From e04b58fd603427c33ac5cbc0999a88a9f7165202 Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Thu, 31 Oct 2024 10:06:16 +0800 Subject: [PATCH 01/12] PEER-242: Add gcloud node affinity configs Signed-off-by: SeeuSim --- k8s-gcloud/01-ns.yaml | 6 + k8s-gcloud/02-collab-api-network.yaml | 22 +++ k8s-gcloud/02-collab-db-network.yaml | 22 +++ k8s-gcloud/02-match-api-network.yaml | 22 +++ k8s-gcloud/02-match-db-network.yaml | 22 +++ k8s-gcloud/02-question-api-network.yaml | 22 +++ k8s-gcloud/02-question-db-network.yaml | 22 +++ k8s-gcloud/02-user-api-network.yaml | 22 +++ k8s-gcloud/02-user-db-network.yaml | 22 +++ k8s-gcloud/03-collab-db-deployment.yaml | 77 +++++++++++ k8s-gcloud/03-collab-db-service.yaml | 17 +++ k8s-gcloud/03-match-db-deployment.yaml | 73 ++++++++++ k8s-gcloud/03-match-db-service.yaml | 17 +++ k8s-gcloud/03-question-db-deployment.yaml | 77 +++++++++++ k8s-gcloud/03-question-db-service.yaml | 17 +++ k8s-gcloud/03-user-db-deployment.yaml | 77 +++++++++++ k8s-gcloud/03-user-db-service.yaml | 17 +++ k8s-gcloud/04-collab-svc-deployment.yaml | 97 +++++++++++++ k8s-gcloud/04-collab-svc-hpa.yaml | 19 +++ k8s-gcloud/04-collab-svc-service.yaml | 17 +++ k8s-gcloud/04-match-svc-deployment.yaml | 117 ++++++++++++++++ k8s-gcloud/04-match-svc-service.yaml | 17 +++ k8s-gcloud/04-question-svc-deployment.yaml | 97 +++++++++++++ k8s-gcloud/04-question-svc-hpa.yaml | 19 +++ k8s-gcloud/04-question-svc-service.yaml | 17 +++ k8s-gcloud/04-user-svc-deployment.yaml | 97 +++++++++++++ k8s-gcloud/04-user-svc-hpa.yaml | 19 +++ k8s-gcloud/04-user-svc-service.yaml | 17 +++ k8s-gcloud/05-frontend-deployment.yaml | 94 +++++++++++++ k8s-gcloud/05-frontend-hpa.yaml | 19 +++ k8s-gcloud/05-frontend-service.yaml | 17 +++ k8s-gcloud/README.md | 153 +++++++++++++++++++++ k8s-gcloud/ingress/gcloud-ingress.yaml | 24 ++++ 33 files changed, 1394 insertions(+) create mode 100644 k8s-gcloud/01-ns.yaml create mode 100644 k8s-gcloud/02-collab-api-network.yaml create mode 100644 k8s-gcloud/02-collab-db-network.yaml create mode 100644 k8s-gcloud/02-match-api-network.yaml create mode 100644 k8s-gcloud/02-match-db-network.yaml create mode 100644 k8s-gcloud/02-question-api-network.yaml create mode 100644 k8s-gcloud/02-question-db-network.yaml create mode 100644 k8s-gcloud/02-user-api-network.yaml create mode 100644 k8s-gcloud/02-user-db-network.yaml create mode 100644 k8s-gcloud/03-collab-db-deployment.yaml create mode 100644 k8s-gcloud/03-collab-db-service.yaml create mode 100644 k8s-gcloud/03-match-db-deployment.yaml create mode 100644 k8s-gcloud/03-match-db-service.yaml create mode 100644 k8s-gcloud/03-question-db-deployment.yaml create mode 100644 k8s-gcloud/03-question-db-service.yaml create mode 100644 k8s-gcloud/03-user-db-deployment.yaml create mode 100644 k8s-gcloud/03-user-db-service.yaml create mode 100644 k8s-gcloud/04-collab-svc-deployment.yaml create mode 100644 k8s-gcloud/04-collab-svc-hpa.yaml create mode 100644 k8s-gcloud/04-collab-svc-service.yaml create mode 100644 k8s-gcloud/04-match-svc-deployment.yaml create mode 100644 k8s-gcloud/04-match-svc-service.yaml create mode 100644 k8s-gcloud/04-question-svc-deployment.yaml create mode 100644 k8s-gcloud/04-question-svc-hpa.yaml create mode 100644 k8s-gcloud/04-question-svc-service.yaml create mode 100644 k8s-gcloud/04-user-svc-deployment.yaml create mode 100644 k8s-gcloud/04-user-svc-hpa.yaml create mode 100644 k8s-gcloud/04-user-svc-service.yaml create mode 100644 k8s-gcloud/05-frontend-deployment.yaml create mode 100644 k8s-gcloud/05-frontend-hpa.yaml create mode 100644 k8s-gcloud/05-frontend-service.yaml create mode 100644 k8s-gcloud/README.md create mode 100644 k8s-gcloud/ingress/gcloud-ingress.yaml diff --git a/k8s-gcloud/01-ns.yaml b/k8s-gcloud/01-ns.yaml new file mode 100644 index 0000000000..7c72c98d60 --- /dev/null +++ b/k8s-gcloud/01-ns.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: peerprep + labels: + project: peerprep \ No newline at end of file diff --git a/k8s-gcloud/02-collab-api-network.yaml b/k8s-gcloud/02-collab-api-network.yaml new file mode 100644 index 0000000000..56b58b80d7 --- /dev/null +++ b/k8s-gcloud/02-collab-api-network.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: collab-api-network-policy + namespace: peerprep +spec: + podSelector: + matchLabels: + peerprep.network.collab-api: "true" + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: + matchLabels: + peerprep.network.collab-api: "true" + egress: + - to: + - podSelector: + matchLabels: + peerprep.network.collab-api: "true" diff --git a/k8s-gcloud/02-collab-db-network.yaml b/k8s-gcloud/02-collab-db-network.yaml new file mode 100644 index 0000000000..ebad95cadb --- /dev/null +++ b/k8s-gcloud/02-collab-db-network.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: collab-db-network-policy + namespace: peerprep +spec: + podSelector: + matchLabels: + peerprep.network.collab-db: "true" + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: + matchLabels: + peerprep.network.collab-db: "true" + egress: + - to: + - podSelector: + matchLabels: + peerprep.network.collab-db: "true" diff --git a/k8s-gcloud/02-match-api-network.yaml b/k8s-gcloud/02-match-api-network.yaml new file mode 100644 index 0000000000..f6a0be00ab --- /dev/null +++ b/k8s-gcloud/02-match-api-network.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: match-api-network-policy + namespace: peerprep +spec: + podSelector: + matchLabels: + peerprep.network.match-api: "true" + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: + matchLabels: + peerprep.network.match-api: "true" + egress: + - to: + - podSelector: + matchLabels: + peerprep.network.match-api: "true" diff --git a/k8s-gcloud/02-match-db-network.yaml b/k8s-gcloud/02-match-db-network.yaml new file mode 100644 index 0000000000..fef32c425b --- /dev/null +++ b/k8s-gcloud/02-match-db-network.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: match-db-network-policy + namespace: peerprep +spec: + podSelector: + matchLabels: + peerprep.network.match-db: "true" + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: + matchLabels: + peerprep.network.match-db: "true" + egress: + - to: + - podSelector: + matchLabels: + peerprep.network.match-db: "true" diff --git a/k8s-gcloud/02-question-api-network.yaml b/k8s-gcloud/02-question-api-network.yaml new file mode 100644 index 0000000000..587e8b752c --- /dev/null +++ b/k8s-gcloud/02-question-api-network.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: question-api-network-policy + namespace: peerprep +spec: + podSelector: + matchLabels: + peerprep.network.question-api: "true" + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: + matchLabels: + peerprep.network.question-api: "true" + egress: + - to: + - podSelector: + matchLabels: + peerprep.network.question-api: "true" diff --git a/k8s-gcloud/02-question-db-network.yaml b/k8s-gcloud/02-question-db-network.yaml new file mode 100644 index 0000000000..f89184da75 --- /dev/null +++ b/k8s-gcloud/02-question-db-network.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: question-db-network-policy + namespace: peerprep +spec: + podSelector: + matchLabels: + peerprep.network.question-db: "true" + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: + matchLabels: + peerprep.network.question-db: "true" + egress: + - to: + - podSelector: + matchLabels: + peerprep.network.question-db: "true" diff --git a/k8s-gcloud/02-user-api-network.yaml b/k8s-gcloud/02-user-api-network.yaml new file mode 100644 index 0000000000..ff734c248c --- /dev/null +++ b/k8s-gcloud/02-user-api-network.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: user-api-network-policy + namespace: peerprep +spec: + podSelector: + matchLabels: + peerprep.network.user-api: "true" + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: + matchLabels: + peerprep.network.user-api: "true" + egress: + - to: + - podSelector: + matchLabels: + peerprep.network.user-api: "true" \ No newline at end of file diff --git a/k8s-gcloud/02-user-db-network.yaml b/k8s-gcloud/02-user-db-network.yaml new file mode 100644 index 0000000000..31143171e8 --- /dev/null +++ b/k8s-gcloud/02-user-db-network.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: user-db-network-policy + namespace: peerprep +spec: + podSelector: + matchLabels: + peerprep.network.user-db: "true" + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: + matchLabels: + peerprep.network.user-db: "true" + egress: + - to: + - podSelector: + matchLabels: + peerprep.network.user-db: "true" \ No newline at end of file diff --git a/k8s-gcloud/03-collab-db-deployment.yaml b/k8s-gcloud/03-collab-db-deployment.yaml new file mode 100644 index 0000000000..d64b6bd117 --- /dev/null +++ b/k8s-gcloud/03-collab-db-deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: collab-db + namespace: peerprep + labels: + project: peerprep + peerprep.service: collab-db +spec: + serviceName: collab-db + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: collab-db + template: + metadata: + labels: + project: peerprep + peerprep.service: collab-db + peerprep.network.collab-db: "true" + spec: + restartPolicy: Always + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: peerprep-nodepool + operator: In + values: + - non-preemptible + containers: + - name: postgres + image: postgres:16.4 + imagePullPolicy: IfNotPresent + env: + - name: PGDATA + value: /data/collab-db + - name: POSTGRES_DB + value: collab + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: collaboration-secret + key: POSTGRES_USER + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: collaboration-secret + key: POSTGRES_PASSWORD + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB" + periodSeconds: 10 + initialDelaySeconds: 30 + timeoutSeconds: 10 + failureThreshold: 5 + ports: + - name: collab-db-5432 + containerPort: 5432 + volumeMounts: + - name: collab-db-vol + mountPath: /data/collab-db + volumeClaimTemplates: + - metadata: + name: collab-db-vol + spec: + accessModes: ["ReadWriteOnce"] + storageClassName: "standard" # Update this based on your storage class + resources: + requests: + storage: 500Mi # Define your storage requirement diff --git a/k8s-gcloud/03-collab-db-service.yaml b/k8s-gcloud/03-collab-db-service.yaml new file mode 100644 index 0000000000..ab29241da1 --- /dev/null +++ b/k8s-gcloud/03-collab-db-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: collab-db + namespace: peerprep + labels: + project: peerprep + peerprep.service: collab-db +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: collab-db + ports: + - name: collab-db-5432 + port: 5432 + targetPort: collab-db-5432 diff --git a/k8s-gcloud/03-match-db-deployment.yaml b/k8s-gcloud/03-match-db-deployment.yaml new file mode 100644 index 0000000000..d685c944b9 --- /dev/null +++ b/k8s-gcloud/03-match-db-deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: match-db + namespace: peerprep + labels: + project: peerprep + peerprep.service: match-db +spec: + serviceName: match-db + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: match-db + template: + metadata: + labels: + project: peerprep + peerprep.service: match-db + peerprep.network.match-db: "true" + spec: + restartPolicy: Always + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: peerprep-nodepool + operator: In + values: + - non-preemptible + containers: + - name: redis + image: redis/redis-stack-server + imagePullPolicy: IfNotPresent + env: + - name: MATCHING_DB_PASSWORD + valueFrom: + secretKeyRef: + name: matching-secret + key: MATCHING_DB_PASSWORD + - name: REDIS_ARGS + valueFrom: + secretKeyRef: + name: matching-secret + key: REDIS_ARGS + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + redis-cli -a "$MATCHING_DB_PASSWORD" --raw incr ping + periodSeconds: 10 + initialDelaySeconds: 30 + timeoutSeconds: 10 + failureThreshold: 5 + ports: + - name: match-db-6379 + containerPort: 6379 + volumeMounts: + - name: match-db-vol + mountPath: /data + volumeClaimTemplates: + - metadata: + name: match-db-vol + spec: + accessModes: ["ReadWriteOnce"] + storageClassName: "standard" # Update this based on your storage class + resources: + requests: + storage: 500Mi # Define your storage requirement diff --git a/k8s-gcloud/03-match-db-service.yaml b/k8s-gcloud/03-match-db-service.yaml new file mode 100644 index 0000000000..7e63410223 --- /dev/null +++ b/k8s-gcloud/03-match-db-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: match-db + namespace: peerprep + labels: + project: peerprep + peerprep.service: match-db +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: match-db + ports: + - name: match-db-6379 + port: 6379 + targetPort: match-db-6379 diff --git a/k8s-gcloud/03-question-db-deployment.yaml b/k8s-gcloud/03-question-db-deployment.yaml new file mode 100644 index 0000000000..4e260bac08 --- /dev/null +++ b/k8s-gcloud/03-question-db-deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: question-db + namespace: peerprep + labels: + project: peerprep + peerprep.service: question-db +spec: + serviceName: question-db + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: question-db + template: + metadata: + labels: + project: peerprep + peerprep.service: question-db + peerprep.network.question-db: "true" + spec: + restartPolicy: Always + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: peerprep-nodepool + operator: In + values: + - non-preemptible + containers: + - name: postgres + image: postgres:16.4 + imagePullPolicy: IfNotPresent + env: + - name: PGDATA + value: /data/question-db + - name: POSTGRES_DB + value: question + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: question-secret + key: POSTGRES_USER + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: question-secret + key: POSTGRES_PASSWORD + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB" + periodSeconds: 10 + initialDelaySeconds: 30 + timeoutSeconds: 10 + failureThreshold: 5 + ports: + - name: qn-db-5432 + containerPort: 5432 + volumeMounts: + - name: question-db-vol + mountPath: /data/question-db + volumeClaimTemplates: + - metadata: + name: question-db-vol + spec: + accessModes: ["ReadWriteOnce"] + storageClassName: "standard" # Update this based on your storage class + resources: + requests: + storage: 500Mi # Define your storage requirement diff --git a/k8s-gcloud/03-question-db-service.yaml b/k8s-gcloud/03-question-db-service.yaml new file mode 100644 index 0000000000..4b366ef937 --- /dev/null +++ b/k8s-gcloud/03-question-db-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: question-db + namespace: peerprep + labels: + project: peerprep + peerprep.service: question-db +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: question-db + ports: + - name: qn-db-5432 + port: 5432 + targetPort: qn-db-5432 diff --git a/k8s-gcloud/03-user-db-deployment.yaml b/k8s-gcloud/03-user-db-deployment.yaml new file mode 100644 index 0000000000..8612207c0d --- /dev/null +++ b/k8s-gcloud/03-user-db-deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: user-db + namespace: peerprep + labels: + project: peerprep + peerprep.service: user-db +spec: + serviceName: user-db + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: user-db + template: + metadata: + labels: + project: peerprep + peerprep.service: user-db + peerprep.network.user-db: "true" + spec: + restartPolicy: Always + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: peerprep-nodepool + operator: In + values: + - non-preemptible + containers: + - name: postgres + image: postgres:16.4 + imagePullPolicy: IfNotPresent + env: + - name: PGDATA + value: /data/user-db + - name: POSTGRES_DB + value: user + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: user-secret + key: POSTGRES_USER + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: user-secret + key: POSTGRES_PASSWORD + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB" + periodSeconds: 10 + initialDelaySeconds: 30 + timeoutSeconds: 10 + failureThreshold: 5 + ports: + - name: user-db-ctr + containerPort: 5432 + volumeMounts: + - name: user-db-vol + mountPath: /data/user-db + volumeClaimTemplates: + - metadata: + name: user-db-vol + spec: + accessModes: ["ReadWriteOnce"] + storageClassName: "standard" # Update this based on your storage class + resources: + requests: + storage: 500Mi # Define your storage requirement diff --git a/k8s-gcloud/03-user-db-service.yaml b/k8s-gcloud/03-user-db-service.yaml new file mode 100644 index 0000000000..e429a02761 --- /dev/null +++ b/k8s-gcloud/03-user-db-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: user-db + namespace: peerprep + labels: + project: peerprep + peerprep.service: user-db +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: user-db + ports: + - name: user-db-svc + port: 5432 + targetPort: user-db-ctr diff --git a/k8s-gcloud/04-collab-svc-deployment.yaml b/k8s-gcloud/04-collab-svc-deployment.yaml new file mode 100644 index 0000000000..a545b2e47a --- /dev/null +++ b/k8s-gcloud/04-collab-svc-deployment.yaml @@ -0,0 +1,97 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: collab-service + namespace: peerprep + labels: + project: peerprep + peerprep.service: collab-service +spec: + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: collab-service + strategy: + type: Recreate + template: + metadata: + labels: + project: peerprep + peerprep.service: collab-service + peerprep.network.collab-api: "true" + peerprep.network.collab-db: "true" + spec: + initContainers: + - name: wait-for-postgres + image: postgres:16.4 + env: + - name: PGHOST + valueFrom: + secretKeyRef: + name: collaboration-secret + key: EXPRESS_DB_HOST + - name: PGPORT + valueFrom: + secretKeyRef: + name: collaboration-secret + key: EXPRESS_DB_PORT + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: collaboration-secret + key: POSTGRES_PASSWORD + - name: PGUSER + valueFrom: + secretKeyRef: + name: collaboration-secret + key: POSTGRES_USER + - name: PGDATABASE + valueFrom: + secretKeyRef: + name: collaboration-secret + key: POSTGRES_DB + command: + - /bin/sh + - -c + - | + while ! psql -c 'SELECT 1' > /dev/null 2>&1; do + echo "Waiting for $PGDATABASE" + sleep 1 + done + echo "$PGDATABASE is ready!" + + containers: + - name: collab-express + image: ay2425s1cs3219g16/collab-express:latest + imagePullPolicy: IfNotPresent + envFrom: + - secretRef: + name: collaboration-secret + env: + # When load testing, it exposes port 80 by default. + - name: LOAD_TEST_POD + value: http://collab-service-load-test + - name: PEERPREP_UI_HOST + value: http://frontend + livenessProbe: + exec: + command: + - /bin/sh + - -c + - wget --no-verbose --tries=1 --spider http://localhost:9003/health || exit 1 + periodSeconds: 30 + initialDelaySeconds: 5 + timeoutSeconds: 10 + failureThreshold: 5 + ports: + - name: collab-svc-ctr + containerPort: 9003 + resources: + requests: + cpu: 500m + memory: 512Mi + limits: + cpu: "1" + memory: 1Gi + \ No newline at end of file diff --git a/k8s-gcloud/04-collab-svc-hpa.yaml b/k8s-gcloud/04-collab-svc-hpa.yaml new file mode 100644 index 0000000000..af31213f4c --- /dev/null +++ b/k8s-gcloud/04-collab-svc-hpa.yaml @@ -0,0 +1,19 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: collab-service-hpa + namespace: peerprep +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: collab-service + minReplicas: 1 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 30 diff --git a/k8s-gcloud/04-collab-svc-service.yaml b/k8s-gcloud/04-collab-svc-service.yaml new file mode 100644 index 0000000000..867b33e953 --- /dev/null +++ b/k8s-gcloud/04-collab-svc-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: collab-service + namespace: peerprep + labels: + project: peerprep + peerprep.service: collab-service +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: collab-service + ports: + - name: collab-svc-prt + port: 9003 + targetPort: collab-svc-ctr diff --git a/k8s-gcloud/04-match-svc-deployment.yaml b/k8s-gcloud/04-match-svc-deployment.yaml new file mode 100644 index 0000000000..8d849ca10b --- /dev/null +++ b/k8s-gcloud/04-match-svc-deployment.yaml @@ -0,0 +1,117 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: matching-service + namespace: peerprep + labels: + project: peerprep + peerprep.service: matching-service +spec: + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: matching-service + strategy: + type: Recreate + template: + metadata: + labels: + project: peerprep + peerprep.service: matching-service + peerprep.network.match-api: "true" + peerprep.network.match-db: "true" + peerprep.network.user-api: "true" + peerprep.network.question-api: "true" + peerprep.network.collab-api: "true" + spec: + initContainers: + - name: wait-for-services + image: redis:alpine + env: + - name: MATCHING_DB_USER + valueFrom: + secretKeyRef: + name: matching-secret + key: MATCHING_DB_PASSWORD + - name: MATCHING_DB_PASSWORD + valueFrom: + secretKeyRef: + name: matching-secret + key: MATCHING_DB_PASSWORD + - name: MATCHING_DB_HOST + value: match-db + - name: PEERPREP_USER_HOST + value: http://user-service:9001 + - name: PEERPREP_QUESTION_HOST + value: http://question-service:9002 + - name: PEERPREP_COLLAB_HOST + value: http://collab-service:9003 + command: + - /bin/sh + - -c + - | + until REDISCLI_AUTH="$MATCHING_DB_PASSWORD" redis-cli -h "$MATCHING_DB_HOST" --user "$MATCHING_DB_USERNAME" ping; do + echo "Waiting for Redis to be ready..." + sleep 2 + done & + + until wget --no-verbose --tries=1 --spider "$PEERPREP_USER_HOST/health"; do + echo "Waiting for User Service" + sleep 2 + done & + + until wget --no-verbose --tries=1 --spider "$PEERPREP_QUESTION_HOST/health"; do + echo "Waiting for Question Service" + sleep 2 + done & + + until wget --no-verbose --tries=1 --spider "$PEERPREP_COLLAB_HOST/health"; do + echo "Waiting for Collaboration Service" + sleep 2 + done & + + wait + echo "All services healthy" + + containers: + - name: match-express + image: ay2425s1cs3219g16/match-express:latest + imagePullPolicy: IfNotPresent + envFrom: + - secretRef: + name: matching-secret + env: + - name: MATCHING_DB_HOSTNAME + value: match-db + - name: MATCHING_DB_PORT + value: "6379" + - name: PEERPREP_UI_HOST + value: http://frontend:3000 + - name: PEERPREP_USER_HOST + value: http://user-service:9001 + - name: PEERPREP_QUESTION_HOST + value: http://question-service:9002 + - name: PEERPREP_COLLAB_HOST + value: http://collab-service:9003 + livenessProbe: + exec: + command: + - /bin/sh + - -c + - wget --no-verbose --tries=1 --spider http://localhost:9004/health || exit 1 + periodSeconds: 30 + initialDelaySeconds: 5 + timeoutSeconds: 10 + failureThreshold: 5 + ports: + - name: match-svc-ctr + containerPort: 9004 + resources: + requests: + cpu: 500m + memory: 512Mi + limits: + cpu: "1" + memory: 1Gi + \ No newline at end of file diff --git a/k8s-gcloud/04-match-svc-service.yaml b/k8s-gcloud/04-match-svc-service.yaml new file mode 100644 index 0000000000..4fa1e82fea --- /dev/null +++ b/k8s-gcloud/04-match-svc-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: matching-service + namespace: peerprep + labels: + project: peerprep + peerprep.service: matching-service +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: matching-service + ports: + - name: match-svc-prt + port: 9004 + targetPort: match-svc-ctr diff --git a/k8s-gcloud/04-question-svc-deployment.yaml b/k8s-gcloud/04-question-svc-deployment.yaml new file mode 100644 index 0000000000..ab59288f19 --- /dev/null +++ b/k8s-gcloud/04-question-svc-deployment.yaml @@ -0,0 +1,97 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: question-service + namespace: peerprep + labels: + project: peerprep + peerprep.service: question-service +spec: + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: question-service + strategy: + type: Recreate + template: + metadata: + labels: + project: peerprep + peerprep.service: question-service + peerprep.network.question-api: "true" + peerprep.network.question-db: "true" + spec: + initContainers: + - name: wait-for-postgres + image: postgres:16.4 + env: + - name: PGHOST + valueFrom: + secretKeyRef: + name: question-secret + key: EXPRESS_DB_HOST + - name: PGPORT + valueFrom: + secretKeyRef: + name: question-secret + key: EXPRESS_DB_PORT + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: question-secret + key: POSTGRES_PASSWORD + - name: PGUSER + valueFrom: + secretKeyRef: + name: question-secret + key: POSTGRES_USER + - name: PGDATABASE + valueFrom: + secretKeyRef: + name: question-secret + key: POSTGRES_DB + command: + - /bin/sh + - -c + - | + while ! psql -c 'SELECT 1' > /dev/null 2>&1; do + echo "Waiting for $PGDATABASE" + sleep 1 + done + echo "$PGDATABASE is ready!" + + containers: + - name: question-express + image: ay2425s1cs3219g16/question-express:latest + imagePullPolicy: IfNotPresent + envFrom: + - secretRef: + name: question-secret + env: + # When load testing, it exposes port 80 by default. + - name: LOAD_TEST_POD + value: http://question-service-load-test + - name: PEERPREP_UI_HOST + value: http://frontend + livenessProbe: + exec: + command: + - /bin/sh + - -c + - wget --no-verbose --tries=1 --spider http://localhost:9002/health || exit 1 + periodSeconds: 30 + initialDelaySeconds: 5 + timeoutSeconds: 10 + failureThreshold: 5 + ports: + - name: qn-svc-ctr + containerPort: 9002 + resources: + requests: + cpu: 250m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + \ No newline at end of file diff --git a/k8s-gcloud/04-question-svc-hpa.yaml