Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Kubernetes 4 #9

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -66,3 +66,19 @@ none и host и посмотрел, как меняется список namespa
- * Написал манифест для секрета tls, разместил в kubernetes/reddit/tlssecret.yml
- Настроил NetworkPolicy
- Настроил PersistentVolume, PersistentVolumeClaim, прикрепил к деплою mongo, поэкспериментировал

## Домашняя работа №32: CI/CD в Kubernetes
- Установил helm 2 и tiller в предварительно развёрнутый кластер kubernetes в Yandex.Cloud
- Создал чарты для компонентов приложения
- Выполнил задание, создав в каждом из каталогов templates по файлу _helpers.tpl, в котором создал функции post.fullname, ui.fullname
- Собрал все чарты под одним чартом reddit, добавил рабочий mongodb
- Добавил переменные окружения для связи компонентов друг с другом и отключил авторизацию у mongodb, из-за чего не стартовал post. Всё заработало
- Gitlab в рекомендуемой методичкой depricated omnibus версии отказался вставать вероятно из-за того, что я использовал kubernetes версии 1.21. Поэтому я зарегистрировал бесплатный домен третьего уровня и установил gitlab через helm командой
helm install gitlab gitlab/gitlab --set global.hosts.domain=yunusovtr.my.to --set certmanager-issuer.email=yunusovtr@live.ru --set gitlab-runner.runners.privileged=true
- Создал репозитории comment, post, ui, reddit-deploy в соответствии с методичкой.
- Создал CI, но для его запуска пришлось отлаживать код: helm 2 не качался из прежнего расположения, был захардкодена ссылка к гитлабу, не работал с kubernetes: active и подключаться к кластеру без гитлаб агента и переключения контекста внутри раннера он тоже отказывался. Соответственно установил и настроил гитлаб агент для каждого из репозиториев.
- Отладил код и для reddit-deploy. Убедился что все пайплайны успешно отрабатывают.
- Код CI компонента comment не менял на использование tiller plugin - разрешение на это получено в Slack
- Изменил код CI у компонента post на использование Helm 3
- Отредактировал код CI у reddit-deploy под читабельный вид.
- Задание со *. Организовал мультипроджект пайплайн путём добавления джобы с триггером и дополнительным условием запуска в джобе production
86 changes: 86 additions & 0 deletions kubernetes/Charts/.gitlab-ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
image: alpine:latest

stages:
- test
- staging
- production

test:
stage: test
script:
- exit 0
only:
- triggers
- branches

.deploy:
variables:
TILLER_NAMESPACE: "kube-system"
before_script:
- apk add -U openssl curl tar gzip bash ca-certificates git
- wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub
- wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.23-r3/glibc-2.23-r3.apk
- apk add glibc-2.23-r3.apk
- rm glibc-2.23-r3.apk

- curl https://get.helm.sh/helm-v2.17.0-linux-amd64.tar.gz | tar zx

- mv linux-amd64/helm /usr/bin/
- helm version --client

- curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
- chmod +x /usr/bin/kubectl
- kubectl version --client
- kubectl config get-contexts
- kubectl config use-context $(kubectl config get-contexts | tail -n +2 | head -n 1 | awk '{print $1};')

- kubectl describe namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE"
- echo "Checking Tiller..."
- helm init --upgrade
- kubectl rollout status -n "$TILLER_NAMESPACE" -w "deployment/tiller-deploy"
- >
if ! helm version --debug; then
echo "Failed to init Tiller."
return 1
fi
- echo ""
script:
- echo $KUBE_NAMESPACE
- track="${1-stable}"
- helm dep build reddit
- >
helm upgrade --install \
--wait \
--set ui.ingress.host="$host" \
--set ui.image.tag="$(curl $CI_SERVER_URL/$CI_PROJECT_NAMESPACE/ui/raw/master/VERSION)" \
--set post.image.tag="$(curl $CI_SERVER_URL/$CI_PROJECT_NAMESPACE/post/raw/master/VERSION)" \
--set comment.image.tag="$(curl $CI_SERVER_URL/$CI_PROJECT_NAMESPACE/comment/raw/master/VERSION)" \
--namespace="$KUBE_NAMESPACE" \
--version="$CI_PIPELINE_ID-$CI_JOB_ID" \
"$CI_ENVIRONMENT_SLUG" \
reddit

