diff --git a/README.md b/README.md index eb2b077..0d4d121 100644 --- a/README.md +++ b/README.md @@ -545,10 +545,37 @@ There are some additional prerequisites for this automation: - [GitHub Account](https://github.com/) - [Azure DevOps Organization](https://docs.microsoft.com/en-us/azure/devops/pipelines/get-started/pipelines-sign-up?view=azure-devops) - [Environment with AKS resource](https://docs.microsoft.com/en-us/azure/devops/pipelines/process/environments-kubernetes?view=azure-devops#azure-kubernetes-service) which creates a service account in the chosen cluster and namespace, which will be used by Azure DevOps account to deploy to AKS + +![](./media/azure-resource-environment.jpg) + - [Azure service connection using service principal](https://docs.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure?view=azure-devops#create-an-azure-resource-manager-service-connection-with-an-existing-service-principal) to establish authentication between Azure & Azure DevOps services + +![](./media/kubernetes-service-connection.jpg) + > [!Important] > To simplify the service connection, use the same email address for Azure DevOps as you use for Azure. -- Create an Azure KeyVault and upload secrets. Ensure the service principal used in the service connection above has GET, LIST [permissions](https://docs.microsoft.com/en-us/cli/azure/keyvault?view=azure-cli-latest#az-keyvault-set-policy) on the vault. Use below command for that: +- Create an Azure KeyVault and upload secrets. + +![](./media/kv-java-demo.jpg) + +``` +AZURE-REGISTRY-USERNAME=00000000-0000-0000-0000-000000000000 +AZURE-REGISTRY-PASSWORD= +``` + +Ensure the service principal used in the service connection above has GET, LIST [permissions](https://docs.microsoft.com/en-us/cli/azure/keyvault?view=azure-cli-latest#az-keyvault-set-policy) on the vault. Use below command for that: + +``` +$KV_NAME = kv_java_demo + is obtained from the Azure Resource Manager created earlier. +``` + +![](./media/azure-resource-manager-get-principal.jpg) + +Next, you must to copy the cliente Id. + +![](./media/client-id-service-principal.jpg) + ``` az keyvault set-policy -n $KV_NAME --secret-permissions get list --spn ``` diff --git a/azure-pipelines.yml b/azure-pipelines.yml index fd0f20f..81601c6 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -9,7 +9,7 @@ resources: - repo: self variables: - CONTAINER_REGISTRY: 'javademosregistry' + CONTAINER_REGISTRY: 'acr061174' CONFIG_PORT: '8888' REGISTRY_PORT: '8761' GATEWAY_PORT: '4000' @@ -33,8 +33,8 @@ stages: - task: AzureKeyVault@1 displayName: Fetch secrets from Azure Key vault inputs: - azureSubscription: 'Java Demos 2' - KeyVaultName: 'piggymetrics' + azureSubscription: 'arm-workshop-demo' + KeyVaultName: 'kv-joedayz-demo' SecretsFilter: '*' - task: Bash@3 @@ -91,7 +91,7 @@ stages: displayName: Deploy to AKS pool: vmImage: $(vmImageName) - environment: 'Piggymetrics.piggymetrics-azp' + environment: 'Piggymetrics.default' strategy: runOnce: deploy: @@ -99,8 +99,8 @@ stages: - task: AzureKeyVault@1 displayName: Fetch secrets from Azure Key vault inputs: - azureSubscription: 'Java Demos 2' - KeyVaultName: 'piggymetrics' + azureSubscription: 'arm-workshop-demo' + KeyVaultName: 'kv-joedayz-demo' SecretsFilter: '*' - task: replacetokens@3 diff --git a/docs/create-mongodb-and-rabbitmq.md b/docs/create-mongodb-and-rabbitmq.md index a324aee..098fec0 100644 --- a/docs/create-mongodb-and-rabbitmq.md +++ b/docs/create-mongodb-and-rabbitmq.md @@ -74,12 +74,13 @@ Cut and paste the primary connection string as `MONGODB_URI` in `setup-env-varia ## Create RabbitMQ -Create an instance of Bitnami RabbitMQ Stack For Microsoft Azure, go to +Create an instance of RabbitMQ Certified by Bitnami For Microsoft Azure, go to [https://portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/rabbitmq](https://portal.azure.com/#blade/Microsoft_Azure_Marketplace/MarketplaceOffersBlade/selectedMenuItemId/home/searchQuery/rabbitmq) and start: ![](../media/create-rabbitmq-on-azure-0.jpg) + Fill in the form, use the same value as `RABBITMQ_RESOURCE_GROUP`, `RABBITMQ_VM_NAME` and `RABBITMQ_VM_ADMIN_USERNAME`, and choose SSH. Select 'Standard DS3 v2' as the size: @@ -91,7 +92,9 @@ Accept defaults: Accept defaults: ![](../media/create-rabbitmq-on-azure-2.jpg) -Accept defaults in all subsequent screens, and proceed to create: +Accept defaults in all subsequent screens (Don't forget to download the .pem file), and proceed to create: + + ![](../media/create-rabbitmq-on-azure-3.jpg) ![](../media/create-rabbitmq-on-azure-4.jpg) @@ -113,7 +116,9 @@ and set the `RABBITMQ_HOST` environment variable in # First, export the environment variables source .scripts/setup-env-variables-azure.sh # Open an SSH connection -ssh selvasingh@${RABBITMQ_HOST} +chmod 400 rabbitmqxxxx.pem + +ssh -i rabbitmqxxxx.pem selvasingh@${RABBITMQ_HOST} (selvassingh is your rabbitmq admin) ``` You can adjust RabbitMQ to connect with clients from a different machine: @@ -201,4 +206,4 @@ export RABBITMQ_PASSWORD=INSERT-your-rabbitmq-password ``` -Go back to [How to use AKS end-to-end for Java apps?](https://github.com/azure-samples/java-on-aks) \ No newline at end of file +Go back to [How to use AKS end-to-end for Java apps?](https://github.com/azure-samples/java-on-aks) diff --git a/kubernetes/1-config.yaml b/kubernetes/1-config.yaml index 8d72ef8..e0efaa3 100644 --- a/kubernetes/1-config.yaml +++ b/kubernetes/1-config.yaml @@ -10,9 +10,9 @@ metadata: spec: type: LoadBalancer ports: - - name: http - port: 8888 - targetPort: 8888 + - name: http + port: 8888 + targetPort: 8888 selector: project: piggymetrics tier: middleware @@ -20,7 +20,7 @@ spec: status: loadBalancer: {} --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -32,6 +32,9 @@ spec: replicas: 1 strategy: type: RollingUpdate + selector: + matchLabels: + app: config template: metadata: labels: @@ -40,16 +43,16 @@ spec: app: config spec: containers: - - env: - - name: CONFIG_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: config_service_password - image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-config:${IMAGE_TAG} - name: config - ports: - - containerPort: 8888 - resources: {} + - env: + - name: CONFIG_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: config_service_password + image: acr061174.azurecr.io/piggymetrics-config:dev + name: config + ports: + - containerPort: 8888 + resources: {} restartPolicy: Always -status: {} \ No newline at end of file +status: {} diff --git a/kubernetes/2-registry.yaml b/kubernetes/2-registry.yaml index 567bc56..e6097c2 100644 --- a/kubernetes/2-registry.yaml +++ b/kubernetes/2-registry.yaml @@ -10,9 +10,9 @@ metadata: spec: type: LoadBalancer ports: - - name: http - port: 8761 - targetPort: 8761 + - name: http + port: 8761 + targetPort: 8761 selector: project: piggymetrics tier: middleware @@ -20,7 +20,7 @@ spec: status: loadBalancer: {} --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -32,6 +32,9 @@ spec: replicas: 1 strategy: type: RollingUpdate + selector: + matchLabels: + app: registry template: metadata: labels: @@ -40,16 +43,16 @@ spec: app: registry spec: containers: - - env: - - name: CONFIG_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: config_service_password - image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-registry:${IMAGE_TAG} - name: registry - ports: - - containerPort: 8761 - resources: {} + - env: + - name: CONFIG_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: config_service_password + image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-registry:${IMAGE_TAG} + name: registry + ports: + - containerPort: 8761 + resources: {} restartPolicy: Always -status: {} \ No newline at end of file +status: {} diff --git a/kubernetes/3-gateway.yaml b/kubernetes/3-gateway.yaml index e2604d3..e07db6e 100644 --- a/kubernetes/3-gateway.yaml +++ b/kubernetes/3-gateway.yaml @@ -10,15 +10,15 @@ metadata: spec: type: LoadBalancer ports: - - name: http - port: 80 - targetPort: 4000 + - name: http + port: 80 + targetPort: 4000 selector: project: piggymetrics tier: frontend app: gateway --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: gateway @@ -30,6 +30,9 @@ spec: replicas: 1 strategy: type: RollingUpdate + selector: + matchLabels: + app: gateway template: metadata: creationTimestamp: null @@ -39,14 +42,14 @@ spec: app: gateway spec: containers: - - name: gateway - env: - - name: