Migrate from docker-compose to Kubernetes Google Docker Register

Documentation DevOps
DevOps kubernetes helm k8s google cloud docker

Table of Contents generated with DocToc

k8s

U4U Project DevOps: Kubernetes manifests. Helm packeges.

Requirements:

1. Kubernetes

K8s: Intro To Kubernetes: https://writings.fyi/k8s-intro-to-kubernetes-3a2f721ebcc7 .

2. Helm

K8s: Intro To Helm https://writings.fyi/k8s-intro-to-helm-20fb12b0cd63


Source: postgresql/templates/secrets.yaml


Source: postgresql/templates/pvc.yaml


Source: postgresql/templates/svc.yaml


Source: postgresql/templates/deployment.yaml

Create secret for access to Docker Register.

Changing the reclaim policy of a PersistentVolume

List the PersistentVolumes in your cluster:

The output is similar to this:

This list also includes the name of the claims that are bound to each volume for easier identification of dynamically provisioned volumes.

Choose one of your PersistentVolumes and change its reclaim policy:

Verify that your chosen PersistentVolume has the right policy:

The output is similar to this:

Usefull Links:

  1. Reuse existing Persistent Volume (GCE) https://github.com/kubernetes/kubernetes/issues/48609

Error Example:

https://stackoverflow.com/questions/46887118/volume-claim-on-gke-multi-attach-error-for-volume-volume-is-already-exclusivel?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa

Have to be the samo Node:

Coming back to this one; it’d be strongly advised to use nodeSelector on your pod/deployments https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

Create containers with support FUSO.

Mount media path in POD containers.

Usefull Links:

  1. https://cloud.google.com/storage/docs/gcs-fuse
  2. https://github.com/GoogleCloudPlatform/gcsfuse/blob/master/docs/installing.md
  3. https://github.com/maciekrb/gcs-fuse-sample
  4. https://karlstoney.com/2017/03/01/fuse-mount-in-kubernetes/

1. create ubuntu fuse from ubuntudev brance fuse

Output:

Output:

2. create python fuse from ubuntudev brance fuse

Output:

3. create wa fuse from python brance python fuse

3.1 Auth information

Create kubernetes service example:

https://raw.githubusercontent.com/maciekrb/gcs-fuse-sample/master/deployment.yml

Secret Container Register Auth

Advanced Authentication Methods

https://cloud.google.com/container-registry/docs/advanced-authentication

HISTORY OF COMMANDS:

Resutl (Console Output):

KONG

1. URL Routers Config Files

2. Example Structure.

Please see kong API documentation. Below

Example parameters:

3. KONG API plugin descriptions

https://getkong.org/docs/0.13.x/admin-api/

KONG Docker hub

https://github.com/Kong/docker-kong/blob/6e2035c5739482f0616021a7eda04ec6809d9f3e/centos/Dockerfile https://hub.docker.com/_/kong/

4. New Kong image

http://joxi.ru/BA0MVbGCJDxYRr

Restore WA(dev) PS DataBase

1. Restore:

Second time from docker-composer

2. CREATE DB

https://www.tutorialspoint.com/postgresql/postgresql_create_database.htm

https://gist.github.com/ricjcosme/cf576d3d4272cc35de1335a98c547da6

3. Connect Locale to Kubernetes DateBase

SET ACL Google Storage

README: https://cloud.google.com/storage/docs/gsutil/commands/acl

➜  k8s cat acl.txt                                      
[
  {
    "entity": "project-owners-1036361587373",
    "projectTeam": {
      "projectNumber": "1036361587373",
      "team": "owners"
    },
    "role": "OWNER"
  },
  {
    "entity": "project-editors-1036361587373",
    "projectTeam": {
      "projectNumber": "1036361587373",
      "team": "editors"
    },
    "role": "OWNER"
  },
  {
    "entity": "project-viewers-1036361587373",
    "projectTeam": {
      "projectNumber": "1036361587373",
      "team": "viewers"
    },
    "role": "READER"
  },
  {
    "email": "[email protected]om",
    "entity": "[email protected]unt.com",
    "role": "OWNER"
  }
]
➜  k8s 

$gsutil -m  acl set -R acl.txt gs://media.dev.u4u.online/

Media FOLDER

Usefull Links:

  1. https://stackoverflow.com/questions/38311036/folders-not-showing-up-in-bucket-storage

TODO !!!Have to be next line. have to be checked. AiratKh!!!:

  1. https://github.com/GoogleCloudPlatform/gcsfuse/blob/master/docs/semantics.md#implicit-directories

2. GRAND Acces to http://media.dev.u4u.online/

gsutil -m acl  -r ch -u AllUsers:R 'gs://media.dev.u4u.online/404-page.html'

3. Setting MainPageSuffix and NotFoundPage

https://cloud.google.com/storage/docs/hosting-static-website#assign-pages

Set Default object ACL for a bucket

https://cloud.google.com/storage/docs/access-control/create-manage-lists#defaultobjects

1. Check Access

gsutil acl get gs://media.dev.u4u.online

2. Change Default object ACL for a bucket

$ gsutil defacl ch -u allUsers:READER gs://media.dev.u4u.online

Mongo Connection

1. BackUp Restore mongodb

1.1 BackUp

[email protected]:/# cat /usr/local/bin/backup
#!/bin/bash
rm -rf /tmp/backup/*
mkdir /tmp/backup/$1
mongodump -h 'mongo' -u '' -p 'zGoKolv594KFdsmZvCx50029OplvkdSz' --out /tmp/backup/$1/mongo.dump --gzip >> /var/log/backup.log 2>&1
gsutil -m rsync -r /tmp/backup/$1/ gs://u4u-backup/testing/$1/ >> /var/log/backup.log 2>&1
[email protected]:/# 

