forked from cerc-io/stack-orchestrator
Compare commits
1 Commits
main
...
telackey/e
Author | SHA1 | Date | |
---|---|---|---|
db086f23c4 |
@ -1,54 +0,0 @@
|
|||||||
name: Container Registry Test
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches: '*'
|
|
||||||
paths:
|
|
||||||
- '!**'
|
|
||||||
- '.gitea/workflows/triggers/test-container-registry'
|
|
||||||
- '.gitea/workflows/test-container-registry.yml'
|
|
||||||
- 'tests/container-registry/run-test.sh'
|
|
||||||
schedule: # Note: coordinate with other tests to not overload runners at the same time of day
|
|
||||||
- cron: '6 19 * * *'
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
test:
|
|
||||||
name: "Run contaier registry hosting test on kind/k8s"
|
|
||||||
runs-on: ubuntu-22.04
|
|
||||||
steps:
|
|
||||||
- name: "Clone project repository"
|
|
||||||
uses: actions/checkout@v3
|
|
||||||
# At present the stock setup-python action fails on Linux/aarch64
|
|
||||||
# Conditional steps below workaroud this by using deadsnakes for that case only
|
|
||||||
- name: "Install Python for ARM on Linux"
|
|
||||||
if: ${{ runner.arch == 'arm64' && runner.os == 'Linux' }}
|
|
||||||
uses: deadsnakes/action@v3.0.1
|
|
||||||
with:
|
|
||||||
python-version: '3.8'
|
|
||||||
- name: "Install Python cases other than ARM on Linux"
|
|
||||||
if: ${{ ! (runner.arch == 'arm64' && runner.os == 'Linux') }}
|
|
||||||
uses: actions/setup-python@v4
|
|
||||||
with:
|
|
||||||
python-version: '3.8'
|
|
||||||
- name: "Print Python version"
|
|
||||||
run: python3 --version
|
|
||||||
- name: "Install shiv"
|
|
||||||
run: pip install shiv
|
|
||||||
- name: "Generate build version file"
|
|
||||||
run: ./scripts/create_build_tag_file.sh
|
|
||||||
- name: "Build local shiv package"
|
|
||||||
run: ./scripts/build_shiv_package.sh
|
|
||||||
- name: "Check cgroups version"
|
|
||||||
run: mount | grep cgroup
|
|
||||||
- name: "Install kind"
|
|
||||||
run: ./tests/scripts/install-kind.sh
|
|
||||||
- name: "Install Kubectl"
|
|
||||||
run: ./tests/scripts/install-kubectl.sh
|
|
||||||
- name: "Install ed" # Only needed until we remove the need to edit the spec file
|
|
||||||
run: apt update && apt install -y ed
|
|
||||||
- name: "Run container registry deployment test"
|
|
||||||
run: |
|
|
||||||
source /opt/bash-utils/cgroup-helper.sh
|
|
||||||
join_cgroup
|
|
||||||
./tests/container-registry/run-test.sh
|
|
||||||
|
|
@ -1 +0,0 @@
|
|||||||
Change this file to trigger running the test-container-registry CI job
|
|
@ -12,8 +12,8 @@ spec_file_name="${stack_name}-spec.yml"
|
|||||||
deployment_dir_name="${stack_name}-deployment"
|
deployment_dir_name="${stack_name}-deployment"
|
||||||
rm -f ${spec_file_name}
|
rm -f ${spec_file_name}
|
||||||
rm -rf ${deployment_dir_name}
|
rm -rf ${deployment_dir_name}
|
||||||
laconic-so --stack ${stack_name} deploy --deploy-to compose init --output ${spec_file_name}
|
laconic-so --stack ${stack_name} deploy --deploy-to k8s-kind init --output ${spec_file_name}
|
||||||
laconic-so --stack ${stack_name} deploy --deploy-to compose create --deployment-dir ${deployment_dir_name} --spec-file ${spec_file_name}
|
laconic-so --stack ${stack_name} deploy --deploy-to k8s-kind create --deployment-dir ${deployment_dir_name} --spec-file ${spec_file_name}
|
||||||
#laconic-so deployment --dir ${deployment_dir_name} start
|
#laconic-so deployment --dir ${deployment_dir_name} start
|
||||||
#laconic-so deployment --dir ${deployment_dir_name} ps
|
#laconic-so deployment --dir ${deployment_dir_name} ps
|
||||||
#laconic-so deployment --dir ${deployment_dir_name} stop
|
#laconic-so deployment --dir ${deployment_dir_name} stop
|
||||||
|
@ -27,7 +27,7 @@ import subprocess
|
|||||||
import click
|
import click
|
||||||
import importlib.resources
|
import importlib.resources
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
from stack_orchestrator.util import include_exclude_check, get_parsed_stack_config, stack_is_external, warn_exit
|
from stack_orchestrator.util import include_exclude_check, get_parsed_stack_config, stack_is_external
|
||||||
from stack_orchestrator.base import get_npm_registry_url
|
from stack_orchestrator.base import get_npm_registry_url
|
||||||
|
|
||||||
# TODO: find a place for this
|
# TODO: find a place for this
|
||||||
@ -164,8 +164,6 @@ def command(ctx, include, exclude, force_rebuild, extra_build_args):
|
|||||||
containers_in_scope = []
|
containers_in_scope = []
|
||||||
if stack:
|
if stack:
|
||||||
stack_config = get_parsed_stack_config(stack)
|
stack_config = get_parsed_stack_config(stack)
|
||||||
