commit b5e046234cc87a8da212d6bb60743f92f9b8bc75 Author: Björn Busse Date: Sun Jan 7 21:03:28 2024 +0100 Initial commit diff --git a/.github/workflows/setup-cluster.yml b/.github/workflows/setup-cluster.yml new file mode 100644 index 0000000..232c7e4 --- /dev/null +++ b/.github/workflows/setup-cluster.yml @@ -0,0 +1,25 @@ +name: Setup cluster + +on: + push: + paths-ignore: + - '**.md' + branches: + - '**' + pull_request: + paths-ignore: + - '**.md' + branches: + - '**' + workflow_dispatch: + +jobs: + setup-cluster: + name: minikube + runs-on: ubuntu-latest + steps: + - name: start minikube + id: minikube + uses: medyagh/setup-minikube@latest + - name: kubectl + run: kubectl get pods -A diff --git a/README.md b/README.md new file mode 100644 index 0000000..bd8f3c8 --- /dev/null +++ b/README.md @@ -0,0 +1,46 @@ +# Challenge + +## Clone repository +``` +$ git clone https://git.e2m.io/mue/obch +$ cd obch +``` + +## Setup minikube and flux +### Optionally remove remnants of previous minikube clusters +``` +$ minikube delete --all + +# The above was not sufficient to setup a new cluster +# See also: https://github.com/kubernetes/minikube/issues/17683 +# Additionally deleting the local minikube config folder helped: +$ rm -rf ~/.minikube +``` + +### Setup cluster and deploy app +run sh sources 'setup-cluster' and 'deploy' +``` +$ ./run.sh +``` + +### Setup cluster +``` +$ ./setup-cluster +``` + +## Deploy Service +``` +$ ./deploy +``` + +## TODOs / Notes +Define strategy for version updates +Use SOPS for secret management +Terraform has minikube and flux providers + +## Resources +[Flux bootstrap for Gitea](https://fluxcd.io/flux/installation/bootstrap/gitea/) +[Flux github action](https://fluxcd.io/flux/flux-gh-action/) +[Terraform Flux Provider](https://github.com/fluxcd/terraform-provider-flux) +[Mozilla SOPS](https://fluxcd.io/flux/guides/mozilla-sops/) +[bitnami PostgreSQL HA Helm](https://bitnami.com/stack/postgresql-ha/helm) diff --git a/deploy b/deploy new file mode 100755 index 0000000..b6b8a08 --- /dev/null +++ b/deploy @@ -0,0 +1,33 @@ +#!/usr/bin/env bash +# +# Deploy app to k8s using fluxcd +# + +DEPLOY_MODE="flux" +readonly DEPLOY_MODE +APP_NAMESPACE="app" +readonly APP_NAMESPACE +PGSQLHA_VERSION="12.3.7" +readonly PGSQLHA_VERSION +PGSQLHA_OCI_URL="oci://registry-1.docker.io/bitnamicharts/postgresql-ha" +readonly PGSQLHA_OCI_URL + +# Create namespace +kubectl create namespace "${APP_NAMESPACE}" + +# Add Helm Charts +if [ "flux" == $DEPLOY_MODE ]; then + # Add Helm Charts via Flux HelmRelease CRD + printf "Using flux to create HelmRelease\n" + ./flux create helmrelease pgsql-ha \ + --chart postgresql-ha \ + --chart-version "${PGSQLHA_VERSION}" \ + --source HelmRepository/bitnamicharts \ + --namespace "${APP_NAMESPACE}" +elif [ "helm" == $DEPLOY_MODE ]; then + # Add Helm Charts via Helm + printf "Using Helm to install Chart\n" + helm install pgsql-ha "${PGSQLHA_OCI_URL}" \ + --version "${PGSQLHA_VERSION}" \ + --namespace "${APP_NAMESPACE}" +fi diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..8a6c58a --- /dev/null +++ b/run.