Demo updates

ai-service.yaml

@@ -15,7 +15,7 @@ spec:
       nodeSelector:
         "kubernetes.io/os": linux
       containers:
-      - name: order-service
+      - name: ai-service
         image: ghcr.io/azure-samples/aks-store-demo/ai-service:latest
         ports:
         - containerPort: 5001
@@ -35,8 +35,8 @@ spec:
             cpu: 20m
             memory: 50Mi
           limits:
-            cpu: 30m
-            memory: 85Mi
+            cpu: 50m
+            memory: 128Mi
         startupProbe:
           httpGet:
             path: /health
@@ -49,15 +49,15 @@ spec:
             path: /health
             port: 5001
           initialDelaySeconds: 3
-          failureThreshold: 3
-          periodSeconds: 5
+          failureThreshold: 10
+          periodSeconds: 10
         livenessProbe:
           httpGet:
             path: /health
             port: 5001
           initialDelaySeconds: 3
-          failureThreshold: 5
-          periodSeconds: 3
+          failureThreshold: 10
+          periodSeconds: 10
 ---
 apiVersion: v1
 kind: Service

aks-store-all-in-one.yaml

@@ -160,8 +160,8 @@ spec:
             cpu: 1m
             memory: 50Mi
           limits:
-            cpu: 75m
-            memory: 128Mi
+            cpu: 100m
+            memory: 256Mi
         startupProbe:
           httpGet:
             path: /health
@@ -192,8 +192,8 @@ spec:
             cpu: 1m
             memory: 50Mi
           limits:
-            cpu: 75m
-            memory: 128Mi    
+            cpu: 100m
+            memory: 256Mi   
 ---
 apiVersion: v1
 kind: Service
@@ -251,6 +251,12 @@ spec:
           limits:
             cpu: 5m
             memory: 20Mi
+        startupProbe:
+          httpGet:
+            path: /health
+            port: 3001
+          failureThreshold: 10
+          periodSeconds: 5
         readinessProbe:
           httpGet:
             path: /health
@@ -536,4 +542,4 @@ spec:
             memory: 1Mi
           limits:
             cpu: 1m
-            memory: 7Mi
+            memory: 7Mi

azd-hooks/predeploy.ps1

@@ -3,9 +3,26 @@
 az aks get-credentials --resource-group ${AZURE_RESOURCE_GROUP} --name ${AZURE_AKS_CLUSTER_NAME} --overwrite-existing
 
 ###########################################################
-# Create the custom-values.yaml file with base images
+# Create the custom-values.yaml file
 ###########################################################
+@"
+namespace: ${env:AZURE_AKS_NAMESPACE}
+"@ | Out-File -FilePath custom-values.yaml -Encoding utf8
+
+###########################################################
+# Add Azure Managed Identity and set to use AzureAD auth 
+###########################################################
+if (![string]::IsNullOrEmpty($env:AZURE_IDENTITY_CLIENT_ID) -and ![string]::IsNullOrEmpty($env:AZURE_IDENTITY_NAME)) {
+@"
+useAzureAd: true
+managedIdentityName: $($env:AZURE_IDENTITY_NAME)
+managedIdentityClientId: $($env:AZURE_IDENTITY_CLIENT_ID)
+"@ | Out-File -Append custom-values.yaml
+}
 
+###########################################################
+# Add base images
+###########################################################
 @"
 namespace: ${env:AZURE_AKS_NAMESPACE}
 productService:
@@ -23,7 +40,7 @@ virtualCustomer:
 virtualWorker:
   image:
     repository: ${env:AZURE_REGISTRY_URI}/aks-store-demo/virtual-worker
-"@ | Out-File -FilePath custom-values.yaml -Encoding utf8
+"@ | Out-File -Append custom-values.yaml
 
 ###########################################################
 # Add ai-service if Azure OpenAI endpoint is provided
@@ -40,13 +57,8 @@ aiService:
   useAzureOpenAi: if ($env:AZURE_OPENAI_ENDPOINT) { 'true' }
 "@ | Out-File -Path custom-values.yaml -Append -Encoding utf8
 