if "containers" not in stack_config or stack_config["containers"] is None:
|
|
||||||
warn_exit(f"stack {stack} does not define any containers")
|
|
||||||
containers_in_scope = stack_config['containers']
|
containers_in_scope = stack_config['containers']
|
||||||
else:
|
else:
|
||||||
containers_in_scope = all_containers
|
containers_in_scope = all_containers
|
||||||
|
@ -1,13 +0,0 @@
|
|||||||
services:
|
|
||||||
registry:
|
|
||||||
image: registry:2.8
|
|
||||||
restart: always
|
|
||||||
environment:
|
|
||||||
REGISTRY_LOG_LEVEL: ${REGISTRY_LOG_LEVEL}
|
|
||||||
volumes:
|
|
||||||
- registry-data:/var/lib/registry
|
|
||||||
ports:
|
|
||||||
- "5000"
|
|
||||||
|
|
||||||
volumes:
|
|
||||||
registry-data:
|
|
@ -1,12 +0,0 @@
|
|||||||
version: "3.2"
|
|
||||||
|
|
||||||
services:
|
|
||||||
mars:
|
|
||||||
image: cerc/mars-v2:local
|
|
||||||
restart: always
|
|
||||||
ports:
|
|
||||||
- "3000:3000"
|
|
||||||
environment:
|
|
||||||
- URL_OSMOSIS_REST=https://lcd-osmosis.blockapsis.com
|
|
||||||
- URL_OSMOSIS_RPC=https://rpc-osmosis.blockapsis.com
|
|
||||||
- WALLET_CONNECT_ID=0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x
|
|
@ -1,4 +0,0 @@
|
|||||||
#!/usr/bin/env bash
|
|
||||||
# Build the mars-v2 image
|
|
||||||
source ${CERC_CONTAINER_BASE_DIR}/build-base.sh
|
|
||||||
docker build -t cerc/mars-v2:local -f ${CERC_REPO_BASE_DIR}/mars-v2-frontend/Dockerfile ${build_command_args} ${CERC_REPO_BASE_DIR}/mars-v2-frontend
|
|
@ -33,8 +33,8 @@ if [ -f ".env" ]; then
|
|||||||
rm -f $TMP_ENV
|
rm -f $TMP_ENV
|
||||||
fi
|
fi
|
||||||
|
|
||||||
for f in $(find . -type f \( -regex '.*.html?' -or -regex ".*.[tj]s\(x\|on\)?$" \) | grep -v 'node_modules' | grep -v '.git'); do
|
for f in $(find "$TRG_DIR" -regex ".*.[tj]sx?$" -type f | grep -v 'node_modules'); do
|
||||||
for e in $(cat "${f}" | tr -s '[:blank:]' '\n' | tr -s '["/\\{},();]' '\n' | tr -s "[']" '\n' | egrep -o -e '^CERC_RUNTIME_ENV_.+$' -e '^LACONIC_HOSTED_CONFIG_.+$'); do
|
for e in $(cat "${f}" | tr -s '[:blank:]' '\n' | tr -s '[{},();]' '\n' | egrep -o '^"CERC_RUNTIME_ENV_[^\"]+"'); do
|
||||||
orig_name=$(echo -n "${e}" | sed 's/"//g')
|
orig_name=$(echo -n "${e}" | sed 's/"//g')
|
||||||
cur_name=$(echo -n "${orig_name}" | sed 's/CERC_RUNTIME_ENV_//g')
|
cur_name=$(echo -n "${orig_name}" | sed 's/CERC_RUNTIME_ENV_//g')
|
||||||
cur_val=$(echo -n "\$${cur_name}" | envsubst)
|
cur_val=$(echo -n "\$${cur_name}" | envsubst)
|
||||||
|
@ -18,8 +18,9 @@ if [ -f ".env" ]; then
|
|||||||
rm -f $TMP_ENV
|
rm -f $TMP_ENV
|
||||||
fi
|
fi
|
||||||
|
|
||||||
for f in $(find . -type f \( -regex '.*.html?' -or -regex ".*.[tj]s\(x\|on\)?$" \) | grep -v 'node_modules' | grep -v '.git'); do
|
|
||||||
for e in $(cat "${f}" | tr -s '[:blank:]' '\n' | tr -s '["/\\{},();]' '\n' | tr -s "[']" '\n' | egrep -o -e '^CERC_RUNTIME_ENV_.+$' -e '^LACONIC_HOSTED_CONFIG_.+$'); do
|
for f in $(find . -type f \( -name '*.html' -or -regex ".*.[tj]s\(x\|on\)?$" \) | grep -v 'node_modules' | grep -v '.git'); do
|
||||||
|
for e in $(cat "${f}" | tr -s '[:blank:]' '\n' | tr -s '[\\/{},();"]' '\n' | egrep -o -e '^CERC_RUNTIME_ENV_.+'); do
|
||||||
orig_name=$(echo -n "${e}" | sed 's/"//g')
|
orig_name=$(echo -n "${e}" | sed 's/"//g')
|
||||||
cur_name=$(echo -n "${orig_name}" | sed 's/CERC_RUNTIME_ENV_//g')
|
cur_name=$(echo -n "${orig_name}" | sed 's/CERC_RUNTIME_ENV_//g')
|
||||||
cur_val=$(echo -n "\$${cur_name}" | envsubst)
|
cur_val=$(echo -n "\$${cur_name}" | envsubst)
|
||||||
@ -31,3 +32,19 @@ for f in $(find . -type f \( -regex '.*.html?' -or -regex ".*.[tj]s\(x\|on\)?$"
|
|||||||
sed -i "s/$orig_name/$esc_val/g" $f
|
sed -i "s/$orig_name/$esc_val/g" $f
|
||||||
done
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
|
for f in $(find . -type f \( -name '*.html' -or -regex ".*.[tj]s\(x\|on\)?$" \) | grep -v 'node_modules' | grep -v '.git'); do
|
||||||
|
for cur_name in `env | egrep -o -e '^LACONIC_HOSTED_CONFIG_.+' | cut -d"=" -f1 | sort -u`; do
|
||||||
|
grep "$e" $f >/dev/null
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
cur_val=$(echo -n "\$${cur_name}" | envsubst)
|
||||||
|
if [ "$CERC_RETAIN_ENV_QUOTES" != "true" ]; then
|
||||||
|
cur_val=$(sed "s/^[\"']//" <<< "$cur_val" | sed "s/[\"']//")
|
||||||
|
fi
|
||||||
|
esc_val=$(sed 's/[&/\]/\\&/g' <<< "$cur_val")
|
||||||
|
echo "$f: $cur_name=$cur_val"
|
||||||
|
sed -i "s/$cur_name/$esc_val/g" $f
|
||||||
|
done
|
||||||
|
done
|
||||||
|
@ -33,10 +33,4 @@ else
|
|||||||
mv "${WORK_DIR}" "${DEST_DIR}"
|
mv "${WORK_DIR}" "${DEST_DIR}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# One special fix ...
