Initial commit
This commit is contained in:
commit
b5e046234c
25
.github/workflows/setup-cluster.yml
vendored
Normal file
25
.github/workflows/setup-cluster.yml
vendored
Normal file
@ -0,0 +1,25 @@
|
||||
name: Setup cluster
|
||||
|
||||
on:
|
||||
push:
|
||||
paths-ignore:
|
||||
- '**.md'
|
||||
branches:
|
||||
- '**'
|
||||
pull_request:
|
||||
paths-ignore:
|
||||
- '**.md'
|
||||
branches:
|
||||
- '**'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
setup-cluster:
|
||||
name: minikube
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: start minikube
|
||||
id: minikube
|
||||
uses: medyagh/setup-minikube@latest
|
||||
- name: kubectl
|
||||
run: kubectl get pods -A
|
46
README.md
Normal file
46
README.md
Normal file
@ -0,0 +1,46 @@
|
||||
# Challenge
|
||||
|
||||
## Clone repository
|
||||
```
|
||||
$ git clone https://git.e2m.io/mue/obch
|
||||
$ cd obch
|
||||
```
|
||||
|
||||
## Setup minikube and flux
|
||||
### Optionally remove remnants of previous minikube clusters
|
||||
```
|
||||
$ minikube delete --all
|
||||
|
||||
# The above was not sufficient to setup a new cluster
|
||||
# See also: https://github.com/kubernetes/minikube/issues/17683
|
||||
# Additionally deleting the local minikube config folder helped:
|
||||
$ rm -rf ~/.minikube
|
||||
```
|
||||
|
||||
### Setup cluster and deploy app
|
||||
run sh sources 'setup-cluster' and 'deploy'
|
||||
```
|
||||
$ ./run.sh
|
||||
```
|
||||
|
||||
### Setup cluster
|
||||
```
|
||||
$ ./setup-cluster
|
||||
```
|
||||
|
||||
## Deploy Service
|
||||
```
|
||||
$ ./deploy
|
||||
```
|
||||
|
||||
## TODOs / Notes
|
||||
Define strategy for version updates
|
||||
Use SOPS for secret management
|
||||
Terraform has minikube and flux providers
|
||||
|
||||
## Resources
|
||||
[Flux bootstrap for Gitea](https://fluxcd.io/flux/installation/bootstrap/gitea/)
|
||||
[Flux github action](https://fluxcd.io/flux/flux-gh-action/)
|
||||
[Terraform Flux Provider](https://github.com/fluxcd/terraform-provider-flux)
|
||||
[Mozilla SOPS](https://fluxcd.io/flux/guides/mozilla-sops/)
|
||||
[bitnami PostgreSQL HA Helm](https://bitnami.com/stack/postgresql-ha/helm)
|
33
deploy
Executable file
33
deploy
Executable file
@ -0,0 +1,33 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Deploy app to k8s using fluxcd
|
||||
#
|
||||
|
||||
DEPLOY_MODE="flux"
|
||||
readonly DEPLOY_MODE
|
||||
APP_NAMESPACE="app"
|
||||
readonly APP_NAMESPACE
|
||||
PGSQLHA_VERSION="12.3.7"
|
||||
readonly PGSQLHA_VERSION
|
||||
PGSQLHA_OCI_URL="oci://registry-1.docker.io/bitnamicharts/postgresql-ha"
|
||||
readonly PGSQLHA_OCI_URL
|
||||
|
||||
# Create namespace
|
||||
kubectl create namespace "${APP_NAMESPACE}"
|
||||
|
||||
# Add Helm Charts
|
||||
if [ "flux" == $DEPLOY_MODE ]; then
|
||||
# Add Helm Charts via Flux HelmRelease CRD
|
||||
printf "Using flux to create HelmRelease\n"
|
||||
./flux create helmrelease pgsql-ha \
|
||||
--chart postgresql-ha \
|
||||
--chart-version "${PGSQLHA_VERSION}" \
|
||||
--source HelmRepository/bitnamicharts \
|
||||
--namespace "${APP_NAMESPACE}"
|
||||
elif [ "helm" == $DEPLOY_MODE ]; then
|
||||
# Add Helm Charts via Helm
|
||||
printf "Using Helm to install Chart\n"
|
||||
helm install pgsql-ha "${PGSQLHA_OCI_URL}" \
|
||||
--version "${PGSQLHA_VERSION}" \
|
||||
--namespace "${APP_NAMESPACE}"
|
||||
fi
|
7
run.sh
Executable file
7
run.sh
Executable file
@ -0,0 +1,7 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Setup minikube cluster and deploy app using fluxcd
|
||||
#
|
||||
|
||||
source setup-cluster
|
||||
source deploy
|
105
setup-cluster
Executable file
105
setup-cluster
Executable file
