diff --git a/README.md b/README.md index 8c3c66684900f2a211f6998220f8b56b1bcce7f8..3b296d52a79e36b0262af9344a2346fa99d9bf0f 100644 --- a/README.md +++ b/README.md @@ -120,250 +120,251 @@ Once succesfully completed, you can see the docker image in the `Registry`sectio Create a file `manifest.yaml` at the root directory of your git repository and fill it with the following definition. > Keep in mind that yaml formating require that you seperate each declaration with `---` line. - * PostgreSQL Server - In order to deploy a Postgresql server we need : - - - [ ] Storage - - [ ] Configuration - - [ ] Deployment - - [ ] Service - - * Persistent Volume Claim - - As a Docker image is immutable, you may need to define some persistent storage. In the case of a PostgreSQL container we need to persist the data of the database. - - We do this using a `Persistent Volume Claim`. - > You can see that we define an `accessModes`to `ReadWriteOnce`, this mean that the Persistent Volume will only be accessed by one container. - - ```yaml - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: postgres-claim - labels: - app: postgresql - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - ``` - - * PostgreSQL secret - - We are here defining the PostgreSQL basic parameters : username, password and database. This `Secret` will be reused later in `Deployments`. - - > Note: the data have to be base64 encoded. This can be done online or by command line on MacOS or Linux - -  - - ```yaml - apiVersion: v1 - kind: Secret +* PostgreSQL Server + In order to deploy a Postgresql server we need : + + - [ ] Storage + - [ ] Configuration + - [ ] Deployment + - [ ] Service + + * Persistent Volume Claim + + As a Docker image is immutable, you may need to define some persistent storage. In the case of a PostgreSQL container we need to persist the data of the database. + + We do this using a `Persistent Volume Claim`. + > You can see that we define an `accessModes`to `ReadWriteOnce`, this mean that the Persistent Volume will only be accessed by one container. + + ```yaml + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: postgres-claim + labels: + app: postgresql + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + ``` + + * PostgreSQL secret + + We are here defining the PostgreSQL basic parameters : username, password and database. This `Secret` will be reused later in `Deployments`. + + > Note: the data have to be base64 encoded. This can be done online or by command line on MacOS or Linux + +  + + ```yaml + apiVersion: v1 + kind: Secret + metadata: + name: postgresql-credentials + type: Opaque + data: + username: cG9sbHNfdXNlcgo= + password: c2xsb3BfYzNiaQo= + database: cG9sbHMK + ``` + + * PostgreSQL Deployment + + ```yaml + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: postgresql + labels: + app: postgresql + spec: + strategy: + type: Recreate + template: metadata: - name: postgresql-credentials - type: Opaque - data: - username: cG9sbHNfdXNlcgo= - password: c2xsb3BfYzNiaQo= - database: cG9sbHMK - ``` - - * PostgreSQL Deployment - - ```yaml - apiVersion: extensions/v1beta1 - kind: Deployment - metadata: - name: postgresql labels: app: postgresql + tier: postgreSQL spec: - strategy: - type: Recreate - template: - metadata: - labels: - app: postgresql - tier: postgreSQL - spec: - containers: - - image: postgres:9.6.2-alpine + containers: + - image: postgres:9.6.2-alpine + name: postgresql + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: username + - name: POSTGRES_DB + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: database + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: password + ports: + - containerPort: 5432 name: postgresql - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: username - - name: POSTGRES_DB - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: database - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: password - ports: - - containerPort: 5432 - name: postgresql - volumeMounts: - - name: postgresql - mountPath: /var/lib/postgresql/data - subPath: data - volumes: + volumeMounts: - name: postgresql - persistentVolumeClaim: - claimName: postgres-claim - - name: postgresql-credentials - secret: - secretName: postgresql - ``` - - * PostgreSQL Service - - ```yaml - apiVersion: v1 - kind: Service + mountPath: /var/lib/postgresql/data + subPath: data + volumes: + - name: postgresql + persistentVolumeClaim: + claimName: postgres-claim + - name: postgresql-credentials + secret: + secretName: postgresql + ``` + + * PostgreSQL Service + + ```yaml + apiVersion: v1 + kind: Service + metadata: + name: postgresql + labels: + app: postgresql + spec: + ports: + - port: 5432 + selector: + app: postgresql + tier: postgreSQL + ```` + +* Django Application + * Deployment + + ```yaml + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: polls + labels: + app: polls + spec: + replicas: 3 + template: metadata: - name: postgresql - labels: - app: postgresql - spec: - ports: - - port: 5432 - selector: - app: postgresql - tier: postgreSQL - ```` - - * Django Application - * Deployment - - ```yaml - apiVersion: extensions/v1beta1 - kind: Deployment - metadata: - name: polls labels: app: polls spec: - replicas: 3 - template: - metadata: - labels: - app: polls - spec: - containers: - name: polls-app - image: ${CI_REGISTRY}/${CI_PROJECT_NAME}/polls:${CI_COMMIT_SHORT_SHA} - # This setting makes nodes pull the docker image every time before - # starting the pod. This is useful when debugging, but should be turned - # off in production. - imagePullPolicy: Always - env: - - name: DATABASE_NAME - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: database - - name: DATABASE_USER - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: username - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: password - ports: - - containerPort: 8080 - volumes: - - name: postgresql-credentials - secret: - secretName: postgresql - ``` - - * Service - - ```yaml - apiVersion: v1 - kind: Service - metadata: - name: polls - labels: - app: polls + containers: + name: polls-app + image: ${CI_REGISTRY}/${CI_PROJECT_NAME}/polls:${CI_COMMIT_SHORT_SHA} + # This setting makes nodes pull the docker image every time before + # starting the pod. This is useful when debugging, but should be turned + # off in production. + imagePullPolicy: Always + env: + - name: DATABASE_NAME + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: database + - name: DATABASE_USER + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: username + - name: DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: password + ports: + - containerPort: 8080 + volumes: + - name: postgresql-credentials + secret: + secretName: postgresql + ``` + + * Service + + ```yaml + apiVersion: v1 + kind: Service + metadata: + name: polls + labels: + app: polls + spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 8080 + selector: + app: polls + ``` + + * Ingress Resource + + ```yaml + apiVersion: extensions/v1beta1 + kind: Ingress + metadata: + annotations: + kubernetes.io/ingress.class: traefik + labels: + app: polls + name: polls + spec: + rules: + - host: ${CI_PROJECT_NAME}.pasteur.cloud + http: + paths: + - backend: + serviceName: polls + servicePort: 80 + path: / + ``` + + * Kubernetes Job + + We will use a `Job` in order to manage django migrations. + > Note: Kubernetes jobs are run only once opposed to `Deployments` that run continiously. + + ```yaml + apiVersion: batch/v1 + kind: Job + metadata: + name: polls-migrations + spec: + template: spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 8080 - selector: - app: polls - ``` - - * Ingress Resource + containers: + - name: django + image: ${CI_REGISTRY}/${CI_PROJECT_NAME}/polls:${CI_COMMIT_SHORT_SHA} + command: ['python', 'manage.py', 'migrate'] + env: + - name: DATABASE_NAME + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: database + - name: DATABASE_USER + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: username + - name: DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: postgresql-credentials + key: password + restartPolicy: Never + backoffLimit: 5 + ``` - ```yaml - apiVersion: extensions/v1beta1 - kind: Ingress - metadata: - annotations: - kubernetes.io/ingress.class: traefik - labels: - app: polls - name: polls - spec: - rules: - - host: ${CI_PROJECT_NAME}.pasteur.cloud - http: - paths: - - backend: - serviceName: polls - servicePort: 80 - path: / - ``` - - * Kubernetes Job - - We will use a `Job` in order to manage django migrations. - > Note: Kubernetes jobs are run only once opposed to `Deployments` that run continiously. - - ```yaml - apiVersion: batch/v1 - kind: Job - metadata: - name: polls-migrations - spec: - template: - spec: - containers: - - name: django - image: ${CI_REGISTRY}/${CI_PROJECT_NAME}/polls:${CI_COMMIT_SHORT_SHA} - command: ['python', 'manage.py', 'migrate'] - env: - - name: DATABASE_NAME - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: database - - name: DATABASE_USER - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: username - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql-credentials - key: password - restartPolicy: Never - backoffLimit: 5 - ``` ### Setup Continuous Delivery in Gitlab CI ```yaml