|
|
||||||
cd "${DEST_DIR}"
|
|
||||||
for f in $(find . -type f -name '*.htm*'); do
|
|
||||||
sed -i -e 's#/LACONIC_HOSTED_CONFIG_homepage/#LACONIC_HOSTED_CONFIG_homepage/#g' "$f"
|
|
||||||
done
|
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
|
@ -1,673 +0,0 @@
|
|||||||
# from: https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
|
|
||||||
# via: https://kind.sigs.k8s.io/docs/user/ingress/#ingress-nginx
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Namespace
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
name: ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
automountServiceAccountToken: true
|
|
||||||
kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx
|
|
||||||
namespace: ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
namespace: ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: Role
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx
|
|
||||||
namespace: ingress-nginx
|
|
||||||
rules:
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- namespaces
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- configmaps
|
|
||||||
- pods
|
|
||||||
- secrets
|
|
||||||
- endpoints
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- services
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
resources:
|
|
||||||
- ingresses
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
resources:
|
|
||||||
- ingresses/status
|
|
||||||
verbs:
|
|
||||||
- update
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
resources:
|
|
||||||
- ingressclasses
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- coordination.k8s.io
|
|
||||||
resourceNames:
|
|
||||||
- ingress-nginx-leader
|
|
||||||
resources:
|
|
||||||
- leases
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
- apiGroups:
|
|
||||||
- coordination.k8s.io
|
|
||||||
resources:
|
|
||||||
- leases
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- events
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- patch
|
|
||||||
- apiGroups:
|
|
||||||
- discovery.k8s.io
|
|
||||||
resources:
|
|
||||||
- endpointslices
|
|
||||||
verbs:
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: Role
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
namespace: ingress-nginx
|
|
||||||
rules:
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- secrets
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- create
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRole
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx
|
|
||||||
rules:
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- configmaps
|
|
||||||
- endpoints
|
|
||||||
- nodes
|
|
||||||
- pods
|
|
||||||
- secrets
|
|
||||||
- namespaces
|
|
||||||
verbs:
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- coordination.k8s.io
|
|
||||||
resources:
|
|
||||||
- leases
|
|
||||||
verbs:
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- nodes
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- services
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
resources:
|
|
||||||
- ingresses
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- events
|
|
||||||
verbs:
|
|
||||||
- create
|
|
||||||
- patch
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
resources:
|
|
||||||
- ingresses/status
|
|
||||||
verbs:
|
|
||||||
- update
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
resources:
|
|
||||||
- ingressclasses
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- apiGroups:
|
|
||||||
- discovery.k8s.io
|
|
||||||
resources:
|
|
||||||
- endpointslices
|
|
||||||
verbs:
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- get
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRole
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
rules:
|
|
||||||
- apiGroups:
|
|
||||||
- admissionregistration.k8s.io
|
|
||||||
resources:
|
|
||||||
- validatingwebhookconfigurations
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- update
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: RoleBinding
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx
|
|
||||||
namespace: ingress-nginx
|
|
||||||
roleRef:
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
kind: Role
|
|
||||||
name: ingress-nginx
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: ingress-nginx
|
|
||||||
namespace: ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: RoleBinding
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
namespace: ingress-nginx
|
|
||||||
roleRef:
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
kind: Role
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
namespace: ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRoleBinding
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx
|
|
||||||
roleRef:
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
kind: ClusterRole
|
|
||||||
name: ingress-nginx
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: ingress-nginx
|
|
||||||
namespace: ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRoleBinding
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
roleRef:
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
kind: ClusterRole
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
namespace: ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
data:
|
|
||||||
allow-snippet-annotations: "false"
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-controller
|
|
||||||
namespace: ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-controller
|
|
||||||
namespace: ingress-nginx
|
|
||||||
spec:
|
|
||||||
ipFamilies:
|
|
||||||
- IPv4
|
|
||||||
ipFamilyPolicy: SingleStack
|
|
||||||
ports:
|
|
||||||
- appProtocol: http
|
|
||||||
name: http
|
|
||||||
port: 80
|
|
||||||
protocol: TCP
|
|
||||||
targetPort: http
|
|
||||||
- appProtocol: https
|
|
||||||
name: https
|
|
||||||
port: 443
|
|
||||||
protocol: TCP
|
|
||||||
targetPort: https
|
|
||||||
selector:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
type: NodePort
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-controller-admission
|
|
||||||
namespace: ingress-nginx
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- appProtocol: https
