud solution. You will create the corresponding DNS entry during postdeployment.
Tip
We strongly recommend that you set the correct name from the beginning. If you change this name after deployment, you must perform several updates in various places.
Select Provide TLS certificate, and then enter the TLS certificate and its private key, both in .pem format.
Note
You might want to add or replace this TLS certificate later, for example, for certificate rotation scenarios. In this case, you must perform these operations:

If you haven't provided a certificate during deployment, create the relevant secrets ingress-tls-cert and ingress-tls-key in the solution key vault.

Set the secret values to the certificate and the private key respectively, in .pem format. Because these values spread over multiple lines, you can't set them directly in the Azure Portal. You must use a command-line interface (CLI) or Microsoft PowerShell.
Select Next. Do not select Review + create at this stage.

6. Configure the license

On the Licenses tab, complete these steps:

Enter the contents of the license file that Unity has provided.
Select Next. Don't select Review + create at this stage.

7. Configure the MongoDB connection

On the MongoDB Connection tab, complete these steps:

Enter the connection string for the MongoDB instance. Read more in the prerequisites. This connection string must follow this standard form:


mongodb+srv://Username:Password@FqdnName/?parameter=value&parameter=value

Select Review + create.

8. Review the setup and start deployment

On the Review + create tab, complete these steps:
1. Review the settings that you have set, and then, to start deployment, select Create.

The overall deployment takes about an hour.

Deployment stages

Deployment consists of these major stages:

Azure creates the Azure resources.
Azure deploys the application components and dependencies inside the AKS cluster:
1. Azure monitors the first stage. You can track deployment from the Azure portal as for any other Azure deployment. If this stage fails, then Azure provides an error message that explains the reason. If this stage fails, then Azure provides an error message that explains the reason. After you have fixed the issue, complete these steps:
  1. Delete the synthetic managed application resource.
  2. Verify that Azure has deleted these elements:
    - The managed resource group
    - The AKS infrastructure resource group
  3. Start deployment again.
2. The second stage starts after Azure has successfully deployed the Azure resources. To monitor progress in the AKS cluster properties, go to Settings > GitOps. The status of each entry is represented by a color:
  - If the MongoDB cluster is accessible during deployment, then all the entries turn green by the end of deployment.
  - If access to MongoDB is allowed only after deployment, then some components stay red until they can access a MongoDB cluster and create the required databases in this cluster.
  If some entries remain red even when MongoDB is accessible, troubleshoot the corresponding components. Use the container logs in the Log Analytics workspace.

If you haven't assigned the following roles to the administrators at the subscription level, assign them now at the level of the managed resource group:

Azure Kubernetes Service RBAC Cluster Admin
Key Vault Administrator

Read more about the provisioned resources and endpoints.

Next steps

Postdeployment

Documentation

Engine

Services

Grow

Industry

Support

Unity Cloud

Get Started

Creator SDKs and Services