@ -0,0 +1,105 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Setup a local minikube cluster
|
||||
# with k8s dashboard and flux
|
||||
#
|
||||
|
||||
set -eo pipefail
|
||||
|
||||
PRJ="obch"
|
||||
readonly PRJ
|
||||
USE_TF=0
|
||||
readonly USE_TF
|
||||
GITEA_HOSTNAME="git.e2m.io"
|
||||
readonly GITEA_HOSTNAME
|
||||
GITEA_USER="obch-flux"
|
||||
readonly GITEA_USER
|
||||
FLUX_VERSION="2.2.1"
|
||||
readonly FLUX_VERSION
|
||||
FLUX_CHECKSUM="466756ca6b3437d30a6a5fb58e60f3e5a82d8291f3869cfc55b6f041962601b5"
|
||||
readonly FLUX_CHECKSUM
|
||||
FLUX_ARCHIVE="flux_${FLUX_VERSION}_linux_amd64.tar.gz"
|
||||
readonly FLUX_ARCHIVE
|
||||
FLUX_URL="https://github.com/fluxcd/flux2/releases/download/v${FLUX_VERSION}/${FLUX_ARCHIVE}"
|
||||
readonly FLUX_URL
|
||||
FLUX_FORCE_LOCAL=1
|
||||
readonly FLUX_FORCE_LOCAL
|
||||
TF_VERSION="1.6.6"
|
||||
readonly TF_VERSION
|
||||
TF_ARCHIVE="terraform_${TF_VERSION}_linux_amd64.zip"
|
||||
readonly TF_ARCHIVE
|
||||
TF_CHECKSUM=""
|
||||
readonly TF_CHECKSUM
|
||||
TF_URL="https://releases.hashicorp.com/terraform/${TF_VERSION}/${TF_ARCHIVE}"
|
||||
readonly TF_URL
|
||||
TF_FORCE_LOCAL=1
|
||||
readonly TF_FORCE_LOCAL
|
||||
VERBOSE=0
|
||||
readonly VERBOSE
|
||||
|
||||
|
||||
# Start minikube
|
||||
if ! $(minikube status) or $(minikube status | grep Nonexistent\|Stopped); then
|
||||
printf 'minikube is not running\nStarting minikube..'
|
||||
if (( 0=="${VERBOSE}" )); then
|
||||
minikube start --driver=podman
|
||||
else
|
||||
minikube start --driver=podman --alsologtostderr -v=7
|
||||
fi
|
||||
else
|
||||
printf 'minikube is already running\n'
|
||||
fi
|
||||
|
||||
# Check cluster availability
|
||||
# TODO: Check for errors
|
||||
kubectl cluster-info
|
||||
|
||||
# Deploy k8s dashboard
|
||||
if [[ $(kubectl get pods -A -o wide | grep kubernetes-dashboard | grep Running) ]]; then
|
||||
printf "Installing k8s dashboard\n"
|
||||
minikube addons enable metrics-server
|
||||
minikube dashboard &
|
||||
else
|
||||
printf 'k8s dashboard is already running\n'
|
||||
fi
|
||||
|
||||
# Install terraform if not in PATH
|
||||
# or local version enforced
|
||||
if ! $(which terraform) or 1=="$TF_FORCE_LOCAL"; then
|
||||
printf "Fetching terraform archive..\n"
|
||||
curl -LO "${TF_URL}"
|
||||
tar xf "${TF_ARCHIVE}"
|
||||
TF_CMD="./terraform"
|
||||
else
|
||||
TF_CMD="terraform"
|
||||
fi
|
||||
|
||||
# Install flux if not in PATH
|
||||
# or local version enforced
|
||||
if ! $(which flux) or 1=="$FLUX_FORCE_LOCAL"; then
|
||||
printf "Fetching flux archive..\n"
|
||||
curl -LO "${FLUX_URL}"
|
||||
tar xf "${FLUX_ARCHIVE}"
|
||||
FLUX_CMD="./flux"
|
||||
else
|
||||
FLUX_CMD="flux"
|
||||
fi
|
||||
|
||||
# Deploy Flux Controllers
|
||||
# Needs cluster admin privileges
|
||||
if [[ $(${FLUX_CMD} get helmreleases --all-namespaces) ]]; then
|
||||
printf 'Flux controllers are running\n'
|
||||
fi
|
||||
|
||||
# 'flux bootstrap' is idempotent
|
||||
printf 'Installing Flux controller\n'
|
||||
${FLUX_CMD} bootstrap gitea \
|
||||
--hostname="$GITEA_HOSTNAME" \
|
||||
--token-auth \
|
||||
--owner="$GITEA_USER" \
|
||||
--repository="$PRJ"-deploy \
|
||||
--branch=main \
|
||||
--path=clusters/minikube \
|
||||
--personal \
|
||||
--read-write-key=true \
|
||||
--private=false
|
12
tf/terraform.tf
Normal file
12
tf/terraform.tf
Normal file
@ -0,0 +1,12 @@
|
||||
terraform {
|
||||
required_providers {
|
||||
flux = {
|
||||
source = "fluxcd/flux"
|
||||
version = "1.2.2"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "flux" {
|
||||
# Configuration options
|
||||
}
|
Loading…
Reference in New Issue
Block a user