Name: budgetkey-k8s
Owner: ?????? ?? ??????
Description: Budgetkey Kubernetes Environment
Created: 2018-03-26 17:26:27.0
Updated: 2018-05-24 12:16:19.0
Pushed: 2018-05-24 12:16:17.0
Homepage: null
Size: 153
Language: Shell
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
The Budgetkey Kubernetes environment manages most Budgetkey infrastructure as code.
docker run -it --entrypoint bash -e OPS_REPO_SLUG=OpenBudget/budgetkey-k8s orihoch/sk8s-ops
gcloud auth login
git clone https://github.com/OpenBudget/budgetkey-k8s.git
cd budgetkey-k8s
budgetkey-k8s
codedocker run -it --entrypoint bash -v
pwd:/ops orihoch/sk8s-ops
gcloud auth login
minikube start
kubectl get nodes
helm init --history-max 2 --upgrade --wait
helm version
git clone https://github.com/OpenBudget/budgetkey-k8s.git
cd budgetkey-k8s
source switch_environment.sh minikube
All code assumes you are inside a bash shell with required dependencies and connected ot the relevant environment
Deployments are managed using Helm
Initialize the Helm server side component
ctl create -f rbac-config.yaml
init --service-account tiller --upgrade --force-upgrade --history-max 2
Deploy all charts (if dry run succeeds)
lm_upgrade_all.sh --install --debug --dry-run && ./helm_upgrade_all.sh --install
You can also upgrade a single chart
lm_upgrade_external_chart.sh socialmap
The helm_upgrade scripts forward all arguments to the underlying helm upgrade
command, some useful arguments:
--install
--recreate-pods
or --force
--debug
and --dry-run
charts-external
directoryYou can create a new environment by copying an existing environment directory and modifying the values.
See the sk8s environments documentation for more details about environments, namespaces and clusters.
The default values are at values.yaml
- these are used in the chart template files (under templates
, charts
and charts-external
directories)
Each environment can override these values using environments/ENVIRONMENT_NAME/values.yaml
Finally, automation scripts write values to values.auto-updated.yaml
Secrets are stored and managed directly in kubernetes and are not managed via Helm.
To update an existing secret, delete it first kubectl delete secret SECRET_NAME
After updating a secret you should update the affected deployments, you can use ./force_update.sh
to do that
All secrets should be optional so you can run the environment without any secretes and will use default values similar to dev environments.
Each environment may include a script to create the environment secrets under environments/ENVIRONMENT_NAME/secrets.sh
- this file is not committed to Git.
You can use the following snippet in the secrets.sh script to check if secret exists before creating it:
bectl describe secret <SECRET_NAME> &&\
bectl create secret generic <SECRET_NAME> <CREATE_SECRET_PARAMS>
travis enable
from the repo directory).travis.yml
file based on existing file and modify according to your requirementsDepending on what you intend to do in your continuous deployment script you may need some of the following:
To connect and run commands on a Google Kubernetes Engine environment:
travis encrypt-file ../budgetkey-k8s/secret-budgetkey-k8s-ops.json budgetkey-k8s-ops-secret.json.enc
openssl
command output by the above command and modify in the .travis-yml-out k8s-ops-secret.json
To push changes to GitHub
travis env set --private K8S_OPS_GITHUB_REPO_TOKEN "*****"
To build and push docker images
travis env set --private DOCKER_USERNAME "***"
travis env set --private DOCKER_PASSWORD "***"