Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

issue #1: GKE cluster using Terraform (first iteration) #4

Merged
Merged
Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
6fc5018
issue #1: GKE cluster using Terraform
ThomasCardin Dec 22, 2023
2c8d565
issue #1: Added vault to manage secrets
ThomasCardin Jan 3, 2024
7dd8399
issue #1: removed aws and azure provider it doesnt belong to this issue
ThomasCardin Jan 3, 2024
cb82279
issue #1: removed unused cluster node pool
ThomasCardin Jan 5, 2024
4d9ed24
issue #1: nachet-backend kubernetes deployment
ThomasCardin Jan 5, 2024
31b1d44
issue #1: added namespace to sa inside nachet deployment + finesse de…
ThomasCardin Jan 5, 2024
6385349
increse proxy-read-timeout to 30m
ThomasCardin Jan 8, 2024
d49b0d5
issue #1: kube-prometheus-stack (Prometheus, grafana and alertmanager)
ThomasCardin Jan 9, 2024
e1f5807
issue #1: Nachet deployment, with backend and frontend
ThomasCardin Jan 12, 2024
9a13373
issue #1: updated the nachet backend image
ThomasCardin Jan 15, 2024
f4f98e4
issue #1: fixed both ingress name for nachet
ThomasCardin Jan 15, 2024
e7883a4
issue #1: finesse frontend and backend deployed with our images from GCR
ThomasCardin Jan 15, 2024
826e1b9
issue #1: reviewed and added EOF on files
ThomasCardin Jan 16, 2024
e07aad8
issue #1: added new version to finesse-frontend
ThomasCardin Jan 16, 2024
96ed032
issue #1: added github workflow
ThomasCardin Jan 17, 2024
e2d6231
issue #1: adding the workflow to the right folder
ThomasCardin Jan 17, 2024
91917a4
issue #1: fixed md max line length
ThomasCardin Jan 17, 2024
8267004
issue #1: testing the workflow repo standard with applied patch
ThomasCardin Jan 17, 2024
1b072b7
issue #1: removed testing branch for repo standard action
ThomasCardin Jan 17, 2024
5dc9f1c
issue #1: testing the repo standard with new token
ThomasCardin Jan 17, 2024
9d363cd
issue #1: testing the repo standard with new token
ThomasCardin Jan 17, 2024
d7d16f8
issue #1: EOF for workflow
ThomasCardin Jan 17, 2024
d5b616e
issue #1: fixed 413 error from frontend to backend
ThomasCardin Jan 17, 2024
a0c1546
issue #1: changed nachet images tag for PR number
ThomasCardin Jan 18, 2024
3c19f9e
issue #1: changed README.md content
ThomasCardin Jan 31, 2024
de56ac5
issue #1: removed unused code
ThomasCardin Jan 31, 2024
01f7948
issue #1: changed image version for finesse (default is main represen…
ThomasCardin Jan 31, 2024
8f5f250
issue #1: changed default version of nachet-frontend
ThomasCardin Feb 1, 2024
82ada60
deleted the GKE cluster
ThomasCardin Feb 6, 2024
02801c9
added providers for the GKE cluster. Note: the cluster isn't supporte…
ThomasCardin Feb 6, 2024
4c6f99c
Merge remote-tracking branch 'origin/main' into 1-create-a-kubernetes…
ThomasCardin Feb 7, 2024
a3b942b
issue #1: fixed EOF and completing the merge from main
ThomasCardin Feb 7, 2024
b90a705
issue #1: fixed yaml linting error for nginx deployment
ThomasCardin Feb 7, 2024
edf3c83
issue #1: fixed yaml linting error for nginx deployment
ThomasCardin Feb 7, 2024
23f4db3
issue #1: fixed yaml linting error for nginx deployment
ThomasCardin Feb 7, 2024
b7d1910
issue #1: fixed some yaml linting error
ThomasCardin Feb 7, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -33,5 +33,5 @@ override.tf.json
.terraformrc
terraform.rc

# jq (used to gather information when terraform applying or plannig)
# jq (used to gather information when terraform applying or planning)
jq
Original file line number Diff line number Diff line change
@@ -1,12 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: finesse
labels:
name: finesse

---
apiVersion: v1
kind: ServiceAccount
metadata:
name: secrets-reader
Expand All @@ -16,17 +8,17 @@ metadata:
apiVersion: apps/v1
kind: Deployment
metadata:
name: finesse
name: finesse-backend
namespace: finesse
spec:
replicas: 2
selector:
matchLabels:
app: finesse
app: finesse-backend
template:
metadata:
labels:
app: finesse
app: finesse-backend
annotations:
vault.hashicorp.com/agent-inject: 'true'
vault.hashicorp.com/role: 'secrets-reader'
Expand All @@ -53,7 +45,7 @@ spec:
serviceAccountName: secrets-reader
containers:
- name: finesse-backend
image: gcr.io/spartan-rhino-408115/finesse-backend:latest
image: ghcr.io/ai-cfia/finesse-backend:98f702dddef8f5d46668794b65920c9ce38b8034
rngadam marked this conversation as resolved.
Show resolved Hide resolved
imagePullPolicy: Always
command: ["/bin/sh", "-c"]
args:
Expand All @@ -73,41 +65,12 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: finesse
name: finesse-backend-svc
namespace: finesse
spec:
clusterIP: None
selector:
app: finesse
app: finesse-backend
ports:
- protocol: TCP
port: 8080