staging:
extends: .deploy
stage: staging
variables:
KUBE_NAMESPACE: staging
environment:
name: staging
url: http://staging
only:
refs:
- master

production:
extends: .deploy
stage: production
variables:
KUBE_NAMESPACE: production
environment:
name: production
url: http://production
rules:
- if: $CI_PIPELINE_SOURCE == "pipeline"
when: on_success
- when: manual
7 changes: 7 additions & 0 deletions kubernetes/Charts/comment/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
name: comment
version: 1.0.0
description: OTUS reddit application UI
maintainers:
- name: Someone
email: my@mail.com
appVersion: 1.0
3 changes: 3 additions & 0 deletions kubernetes/Charts/comment/templates/_helpers.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{{- define "comment.fullname" -}}
{{- printf "%s-%s" .Release.Name .Chart.Name }}
{{- end -}}
34 changes: 34 additions & 0 deletions kubernetes/Charts/comment/templates/deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "comment.fullname" . }}
labels:
app: reddit
component: comment
release: {{ .Release.Name }}
spec:
replicas: 1
selector:
matchLabels:
app: reddit
component: comment
release: {{ .Release.Name }}
template:
metadata:
name: comment
labels:
app: reddit
component: comment
release: {{ .Release.Name }}
spec:
containers:
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
name: comment
ports:
- containerPort: {{ .Values.service.internalPort }}
name: comment
protocol: TCP
env:
- name: COMMENT_DATABASE_HOST
value: {{ .Values.databaseHost | default (printf "%s-mongodb" .Release.Name) }}
19 changes: 19 additions & 0 deletions kubernetes/Charts/comment/templates/service.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
---
apiVersion: v1
kind: Service
metadata:
name: {{ template "comment.fullname" . }}
labels:
app: reddit
component: comment
release: {{ .Release.Name }}
spec:
type: ClusterIP
ports:
- port: {{ .Values.service.externalPort }}
protocol: TCP
targetPort: {{ .Values.service.internalPort }}
selector:
app: reddit
component: comment
release: {{ .Release.Name }}
10 changes: 10 additions & 0 deletions kubernetes/Charts/comment/values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
service:
internalPort: 9292
externalPort: 9292

image:
repository: yunusovtr/ui
tag: latest

databaseHost:
19 changes: 19 additions & 0 deletions kubernetes/Charts/gitlab-omnibus/.gitlab-ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
image: registry.gitlab.com/charts/alpine-helm

stages:
- test
- release

lint:
stage: test
script:
- helm lint .
except:
- master

release-chart:
stage: release
script:
- curl --request POST --form "token=$CI_JOB_TOKEN" --form ref=master https://gitlab.com/api/v4/projects/2860651/trigger/pipeline
only:
- master
21 changes: 21 additions & 0 deletions kubernetes/Charts/gitlab-omnibus/.helmignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
11 changes: 11 additions & 0 deletions kubernetes/Charts/gitlab-omnibus/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
**0.1.35**
> Upgrade note:
* Due to the change in default access mode, existing users will have to specify `ReadWriteMany` as the access mode. For example:
```
gitlabDataAccessMode=ReadWriteMany
gitlabRegistryAccessMode=ReadWriteMany
gitlabConfigAccessMode=ReadWriteMany
```

