Try Nected For Free

Azure

This guide explains how to deploy the full Nected Platform on Microsoft Azure using Terraform. The Terraform configuration provisions networking, an AKS cluster, databases, caching, logging infrastructure, DNS, SSL certificates, and all runtime services required for a production-grade Nected setup. Every step below prepares your system for a deterministic and reproducible deployment.

Prerequisites

Install the following tools on your machine and verify that each one runs correctly.

Requirement
Version
Purpose

Terraform

≥ 1.6

Infrastructure as Code (IaC) tool for provisioning Azure resources

Azure CLI

≥ 2.60

Command-line tool for interacting with Azure services

kubectl

Latest

Kubernetes command-line tool for cluster management

Helm

Latest

Kubernetes package manager for deploying applications

Git

Latest

Version control system for cloning the repository

Terraform manages Azure resources, the Azure CLI handles authentication and cluster access, kubectl interacts with AKS, and Helm deploys Nected’s workloads.

Authentication

Authenticate your environment with Azure.

Login:

az login

Select the correct subscription:

az account set --subscription "<YOUR_SUBSCRIPTION_ID>"

Confirm your context:

az account show

Terraform uses these credentials to communicate with Azure Resource Manager APIs. If authentication fails, no resource can be created. Always verify this step before proceeding.

Repository Setup and Installation Steps

Clone the Terraform deployment repository from GitHub. These files contain all resource definitions, Terraform modules, and environment-specific variables.

Clone the repository:

git clone https://github.com/nected/nected-terraform.git

Move into the project directory:

cd nected-terraform

Spend a moment reviewing the folder layout. Understanding which module controls which resource helps you troubleshoot or extend the deployment later.

Configuration

You must create a terraform.tfvars file to supply the environment-specific values. Terraform loads this file automatically and merges it into your configuration.

Example terraform.tfvars

# Project Information
project             = "nected"
environment         = "dev"
resource_group_name = "<YOUR_RESOURCE_GROUP>"
hosted_zone_rg      = "<HOSTED_ZONE_RESOURCE_GROUP>"
hosted_zone         = "<YOUR_HOSTED_ZONE>"

# Network Configuration
vnet_address_space = "10.50.0.0/16"

# Azure Subscription
subscription_id = "<YOUR_SUBSCRIPTION_ID>"

# AKS Configuration
kubernetes_version = "1.32"
aks_node_count     = 1
aks_min_node_count = 1
aks_max_node_count = 5
aks_vm_size        = "standard_a2_v2"

# PostgreSQL
pg_version      = 17
pg_admin_user   = "psqladmin"
pg_admin_passwd = "<password>"
pg_sku_name     = "B_Standard_B1ms"

# Redis
redis_sku_name = "Standard"
redis_capacity = 1

# Elasticsearch
elasticsearch_version        = "8.12.0"
elasticsearch_vm_size        = "Standard_B2ms"
elasticsearch_admin_username = "elastic"
elasticsearch_admin_password = "<password>"

# Nected License
nected_pre_shared_key = "<nected-license-key>"

# Domain Configuration
scheme                = "https"
ui_domain_prefix      = "ui"
backend_domain_prefix = "backend"
router_domain_prefix  = "router"

# Console Access
console_user_email    = "<user email>"
console_user_password = "<password>"

# SMTP Configuration
smtp_config = {
  SEND_EMAIL         = "false"
  EMAIL_PROVIDER     = "smtp"
  SENDER_EMAIL       = ""
  SENDER_NAME        = ""
  EMAIL_INSECURE_TLS = ""
  EMAIL_HOST         = ""
  EMAIL_PORT         = ""
  EMAIL_USERNAME     = ""
  EMAIL_PASSWORD     = ""
}

Each variable directly influences the resources deployed on Azure. For example:

  • vnet_address_space defines the private network boundary for all Nected services.

  • aks_vm_size decides the compute capacity of each AKS worker node.

  • hosted_zone combined with domain prefixes produces all public URLs for UI, API, and router.

  • nected_pre_shared_key activates your Nected license inside the cluster.

Always verify that your values comply with Azure’s constraints—especially VM SKUs, PostgreSQL SKUs, and address spaces.

Deployment Steps

Execute the commands below from inside the repository directory. Terraform will detect modules, providers, and variable files automatically.

Step 1: Initialize the Terraform Workspace

terraform init

Terraform downloads provider plugins, prepares the backend, and scans the modules. This process ensures all components needed for deployment are present.

Step 2: Validate the Configuration

terraform validate

This step checks your file structure and ensures that Terraform syntax, variable types, and references are correct. It prevents many common errors before provisioning.

Step 3: Preview the Changes

terraform plan -out=tfplan

The plan lists all Azure resources Terraform will create, modify, or remove. Read the output carefully because Azure resources incur cost. This step provides visibility before making irreversible changes.

Step 4: Apply the Deployment

terraform apply tfplan

Terraform provisions:

  • The Azure Resource Group

  • The Virtual Network and all subnets

  • The AKS cluster using your specified VM size and scaling configuration

  • A PostgreSQL Flexible Server

  • A Redis Cache instance

  • An Elasticsearch VM-based cluster

  • DNS entries, routing rules, and SSL certificates

  • Helm deployments that install Nected services inside AKS

Azure typically takes several minutes to create managed services. The AKS cluster and PostgreSQL server are usually the slowest resources.

The Deployment Process might take ~25 minutes to complete

Post-Deployment Tasks

Once Terraform finishes, retrieve the outputs:

terraform output

This returns critical information for operations:

  • The AKS cluster name

  • Resource group names

  • Fully qualified domain names for all Nected services

  • PostgreSQL and Redis endpoints

  • Elasticsearch connection details

  • Admin console credentials

  • kubeconfig contents (if enabled)

Use these values to connect to your environment.

Access AKS

Fetch Kubernetes credentials:

az aks get-credentials \
  --resource-group <resource_group> \
  --name <aks_name>

Check cluster access:

kubectl get nodes

You should see your AKS worker node pool listed. If access fails, confirm that your Azure user has the correct RBAC role.

Alternative kubeconfig extraction

If you want to use the kubeconfig file generated by Terraform:

terraform output -raw kube_config > /tmp/kubeconfig
export KUBECONFIG=/tmp/kubeconfig

This method is useful in CI systems or non-interactive environments.

Destroying the Environment

Remove all resources created by Terraform:

terraform destroy

Terraform deletes the VNet, AKS, databases, Redis, Elasticsearch, and DNS records. Azure may take a few minutes to release large managed services. Run this only when the environment is no longer required.

Accessing the Nected Application

Your deployed instance becomes available at:

  • UI: https://<ui_domain_prefix>.<hosted_zone>

  • Backend: https://<backend_domain_prefix>.<hosted_zone>

  • Router: https://<router_domain_prefix>.<hosted_zone>

Login using the credentials defined in terraform.tfvars:

  • Email: console_user_email

  • Password: console_user_password

Once logged in, verify UI connectivity, API responsiveness, webhook endpoints, and rule execution.

Support

For deployment questions or feedback:

  • Refer to the official documentation

  • Connect with the engineering team on LinkedIn

  • Email: [email protected]

If you want a diagram showing how AKS, PostgreSQL, Redis, Elasticsearch, and the Nected services connect, I can generate a Mermaid architecture diagram as well.

PreviousTerraformNextKubernetes

Last updated