|
|
||||||
name: https-webhook
|
|
||||||
port: 443
|
|
||||||
targetPort: webhook
|
|
||||||
selector:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
type: ClusterIP
|
|
||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-controller
|
|
||||||
namespace: ingress-nginx
|
|
||||||
spec:
|
|
||||||
minReadySeconds: 0
|
|
||||||
revisionHistoryLimit: 10
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
strategy:
|
|
||||||
rollingUpdate:
|
|
||||||
maxUnavailable: 1
|
|
||||||
type: RollingUpdate
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- args:
|
|
||||||
- /nginx-ingress-controller
|
|
||||||
- --election-id=ingress-nginx-leader
|
|
||||||
- --controller-class=k8s.io/ingress-nginx
|
|
||||||
- --ingress-class=nginx
|
|
||||||
- --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
|
|
||||||
- --validating-webhook=:8443
|
|
||||||
- --validating-webhook-certificate=/usr/local/certificates/cert
|
|
||||||
- --validating-webhook-key=/usr/local/certificates/key
|
|
||||||
- --watch-ingress-without-class=true
|
|
||||||
- --publish-status-address=localhost
|
|
||||||
env:
|
|
||||||
- name: POD_NAME
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
fieldPath: metadata.name
|
|
||||||
- name: POD_NAMESPACE
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
fieldPath: metadata.namespace
|
|
||||||
- name: LD_PRELOAD
|
|
||||||
value: /usr/local/lib/libmimalloc.so
|
|
||||||
image: registry.k8s.io/ingress-nginx/controller:v1.9.6@sha256:1405cc613bd95b2c6edd8b2a152510ae91c7e62aea4698500d23b2145960ab9c
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
lifecycle:
|
|
||||||
preStop:
|
|
||||||
exec:
|
|
||||||
command:
|
|
||||||
- /wait-shutdown
|
|
||||||
livenessProbe:
|
|
||||||
failureThreshold: 5
|
|
||||||
httpGet:
|
|
||||||
path: /healthz
|
|
||||||
port: 10254
|
|
||||||
scheme: HTTP
|
|
||||||
initialDelaySeconds: 10
|
|
||||||
periodSeconds: 10
|
|
||||||
successThreshold: 1
|
|
||||||
timeoutSeconds: 1
|
|
||||||
name: controller
|
|
||||||
ports:
|
|
||||||
- containerPort: 80
|
|
||||||
hostPort: 80
|
|
||||||
name: http
|
|
||||||
protocol: TCP
|
|
||||||
- containerPort: 443
|
|
||||||
hostPort: 443
|
|
||||||
name: https
|
|
||||||
protocol: TCP
|
|
||||||
- containerPort: 8443
|
|
||||||
name: webhook
|
|
||||||
protocol: TCP
|
|
||||||
readinessProbe:
|
|
||||||
failureThreshold: 3
|
|
||||||
httpGet:
|
|
||||||
path: /healthz
|
|
||||||
port: 10254
|
|
||||||
scheme: HTTP
|
|
||||||
initialDelaySeconds: 10
|
|
||||||
periodSeconds: 10
|
|
||||||
successThreshold: 1
|
|
||||||
timeoutSeconds: 1
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 100m
|
|
||||||
memory: 90Mi
|
|
||||||
securityContext:
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
capabilities:
|
|
||||||
add:
|
|
||||||
- NET_BIND_SERVICE
|
|
||||||
drop:
|
|
||||||
- ALL
|
|
||||||
readOnlyRootFilesystem: false
|
|
||||||
runAsNonRoot: true
|
|
||||||
runAsUser: 101
|
|
||||||
seccompProfile:
|
|
||||||
type: RuntimeDefault
|
|
||||||
volumeMounts:
|
|
||||||
- mountPath: /usr/local/certificates/
|
|
||||||
name: webhook-cert
|
|
||||||
readOnly: true
|
|
||||||
dnsPolicy: ClusterFirst
|
|
||||||
nodeSelector:
|
|
||||||
ingress-ready: "true"
|
|
||||||
kubernetes.io/os: linux
|
|
||||||
serviceAccountName: ingress-nginx
|
|
||||||
terminationGracePeriodSeconds: 0
|
|
||||||
tolerations:
|
|
||||||
- effect: NoSchedule
|
|
||||||
key: node-role.kubernetes.io/master
|
|
||||||
operator: Equal
|
|
||||||
- effect: NoSchedule
|
|
||||||
key: node-role.kubernetes.io/control-plane
|
|
||||||
operator: Equal
|
|
||||||
volumes:
|
|
||||||
- name: webhook-cert
|
|
||||||
secret:
|
|
||||||
secretName: ingress-nginx-admission
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission-create
|
|
||||||
namespace: ingress-nginx
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission-create
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- args:
|
|
||||||
- create
|
|
||||||
- --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc
|
|
||||||
- --namespace=$(POD_NAMESPACE)
|
|
||||||
- --secret-name=ingress-nginx-admission
|
|
||||||
env:
|
|
||||||
- name: POD_NAMESPACE
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
fieldPath: metadata.namespace
|
|
||||||
image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231226-1a7112e06@sha256:25d6a5f11211cc5c3f9f2bf552b585374af287b4debf693cacbe2da47daa5084
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: create
|
|
||||||
securityContext:
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
capabilities:
|
|
||||||
drop:
|
|
||||||
- ALL
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
runAsNonRoot: true
|
|
||||||
runAsUser: 65532
|
|
||||||
seccompProfile:
|
|
||||||
type: RuntimeDefault
|
|
||||||
nodeSelector:
|
|
||||||
kubernetes.io/os: linux
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
serviceAccountName: ingress-nginx-admission
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission-patch
|
|
||||||
namespace: ingress-nginx
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission-patch
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- args:
|
|
||||||
- patch
|
|
||||||
- --webhook-name=ingress-nginx-admission
|
|
||||||
- --namespace=$(POD_NAMESPACE)
|
|
||||||
- --patch-mutating=false
|
|
||||||
- --secret-name=ingress-nginx-admission
|
|
||||||
- --patch-failure-policy=Fail
|
|
||||||
env:
|
|
||||||
- name: POD_NAMESPACE
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
fieldPath: metadata.namespace
|
|
||||||
image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231226-1a7112e06@sha256:25d6a5f11211cc5c3f9f2bf552b585374af287b4debf693cacbe2da47daa5084
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: patch
|
|
||||||
securityContext:
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
capabilities:
|
|
||||||
drop:
|
|
||||||
- ALL
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
runAsNonRoot: true
|
|
||||||
runAsUser: 65532
|
|
||||||
seccompProfile:
|
|
||||||
type: RuntimeDefault
|
|
||||||
nodeSelector:
|
|
||||||
kubernetes.io/os: linux
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