* Sets the default access mode for `gitlab-storage`, `gitlab-registry-storage`, and `gitlab-config-storage` to be `ReadWriteOnce` to be compatible with Kubernetes 1.7.0+.
* The parameter name to configure the size of the `gitlab-storage` PVC has changed from `gitlabRailsStorageSize` to `gitlabDataStorageSize`. For backwards compatability, `gitlabRailsStorageSize` will still apply provided `gitlabDataStorageSize` is undefined.
26 changes: 26 additions & 0 deletions kubernetes/Charts/gitlab-omnibus/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
apiVersion: v1
deprecated: true
description: GitLab Omnibus all-in-one bundle
home: https://about.gitlab.com
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png
keywords:
- git
- ci
- cd
- deploy
- issue tracker
- code review
- wiki
maintainers:
- email: support@gitlab.com
name: GitLab Inc.
- name: Mark Pundsack
- name: Jason Plum
- name: DJ Mountney
- name: Joshua Lambert
name: gitlab-omnibus
sources:
- http://docs.gitlab.com/ce/install/kubernetes/
- https://gitlab.com/charts/charts.gitlab.io
tillerVersion: '>=2.5.0'
version: 0.1.37
23 changes: 23 additions & 0 deletions kubernetes/Charts/gitlab-omnibus/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# DEPRECATION NOTICE

This chart is **DEPRECATED**.

### Replacement

We have built a set of fully cloud native charts in [gitlab/gitlab](https://gitlab.com/charts/gitlab).
These new charts are designed from the ground up to be performant, flexible, scalable, and resilient.

We _very strongly_ recommend transitioning, if you are currently using these charts. If you have
never used these charts, _do not now_.

### Availability

This project remains visible as an example of how to convert a full monolith application to Kubernetes capable.
[Monolith to Microservice: Pitchforks not included](https://youtu.be/rIUth_KrJdw?list=PLj6h78yzYM2PZf9eA7bhWnIh_mK1vyOfU) (video)
details the work done to break this monolithic container into component parts.

# GitLab-Omnibus Helm Chart

This chart is an easy way to get started with GitLab on Kubernetes. It includes everything needed to run GitLab, including: a Runner, Container Registry, automatic SSL, and an Ingress.

For more information, please review [our documentation](http://docs.gitlab.com/ee/install/kubernetes/gitlab_omnibus.html).
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
image: registry.gitlab.com/charts/alpine-helm

stages:
- test
- release

lint:
stage: test
script:
- helm lint .
except:
- master

release-chart:
stage: release
script:
- curl --request POST --form "token=$CI_JOB_TOKEN" --form ref=master https://gitlab.com/api/v4/projects/2860651/trigger/pipeline
only:
- master
21 changes: 21 additions & 0 deletions kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/.helmignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
16 changes: 16 additions & 0 deletions kubernetes/Charts/gitlab-omnibus/charts/gitlab-runner/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
description: GitLab Runner
icon: https://gitlab.com/uploads/-/system/project/avatar/250833/runner_logo.png
keywords:
- git
- ci
- deploy
maintainers:
- email: support@gitlab.com
name: GitLab Inc.
- email: dj@gitlab.com
name: DJ Mountney
name: gitlab-runner
sources:
- https://hub.docker.com/r/gitlab/gitlab-runner/
- https://docs.gitlab.com/runner/
version: 0.1.13
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# GitLab Runner Helm Chart

This chart deploys a GitLab Runner instance into your Kubernetes cluster. For more information, please review [our documentation](http://docs.gitlab.com/ee/install/kubernetes/gitlab_runner_chart.html).
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
{{- if include "gitlabUrl" . }}
{{- if or (default "" .Values.runnerRegistrationToken) (default "" .Values.runnerToken) }}
Your GitLab Runner should now be registered against the GitLab instance reachable at: {{ template "gitlabUrl" . }}
{{- else -}}
##############################################################################
## WARNING: You did not specify an runnerRegistrationToken in your 'helm install' call. ##
##############################################################################

This deployment will be incomplete until you provide the Registration Token for your
GitLab instance:

helm upgrade {{ .Release.Name }} \
--set gitlabUrl=http://gitlab.your-domain.com,runnerRegistrationToken=your-registration-token \
stable/gitlab-runner
{{- end -}}
{{- else -}}
##############################################################################
## WARNING: You did not specify an gitlabUrl in your 'helm install' call. ##
##############################################################################

This deployment will be incomplete until you provide the URL that your
GitLab instance is reachable at:

helm upgrade {{ .Release.Name }} \
--set gitlabUrl=http://gitlab.your-domain.com,runnerRegistrationToken=your-registration-token \
stable/gitlab-runner
{{- end -}}
Loading