Add helm charts (#40)

Dockerfile.k8s

@@ -14,7 +14,7 @@ RUN \
 COPY platform_monitoring platform_monitoring
 RUN pip install -e .
 
-ENV NP_MON_API_PORT=8080
-EXPOSE $NP_MON_API_PORT
+ENV NP_MONITORING_API_PORT=8080
+EXPOSE $NP_MONITORING_API_PORT
 
 CMD platform-monitoring

Makefile

@@ -58,9 +58,12 @@ gke_docker_push: build
 	docker tag $(IMAGE_NAME):$(IMAGE_TAG) $(IMAGE):$(CIRCLE_SHA1)
 	docker push $(IMAGE)
 
-gke_deploy:
+_helm:
+	curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash -s -- -v v2.11.0
+
+gke_deploy: _helm
 	gcloud --quiet container clusters get-credentials $(GKE_CLUSTER_NAME) $(CLUSTER_ZONE_REGION)
-	#helm \
-	#	--set "global.env=$(HELM_ENV)" \
-	#	--set "IMAGE.$(HELM_ENV)=$(IMAGE):$(CIRCLE_SHA1)" \
-	#	upgrade --install platformmonitoring deploy/platformmonitoring/ --wait --timeout 600
+	helm \
+		--set "global.env=$(HELM_ENV)" \
+		--set "IMAGE.$(HELM_ENV)=$(IMAGE):$(CIRCLE_SHA1)" \
+		upgrade --install platformmonitoringapi deploy/platformmonitoringapi/ --wait --timeout 600

deploy/README

@@ -0,0 +1,25 @@
+
+
+###  _cd_ to _deploy_ folder
+``` cd deploy ```
+
+### Connect to cluster
+```gcloud container clusters get-credentials prod-cluster-01 --zone us-west1-b --project production-228907```
+
+
+
+# Deploy in Production cluster
+
+### Deploy platform-registry-api
+```helm --set "global.env=prod" upgrade --install platformmonitoringapi platformmonitoringapi```
+
+
+
+#Deploy in staging and dev clusters
+
+Dev :
+	- helm --set "global.env=dev" upgrade --install platformmonitoringapi platformmonitoringapi
+
+Staging :
+	- helm --set "global.env=stage" upgrade --install platformmonitoringapi --name=platformmonitoringapi
+

deploy/platformmonitoringapi/Chart.yaml

@@ -0,0 +1,4 @@
+name: platformmonitoringapi
+description: Deploy platformmonitoringapi
+version: 0.0.1
+appVersion: 0.0.1

deploy/platformmonitoringapi/templates/platformmonitoring.gke.yml

@@ -0,0 +1,69 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: platformmonitoringapi
+spec:
+  replicas: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_REPLICAS | first | default .Values.NP_MONITORING_REPLICAS._default) }}
+  selector:
+    matchLabels:
+      service: platformmonitoringapi
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        service: platformmonitoringapi
+    spec:
+      containers:
+      - name: platformmonitoringapi
+        image: {{ printf "%s" (pluck .Values.global.env .Values.IMAGE | first | default .Values.IMAGE._default) }}
+        imagePullPolicy: Always
+        resources:
+          requests:
+            cpu: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_REQUESTS_CPU | first | default .Values.NP_MONITORING_REQUESTS_CPU._default) }}
+            memory: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_REQUESTS_MEMORY | first | default .Values.NP_MONITORING_REQUESTS_MEMORY._default) }}
+          limits:
+            cpu: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_LIMITS_CPU | first | default .Values.NP_MONITORING_LIMITS_CPU._default) }}
+            memory: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_LIMITS_MEMORY | first | default .Values.NP_MONITORING_LIMITS_MEMORY._default) }}
+        env:
+        - name: NP_MONITORING_PLATFORM_API_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: platformservices-secret
+              key: compute_token
+        - name: NP_MONITORING_PLATFORM_AUTH_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: platformservices-secret
+              key: compute_token
+        - name: NP_MONITORING_K8S_API_URL
+          value: https://kubernetes:443
+        - name: NP_MONITORING_K8S_AUTH_TYPE
+          value: token
+        - name: NP_MONITORING_K8S_CA_PATH
+          value: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+        - name: NP_MONITORING_K8S_TOKEN_PATH
+          value: /var/run/secrets/kubernetes.io/serviceaccount/token
+        - name: NP_MONITORING_PLATFORM_API_URL
+          value: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_PLATFORM_API_URL | first | default .Values.NP_MONITORING_PLATFORM_API_URL._default) }}
+        - name: NP_MONITORING_PLATFORM_AUTH_URL
+          value: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_PLATFORM_AUTH_URL | first | default .Values.NP_MONITORING_PLATFORM_AUTH_URL._default) }}
+        - name: NP_MONITORING_ES_HOSTS
+          value: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_ES_HOSTS | first | default .Values.NP_MONITORING_ES_HOSTS._default) }}
+        - name: NP_MONITORING_K8S_NS
+          value: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_K8S_NS | first | default .Values.NP_MONITORING_K8S_NS._default) }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: platformmonitoringapi
+spec:
+  type: ClusterIP
+  ports:
+  - port: 8080
+    targetPort: 8080
+  selector:
+    service: platformmonitoringapi