serviceAccountName: ingress-nginx-admission
|
|
||||||
---
|
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: IngressClass
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: controller
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: nginx
|
|
||||||
spec:
|
|
||||||
controller: k8s.io/ingress-nginx
|
|
||||||
---
|
|
||||||
apiVersion: admissionregistration.k8s.io/v1
|
|
||||||
kind: ValidatingWebhookConfiguration
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: admission-webhook
|
|
||||||
app.kubernetes.io/instance: ingress-nginx
|
|
||||||
app.kubernetes.io/name: ingress-nginx
|
|
||||||
app.kubernetes.io/part-of: ingress-nginx
|
|
||||||
app.kubernetes.io/version: 1.9.6
|
|
||||||
name: ingress-nginx-admission
|
|
||||||
webhooks:
|
|
||||||
- admissionReviewVersions:
|
|
||||||
- v1
|
|
||||||
clientConfig:
|
|
||||||
service:
|
|
||||||
name: ingress-nginx-controller-admission
|
|
||||||
namespace: ingress-nginx
|
|
||||||
path: /networking/v1/ingresses
|
|
||||||
failurePolicy: Fail
|
|
||||||
matchPolicy: Equivalent
|
|
||||||
name: validate.nginx.ingress.kubernetes.io
|
|
||||||
rules:
|
|
||||||
- apiGroups:
|
|
||||||
- networking.k8s.io
|
|
||||||
apiVersions:
|
|
||||||
- v1
|
|
||||||
operations:
|
|
||||||
- CREATE
|
|
||||||
- UPDATE
|
|
||||||
resources:
|
|
||||||
- ingresses
|
|
||||||
sideEffects: None
|
|
@ -1,3 +0,0 @@
|
|||||||
# Container Registry Stack
|
|
||||||
|
|
||||||
Host a container image registry
|
|
@ -1,5 +0,0 @@
|
|||||||
version: "1.0"
|
|
||||||
name: container-registry
|
|
||||||
description: "Container registry stack"
|
|
||||||
pods:
|
|
||||||
- container-registry
|
|
@ -1,16 +0,0 @@
|
|||||||
# mars
|
|
||||||
|
|
||||||
On a fresh Digital Ocean droplet with Ubuntu:
|
|
||||||
|
|
||||||
```
|
|
||||||
git clone https://github.com/cerc-io/stack-orchestrator
|
|
||||||
cd stack-orchestrator
|
|
||||||
./scripts/quick-install-linux.sh
|
|
||||||
```
|
|
||||||
Read and follow the instructions output from the above output to complete installation, then:
|
|
||||||
|
|
||||||
```
|
|
||||||
laconic-so --stack mars-v2 setup-repositories
|
|
||||||
laconic-so --stack mars-v2 build-containers
|
|
||||||
laconic-so --stack mars-v2 deploy up
|
|
||||||
```
|
|
@ -1,8 +0,0 @@
|
|||||||
version: "0.1"
|
|
||||||
name: mars-v2
|
|
||||||
repos:
|
|
||||||
- github.com/mars-protocol/mars-v2-frontend
|
|
||||||
containers:
|
|
||||||
- cerc/mars-v2
|
|
||||||
pods:
|
|
||||||
- mars-v2
|
|
@ -78,30 +78,7 @@ class ClusterInfo:
|
|||||||
if (opts.o.debug):
|
if (opts.o.debug):
|
||||||
print(f"Env vars: {self.environment_variables.map}")
|
print(f"Env vars: {self.environment_variables.map}")
|
||||||
|
|
||||||
def get_nodeport(self):
|
def get_ingress(self):
|
||||||
for pod_name in self.parsed_pod_yaml_map:
|
|
||||||
pod = self.parsed_pod_yaml_map[pod_name]
|
|
||||||
services = pod["services"]
|
|
||||||
for service_name in services:
|
|
||||||
service_info = services[service_name]
|
|
||||||
if "ports" in service_info:
|
|
||||||
port = int(service_info["ports"][0])
|
|
||||||
if opts.o.debug:
|
|
||||||
print(f"service port: {port}")
|
|
||||||
service = client.V1Service(
|
|
||||||
metadata=client.V1ObjectMeta(name=f"{self.app_name}-nodeport"),
|
|
||||||
spec=client.V1ServiceSpec(
|
|
||||||
type="NodePort",
|
|
||||||
ports=[client.V1ServicePort(
|
|
||||||
port=port,
|
|
||||||
target_port=port
|
|
||||||
)],
|
|
||||||
selector={"app": self.app_name}
|
|
||||||
)
|
|
||||||
)
|
|
||||||
return service
|
|
||||||
|
|
||||||
def get_ingress(self, use_tls=False):
|
|
||||||
# No ingress for a deployment that has no http-proxy defined, for now
|
# No ingress for a deployment that has no http-proxy defined, for now
|
||||||
http_proxy_info_list = self.spec.get_http_proxy()
|
http_proxy_info_list = self.spec.get_http_proxy()
|
||||||
ingress = None
|
ingress = None
|
||||||
@ -116,7 +93,7 @@ class ClusterInfo:
|
|||||||
tls = [client.V1IngressTLS(
|
tls = [client.V1IngressTLS(
|
||||||
hosts=[host_name],
|
hosts=[host_name],
|
||||||
secret_name=f"{self.app_name}-tls"
|
secret_name=f"{self.app_name}-tls"
|
||||||
)] if use_tls else None
|
)]
|
||||||
paths = []
|
paths = []
|
||||||
for route in http_proxy_info["routes"]:
|
for route in http_proxy_info["routes"]:
|
||||||
path = route["path"]
|
path = route["path"]
|
||||||
|
@ -20,7 +20,6 @@ from kubernetes import client, config
|
|||||||
from stack_orchestrator import constants
|
from stack_orchestrator import constants
|
||||||
from stack_orchestrator.deploy.deployer import Deployer, DeployerConfigGenerator
|
from stack_orchestrator.deploy.deployer import Deployer, DeployerConfigGenerator
|
||||||
from stack_orchestrator.deploy.k8s.helpers import create_cluster, destroy_cluster, load_images_into_kind
|
from stack_orchestrator.deploy.k8s.helpers import create_cluster, destroy_cluster, load_images_into_kind
|
||||||
from stack_orchestrator.deploy.k8s.helpers import install_ingress_for_kind, wait_for_ingress_in_kind
|
|
||||||
from stack_orchestrator.deploy.k8s.helpers import pods_in_deployment, containers_in_pod, log_stream_from_string
|
from stack_orchestrator.deploy.k8s.helpers import pods_in_deployment, containers_in_pod, log_stream_from_string
|
||||||
from stack_orchestrator.deploy.k8s.helpers import generate_kind_config
|
from stack_orchestrator.deploy.k8s.helpers import generate_kind_config
|
||||||
from stack_orchestrator.deploy.k8s.cluster_info import ClusterInfo
|
from stack_orchestrator.deploy.k8s.cluster_info import ClusterInfo
|
||||||
@ -177,47 +176,29 @@ class K8sDeployer(Deployer):
|
|||||||
# Ensure the referenced containers are copied into kind
|
# Ensure the referenced containers are copied into kind
|
||||||
load_images_into_kind(self.kind_cluster_name, self.cluster_info.image_set)
|
load_images_into_kind(self.kind_cluster_name, self.cluster_info.image_set)
|
||||||
self.connect_api()
|
self.connect_api()
|
||||||
if self.is_kind():
|
|
||||||
# Now configure an ingress controller (not installed by default in kind)
|
|
||||||
install_ingress_for_kind()
|
|
||||||
