Deploying Luminate Connector in Microsoft Azure Container Instances (ACI)

Luminate is a Software as a Service platform that allows corporate IT organizations to provide secure connectivity to corporate applications and services for designated audiences. Luminate allows doing the above without exposing internal networks/datacenters to risks associated with network access and provides unparalleled visibility and governance into activities that are performed by the accessing parties.

In order to get started with Luminate, one needs to configure the system to provide access as described in the below diagram:

In the diagram above, users can access published applications via the Luminate cloud service, as these applications have a Luminate Connector component deployed in their datacenter. A separate guide explains the steps that need to be taken in order to configure applications for access via Luminate.

This guide explains how to deploy Luminate Connectors in Microsoft Azure, while allowing Azure to manage their availability and redundancy, without the need to manage any dedicated Virtual Machines or other components. 

Please note that there are a number of technologies for deploying Docker Containers in Microsoft Azure. Azure Container Instances (ACI) is the easiest, but, at the time of writing of this article, it is still available in Preview and should not be used for production. Other technologies, such as  Docker for Azure or Azure Container Service (AKS), should be used for production-grade deployments.

General Description

In order to ensure continuous access to the applications / services via the Luminate platform, Connectors need to be up and running (and should be able to access the target applications/services) inside the customer organization's Azure datacenter.

The below diagram depicts the most basic deployment of Luminate Connectors in the Azure Connector Instances:

For more information about the Azure Container Instances please access the Azure Documentation.

Step-by-Step Guide

1. Define Connectors in the Luminate Administration Web Portal: As this document assumes that our goals are High-Availability and Redundancy of Connectors, the amount of defined connectors should not exceed the amount of ACI Instances in the ACI Cluster. 

After creating the connector, please copy the docker command required to initialize it for use in the next stage of the process.

2. Create the Container Instances in the Azure Management Portal: The user interface for creating Azure Container Instances is not exposing all of the required features, therefore, in order to deploy Luminate Connector in ACI, you will need to use an Azure Cloud Shell.

The Azure Cloud Shell can be invoked from any browser window (logged in to Azure Administration Portal), by choosing the following icon in a toolbar at the upper right-side:

When the shell launches, please copy the information from the connector deployment command into the following Azure CLI command:

az container create \
--resource-group <RESOURCE GROUP NAME - PICK ANYTHING UNIQUE> \
--name <CONNECTOR NAME FROM THE UI> \
--image luminate/connector \
--restart-policy Always \
--environment-variables SERVER_POD_URI='<COPIED FROM LUMINATE UI>' CMS_URL='<COPIED FROM LUMINATE UI>' TENANT_IDENTIFIER='<COPIED FROM LUMINATE UI>' HTTPS_SKIP_CERT_VERIFY='true' OTP='<COPIED FROM LUMINATE UI>

'

The operation will require a number of minutes to complete. Its progress can be monitored from the Container Groups view in the Azure Management Portal:

Check for status field:

If the service is not shown as running after a number of minutes, please refer to Container Instances Troubleshooting guide.

When your connector services are up, they can connect to Luminate Cloud service and will be shown as "Online" in the Luminate Administration Portal: