Skip to content

Commit

Permalink
Fixes #243 - Add initial kustomize templates for this project
Browse files Browse the repository at this point in the history
  • Loading branch information
jonespm committed Jul 13, 2022
1 parent 682d7a6 commit bb366e5
Show file tree
Hide file tree
Showing 15 changed files with 337 additions and 0 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ webpack-stats.json
# MySQL data files
.data
ngrok.yml
**/secrets

# Temp files
*.swp
Expand Down
42 changes: 42 additions & 0 deletions kustomize/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# OpenShift configuration with Kustomize

Resource configuration and secret consumption for OpenShift projects are managed
using [`kustomize`](https://kubectl.docs.kubernetes.io/guides/introduction/kustomize/).

## Setup

1. Populate `service/secrets/*`.

Sensitive values and files are located in the
[Office Hours Secrets](https://www.dropbox.com/sh/n1igrgdsm4rt4uf/AAAXLbZOT7tpVk8XZEQj5E0ca?dl=0)
Dropbox folder. Merge the `base` and `overlays` directories with their equivalents in the `service`
directory in your local repository.

2. Install `kustomize`.

You can install Kustomize using the command from the
[website](https://kubectl.docs.kubernetes.io/installation/kustomize/binaries/),
and adding version 3.8.5 (what is supported for now) as an argument.
```
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash -s 3.8.5
```
## Updating a project
1. Login and select the desired project using `oc`.
```
oc login ...
oc project canvas-app-explorer-dev
```
2. Fron the `service` directory, use `kustomize build` on an overlay directory
and pipe the result to `oc apply`.
```
kustomize build overlays/dev | oc apply -f - --validate
```
To make changes to a project's ingress (e.g. updating certificates),
you may need to first delete the ingress before running `kustomize build`.
```
oc delete ingress some-ingress-name
```
29 changes: 29 additions & 0 deletions kustomize/base/build.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
apiVersion: v1
kind: BuildConfig
metadata:
name: web
spec:
output:
to:
kind: DockerImage
name: docker-registry.default.svc:5000/canvas-app-explorer-dev/canvas-app-explorer:latest
runPolicy: Serial
source:
git:
uri: https://github.com/tl-its-umich-edu/canvas-app-explorer.git
ref: "main"
type: Git
strategy:
type: Docker
dockerStrategy:
dockerfilePath: dockerfiles/Dockerfile.openshift
noCache: true
forcePull: true
triggers:
- type: "GitHub"
github:
secretReference:
name: github
nodeSelector: {}
status:
lastVersion: 0
18 changes: 18 additions & 0 deletions kustomize/base/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
commonLabels:
org: umich
resources:
- web-autoscaler.yaml
- web-deployment.yaml
- web-service.yaml
# - web-ingress.yaml
- build.yaml
commonLabels:
project: canvas-app-explorer
namePrefix: canvas-app-explorer-
configMapGenerator:
- name: canvas-app-explorer
crds: # Use CRDs to support OpenShift resource kinds
- openshift-buildconfig.json
- openshift-deploymentconfig.json
52 changes: 52 additions & 0 deletions kustomize/base/openshift-buildconfig.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
{
"github.com/adnovum/kustomize-openshift/dc.openshift.io.v1.BuildConfig": {
"Schema": {
"description": "This is a fake CRD description to make kustomize fix OpenShift DeploymentConfig resources. See: https://github.com/adnovum/kustomize-openshift",
"properties": {
"apiVersion": {
"type": "string"
},
"kind": {
"type": "string"
},
"metadata": {
"$ref": "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"
},
"spec": {
"$ref": "github.com/adnovum/kustomize-openshift/dc.openshift.io.v1.BuildConfigSpec"
}
}
}
},
"github.com/adnovum/kustomize-openshift/dc.openshift.io.v1.BuildConfigSpec": {
"Schema": {
"properties": {
"source/sourceSecret": {
"x-kubernetes-object-ref-api-version": "v1",
"x-kubernetes-object-ref-kind": "Secret",
"x-kubernetes-object-ref-name-key": "name"
},
"source/secrets/secret": {
"x-kubernetes-object-ref-api-version": "v1",
"x-kubernetes-object-ref-kind": "Secret",
"x-kubernetes-object-ref-name-key": "name"
},
"triggers/gitlab/secretReference": {
"x-kubernetes-object-ref-api-version": "v1",
"x-kubernetes-object-ref-kind": "Secret",
"x-kubernetes-object-ref-name-key": "name"
},
"triggers/github/secretReference": {
"x-kubernetes-object-ref-api-version": "v1",
"x-kubernetes-object-ref-kind": "Secret",
"x-kubernetes-object-ref-name-key": "name"
},
"triggers/generic/secretReference": {
"x-kubernetes-object-ref-api-version": "v1",
"x-kubernetes-object-ref-kind": "Secret",
"x-kubernetes-object-ref-name-key": "name"
}
}
}
}
}
43 changes: 43 additions & 0 deletions kustomize/base/openshift-deploymentconfig.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
{
"github.com/adnovum/kustomize-openshift/dc.openshift.io.v1.DeploymentConfig": {