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +# +# Setup minikube cluster and deploy app using fluxcd +# + +source setup-cluster +source deploy diff --git a/setup-cluster b/setup-cluster new file mode 100755 index 0000000..e9df3a0 --- /dev/null +++ b/setup-cluster @@ -0,0 +1,105 @@ +#!/usr/bin/env bash +# +# Setup a local minikube cluster +# with k8s dashboard and flux +# + +set -eo pipefail + +PRJ="obch" +readonly PRJ +USE_TF=0 +readonly USE_TF +GITEA_HOSTNAME="git.e2m.io" +readonly GITEA_HOSTNAME +GITEA_USER="obch-flux" +readonly GITEA_USER +FLUX_VERSION="2.2.1" +readonly FLUX_VERSION +FLUX_CHECKSUM="466756ca6b3437d30a6a5fb58e60f3e5a82d8291f3869cfc55b6f041962601b5" +readonly FLUX_CHECKSUM +FLUX_ARCHIVE="flux_${FLUX_VERSION}_linux_amd64.tar.gz" +readonly FLUX_ARCHIVE +FLUX_URL="https://github.com/fluxcd/flux2/releases/download/v${FLUX_VERSION}/${FLUX_ARCHIVE}" +readonly FLUX_URL +FLUX_FORCE_LOCAL=1 +readonly FLUX_FORCE_LOCAL +TF_VERSION="1.6.6" +readonly TF_VERSION +TF_ARCHIVE="terraform_${TF_VERSION}_linux_amd64.zip" +readonly TF_ARCHIVE +TF_CHECKSUM="" +readonly TF_CHECKSUM +TF_URL="https://releases.hashicorp.com/terraform/${TF_VERSION}/${TF_ARCHIVE}" +readonly TF_URL +TF_FORCE_LOCAL=1 +readonly TF_FORCE_LOCAL +VERBOSE=0 +readonly VERBOSE + + +# Start minikube +if ! $(minikube status) or $(minikube status | grep Nonexistent\|Stopped); then + printf 'minikube is not running\nStarting minikube..' + if (( 0=="${VERBOSE}" )); then + minikube start --driver=podman + else + minikube start --driver=podman --alsologtostderr -v=7 + fi +else + printf 'minikube is already running\n' +fi + +# Check cluster availability +# TODO: Check for errors +kubectl cluster-info + +# Deploy k8s dashboard +if [[ $(kubectl get pods -A -o wide | grep kubernetes-dashboard | grep Running) ]]; then + printf "Installing k8s dashboard\n" + minikube addons enable metrics-server + minikube dashboard & +else + printf 'k8s dashboard is already running\n' +fi + +# Install terraform if not in PATH +# or local version enforced +if ! $(which terraform) or 1=="$TF_FORCE_LOCAL"; then + printf "Fetching terraform archive..\n" + curl -LO "${TF_URL}" + tar xf "${TF_ARCHIVE}" + TF_CMD="./terraform" +else + TF_CMD="terraform" +fi + +# Install flux if not in PATH +# or local version enforced +if ! $(which flux) or 1=="$FLUX_FORCE_LOCAL"; then + printf "Fetching flux archive..\n" + curl -LO "${FLUX_URL}" + tar xf "${FLUX_ARCHIVE}" + FLUX_CMD="./flux" +else + FLUX_CMD="flux" +fi + +# Deploy Flux Controllers +# Needs cluster admin privileges +if [[ $(${FLUX_CMD} get helmreleases --all-namespaces) ]]; then + printf 'Flux controllers are running\n' +fi + +# 'flux bootstrap' is idempotent +printf 'Installing Flux controller\n' +${FLUX_CMD} bootstrap gitea \ + --hostname="$GITEA_HOSTNAME" \ + --token-auth \ + --owner="$GITEA_USER" \ + --repository="$PRJ"-deploy \ + --branch=main \ + --path=clusters/minikube \ + --personal \ + --read-write-key=true \ + --private=false diff --git a/tf/terraform.tf b/tf/terraform.tf new file mode 100644 index 0000000..8ff4887 --- /dev/null +++ b/tf/terraform.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + flux = { + source = "fluxcd/flux" + version = "1.2.2" + } + } +} + +provider "flux" { + # Configuration options +}