Kubernetes

This guide explains how to run the deps.cloud infrastructure within a Kubernetes cluster.

Prerequisites

  1. A working Kubernetes cluster. To follow along with this guide, you should set up Minikube on your machine. Minikube provides a great way to test and experiment around with Kubernetes locally.
  2. The kubectl binary should be installed and in your path on your workstation.

1 - Configure a Storage Class

deps.cloud leverages MySQL to store a given graphs dependency information. MySQL requires a persistent volume to be able to ensure the data is persisted to disk. In Kubernetes, a Persistent Volume can either be manually provisioned by a System Administrator or Dynamically provisioned using a Storage Class. To figure out if you need to install a Storage Class, you can use kubectl to see which ones have been configured on the cluster already.

$ kubectl get storageclasses.storage.k8s.io
NAME                 PROVISIONER                    AGE
standard (default)   k8s.io/minikube-hostpath       14d

If you’re have none, you can configure a local-storage class. This leverages the storage provided by the host that the pod is running on. It also creates an affinity so that the next time the pod restarts, it will prefer that host over the others.

$ cat <<EOF | kubectl apply -f -
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: local-storage
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer
EOF

2 - Set-up Workspace

Before deploying any workloads, we first need a workspace to deploy into. The following command creates a Kubernetes namespace with the name depscloud.

$ kubectl create ns depscloud

Once created, Network Policies, Resource Quotas, and RBAC can be used to lock down the system. All the resources created in this walk through will be deployed to this namespace.

3 - Deploy MySQL

If you don’t already have a MySQL database available, you can deploy one using one of the many helm charts out there. The following deployment was generated from the bitnami/mysql.

$ kubectl apply -n depscloud -f https://depscloud.github.io/deploy/k8s/mysql.yaml

This deployment comes with a single primary node and a read only replica node.

4 - Configure deps.cloud

By default, the tracker and indexer do not come configured. This allows operators to connect it to provide their specific configuration. To configure these processes, you’ll need to create two secrets in the depscloud namespace.

To configure the tracker, you’ll need to provide a depscloud-tracker secret. This secret is used to connect the tracker to the previously provisioned MySQL database.

$ cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  namespace: depscloud
  name: depscloud-tracker
stringData:
  STORAGE_DRIVER: mysql
  STORAGE_ADDRESS: user-rw:[email protected](mysql:3306)/depscloud
  STORAGE_READ_ONLY_ADDRESS: user:[email protected](mysql:3306)/depscloud
EOF

To configure the indexer, you’ll need to provide a depscloud-indexer secret. This file tells the indexer how to discovery and clone repositories. The following configuration will index the deps.cloud repositories.

$ cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  namespace: depscloud
  name: depscloud-indexer
stringData:
  config.yaml: |
    accounts:
    - github:
        strategy: HTTP
        organizations:
        - depscloud
EOF

You can learn more about how to configure the indexer process on the integrations page.

4 - Deploy deps.cloud

After the tracker and indexer have been configured, you’ll be able to deploy the deps.cloud infrastructure. This configuration can be found with the other deployment configuration on GitHub.

$ kubectl apply -n depscloud -f https://depscloud.github.io/deploy/k8s/depscloud-system.yaml

Once all processes have completed and are healthy, you should be able to interact with the API pretty easily. To quickly test this, you can port forward to one of the gateway pods directly.

$ kubectl port-forward -n depscloud svc/depscloud-gateway 8080:80
Forwarding from 127.0.0.1:8080 -> 8080
Forwarding from [::1]:8080 -> 8080

Once the port is forwarded, the following endpoints should be able to be reached.


Last modified October 26, 2020: darken up lines (141fe72)