Stateful set

Author: RahulMR42

.gitignore

@@ -1,5 +1,7 @@
 # General
 .DS_Store
+.idea
+**.idea**
 .AppleDouble
 .LSOverride
 

oci-deployment-examples/README.md

@@ -19,6 +19,7 @@ All about OCI devops deployment samples ..
 <details>
   <summary>Canary deployment strategy - click to expand</summary>
 
+* [Deploy to OKE with a stateful backend data with canary strategy](./oci-devops-oke-canary-with-stateful-app/)
 * [Deploy to OKE following OCI Devops canary deployment strategy](./oci-devops-deploy-with-canary-model-oke/)
 * [Deploy to Instances  following OCI Devops canary deployment strategy](./oci-devops-deploy-instances-with-canary/)
 

oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/.gitignore

@@ -0,0 +1,2 @@
+.DS**
+.idea**

oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/README.md

@@ -0,0 +1 @@
+An illustration of OCI Deployment Canary strategy with a stateful application.---Context-------- The illustration provides a deployment flow of a sample application with a stateful data source shared across .- The deployment follows [OCI Canary Deployment strategy model](https://docs.oracle.com/en/solutions/plan-mad-strats-devops/understand-depoyment-architectures.html#GUID-1E607CF8-3446-476F-9372-355937F209ED).- Objective here to ensure backend data consistency across canary and production stages (with in the same stateful data source).- Here the focus is only for OCI Deployment pipeline ,but the same can be integrated along with other OCI devops services as well (Build, Code repo etc)![](images/oci_context.png)Application topology---- Sample application build using Guestbook app - https://kubernetes.io/docs/tutorials/stateless-application/guestbook/- Stateful database is build using redis - inspired by blog by Okteto -  https://www.okteto.com/blog/connect-applications-across-namespaces/- We will be using Oracle Kubernetes Engine (OKE) for application deployment.Specific instructions to download only this example .---```    $ git init oci-devops-oke-canary-with-stateful-app    $ cd oci-devops-deploy-with-canary-model-oke    $ git remote add origin https://github.com/oracle-devrel/oci-devops-examples    $ git config core.sparsecheckout true    $ echo "oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/*">>.git/info/sparse-checkout    $ git pull --depth=1 origin main```Procedure---- Create an OCI Dynamic group and add below rules.```ALL {resource.type = 'devopsdeploypipeline', resource.compartment.id = 'ocid1.compartment.xxxx'}```- Create an OCI Policy as below.```Allow dynamic-group <DG NAME> to manage repos in compartment <COMPARTMENT NAME>Allow dynamic-group <DG NAME> to manage generic-artifacts in compartment <COMPARTMENT NAME>Allow dynamic-group <DG NAME> to use ons-topics in compartment <COMPARTMENT NAME>Allow dynamic-group <DG NAME> to read all-artifacts in compartment <COMPARTMENT NAME>Allow dynamic-group <DG NAME> to manage cluster-family in compartment <COMPARTMENT NAME>```- Create an OCI Container registry repo (enable as public repo ) - https://docs.oracle.com/en-us/iaas/Content/Registry/home.htm![](images/oci_container_registr.png)- Create an OKE - https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengcreatingclusterusingoke_topic-Using_the_Console_to_create_a_Quick_Cluster_with_Default_Settings.htm#create-quick-cluster![](images/oci_oke.png)- We are using NGINX to switch the traffic between two namespaces (Canary and Production).- To do so , Use ``Access Cluster option `` of OKE ,launch the cloud shell and set the config to access the cluster.![](images/oci_oke_access_cluster.png)- We will be following the procedure mentioned [here](https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengsettingupingresscontroller.htm) to setup the ingress controller.```$ kubectl create clusterrolebinding <my-cluster-admin-binding> --clusterrole=cluster-admin --user=<user-OCID>$ export version="Latest Nginix release version " - https://github.com/kubernetes/ingress-nginx#support-versions-table$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-${version}/deploy/static/provider/cloud/deploy.yaml$ Validate the Nginx installation.```![](images/oci_nginx_validation.png)- Create the docker images and push to the OCI Artifact registry```markdown$ git clone <REPO URL>$ cd <REPO NAME>/dockerArtifacts/v0/$ docker build -t <OCI REGION>.ocir.io/<NAMESPACE>/<REPO NAME>:v0 -f Dockerfile . # Create image with version V0.$ cd ../v1/$ docker build -t <OCI REGION>.ocir.io/<NAMESPACE>/<REPO NAME>:v0 -f Dockerfile . # Create image with version V1.$ docker push <OCI REGION>.ocir.io/<NAMESPACE>/<REPO NAME> # Push both the images back to the OCI artifact repo.