-  # If Azure identity exists, use it, otherwise use the Azure OpenAI API key
-  if ($env:AZURE_IDENTITY_CLIENT_ID) {
-    @"
-  managedIdentityClientId: ${env:AZURE_IDENTITY_CLIENT_ID}
-  useAzureAd: true
-"@ | Out-File -Path custom-values.yaml -Append -Encoding utf8
-  } else {
+  # If Azure identity does not exist, use the Azure OpenAI API key
+  if (($env:AZURE_IDENTITY_CLIENT_ID -eq $null) -and ($env:AZURE_IDENTITY_NAME -eq $null)) {
     $openAiKey = az keyvault secret show --name $env:AZURE_OPENAI_KEY --vault-name $env:AZURE_KEY_VAULT_NAME --query value -o tsv
     @"
   openAiKey: $openAiKey
@@ -68,6 +80,13 @@ if ($env:AZURE_SERVICE_BUS_HOST) {
   $queuePassword = az keyvault secret show --name $env:AZURE_SERVICE_BUS_SENDER_KEY --vault-name $env:AZURE_KEY_VAULT_NAME --query value -o tsv
 @"
   queueHost: ${env:AZURE_SERVICE_BUS_HOST}
+"@ | Out-File -Append custom-values.yaml
+
+
+  # If Azure identity does not exists, use the Azure Service Bus credentials
+  if (-not $env:AZURE_IDENTITY_CLIENT_ID -and -not $env:AZURE_IDENTITY_NAME) {
+    $queuePassword = az keyvault secret show --name $env:AZURE_SERVICE_BUS_SENDER_KEY --vault-name $env:AZURE_KEY_VAULT_NAME --query value -o tsv
+    @"
   queuePort: "5671"
   queueTransport: "tls"
   queueUsername: ${env:AZURE_SERVICE_BUS_SENDER_NAME}
@@ -86,12 +105,19 @@ makelineService:
 
 # Add Azure Service Bus to makeline-service if provided
 if ($env:AZURE_SERVICE_BUS_URI) {
+  # If Azure identity exists just set the Azure Service Bus Hostname
+  if ($env:AZURE_IDENTITY_CLIENT_ID -and $env:AZURE_IDENTITY_NAME) {
+    @"
+    orderQueueHost: $($env:AZURE_SERVICE_BUS_HOST)
+"@ | Out-File -Path custom-values.yaml -Append -Encoding utf8
+  } else {
   $orderQueuePassword = az keyvault secret show --name $env:AZURE_SERVICE_BUS_LISTENER_KEY --vault-name $env:AZURE_KEY_VAULT_NAME --query value -o tsv
 @"
   orderQueueUri: ${env:AZURE_SERVICE_BUS_URI}
   orderQueueUsername: ${env:AZURE_SERVICE_BUS_LISTENER_NAME}
   orderQueuePassword: $orderQueuePassword
 "@ | Out-File -Path custom-values.yaml -Append -Encoding utf8
+  }
 }
 
 # Add Azure Cosmos DB to makeline-service if provided
@@ -100,13 +126,18 @@ if ($env:AZURE_COSMOS_DATABASE_URI) {
 @"
   orderDBApi: ${env:AZURE_DATABASE_API}
   orderDBUri: ${env:AZURE_COSMOS_DATABASE_URI}
+"@ | Out-File -Path custom-values.yaml -Append -Encoding utf8
+
+# If Azure identity does not exists, use the Azure Cosmos DB credentials
+  if (-not $env:AZURE_IDENTITY_CLIENT_ID -and -not $env:AZURE_IDENTITY_NAME) {
+    $orderDBPassword = az keyvault secret show --name $env:AZURE_COSMOS_DATABASE_KEY --vault-name $env:AZURE_KEY_VAULT_NAME --query value -o tsv
+    @"
   orderDBUsername: ${env:AZURE_COSMOS_DATABASE_NAME}
   orderDBPassword: $orderDBPassword
 "@ | Out-File -Path custom-values.yaml -Append -Encoding utf8
+  }
 }
 
-
-
 ###########################################################
 # Do not deploy RabbitMQ when using Azure Service Bus
 ###########################################################

azd-hooks/predeploy.sh

@@ -3,11 +3,28 @@
 az aks get-credentials --resource-group ${AZURE_RESOURCE_GROUP} --name ${AZURE_AKS_CLUSTER_NAME} --overwrite-existing
 
