From 204e70bb11312f4e27fb838f01a21a08986c49cb Mon Sep 17 00:00:00 2001 From: bobjwalker Date: Fri, 5 Jan 2024 14:00:36 -0600 Subject: [PATCH] Should now push up to dockerhub. --- .github/workflows/build.yml | 9 ++- Readme.md | 38 +++++++++++ k8s/base/kustomization.yaml | 5 ++ k8s/base/randomquotes-deployment.yaml | 64 ++++++++++++++++++ k8s/base/randomquotes-secrets.yaml | 7 ++ k8s/provision/namespaces.yaml | 19 ++++++ k8s/provision/service-account-and-token.yaml | 69 ++++++++++++++++++++ 7 files changed, 210 insertions(+), 1 deletion(-) create mode 100644 Readme.md create mode 100644 k8s/base/kustomization.yaml create mode 100644 k8s/base/randomquotes-deployment.yaml create mode 100644 k8s/base/randomquotes-secrets.yaml create mode 100644 k8s/provision/namespaces.yaml create mode 100644 k8s/provision/service-account-and-token.yaml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9ea0b9d..552016d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,7 +34,14 @@ jobs: uses: gittools/actions/gitversion/execute@v0.9.14 with: additionalArguments: /overrideconfig mode=Mainline + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_SAMPLES_USERNAME }} + password: ${{ secrets.DOCKERHUB_SAMPLES_PASSWORD }} - name: build and push website container working-directory: src run: | - docker build -f "./RandomQuotes.Web/Dockerfile" --tag randomquotes-k8s:${{ steps.determine_version.outputs.semVer }} --tag randomquotes-k8s:latest . \ No newline at end of file + docker build -f "./RandomQuotes.Web/Dockerfile" --tag octopussamples/randomquotes-k8s:${{ steps.determine_version.outputs.semVer }} --tag octopussamples/randomquotes-k8s:latest . + docker push octopussamples/randomquotes-k8s:${{ steps.ReleaseNum.outputs.APP_VERSION }} + docker push octopussamples/randomquotes-k8s:latest \ No newline at end of file diff --git a/Readme.md b/Readme.md new file mode 100644 index 0000000..4a6a78b --- /dev/null +++ b/Readme.md @@ -0,0 +1,38 @@ +This is a sample application deploy to Kubernetes. It's a good first application as it has no other components, but has an environment variable you can use to practice secrets on. + +# Prep Work + +- Install minikube, rancher desktop, or docker desktop locally. +- Open up a command prompt or terminal. Change the current directory to `k8s/provision` folder in this repo. +- Run the following commands: + - Create all the namespaces: `kubectl apply -f namespaces.yaml` + - Create the service account for deployments: `kubectl apply -f service-account-and-token.yaml` + - To get the token value run: `kubectl describe secret octopus-svc-account-token`. Copy the token to a file for future usage. + - Install the NGINX Ingress Controller: `kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.9.5/deploy/static/provider/cloud/deploy.yaml` +- Go to your hosts file (if on Windows and add the following entries) + +``` +127.0.0.1 randomquotes.local +127.0.0.1 randomquotesdev.local +127.0.0.1 randomquotestest.local +127.0.0.1 randomquotesstaging.local +127.0.0.1 randomquotesprod.local +``` + +# Basic Deployment + +In the first activity we will do a standard manifest file deployment to the default namespace in kubernetes using `kubectl apply`. + +Instructions Lorem Ipsum + +# Leveraging Kustomize + +In the second activity we will deploy to each of the environment namespaces using kustomize and overlays. + +Instructions Lorem Ipsum + +# Using Octopus Deploy + +In the final activity we will configure Octopus Deploy to deploy our application to k8s using the manifest files. + +Instructions Lorem Ipsum \ No newline at end of file diff --git a/k8s/base/kustomization.yaml b/k8s/base/kustomization.yaml new file mode 100644 index 0000000..6b8237c --- /dev/null +++ b/k8s/base/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- randomquotes-deployment.yaml \ No newline at end of file diff --git a/k8s/base/randomquotes-deployment.yaml b/k8s/base/randomquotes-deployment.yaml new file mode 100644 index 0000000..d8df354 --- /dev/null +++ b/k8s/base/randomquotes-deployment.yaml @@ -0,0 +1,64 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: randomquotes-deployment +spec: + replicas: 1 + selector: + matchLabels: + component: randomquotes-web + template: + metadata: + labels: + component: randomquotes-web + spec: + containers: + - name: randomquotes-web + image: octopussamples/randomquotes:0.0.1 + resources: + requests: + memory: "64Mi" + cpu: "250m" + limits: + memory: "128Mi" + cpu: "500m" + imagePullPolicy: "Always" + ports: + - containerPort: 5000 + name: http-port + env: + - name: RANDOM_SECRET_PHRASE + valueFrom: + secretKeyRef: + name: random-quotes-secrets + key: homepageDisplay +--- +apiVersion: v1 +kind: Service +metadata: + name: randomquotes-app-cluster-ip-service +spec: + type: ClusterIP + selector: + component: randomquotes-web + ports: + - port: 6801 + targetPort: 8080 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: randomquotes-ingress-nginx +spec: + ingressClassName: nginx + rules: + - host: randomquotes.local + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: randomquotes-app-cluster-ip-service + port: + number: 6801 \ No newline at end of file diff --git a/k8s/base/randomquotes-secrets.yaml b/k8s/base/randomquotes-secrets.yaml new file mode 100644 index 0000000..918482b --- /dev/null +++ b/k8s/base/randomquotes-secrets.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: random-quotes-secrets +type: Opaque +stringData: + homepageDisplay: "blah" \ No newline at end of file diff --git a/k8s/provision/namespaces.yaml b/k8s/provision/namespaces.yaml new file mode 100644 index 0000000..bd007f7 --- /dev/null +++ b/k8s/provision/namespaces.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: dev +--- +apiVersion: v1 +kind: Namespace +metadata: + name: testing +--- +apiVersion: v1 +kind: Namespace +metadata: + name: staging +--- +apiVersion: v1 +kind: Namespace +metadata: + name: production \ No newline at end of file diff --git a/k8s/provision/service-account-and-token.yaml b/k8s/provision/service-account-and-token.yaml new file mode 100644 index 0000000..23744aa --- /dev/null +++ b/k8s/provision/service-account-and-token.yaml @@ -0,0 +1,69 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: octopus-svc-account + namespace: default +--- +apiVersion: v1 +kind: Secret +metadata: + name: octopus-svc-account-token + namespace: default + annotations: + kubernetes.io/service-account.name: octopus-svc-account +type: kubernetes.io/service-account-token +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: octopus-svc-account-role + namespace: default +rules: + - apiGroups: + - "" + - apps + - autoscaling + - batch + - extensions + - policy + - "rbac.authorization.k8s.io" + - "networking.k8s.io" + - secrets + resources: + - pods + - componentstatuses + - configmaps + - daemonsets + - deployments + - events + - endpoints + - horizontalpodautoscalers + - ingress + - ingresses + - jobs + - limitranges + - namespaces + - nodes + - pods + - persistentvolumes + - persistentvolumeclaims + - resourcequotas + - replicasets + - replicationcontrollers + - serviceaccounts + - services + - secrets + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: octopus-svc-account-role-binding +subjects: +- namespace: default + kind: ServiceAccount + name: octopus-svc-account +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: octopus-svc-account-role \ No newline at end of file