NLB-2234: update vmss backend documentation #1642
Conversation
github-actions
bot
added
documentation
✅ Deploy Preview will be available once build job completes!
|
arussellf5
left a comment
arussellf5
left a comment
There was a problem hiding this comment.
This is excellent documentation! Thank you
|
|
||
| ## Getting Started | ||
|
|
||
| ### Step 1: Create NGINXaaS deployment with dynamic upstreams |
There was a problem hiding this comment.
| ### Step 1: Create NGINXaaS deployment with dynamic upstreams | |
| ### Create NGINXaaS deployment with dynamic upstreams |
There was a problem hiding this comment.
Make this at other places as well.
Refer: #1384
There was a problem hiding this comment.
updated above suggested changes
|
|
||
| ## Overview | ||
|
|
||
| The NGINXaaS dataplane API key is used to authenticate with your NGINXaaS deployment's dataplane API. This key is required for various integrations including VMSS backend synchronization and Kubernetes load balancing. |
There was a problem hiding this comment.
Arent these both load balancing (VMSS and Kubernetes)?
There was a problem hiding this comment.
Yes, it is useful both. Thats the reason i created a separate common page and use this reference in both VMSS and kubernetes places
There was a problem hiding this comment.
So maybe just call it VMSS load balancing (@arussellf5 what do you think?).
There was a problem hiding this comment.
updated to VMSS load balancing
|
|
||
| ```bash | ||
| # Set role name | ||
| roleName="VMSS-Network-Read-Role" |
There was a problem hiding this comment.
Why set this here? It's not used until later (in the Assign the Custom Role script).
There was a problem hiding this comment.
Nice catch, shifted it to Assign the Custom Role section
| ```yaml | ||
| # nginx-asg-sync configuration for NGINXaaS for Azure | ||
| cloud_provider: Azure | ||
| subscription_id: your_subscription_id |
There was a problem hiding this comment.
In the json file mentioned above, you used "<SUBSCRIPTION_ID>" nomenclature to indicate items that the user needed to substitute real values into. Should we use the same pattern here?
There was a problem hiding this comment.
updated to <SUBSCRIPTION_ID>
|
|
||
| ``` | ||
| 2026/01/08 15:44:12 nginx-asg-sync version 1.0.3 | ||
| 2026/01/08 15:44:13 Updated HTTP servers of backend-one for group naveen-vmss-latest ; Added: [172.19.0.6:80 172.19.0.7:80], Removed: [], Updated: [] |
There was a problem hiding this comment.
Probably don't want your name in here (and below)
There was a problem hiding this comment.
Removed names and used backend-one
|
|
||
| You can assign managed identity permissions using: | ||
|
|
||
| - **Azure Portal**: Navigate to **Resource** → **Identity** → **Role assignments** in the Azure portal |
There was a problem hiding this comment.
Wasn't clear what the starting point for this was? Which resource should I be looking at in the Portal?
There was a problem hiding this comment.
Yes, updated to specific resource like vm, vmss
| @@ -0,0 +1,485 @@ | |||
| --- | |||
| title: Virtual Machine Scale Sets (VMSS) Backend Integration | |||
There was a problem hiding this comment.
We call this file vmss-backend.md but for kubernetes we call it loadbalancer-kubernetes.md. I'm wondering, for consistency sake, we call this loadbalancer-vmss.md instead. I'd also change the title to be consistent too. (@arussellf5 please input if you think differently).
There was a problem hiding this comment.
updated the title and file names as suggested to main consistency
| Before setting up VMSS backend integration, ensure you have: | ||
|
|
||
| - An active NGINXaaS for Azure deployment | ||
| - Azure Virtual Machine Scale Sets (VMSS) |
There was a problem hiding this comment.
Please highlight that the orchestration mode must be set to uniform and not flexible.
There was a problem hiding this comment.
Highlighted as suggested above
| proxy_pass http://backend-two; | ||
| } | ||
|
|
||
| location @hc-backend-two { |
There was a problem hiding this comment.
Do we need to have two backend upstream groups. Seems for simplicity we'd just keep this simple and create one upstream group.
There was a problem hiding this comment.
simplified it by including only one upstream group
russokj
left a comment
russokj
left a comment
There was a problem hiding this comment.
No major issues. Just come suggestions.
Proposed changes
Checklist
Before sharing this pull request, I completed the following checklist:
Footnotes
Potentially sensitive information includes personally identify information (PII), authentication credentials, and live URLs. Refer to the style guide for guidance about placeholder content. ↩