# Wait for ingress to start (deployment provisioning will fail unless this is done)
|
|
||||||
wait_for_ingress_in_kind()
|
|
||||||
|
|
||||||
else:
|
else:
|
||||||
print("Dry run mode enabled, skipping k8s API connect")
|
print("Dry run mode enabled, skipping k8s API connect")
|
||||||
|
|
||||||
self._create_volume_data()
|
self._create_volume_data()
|
||||||
self._create_deployment()
|
self._create_deployment()
|
||||||
|
|
||||||
# Note: at present we don't support tls for kind (and enabling tls causes errors)
|
if not self.is_kind():
|
||||||
ingress: client.V1Ingress = self.cluster_info.get_ingress(use_tls=not self.is_kind())
|
ingress: client.V1Ingress = self.cluster_info.get_ingress()
|
||||||
if ingress:
|
|
||||||
if opts.o.debug:
|
|
||||||
print(f"Sending this ingress: {ingress}")
|
|
||||||
if not opts.o.dry_run:
|
|
||||||
ingress_resp = self.networking_api.create_namespaced_ingress(
|
|
||||||
namespace=self.k8s_namespace,
|
|
||||||
body=ingress
|
|
||||||
)
|
|
||||||
if opts.o.debug:
|
|
||||||
print("Ingress created:")
|
|
||||||
print(f"{ingress_resp}")
|
|
||||||
else:
|
|
||||||
if opts.o.debug:
|
|
||||||
print("No ingress configured")
|
|
||||||
|
|
||||||
nodeport: client.V1Service = self.cluster_info.get_nodeport()
|
if ingress:
|
||||||
if nodeport:
|
|
||||||
if opts.o.debug:
|
|
||||||
print(f"Sending this nodeport: {nodeport}")
|
|
||||||
if not opts.o.dry_run:
|
|
||||||
nodeport_resp = self.core_api.create_namespaced_service(
|
|
||||||
namespace=self.k8s_namespace,
|
|
||||||
body=nodeport
|
|
||||||
)
|
|
||||||
if opts.o.debug:
|
if opts.o.debug:
|
||||||
print("NodePort created:")
|
print(f"Sending this ingress: {ingress}")
|
||||||
print(f"{nodeport_resp}")
|
if not opts.o.dry_run:
|
||||||
|
ingress_resp = self.networking_api.create_namespaced_ingress(
|
||||||
|
namespace=self.k8s_namespace,
|
||||||
|
body=ingress
|
||||||
|
)
|
||||||
|
if opts.o.debug:
|
||||||
|
print("Ingress created:")
|
||||||
|
print(f"{ingress_resp}")
|
||||||
|
else:
|
||||||
|
if opts.o.debug:
|
||||||
|
print("No ingress configured")
|
||||||
|
|
||||||
def down(self, timeout, volumes): # noqa: C901
|
def down(self, timeout, volumes): # noqa: C901
|
||||||
self.connect_api()
|
self.connect_api()
|
||||||
@ -288,34 +269,20 @@ class K8sDeployer(Deployer):
|
|||||||
except client.exceptions.ApiException as e:
|
except client.exceptions.ApiException as e:
|
||||||
_check_delete_exception(e)
|
_check_delete_exception(e)
|
||||||
|
|
||||||
ingress: client.V1Ingress = self.cluster_info.get_ingress(use_tls=not self.is_kind())
|
if not self.is_kind():
|
||||||
if ingress:
|
ingress: client.V1Ingress = self.cluster_info.get_ingress()
|
||||||
if opts.o.debug:
|
if ingress:
|
||||||
print(f"Deleting this ingress: {ingress}")
|
if opts.o.debug:
|
||||||
try:
|
print(f"Deleting this ingress: {ingress}")
|
||||||
self.networking_api.delete_namespaced_ingress(
|
try:
|
||||||
name=ingress.metadata.name, namespace=self.k8s_namespace
|
self.networking_api.delete_namespaced_ingress(
|
||||||
)
|
name=ingress.metadata.name, namespace=self.k8s_namespace
|
||||||
except client.exceptions.ApiException as e:
|
)
|
||||||
_check_delete_exception(e)
|
except client.exceptions.ApiException as e:
|
||||||
else:
|
_check_delete_exception(e)
|
||||||
if opts.o.debug:
|
else:
|
||||||
print("No ingress to delete")
|
if opts.o.debug:
|
||||||
|
print("No ingress to delete")
|
||||||
nodeport: client.V1Service = self.cluster_info.get_nodeport()
|
|
||||||
if nodeport:
|
|
||||||
if opts.o.debug:
|
|
||||||
print(f"Deleting this nodeport: {ingress}")
|
|
||||||
try:
|
|
||||||
self.core_api.delete_namespaced_service(
|
|
||||||
namespace=self.k8s_namespace,
|
|
||||||
name=nodeport.metadata.name
|
|
||||||
)
|
|
||||||
except client.exceptions.ApiException as e:
|
|
||||||
_check_delete_exception(e)
|
|
||||||
else:
|
|
||||||
if opts.o.debug:
|
|
||||||
print("No nodeport to delete")
|
|
||||||
|
|
||||||
if self.is_kind():
|
if self.is_kind():
|
||||||
# Destroy the kind cluster
|
# Destroy the kind cluster
|
||||||
|
@ -13,14 +13,13 @@
|
|||||||
# You should have received a copy of the GNU Affero General Public License
|
# You should have received a copy of the GNU Affero General Public License
|
||||||
# along with this program. If not, see <http:#www.gnu.org/licenses/>.
|
# along with this program. If not, see <http:#www.gnu.org/licenses/>.
|
||||||
|
|
||||||
from kubernetes import client, utils, watch
|
from kubernetes import client
|
||||||
import os
|
import os
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
import subprocess
|
import subprocess
|
||||||
import re
|
import re
|
||||||
from typing import Set, Mapping, List
|
from typing import Set, Mapping, List
|
||||||
|
|
||||||
from stack_orchestrator.util import get_k8s_dir, error_exit
|
|
||||||
from stack_orchestrator.opts import opts
|
from stack_orchestrator.opts import opts
|
||||||
from stack_orchestrator.deploy.deploy_util import parsed_pod_files_map_from_file_names
|
from stack_orchestrator.deploy.deploy_util import parsed_pod_files_map_from_file_names
|
||||||
from stack_orchestrator.deploy.deployer import DeployerException
|
from stack_orchestrator.deploy.deployer import DeployerException
|
||||||
@ -45,33 +44,6 @@ def destroy_cluster(name: str):
|
|||||||
_run_command(f"kind delete cluster --name {name}")
|
_run_command(f"kind delete cluster --name {name}")
|
||||||
|
|
||||||
|
|
||||||
def wait_for_ingress_in_kind():
|
|
||||||
core_v1 = client.CoreV1Api()
|
|
||||||
for i in range(20):
|
|
||||||
warned_waiting = False
|
|
||||||
w = watch.Watch()
|
|
||||||
for event in w.stream(func=core_v1.list_namespaced_pod,
|
|
||||||
namespace="ingress-nginx",
|
|
||||||
label_selector="app.kubernetes.io/component=controller",
|
|
||||||
timeout_seconds=30):
|
|
||||||
if event['object'].status.container_statuses:
|
|
||||||
if event['object'].status.container_statuses[0].ready is True:
|
|
||||||
if warned_waiting:
|
|
||||||
print("Ingress controller is ready")
|
|
||||||
return
|
|
||||||
print("Waiting for ingress controller to become ready...")
