diff --git a/Dockerfile.k8s b/Dockerfile.k8s index e3b30aa1..8f1d2cfd 100644 --- a/Dockerfile.k8s +++ b/Dockerfile.k8s @@ -14,7 +14,7 @@ RUN \ COPY platform_monitoring platform_monitoring RUN pip install -e . -ENV NP_MON_API_PORT=8080 -EXPOSE $NP_MON_API_PORT +ENV NP_MONITORING_API_PORT=8080 +EXPOSE $NP_MONITORING_API_PORT CMD platform-monitoring \ No newline at end of file diff --git a/Makefile b/Makefile index d16362e0..edcf3ff6 100644 --- a/Makefile +++ b/Makefile @@ -58,9 +58,12 @@ gke_docker_push: build docker tag $(IMAGE_NAME):$(IMAGE_TAG) $(IMAGE):$(CIRCLE_SHA1) docker push $(IMAGE) -gke_deploy: +_helm: + curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash -s -- -v v2.11.0 + +gke_deploy: _helm gcloud --quiet container clusters get-credentials $(GKE_CLUSTER_NAME) $(CLUSTER_ZONE_REGION) - #helm \ - # --set "global.env=$(HELM_ENV)" \ - # --set "IMAGE.$(HELM_ENV)=$(IMAGE):$(CIRCLE_SHA1)" \ - # upgrade --install platformmonitoring deploy/platformmonitoring/ --wait --timeout 600 + helm \ + --set "global.env=$(HELM_ENV)" \ + --set "IMAGE.$(HELM_ENV)=$(IMAGE):$(CIRCLE_SHA1)" \ + upgrade --install platformmonitoringapi deploy/platformmonitoringapi/ --wait --timeout 600 diff --git a/deploy/README b/deploy/README new file mode 100644 index 00000000..900d9a60 --- /dev/null +++ b/deploy/README @@ -0,0 +1,25 @@ + + +### _cd_ to _deploy_ folder +``` cd deploy ``` + +### Connect to cluster +```gcloud container clusters get-credentials prod-cluster-01 --zone us-west1-b --project production-228907``` + + + +# Deploy in Production cluster + +### Deploy platform-registry-api +```helm --set "global.env=prod" upgrade --install platformmonitoringapi platformmonitoringapi``` + + + +#Deploy in staging and dev clusters + +Dev : + - helm --set "global.env=dev" upgrade --install platformmonitoringapi platformmonitoringapi + +Staging : + - helm --set "global.env=stage" upgrade --install platformmonitoringapi --name=platformmonitoringapi + diff --git a/deploy/platformmonitoringapi/Chart.yaml b/deploy/platformmonitoringapi/Chart.yaml new file mode 100644 index 00000000..b140bc14 --- /dev/null +++ b/deploy/platformmonitoringapi/Chart.yaml @@ -0,0 +1,4 @@ +name: platformmonitoringapi +description: Deploy platformmonitoringapi +version: 0.0.1 +appVersion: 0.0.1 diff --git a/deploy/platformmonitoringapi/templates/platformmonitoring.gke.yml b/deploy/platformmonitoringapi/templates/platformmonitoring.gke.yml new file mode 100644 index 00000000..fe6eff45 --- /dev/null +++ b/deploy/platformmonitoringapi/templates/platformmonitoring.gke.yml @@ -0,0 +1,69 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: platformmonitoringapi +spec: + replicas: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_REPLICAS | first | default .Values.NP_MONITORING_REPLICAS._default) }} + selector: + matchLabels: + service: platformmonitoringapi + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + labels: + service: platformmonitoringapi + spec: + containers: + - name: platformmonitoringapi + image: {{ printf "%s" (pluck .Values.global.env .Values.IMAGE | first | default .Values.IMAGE._default) }} + imagePullPolicy: Always + resources: + requests: + cpu: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_REQUESTS_CPU | first | default .Values.NP_MONITORING_REQUESTS_CPU._default) }} + memory: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_REQUESTS_MEMORY | first | default .Values.NP_MONITORING_REQUESTS_MEMORY._default) }} + limits: + cpu: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_LIMITS_CPU | first | default .Values.NP_MONITORING_LIMITS_CPU._default) }} + memory: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_LIMITS_MEMORY | first | default .Values.NP_MONITORING_LIMITS_MEMORY._default) }} + env: + - name: NP_MONITORING_PLATFORM_API_TOKEN + valueFrom: + secretKeyRef: + name: platformservices-secret + key: compute_token + - name: NP_MONITORING_PLATFORM_AUTH_TOKEN + valueFrom: + secretKeyRef: + name: platformservices-secret + key: compute_token + - name: NP_MONITORING_K8S_API_URL + value: https://kubernetes:443 + - name: NP_MONITORING_K8S_AUTH_TYPE + value: token + - name: NP_MONITORING_K8S_CA_PATH + value: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + - name: NP_MONITORING_K8S_TOKEN_PATH + value: /var/run/secrets/kubernetes.io/serviceaccount/token + - name: NP_MONITORING_PLATFORM_API_URL + value: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_PLATFORM_API_URL | first | default .Values.NP_MONITORING_PLATFORM_API_URL._default) }} + - name: NP_MONITORING_PLATFORM_AUTH_URL + value: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_PLATFORM_AUTH_URL | first | default .Values.NP_MONITORING_PLATFORM_AUTH_URL._default) }} + - name: NP_MONITORING_ES_HOSTS + value: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_ES_HOSTS | first | default .Values.NP_MONITORING_ES_HOSTS._default) }} + - name: NP_MONITORING_K8S_NS + value: {{ printf "%s" (pluck .Values.global.env .Values.NP_MONITORING_K8S_NS | first | default .Values.NP_MONITORING_K8S_NS._default) }} +--- +apiVersion: v1 +kind: Service +metadata: + name: platformmonitoringapi +spec: + type: ClusterIP + ports: + - port: 8080 + targetPort: 8080 + selector: + service: platformmonitoringapi diff --git a/deploy/platformmonitoringapi/values.yaml b/deploy/platformmonitoringapi/values.yaml new file mode 100644 index 00000000..1c64abf6 --- /dev/null +++ b/deploy/platformmonitoringapi/values.yaml @@ -0,0 +1,50 @@ +IMAGE: + _default: gcr.io/light-reality-205619/platformmonitoringapi:latest + dev: gcr.io/light-reality-205619/platformmonitoringapi:latest + staging: gcr.io/light-reality-205619/platformmonitoringapi:latest + prod: gcr.io/production-228907/platformmonitoringapi:latest +NP_MONITORING_REQUESTS_CPU: + _default: "0.3" + dev: "0.1" + staging: "0.1" + prod: "0.1" +NP_MONITORING_LIMITS_CPU: + _default: "0.5" + dev: "0.2" + staging: "0.3" + prod: "0.2" +NP_MONITORING_REQUESTS_MEMORY: + _default: "100Mi" + dev: "50Mi" + staging: "50Mi" + prod: "50Mi" +NP_MONITORING_LIMITS_MEMORY: + _default: "150Mi" + dev: "100Mi" + staging: "100Mi" + prod: "100Mi" +NP_MONITORING_REPLICAS: + _default: "2" + dev: "2" + staging: "2" + prod: "2" +NP_MONITORING_PLATFORM_API_URL: + _default: http://platformapi:8080/api/v1 + dev: http://platformapi:8080/api/v1 + staging: http://platformapi:8080/api/v1 + prod: http://platformapi:8080/api/v1 +NP_MONITORING_PLATFORM_AUTH_URL: + _default: http://platformauthapi:8080 + dev: http://platformauthapi:8080 + staging: http://platformauthapi:8080 + prod: http://platformauthapi:8080 +NP_MONITORING_ES_HOSTS: + _default: http://logging-elasticsearch:9200 + dev: http://logging-elasticsearch:9200 + staging: http://logging-elasticsearch:9200 + prod: http://logging-elasticsearch:9200 +NP_MONITORING_K8S_NS: + _default: default + dev: default + staging: default + prod: default \ No newline at end of file diff --git a/platform_monitoring/config_factory.py b/platform_monitoring/config_factory.py index f1dba286..eca078ac 100644 --- a/platform_monitoring/config_factory.py +++ b/platform_monitoring/config_factory.py @@ -59,6 +59,9 @@ def _create_kube(self) -> KubeConfig: ca_path = self._environ.get("NP_MONITORING_K8S_CA_PATH") ca_data = Path(ca_path).read_text() if ca_path else None + token_path = self._environ.get("NP_MONITORING_K8S_TOKEN_PATH") + token = Path(token_path).read_text() if token_path else None + return KubeConfig( endpoint_url=endpoint_url, cert_authority_data_pem=ca_data, @@ -67,24 +70,18 @@ def _create_kube(self) -> KubeConfig: auth_cert_key_path=self._environ.get( "NP_MONITORING_K8S_AUTH_CERT_KEY_PATH" ), - token=self._environ.get("NP_MONITORING_K8S_TOKEN"), + token=token, namespace=self._environ.get("NP_MONITORING_K8S_NS", KubeConfig.namespace), client_conn_timeout_s=int( - self._environ.get( - "NP_MONITORING_K8S_CLIENT_CONN_TIMEOUT", - KubeConfig.client_conn_timeout_s, - ) + self._environ.get("NP_MONITORING_K8S_CLIENT_CONN_TIMEOUT") + or KubeConfig.client_conn_timeout_s ), client_read_timeout_s=int( - self._environ.get( - "NP_MONITORING_K8S_CLIENT_READ_TIMEOUT", - KubeConfig.client_read_timeout_s, - ) + self._environ.get("NP_MONITORING_K8S_CLIENT_READ_TIMEOUT") + or KubeConfig.client_read_timeout_s ), client_conn_pool_size=int( - self._environ.get( - "NP_MONITORING_K8S_CLIENT_CONN_POOL_SIZE", - KubeConfig.client_conn_pool_size, - ) + self._environ.get("NP_MONITORING_K8S_CLIENT_CONN_POOL_SIZE") + or KubeConfig.client_conn_pool_size ), ) diff --git a/tests/unit/test_config.py b/tests/unit/test_config.py index b6df20c4..806aecf0 100644 --- a/tests/unit/test_config.py +++ b/tests/unit/test_config.py @@ -16,6 +16,7 @@ CA_DATA_PEM = "this-is-certificate-authority-public-key" +TOKEN = "this-is-token" @pytest.fixture() @@ -25,7 +26,14 @@ def cert_authority_path(tmp_path: Path) -> str: return str(ca_path) -def test_create(cert_authority_path: str) -> None: +@pytest.fixture() +def token_path(tmp_path: Path) -> str: + token_path = tmp_path / "token" + token_path.write_text(TOKEN) + return str(token_path) + + +def test_create(cert_authority_path: str, token_path: str) -> None: environ: Dict[str, Any] = { "NP_MONITORING_API_HOST": "0.0.0.0", "NP_MONITORING_API_PORT": 8080, @@ -39,7 +47,7 @@ def test_create(cert_authority_path: str) -> None: "NP_MONITORING_K8S_API_URL": "https://localhost:8443", "NP_MONITORING_K8S_AUTH_TYPE": "token", "NP_MONITORING_K8S_CA_PATH": cert_authority_path, - "NP_MONITORING_K8S_TOKEN": "kube-client-token", + "NP_MONITORING_K8S_TOKEN_PATH": token_path, "NP_MONITORING_K8S_AUTH_CERT_PATH": "/cert_path", "NP_MONITORING_K8S_AUTH_CERT_KEY_PATH": "/cert_key_path", "NP_MONITORING_K8S_NS": "other-namespace", @@ -61,7 +69,7 @@ def test_create(cert_authority_path: str) -> None: endpoint_url="https://localhost:8443", cert_authority_data_pem=CA_DATA_PEM, auth_type=KubeClientAuthType.TOKEN, - token="kube-client-token", + token=TOKEN, auth_cert_path="/cert_path", auth_cert_key_path="/cert_key_path", namespace="other-namespace",