기술 자료

지원

Deployment steps

Deploy Unity Virtual Private Cloud through Azure Marketplace
읽는 시간 5분최근 업데이트: 4일 전
Before deployment, perform the prerequisites steps.

1. Initiate the setup

To initiate the setup, follow these steps:
  1. In Microsoft Azure Portal, open Azure Marketplace.
  2. Locate the Virtual Private Cloud offer:
    • If Unity provides the offer through a private offer, go to Management > Private Offer Management.
    • If Unity provides the offer through a private plan, that is, a plan that is restricted to your specific subscription, go to My Marketplace > Private Plans.
    • Otherwise, stay on the home page.
  3. Search for the Unity Asset Manager offer, and then select it. The search results may include several offers with similar names. Ensure that you select the offer that the Unity team advised you to use.
  4. If the offer has several plans, select the plan that is appropriate for your deployment.
  5. To start the setup, select Create.

2. Configure the basics

On the Basics tab, complete these steps:
  1. Select the subscription where you want to deploy the solution. If you have selected a private plan at the previous step, then the list might show all subscriptions. Ensure that you select the appropriate subscription.
  2. Select or create a resource group for the managed application synthetic resource that represents the whole offer. The recommended practice is to have a separate group for this resource to avoid any confusion.
  3. Select a region for the deployment.
  4. Enter a project name prefix with these characteristics:
    • The prefix is a string.
    • The prefix contains at most six characters.
    • The prefix contains only lowercase alphanumeric characters, but no underscores or dashes.
    This prefix is used for all the resources that you deploy to Azure for this offer.
  5. Enter the username and the password for the Unity container registry that you previously requested from Unity. Read more about prerequisites.
  6. Enter this information:
    • The name of the managed application, which is the name of the synthetic resource described in the infrastructure overview.
    • The name of the managed resource group where you want to deploy the solution and that meets these requirements:
      • This resource group is distinct from the resource group for the managed application synthetic resource.
      • The name doesn't already exist.
  7. Select Next.
경고
Do not select Review + create at this stage.

3. Configure the network settings

On the Network Settings tab, complete these steps:
  1. If you chose the BYO VNet mode to deploy the solution to a precreated VNet, select BYO VNet.
  2. Specify the IP range for the VNet:
    • If you chose full deployment, specify this information:
      1. Enter the IP range that you have chosen for the solution VNet.
      For important considerations on selecting an IP range for the solution VNet, refer to the deployment prerequisites.
      1. Select the network mask for this VNet.
    • If you chose the BYO VNet mode, select the precreated VNet from the list. This list shows only the resources from the same subscription and from the selected region. For the requirements for this VNet, refer to the deployment prerequisites.
  3. For the AKS cluster, specify the IP ranges for the pods and services, in CIDR notation, that you have collected as part of the prerequisites. You can also leave the default ranges.
  4. Select Next. Do not select Review + create at this stage.

4. Configure the Kubernetes cluster and asset storage (UVCS)

On the Compute and Storage Configuration tab, complete these steps:
  1. Select the deployment size: 
    Small
    , 
    Medium
    , or 
    Large
    .     Using this setting, Azure prefills the node pool settings, that is, the size of the virtual machine (VM) and the number of nodes for each pool. This prefilling might take 10 to 20 seconds, because Azure initializes several VM size controls.
  2. Optionally, when Azure displays the corresponding values, amend the settings for each node pool.
    At any time after deployment, you can adjust the number of CPUs and the RAM. To do this, the recommended practice is to change the number of nodes in each pool at any time rather than modify the VM size. If you modify the VM size, you must recreate the corresponding node pools, which involves more effort and some downtime for the solution.
  3. Verify that the total number of CPUs and the number of CPUs per each VM family fit into the remaining subscription quotas. If required, request quota increases.
  4. Amend the selected disk tier (size) for the UVCS storage, if the default value doesn't fit.
  5. Select Next. Do not select Review + create at this stage.

5. Configure the DNS and TLS settings

On the DNS and TLS Settings tab, complete these steps:
  1. Enter the fully qualified domain name (FQDN) that the end users will use to access the Virtual Private Cloud solution. You will create the corresponding DNS entry during postdeployment.
    We strongly recommend that you set the correct name from the beginning. If you change this name after deployment, you must perform several updates in various places.
  2. Select Provide TLS certificate, and then enter the TLS certificate and its private key, both in .pem format.
    참고
    You might want to add or replace this TLS certificate later, for example, for certificate rotation scenarios. In this case, you must perform these operations:
    • If you haven't provided a certificate during deployment, create the relevant secrets ingress-tls-cert and ingress-tls-key in the solution key vault.
    • Set the secret values to the certificate and the private key respectively, in .pem format. Because these values spread over multiple lines, you can't set them directly in the Azure Portal. You must use a command-line interface (CLI) or Microsoft PowerShell.
  3. Select Next. Do not select Review + create at this stage.

6. Configure the licenses

On the Licenses tab, complete these steps:
  1. Enter the contents of the license files that Unity has provided.
  2. Select Next. Don't select Review + create at this stage.

7. Review the setup and start deployment

On the Review + create tab, review the settings that you have set, and then, to start deployment, select Create. The overall deployment takes about an hour.

Deployment stages

Deployment consists of these major stages:
  1. Azure creates the Azure resources.
  2. Azure deploys the application components and dependencies inside the AKS cluster.

Stage 1: Azure resources creation

Azure monitors this stage. You can track deployment from the Azure portal as for any other Azure deployment. If this stage fails, then Azure provides an error message that explains the reason. After you have fixed the issue, complete these steps:
  1. Delete the synthetic managed application resource.
  2. Verify that Azure has deleted these elements:
    • The managed resource group
    • The AKS infrastructure resource group
  3. Start deployment again.

Stage 2: Application components deployment

This stage starts after Azure has successfully deployed the Azure resources. To monitor progress, in the AKS cluster properties, go to Settings > GitOps, select the 
flux-configuration
extension, and then go to Overview > Configuration Objects. A successful deployment produces approximately 50 entries in the list of configuration objects, all in the Compliant green state. If some entries remain in the non-compliant red state for a prolonged period, for example, an hour or more, then troubleshoot the corresponding components. Check the logs by using native Kubernetes tools or the Grafana instance that is deployed with the solution. Read about solution monitoring for details on accessing the Grafana interface.

Postdeployment recommendations

If you haven't assigned the following roles to the administrators at the subscription level, assign them now at the level of the managed resource group:
  • Azure Kubernetes Service RBAC Cluster Admin
  • Key Vault Administrator
경고
To prevent the accidental deletion of the solution, create 
Delete
locks for these resources:
  • The managed application resource: This resource resides in the resource group that you selected on the Basics tab of the deployment configuration wizard. If you accidentally delete this resource, the process wipes out the entire solution.
  • The managed resource group: This resource group is created automatically during deployment. Its name is the one that you entered on the Basics tab of the deployment configuration wizard.
Read more about the provisioned resources and endpoints.

Next steps

Postdeployment