b/k8s-gcloud/04-question-svc-hpa.yaml new file mode 100644 index 0000000000..6764e3d237 --- /dev/null +++ b/k8s-gcloud/04-question-svc-hpa.yaml @@ -0,0 +1,19 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: question-service-hpa + namespace: peerprep +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: question-service + minReplicas: 1 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 30 diff --git a/k8s-gcloud/04-question-svc-service.yaml b/k8s-gcloud/04-question-svc-service.yaml new file mode 100644 index 0000000000..a070fddb9b --- /dev/null +++ b/k8s-gcloud/04-question-svc-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: question-service + namespace: peerprep + labels: + project: peerprep + peerprep.service: question-service +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: question-service + ports: + - name: qn-svc-prt + port: 9002 + targetPort: qn-svc-ctr diff --git a/k8s-gcloud/04-user-svc-deployment.yaml b/k8s-gcloud/04-user-svc-deployment.yaml new file mode 100644 index 0000000000..f5cead51bd --- /dev/null +++ b/k8s-gcloud/04-user-svc-deployment.yaml @@ -0,0 +1,97 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service + namespace: peerprep + labels: + project: peerprep + peerprep.service: user-service +spec: + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: user-service + strategy: + type: Recreate + template: + metadata: + labels: + project: peerprep + peerprep.service: user-service + peerprep.network.user-api: "true" + peerprep.network.user-db: "true" + spec: + initContainers: + - name: wait-for-postgres + image: postgres:16.4 + env: + - name: PGHOST + valueFrom: + secretKeyRef: + name: user-secret + key: EXPRESS_DB_HOST + - name: PGPORT + valueFrom: + secretKeyRef: + name: user-secret + key: EXPRESS_DB_PORT + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: user-secret + key: POSTGRES_PASSWORD + - name: PGUSER + valueFrom: + secretKeyRef: + name: user-secret + key: POSTGRES_USER + - name: PGDATABASE + valueFrom: + secretKeyRef: + name: user-secret + key: POSTGRES_DB + command: + - /bin/sh + - -c + - | + while ! psql -c 'SELECT 1' > /dev/null 2>&1; do + echo "Waiting for $PGDATABASE" + sleep 1 + done + echo "$PGDATABASE is ready!" + + containers: + - name: user-express + image: ay2425s1cs3219g16/user-express:latest + imagePullPolicy: IfNotPresent + envFrom: + - secretRef: + name: user-secret + env: + # When load testing, it exposes port 80 by default. + - name: LOAD_TEST_POD + value: http://user-service-load-test + - name: PEERPREP_UI_HOST + value: http://frontend:3000 + livenessProbe: + exec: + command: + - /bin/sh + - -c + - wget --no-verbose --tries=1 --spider http://localhost:9001/health || exit 1 + periodSeconds: 30 + initialDelaySeconds: 5 + timeoutSeconds: 10 + failureThreshold: 5 + ports: + - name: user-svc-ctr + containerPort: 9001 + resources: + requests: + cpu: 250m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + \ No newline at end of file diff --git a/k8s-gcloud/04-user-svc-hpa.yaml b/k8s-gcloud/04-user-svc-hpa.yaml new file mode 100644 index 0000000000..d64876db82 --- /dev/null +++ b/k8s-gcloud/04-user-svc-hpa.yaml @@ -0,0 +1,19 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: user-service-hpa + namespace: peerprep +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: user-service + minReplicas: 1 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 30 diff --git a/k8s-gcloud/04-user-svc-service.yaml b/k8s-gcloud/04-user-svc-service.yaml new file mode 100644 index 0000000000..8d0367c1ce --- /dev/null +++ b/k8s-gcloud/04-user-svc-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: user-service + namespace: peerprep + labels: + project: peerprep + peerprep.service: user-service +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: user-service + ports: + - name: user-svc-prt + port: 9001 + targetPort: user-svc-ctr diff --git a/k8s-gcloud/05-frontend-deployment.yaml b/k8s-gcloud/05-frontend-deployment.yaml new file mode 100644 index 0000000000..f7169558d2 --- /dev/null +++ b/k8s-gcloud/05-frontend-deployment.yaml @@ -0,0 +1,94 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: frontend + namespace: peerprep + labels: + project: peerprep + peerprep.service: frontend +spec: + replicas: 1 + selector: + matchLabels: + project: peerprep + peerprep.service: frontend + strategy: + type: Recreate + template: + metadata: + labels: + project: peerprep + peerprep.service: frontend + peerprep.network.match-api: "true" + peerprep.network.user-api: "true" + peerprep.network.question-api: "true" + peerprep.network.collab-api: "true" + spec: + initContainers: + - name: wait-for-services + image: node:lts-alpine + env: + - name: VITE_USER_SERVICE + value: http://user-service:9001 + - name: VITE_QUESTION_SERVICE + value: http://question-service:9002 + - name: VITE_COLLAB_SERVICE + value: http://collab-service:9003 + - name: VITE_MATCHING_SERVICE + value: http://matching-service:9004 + command: + - /bin/sh + - -c + - | + until wget --no-verbose --tries=1 --spider "$VITE_USER_SERVICE/health"; do + echo "Waiting for User Service" + sleep 2 + done & + + until wget --no-verbose --tries=1 --spider "$VITE_QUESTION_SERVICE/health"; do + echo "Waiting for Question Service" + sleep 2 + done & + + until wget --no-verbose --tries=1 --spider "$VITE_COLLAB_SERVICE/health"; do + echo "Waiting for Collaboration Service" + sleep 2 + done & + + until wget --no-verbose --tries=1 --spider "$VITE_MATCHING_SERVICE/health"; do + echo "Waiting for Matching Service" + sleep 2 + done & + + wait + echo "All services healthy" + + containers: + - name: frontend + image: ay2425s1cs3219g16/frontend:latest + imagePullPolicy: IfNotPresent + envFrom: + - secretRef: + name: frontend-secret + env: + - name: FRONTEND_PORT + value: "3000" + - name: VITE_USER_SERVICE + value: http://user-service:9001 + - name: VITE_QUESTION_SERVICE + value: http://question-service:9002 + - name: VITE_COLLAB_SERVICE + value: http://collab-service:9003 + - name: VITE_MATCHING_SERVICE + value: http://matching-service:9004 + ports: + - name: frontend-ctr + containerPort: 3000 + resources: + requests: + cpu: 250m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + \ No newline at end of file diff --git a/k8s-gcloud/05-frontend-hpa.yaml b/k8s-gcloud/05-frontend-hpa.yaml new file mode 100644 index 0000000000..66a4d5ce6f --- /dev/null +++ b/k8s-gcloud/05-frontend-hpa.yaml @@ -0,0 +1,19 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: frontend-hpa + namespace: peerprep +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: frontend + minReplicas: 1 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 30 diff --git a/k8s-gcloud/05-frontend-service.yaml b/k8s-gcloud/05-frontend-service.yaml new file mode 100644 index 0000000000..277b9799cd --- /dev/null +++ b/k8s-gcloud/05-frontend-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: frontend + namespace: peerprep + labels: + project: peerprep + peerprep.service: frontend +spec: + type: ClusterIP + selector: + project: peerprep + peerprep.service: frontend + ports: + - name: frontend-prt + port: 3000 + targetPort: frontend-ctr diff --git a/k8s-gcloud/README.md b/k8s-gcloud/README.md new file mode 100644 index 0000000000..6e3c8b0673 --- /dev/null +++ b/k8s-gcloud/README.md @@ -0,0 +1,153 @@ +# Kubernetes Instructions + +## Table of Contents + +- [Prerequisites](#prerequisites) +- [Getting Started](#getting-started) +- [Load Testing](#load-testing) +- [Exposing the Ingress Controller](#exposing-the-ingress-controller) +- [Running the Minikube Service without Ingress](#running-the-minikube-service-without-ingress) +- [GKE Instructions](#gke-instructions) + +## Prerequisites + +- [**Minikube**](https://minikube.sigs.k8s.io/docs/) + + To run a local Kubernetes cluster, we recommend using Minikube on your local machine. + +## Getting Started + +1. Ensure that the Metrics Server add-on is enabled. Else, the autoscaling and ingress will not work. + +2. For Minikube: + + ```sh + # For Horizontal Pod Autoscaling + minikube addons enable metrics-server + + # For Nginx Ingress Controller + # Install + minikube addons enable ingress + # Verify + kubectl get pods -n ingress-nginx + ``` + +3. For Kubernetes: + + ```sh + # Metric Server + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + + # Ingress Controller + # Install + kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.44.0/deploy/static/provider/cloud/deploy.yaml + # Deploy with load balancer (GKE, AKS, EKS) + kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.44.0/deploy/static/provider/cloud/deploy.yaml + # Validate + kubectl get pods --all-namespaces -l app.kubernetes.io/name=ingress-nginx + kubectl get services ingress-nginx-controller --namespace=ingress-nginx + ``` + +4. Run the command from the project root: + + ```sh + make k8s-up + ``` + +## Load Testing + +1. Run the load test script: + + ```sh + ./scripts/k8s-test-load.sh + ``` + + In its current configuration, it will run a load testing container to ping the user-service. + Add more services and their respective ports as desired. + + Also, this will ping the service's `/health` endpoint, if configured. Else, it will not work. + +2. Run the command: + + ```sh + kubectl -n peerprep get all + ``` + + You should be able to see the Horizontal Pod AutoScaler scaling up the services in respond to + resource demand. + +3. Run Ctrl+C to interrupt and + terminate the load tester. + +## Exposing the Ingress Controller + +1. If you haven't already, run the command from the project root: + + ```sh + make k8s-up + ``` + +2. Run the command to set up the ingress controller: + + ```sh + kubectl apply -f ./k8s/ingress/nginx-ingress.yaml + ``` + + It should take a couple of minutes. Once done, you should run this command: + + ```sh + kubectl -n peerprep get ingress + + # You should see a similar output: + # NAME CLASS HOSTS ADDRESS PORTS AGE + # peerprep-ingress nginx peerprep-g16.net 172.17.0.15 80 38s + ``` + +3. Run the command to expose the ingress controller: + + ```sh + minikube tunnel + ``` + +4. Edit your `/etc/hosts` file and add the following at the bottom: + + ```txt + 127.0.0.1 peerprep-g16.net + ``` + +5. If there is already an entry that points to `localhost`, comment it out temporarily. + + ```txt + 127.0.0.1 localhost # <- Comment this out, it should look like this ↙️ + + # 127.0.0.1 localhost + 127.0.0.1 peerprep-g16.net + ``` + +6. Visit `http://peerprep-g16.net` in your browser. + +7. When done, reset your `/etc/hosts` file to its original state. + +8. Run Ctrl+C on the **Minikube Tunnel** to stop it. + +## Running the Minikube Service without Ingress + +1. Run the command to set up the cluster: + + ```sh + make k8s-up + ``` + +2. Expose the service: + + ```sh + minikube -n peerprep service frontend + ``` + + A browser window should launch, directing you to the application's frontend. + +## GKE Instructions + +To be added. + + diff --git a/k8s-gcloud/ingress/gcloud-ingress.yaml b/k8s-gcloud/ingress/gcloud-ingress.yaml new file mode 100644 index 0000000000..069987e83f --- /dev/null +++ b/k8s-gcloud/ingress/gcloud-ingress.yaml @@ -0,0 +1,24 @@ +# To be edited + +# apiVersion: networking.k8s.io/v1 +# kind: Ingress +# metadata: +# name: peerprep-ingress +# namespace: peerprep +# labels: +# project: peerprep +# peerprep.service: app-ingress + +# spec: +# ingressClassName: nginx +# rules: +# - host: peerprep-g16.net +# http: +# paths: +# - path: / +# pathType: Prefix +# backend: +# service: +# name: frontend +# port: +# number: 3000 \ No newline at end of file From 3f61c24b409dee0fe86561085547e4a68facfb76 Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Thu, 31 Oct 2024 10:30:56 +0800 Subject: [PATCH 02/12] PEER-242: Add gcloud configs Signed-off-by: SeeuSim --- k8s-gcloud/01-ns.yaml | 6 - k8s-gcloud/02-collab-api-network.yaml | 22 --- k8s-gcloud/02-collab-db-network.yaml | 22 --- k8s-gcloud/02-match-api-network.yaml | 22 --- k8s-gcloud/02-match-db-network.yaml | 22 --- k8s-gcloud/02-question-api-network.yaml | 22 --- k8s-gcloud/02-question-db-network.yaml | 22 --- k8s-gcloud/02-user-api-network.yaml | 22 --- k8s-gcloud/02-user-db-network.yaml | 22 --- k8s-gcloud/03-collab-db-deployment.yaml | 77 ----------- k8s-gcloud/03-collab-db-service.yaml | 17 --- k8s-gcloud/03-match-db-deployment.yaml | 73 ---------- k8s-gcloud/03-match-db-service.yaml | 17 --- k8s-gcloud/03-question-db-deployment.yaml | 77 ----------- k8s-gcloud/03-question-db-service.yaml | 17 --- k8s-gcloud/03-user-db-deployment.yaml | 77 ----------- k8s-gcloud/03-user-db-service.yaml | 17 --- k8s-gcloud/04-collab-svc-deployment.yaml | 97 ------------- k8s-gcloud/04-collab-svc-hpa.yaml | 19 --- k8s-gcloud/04-collab-svc-service.yaml | 17 --- k8s-gcloud/04-match-svc-deployment.yaml | 117 ---------------- k8s-gcloud/04-match-svc-service.yaml | 17 --- k8s-gcloud/04-question-svc-deployment.yaml | 97 ------------- k8s-gcloud/04-question-svc-hpa.yaml | 19 --- k8s-gcloud/04-question-svc-service.yaml | 17 --- k8s-gcloud/04-user-svc-deployment.yaml | 97 ------------- k8s-gcloud/04-user-svc-hpa.yaml | 19 --- k8s-gcloud/04-user-svc-service.yaml | 17 --- k8s-gcloud/05-frontend-deployment.yaml | 94 ------------- k8s-gcloud/05-frontend-hpa.yaml | 19 --- k8s-gcloud/05-frontend-service.yaml | 17 --- k8s-gcloud/README.md | 153 --------------------- k8s-gcloud/ingress/gcloud-ingress.yaml | 24 ---- k8s/gcloud/01-web-ssl-secret.yaml | 13 ++ k8s/gcloud/02-issuer-le-prod.yaml | 15 ++ k8s/gcloud/02-issuer-le-staging.yaml | 14 ++ k8s/gcloud/03-ingress.yaml | 33 +++++ 37 files changed, 75 insertions(+), 1394 deletions(-) delete mode 100644 k8s-gcloud/01-ns.yaml delete mode 100644 k8s-gcloud/02-collab-api-network.yaml delete mode 100644 k8s-gcloud/02-collab-db-network.yaml delete mode 100644 k8s-gcloud/02-match-api-network.yaml delete mode 100644 k8s-gcloud/02-match-db-network.yaml delete mode 100644 k8s-gcloud/02-question-api-network.yaml delete mode 100644 k8s-gcloud/02-question-db-network.yaml delete mode 100644 k8s-gcloud/02-user-api-network.yaml delete mode 100644 k8s-gcloud/02-user-db-network.yaml delete mode 100644 k8s-gcloud/03-collab-db-deployment.yaml delete mode 100644 k8s-gcloud/03-collab-db-service.yaml delete mode 100644 k8s-gcloud/03-match-db-deployment.yaml delete mode 100644 k8s-gcloud/03-match-db-service.yaml delete mode 100644 k8s-gcloud/03-question-db-deployment.yaml delete mode 100644 k8s-gcloud/03-question-db-service.yaml delete mode 100644 k8s-gcloud/03-user-db-deployment.yaml delete mode 100644 k8s-gcloud/03-user-db-service.yaml delete mode 100644 k8s-gcloud/04-collab-svc-deployment.yaml delete mode 100644 k8s-gcloud/04-collab-svc-hpa.yaml delete mode 100644 k8s-gcloud/04-collab-svc-service.yaml delete mode 100644 k8s-gcloud/04-match-svc-deployment.yaml delete mode 100644 k8s-gcloud/04-match-svc-service.yaml delete mode 100644 k8s-gcloud/04-question-svc-deployment.yaml delete mode 100644 k8s-gcloud/04-question-svc-hpa.yaml delete mode 100644 k8s-gcloud/04-question-svc-service.yaml delete mode 100644 k8s-gcloud/04-user-svc-deployment.yaml delete mode 100644 k8s-gcloud/04-user-svc-hpa.yaml delete mode 100644 k8s-gcloud/04-user-svc-service.yaml delete mode 100644 k8s-gcloud/05-frontend-deployment.yaml delete mode 100644 k8s-gcloud/05-frontend-hpa.yaml delete mode 100644 k8s-gcloud/05-frontend-service.yaml delete mode 100644 k8s-gcloud/README.md delete mode 100644 k8s-gcloud/ingress/gcloud-ingress.yaml create mode 100644 k8s/gcloud/01-web-ssl-secret.yaml create mode 100644 k8s/gcloud/02-issuer-le-prod.yaml create mode 100644 k8s/gcloud/02-issuer-le-staging.yaml create mode 100644 k8s/gcloud/03-ingress.yaml diff --git a/k8s-gcloud/01-ns.yaml b/k8s-gcloud/01-ns.yaml deleted file mode 100644 index 7c72c98d60..0000000000 --- a/k8s-gcloud/01-ns.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: peerprep - labels: - project: peerprep \ No newline at end of file diff --git a/k8s-gcloud/02-collab-api-network.yaml b/k8s-gcloud/02-collab-api-network.yaml deleted file mode 100644 index 56b58b80d7..0000000000 --- a/k8s-gcloud/02-collab-api-network.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: collab-api-network-policy - namespace: peerprep -spec: - podSelector: - matchLabels: - peerprep.network.collab-api: "true" - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: - matchLabels: - peerprep.network.collab-api: "true" - egress: - - to: - - podSelector: - matchLabels: - peerprep.network.collab-api: "true" diff --git a/k8s-gcloud/02-collab-db-network.yaml b/k8s-gcloud/02-collab-db-network.yaml deleted file mode 100644 index ebad95cadb..0000000000 --- a/k8s-gcloud/02-collab-db-network.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: collab-db-network-policy - namespace: peerprep -spec: - podSelector: - matchLabels: - peerprep.network.collab-db: "true" - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: - matchLabels: - peerprep.network.collab-db: "true" - egress: - - to: - - podSelector: - matchLabels: - peerprep.network.collab-db: "true" diff --git a/k8s-gcloud/02-match-api-network.yaml b/k8s-gcloud/02-match-api-network.yaml deleted file mode 100644 index f6a0be00ab..0000000000 --- a/k8s-gcloud/02-match-api-network.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: match-api-network-policy - namespace: peerprep -spec: - podSelector: - matchLabels: - peerprep.network.match-api: "true" - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: - matchLabels: - peerprep.network.match-api: "true" - egress: - - to: - - podSelector: - matchLabels: - peerprep.network.match-api: "true" diff --git a/k8s-gcloud/02-match-db-network.yaml b/k8s-gcloud/02-match-db-network.yaml deleted file mode 100644 index fef32c425b..0000000000 --- a/k8s-gcloud/02-match-db-network.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: match-db-network-policy - namespace: peerprep -spec: - podSelector: - matchLabels: - peerprep.network.match-db: "true" - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: - matchLabels: - peerprep.network.match-db: "true" - egress: - - to: - - podSelector: - matchLabels: - peerprep.network.match-db: "true" diff --git a/k8s-gcloud/02-question-api-network.yaml b/k8s-gcloud/02-question-api-network.yaml deleted file mode 100644 index 587e8b752c..0000000000 --- a/k8s-gcloud/02-question-api-network.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: question-api-network-policy - namespace: peerprep -spec: - podSelector: - matchLabels: - peerprep.network.question-api: "true" - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: - matchLabels: - peerprep.network.question-api: "true" - egress: - - to: - - podSelector: - matchLabels: - peerprep.network.question-api: "true" diff --git a/k8s-gcloud/02-question-db-network.yaml b/k8s-gcloud/02-question-db-network.yaml deleted file mode 100644 index f89184da75..0000000000 --- a/k8s-gcloud/02-question-db-network.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: question-db-network-policy - namespace: peerprep -spec: - podSelector: - matchLabels: - peerprep.network.question-db: "true" - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: - matchLabels: - peerprep.network.question-db: "true" - egress: - - to: - - podSelector: - matchLabels: - peerprep.network.question-db: "true" diff --git a/k8s-gcloud/02-user-api-network.yaml b/k8s-gcloud/02-user-api-network.yaml deleted file mode 100644 index ff734c248c..0000000000 --- a/k8s-gcloud/02-user-api-network.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: user-api-network-policy - namespace: peerprep -spec: - podSelector: - matchLabels: - peerprep.network.user-api: "true" - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: - matchLabels: - peerprep.network.user-api: "true" - egress: - - to: - - podSelector: - matchLabels: - peerprep.network.user-api: "true" \ No newline at end of file diff --git a/k8s-gcloud/02-user-db-network.yaml b/k8s-gcloud/02-user-db-network.yaml deleted file mode 100644 index 31143171e8..0000000000 --- a/k8s-gcloud/02-user-db-network.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: user-db-network-policy - namespace: peerprep -spec: - podSelector: - matchLabels: - peerprep.network.user-db: "true" - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: - matchLabels: - peerprep.network.user-db: "true" - egress: - - to: - - podSelector: - matchLabels: - peerprep.network.user-db: "true" \ No newline at end of file diff --git a/k8s-gcloud/03-collab-db-deployment.yaml b/k8s-gcloud/03-collab-db-deployment.yaml deleted file mode 100644 index d64b6bd117..0000000000 --- a/k8s-gcloud/03-collab-db-deployment.yaml +++ /dev/null @@ -1,77 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: collab-db - namespace: peerprep - labels: - project: peerprep - peerprep.service: collab-db -spec: - serviceName: collab-db - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: collab-db - template: - metadata: - labels: - project: peerprep - peerprep.service: collab-db - peerprep.network.collab-db: "true" - spec: - restartPolicy: Always - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: peerprep-nodepool - operator: In - values: - - non-preemptible - containers: - - name: postgres - image: postgres:16.4 - imagePullPolicy: IfNotPresent - env: - - name: PGDATA - value: /data/collab-db - - name: POSTGRES_DB - value: collab - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: collaboration-secret - key: POSTGRES_USER - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: collaboration-secret - key: POSTGRES_PASSWORD - livenessProbe: - exec: - command: - - /bin/sh - - -c - - | - pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB" - periodSeconds: 10 - initialDelaySeconds: 30 - timeoutSeconds: 10 - failureThreshold: 5 - ports: - - name: collab-db-5432 - containerPort: 5432 - volumeMounts: - - name: collab-db-vol - mountPath: /data/collab-db - volumeClaimTemplates: - - metadata: - name: collab-db-vol - spec: - accessModes: ["ReadWriteOnce"] - storageClassName: "standard" # Update this based on your storage class - resources: - requests: - storage: 500Mi # Define your storage requirement diff --git a/k8s-gcloud/03-collab-db-service.yaml b/k8s-gcloud/03-collab-db-service.yaml deleted file mode 100644 index ab29241da1..0000000000 --- a/k8s-gcloud/03-collab-db-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: collab-db - namespace: peerprep - labels: - project: peerprep - peerprep.service: collab-db -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: collab-db - ports: - - name: collab-db-5432 - port: 5432 - targetPort: collab-db-5432 diff --git a/k8s-gcloud/03-match-db-deployment.yaml b/k8s-gcloud/03-match-db-deployment.yaml deleted file mode 100644 index d685c944b9..0000000000 --- a/k8s-gcloud/03-match-db-deployment.yaml +++ /dev/null @@ -1,73 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: match-db - namespace: peerprep - labels: - project: peerprep - peerprep.service: match-db -spec: - serviceName: match-db - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: match-db - template: - metadata: - labels: - project: peerprep - peerprep.service: match-db - peerprep.network.match-db: "true" - spec: - restartPolicy: Always - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: peerprep-nodepool - operator: In - values: - - non-preemptible - containers: - - name: redis - image: redis/redis-stack-server - imagePullPolicy: IfNotPresent - env: - - name: MATCHING_DB_PASSWORD - valueFrom: - secretKeyRef: - name: matching-secret - key: MATCHING_DB_PASSWORD - - name: REDIS_ARGS - valueFrom: - secretKeyRef: - name: matching-secret - key: REDIS_ARGS - livenessProbe: - exec: - command: - - /bin/sh - - -c - - | - redis-cli -a "$MATCHING_DB_PASSWORD" --raw incr ping - periodSeconds: 10 - initialDelaySeconds: 30 - timeoutSeconds: 10 - failureThreshold: 5 - ports: - - name: match-db-6379 - containerPort: 6379 - volumeMounts: - - name: match-db-vol - mountPath: /data - volumeClaimTemplates: - - metadata: - name: match-db-vol - spec: - accessModes: ["ReadWriteOnce"] - storageClassName: "standard" # Update this based on your storage class - resources: - requests: - storage: 500Mi # Define your storage requirement diff --git a/k8s-gcloud/03-match-db-service.yaml b/k8s-gcloud/03-match-db-service.yaml deleted file mode 100644 index 7e63410223..0000000000 --- a/k8s-gcloud/03-match-db-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: match-db - namespace: peerprep - labels: - project: peerprep - peerprep.service: match-db -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: match-db - ports: - - name: match-db-6379 - port: 6379 - targetPort: match-db-6379 diff --git a/k8s-gcloud/03-question-db-deployment.yaml b/k8s-gcloud/03-question-db-deployment.yaml deleted file mode 100644 index 4e260bac08..0000000000 --- a/k8s-gcloud/03-question-db-deployment.yaml +++ /dev/null @@ -1,77 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: question-db - namespace: peerprep - labels: - project: peerprep - peerprep.service: question-db -spec: - serviceName: question-db - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: question-db - template: - metadata: - labels: - project: peerprep - peerprep.service: question-db - peerprep.network.question-db: "true" - spec: - restartPolicy: Always - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: peerprep-nodepool - operator: In - values: - - non-preemptible - containers: - - name: postgres - image: postgres:16.4 - imagePullPolicy: IfNotPresent - env: - - name: PGDATA - value: /data/question-db - - name: POSTGRES_DB - value: question - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: question-secret - key: POSTGRES_USER - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: question-secret - key: POSTGRES_PASSWORD - livenessProbe: - exec: - command: - - /bin/sh - - -c - - | - pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB" - periodSeconds: 10 - initialDelaySeconds: 30 - timeoutSeconds: 10 - failureThreshold: 5 - ports: - - name: qn-db-5432 - containerPort: 5432 - volumeMounts: - - name: question-db-vol - mountPath: /data/question-db - volumeClaimTemplates: - - metadata: - name: question-db-vol - spec: - accessModes: ["ReadWriteOnce"] - storageClassName: "standard" # Update this based on your storage class - resources: - requests: - storage: 500Mi # Define your storage requirement diff --git a/k8s-gcloud/03-question-db-service.yaml b/k8s-gcloud/03-question-db-service.yaml deleted file mode 100644 index 4b366ef937..0000000000 --- a/k8s-gcloud/03-question-db-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: question-db - namespace: peerprep - labels: - project: peerprep - peerprep.service: question-db -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: question-db - ports: - - name: qn-db-5432 - port: 5432 - targetPort: qn-db-5432 diff --git a/k8s-gcloud/03-user-db-deployment.yaml b/k8s-gcloud/03-user-db-deployment.yaml deleted file mode 100644 index 8612207c0d..0000000000 --- a/k8s-gcloud/03-user-db-deployment.yaml +++ /dev/null @@ -1,77 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: user-db - namespace: peerprep - labels: - project: peerprep - peerprep.service: user-db -spec: - serviceName: user-db - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: user-db - template: - metadata: - labels: - project: peerprep - peerprep.service: user-db - peerprep.network.user-db: "true" - spec: - restartPolicy: Always - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: peerprep-nodepool - operator: In - values: - - non-preemptible - containers: - - name: postgres - image: postgres:16.4 - imagePullPolicy: IfNotPresent - env: - - name: PGDATA - value: /data/user-db - - name: POSTGRES_DB - value: user - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: user-secret - key: POSTGRES_USER - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: user-secret - key: POSTGRES_PASSWORD - livenessProbe: - exec: - command: - - /bin/sh - - -c - - | - pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB" - periodSeconds: 10 - initialDelaySeconds: 30 - timeoutSeconds: 10 - failureThreshold: 5 - ports: - - name: user-db-ctr - containerPort: 5432 - volumeMounts: - - name: user-db-vol - mountPath: /data/user-db - volumeClaimTemplates: - - metadata: - name: user-db-vol - spec: - accessModes: ["ReadWriteOnce"] - storageClassName: "standard" # Update this based on your storage class - resources: - requests: - storage: 500Mi # Define your storage requirement diff --git a/k8s-gcloud/03-user-db-service.yaml b/k8s-gcloud/03-user-db-service.yaml deleted file mode 100644 index e429a02761..0000000000 --- a/k8s-gcloud/03-user-db-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: user-db - namespace: peerprep - labels: - project: peerprep - peerprep.service: user-db -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: user-db - ports: - - name: user-db-svc - port: 5432 - targetPort: user-db-ctr diff --git a/k8s-gcloud/04-collab-svc-deployment.yaml b/k8s-gcloud/04-collab-svc-deployment.yaml deleted file mode 100644 index a545b2e47a..0000000000 --- a/k8s-gcloud/04-collab-svc-deployment.yaml +++ /dev/null @@ -1,97 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: collab-service - namespace: peerprep - labels: - project: peerprep - peerprep.service: collab-service -spec: - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: collab-service - strategy: - type: Recreate - template: - metadata: - labels: - project: peerprep - peerprep.service: collab-service - peerprep.network.collab-api: "true" - peerprep.network.collab-db: "true" - spec: - initContainers: - - name: wait-for-postgres - image: postgres:16.4 - env: - - name: PGHOST - valueFrom: - secretKeyRef: - name: collaboration-secret - key: EXPRESS_DB_HOST - - name: PGPORT - valueFrom: - secretKeyRef: - name: collaboration-secret - key: EXPRESS_DB_PORT - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: collaboration-secret - key: POSTGRES_PASSWORD - - name: PGUSER - valueFrom: - secretKeyRef: - name: collaboration-secret - key: POSTGRES_USER - - name: PGDATABASE - valueFrom: - secretKeyRef: - name: collaboration-secret - key: POSTGRES_DB - command: - - /bin/sh - - -c - - | - while ! psql -c 'SELECT 1' > /dev/null 2>&1; do - echo "Waiting for $PGDATABASE" - sleep 1 - done - echo "$PGDATABASE is ready!" - - containers: - - name: collab-express - image: ay2425s1cs3219g16/collab-express:latest - imagePullPolicy: IfNotPresent - envFrom: - - secretRef: - name: collaboration-secret - env: - # When load testing, it exposes port 80 by default. - - name: LOAD_TEST_POD - value: http://collab-service-load-test - - name: PEERPREP_UI_HOST - value: http://frontend - livenessProbe: - exec: - command: - - /bin/sh - - -c - - wget --no-verbose --tries=1 --spider http://localhost:9003/health || exit 1 - periodSeconds: 30 - initialDelaySeconds: 5 - timeoutSeconds: 10 - failureThreshold: 5 - ports: - - name: collab-svc-ctr - containerPort: 9003 - resources: - requests: - cpu: 500m - memory: 512Mi - limits: - cpu: "1" - memory: 1Gi - \ No newline at end of file diff --git a/k8s-gcloud/04-collab-svc-hpa.yaml b/k8s-gcloud/04-collab-svc-hpa.yaml deleted file mode 100644 index af31213f4c..0000000000 --- a/k8s-gcloud/04-collab-svc-hpa.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: collab-service-hpa - namespace: peerprep -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: collab-service - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 30 diff --git a/k8s-gcloud/04-collab-svc-service.yaml b/k8s-gcloud/04-collab-svc-service.yaml deleted file mode 100644 index 867b33e953..0000000000 --- a/k8s-gcloud/04-collab-svc-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: collab-service - namespace: peerprep - labels: - project: peerprep - peerprep.service: collab-service -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: collab-service - ports: - - name: collab-svc-prt - port: 9003 - targetPort: collab-svc-ctr diff --git a/k8s-gcloud/04-match-svc-deployment.yaml b/k8s-gcloud/04-match-svc-deployment.yaml deleted file mode 100644 index 8d849ca10b..0000000000 --- a/k8s-gcloud/04-match-svc-deployment.yaml +++ /dev/null @@ -1,117 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: matching-service - namespace: peerprep - labels: - project: peerprep - peerprep.service: matching-service -spec: - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: matching-service - strategy: - type: Recreate - template: - metadata: - labels: - project: peerprep - peerprep.service: matching-service - peerprep.network.match-api: "true" - peerprep.network.match-db: "true" - peerprep.network.user-api: "true" - peerprep.network.question-api: "true" - peerprep.network.collab-api: "true" - spec: - initContainers: - - name: wait-for-services - image: redis:alpine - env: - - name: MATCHING_DB_USER - valueFrom: - secretKeyRef: - name: matching-secret - key: MATCHING_DB_PASSWORD - - name: MATCHING_DB_PASSWORD - valueFrom: - secretKeyRef: - name: matching-secret - key: MATCHING_DB_PASSWORD - - name: MATCHING_DB_HOST - value: match-db - - name: PEERPREP_USER_HOST - value: http://user-service:9001 - - name: PEERPREP_QUESTION_HOST - value: http://question-service:9002 - - name: PEERPREP_COLLAB_HOST - value: http://collab-service:9003 - command: - - /bin/sh - - -c - - | - until REDISCLI_AUTH="$MATCHING_DB_PASSWORD" redis-cli -h "$MATCHING_DB_HOST" --user "$MATCHING_DB_USERNAME" ping; do - echo "Waiting for Redis to be ready..." - sleep 2 - done & - - until wget --no-verbose --tries=1 --spider "$PEERPREP_USER_HOST/health"; do - echo "Waiting for User Service" - sleep 2 - done & - - until wget --no-verbose --tries=1 --spider "$PEERPREP_QUESTION_HOST/health"; do - echo "Waiting for Question Service" - sleep 2 - done & - - until wget --no-verbose --tries=1 --spider "$PEERPREP_COLLAB_HOST/health"; do - echo "Waiting for Collaboration Service" - sleep 2 - done & - - wait - echo "All services healthy" - - containers: - - name: match-express - image: ay2425s1cs3219g16/match-express:latest - imagePullPolicy: IfNotPresent - envFrom: - - secretRef: - name: matching-secret - env: - - name: MATCHING_DB_HOSTNAME - value: match-db - - name: MATCHING_DB_PORT - value: "6379" - - name: PEERPREP_UI_HOST - value: http://frontend:3000 - - name: PEERPREP_USER_HOST - value: http://user-service:9001 - - name: PEERPREP_QUESTION_HOST - value: http://question-service:9002 - - name: PEERPREP_COLLAB_HOST - value: http://collab-service:9003 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - wget --no-verbose --tries=1 --spider http://localhost:9004/health || exit 1 - periodSeconds: 30 - initialDelaySeconds: 5 - timeoutSeconds: 10 - failureThreshold: 5 - ports: - - name: match-svc-ctr - containerPort: 9004 - resources: - requests: - cpu: 500m - memory: 512Mi - limits: - cpu: "1" - memory: 1Gi - \ No newline at end of file diff --git a/k8s-gcloud/04-match-svc-service.yaml b/k8s-gcloud/04-match-svc-service.yaml deleted file mode 100644 index 4fa1e82fea..0000000000 --- a/k8s-gcloud/04-match-svc-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: matching-service - namespace: peerprep - labels: - project: peerprep - peerprep.service: matching-service -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: matching-service - ports: - - name: match-svc-prt - port: 9004 - targetPort: match-svc-ctr diff --git a/k8s-gcloud/04-question-svc-deployment.yaml b/k8s-gcloud/04-question-svc-deployment.yaml deleted file mode 100644 index ab59288f19..0000000000 --- a/k8s-gcloud/04-question-svc-deployment.yaml +++ /dev/null @@ -1,97 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: question-service - namespace: peerprep - labels: - project: peerprep - peerprep.service: question-service -spec: - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: question-service - strategy: - type: Recreate - template: - metadata: - labels: - project: peerprep - peerprep.service: question-service - peerprep.network.question-api: "true" - peerprep.network.question-db: "true" - spec: - initContainers: - - name: wait-for-postgres - image: postgres:16.4 - env: - - name: PGHOST - valueFrom: - secretKeyRef: - name: question-secret - key: EXPRESS_DB_HOST - - name: PGPORT - valueFrom: - secretKeyRef: - name: question-secret - key: EXPRESS_DB_PORT - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: question-secret - key: POSTGRES_PASSWORD - - name: PGUSER - valueFrom: - secretKeyRef: - name: question-secret - key: POSTGRES_USER - - name: PGDATABASE - valueFrom: - secretKeyRef: - name: question-secret - key: POSTGRES_DB - command: - - /bin/sh - - -c - - | - while ! psql -c 'SELECT 1' > /dev/null 2>&1; do - echo "Waiting for $PGDATABASE" - sleep 1 - done - echo "$PGDATABASE is ready!" - - containers: - - name: question-express - image: ay2425s1cs3219g16/question-express:latest - imagePullPolicy: IfNotPresent - envFrom: - - secretRef: - name: question-secret - env: - # When load testing, it exposes port 80 by default. - - name: LOAD_TEST_POD - value: http://question-service-load-test - - name: PEERPREP_UI_HOST - value: http://frontend - livenessProbe: - exec: - command: - - /bin/sh - - -c - - wget --no-verbose --tries=1 --spider http://localhost:9002/health || exit 1 - periodSeconds: 30 - initialDelaySeconds: 5 - timeoutSeconds: 10 - failureThreshold: 5 - ports: - - name: qn-svc-ctr - containerPort: 9002 - resources: - requests: - cpu: 250m - memory: 256Mi - limits: - cpu: 500m - memory: 512Mi - \ No newline at end of file diff --git a/k8s-gcloud/04-question-svc-hpa.yaml b/k8s-gcloud/04-question-svc-hpa.yaml deleted file mode 100644 index 6764e3d237..0000000000 --- a/k8s-gcloud/04-question-svc-hpa.