|
|
||||||
warned_waiting = True
|
|
||||||
error_exit("ERROR: Timed out waiting for ingress to become ready")
|
|
||||||
|
|
||||||
|
|
||||||
def install_ingress_for_kind():
|
|
||||||
api_client = client.ApiClient()
|
|
||||||
ingress_install = os.path.abspath(get_k8s_dir().joinpath("components", "ingress", "ingress-nginx-kind-deploy.yaml"))
|
|
||||||
if opts.o.debug:
|
|
||||||
print("Installing nginx ingress controller in kind cluster")
|
|
||||||
utils.create_from_yaml(api_client, yaml_file=ingress_install)
|
|
||||||
|
|
||||||
|
|
||||||
def load_images_into_kind(kind_cluster_name: str, image_set: Set[str]):
|
def load_images_into_kind(kind_cluster_name: str, image_set: Set[str]):
|
||||||
for image in image_set:
|
for image in image_set:
|
||||||
result = _run_command(f"kind load docker-image {image} --name {kind_cluster_name}")
|
result = _run_command(f"kind load docker-image {image} --name {kind_cluster_name}")
|
||||||
@ -226,8 +198,7 @@ def _generate_kind_mounts(parsed_pod_files, deployment_dir, deployment_context):
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
# TODO: decide if we need this functionality
|
def _generate_kind_port_mappings(parsed_pod_files):
|
||||||
def _generate_kind_port_mappings_from_services(parsed_pod_files):
|
|
||||||
port_definitions = []
|
port_definitions = []
|
||||||
for pod in parsed_pod_files:
|
for pod in parsed_pod_files:
|
||||||
parsed_pod_file = parsed_pod_files[pod]
|
parsed_pod_file = parsed_pod_files[pod]
|
||||||
@ -249,19 +220,6 @@ def _generate_kind_port_mappings_from_services(parsed_pod_files):
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
def _generate_kind_port_mappings(parsed_pod_files):
|
|
||||||
port_definitions = []
|
|
||||||
# For now we just map port 80 for the nginx ingress controller we install in kind
|
|
||||||
port_string = "80"
|
|
||||||
port_definitions.append(f" - containerPort: {port_string}\n hostPort: {port_string}\n")
|
|
||||||
return (
|
|
||||||
"" if len(port_definitions) == 0 else (
|
|
||||||
" extraPortMappings:\n"
|
|
||||||
f"{''.join(port_definitions)}"
|
|
||||||
)
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
# Note: this makes any duplicate definition in b overwrite a
|
# Note: this makes any duplicate definition in b overwrite a
|
||||||
def merge_envs(a: Mapping[str, str], b: Mapping[str, str]) -> Mapping[str, str]:
|
def merge_envs(a: Mapping[str, str], b: Mapping[str, str]) -> Mapping[str, str]:
|
||||||
result = {**a, **b}
|
result = {**a, **b}
|
||||||
@ -326,12 +284,6 @@ def generate_kind_config(deployment_dir: Path, deployment_context):
|
|||||||
"apiVersion: kind.x-k8s.io/v1alpha4\n"
|
"apiVersion: kind.x-k8s.io/v1alpha4\n"
|
||||||
"nodes:\n"
|
"nodes:\n"
|
||||||
"- role: control-plane\n"
|
"- role: control-plane\n"
|
||||||
" kubeadmConfigPatches:\n"
|
|
||||||
" - |\n"
|
|
||||||
" kind: InitConfiguration\n"
|
|
||||||
" nodeRegistration:\n"
|
|
||||||
" kubeletExtraArgs:\n"
|
|
||||||
" node-labels: \"ingress-ready=true\"\n"
|
|
||||||
f"{port_mappings_yml}\n"
|
f"{port_mappings_yml}\n"
|
||||||
f"{mounts_yml}\n"
|
f"{mounts_yml}\n"
|
||||||
)
|
)
|
||||||
|
@ -146,12 +146,6 @@ def get_config_file_dir():
|
|||||||
return source_config_dir
|
return source_config_dir
|
||||||
|
|
||||||
|
|
||||||
def get_k8s_dir():
|
|
||||||
data_dir = Path(__file__).absolute().parent.joinpath("data")
|
|
||||||
source_config_dir = data_dir.joinpath("k8s")
|
|
||||||
return source_config_dir
|
|
||||||
|
|
||||||
|
|
||||||
def get_parsed_deployment_spec(spec_file):
|
def get_parsed_deployment_spec(spec_file):
|
||||||
spec_file_path = Path(spec_file)
|
spec_file_path = Path(spec_file)
|
||||||
try:
|
try:
|
||||||
|
@ -1,146 +0,0 @@
|
|||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
if [ -n "$CERC_SCRIPT_DEBUG" ]; then
|
|
||||||
set -x
|
|
||||||
# Dump environment variables for debugging
|
|
||||||
echo "Environment variables:"
|
|
||||||
env
|
|
||||||
fi
|
|
||||||
|
|
||||||
stack="container-registry"
|
|
||||||
|
|
||||||
# Helper functions: TODO move into a separate file
|
|
||||||
wait_for_pods_started () {
|
|
||||||
for i in {1..50}
|
|
||||||
do
|
|
||||||
local ps_output=$( $TEST_TARGET_SO deployment --dir $test_deployment_dir ps )
|
|
||||||
|
|
||||||
if [[ "$ps_output" == *"Running containers:"* ]]; then
|
|
||||||
# if ready, return
|
|
||||||
return
|
|
||||||
else
|
|
||||||
# if not ready, wait
|
|
||||||
sleep 5
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
# Timed out, error exit
|
|
||||||
echo "waiting for pods to start: FAILED"
|
|
||||||
delete_cluster_exit
|
|
||||||
}
|
|
||||||
|
|
||||||
wait_for_log_output () {
|
|
||||||
for i in {1..50}
|
|
||||||
do
|
|
||||||
|
|
||||||
local log_output=$( $TEST_TARGET_SO deployment --dir $test_deployment_dir logs )
|
|
||||||
|
|
||||||
if [[ ! -z "$log_output" ]]; then
|
|
||||||
# if ready, return
|
|
||||||
return
|
|
||||||
else
|
|
||||||
# if not ready, wait
|
|
||||||
sleep 5
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
# Timed out, error exit
|
|
||||||
echo "waiting for pods log content: FAILED"
|
|
||||||
delete_cluster_exit
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
delete_cluster_exit () {
|
|
||||||
$TEST_TARGET_SO deployment --dir $test_deployment_dir stop --delete-volumes
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
# Note: eventually this test should be folded into ../deploy/
|
|
||||||
# but keeping it separate for now for convenience
|
|
||||||
TEST_TARGET_SO=$( ls -t1 ./package/laconic-so* | head -1 )
|
|
||||||
# Set a non-default repo dir
|
|
||||||
export CERC_REPO_BASE_DIR=~/stack-orchestrator-test/repo-base-dir
|
|
||||||
echo "Testing this package: $TEST_TARGET_SO"
|
|
||||||
echo "Test version command"
|
|
||||||
reported_version_string=$( $TEST_TARGET_SO version )
|
|
||||||
echo "Version reported is: ${reported_version_string}"
|
|
||||||
echo "Cloning repositories into: $CERC_REPO_BASE_DIR"
|
|
||||||
rm -rf $CERC_REPO_BASE_DIR
|
|
||||||
mkdir -p $CERC_REPO_BASE_DIR
|
|
||||||
$TEST_TARGET_SO --stack ${stack} setup-repositories
|
|
||||||
$TEST_TARGET_SO --stack ${stack} build-containers
|
|
||||||
# Test basic stack-orchestrator deploy to k8s
|
|
||||||
test_deployment_dir=$CERC_REPO_BASE_DIR/${stack}-deployment-dir
|
|
||||||
test_deployment_spec=$CERC_REPO_BASE_DIR/${stack}-deployment-spec.yml
|
|
||||||
$TEST_TARGET_SO --stack ${stack} deploy --deploy-to k8s-kind init --output $test_deployment_spec --config CERC_TEST_PARAM_1=PASSED
|
|
||||||
# Check the file now exists
|
|
||||||
if [ ! -f "$test_deployment_spec" ]; then
|
|
||||||
echo "deploy init test: spec file not present"
|
|
||||||
echo "deploy init test: FAILED"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
echo "deploy init test: passed"
