diff --git a/infrastructure/kube/thesis-services/create.sh b/infrastructure/kube/thesis-services/create.sh new file mode 100644 index 00000000..fc0e07a9 --- /dev/null +++ b/infrastructure/kube/thesis-services/create.sh @@ -0,0 +1,8 @@ +#!/bin/sh +set -e + +kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-redis-stateful-set.yaml" +kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-redis-service.yaml" +kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-hubot-deployment.yaml" +kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-http-service.yaml" +kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-web-ingress.yaml" diff --git a/infrastructure/kube/thesis-services/update-image.sh b/infrastructure/kube/thesis-services/update-image.sh new file mode 100755 index 00000000..b5871e35 --- /dev/null +++ b/infrastructure/kube/thesis-services/update-image.sh @@ -0,0 +1,33 @@ +#!/bin/sh +set -e + +if [[ -z $GOOGLE_PROJECT_NAME || -z $GOOGLE_PROJECT_ID || -z $BUILD_TAG || -z $GOOGLE_REGION || -z $GOOGLE_COMPUTE_ZONE_A || -z $GCR_REGISTRY_URL ]]; then + echo "one or more required variables are undefined" + exit 1 +fi + +UTILITYBOX_IP=$(gcloud compute instances --project $GOOGLE_PROJECT_ID describe $GOOGLE_PROJECT_NAME-utility-box --zone $GOOGLE_COMPUTE_ZONE_A --format json | jq .networkInterfaces[0].networkIP -r) + +# Setup ssh environment +gcloud compute config-ssh --project $GOOGLE_PROJECT_ID -q +cat >> ~/.ssh/config << EOF +Host * + StrictHostKeyChecking no +Host utilitybox + HostName $UTILITYBOX_IP + IdentityFile ~/.ssh/google_compute_engine + ProxyCommand ssh -W %h:%p $GOOGLE_PROJECT_NAME-jumphost.$GOOGLE_COMPUTE_ZONE_A.$GOOGLE_PROJECT_ID +EOF + +# Run migration +ssh utilitybox << EOF + set -e + echo "<<<<<>>>>>FINISH Download Kube Creds FINISH>>>>>>" + echo "<<<<<>>>>>FINISH Run Valkyrie Deployment FINISH>>>>>>" + +EOF diff --git a/infrastructure/kube/thesis-services/valkyrie-http-service.yaml b/infrastructure/kube/thesis-services/valkyrie-http-service.yaml new file mode 100644 index 00000000..507f1ba0 --- /dev/null +++ b/infrastructure/kube/thesis-services/valkyrie-http-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: valkyrie-http-service + labels: + app: hubot +spec: + type: NodePort + selector: + app: hubot + ports: + - port: 8080 + nodePort: 30080 diff --git a/infrastructure/kube/thesis-services/valkyrie-hubot-deployment.yaml b/infrastructure/kube/thesis-services/valkyrie-hubot-deployment.yaml new file mode 100644 index 00000000..a233cf7c --- /dev/null +++ b/infrastructure/kube/thesis-services/valkyrie-hubot-deployment.yaml @@ -0,0 +1,110 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: valkyrie-hubot-deployment + labels: + app: hubot +spec: + replicas: 1 + selector: + matchLabels: + app: hubot + template: + metadata: + labels: + app: hubot + spec: + containers: + - name: hubot + # image: gcr.io/thesis-ops-2748/valkyrie:USE_CIRCLE_CI_BUILDS + env: + - name: HUBOT_DISCORD_TOKEN + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: discord_api_token + - name: HUBOT_MATRIX_USER + value: "@valkyrie:thesis.co" + - name: HUBOT_MATRIX_PASSWORD + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: matrix_valkyrie_password + - name: HUBOT_MATRIX_HOST_SERVER + value: "https://thesisco.ems.host" + - name: HUBOT_HOST + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: host + - name: HUBOT_SCHEDULE_DEBUG + value: "1" + - name: HUBOT_WEBHOOK_URL + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: hubot_webhook_url + - name: HUBOT_WEBHOOK_AUTH + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: hubot_webhook_auth + - name: HUBOT_N8N_WEBHOOK + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: hubot_n8n_webhook + - name: RELEASE_NOTIFICATION_ROOM + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: valkyrie_alert_flow + - name: SUGGESTION_ALERT_ROOM # Name of room for suggestion posts + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: valkyrie_alert_flow + - name: REDIS_URL + value: $(VALKYRIE_REDIS_SERVICE_PORT) + - name: GITHUB_CLIENT_ID + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: github_client_id + - name: GITHUB_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: github_client_secret + - name: FIGMA_API_TOKEN + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: figma_api_token + - name: IMGFLIP_API_USERNAME + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: imgflip_api_username + - name: IMGFLIP_API_PASSWORD + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: imgflip_api_password + - name: ZOOM_API_KEY + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: zoom_api_key + - name: ZOOM_API_SECRET + valueFrom: + secretKeyRef: + name: valkyrie-hubot + key: zoom_api_secret + - name: ZOOM_EXPECTED_MEETING_DURATION + value: "60" + ports: + - containerPort: 8080 + resources: + limits: + cpu: "0.1" diff --git a/infrastructure/kube/thesis-services/valkyrie-redis-service.yaml b/infrastructure/kube/thesis-services/valkyrie-redis-service.yaml new file mode 100644 index 00000000..99335a18 --- /dev/null +++ b/infrastructure/kube/thesis-services/valkyrie-redis-service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: valkyrie-redis-service +spec: + selector: + app: redis + ports: + - protocol: TCP + port: 6379 + targetPort: 6379 diff --git a/infrastructure/kube/thesis-services/valkyrie-redis-stateful-set.yaml b/infrastructure/kube/thesis-services/valkyrie-redis-stateful-set.yaml new file mode 100644 index 00000000..33aa05b9 --- /dev/null +++ b/infrastructure/kube/thesis-services/valkyrie-redis-stateful-set.yaml @@ -0,0 +1,43 @@ +# Stoleded from https://github.com/kubernetes/examples/blob/master/staging/storage/redis/ . +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: valkyrie-redis-set + labels: + app: redis +spec: + replicas: 1 + serviceName: valkyrie-redis-service + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: master + image: redis:3.2-alpine + env: + - name: MASTER + value: "true" + ports: + - containerPort: 6379 + resources: + limits: + cpu: "0.1" + command: ["sh", "-c"] + args: + - echo "dir /redis-master-data" | redis-server - + volumeMounts: + - mountPath: /redis-master-data + name: valkyrie-data + volumeClaimTemplates: + - metadata: + name: valkyrie-data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: 1Gi diff --git a/infrastructure/kube/thesis-services/valkyrie-web-ingress.yaml b/infrastructure/kube/thesis-services/valkyrie-web-ingress.yaml new file mode 100644 index 00000000..985ade8e --- /dev/null +++ b/infrastructure/kube/thesis-services/valkyrie-web-ingress.yaml @@ -0,0 +1,15 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: valkyrie-web-ip + name: valkyrie-web-ingress +spec: + tls: + - secretName: thesis-co-cloudflare-origin-cert + defaultBackend: + service: + name: valkyrie-http-service + port: + number: 8080