```- Validate the images are visible under the Container registry repo created.![](images/oci_container_images.png)- Create an OCI Notification topic which will be associated with devops project - https://docs.oracle.com/en-us/iaas/Content/Notification/home.htm- Create a new Devops Project - https://docs.oracle.com/en-us/iaas/Content/devops/using/devops_projects.htm![](images/oci_projecta.png)- Ensure to enable logs for the OCI Devops Projects.![](images/oci_devops_logs.png)- Create an OCI Devops environment (type as Oracle Kubernetes Engine) - https://docs.oracle.com/en-us/iaas/Content/devops/using/create_oke_environment.htm  ![](images/oci_devops_env.png)- Create an OCI devops artifact with type 'Kubernetes manifest' and store the artifacts from file [guestbook_app.yaml](appConfig/guestbook_app.yml)![](images/oci_artifact_guestbook.png)- Create another  OCI devops artifact with type 'Kubernetes manifest' and store the artifacts from file [redis.yaml](appConfig/redis.yml)![](images/oci_artifact_redis.png)- Create an OCI deployment pipeline for the Redis DB deployment.- With in the deployment pipeline add a deployment stage as type `Apply manifest to Your Kubernetes`![](images/oci_deploy_stagea.png)- Associate with the `OKE devops environment` and `Redis.yaml` artifact . Use the namespace as `ns-prod` to deploy the DB under production namespace.![](images/oci_deploy_stage_redis.png)- Create another OCI devops deployment pipeline for the application with Canary deployment.- Use 'Canary Strategy' as the stage type.![](images/oci_canary_stage.png)- Select the deployment type as OKE , use `ns-canary` as canary namespace and `ns-prod` for production namespace.- Associate it with the guest book artifacts created.  ![](images/oci_oke_canary_1.png)- Use `guestbook-ingress` as the NGINX ingress name.- Use ramp limit as 25% under canary shift so that 25 % of traffic will be served via the new version.![](images/oci_oke_canary_2.png)- You may skip the validation step and add at least one as approval count .![](images/oci_oke_canary_3.png)![](images/oci_oke_canary_4.png)- The final view of deployment pipeline is as below .![](images/oci_deploymentpipeline_guestbook.png)- Let us do the db deployment , to do so ,use the `redis db` pipeline created and execute it via `Run pipeline  option.![](images/oci_redis_dbdeployment.png)- Wait for all the steps to complete .![](images/oci_redis_deploy_steps.png)- Validate the redis deployment using `kubectl` over cloudshell .```markdown$ kubectl get all -n ns-prod |grep -i redis$ kubectl logs -n ns-prod pod/redis-0```![](images/oci_kubectl_redis.png)- Switch to the deployment pipeline created for guestbook.- Add two deployment parameters as below```markdown- "version" with no default value ,its the docker image version that will be used .- "redis_hosts" with default value as redis.ns-prod.svc.cluster.local ,its the service endpoint to access the redis db. ```![](images/oci_deploy_param.png)- Do a manual run of the guestbook deployment pipeline with image version as `v0`.![](images/oci_deploy_guestbook1.png)- Since its the first deployment  we wont be seeing any canary shift as it needs ingress controller to be established (at least one time) with in the namespaces.- So approve the stage and complete until the last step for the deployment.![](images/oci_deploy_approval.png)![](images/oci_deploy_approved.png)- Wait for all the deployment steps to complete .![](images/oci_deployment_all_steps.png)- To validate the application ,switch to `OCI Cloud shell and use Kubectl`.```markdown$ kubectl get all,ing -n ns-prod```![](images/oci_kubectl_geting.png)- Fetch the Ingress public ip and use a browser to view the application .![](images/oci_guestbook_app.png)- Please note you may have a different colour ,which is perfectly ok ,but if you see an error stating `Waiting for DB connection` , recheck your Redis URL and Redis deployment ,as it is unable to connect to the data base- Let us add some data to the application and press submit.![](images/oci_app_data.png)- Switch to the deployment pipeline and make a new deployment using version `v1`![](images/oci_pipeline_v2_run.png)- Once the stage for `Canary traffic shift` is completed ,refresh the browser and view that 25 % of traffic will be via version v2.  ![](images/oci_pipeline_canary_shift_ok.png)- You may disable/clear  the cache of your browser if it’s not appearing after some refresh.![](images/oci_app_v2_canary.png)- As you may see the version is changed to v1 and the data is persisting .Let us add some data to the page again .![](images/oci_app_canary_data.png)- If you refresh you can see that V0 is also existing as the V1 is routed via canary ,with 25 % of traffic to it .- Also the data is always persisting .  ![](images/oci_app_with_canaryv1_prod_v0.png)- Switch to the deployment pipeline and approve for the V1 deployment for production.![](images/oci_app_v1_approval.png)- Once all the stages are completed ,you can see the application is 100 % v1 and data is always persisting.![](images/final_version.png)Acknowledgements------ https://github.com/okteto/go-guestbook- https://kubernetes.io/docs/tutorials/stateless-application/guestbook/Contributors====Author : Rahul M R.Collaborators : Michael LiLast release : May 2022### Back to examples.----- 🍿 [Back to OCI Devops Deployment sample](./../README.md)- 🏝️ [Back to OCI Devops sample](./../../README.md)

oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/appConfig/guestbook_app.yml

@@ -0,0 +1,54 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: guestbook
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: guestbook
+  template:
+    metadata:
+      labels:
+        app: guestbook
+    spec:
+      containers:
+        - image: us-ashburn-1.ocir.io/fahdabidiroottenancy/mr-guestbook:${version}
+          name: guestbook
+          env:
+            - name: REDIS_HOST
+              value: ${redis_host}
+
+---
+
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: guestbook
+spec:
+  type: ClusterIP
+  ports:
+    - name: guestbook
+      port: 8080
+  selector:
+    app: guestbook
+
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: poc-ing
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+spec:
+  rules:
+    - http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: guestbook
+                port:
+                  number: 8080

oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/appConfig/redis.yml

@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: redis
+  labels:
+    app: redis
+spec:
+  selector:
+    app: redis
+  ports:
+    - name: redis
+      port: 6379
+
+---
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: redis
+spec:
+  serviceName: redis
+  replicas: 1
+  selector:
+    matchLabels:
+      app: redis
+  template:
+    metadata:
+      labels:
+        app: redis
+        selector: redis
+    spec:
+      containers:
+        - name: redis
+          image: redis:6

oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/dockerArtifacts/v0/Dockerfile

@@ -0,0 +1,15 @@
+FROM golang:buster as builder
+
+WORKDIR /usr/src/app
+COPY go.mod go.sum ./
+RUN go mod download
+COPY main.go .
+RUN CGO_ENABLED=0 GOOS=linux go build -o /usr/local/bin/guestbook
+
+FROM debian:buster
+COPY ./public/index.html public/index.html
+COPY ./public/script.js public/script.js
+COPY ./public/style.css public/style.css
+COPY --from=builder /usr/local/bin/guestbook /usr/local/bin/guestbook
+CMD ["/usr/local/bin/guestbook"]
+EXPOSE 8080

oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/dockerArtifacts/v0/go.mod

@@ -0,0 +1,9 @@
+module github.com/okteto/guestbook
+
+go 1.15
+
+require (
+	github.com/codegangsta/negroni v1.0.0
+	github.com/gorilla/mux v1.8.0
+	github.com/xyproto/simpleredis v0.0.0-20200923133513-36cf6df0f760
+)

oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/dockerArtifacts/v0/go.sum

@@ -0,0 +1,10 @@
+github.com/codegangsta/negroni v1.0.0 h1:+aYywywx4bnKXWvoWtRfJ91vC59NbEhEY03sZjQhbVY=
+github.com/codegangsta/negroni v1.0.0/go.mod h1:v0y3T5G7Y1UlFfyxFn/QLRU4a2EuNau2iZY63YTKWo0=
+github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0=
+github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
+github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
+github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
+github.com/xyproto/pinterface v0.0.0-20200201214933-70763765f31f h1:x97Isxzsv8Aj1QMh8vNxKzI85Fvgg2areAJlIaMQ4zY=
+github.com/xyproto/pinterface v0.0.0-20200201214933-70763765f31f/go.mod h1:X5B5pKE49ak7SpyDh5QvJvLH9cC9XuZNDcl5hEyYc34=
+github.com/xyproto/simpleredis v0.0.0-20200923133513-36cf6df0f760 h1:K5aLh/GzKwre9Mb9J2Y4H318HOLyW4UAeGOkshnSvXc=
+github.com/xyproto/simpleredis v0.0.0-20200923133513-36cf6df0f760/go.mod h1:U/ZOQqa0ggBGPs+d0y7r50BY6FyFTh5WhWf7F8f1MBM=

oci-deployment-examples/oci-devops-oke-canary-with-stateful-app/dockerArtifacts/v0/main.go

@@ -0,0 +1,87 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"os"
+	"strings"
+
+	"github.com/codegangsta/negroni"
+	"github.com/gorilla/mux"
+	"github.com/xyproto/simpleredis"
+)
+
+var (
+	mainPool *simpleredis.ConnectionPool
+)
+
+func ListRangeHandler(rw http.ResponseWriter, req *http.Request) {
+	key := mux.Vars(req)["key"]
+	list := simpleredis.NewList(mainPool, key)
+	members := HandleError(list.GetAll()).([]string)
+	membersJSON := HandleError(json.MarshalIndent(members, "", "  ")).([]byte)
+	rw.Write(membersJSON)
+}
+
+func ListPushHandler(rw http.ResponseWriter, req *http.Request) {
+	key := mux.Vars(req)["key"]
+	value := mux.Vars(req)["value"]
+	list := simpleredis.NewList(mainPool, key)
+	HandleError(nil, list.Add(value))
+	ListRangeHandler(rw, req)
+}
+
+func InfoHandler(rw http.ResponseWriter, req *http.Request) {
+	info := HandleError(mainPool.Get(0).Do("INFO")).([]byte)
+	rw.Write(info)
+}
+
+func EnvHandler(rw http.ResponseWriter, req *http.Request) {
+	environment := make(map[string]string)
+	for _, item := range os.Environ() {
+		splits := strings.Split(item, "=")
+		key := splits[0]
+		val := strings.Join(splits[1:], "=")
+		environment[key] = val
+	}
+
+	envJSON := HandleError(json.MarshalIndent(environment, "", "  ")).([]byte)
+	rw.Write(envJSON)
+}
+
+func HandleError(result interface{}, err error) (r interface{}) {
+	if err != nil {
+		panic(err)
+	}
+	return result
+}
+
+func main() {
+	host := os.Getenv("REDIS_HOST")
+	mainPool = simpleredis.NewConnectionPoolHost(fmt.Sprintf("%s:6379", host))
+	defer mainPool.Close()
+
+	r := mux.NewRouter()
+	r.Path("/lrange/{key}").Methods("GET").HandlerFunc(ListRangeHandler)
+	r.Path("/rpush/{key}/{value}").Methods("GET").HandlerFunc(ListPushHandler)
+	r.Path("/info").Methods("GET").HandlerFunc(InfoHandler)
+	r.Path("/env").Methods("GET").HandlerFunc(EnvHandler)
+
+	n := negroni.Classic()
+	n.UseHandler(r)
+	n.Run(":8080")
+}