|
|
||||||
|
|
||||||
# Switch to a full path for bind mount.
|
|
||||||
volume_name="registry-data"
|
|
||||||
sed -i "s|^\(\s*${volume_name}:$\)$|\1 ${test_deployment_dir}/data/${volume_name}|" $test_deployment_spec
|
|
||||||
|
|
||||||
# Add ingress config to the spec file
|
|
||||||
ed $test_deployment_spec <<IngressSpec
|
|
||||||
/network:/
|
|
||||||
a
|
|
||||||
http-proxy:
|
|
||||||
- host-name: localhost
|
|
||||||
routes:
|
|
||||||
- path: /
|
|
||||||
proxy-to: registry:5000
|
|
||||||
.
|
|
||||||
w
|
|
||||||
q
|
|
||||||
IngressSpec
|
|
||||||
|
|
||||||
$TEST_TARGET_SO --stack ${stack} deploy create --spec-file $test_deployment_spec --deployment-dir $test_deployment_dir
|
|
||||||
# Check the deployment dir exists
|
|
||||||
if [ ! -d "$test_deployment_dir" ]; then
|
|
||||||
echo "deploy create test: deployment directory not present"
|
|
||||||
echo "deploy create test: FAILED"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
echo "deploy create test: passed"
|
|
||||||
|
|
||||||
# Note: this isn't strictly necessary, except we end up trying to push the image into
|
|
||||||
# the kind cluster then fails because it can't be found locally
|
|
||||||
docker pull registry:2.8
|
|
||||||
|
|
||||||
# Try to start the deployment
|
|
||||||
$TEST_TARGET_SO deployment --dir $test_deployment_dir start
|
|
||||||
wait_for_pods_started
|
|
||||||
# Check logs command works
|
|
||||||
wait_for_log_output
|
|
||||||
sleep 1
|
|
||||||
log_output_3=$( $TEST_TARGET_SO deployment --dir $test_deployment_dir logs )
|
|
||||||
if [[ "$log_output_3" == *"listening on"* ]]; then
|
|
||||||
echo "deployment logs test: passed"
|
|
||||||
else
|
|
||||||
echo "deployment logs test: FAILED"
|
|
||||||
echo $log_output_3
|
|
||||||
delete_cluster_exit
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check that we can use the registry
|
|
||||||
# Note: since this pulls from the DockerCo registry without auth it's possible it'll run into rate limiting issues
|
|
||||||
docker pull hello-world
|
|
||||||
docker tag hello-world localhost:80/hello-world
|
|
||||||
docker push localhost:80/hello-world
|
|
||||||
# Then do a quick check that we actually pushed something there
|
|
||||||
# See: https://stackoverflow.com/questions/31251356/how-to-get-a-list-of-images-on-docker-registry-v2
|
|
||||||
registry_response=$(curl -s -X GET http://localhost:80/v2/_catalog)
|
|
||||||
if [[ "$registry_response" == *"{\"repositories\":[\"hello-world\"]}"* ]]; then
|
|
||||||
echo "registry content test: passed"
|
|
||||||
else
|
|
||||||
echo "registry content test: FAILED"
|
|
||||||
echo $registry_response
|
|
||||||
delete_cluster_exit
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Stop and clean up
|
|
||||||
$TEST_TARGET_SO deployment --dir $test_deployment_dir stop --delete-volumes
|
|
||||||
echo "Test passed"
|
|
@ -73,8 +73,8 @@ mkdir -p $CERC_REPO_BASE_DIR
|
|||||||
$TEST_TARGET_SO --stack ${stack} setup-repositories
|
$TEST_TARGET_SO --stack ${stack} setup-repositories
|
||||||
$TEST_TARGET_SO --stack ${stack} build-containers
|
$TEST_TARGET_SO --stack ${stack} build-containers
|
||||||
# Test basic stack-orchestrator deploy to k8s
|
# Test basic stack-orchestrator deploy to k8s
|
||||||
test_deployment_dir=$CERC_REPO_BASE_DIR/${deployment_dir}
|
test_deployment_dir=$CERC_REPO_BASE_DIR/test-${deployment_dir}
|
||||||
test_deployment_spec=$CERC_REPO_BASE_DIR/${spec_file}
|
test_deployment_spec=$CERC_REPO_BASE_DIR/test-${spec_file}
|
||||||
|
|
||||||
$TEST_TARGET_SO --stack ${stack} deploy --deploy-to k8s-kind init --output $test_deployment_spec
|
$TEST_TARGET_SO --stack ${stack} deploy --deploy-to k8s-kind init --output $test_deployment_spec
|
||||||
# Check the file now exists
|
# Check the file now exists
|
||||||
@ -85,9 +85,6 @@ if [ ! -f "$test_deployment_spec" ]; then
|
|||||||
fi
|
fi
|
||||||
echo "deploy init test: passed"
|
echo "deploy init test: passed"
|
||||||
|
|
||||||
# Switch to a full path for the data dir so it gets provisioned as a host bind mounted volume and preserved beyond cluster lifetime
|
|
||||||
sed -i "s|^\(\s*db-data:$\)$|\1 ${test_deployment_dir}/data/db-data|" $test_deployment_spec
|
|
||||||
|
|
||||||
$TEST_TARGET_SO --stack ${stack} deploy create --spec-file $test_deployment_spec --deployment-dir $test_deployment_dir
|
$TEST_TARGET_SO --stack ${stack} deploy create --spec-file $test_deployment_spec --deployment-dir $test_deployment_dir
|
||||||
# Check the deployment dir exists
|
# Check the deployment dir exists
|
||||||
if [ ! -d "$test_deployment_dir" ]; then
|
if [ ! -d "$test_deployment_dir" ]; then
|
||||||
|
Loading…
Reference in New Issue
Block a user