CONFIG_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: config_service_password - image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-gateway:${IMAGE_TAG} - ports: - - containerPort: 4000 - restartPolicy: Always \ No newline at end of file + - name: gateway + env: + - name: CONFIG_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: config_service_password + image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-gateway:${IMAGE_TAG} + ports: + - containerPort: 4000 + restartPolicy: Always diff --git a/kubernetes/4-auth-service.yaml b/kubernetes/4-auth-service.yaml index 0a03213..729191c 100644 --- a/kubernetes/4-auth-service.yaml +++ b/kubernetes/4-auth-service.yaml @@ -9,9 +9,9 @@ metadata: name: auth-service spec: ports: - - name: http - port: 5000 - targetPort: 5000 + - name: http + port: 5000 + targetPort: 5000 selector: project: piggymetrics tier: infrastructure @@ -19,7 +19,7 @@ spec: status: loadBalancer: {} --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -31,6 +31,9 @@ spec: replicas: 1 strategy: type: RollingUpdate + selector: + matchLabels: + app: auth-service template: metadata: labels: @@ -39,41 +42,41 @@ spec: app: auth-service spec: containers: - - env: - - name: CONFIG_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: config_service_password - - name: ACCOUNT_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: account_service_password - - name: STATISTICS_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: statistics_service_password - - name: NOTIFICATION_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: notification_service_password - - name: MONGODB_DATABASE - valueFrom: - secretKeyRef: - name: piggymetrics - key: mongodb_database - - name: MONGODB_URI - valueFrom: - secretKeyRef: - name: piggymetrics - key: mongodb_uri - image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-auth-service:${IMAGE_TAG} - name: auth-service - ports: - - containerPort: 5000 - resources: {} + - env: + - name: CONFIG_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: config_service_password + - name: ACCOUNT_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: account_service_password + - name: STATISTICS_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: statistics_service_password + - name: NOTIFICATION_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: notification_service_password + - name: MONGODB_DATABASE + valueFrom: + secretKeyRef: + name: piggymetrics + key: mongodb_database + - name: MONGODB_URI + valueFrom: + secretKeyRef: + name: piggymetrics + key: mongodb_uri + image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-auth-service:${IMAGE_TAG} + name: auth-service + ports: + - containerPort: 5000 + resources: {} restartPolicy: Always -status: {} \ No newline at end of file +status: {} diff --git a/kubernetes/5-account-service.yaml b/kubernetes/5-account-service.yaml index 7bf37e4..878d990 100644 --- a/kubernetes/5-account-service.yaml +++ b/kubernetes/5-account-service.yaml @@ -9,9 +9,9 @@ metadata: name: account-service spec: ports: - - name: http - port: 6000 - targetPort: 6000 + - name: http + port: 6000 + targetPort: 6000 selector: project: piggymetrics tier: backend @@ -19,7 +19,7 @@ spec: status: loadBalancer: {} --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -31,6 +31,9 @@ spec: replicas: 1 strategy: type: RollingUpdate + selector: + matchLabels: + app: account-service template: metadata: labels: @@ -39,49 +42,49 @@ spec: app: account-service spec: containers: - - env: - - name: CONFIG_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: config_service_password - - name: ACCOUNT_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: account_service_password - - name: MONGODB_DATABASE - valueFrom: - secretKeyRef: - name: piggymetrics - key: mongodb_database - - name: MONGODB_URI - valueFrom: - secretKeyRef: - name: piggymetrics - key: mongodb_uri - - name: RABBITMQ_HOST - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_host - - name: RABBITMQ_PORT - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_port - - name: RABBITMQ_USERNAME - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_username - - name: