marko/docker-development-youtube-series
1
0
Fork 0
mirror of https://github.com/marcel-dempers/docker-development-youtube-series.git synced 2025-06-06 17:01:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

shipa wip

Browse Source
This commit is contained in:
marcel-dempers 2020-11-24 11:33:08 +11:00
parent d384353ef9
commit 921737efb3
9 changed files with 104 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -8,4 +8,5 @@ __pycache__/
.terraform .terraform
*.tfstate *.tfstate
*.tfstate.* *.tfstate.*
security/letsencrypt/introduction/certs/** security/letsencrypt/introduction/certs/**
kubernetes/shipa/installs/shipa-helm-chart-1.1.1/

104
kubernetes/shipa/README.md
View File

@ -6,6 +6,8 @@ To get the most out of Shipa, I'll be using real Cloud Provider Kubernetes as we
`minikube` cluster. <br/> `minikube` cluster. <br/>
To create a Kubernetes cluster, you can follow my guides on each Cloud provider below: <br/> To create a Kubernetes cluster, you can follow my guides on each Cloud provider below: <br/>
## Kubernetes in the Cloud
|Cloud | Kubernetes | Video | Source Code | | |Cloud | Kubernetes | Video | Source Code | |
|---|---|---|---|---| |---|---|---|---|---|
|Azure | AKS |[Source Code](../cloud/azure/getting-started.md) | <a href="https://youtu.be/eyvLwK5C2dw" title="AKS"><img src="https://i.ytimg.com/vi/eyvLwK5C2dw/hqdefault.jpg" width="25%" height="25%" alt="AKS Guide" /></a> | |Azure | AKS |[Source Code](../cloud/azure/getting-started.md) | <a href="https://youtu.be/eyvLwK5C2dw" title="AKS"><img src="https://i.ytimg.com/vi/eyvLwK5C2dw/hqdefault.jpg" width="25%" height="25%" alt="AKS Guide" /></a> |
@ -15,6 +17,8 @@ To create a Kubernetes cluster, you can follow my guides on each Cloud provider
|Linode | LKE |[Source Code](../cloud/linode/getting-started.md) | <a href="https://youtu.be/VSPUWEtqtnY" title="LKE"><img src="https://i.ytimg.com/vi/VSPUWEtqtnY/hqdefault.jpg" width="25%" height="25%" alt="LKE Guide" /></a> | |Linode | LKE |[Source Code](../cloud/linode/getting-started.md) | <a href="https://youtu.be/VSPUWEtqtnY" title="LKE"><img src="https://i.ytimg.com/vi/VSPUWEtqtnY/hqdefault.jpg" width="25%" height="25%" alt="LKE Guide" /></a> |
## Minikube
I will start with a local minikube cluster to get Shipa running: <br/> I will start with a local minikube cluster to get Shipa running: <br/>
``` ```
@ -125,52 +129,44 @@ helm install shipa . `
kubectl get pods kubectl get pods
NAME READY STATUS RESTARTS AGE NAME READY STATUS RESTARTS AGE
dashboard-web-1-6f8b58fb89-bjf7c 1/1 Running 0 3h12m dashboard-web-1-6f8b58fb89-bjf7c 1/1 Running 0 12m
node-container-busybody-theonepool-zz7sw 1/1 Running 0 3h15m node-container-busybody-theonepool-zz7sw 1/1 Running 0 15m
node-container-netdata-theonepool-kqb5z 1/1 Running 0 3h15m node-container-netdata-theonepool-kqb5z 1/1 Running 0 15m
shipa-api-57b69645d9-rd2bz 1/1 Running 0 3h21m shipa-api-57b69645d9-rd2bz 1/1 Running 0 21m
shipa-clair-d7554fc6f-8nqgz 1/1 Running 1 3h21m shipa-clair-d7554fc6f-8nqgz 1/1 Running 1 21m
shipa-docker-registry-5885d6f467-dvkjb 1/1 Running 0 3h18m shipa-docker-registry-5885d6f467-dvkjb 1/1 Running 0 18m
shipa-etcd-85cc6c6458-6cgx6 1/1 Running 1 3h21m shipa-etcd-85cc6c6458-6cgx6 1/1 Running 1 21m
shipa-guardian-5466f58668-25zkf 1/1 Running 0 3h16m shipa-guardian-5466f58668-25zkf 1/1 Running 0 16m
shipa-init-job-1-9xdgw 0/1 Completed 0 3h21m shipa-init-job-1-9xdgw 0/1 Completed 0 21m
shipa-metrics-786468c5cc-h7zfb 1/1 Running 0 3h21m shipa-metrics-786468c5cc-h7zfb 1/1 Running 0 21m
shipa-mongodb-replicaset-0 1/1 Running 0 3h21m shipa-mongodb-replicaset-0 1/1 Running 0 21m
shipa-nginx-ingress-75dccdb4fb-nq7xq 1/1 Running 0 3h21m shipa-nginx-ingress-75dccdb4fb-nq7xq 1/1 Running 0 21m
shipa-postgres-7c55df4758-7s64w 1/1 Running 0 3h21m shipa-postgres-7c55df4758-7s64w 1/1 Running 0 21m
kubectl get svc kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-web-1 ClusterIP 10.96.3.55 <none> 8888/TCP 3h12m dashboard-web-1 ClusterIP 10.96.3.55 <none> 8888/TCP 12m