deploy/platformmonitoringapi/values.yaml

@@ -0,0 +1,50 @@
+IMAGE:
+  _default: gcr.io/light-reality-205619/platformmonitoringapi:latest
+  dev: gcr.io/light-reality-205619/platformmonitoringapi:latest
+  staging: gcr.io/light-reality-205619/platformmonitoringapi:latest
+  prod: gcr.io/production-228907/platformmonitoringapi:latest
+NP_MONITORING_REQUESTS_CPU:
+  _default: "0.3"
+  dev: "0.1"
+  staging: "0.1"
+  prod: "0.1"
+NP_MONITORING_LIMITS_CPU:
+  _default: "0.5"
+  dev: "0.2"
+  staging: "0.3"
+  prod: "0.2"
+NP_MONITORING_REQUESTS_MEMORY:
+  _default: "100Mi"
+  dev: "50Mi"
+  staging: "50Mi"
+  prod: "50Mi"
+NP_MONITORING_LIMITS_MEMORY:
+  _default: "150Mi"
+  dev: "100Mi"
+  staging: "100Mi"
+  prod: "100Mi"
+NP_MONITORING_REPLICAS:
+  _default: "2"
+  dev: "2"
+  staging: "2"
+  prod: "2"
+NP_MONITORING_PLATFORM_API_URL:
+  _default: http://platformapi:8080/api/v1
+  dev: http://platformapi:8080/api/v1
+  staging: http://platformapi:8080/api/v1
+  prod: http://platformapi:8080/api/v1
+NP_MONITORING_PLATFORM_AUTH_URL:
+  _default: http://platformauthapi:8080
+  dev: http://platformauthapi:8080
+  staging: http://platformauthapi:8080
+  prod: http://platformauthapi:8080
+NP_MONITORING_ES_HOSTS:
+  _default: http://logging-elasticsearch:9200
+  dev: http://logging-elasticsearch:9200
+  staging: http://logging-elasticsearch:9200
+  prod: http://logging-elasticsearch:9200
+NP_MONITORING_K8S_NS:
+  _default: default
+  dev: default
+  staging: default
+  prod: default

platform_monitoring/config_factory.py

@@ -59,6 +59,9 @@ def _create_kube(self) -> KubeConfig:
         ca_path = self._environ.get("NP_MONITORING_K8S_CA_PATH")
         ca_data = Path(ca_path).read_text() if ca_path else None
 
+        token_path = self._environ.get("NP_MONITORING_K8S_TOKEN_PATH")
+        token = Path(token_path).read_text() if token_path else None
+
         return KubeConfig(
             endpoint_url=endpoint_url,
             cert_authority_data_pem=ca_data,
@@ -67,24 +70,18 @@ def _create_kube(self) -> KubeConfig:
             auth_cert_key_path=self._environ.get(
                 "NP_MONITORING_K8S_AUTH_CERT_KEY_PATH"
             ),
-            token=self._environ.get("NP_MONITORING_K8S_TOKEN"),
+            token=token,
             namespace=self._environ.get("NP_MONITORING_K8S_NS", KubeConfig.namespace),
             client_conn_timeout_s=int(
-                self._environ.get(
-                    "NP_MONITORING_K8S_CLIENT_CONN_TIMEOUT",
-                    KubeConfig.client_conn_timeout_s,
-                )
+                self._environ.get("NP_MONITORING_K8S_CLIENT_CONN_TIMEOUT")
+                or KubeConfig.client_conn_timeout_s
             ),
             client_read_timeout_s=int(
-                self._environ.get(
-                    "NP_MONITORING_K8S_CLIENT_READ_TIMEOUT",
-                    KubeConfig.client_read_timeout_s,
-                )
+                self._environ.get("NP_MONITORING_K8S_CLIENT_READ_TIMEOUT")
+                or KubeConfig.client_read_timeout_s
             ),
             client_conn_pool_size=int(
-                self._environ.get(
-                    "NP_MONITORING_K8S_CLIENT_CONN_POOL_SIZE",
-                    KubeConfig.client_conn_pool_size,
-                )
+                self._environ.get("NP_MONITORING_K8S_CLIENT_CONN_POOL_SIZE")
+                or KubeConfig.client_conn_pool_size
             ),
         )

tests/unit/test_config.py

@@ -16,6 +16,7 @@
 
 
 CA_DATA_PEM = "this-is-certificate-authority-public-key"
+TOKEN = "this-is-token"
 
 
 @pytest.fixture()
@@ -25,7 +26,14 @@ def cert_authority_path(tmp_path: Path) -> str:
     return str(ca_path)
 
 
-def test_create(cert_authority_path: str) -> None:
+@pytest.fixture()
+def token_path(tmp_path: Path) -> str:
+    token_path = tmp_path / "token"
+    token_path.write_text(TOKEN)
+    return str(token_path)
+
+
+def test_create(cert_authority_path: str, token_path: str) -> None:
     environ: Dict[str, Any] = {
         "NP_MONITORING_API_HOST": "0.0.0.0",
         "NP_MONITORING_API_PORT": 8080,
@@ -39,7 +47,7 @@ def test_create(cert_authority_path: str) -> None:
         "NP_MONITORING_K8S_API_URL": "https://localhost:8443",
         "NP_MONITORING_K8S_AUTH_TYPE": "token",
         "NP_MONITORING_K8S_CA_PATH": cert_authority_path,
-        "NP_MONITORING_K8S_TOKEN": "kube-client-token",
+        "NP_MONITORING_K8S_TOKEN_PATH": token_path,
         "NP_MONITORING_K8S_AUTH_CERT_PATH": "/cert_path",
         "NP_MONITORING_K8S_AUTH_CERT_KEY_PATH": "/cert_key_path",
         "NP_MONITORING_K8S_NS": "other-namespace",
@@ -61,7 +69,7 @@ def test_create(cert_authority_path: str) -> None:
             endpoint_url="https://localhost:8443",
             cert_authority_data_pem=CA_DATA_PEM,
             auth_type=KubeClientAuthType.TOKEN,
-            token="kube-client-token",
+            token=TOKEN,
             auth_cert_path="/cert_path",
             auth_cert_key_path="/cert_key_path",
             namespace="other-namespace",