1.2. Restore

[email protected]:/# which restore
/usr/local/bin/restore
[email protected]:/# cat /usr/local/bin/restore
#!/bin/bash
rm -rf /tmp/backup/*
mkdir /tmp/backup/$1
gsutil -m rsync -r gs://u4u-backup/testing/$1/ /tmp/backup/$1/ >> /var/log/restore.log 2>&1
mongorestore --drop -h 'mongo' -u '' -p 'zGoKolv594KFdsmZvCx50029OplvkdSz' /tmp/backup/$1/mongo.dump --gzip >> /var/log/restore.log 2>&1
[email protected]:/# 
gsutil cp -R gs://u4u-backup/stage/ua-16_04_2018/ ~/Downloads/ua-16_04_2018
$kubectl cp  ./mongo.dump mongodb-69958c9899-m8glj:/ 

1.3 In mongodb hostname

$mongorestore --drop -h 'mongodb' -u '' -p 'zGoKolv594KFdsmZvCx50029OplvkdSz' mongo.dump --gzip

Generates table of contents for markdown files

inside local git repository. Links are compatible with anchors generated by github or other sites via a command line flag.

Table of Contents generated with DocToc

https://github.com/thlorenz/doctoc

Check RabbitMq connection stript.

Display usage information.

Do not forget to give access to Google Captcha

GitLab. Autodevops

https://gitlab.u4u.online/help/topics/autodevops/quick_start_guide.md#point-dns-at-cluster-ip

Example configuration

https://gitlab.u4u.online/help/topics/autodevops/quick_start_guide.md#point-dns-at-cluster-ip

Unable to install Ingress to Kubernetes with Auto DevOps

Issue https://gitlab.com/gitlab-org/gitlab-ce/issues/46286 Summary After deploying a new Kubernetes cluster using Auto DevOps, installing Ingress failed with Error: release ingress failed: clusterroles.rbac.authorization.k8s.io “ingress-nginx-ingress” is forbidden

Fixed command:

Create special nodes pools in kubernetes with Label “app=genpdf”

1. Controlling Scheduling with Node Taints

Useful Link

https://cloud.google.com/kubernetes-engine/docs/how-to/node-taints

Add more CPU core. Special nodes only for genpdf

in genpdf/value.yaml:

Fix MEDIA url path to images in GenPdf

Use KUBERNETES_ENVIRONMENT = True/False

In code:

In Genpdf/deployment.yaml

Gitlab wildcard DNS record.

Саш добавь пожалуйста в DNS записть Надо настроить wildcard DNS record hostname: *.review.u4u.online -> IP: 35.195.147.53

Как пример https://help.iwantmyname.com/customer/portal/articles/1770930-how-do-i-add-a-wildcard-subdomain-dns-record-

GitLab runner register example

1. Localhost Docker version install

https://docs.gitlab.com/runner/install/docker.html

Set permissions for Gitlab runner

GitLab Email settings

Standart SMPT ports disabled https://cloud.google.com/vpc/docs/firewalls

POSTFIX settings https://sendgrid.com/docs/Integrate/Mail_Servers/postfix.html https://cloud.google.com/compute/docs/tutorials/sending-mail/using-sendgrid

GitLab settingss (SMTP without SSL) https://docs.gitlab.com/omnibus/settings/smtp.html#smtp-on-localhost

Check/Debug sent email https://sendgrid.com/docs/API_Reference/SMTP_API/getting_started_smtp.html https://docs.gitlab.com/ee/administration/troubleshooting/debug.html

2. Helm Kubernetes version

Documents: https://docs.gitlab.com/ee/install/kubernetes/gitlab_runner_chart.html

Сharts gitlab-runner: https://gitlab.com/charts/gitlab-runner

Existing List Runners: https://gitlab.u4u.online/admin/runners

GitLab backup every night

Create Как стать модератором (moder) или пользователем(user)

U4U The Chart Repository Guide

Links:

https://github.com/kubernetes/helm/blob/master/docs/chart_repository.md

Create GOOGLE storage bucket “chart.helm.u4u.online” http://chart.helm.u4u.online.storage.googleapis.com/

Web access http://chart.helm.u4u.online/

Helm Chart repo configuration in Google cloud bucket

The Chart Repository Guide https://docs.helm.sh/developing_charts/#the-chart-repository-guide

Syncing Your Chart Repository Note: This example is specifically for a Google Cloud Storage (GCS) bucket which serves a chart repository. https://docs.helm.sh/developing_charts/#syncing-your-chart-repository

Cloud Storage Authentication https://cloud.google.com/storage/docs/authentication

Documentation gsutil Tool https://cloud.google.com/storage/docs/gsutil

Job settings. Google Cloud SDKbundle with all components and dependencies https://hub.docker.com/r/google/cloud-sdk/

Hosting Static website https://cloud.google.com/storage/docs/hosting-static-website

Backup all old prod.sh

Kong local settings

ConfigMap

Create:

Update ConfigMap

Get Information from Existing ConfigMap

Helm install different/other namespace

#Error Can not find correct datebase

Install gitlab runner

Configure Access to Multiple Clusters

Usefull links Configure Access to Multiple Clusters: https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/

Organizing Cluster Access Using kubeconfig Files: https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/

Some commands example

EMBEDED client certificate data in the “cluster-admin” entry

Common examples link: https://github.com/fabric8io/kansible/blob/master/vendor/k8s.io/kubernetes/docs/user-guide/kubectl/kubectl_config_set-credentials.md

More commands examples (workflow)