This repository contains the non-sensitive Kubernetes declarations powering the Team Fortress 2 Wiki.
Secrets and credentials are managed separately in a Blackbox repository: tfwiki/secrets
Rough notes:
### Prerequisites
- Kubernetes cluster running 1.8.x (to avoid hardcoding NFS Service IP in PersistantVolume declaration)
- Cloud SQL database
cloudsql-instance-credentialshttps://cloud.google.com/sql/docs/mysql/connect-kubernetes-engine - Persistant disk for mediawiki images (mounted via NFS)
- Global Static IP address
- Create cluster in Google Container Engine
- Work on correct zone (
gcloud config set compute/zone [COMPUTE-ZONE]) - Log into new cluster (
gcloud container clusters get-credentials [CLUSTER-NAME]) - Set up
config.yaml - Set up
secret.yaml(see tfwiki/secrets) - Update
ingress.yaml'smetadata.annotations.kubernetes.io/ingress.global-static-ip-nameandspec.tls.hosts(TODO: Generalise?) - Update
nfs.yaml'sspec.template.spec.volumes.gcePersistentDisk(TODO: Generalise?) - Update Google Cloud proxy command in
mediawiki.yaml(TODO: Generalise?) - Spin up!
kubectl apply -f k8s/common;kubectl apply -f k8s/ENVIRONMENT
Syncing files from the Valve-hosted wiki is managed via the media-sync job, but needs authorised SSH keys stored within a Kubernetes secret:
kubectl create secret generic media-sync-secret --from-file=ssh-privatekey=/path/to/.ssh/id_rsa --from-file=ssh-publickey=/path/to/.ssh/id_rsa.pub