dashboard-web-1-units ClusterIP None <none> 8888/TCP 3h12m dashboard-web-1-units ClusterIP None <none> 8888/TCP 12m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3h46m kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6m
shipa-api ClusterIP 10.100.120.116 <none> 8080/TCP,8081/TCP 3h21m shipa-api ClusterIP 10.100.120.116 <none> 8080/TCP,8081/TCP 21m
shipa-clair ClusterIP 10.111.91.38 <none> 6060/TCP,6061/TCP 3h21m shipa-clair ClusterIP 10.111.91.38 <none> 6060/TCP,6061/TCP 21m
shipa-docker-registry ClusterIP 10.104.180.204 <none> 5000/TCP 3h21m shipa-docker-registry ClusterIP 10.104.180.204 <none> 5000/TCP 21m
shipa-etcd ClusterIP 10.110.16.90 <none> 2379/TCP 3h21m shipa-etcd ClusterIP 10.110.16.90 <none> 2379/TCP 21m
shipa-guardian ClusterIP 10.97.114.38 <none> 8000/TCP,22/TCP 3h21m shipa-guardian ClusterIP 10.97.114.38 <none> 8000/TCP,22/TCP 21m
shipa-ingress-nginx ClusterIP 10.100.10.10 <none> 22/TCP,5000/TCP,8081/TCP,8080/TCP,2379/TCP 3h21m shipa-ingress-nginx ClusterIP 10.100.10.10 <none> 22/TCP,5000/TCP,8081/TCP,8080/TCP,2379/TCP 21m
shipa-metrics ClusterIP 10.108.223.229 <none> 9090/TCP,9091/TCP 3h21m shipa-metrics ClusterIP 10.108.223.229 <none> 9090/TCP,9091/TCP 21m
shipa-mongodb-replicaset ClusterIP None <none> 27017/TCP 3h21m shipa-mongodb-replicaset ClusterIP None <none> 27017/TCP 21m
shipa-mongodb-replicaset-client ClusterIP None <none> 27017/TCP 3h21m shipa-mongodb-replicaset-client ClusterIP None <none> 27017/TCP 21m
shipa-postgres ClusterIP 10.104.18.123 <none> 5432/TCP 3h21m shipa-postgres ClusterIP 10.104.18.123 <none> 5432/TCP 21m
# access the dashboard
kubectl port-forward svc/dashboard-web-1 8888
``` ```
We should now be able to access the dashboard on `http://localhost:8888`
## Targets ## Targets
``` ```
# add a route for NGINX # add a route for accessing Shipa API
route add 10.100.10.10/32 MASK 255.255.255.255 $(minikube ip) route add 10.100.10.10/32 MASK 255.255.255.255 $(minikube ip)
# add a route for Traefik # add a route for accessing our Applications
route add 10.100.10.20/32 MASK 255.255.255.255 $(minikube ip) route add 10.100.10.20/32 MASK 255.255.255.255 $(minikube ip)
shipa target-add dev 10.100.10.10 shipa target-add dev 10.100.10.10
@ -183,7 +179,7 @@ shipa target-set dev
https://learn.shipa.io/docs/pool-management https://learn.shipa.io/docs/pool-management
``` ```
shipa pool-add dev --public --kube-namespace blue-team --provisioner kubernetes shipa pool-add prod --public --kube-namespace blue-team --provisioner kubernetes
shipa pool-list shipa pool-list
``` ```
@ -209,14 +205,46 @@ shipa app-create go-helloworld static -t admin -o theonepool
cd kubernetes\shipa\developers cd kubernetes\shipa\developers
docker build aimvector/shipa-golang:v1 docker build .-t aimvector/shipa-golang:v1
docker push aimvector/shipa-golang:v1 docker push aimvector/shipa-golang:v1
shipa app-deploy -i aimvector/shipa-golang:v1 -a go-helloworld shipa app-deploy -i aimvector/shipa-golang:v1 -a go-helloworld
cd .\kubernetes\shipa\developers\docker\python\
docker build . -t aimvector/shipa-python:v1
docker push aimvector/shipa-python:v1
shipa app-create python-helloworld static -t admin -o theonepool
shipa env set FLASK_APP=/app/server.py -a python-helloworld
shipa app-deploy -i aimvector/shipa-python:v1 -a python-helloworld
# deploy to prod
shipa app-create python-helloworld-prod static -t admin -o prod
shipa env set FLASK_APP=/app/server.py -a python-helloworld-prod
shipa app-deploy -i aimvector/shipa-python:v1 -a python-helloworld-prod
shipa app-create go-helloworld-prod static -t admin -o prod
shipa app-deploy -i aimvector/shipa-golang:v1 -a go-helloworld-prod
``` ```
```
kubectl apply -f shipa-admin-service-account.yaml
# get the sa token
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep shipa-admin | awk '{print $1}')
# get the k8s CA
kubectl get secret $(kubectl get secret | grep default-token | awk '{print $1}') -o jsonpath='{.data.ca\.crt}' | base64 -d
```