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: question-service-hpa - namespace: peerprep -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: question-service - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 30 diff --git a/k8s-gcloud/04-question-svc-service.yaml b/k8s-gcloud/04-question-svc-service.yaml deleted file mode 100644 index a070fddb9b..0000000000 --- a/k8s-gcloud/04-question-svc-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: question-service - namespace: peerprep - labels: - project: peerprep - peerprep.service: question-service -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: question-service - ports: - - name: qn-svc-prt - port: 9002 - targetPort: qn-svc-ctr diff --git a/k8s-gcloud/04-user-svc-deployment.yaml b/k8s-gcloud/04-user-svc-deployment.yaml deleted file mode 100644 index f5cead51bd..0000000000 --- a/k8s-gcloud/04-user-svc-deployment.yaml +++ /dev/null @@ -1,97 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: user-service - namespace: peerprep - labels: - project: peerprep - peerprep.service: user-service -spec: - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: user-service - strategy: - type: Recreate - template: - metadata: - labels: - project: peerprep - peerprep.service: user-service - peerprep.network.user-api: "true" - peerprep.network.user-db: "true" - spec: - initContainers: - - name: wait-for-postgres - image: postgres:16.4 - env: - - name: PGHOST - valueFrom: - secretKeyRef: - name: user-secret - key: EXPRESS_DB_HOST - - name: PGPORT - valueFrom: - secretKeyRef: - name: user-secret - key: EXPRESS_DB_PORT - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: user-secret - key: POSTGRES_PASSWORD - - name: PGUSER - valueFrom: - secretKeyRef: - name: user-secret - key: POSTGRES_USER - - name: PGDATABASE - valueFrom: - secretKeyRef: - name: user-secret - key: POSTGRES_DB - command: - - /bin/sh - - -c - - | - while ! psql -c 'SELECT 1' > /dev/null 2>&1; do - echo "Waiting for $PGDATABASE" - sleep 1 - done - echo "$PGDATABASE is ready!" - - containers: - - name: user-express - image: ay2425s1cs3219g16/user-express:latest - imagePullPolicy: IfNotPresent - envFrom: - - secretRef: - name: user-secret - env: - # When load testing, it exposes port 80 by default. - - name: LOAD_TEST_POD - value: http://user-service-load-test - - name: PEERPREP_UI_HOST - value: http://frontend:3000 - livenessProbe: - exec: - command: - - /bin/sh - - -c - - wget --no-verbose --tries=1 --spider http://localhost:9001/health || exit 1 - periodSeconds: 30 - initialDelaySeconds: 5 - timeoutSeconds: 10 - failureThreshold: 5 - ports: - - name: user-svc-ctr - containerPort: 9001 - resources: - requests: - cpu: 250m - memory: 256Mi - limits: - cpu: 500m - memory: 512Mi - \ No newline at end of file diff --git a/k8s-gcloud/04-user-svc-hpa.yaml b/k8s-gcloud/04-user-svc-hpa.yaml deleted file mode 100644 index d64876db82..0000000000 --- a/k8s-gcloud/04-user-svc-hpa.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: user-service-hpa - namespace: peerprep -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: user-service - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 30 diff --git a/k8s-gcloud/04-user-svc-service.yaml b/k8s-gcloud/04-user-svc-service.yaml deleted file mode 100644 index 8d0367c1ce..0000000000 --- a/k8s-gcloud/04-user-svc-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: user-service - namespace: peerprep - labels: - project: peerprep - peerprep.service: user-service -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: user-service - ports: - - name: user-svc-prt - port: 9001 - targetPort: user-svc-ctr diff --git a/k8s-gcloud/05-frontend-deployment.yaml b/k8s-gcloud/05-frontend-deployment.yaml deleted file mode 100644 index f7169558d2..0000000000 --- a/k8s-gcloud/05-frontend-deployment.yaml +++ /dev/null @@ -1,94 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: frontend - namespace: peerprep - labels: - project: peerprep - peerprep.service: frontend -spec: - replicas: 1 - selector: - matchLabels: - project: peerprep - peerprep.service: frontend - strategy: - type: Recreate - template: - metadata: - labels: - project: peerprep - peerprep.service: frontend - peerprep.network.match-api: "true" - peerprep.network.user-api: "true" - peerprep.network.question-api: "true" - peerprep.network.collab-api: "true" - spec: - initContainers: - - name: wait-for-services - image: node:lts-alpine - env: - - name: VITE_USER_SERVICE - value: http://user-service:9001 - - name: VITE_QUESTION_SERVICE - value: http://question-service:9002 - - name: VITE_COLLAB_SERVICE - value: http://collab-service:9003 - - name: VITE_MATCHING_SERVICE - value: http://matching-service:9004 - command: - - /bin/sh - - -c - - | - until wget --no-verbose --tries=1 --spider "$VITE_USER_SERVICE/health"; do - echo "Waiting for User Service" - sleep 2 - done & - - until wget --no-verbose --tries=1 --spider "$VITE_QUESTION_SERVICE/health"; do - echo "Waiting for Question Service" - sleep 2 - done & - - until wget --no-verbose --tries=1 --spider "$VITE_COLLAB_SERVICE/health"; do - echo "Waiting for Collaboration Service" - sleep 2 - done & - - until wget --no-verbose --tries=1 --spider "$VITE_MATCHING_SERVICE/health"; do - echo "Waiting for Matching Service" - sleep 2 - done & - - wait - echo "All services healthy" - - containers: - - name: frontend - image: ay2425s1cs3219g16/frontend:latest - imagePullPolicy: IfNotPresent - envFrom: - - secretRef: - name: frontend-secret - env: - - name: FRONTEND_PORT - value: "3000" - - name: VITE_USER_SERVICE - value: http://user-service:9001 - - name: VITE_QUESTION_SERVICE - value: http://question-service:9002 - - name: VITE_COLLAB_SERVICE - value: http://collab-service:9003 - - name: VITE_MATCHING_SERVICE - value: http://matching-service:9004 - ports: - - name: frontend-ctr - containerPort: 3000 - resources: - requests: - cpu: 250m - memory: 256Mi - limits: - cpu: 500m - memory: 512Mi - \ No newline at end of file diff --git a/k8s-gcloud/05-frontend-hpa.yaml b/k8s-gcloud/05-frontend-hpa.yaml deleted file mode 100644 index 66a4d5ce6f..0000000000 --- a/k8s-gcloud/05-frontend-hpa.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: frontend-hpa - namespace: peerprep -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: frontend - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 30 diff --git a/k8s-gcloud/05-frontend-service.yaml b/k8s-gcloud/05-frontend-service.yaml deleted file mode 100644 index 277b9799cd..0000000000 --- a/k8s-gcloud/05-frontend-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: frontend - namespace: peerprep - labels: - project: peerprep - peerprep.service: frontend -spec: - type: ClusterIP - selector: - project: peerprep - peerprep.service: frontend - ports: - - name: frontend-prt - port: 3000 - targetPort: frontend-ctr diff --git a/k8s-gcloud/README.md b/k8s-gcloud/README.md deleted file mode 100644 index 6e3c8b0673..0000000000 --- a/k8s-gcloud/README.md +++ /dev/null @@ -1,153 +0,0 @@ -# Kubernetes Instructions - -## Table of Contents - -- [Prerequisites](#prerequisites) -- [Getting Started](#getting-started) -- [Load Testing](#load-testing) -- [Exposing the Ingress Controller](#exposing-the-ingress-controller) -- [Running the Minikube Service without Ingress](#running-the-minikube-service-without-ingress) -- [GKE Instructions](#gke-instructions) - -## Prerequisites - -- [**Minikube**](https://minikube.sigs.k8s.io/docs/) - - To run a local Kubernetes cluster, we recommend using Minikube on your local machine. - -## Getting Started - -1. Ensure that the Metrics Server add-on is enabled. Else, the autoscaling and ingress will not work. - -2. For Minikube: - - ```sh - # For Horizontal Pod Autoscaling - minikube addons enable metrics-server - - # For Nginx Ingress Controller - # Install - minikube addons enable ingress - # Verify - kubectl get pods -n ingress-nginx - ``` - -3. For Kubernetes: - - ```sh - # Metric Server - kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml - - # Ingress Controller - # Install - kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.44.0/deploy/static/provider/cloud/deploy.yaml - # Deploy with load balancer (GKE, AKS, EKS) - kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.44.0/deploy/static/provider/cloud/deploy.yaml - # Validate - kubectl get pods --all-namespaces -l app.kubernetes.io/name=ingress-nginx - kubectl get services ingress-nginx-controller --namespace=ingress-nginx - ``` - -4. Run the command from the project root: - - ```sh - make k8s-up - ``` - -## Load Testing - -1. Run the load test script: - - ```sh - ./scripts/k8s-test-load.sh - ``` - - In its current configuration, it will run a load testing container to ping the user-service. - Add more services and their respective ports as desired. - - Also, this will ping the service's `/health` endpoint, if configured. Else, it will not work. - -2. Run the command: - - ```sh - kubectl -n peerprep get all - ``` - - You should be able to see the Horizontal Pod AutoScaler scaling up the services in respond to - resource demand. - -3. Run Ctrl+C to interrupt and - terminate the load tester. - -## Exposing the Ingress Controller - -1. If you haven't already, run the command from the project root: - - ```sh - make k8s-up - ``` - -2. Run the command to set up the ingress controller: - - ```sh - kubectl apply -f ./k8s/ingress/nginx-ingress.yaml - ``` - - It should take a couple of minutes. Once done, you should run this command: - - ```sh - kubectl -n peerprep get ingress - - # You should see a similar output: - # NAME CLASS HOSTS ADDRESS PORTS AGE - # peerprep-ingress nginx peerprep-g16.net 172.17.0.15 80 38s - ``` - -3. Run the command to expose the ingress controller: - - ```sh - minikube tunnel - ``` - -4. Edit your `/etc/hosts` file and add the following at the bottom: - - ```txt - 127.0.0.1 peerprep-g16.net - ``` - -5. If there is already an entry that points to `localhost`, comment it out temporarily. - - ```txt - 127.0.0.1 localhost # <- Comment this out, it should look like this ↙️ - - # 127.0.0.1 localhost - 127.0.0.1 peerprep-g16.net - ``` - -6. Visit `http://peerprep-g16.net` in your browser. - -7. When done, reset your `/etc/hosts` file to its original state. - -8. Run Ctrl+C on the **Minikube Tunnel** to stop it. - -## Running the Minikube Service without Ingress - -1. Run the command to set up the cluster: - - ```sh - make k8s-up - ``` - -2. Expose the service: - - ```sh - minikube -n peerprep service frontend - ``` - - A browser window should launch, directing you to the application's frontend. - -## GKE Instructions - -To be added. - - diff --git a/k8s-gcloud/ingress/gcloud-ingress.yaml b/k8s-gcloud/ingress/gcloud-ingress.yaml deleted file mode 100644 index 069987e83f..0000000000 --- a/k8s-gcloud/ingress/gcloud-ingress.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# To be edited - -# apiVersion: networking.k8s.io/v1 -# kind: Ingress -# metadata: -# name: peerprep-ingress -# namespace: peerprep -# labels: -# project: peerprep -# peerprep.service: app-ingress - -# spec: -# ingressClassName: nginx -# rules: -# - host: peerprep-g16.net -# http: -# paths: -# - path: / -# pathType: Prefix -# backend: -# service: -# name: frontend -# port: -# number: 3000 \ No newline at end of file diff --git a/k8s/gcloud/01-web-ssl-secret.yaml b/k8s/gcloud/01-web-ssl-secret.yaml new file mode 100644 index 0000000000..278c096165 --- /dev/null +++ b/k8s/gcloud/01-web-ssl-secret.yaml @@ -0,0 +1,13 @@ +# Placeholder Secret to store TLS keys + +apiVersion: v1 +kind: Secret +metadata: + name: web-ssl + namespace: peerprep + labels: + project: peerprep +type: kubernetes.io/tls +stringData: + tls.key: "" + tls.crt: "" \ No newline at end of file diff --git a/k8s/gcloud/02-issuer-le-prod.yaml b/k8s/gcloud/02-issuer-le-prod.yaml new file mode 100644 index 0000000000..c4a01dff4e --- /dev/null +++ b/k8s/gcloud/02-issuer-le-prod.yaml @@ -0,0 +1,15 @@ +# issuer-lets-encrypt-production.yaml +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt-production +spec: + acme: + server: https://acme-v02.api.letsencrypt.org/directory + email: # ❗ Replace this with your email address + privateKeySecretRef: + name: letsencrypt-production + solvers: + - http01: + ingress: + name: peerprep-ingress \ No newline at end of file diff --git a/k8s/gcloud/02-issuer-le-staging.yaml b/k8s/gcloud/02-issuer-le-staging.yaml new file mode 100644 index 0000000000..5e7aa4b377 --- /dev/null +++ b/k8s/gcloud/02-issuer-le-staging.yaml @@ -0,0 +1,14 @@ +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt-staging +spec: + acme: + server: https://acme-staging-v02.api.letsencrypt.org/directory + email: # ❗ Replace this with your email address + privateKeySecretRef: + name: letsencrypt-staging + solvers: + - http01: + ingress: + name: peerprep-ingress \ No newline at end of file diff --git a/k8s/gcloud/03-ingress.yaml b/k8s/gcloud/03-ingress.yaml new file mode 100644 index 0000000000..4e047c4344 --- /dev/null +++ b/k8s/gcloud/03-ingress.yaml @@ -0,0 +1,33 @@ +# ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: peerprep-ingress + namespace: peerprep + labels: + project: peerprep + peerprep.service: app-ingress + annotations: + # This tells Google Cloud to create an External Load Balancer to realize this Ingress + kubernetes.io/ingress.class: gce + # This enables HTTP connections from Internet clients + kubernetes.io/ingress.allow-http: "true" + # This tells Google Cloud to associate the External Load Balancer with the static IP which we created earlier + kubernetes.io/ingress.global-static-ip-name: web-ip + cert-manager.io/issuer: letsencrypt-production +spec: + tls: + - secretName: web-ssl + hosts: + - $DOMAIN_NAME + rules: + - host: peerprep-g16.net + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: frontend + port: + number: 3000 \ No newline at end of file From 88f4cca77f219c5db5d3fcd2b51016618aa360c0 Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Thu, 31 Oct 2024 12:12:06 +0800 Subject: [PATCH 03/12] PEER-242: Update PVC mount point Signed-off-by: SeeuSim --- k8s/03-collab-db-deployment.yaml | 2 +- k8s/03-question-db-deployment.yaml | 2 +- k8s/03-user-db-deployment.