Skip to content

Commit

Permalink
feat: Clean + refactor (#8)
Browse files Browse the repository at this point in the history
  • Loading branch information
banshee86vr authored Feb 23, 2024
1 parent a337e4b commit 21580ba
Show file tree
Hide file tree
Showing 12 changed files with 28 additions and 120 deletions.
26 changes: 9 additions & 17 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,34 +4,26 @@

You can read the article at:

- On my personal portfolio website: <https://lucabertelli.consulting/en/blog/vcluster>
- My portfolio website: <https://lucabertelli.consulting/en/blog/vcluster>
- On Medium: <https://medium.com/@bertelli.luca/ephemeral-test-environments-for-ci-workflows>

## How to use vCluster, ArgoCD Events and Argo Workflow to manage short-live test ephemeral environments
## How to use vCluster and Argo Workflow to manage ephemeral test environments

Project structure:

```text
.
├── argo
│ ├── events
│ └── workflow
│ └── lang
├── hello-world-app
└── vcluster
├── argo-workflow
│ └── lang
└── hello-world-app
```

- `argo` folder: All configurations made for
- `events`: Argo Events webhook, trigger (for Argo Workflow), and sensor
- `workflow`: CI/CD pipeline triggered by Argo Events
- `lang`: ArgoWorkflow Templates for supported languages
- `argo-workflow`: CI/CD pipeline templates
- `lang`: ArgoWorkflow Templates for supported languages
- `hello-world-app` folder: Go Hello world application that prints a beautiful octopus 🐙 in ASCII code
- `vcluster` folder: All configurations made for creating VCluster where deploy the hello world application

Key highlights from the article include:

1. **vCluster Usage**: The article introduces vCluster as a pivotal tool for creating lightweight, ephemeral Kubernetes clusters. It's so interesting how vCluster can be employed to instantiate and manage test environments on-demand, covering the scenarios where temporary clusters are essential for testing purposes.
1. **vCluster Usage**: The article introduces vCluster as a pivotal tool for creating lightweight, ephemeral Kubernetes clusters. It's interesting how vCluster can be employed to instantiate and manage test environments on-demand, covering the scenarios where temporary clusters are essential for testing.

2. **Argo Events Integration**: The article explores the integration of Argo Events, a tool designed for event-driven architecture in Kubernetes. It details how Argo Events can be utilized to trigger and manage events received from the SCM to manage the lifecycle of short-lived test environments. This allows for dynamic and automated responses to changes in the testing and security requirements.

3. **Argo Workflow Implementation**: The article delves into the integration of Argo Workflow, a workflow engine for Kubernetes. It provides insights into how Argo Workflow can be configured to orchestrate the deployment, testing, and teardown processes efficiently. The tool enables the final user to define also another kind of process drawing DAGs (<https://argoproj.github.io/argo-workflows/walk-through/dag/>). This feature supports complex scenarios where there is a requirement to maximize parallelism when running tasks.
2. **Argo Workflow Implementation**: The article delves into the integration of Argo Workflow, a workflow engine for Kubernetes, providing a way to configure the orchestration of the deployment, testing, and teardown processes efficiently. The tool also enables the final user to define another kind of process drawing DAGs (<https://argoproj.github.io/argo-workflows/walk-through/dag/>). This feature supports complex scenarios where there is a requirement to maximize parallelism when running tasks.
44 changes: 17 additions & 27 deletions argo/workflow/README.md → argo-workflow/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Configuration of Argo Workflow entities

## Prerequisites
## Requirements

- Minikube
- `kubectl` command-line tool installed and configured to connect to your Kubernetes cluster.
Expand All @@ -13,7 +13,7 @@
```bash
minikube start
helm repo add argo https://argoproj.github.io/argo-helm
helm install argo-workflows argo/argo-workflows
helm install argo-workflows argo/argo-workflows -n argo --create-namespace
```