0
kubernetes/shipa/developers/dockerfile → kubernetes/shipa/developers/docker/golang/dockerfile
View File

0
kubernetes/shipa/developers/main.go → kubernetes/shipa/developers/docker/golang/main.go
View File

10
kubernetes/shipa/developers/docker/python/dockerfile Normal file
View File

@ -0,0 +1,10 @@
FROM python:3.7.3-alpine3.9
RUN mkdir /app
WORKDIR /app
COPY ./requirements.txt /app/requirements.txt
RUN pip install -r requirements.txt
ADD . /app/
ENV FLASK_APP=/app/server.py
RUN chmod +x entrypoint.sh
ENTRYPOINT ./entrypoint.sh
EXPOSE 5000

1
kubernetes/shipa/developers/docker/python/entrypoint.sh Normal file
View File

@ -0,0 +1 @@
flask run -h 0.0.0 -p 5000

1
kubernetes/shipa/developers/docker/python/requirements.txt Normal file
View File

@ -0,0 +1 @@
Flask == 1.0.3

6
kubernetes/shipa/developers/docker/python/server.py Normal file
View File

@ -0,0 +1,6 @@
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello World!"

18
kubernetes/shipa/devops/shipa-admin-service-account.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: shipa-admin
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: shipa-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: shipa-admin
namespace: kube-system