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: finesse
namespace: finesse
annotations:
cert-manager.io/cluster-issuer: letsencrypt-http
ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
kubernetes.io/tls-acme: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- finesse.ninebasetwo.xyz
secretName: aciacfia-tls
rules:
- host: finesse.ninebasetwo.xyz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: finesse
port:
number: 8080
42 changes: 42 additions & 0 deletions kubernetes/apps/finesse/finesse-frontend-deployment.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: finesse-frontend
namespace: finesse
spec:
replicas: 2
selector:
matchLabels:
app: finesse-frontend
template:
metadata:
labels:
app: finesse-frontend
spec:
serviceAccountName: secrets-reader
containers:
- name: finesse-frontend
image: ghcr.io/ai-cfia/finesse-frontend:0e64faf24b3254d3582745796a56858f0d5c5cec
imagePullPolicy: Always
ports:
- containerPort: 3000
livenessProbe:
httpGet:
path: /health
port: 3000
initialDelaySeconds: 60
periodSeconds: 10

---
apiVersion: v1
kind: Service
metadata:
name: finesse-frontend-svc
namespace: finesse
spec:
clusterIP: None
selector:
app: finesse-frontend
ports:
- protocol: TCP
port: 3000
59 changes: 59 additions & 0 deletions kubernetes/apps/finesse/finesse-ingress.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: finesse-backend-ingress
namespace: finesse
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2 # https://kubernetes.github.io/ingress-nginx/examples/rewrite/
cert-manager.io/cluster-issuer: letsencrypt-http
ingress.kubernetes.io/force-ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- finesse.ninebasetwo.xyz
secretName: aciacfia-tls
rules:
- host: finesse.ninebasetwo.xyz
http:
paths:
- path: /api(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: finesse-backend-svc
port:
number: 8080

---
# For more information check https://github.com/nginxinc/kubernetes-ingress/issues/323
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: finesse-frontend-ingress
namespace: finesse
annotations:
nginx.ingress.kubernetes.io/add-base-url: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: letsencrypt-http
ingress.kubernetes.io/force-ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- finesse.ninebasetwo.xyz
secretName: aciacfia-tls
rules:
- host: finesse.ninebasetwo.xyz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: finesse-frontend-svc
port:
number: 3000
6 changes: 6 additions & 0 deletions kubernetes/apps/finesse/finesse-namespace.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
name: finesse
labels:
name: finesse
Original file line number Diff line number Diff line change
@@ -1,12 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: nachet
labels:
name: nachet

---
apiVersion: v1
kind: ServiceAccount
metadata:
name: secrets-reader
Expand All @@ -16,17 +8,17 @@ metadata:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nachet
name: nachet-backend
namespace: nachet
spec:
replicas: 2
selector:
matchLabels:
app: nachet
app: nachet-backend
template:
metadata:
labels:
app: nachet
app: nachet-backend
annotations:
vault.hashicorp.com/agent-inject: 'true'
vault.hashicorp.com/role: 'secrets-reader'
Expand All @@ -46,7 +38,7 @@ spec:
serviceAccountName: secrets-reader
containers:
- name: nachet-backend
image: gcr.io/spartan-rhino-408115/nachet-backend:latest
image: ghcr.io/ai-cfia/nachet-backend:253cc74b682be64d78b7e5951726efd3222ce2c4
imagePullPolicy: Always
command: ["/bin/sh", "-c"]
args:
Expand All @@ -65,40 +57,12 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: nachet
name: nachet-backend-svc
namespace: nachet
spec:
clusterIP: None
selector:
app: nachet
app: nachet-backend
ports:
- protocol: TCP
port: 8080

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nachet
namespace: nachet
annotations:
cert-manager.io/cluster-issuer: letsencrypt-http
ingress.kubernetes.io/force-ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- nachir.ninebasetwo.xyz
secretName: aciacfia-tls
rules:
- host: nachir.ninebasetwo.xyz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nachet
port:
number: 8080
42 changes: 42 additions & 0 deletions kubernetes/apps/nachet/nachet-frontend-deployment.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: nachet-frontend
namespace: nachet
spec:
replicas: 2
selector:
matchLabels:
app: nachet-frontend
template:
metadata:
labels:
app: nachet-frontend
spec:
serviceAccountName: secrets-reader
containers:
- name: nachet-frontend
image: ghcr.io/ai-cfia/nachet-frontend:87e217a2e78dcbf1d1ec940c0bd69be15fc70a59
imagePullPolicy: Always
ports:
- containerPort: 3000
livenessProbe:
httpGet:
path: /
port: 3000
initialDelaySeconds: 60
periodSeconds: 10

---
apiVersion: v1
kind: Service
metadata:
name: nachet-frontend-svc
namespace: nachet
spec:
clusterIP: None
selector:
app: nachet-frontend
ports:
- protocol: TCP
port: 3000
59 changes: 59 additions & 0 deletions kubernetes/apps/nachet/nachet-ingress.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nachet-backend-ingress
namespace: nachet
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2 # https://kubernetes.github.io/ingress-nginx/examples/rewrite/
cert-manager.io/cluster-issuer: letsencrypt-http
ingress.kubernetes.io/force-ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- nachet.ninebasetwo.xyz
secretName: aciacfia-tls
rules:
- host: nachet.ninebasetwo.xyz
http:
paths:
- path: /api(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: nachet-backend-svc
port:
number: 8080

---
# For more information check https://github.com/nginxinc/kubernetes-ingress/issues/323
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nachet-frontend-ingress
namespace: nachet
annotations:
nginx.ingress.kubernetes.io/add-base-url: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: letsencrypt-http
ingress.kubernetes.io/force-ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- nachet.ninebasetwo.xyz
secretName: aciacfia-tls
rules:
- host: nachet.ninebasetwo.xyz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nachet-frontend-svc
port:
number: 3000
6 changes: 6 additions & 0 deletions kubernetes/apps/nachet/nachet-namespace.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
name: nachet
labels:
name: nachet
Loading