This package installs scripts that can run from the command line. In addition, the script deploys applications to the HAPI K8s Clusters.
-
AWS Login (Within appropriate AWS Account)
-
Kubectl
-
Kubectl config file
aws eks --region us-east-1 update-kubeconfig --name adexk8s-eks-cluster-{stack} --alias env-{stack}
git clone repository.
cd hapi-k8s-deploy/
pip install .
cd hapi-k8s-deploy/
pip install -U .
Must set ENV Variable or pass in ECR_ACCOUNT_ID
export ECR_ACCOUNT_ID={{ ECR Account Id }}
Must be logged into the appropriate AWS account for secrets stack/secretname to exist.
usage: k8sdeploy [-h] [-s STACK] [-a ACTION] [-d] [-f FILENAME] [-e ECR_ACCOUNT_ID]
Create K8s artifacts within cluster.
options:
-h, --help show this help message and exit
-s STACK, --stack STACK
stack(default='dev')
-a ACTION, --action ACTION
Action verb: create, delete, apply (default='apply')
-d, --delete-namespace
Delete Namespace: only used if action is 'delete'
-f FILENAME, --filename FILENAME
Specific filename to pass in k8s vars yaml file. Default: {current
directory}/k8s_vars/{stack}_k8s_vars.yml
-e ECR_ACCOUNT_ID, --ecr-account-id ECR_ACCOUNT_ID
ECR Account ID. Default: Environment Variable 'ECR_ACCOUNT_ID'
| Variable | Type | Description | Default Value |
|---|---|---|---|
| deploy_type | string | deploy type: api,job,cronjob | api |
| target_namespace | string | Required field - Kubernetes namespace | default |
| target_app_name | string | Required field with application name (Alphanumeric with dash separator) | |
| target_app_port | int | required field - port exposed within container | |
| target_image_name | string | Optional image name of ECR image | target_app_name |
| target_image_tag | string | Required field - Specific image tag within ECR | |
| target_app_secrets_ref | json | Optional AWS Secrets Manager secret references | |
| target_app_env | json | Optional environment values to pass to the container | |
| target_memory_mb | int | Memory allocated to the container | Not used currently |
| target_replica_count | int | Optional field - Desired container count | 3 |
| create_ingress | string | Optional Boolean | true |
| create_service | string | deploy a service | true |
| ingress_hostname | string | Required field if create_ingress is True - Hostname for ALB | |
| ingress_path | string | Optional field if create_ingress is True - Path route to set within ALB | / |
| ingress_health_check_path | string | Optional field if create_ingress is True - Health Check Path | / |
| successful_response_codes | string | Optional field if create_ingress is True - Health Check Path | '200' |
| ingress_load_balancer_name | string | Required Field if create_ingress is True - Name of AWS ALB | |
| ingress_group_name | string | Application Load Balancer group, combine multiple applications within one ALB | ingress_load_balancer_name |
| ingress_inbound_security_groups | string | Inbound Security group Ids | Apigee Edge IPs and DMSDEVOPS Tunnel |
| ingress_tags | string | Comma separated string of default tags added to ingress | "Name={{ ingress_load_balancer_name }},dms_app_family=adex,dms_service=adex,dms_stack={{ stack }},environment={{ environment }},huit_assetid=9301,product=adexk8s,waf-type=external-alb" |
| ingress_additional_tags | string | additional tags you want added to ingress | '' |
deploy_type=job or cronjob
| Variable | Type | Description | Default Value |
|---|---|---|---|
| job_interval | string | Cron Syntax if job_interval not set will perform once as a Kubernetes Job. | None |
| restart_policy | string | Restart Policy: Never or OnFailure is allowed. | OnFailure |
| backoff_limit | string | There are situations where you want to fail a Job after some amount of retries due to a logical error. Specify the number of retries before considering a Job as failed. | 6 |
| concurrency_policy | string | Specifies how to treat concurrent executions of a job that is created by this CronJob. Concurrency policies: Allow, Forbid, Replace | Allow |
deploy_type=api
| Variable | Type | Description | Default Value |
|---|---|---|---|
| target_volume_mount | list of objects | description of volume mounts | |
| target_volume_mount.name | string | name of volume | |
| target_volume_mount.path | string | path of mount | |
| target_volume_mount.type | string | secret or configmap | |
| target_volume_mount.secret_name | string | specific secret name added outside of deploy process | secret name generated by deploy process |
| target_volume_mount.configmap_name | string | specific configmap name added outside of deploy process | configmap name generated by deploy process |
| target_volume_mount.mode | string | file permissions | 420 |
| target_volume_mount.data_items | list of objects | key and path | |
| target_volume_mount.data_items.key | string | key within secret or configmap | |
| target_volume_mount.data_items.path | string | path with filename |