diff --git a/Makefile b/Makefile index 060d240..025ca4b 100644 --- a/Makefile +++ b/Makefile @@ -1,27 +1,37 @@ REGISTRY_NAME=registry.runcible.io FRONTEND_IMAGE_NAME=$(REGISTRY_NAME)/demo-helm-frontend -FRONTEND_IMAGE_VERSION=1.4.0-dev +FRONTEND_IMAGE_VERSION=1.6.0 API_IMAGE_NAME=$(REGISTRY_NAME)/demo-helm-api -API_IMAGE_VERSION=1.4.0-dev +API_IMAGE_VERSION=1.6.0 + +push-all: push-app-image push-api-image +.PHONY: push-all push-app-image: build-app-image docker push $(FRONTEND_IMAGE_NAME):$(FRONTEND_IMAGE_VERSION) +.PHONY: push-app-image build-app-image: docker build -t $(FRONTEND_IMAGE_NAME):$(FRONTEND_IMAGE_VERSION) ./app +.PHONY: build-app-image push-api-image: build-api-image docker push $(API_IMAGE_NAME):$(API_IMAGE_VERSION) +.PHONY: push-api-image build-api-image: docker build -t $(API_IMAGE_NAME):$(API_IMAGE_VERSION) ./api +.PHONY: build-api-image update-API-deps: pip-compile -o api/requirements.txt api/requirements.in +.PHONY: update-API-deps sync-virtualenv: pip-sync dev_requirements.txt api/requirements.txt +.PHONY: sync-virtualenv check-images: echo $(FRONTEND_IMAGE_NAME):$(FRONTEND_IMAGE_VERSION) echo $(API_IMAGE_NAME):$(API_IMAGE_VERSION) +.PHONY: check-images \ No newline at end of file diff --git a/README.md b/README.md index 200f575..75bb077 100644 --- a/README.md +++ b/README.md @@ -66,6 +66,13 @@ Then you need to specify the secret in your deployment spec like so: - name: regcred ``` +## Creating the Database password as a secret + +``` +kubectl -n create secret generic database_secret \ + --from-literal=password= +``` + [The k8s docs](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line) # References diff --git a/api/api/app.py b/api/api/app.py index 5038367..a9cad60 100644 --- a/api/api/app.py +++ b/api/api/app.py @@ -3,7 +3,7 @@ from flask import Blueprint, jsonify from .models import Cookie -main_blueprint = Blueprint("main", __name__) +main_blueprint = Blueprint("main", __name__, url_prefix='/v1/api') __version__ = "1.2.0" diff --git a/app/.env.production b/app/.env.production new file mode 100644 index 0000000..9ea6331 --- /dev/null +++ b/app/.env.production @@ -0,0 +1 @@ +VITE_BACKEND_URI = "https://lab.runcible.io/v1/api" \ No newline at end of file diff --git a/app/.gitignore b/app/.gitignore index 53f7466..9fbcb37 100644 --- a/app/.gitignore +++ b/app/.gitignore @@ -2,4 +2,5 @@ node_modules .DS_Store dist dist-ssr -*.local \ No newline at end of file +*.local +.env.local diff --git a/app/src/services/AppService.js b/app/src/services/AppService.js index 86a1c07..6bcdc8a 100644 --- a/app/src/services/AppService.js +++ b/app/src/services/AppService.js @@ -1,7 +1,7 @@ import axios from 'axios' const apiClient = axios.create({ - baseURL: 'http://backend.runcible.io', + baseURL: import.meta.env.VITE_BACKEND_URI, withCredentials: false, headers: { Accept: 'application/json', diff --git a/charts/demo-helm/Chart.yaml b/charts/demo-helm/Chart.yaml index 3000c25..0bfac94 100644 --- a/charts/demo-helm/Chart.yaml +++ b/charts/demo-helm/Chart.yaml @@ -1,7 +1,7 @@ --- apiVersion: v2 name: demo-helm -appVersion: 1.2.0 +appVersion: 1.6.0 description: A Helm chart to practice helm -version: 0.3.0 +version: 0.4.0 type: application diff --git a/charts/demo-helm/templates/backend-service.yaml b/charts/demo-helm/templates/backend-service.yaml index 96fef1a..d09dc9e 100644 --- a/charts/demo-helm/templates/backend-service.yaml +++ b/charts/demo-helm/templates/backend-service.yaml @@ -6,6 +6,7 @@ metadata: labels: name: {{ $.Release.Name }}-{{ $.Chart.Name}}-backend-service name: {{ $.Release.Name }}-{{ $.Chart.Name}}-backend-service + namespace: {{ .Values.namespace }} spec: ports: - protocol: 'TCP' diff --git a/charts/demo-helm/templates/backend.yaml b/charts/demo-helm/templates/backend.yaml index 87d7c4d..1f27bcb 100644 --- a/charts/demo-helm/templates/backend.yaml +++ b/charts/demo-helm/templates/backend.yaml @@ -5,9 +5,11 @@ metadata: # This allows us to ensure we have a unique config name. Which means we could have two of the same service # in the same namespace. name: {{ .Release.Name }}-{{ .Chart.Name}}-backend + namespace: {{ .Values.namespace }} labels: app: {{ .Release.Name }}-{{ .Chart.Name}}-backend spec: + # TODO