"Schema": {
"description": "This is a fake CRD description to make kustomize fix OpenShift DeploymentConfig resources. See: https://github.com/adnovum/kustomize-openshift",
"properties": {
"apiVersion": {
"type": "string"
},
"kind": {
"type": "string"
},
"metadata": {
"$ref": "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"
},
"spec": {
"$ref": "github.com/adnovum/kustomize-openshift/dc.openshift.io.v1.DeploymentConfigSpec"
}
}
}
},
"github.com/adnovum/kustomize-openshift/dc.openshift.io.v1.DeploymentConfigSpec": {
"Schema": {
"properties": {
"template/metadata": {
"$ref": "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"
},
"template/spec/volumes/configMap": {
"x-kubernetes-object-ref-api-version": "v1",
"x-kubernetes-object-ref-kind": "ConfigMap"
},
"template/spec/containers/envFrom/configMapRef": {
"x-kubernetes-object-ref-api-version": "v1",
"x-kubernetes-object-ref-kind": "ConfigMap"
},
"template/spec/containers/envFrom/secretRef": {
"x-kubernetes-object-ref-api-version": "v1",
"x-kubernetes-object-ref-kind": "Secret",
"x-kubernetes-object-ref-name-key": "name"
}
}
}
}
}
11 changes: 11 additions & 0 deletions kustomize/base/web-autoscaler.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: web
spec:
scaleTargetRef:
apiVersion: v1
kind: DeploymentConfig
name: canvas-app-explorer-web-dev
minReplicas: 1
maxReplicas: 1
46 changes: 46 additions & 0 deletions kustomize/base/web-deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
apiVersion: v1
kind: DeploymentConfig
metadata:
name: web
labels:
app: web
spec:
replicas: 1
selector:
app: web
org: umich
project: canvas-app-explorer
variant: dev
strategy:
type: Recreate
template:
metadata:
labels:
app: web
org: umich
project: canvas-app-explorer
variant: dev
spec:
containers:
- name: web
image: docker-registry.default.svc:5000/canvas-app-explorer-dev/canvas-app-explorer:latest
ports:
- containerPort: 5000
protocol: TCP
envFrom:
- configMapRef:
name: canvas-app-explorer
resources:
limits:
cpu: "1"
memory: 4Gi
triggers:
- type: "ImageChange"
imageChangeParams:
automatic: true
from:
kind: "ImageStreamTag"
name: "canvas-app-explorer:latest"
namespace: "canvas-app-explorer-dev"
containerNames:
- "web"
20 changes: 20 additions & 0 deletions kustomize/base/web-ingress.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: web
labels:
app: web
spec:
rules:
- host: dev-canvas-app-explorer-dev.webplatformsunpublished.umich.edu
http:
paths:
- path: /
backend:
serviceName: web
servicePort: 5000
tls:
- hosts:
- dev-canvas-app-explorer-dev.webplatformsunpublished.umich.edu
secret:
optional: true
11 changes: 11 additions & 0 deletions kustomize/base/web-service.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: v1
kind: Service
metadata:
name: web
spec:
selector:
app: web
ports:
- port: 5000
targetPort: 5000
protocol: TCP
13 changes: 13 additions & 0 deletions kustomize/overlays/dev/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
commonLabels:
variant: dev
org: umich
nameSuffix: -dev
bases:
- ../../base
configMapGenerator:
- name: canvas-app-explorer
behavior: replace
envs:
- secrets/configmap-dev.properties
3 changes: 3 additions & 0 deletions kustomize/overlays/test/build.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
- op: replace
path: /spec/output/to/name
value: docker-registry.default.svc:5000/canvas-app-explorer-test/canvas-app-explorer:latest
12 changes: 12 additions & 0 deletions kustomize/overlays/test/deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
- op: replace
path: /spec/template/spec/containers/0/image
value: docker-registry.default.svc:5000/canvas-app-explorer-test/canvas-app-explorer:latest
- op: replace
path: /spec/selector/variant
value: test
- op: replace
path: /spec/template/metadata/labels/variant
value: test
- op: replace
path: /spec/triggers/0/imageChangeParams/from/namespace
value: canvas-app-explorer-test
6 changes: 6 additions & 0 deletions kustomize/overlays/test/hostname.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
- op: add
path: /spec/rules/0/host
value: test-canvas-app-explorer-test.webplatformsunpublished.umich.edu
- op: replace
path: /spec/tls/0/hosts/0
value: test-canvas-app-explorer-test.webplatformsunpublished.umich.edu
30 changes: 30 additions & 0 deletions kustomize/overlays/test/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
commonLabels:
variant: test
org: umich
nameSuffix: -test
bases:
- ../../base
patchesJson6902:
#- target:
# group: extensions
# version: v1beta1
# kind: Ingress
# name: web
# path: hostname.yaml
- target:
version: v1
kind: DeploymentConfig
name: web
path: deployment.yaml
- target:
version: v1
kind: BuildConfig
name: web
path: build.yaml
configMapGenerator:
- name: canvas-app-explorer
behavior: replace
envs:
- secrets/configmap-test.properties

0 comments on commit bb366e5

Please sign in to comment.