RABBITMQ_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_password - ports: - - containerPort: 6000 - image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-account-service:${IMAGE_TAG} - name: account-service - restartPolicy: Always \ No newline at end of file + - env: + - name: CONFIG_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: config_service_password + - name: ACCOUNT_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: account_service_password + - name: MONGODB_DATABASE + valueFrom: + secretKeyRef: + name: piggymetrics + key: mongodb_database + - name: MONGODB_URI + valueFrom: + secretKeyRef: + name: piggymetrics + key: mongodb_uri + - name: RABBITMQ_HOST + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_host + - name: RABBITMQ_PORT + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_port + - name: RABBITMQ_USERNAME + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_username + - name: RABBITMQ_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_password + ports: + - containerPort: 6000 + image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-account-service:${IMAGE_TAG} + name: account-service + restartPolicy: Always diff --git a/kubernetes/6-statistics-service.yaml b/kubernetes/6-statistics-service.yaml index 6480f63..06c50e0 100644 --- a/kubernetes/6-statistics-service.yaml +++ b/kubernetes/6-statistics-service.yaml @@ -9,9 +9,9 @@ metadata: name: statistics-service spec: ports: - - name: http - port: 7000 - targetPort: 7000 + - name: http + port: 7000 + targetPort: 7000 selector: project: piggymetrics tier: backend @@ -19,7 +19,7 @@ spec: status: loadBalancer: {} --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -31,6 +31,9 @@ spec: replicas: 1 strategy: type: RollingUpdate + selector: + matchLabels: + app: statistics-service template: metadata: labels: @@ -39,51 +42,51 @@ spec: app: statistics-service spec: containers: - - env: - - name: CONFIG_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: config_service_password - - name: STATISTICS_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: statistics_service_password - - name: MONGODB_DATABASE - valueFrom: - secretKeyRef: - name: piggymetrics - key: mongodb_database - - name: MONGODB_URI - valueFrom: - secretKeyRef: - name: piggymetrics - key: mongodb_uri - - name: RABBITMQ_HOST - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_host - - name: RABBITMQ_PORT - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_port - - name: RABBITMQ_USERNAME - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_username - - name: RABBITMQ_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_password - ports: - - containerPort: 7000 - image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-statistics-service:${IMAGE_TAG} - name: statistics-service - resources: {} + - env: + - name: CONFIG_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: config_service_password + - name: STATISTICS_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: statistics_service_password + - name: MONGODB_DATABASE + valueFrom: + secretKeyRef: + name: piggymetrics + key: mongodb_database + - name: MONGODB_URI + valueFrom: + secretKeyRef: + name: piggymetrics + key: mongodb_uri + - name: RABBITMQ_HOST + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_host + - name: RABBITMQ_PORT + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_port + - name: RABBITMQ_USERNAME + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_username + - name: RABBITMQ_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_password + ports: + - containerPort: 7000 + image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-statistics-service:${IMAGE_TAG} + name: statistics-service + resources: {} restartPolicy: Always -status: {} \ No newline at end of file +status: {} diff --git a/kubernetes/7-notification-service.yaml b/kubernetes/7-notification-service.yaml index aff8b1f..3d1bbbb 100644 --- a/kubernetes/7-notification-service.yaml +++ b/kubernetes/7-notification-service.yaml @@ -9,9 +9,9 @@ metadata: name: notification-service spec: ports: - - name: http - port: 8000 - targetPort: 8000 + - name: http + port: 8000 + targetPort: 8000 selector: project: piggymetrics tier: backend @@ -19,7 +19,7 @@ spec: status: loadBalancer: {} --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -31,6 +31,9 @@ spec: replicas: 1 strategy: type: RollingUpdate + selector: + matchLabels: + app: notification-service template: metadata: labels: @@ -39,71 +42,71 @@ spec: app: notification-service spec: containers: - - env: - - name: CONFIG_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: config_service_password - - name: NOTIFICATION_SERVICE_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: notification_service_password - - name: NOTIFICATION_EMAIL_HOST - valueFrom: - secretKeyRef: - name: piggymetrics - key: notification_email_host - - name: NOTIFICATION_EMAIL_PORT - valueFrom: - secretKeyRef: - name: piggymetrics - key: notification_email_port - - name: NOTIFICATION_EMAIL_USER - valueFrom: - secretKeyRef: - name: piggymetrics - key: notification_email_user - - name: NOTIFICATION_EMAIL_PASS - valueFrom: - secretKeyRef: - name: piggymetrics - key: notification_email_pass - - name: MONGODB_DATABASE - valueFrom: - secretKeyRef: - name: piggymetrics - key: mongodb_database - - name: MONGODB_URI - valueFrom: - secretKeyRef: - name: piggymetrics - key: mongodb_uri - - name: RABBITMQ_HOST - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_host - - name: RABBITMQ_PORT - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_port - - name: RABBITMQ_USERNAME - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_username - - name: RABBITMQ_PASSWORD - valueFrom: - secretKeyRef: - name: piggymetrics - key: rabbitmq_password - ports: - - containerPort: 8000 - image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-notification-service:${IMAGE_TAG} - name: notification-service - resources: {} + - env: + - name: CONFIG_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: config_service_password + - name: NOTIFICATION_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: notification_service_password + - name: NOTIFICATION_EMAIL_HOST + valueFrom: + secretKeyRef: + name: piggymetrics + key: notification_email_host + - name: NOTIFICATION_EMAIL_PORT + valueFrom: + secretKeyRef: + name: piggymetrics + key: notification_email_port + - name: NOTIFICATION_EMAIL_USER + valueFrom: + secretKeyRef: + name: piggymetrics + key: notification_email_user + - name: NOTIFICATION_EMAIL_PASS + valueFrom: + secretKeyRef: + name: piggymetrics + key: notification_email_pass + - name: MONGODB_DATABASE + valueFrom: + secretKeyRef: + name: piggymetrics + key: mongodb_database + - name: MONGODB_URI + valueFrom: + secretKeyRef: + name: piggymetrics + key: mongodb_uri + - name: RABBITMQ_HOST + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_host + - name: RABBITMQ_PORT + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_port + - name: RABBITMQ_USERNAME + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_username + - name: RABBITMQ_PASSWORD + valueFrom: + secretKeyRef: + name: piggymetrics + key: rabbitmq_password + ports: + - containerPort: 8000 + image: ${CONTAINER_REGISTRY}.azurecr.io/piggymetrics-notification-service:${IMAGE_TAG} + name: notification-service + resources: {} restartPolicy: Always -status: {} \ No newline at end of file +status: {} diff --git a/media/azure-resource-environment.jpg b/media/azure-resource-environment.jpg new file mode 100644 index 0000000..41ba481 Binary files /dev/null and b/media/azure-resource-environment.jpg differ diff --git a/media/azure-resource-manager-get-principal.jpg b/media/azure-resource-manager-get-principal.jpg new file mode 100644 index 0000000..77a0a46 Binary files /dev/null and b/media/azure-resource-manager-get-principal.jpg differ diff --git a/media/client-id-service-principal.jpg b/media/client-id-service-principal.jpg new file mode 100644 index 0000000..7df58dd Binary files /dev/null and b/media/client-id-service-principal.jpg differ diff --git a/media/kubernetes-service-connection.jpg b/media/kubernetes-service-connection.jpg new file mode 100644 index 0000000..2ce2f3c Binary files /dev/null and b/media/kubernetes-service-connection.jpg differ diff --git a/media/kv-java-demo.jpg b/media/kv-java-demo.jpg new file mode 100644 index 0000000..a152ce3 Binary files /dev/null and b/media/kv-java-demo.jpg differ