 ##########################################################
-# Create the custom-values.yaml file with base images
+# Create the custom-values.yaml file
 ##########################################################
-
 cat << EOF > custom-values.yaml
 namespace: ${AZURE_AKS_NAMESPACE}
+EOF
+
+###########################################################
+# Add Azure Managed Identity and set to use AzureAD auth 
+###########################################################
+if [ -n "${AZURE_IDENTITY_CLIENT_ID}" ] && [ -n "${AZURE_IDENTITY_NAME}" ]; then
+  cat << EOF >> custom-values.yaml
+useAzureAd: true
+managedIdentityName: ${AZURE_IDENTITY_NAME}
+managedIdentityClientId: ${AZURE_IDENTITY_CLIENT_ID}
+EOF
+fi
+
+##########################################################
+# Add base images
+##########################################################
+cat << EOF >> custom-values.yaml
+namespace: ${AZURE_AKS_NAMESPACE}
 productService:
   image:
     repository: ${AZURE_REGISTRY_URI}/aks-store-demo/product-service
@@ -40,15 +57,18 @@ aiService:
   useAzureOpenAi: true
 EOF
 
-  # If Azure identity exists, use it, otherwise use the Azure OpenAI API key
-  if [ -n "${AZURE_IDENTITY_CLIENT_ID}" ]; then
+  # If Azure identity does not exists, use the Azure OpenAI API key
+  if [ -z "${AZURE_IDENTITY_CLIENT_ID}" ] && [ -z "${AZURE_IDENTITY_NAME}" ]; then
     cat << EOF >> custom-values.yaml
-  useAzureAd: true
-  managedIdentityClientId: ${AZURE_IDENTITY_CLIENT_ID}
+  openAiKey: $(az keyvault secret show --name ${AZURE_OPENAI_KEY} --vault-name ${AZURE_KEY_VAULT_NAME} --query value -o tsv)
 EOF
-  else
+  fi
+
+  # If DALL-E model endpoint and name exists
+  if [ -n "${AZURE_OPENAI_DALL_E_ENDPOINT}" ] && [ -n "${AZURE_OPENAI_DALL_E_MODEL_NAME}" ]; then
     cat << EOF >> custom-values.yaml
-  openAiKey: $(az keyvault secret show --name ${AZURE_OPENAI_KEY} --vault-name ${AZURE_KEY_VAULT_NAME} --query value -o tsv)
+  openAiDalleEndpoint: ${AZURE_OPENAI_DALL_E_ENDPOINT}
+  openAiDalleModelName: ${AZURE_OPENAI_DALL_E_MODEL_NAME}
 EOF
   fi
 fi
@@ -67,11 +87,17 @@ EOF
 if [ -n "${AZURE_SERVICE_BUS_HOST}" ]; then
   cat << EOF >> custom-values.yaml
   queueHost: ${AZURE_SERVICE_BUS_HOST}
+EOF
+
+  # If Azure identity does not exists, use the Azure Service Bus credentials
+  if [ -z "${AZURE_IDENTITY_CLIENT_ID}" ] && [ -z "${AZURE_IDENTITY_NAME}" ]; then
+    cat << EOF >> custom-values.yaml
   queuePort: "5671"
   queueTransport: "tls"
   queueUsername: ${AZURE_SERVICE_BUS_SENDER_NAME}
   queuePassword: $(az keyvault secret show --name ${AZURE_SERVICE_BUS_SENDER_KEY} --vault-name ${AZURE_KEY_VAULT_NAME} --query value -o tsv)
 EOF
+  fi
 fi
 
 ###########################################################
@@ -86,21 +112,34 @@ EOF
 
 # Add Azure Service Bus to makeline-service if provided
 if [ -n "${AZURE_SERVICE_BUS_URI}" ]; then
-  cat << EOF >> custom-values.yaml
+  # If Azure identity exists just set the Azure Service Bus Hostname
+  if [ -n "${AZURE_IDENTITY_CLIENT_ID}" ] && [ -n "${AZURE_IDENTITY_NAME}" ]; then
+    cat << EOF >> custom-values.yaml
+    orderQueueHost: ${AZURE_SERVICE_BUS_HOST}
+EOF
+  else
+    cat << EOF >> custom-values.yaml
   orderQueueUri: ${AZURE_SERVICE_BUS_URI}
   orderQueueUsername: ${AZURE_SERVICE_BUS_LISTENER_NAME}
   orderQueuePassword: $(az keyvault secret show --name ${AZURE_SERVICE_BUS_LISTENER_KEY} --vault-name ${AZURE_KEY_VAULT_NAME} --query value -o tsv)
 EOF
+  fi
 fi
 
 # Add Azure Cosmos DB to makeline-service if provided
 if [ -n "${AZURE_COSMOS_DATABASE_URI}" ]; then
   cat << EOF >> custom-values.yaml
   orderDBApi: ${AZURE_DATABASE_API}
   orderDBUri: ${AZURE_COSMOS_DATABASE_URI}
+EOF
+
+  # If Azure identity does not exists, use the Azure Cosmos DB credentials
+  if [ -z "${AZURE_IDENTITY_CLIENT_ID}" ] && [ -z "${AZURE_IDENTITY_NAME}" ]; then
+    cat << EOF >> custom-values.yaml
   orderDBUsername: ${AZURE_COSMOS_DATABASE_NAME}
   orderDBPassword: $(az keyvault secret show --name ${AZURE_COSMOS_DATABASE_KEY} --vault-name ${AZURE_KEY_VAULT_NAME} --query value -o tsv)
 EOF
+  fi
 fi
 
 ###########################################################
@@ -119,4 +158,4 @@ if [ -n "${AZURE_COSMOS_DATABASE_URI}" ]; then
   cat << EOF >> custom-values.yaml
 useMongoDB: false
 EOF
-fi
+fi

azd-hooks/preprovision.ps1

@@ -8,18 +8,6 @@ while ((az provider show --namespace "Microsoft.ContainerService" --query "regis
   Start-Sleep -Seconds 3
 }
 
-az feature register --namespace "Microsoft.ContainerService" --name "AKS-KedaPreview"
-while ((az feature show --namespace "Microsoft.ContainerService" --name "AKS-KedaPreview" --query "properties.state" -o tsv) -ne "Registered") {
-  Write-Host "Waiting for AKS-KedaPreview feature registration..."
-  Start-Sleep -Seconds 3
-}
-
-az feature register --namespace "Microsoft.ContainerService" --name "AKS-PrometheusAddonPreview"
-while ((az feature show --namespace "Microsoft.ContainerService" --name "AKS-PrometheusAddonPreview" --query "properties.state" -o tsv) -ne "Registered") {
-  Write-Host "Waiting for AKS-PrometheusAddonPreview feature registration..."
-  Start-Sleep -Seconds 3
-}
-
 az feature register --namespace "Microsoft.ContainerService" --name "NetworkObservabilityPreview"
 while ((az feature show --namespace "Microsoft.ContainerService" --name "NetworkObservabilityPreview" --query "properties.state" -o tsv) -ne "Registered") {
   Write-Host "Waiting for NetworkObservabilityPreview feature registration..."

azd-hooks/preprovision.sh

@@ -1,5 +1,10 @@
 #!/bin/bash
 
+if ${AZURE_COSMOSDB_ACCOUNT_KIND} == "MongoDB" && ${DEPLOY_AZURE_WORKLOAD_IDENTITY} == "true"; then
+  echo "Azure CosmosDB account kind cannot be MongoDB when deploying Azure Workload Identity"
+  exit 1
+fi
+
 echo "Ensuring Azure CLI extensions and dependencies are installed"
 
 az provider register --namespace "Microsoft.ContainerService"
@@ -8,19 +13,6 @@ while [[ $(az provider show --namespace "Microsoft.ContainerService" --query "re
   sleep 3
 done
 
-
-az feature register --namespace "Microsoft.ContainerService" --name "AKS-KedaPreview"
-while [[ $(az feature show --namespace "Microsoft.ContainerService" --name "AKS-KedaPreview" --query "properties.state" -o tsv) != "Registered" ]]; do
-  echo "Waiting for AKS-KedaPreview feature registration..."
-  sleep 3
-done
-
-az feature register --namespace "Microsoft.ContainerService" --name "AKS-PrometheusAddonPreview"
-while [[ $(az feature show --namespace "Microsoft.ContainerService" --name "AKS-PrometheusAddonPreview" --query "properties.state" -o tsv) != "Registered" ]]; do
-  echo "Waiting for AKS-PrometheusAddonPreview feature registration..."
-  sleep 3
-done
-
 az feature register --namespace "Microsoft.ContainerService" --name "NetworkObservabilityPreview"
 while [[ $(az feature show --namespace "Microsoft.ContainerService" --name "NetworkObservabilityPreview" --query "properties.state" -o tsv) != "Registered" ]]; do
   echo "Waiting for NetworkObservabilityPreview feature registration..."

azure.yaml

@@ -65,5 +65,5 @@ services:
         releases:
           - name: demo
             chart: aks-store-demo/aks-store-demo-chart
-            version: 1.1.0
+            version: 1.2.0
             values: custom-values.yaml # This file is created by the predeploy hook

charts/aks-store-demo/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.1.0
+version: 1.2.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to