This command installs Argo Workflows in the default namespace of your Kubernetes cluster.
Expand Down Expand Up @@ -53,11 +53,11 @@ Argo Workflows provides a web-based UI for managing and monitoring workflows. To
kubectl port-forward svc/argo-server -n argo 2746:2746
```

Now you can access the Argo Workflows UI by navigating to `http://localhost:2746` in your web browser.
Now, you can access the Argo Workflows UI by navigating to `http://localhost:2746` in your web browser.

### 5. Add privileges to Argo service accounts

> Add this privileges to the Argo service accounts are recommended only for demo purposes. **IT'S STRONGLY NOT RECOMMENDED TO REPLICATE THIS CONFIGURATION IN PRODUCTION EVINRONMENTS.**
> Add these privileges to the Argo service accounts are recommended only for demo purposes. **IT'S STRONGLY NOT RECOMMENDED TO REPLICATE THIS CONFIGURATION IN PRODUCTION ENVIRONMENTS.**
This command adds `cluster-admin` clusterrole to `argo:argo-server` and `argo:default`. In this way, Argo Workflow can manage every kind of resource in every namespace of the cluster.

Expand All @@ -66,11 +66,11 @@ kubectl create clusterrolebinding argo-admin-server --clusterrole=cluster-admin
kubectl create clusterrolebinding argo-admin-default --clusterrole=cluster-admin --serviceaccount=argo:default -n argo
```

> In production evironments it's strongly recommended to create a dedicated role to these service accounts allowing only required verbs on the resources managed by the workflows.
> In production environments, creating a dedicated role for these service accounts is strongly recommended, allowing only required verbs on the resources managed by the workflows.
### 6. Prepare secrets required by the pipelines

Just in case of a private Git repository you can run this command to allow the clone command executed by the pipeline `ci.yaml`:
Just in case of a private Git repository, you can run this command to allow the clone command executed by the pipeline `ci.yaml`:

```bash
kubectl create secret generic github-token -n argo --from-literal=token=.........
Expand Down Expand Up @@ -111,18 +111,16 @@ Alternatively, you can submit the workflow using the UI:

![Submit CI workflow via UI](images/1_ci_submit.png)

The CI pipeline performs these steps:
The CI pipeline performs these steps inside the [ci.yaml](https://github.com/banshee86vr/ephemeral-test-environment/blob/main/argo-workflow/ci.yaml) manifest:

1. **Cloning Repository**: Fetches the source code from the git repository.
2. **Building Application**: Utilizes the GoLang template to compile the Go application.
2. **Building Application**: Utilizes the GoLang template [go.yaml](https://github.com/banshee86vr/ephemeral-test-environment/blob/main/argo-workflow/lang/go.yaml) to compile the Go application.
3. **Building and Pushing Docker Image**: Packages the application into a Docker image and pushes it to the registry.

After the completion of all steps, you can check the correct status of every step:
After the completion of all steps, you can check the correct status of every step and locate the updated Docker image in your registry:

![CI workflow graph](images/2_ci_graph.png)

If all steps have been completed, you can find a new version of the Docker image in your registry.

### 9. Submit the CD pipeline

To submit the CD pipeline, you can use the [official APIs](https://argo-workflows.readthedocs.io/en/latest/rest-api/):
Expand All @@ -135,17 +133,15 @@ Alternatively, you can submit the workflow using the UI:

![Submit CD workflow via UI](images/3_cd_submit.png)

The CD pipeline performs these steps:
The CD pipeline performs these steps inside the [cd.yaml](https://github.com/banshee86vr/ephemeral-test-environment/blob/main/argo-workflow/cd.yaml) manifest:

1. **Preparing an ephemeral environment**: Prepares an ephemeral environment using vCluster where the user can test the application inside an isolated Kubernetes cluster
2. **Deploy the application**: Deploy the application Helm chart on the vCluster just created
1. **Preparing an ephemeral environment**: Prepares a temporary environment using vCluster where the user can test the application inside an isolated Kubernetes cluster.
2. **Deploy the application**: Deploy the application Helm chart on the vCluster just created.

After the completion of all steps, you can check the correct status of every step:

![CD workflow graph](images/4_cd_graph.png)

If all steps have been completed, you can check the status of your application deployed on the vCluster just created

### 10. Access to the application

To check how to access the application deployed on vCluster, you can run these commands to list all vCluster and to access it:
Expand All @@ -157,24 +153,18 @@ $ vcluster list
------------------+----------+-----------------+---------+---------+-----------+-------------------------------+---------+---------
demo-pr-request | minikube | demo-pr-request | Running | 0.19.0 | | xxxx-xx-xx xx:xx:xx +0100 CET | 1h8m49s | OSS

$ vcluster connect demo-pr-request --namespace demo-pr-request -- kubectl get pod -n demo-pr-request
$ vcluster connect demo-pr-request --namespace demo-pr-request -- kubectl get pod -n demo-pr-request

NAME READY STATUS RESTARTS AGE
demo-pr-request-hello-world-7f6d78645f-bjmjc 1/1 Running 0 7s
```