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/k8s/03-collab-db-deployment.yaml b/k8s/03-collab-db-deployment.yaml index 8870199f31..55f5598443 100644 --- a/k8s/03-collab-db-deployment.yaml +++ b/k8s/03-collab-db-deployment.yaml @@ -56,7 +56,7 @@ spec: containerPort: 5432 volumeMounts: - name: collab-db-vol - mountPath: /data/collab-db + mountPath: /data volumeClaimTemplates: - metadata: name: collab-db-vol diff --git a/k8s/03-question-db-deployment.yaml b/k8s/03-question-db-deployment.yaml index 85a8505746..28b64e9899 100644 --- a/k8s/03-question-db-deployment.yaml +++ b/k8s/03-question-db-deployment.yaml @@ -56,7 +56,7 @@ spec: containerPort: 5432 volumeMounts: - name: question-db-vol - mountPath: /data/question-db + mountPath: /data volumeClaimTemplates: - metadata: name: question-db-vol diff --git a/k8s/03-user-db-deployment.yaml b/k8s/03-user-db-deployment.yaml index 3ff810409b..4114096a29 100644 --- a/k8s/03-user-db-deployment.yaml +++ b/k8s/03-user-db-deployment.yaml @@ -56,7 +56,7 @@ spec: containerPort: 5432 volumeMounts: - name: user-db-vol - mountPath: /data/user-db + mountPath: /data volumeClaimTemplates: - metadata: name: user-db-vol From 516942863a2bfba7ec8d3319c0addd37daf6c132 Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Thu, 31 Oct 2024 14:19:27 +0800 Subject: [PATCH 04/12] PEER-242: Increase CPU thresholde Signed-off-by: SeeuSim --- k8s/04-collab-svc-hpa.yaml | 2 +- k8s/04-question-svc-hpa.yaml | 2 +- k8s/04-user-svc-hpa.yaml | 2 +- k8s/05-frontend-hpa.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/k8s/04-collab-svc-hpa.yaml b/k8s/04-collab-svc-hpa.yaml index af31213f4c..6bdf779326 100644 --- a/k8s/04-collab-svc-hpa.yaml +++ b/k8s/04-collab-svc-hpa.yaml @@ -16,4 +16,4 @@ spec: name: cpu target: type: Utilization - averageUtilization: 30 + averageUtilization: 70 diff --git a/k8s/04-question-svc-hpa.yaml b/k8s/04-question-svc-hpa.yaml index 6764e3d237..6fd3b1e853 100644 --- a/k8s/04-question-svc-hpa.yaml +++ b/k8s/04-question-svc-hpa.yaml @@ -16,4 +16,4 @@ spec: name: cpu target: type: Utilization - averageUtilization: 30 + averageUtilization: 70 diff --git a/k8s/04-user-svc-hpa.yaml b/k8s/04-user-svc-hpa.yaml index d64876db82..d5214a1814 100644 --- a/k8s/04-user-svc-hpa.yaml +++ b/k8s/04-user-svc-hpa.yaml @@ -16,4 +16,4 @@ spec: name: cpu target: type: Utilization - averageUtilization: 30 + averageUtilization: 70 diff --git a/k8s/05-frontend-hpa.yaml b/k8s/05-frontend-hpa.yaml index 66a4d5ce6f..74c71025df 100644 --- a/k8s/05-frontend-hpa.yaml +++ b/k8s/05-frontend-hpa.yaml @@ -16,4 +16,4 @@ spec: name: cpu target: type: Utilization - averageUtilization: 30 + averageUtilization: 60 From 3164f22985193072631523bb851d4a4ed16f6888 Mon Sep 17 00:00:00 2001 From: TabrizPlv Date: Thu, 31 Oct 2024 15:07:15 +0800 Subject: [PATCH 05/12] update k8s script --- scripts/k8s-up.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/k8s-up.sh b/scripts/k8s-up.sh index 1cbf5560bb..5726b9fd24 100755 --- a/scripts/k8s-up.sh +++ b/scripts/k8s-up.sh @@ -31,7 +31,7 @@ create_secret() { kubectl -n $ns \ create secret generic \ "$scrt_name" \ - --from-env-file /dev/stdin + --from-env-file="$envFolder$secretName/.env.compose" else echo "Secret $scrt_name already exists" fi From 7872331fbf61976a969de13a8d11412a3026280e Mon Sep 17 00:00:00 2001 From: TabrizPlv Date: Thu, 31 Oct 2024 15:11:18 +0800 Subject: [PATCH 06/12] revert script changes --- scripts/k8s-up.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/k8s-up.sh b/scripts/k8s-up.sh index 5726b9fd24..1cbf5560bb 100755 --- a/scripts/k8s-up.sh +++ b/scripts/k8s-up.sh @@ -31,7 +31,7 @@ create_secret() { kubectl -n $ns \ create secret generic \ "$scrt_name" \ - --from-env-file="$envFolder$secretName/.env.compose" + --from-env-file /dev/stdin else echo "Secret $scrt_name already exists" fi From 2f0ae7f3ce126dc8cb453e08e796eb9cda6e8c1b Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Thu, 31 Oct 2024 16:28:29 +0800 Subject: [PATCH 07/12] PEER-242: Update load test script Signed-off-by: SeeuSim --- scripts/k8s-test-load.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/k8s-test-load.sh b/scripts/k8s-test-load.sh index b274130921..3c19c24758 100755 --- a/scripts/k8s-test-load.sh +++ b/scripts/k8s-test-load.sh @@ -10,14 +10,16 @@ load_test_service() { exit 1 fi + pod_name="$service_name-service-load-test" + kubectl run -i \ - --tty "$service_name-service-load-test" \ + --tty $pod_name \ --rm \ -n $ns \ --image=busybox \ --labels="peerprep.network.$service_name-api=true" \ --restart=Never \ - -- /bin/sh -c "while sleep 0.01; do wget -q -O- http://$service_name-service:$port/health && echo; done" + -- /bin/sh -c "while true; do wget -q -O- http://$service_name-service:$port/health > /dev/null 2>&1; done" } load_test_service user 9001 From 990af1df2d8c89949e167bfa2edb6e1b0a554ffc Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Fri, 1 Nov 2024 12:21:16 +0800 Subject: [PATCH 08/12] PEER-242: Add working gcloud public internet deployment Signed-off-by: SeeuSim --- ...d-docker.yaml => build-deploy-docker.yaml} | 26 +++- k8s/README.md | 114 +++++++++++++++++- .../01-issuer-le-staging.yaml} | 6 +- .../02-web-ssl-secret.yaml} | 0 k8s/gcloud-staging/03-ingress.yaml | 27 +++++ ...er-le-prod.yaml => 01-issuer-le-prod.yaml} | 6 +- k8s/gcloud/02-web-ssl-secret.yaml | 13 ++ k8s/gcloud/03-ingress.yaml | 19 ++- k8s/{ingress => local}/nginx-ingress.yaml | 0 9 files changed, 194 insertions(+), 17 deletions(-) rename .github/workflows/{build-docker.yaml => build-deploy-docker.yaml} (87%) rename k8s/{gcloud/02-issuer-le-staging.yaml => gcloud-staging/01-issuer-le-staging.yaml} (61%) rename k8s/{gcloud/01-web-ssl-secret.yaml => gcloud-staging/02-web-ssl-secret.yaml} (100%) create mode 100644 k8s/gcloud-staging/03-ingress.yaml rename k8s/gcloud/{02-issuer-le-prod.yaml => 01-issuer-le-prod.yaml} (64%) create mode 100644 k8s/gcloud/02-web-ssl-secret.yaml rename k8s/{ingress => local}/nginx-ingress.yaml (100%) diff --git a/.github/workflows/build-docker.yaml b/.github/workflows/build-deploy-docker.yaml similarity index 87% rename from .github/workflows/build-docker.yaml rename to .github/workflows/build-deploy-docker.yaml index 9b6b5f02a9..38db33051d 100644 --- a/.github/workflows/build-docker.yaml +++ b/.github/workflows/build-deploy-docker.yaml @@ -105,7 +105,7 @@ jobs: echo "Outputs Generated: $formatted_matrix" echo "matrix=$formatted_matrix" >> $GITHUB_OUTPUT - build-and-push-image: + build-push-deploy-image: needs: changes if: ${{ fromJson(needs.changes.outputs.matrix)[0] != null }} runs-on: ubuntu-latest @@ -186,6 +186,30 @@ jobs: cache-from: type=gha cache-to: type=gha,mode=max + - name: Setup GCloud + uses: google-github-actions/setup-gcloud@v + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && false }} + with: + service_account_key: ${{ secrets.GKE_SA_KEY }} + project_id: ${{ secrets.GKE_PROJECT }} + + - name: Get GKE creds + uses: google-github-actions/get-gke-credentials@v + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && false }} + with: + cluster_name: ${{ env.GKE_CLUSTER }} + location: ${{ env.GKE_ZONE }} + credentials: ${{ secrets.GKE_SA_KEY }} + + - name: Deploy to GKE + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && false }} + run: |- + deployments=("collab-service" "matching-service" "question-service" "user-service" "frontend") + for dplymnt in "${deployments[@]}"; do + kubectl -n peerprep rollout restart deployment "$dplymnt" + done + + results: if: ${{ always() && !github.event.pull_request.draft }} runs-on: ubuntu-latest diff --git a/k8s/README.md b/k8s/README.md index 6e3c8b0673..e4c43f7595 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -90,7 +90,7 @@ 2. Run the command to set up the ingress controller: ```sh - kubectl apply -f ./k8s/ingress/nginx-ingress.yaml + kubectl apply -f ./k8s/local ``` It should take a couple of minutes. Once done, you should run this command: @@ -148,6 +148,116 @@ ## GKE Instructions -To be added. +1. Authenticate or ensure you are added as a user to the Google Cloud Project: + - Project ID: `cs3219-g16` + - Project Zone: `asia-southeast1-c` + +2. Install the `gcloud` C by following the instructions at this link: + + - [Installation Instructions](https://cloud.google.com/sdk/docs/install) + +3. Setup the CLI with the following commands: + + ```sh + gcloud auth login + + gcloud config set project cs3219-g16 + + gcloud config set compute/zone asia-southeast1-c + + gcloud components install gke-gcloud-auth-plugin + + export USE_GKE_GCLOUD_AUTH_PLUGIN=True + ``` + +4. Create the cluster with the following commands: + + ```sh + gcloud container clusters create \ + cs3219-g16 \ + --preemptible \ + --machine-type e2-small \ + --enable-autoscaling \ + --num-nodes 1 \ + --min-nodes 1 \ + --max-nodes 25 \ + --region=asia-southeast1-c + ``` + +5. Once the cluster has been created, run the commands below to configure `kubectl` and connect to the cluster: + + ```sh + gcloud container clusters get-credentials cs3219-g16 + + # You should see some output here + kubectl get nodes -o wide + ``` + +6. Run the script (ensure you are in a Bash shell like on Mac or Linux): + + ```sh + make k8s-up + ``` + + - Wait until the deployments all reach status running: + + ```sh + kubectl -n peerprep rollout status deployment frontend + ``` + +7. If you haven't already, visit the GCloud console -> 'Cloud Domains' and verify that a domain name has been created. + + - We currently have one as `peerprep-g16.net`. + - We also associate a GCloud Global Web IP `web-ip` to this DNS record as an 'A' record. + +8. Install the `cert-manager` plugin: + + ```sh + kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.1/cert-manager.yaml + ``` + +9. Create the ingress and secrets in the prod environment: + + ```sh + kubectl apply -f ./k8s/gcloud + ``` + + - After 15 minutes, you should be able to access the UI over HTTPS at this link: + - `https://peerprep-g16.net` + +10. Setup the following in Github Actions by: + + - heading to the 'Settings' -> 'Secrets and variables' -> 'Actions' -> 'New repository secret' + - Adding the following keys: + + ```txt + GKE_SA_KEY: + GKE_PROJECT: cs3219-g16 + GKE_CLUSTER: cs3219-g16 + GKE_ZONE: asia-southeast1-c + + ``` + +11. Merge a PR to `main` and verify that the cluster is redeployed with the latest images: + + ```sh + kubectl -n peerprep get deployment + ``` + +12. Cleanup: + + - Delete the cluster: + + ```sh + gcloud container clusters delete cs3219-g16 + ``` + + - When done with the project, delete the web records: + + ```sh + gcloud dns record-sets delete peerprep-g16 --type A + + gcloud compute addresses delete web-ip --global + ``` diff --git a/k8s/gcloud/02-issuer-le-staging.yaml b/k8s/gcloud-staging/01-issuer-le-staging.yaml similarity index 61% rename from k8s/gcloud/02-issuer-le-staging.yaml rename to k8s/gcloud-staging/01-issuer-le-staging.yaml index 5e7aa4b377..9d9c5b7c6a 100644 --- a/k8s/gcloud/02-issuer-le-staging.yaml +++ b/k8s/gcloud-staging/01-issuer-le-staging.yaml @@ -2,10 +2,14 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: letsencrypt-staging + namespace: peerprep + labels: + project: peerprep + peerprep.service: app-cert-issuer-staging spec: acme: server: https://acme-staging-v02.api.letsencrypt.org/directory - email: # ❗ Replace this with your email address + email: ay2425s1.cs3219.g16@gmail.com # ❗ Replace this with your email address privateKeySecretRef: name: letsencrypt-staging solvers: diff --git a/k8s/gcloud/01-web-ssl-secret.yaml b/k8s/gcloud-staging/02-web-ssl-secret.yaml similarity index 100% rename from k8s/gcloud/01-web-ssl-secret.yaml rename to k8s/gcloud-staging/02-web-ssl-secret.yaml diff --git a/k8s/gcloud-staging/03-ingress.yaml b/k8s/gcloud-staging/03-ingress.yaml new file mode 100644 index 0000000000..3ed71905ea --- /dev/null +++ b/k8s/gcloud-staging/03-ingress.yaml @@ -0,0 +1,27 @@ +# ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: peerprep-ingress + namespace: peerprep + labels: + project: peerprep + peerprep.service: app-ingress + annotations: + # This tells Google Cloud to create an External Load Balancer to realize this Ingress + kubernetes.io/ingress.class: gce + # This enables HTTP connections from Internet clients + kubernetes.io/ingress.allow-http: "true" + # This tells Google Cloud to associate the External Load Balancer with the static IP which we created earlier + kubernetes.io/ingress.global-static-ip-name: web-ip + cert-manager.io/issuer: letsencrypt-staging +spec: + tls: + - secretName: web-ssl + hosts: + - peerprep-g16.net + defaultBackend: + service: + name: frontend + port: + number: 3000 \ No newline at end of file diff --git a/k8s/gcloud/02-issuer-le-prod.yaml b/k8s/gcloud/01-issuer-le-prod.yaml similarity index 64% rename from k8s/gcloud/02-issuer-le-prod.yaml rename to k8s/gcloud/01-issuer-le-prod.yaml index c4a01dff4e..b1e531d697 100644 --- a/k8s/gcloud/02-issuer-le-prod.yaml +++ b/k8s/gcloud/01-issuer-le-prod.yaml @@ -3,10 +3,14 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: letsencrypt-production + namespace: peerprep + labels: + project: peerprep + peerprep.service: app-cert-issuer-prod spec: acme: server: https://acme-v02.api.letsencrypt.org/directory - email: # ❗ Replace this with your email address + email: ay2425s1.cs3219.g16@gmail.com # ❗ Replace this with your email address privateKeySecretRef: name: letsencrypt-production solvers: diff --git a/k8s/gcloud/02-web-ssl-secret.yaml b/k8s/gcloud/02-web-ssl-secret.yaml new file mode 100644 index 0000000000..278c096165 --- /dev/null +++ b/k8s/gcloud/02-web-ssl-secret.yaml @@ -0,0 +1,13 @@ +# Placeholder Secret to store TLS keys + +apiVersion: v1 +kind: Secret +metadata: + name: web-ssl + namespace: peerprep + labels: + project: peerprep +type: kubernetes.io/tls +stringData: + tls.key: "" + tls.crt: "" \ No newline at end of file diff --git a/k8s/gcloud/03-ingress.yaml b/k8s/gcloud/03-ingress.yaml index 4e047c4344..5cd176924b 100644 --- a/k8s/gcloud/03-ingress.yaml +++ b/k8s/gcloud/03-ingress.yaml @@ -19,15 +19,10 @@ spec: tls: - secretName: web-ssl hosts: - - $DOMAIN_NAME - rules: - - host: peerprep-g16.net - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: frontend - port: - number: 3000 \ No newline at end of file + - peerprep-g16.net + defaultBackend: + service: + name: frontend + port: + number: 3000 + \ No newline at end of file diff --git a/k8s/ingress/nginx-ingress.yaml b/k8s/local/nginx-ingress.yaml similarity index 100% rename from k8s/ingress/nginx-ingress.yaml rename to k8s/local/nginx-ingress.yaml From dc2d4d79bf0cdfb19f2337dc56738be159aa64bb Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Fri, 1 Nov 2024 12:22:35 +0800 Subject: [PATCH 09/12] PEER-242: Update gcloud script Signed-off-by: SeeuSim --- .github/workflows/build-deploy-docker.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy-docker.yaml b/.github/workflows/build-deploy-docker.yaml index 38db33051d..1a39639283 100644 --- a/.github/workflows/build-deploy-docker.yaml +++ b/.github/workflows/build-deploy-docker.yaml @@ -214,7 +214,7 @@ jobs: if: ${{ always() && !github.event.pull_request.draft }} runs-on: ubuntu-latest name: Final Results - needs: build-and-push-image + needs: build-push-deploy-image steps: - run: | result="${{ needs.build-and-push-image.result }}" From 1c68d05b7945293174014ae6b679d8601bef35a5 Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Fri, 1 Nov 2024 14:07:51 +0800 Subject: [PATCH 10/12] PEER-242: Update actions script Signed-off-by: SeeuSim --- .github/workflows/build-deploy-docker.yaml | 16 ++--- k8s/04-collab-svc-deployment.yaml | 2 +- k8s/04-match-svc-deployment.yaml | 2 +- k8s/04-question-svc-deployment.yaml | 2 +- k8s/04-user-svc-deployment.yaml | 2 +- k8s/05-frontend-deployment.yaml | 2 +- k8s/README.md | 75 ++++++++++++++++------ 7 files changed, 67 insertions(+), 34 deletions(-) diff --git a/.github/workflows/build-deploy-docker.yaml b/.github/workflows/build-deploy-docker.yaml index 1a39639283..00ad8cde2f 100644 --- a/.github/workflows/build-deploy-docker.yaml +++ b/.github/workflows/build-deploy-docker.yaml @@ -187,22 +187,22 @@ jobs: cache-to: type=gha,mode=max - name: Setup GCloud - uses: google-github-actions/setup-gcloud@v - if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && false }} + uses: google-github-actions/setup-gcloud@v2 + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && secrets.GKE_CLUSTER }} with: service_account_key: ${{ secrets.GKE_SA_KEY }} project_id: ${{ secrets.GKE_PROJECT }} - name: Get GKE creds - uses: google-github-actions/get-gke-credentials@v - if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && false }} + uses: google-github-actions/get-gke-credentials@v2 + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && secrets.GKE_CLUSTER }} with: - cluster_name: ${{ env.GKE_CLUSTER }} - location: ${{ env.GKE_ZONE }} + cluster_name: ${{ secrets.GKE_CLUSTER }} + location: ${{ secrets.GKE_ZONE }} credentials: ${{ secrets.GKE_SA_KEY }} - name: Deploy to GKE - if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && false }} + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && secrets.GKE_CLUSTER }} run: |- deployments=("collab-service" "matching-service" "question-service" "user-service" "frontend") for dplymnt in "${deployments[@]}"; do @@ -217,7 +217,7 @@ jobs: needs: build-push-deploy-image steps: - run: | - result="${{ needs.build-and-push-image.result }}" + result="${{ needs.build-push-deploy-image.result }}" if [[ $result == "success" || $result == "skipped" ]]; then exit 0 else diff --git a/k8s/04-collab-svc-deployment.yaml b/k8s/04-collab-svc-deployment.yaml index a545b2e47a..b0c3b16daa 100644 --- a/k8s/04-collab-svc-deployment.yaml +++ b/k8s/04-collab-svc-deployment.yaml @@ -64,7 +64,7 @@ spec: containers: - name: collab-express image: ay2425s1cs3219g16/collab-express:latest - imagePullPolicy: IfNotPresent + imagePullPolicy: Always envFrom: - secretRef: name: collaboration-secret diff --git a/k8s/04-match-svc-deployment.yaml b/k8s/04-match-svc-deployment.yaml index 8d849ca10b..81a7c50bf4 100644 --- a/k8s/04-match-svc-deployment.yaml +++ b/k8s/04-match-svc-deployment.yaml @@ -77,7 +77,7 @@ spec: containers: - name: match-express image: ay2425s1cs3219g16/match-express:latest - imagePullPolicy: IfNotPresent + imagePullPolicy: Always envFrom: - secretRef: name: matching-secret diff --git a/k8s/04-question-svc-deployment.yaml b/k8s/04-question-svc-deployment.yaml index ab59288f19..eca30a95d7 100644 --- a/k8s/04-question-svc-deployment.yaml +++ b/k8s/04-question-svc-deployment.yaml @@ -64,7 +64,7 @@ spec: containers: - name: question-express image: ay2425s1cs3219g16/question-express:latest - imagePullPolicy: IfNotPresent + imagePullPolicy: Always envFrom: - secretRef: name: question-secret diff --git a/k8s/04-user-svc-deployment.yaml b/k8s/04-user-svc-deployment.yaml index f5cead51bd..2ba03034e8 100644 --- a/k8s/04-user-svc-deployment.yaml +++ b/k8s/04-user-svc-deployment.yaml @@ -64,7 +64,7 @@ spec: containers: - name: user-express image: ay2425s1cs3219g16/user-express:latest - imagePullPolicy: IfNotPresent + imagePullPolicy: Always envFrom: - secretRef: name: user-secret diff --git a/k8s/05-frontend-deployment.yaml b/k8s/05-frontend-deployment.yaml index f7169558d2..23bb986d06 100644 --- a/k8s/05-frontend-deployment.yaml +++ b/k8s/05-frontend-deployment.yaml @@ -66,7 +66,7 @@ spec: containers: - name: frontend image: ay2425s1cs3219g16/frontend:latest - imagePullPolicy: IfNotPresent + imagePullPolicy: Always envFrom: - secretRef: name: frontend-secret diff --git a/k8s/README.md b/k8s/README.md index e4c43f7595..190b45caf9 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -147,6 +147,9 @@ A browser window should launch, directing you to the application's frontend. ## GKE Instructions + + +### Setup 1. Authenticate or ensure you are added as a user to the Google Cloud Project: @@ -209,7 +212,31 @@ 7. If you haven't already, visit the GCloud console -> 'Cloud Domains' and verify that a domain name has been created. - We currently have one as `peerprep-g16.net`. + - This can be created under 'Cloud Domains' -> 'Register Domain' in the GCloud console. - We also associate a GCloud Global Web IP `web-ip` to this DNS record as an 'A' record. + - To set an IP DNS 'A' record, follow these steps: + 1. Create an IP: + + ```sh + gcloud compute addresses create web-ip --global + ``` + + 2. Verify that it exists: + + ```sh + gcloud compute addresses list + ``` + + 3. Grab the IP address: + + ```sh + gcloud compute addresses describe web-ip --format='value(address)' --global + ``` + + 4. Associate it via the console: + - Cloud DNS -> 'Zone Name': peerprep-g16.net -> 'Add standard' + - Paste the IP address + - 'Create' 8. Install the `cert-manager` plugin: @@ -226,26 +253,7 @@ - After 15 minutes, you should be able to access the UI over HTTPS at this link: - `https://peerprep-g16.net` -10. Setup the following in Github Actions by: - - - heading to the 'Settings' -> 'Secrets and variables' -> 'Actions' -> 'New repository secret' - - Adding the following keys: - - ```txt - GKE_SA_KEY: - GKE_PROJECT: cs3219-g16 - GKE_CLUSTER: cs3219-g16 - GKE_ZONE: asia-southeast1-c - - ``` - -11. Merge a PR to `main` and verify that the cluster is redeployed with the latest images: - - ```sh - kubectl -n peerprep get deployment - ``` - -12. Cleanup: +10. Cleanup: - Delete the cluster: @@ -260,4 +268,29 @@ gcloud compute addresses delete web-ip --global ``` - + +### CD (Continuous Delivery via Github Actions) + +1. Setup the following in Github Actions by: + + - heading to the 'Settings' -> 'Secrets and variables' -> 'Actions' -> 'New repository secret' + - Adding the following keys: + + ```txt + GKE_SA_KEY: 'Service Accounts' page)> + GKE_PROJECT: cs3219-g16 + GKE_CLUSTER: cs3219-g16 + GKE_ZONE: asia-southeast1-c + ``` + + - If the `GKE_SA_KEY` is needed, contact us. + +2. Merge a PR to `main`. The following will happend: + + 1. An action will run under the 'actions' tab in Github. + + 2. This will build and push the service images and verify that the cluster is redeployed with the latest images: + + ```sh + kubectl -n peerprep get deployment + ``` From 11b5db66cbaf6a5462d34414ada02a697e42930d Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Fri, 1 Nov 2024 14:10:02 +0800 Subject: [PATCH 11/12] PEER-242: Update actions script Signed-off-by: SeeuSim --- .github/workflows/build-deploy-docker.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy-docker.yaml b/.github/workflows/build-deploy-docker.yaml index 00ad8cde2f..b2b309836f 100644 --- a/.github/workflows/build-deploy-docker.yaml +++ b/.github/workflows/build-deploy-docker.yaml @@ -11,6 +11,7 @@ on: - main env: + IS_GKE_CLUSTER_UP: true DOCKER_REGISTRY_USN: ay2425s1cs3219g16 USER_EXPRESS_PORT: 9001 QUESTION_EXPRESS_PORT: 9002 @@ -188,21 +189,21 @@ jobs: - name: Setup GCloud uses: google-github-actions/setup-gcloud@v2 - if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && secrets.GKE_CLUSTER }} + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && env.IS_GKE_CLUSTER_UP }} with: service_account_key: ${{ secrets.GKE_SA_KEY }} project_id: ${{ secrets.GKE_PROJECT }} - name: Get GKE creds uses: google-github-actions/get-gke-credentials@v2 - if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && secrets.GKE_CLUSTER }} + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && env.IS_GKE_CLUSTER_UP }} with: cluster_name: ${{ secrets.GKE_CLUSTER }} location: ${{ secrets.GKE_ZONE }} credentials: ${{ secrets.GKE_SA_KEY }} - name: Deploy to GKE - if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && secrets.GKE_CLUSTER }} + if: ${{ contains(github.ref, 'main') && github.event.pull_request.title != 'Feedback' && env.IS_GKE_CLUSTER_UP }} run: |- deployments=("collab-service" "matching-service" "question-service" "user-service" "frontend") for dplymnt in "${deployments[@]}"; do From 9ef94b293893b1a6a8ce4c4e51a602b141154c15 Mon Sep 17 00:00:00 2001 From: SeeuSim Date: Fri, 1 Nov 2024 14:11:39 +0800 Subject: [PATCH 12/12] PEER-242: Update actions script Signed-off-by: SeeuSim --- .github/workflows/build-deploy-docker.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build-deploy-docker.yaml b/.github/workflows/build-deploy-docker.yaml index b2b309836f..c981a91aba 100644 --- a/.github/workflows/build-deploy-docker.yaml +++ b/.github/workflows/build-deploy-docker.yaml @@ -11,7 +11,6 @@ on: - main env: - IS_GKE_CLUSTER_UP: true DOCKER_REGISTRY_USN: ay2425s1cs3219g16 USER_EXPRESS_PORT: 9001 QUESTION_EXPRESS_PORT: 9002