add probes for health and wellness {{- with .Values.services.backend }} replicas: {{ .replicas }} selector: @@ -33,6 +35,32 @@ spec: configMapKeyRef: name: {{ $.Release.Name }}-{{ $.Chart.Name}}-configmap key: random_data + - name: POSTGRES_HOST + # Should resolve to the DNS name of the database service + value: {{ $.Release.Name }}-{{ $.Chart.Name }}-database-service + - name: POSTGRES_APP_DATABASE + valueFrom: + configMapKeyRef: + name: {{ $.Release.Name }}-{{ $.Chart.Name}}-configmap + key: database_name + - name: POSTGRES_USER + valueFrom: + configMapKeyRef: + name: {{ $.Release.Name }}-{{ $.Chart.Name}}-configmap + key: database_user + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ $.Values.services.database.database_secret }} + key: {{ $.Values.services.database.database_passwd_key }} + - name: POSTGRES_PORT + valueFrom: + configMapKeyRef: + name: {{ $.Release.Name }}-{{ $.Chart.Name}}-configmap + key: database_port + - name: SQLALCHEMY_URI + # This works because https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvar-v1-core + value: "postgresql://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(POSTGRES_HOST):$(POSTGRES_PORT)/$(POSTGRES_APP_DATABASE)" imagePullSecrets: - name: {{ $.Values.image_pull_secret }} {{- end }} diff --git a/charts/demo-helm/templates/configmap.yaml b/charts/demo-helm/templates/configmap.yaml index 17c52b9..2840a2f 100644 --- a/charts/demo-helm/templates/configmap.yaml +++ b/charts/demo-helm/templates/configmap.yaml @@ -2,5 +2,9 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ $.Release.Name }}-{{ $.Chart.Name}}-configmap + namespace: {{ .Values.namespace }} data: - random_data: {{ .Values.random | quote }} \ No newline at end of file + random_data: {{ .Values.random | quote }} + database_name: {{ .Values.services.database.database_name | quote }} + database_port: {{ .Values.services.database.database_port | default "5432" | quote }} + database_user: {{ .Values.services.database.database_user | default "postgres" | quote }} \ No newline at end of file diff --git a/charts/demo-helm/templates/database-service.yaml b/charts/demo-helm/templates/database-service.yaml new file mode 100644 index 0000000..29d768f --- /dev/null +++ b/charts/demo-helm/templates/database-service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-{{ .Chart.Name }}-database-service + namespace: {{ .Values.namespace }} +spec: + ports: + - port: 5432 + protocol: TCP + selector: + app: {{ .Release.Name }}-{{ .Chart.Name }}-database \ No newline at end of file diff --git a/charts/demo-helm/templates/database.yaml b/charts/demo-helm/templates/database.yaml new file mode 100644 index 0000000..abd0798 --- /dev/null +++ b/charts/demo-helm/templates/database.yaml @@ -0,0 +1,55 @@ +# This is a singleton postgres pod with a Persistent Volume Claim to an +# NFS backed volume. See nfs-volume.yaml and nfs-volume-claim.yaml +# It will be exposed as a service to the runcible namespace in mypostgres-service.yaml +apiVersion: apps/v1 +kind: ReplicaSet +metadata: + name: {{ .Release.Name }}-{{ .Chart.Name }}-database + namespace: {{ .Values.namespace }} + labels: + app: {{ .Release.Name }}-{{ .Chart.Name }}-database +spec: + # Since this is a singleton + replicas: 1 + selector: + matchLabels: + app: {{ .Release.Name }}-{{ .Chart.Name }}-database + template: + metadata: + labels: + app: {{ .Release.Name }}-{{ .Chart.Name }}-database + spec: + containers: + - name: {{ .Release.Name }}-{{ .Chart.Name }}-database + image: {{ .Values.services.database.image_name }} + # This is a dev server effectively + resources: + requests: + cpu: 1 + memory: 2Gi + env: + # Convert this over to use secrets instead + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.services.database.database_secret }} + key: {{ .Values.services.database.database_passwd_key }} + - name: POSTGRES_USER + value: {{ .Values.services.database.database_user }} + - name: POSTGRES_DB + value: {{ .Values.services.database.database_name }} + livenessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 180 + periodSeconds: 10 + ports: + - containerPort: 5432 + volumeMounts: + - name: postgres-data + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-data + persistentVolumeClaim: + # The name of our pvc + claimName: {{ .Values.services.database.persistent_volume_claim }} \ No newline at end of file diff --git a/charts/demo-helm/templates/frontend-service.yaml b/charts/demo-helm/templates/frontend-service.yaml index a06a603..bbd7547 100644 --- a/charts/demo-helm/templates/frontend-service.yaml +++ b/charts/demo-helm/templates/frontend-service.yaml @@ -6,6 +6,7 @@ metadata: labels: name: {{ $.Release.Name }}-{{ $.Chart.Name}}-frontend-service name: {{ $.Release.Name }}-{{ $.Chart.Name}}-frontend-service + namespace: {{ .Values.namespace }} spec: ports: - protocol: 'TCP' diff --git a/charts/demo-helm/templates/frontend.yaml b/charts/demo-helm/templates/frontend.yaml index cb17f33..31f2899 100644 --- a/charts/demo-helm/templates/frontend.yaml +++ b/charts/demo-helm/templates/frontend.yaml @@ -5,9 +5,11 @@ metadata: # This allows us to ensure we have a unique config name. Which means we could have two of the same service # in the same namespace. name: {{ .Release.Name }}-{{ .Chart.Name }}-frontend + namespace: {{ .Values.namespace }} labels: app: {{ .Release.Name }}-{{ .Chart.Name }}-frontend spec: + # TODO add probes for health and wellness {{- with .Values.services.frontend }} replicas: {{ .replicas }} selector: diff --git a/charts/demo-helm/templates/ingress.yaml b/charts/demo-helm/templates/ingress.yaml index 038d3b5..84a710e 100644 --- a/charts/demo-helm/templates/ingress.yaml +++ b/charts/demo-helm/templates/ingress.yaml @@ -4,6 +4,7 @@ kind: Ingress # https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata metadata: name: {{ .Release.Name }}-{{ .Chart.Name}}-backend-ingress + namespace: {{ .Values.namespace }} spec: rules: - host: backend.runcible.io @@ -22,6 +23,7 @@ kind: Ingress # https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata metadata: name: {{ .Release.Name }}-{{ .Chart.Name}}-frontend-ingress + namespace: {{ .Values.namespace }} spec: rules: - host: frontend.runcible.io diff --git a/charts/demo-helm/templates/pv-demo-helm-db.yaml b/charts/demo-helm/templates/pv-demo-helm-db.yaml new file mode 100644 index 0000000..2bffcb2 --- /dev/null +++ b/charts/demo-helm/templates/pv-demo-helm-db.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ .Values.services.database.persistent_volume }} + namespace: {{ .Values.namespace }} +spec: + capacity: + storage: 10Gi + accessModes: + - ReadWriteMany + nfs: + server: {{ .Values.services.database.nfs_server }} + path: {{ .Values.services.database.nfs_path }} \ No newline at end of file diff --git a/charts/demo-helm/templates/pvc-demo-helm-db.yaml b/charts/demo-helm/templates/pvc-demo-helm-db.yaml new file mode 100644 index 0000000..9b3469c --- /dev/null +++ b/charts/demo-helm/templates/pvc-demo-helm-db.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Values.services.database.persistent_volume_claim }} + namespace: {{ .Values.namespace }} +spec: + # By specifying a PersistentVolume in a PersistentVolumeClaim, you declare a binding between that specific PV and PVC. + volumeName: {{ .Values.services.database.persistent_volume }} + accessModes: + - ReadWriteMany + # Empty string must be explicitly set otherwise default StorageClass will be set + storageClassName: '' + resources: + requests: + storage: 10Gi \ No newline at end of file diff --git a/charts/demo-helm/values.yaml b/charts/demo-helm/values.yaml index 5782995..7c1b960 100644 --- a/charts/demo-helm/values.yaml +++ b/charts/demo-helm/values.yaml @@ -1,12 +1,24 @@ --- -image_pull_secret: regcred +image_pull_secret: "regcred" +namespace: "demo-helm" services: frontend: image_name: "registry.runcible.io/demo-helm-frontend" - image_version: "1.4.0" + image_version: "1.6.0" replicas: 1 backend: image_name: "registry.runcible.io/demo-helm-api" - image_version: "1.4.0" + image_version: "1.6.0" replicas: 1 + database: + database_name: "demo_helm" + database_user: "toor" + database_secret: "database-secret" + database_passwd_key: "password" + image_name: "postgres:12-alpine" + nfs_path: "/volume1/expanse/demo_helm" + nfs_server: "nas1.runcible.io" + persistent_volume: "demo-helm-db-pv" + persistent_volume_claim: "demo-helm-db-pvc" + random: "tis-random-default" \ No newline at end of file