As reported [here](https://www.vcluster.com/docs/using-vclusters/access) you can expose in different ways the ephemeral vCluster created.

- **Via Ingress**: An Ingress Controller with SSL passthrough support will provide the best user experience, but there is a workaround if this feature is not natively supported.

- Kubernetes Nginx
- Traefik Proxy
- Emissary
As reported [here](https://www.vcluster.com/docs/using-vclusters/access), you can expose the ephemeral vCluster created differently.

Make sure your ingress controller is installed and healthy on the cluster that will host your virtual clusters. More details [here](https://www.vcluster.com/docs/using-vclusters/access#via-ingress)
- **Via Ingress**: An Ingress Controller with SSL passthrough support will provide the best user experience. Ensure your ingress controller is installed and healthy on the cluster hosting your virtual clusters. More details [here](https://www.vcluster.com/docs/using-vclusters/access#via-ingress)
- **Via LoadBalancer service**: The easiest way is to use the flag `--expose` in vcluster create to tell vCluster to use a LoadBalancer service. It depends on the specific implementation of the host Kubernetes cluster.
- **Via NodePort service**: You can also expose the vCluster via a NodePort service. In this case, you have to create a NodePort service and change the `values.yaml` file to use for the creation of the vCluster. More details [here](https://www.vcluster.com/docs/using-vclusters/access#via-nodeport-service)
- **From Host **Cluster**: To access the virtual cluster from within the host cluster, you can directly connect to the vCluster service. Make sure you can access that service and then create a kube config in the following form:
- **Via NodePort service**: You can also expose the vCluster via a NodePort service. In this case, you must create a NodePort service and change the `values.yaml` file to use for the creation of the vCluster. More details [here](https://www.vcluster.com/docs/using-vclusters/access#via-nodeport-service)
- **From Host Cluster**: To access the virtual cluster from within the host cluster, you can directly connect to the vCluster service. Make sure you can access that service and then create a kube config in the following form:

```bash
vcluster connect my-vcluster -n my-vcluster --server=my-vcluster.my-vcluster --insecure --update-current=false
Expand Down
File renamed without changes.
File renamed without changes.
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes.
73 changes: 0 additions & 73 deletions argo/README.md

This file was deleted.

1 change: 0 additions & 1 deletion argo/events/README.md

This file was deleted.

4 changes: 2 additions & 2 deletions hello-world-app/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Go Hello World Web Application - Print a beautiful ASCII octopus

This is a basic web application written in Go that displays an ASCII octopus when accessed calling the exposed HTTP listener.
This folder contains a basic web application in Go that displays an ASCII octopus when accessed by calling the exposed HTTP listener.

## Prerequisites

Expand Down Expand Up @@ -54,7 +54,7 @@ Make sure you have Go installed on your machine. You can download it from [here]

## Docker

Alternatively, you can use Docker to run the application in a container and deploying it on Kubernetes.
Alternatively, you can use Docker to run the application in a container and deploy it on Kubernetes.

1. Build the Docker image:

Expand Down

0 comments on commit 21580ba

Please sign in to comment.