Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DOC: create separate setup docs for each app #135

Merged
merged 3 commits into from
Sep 10, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion docs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,18 @@ This documentation outlines how to set up clusters managed by ArgoCD in the STFC

## Quick Start

## Looking to Deploy and Setup an App?

- [ArgoCD Setup](apps/argocd.md)
- [Cert-manager](apps/cert-manager.md)
- [Storage - Manila or Longhorn](apps/storage.md)
- [Galaxy](apps/galaxy.md) (IN DEVELOPMENT)
- Victoria Metrics (DOCS NEEDED)

### New to the ArgoCD folder workflow used?

**Start with:** [How it works - folder-based flow & promotion flowchart](folder-based-flow.md)


### Deploying a New ArgoCD Environment?
If you are starting from scratch and need to set up a new environment (e.g. deploying a new dev ArgoCD cluster), start with: [Deploying a new cluster](clusters.md)

Expand Down
122 changes: 0 additions & 122 deletions docs/app-setup.md

This file was deleted.

34 changes: 34 additions & 0 deletions docs/apps/argocd.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# ArgoCD Setup

ArgoCD is what we use for enabling GitOps on our clusters - it is a Continuous delivery tool for managing applications on our clusters.

We manage ArgoCD using ArgoCD - its just another app.

## Pre-requisites

A Kubernetes cluster - preferrably deployed using CAPI and running on the STFC CLoud
anish-mudaraddi marked this conversation as resolved.
Show resolved Hide resolved

## Pre-deployment steps

Our chart configured argocd so it should just work out-of-the-box without any tweaks

### 1. Change Domain Name
The only thing you'll definately want to change is the domain name to access the webui:

```yaml
argo-cd:
global:
domain: "myargocd.example.com
anish-mudaraddi marked this conversation as resolved.
Show resolved Hide resolved
```

## Configuration

`argocd-setup-values.yaml` is the file we use for configuring cluster-specific argocd values and its dependencies.

See [Argocd Helm Chart](https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd) for details

## Deployment

see [Deploying Apps](../deploying-apps.md)


48 changes: 48 additions & 0 deletions docs/apps/cert-manager.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
# Cert-manager Setup

Cert-manager is a tool we use to manage certs.

Our chart configures cert-manager and includes pre-configured issuers including staging and production letsencrypt - to enable you to setup verified HTTPS certs for your web-apps

## Pre-deployment steps

### (Optional) 1. Enable letsencrypt issuers

to enable letsecrypt issuers, you need to add:

```yaml
cert-manager:

# for testing your networing - PLEASE USE THIS TO TEST FIRST!
# this will prevent the ENTIRE department getting rate-limited!
le-staging:
enabled: true

# prod issuer
le-prod:
enabled: true
```

## Configuration

To enable letsencrypt issuer - you need to add an annotation to ingress resources and enable tls

> [!CAUTION]
> This is just an example - read the documentation on the helm chart your trying to install to see how to configure nginx ingress.
> You might need to make your own - see [Ingress Controller Docs](https://kubernetes.io/docs/concepts/services-networking/ingress/)

```yaml
ingress:
annotations:
# add the annotation
cert-manager.io/cluster-issuer: "letsencrypt-prod" # or letsencrypt-staging or self-signed
hosts:
- name: myservice.example.com
path: /
port: http
# specify tls and secret name
tls:
- secretName: my-le-cert
hosts:
- myservice.example.com
```
Loading