Adding Kubernetes config

[riesentoaster]

Important

• As of now the database is not really persistent? However it survived a redeployment (service is not recreated) but not a pod restart so it should be looked at as soon as possible.
• The services for API, Editor, and Executor are of type ClusterIP so we should test how it behaves if we have multiple replicas of the pods. Otherwise we will switch back to LoadBalancer.
• Right now secrets are stored in the values file. These need to be moved to the GitHub secrets.
• The domain flooq.io is not yet connected to the cluster. For now this is fine but we have to create an issue for this.

Original Todos

ToDos:

• volumes
  • read about Volumes
  • add config for local volumes
  • use provided volumes on ZHAW K8s
• DNS/Comms
  • make sure deployments can communicate with each other
• ENV config
  • including different configs for local, staging, prod
  • think about secrets
• ingress
  • create ingress
  • add SSL
• security
  • think about security
• CI/CD
  • setup CI and CD
• documentation
  • installation
  • running local cluster
  • running parts of the project in a local cluster
  • further documentation
• presentation
  • prepare presentation for other team members

[riesentoaster]

So I checked the env of some containers and noticed the lines labeled EDITOR_PORT, EXECUTOR_PORT and API_PORT. These seem to be passed to all containers. Can we use them instead of having to pass them manually? Seems a lot cleaner and easier.

@Geissemanu @MrF3lix

DB

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/postgresql/14/bin
HOSTNAME=db-deployment-0
TERM=xterm
POSTGRES_PASSWORD=password
POSTGRES_USER=postgres
POSTGRES_DB=flooqdatabase
KUBERNETES_SERVICE_HOST=10.96.0.1
EXECUTOR_PORT=tcp://10.110.235.26:5734
EXECUTOR_PORT_5734_TCP_PROTO=tcp
DB_SERVICE_PORT=3306
DB_PORT_3306_TCP=tcp://10.102.132.127:3306
DB_PORT_3306_TCP_PROTO=tcp
API_PORT=tcp://10.109.56.152:8301
EDITOR_PORT_5739_TCP_PROTO=tcp
EXECUTOR_PORT_5734_TCP=tcp://10.110.235.26:5734
DB_SERVICE_HOST=10.102.132.127
DB_PORT_3306_TCP_ADDR=10.102.132.127
KUBERNETES_SERVICE_PORT_HTTPS=443
KUBERNETES_PORT_443_TCP_PROTO=tcp
API_SERVICE_HOST=10.109.56.152
API_PORT_8301_TCP=tcp://10.109.56.152:8301
API_PORT_8301_TCP_ADDR=10.109.56.152
KUBERNETES_SERVICE_PORT=443
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
DB_PORT_3306_TCP_PORT=3306
KUBERNETES_PORT_443_TCP_PORT=443
EXECUTOR_SERVICE_HOST=10.110.235.26
API_PORT_8301_TCP_PORT=8301
DB_PORT=tcp://10.102.132.127:3306
API_PORT_8301_TCP_PROTO=tcp
EDITOR_PORT_5739_TCP_ADDR=10.97.218.146
EXECUTOR_SERVICE_PORT=5734
API_SERVICE_PORT=8301
EDITOR_SERVICE_HOST=10.97.218.146
EDITOR_SERVICE_PORT=5739
EDITOR_PORT=tcp://10.97.218.146:5739
EDITOR_PORT_5739_TCP=tcp://10.97.218.146:5739
EDITOR_PORT_5739_TCP_PORT=5739
KUBERNETES_PORT=tcp://10.96.0.1:443
EXECUTOR_PORT_5734_TCP_PORT=5734
EXECUTOR_PORT_5734_TCP_ADDR=10.110.235.26
GOSU_VERSION=1.14
LANG=en_US.utf8
PG_MAJOR=14
PG_VERSION=14.2-1.pgdg110+1
PGDATA=/var/lib/postgresql/data
HOME=/root

API

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=api-deployment-545c55dd7b-t8x9t
TERM=xterm
ConnectionStrings__FlooqDatabase=Host=db;Port=3306;Database=flooqdatabase;Username=postgres;Password=password
DB_URL=db
DB_PORT=3306
DB_USER=
DB_PASSWORD=
API_TOKEN_EXECUTOR=
API_TOKEN_EDITOR=
EXECUTOR_PORT_5734_TCP_PROTO=tcp
API_SERVICE_HOST=10.109.56.152
EDITOR_SERVICE_HOST=10.97.218.146
KUBERNETES_PORT_443_TCP_PORT=443
EXECUTOR_PORT=tcp://10.110.235.26:5734
API_PORT_8301_TCP=tcp://10.109.56.152:8301
EDITOR_PORT_5739_TCP_PORT=5739
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
EXECUTOR_SERVICE_PORT=5734
KUBERNETES_SERVICE_PORT=443
EDITOR_SERVICE_PORT=5739
EXECUTOR_PORT_5734_TCP_PORT=5734
DB_SERVICE_HOST=10.102.132.127
DB_PORT_3306_TCP_PORT=3306
DB_PORT_3306_TCP_ADDR=10.102.132.127
API_SERVICE_PORT=8301
API_PORT_8301_TCP_PROTO=tcp
KUBERNETES_SERVICE_HOST=10.96.0.1
EXECUTOR_PORT_5734_TCP=tcp://10.110.235.26:5734
KUBERNETES_PORT=tcp://10.96.0.1:443
DB_PORT_3306_TCP=tcp://10.102.132.127:3306
DB_PORT_3306_TCP_PROTO=tcp
API_PORT=tcp://10.109.56.152:8301
EDITOR_PORT_5739_TCP_PROTO=tcp
EDITOR_PORT_5739_TCP_ADDR=10.97.218.146
DB_SERVICE_PORT=3306
EDITOR_PORT_5739_TCP=tcp://10.97.218.146:5739
API_PORT_8301_TCP_PORT=8301
EXECUTOR_PORT_5734_TCP_ADDR=10.110.235.26
EDITOR_PORT=tcp://10.97.218.146:5739
KUBERNETES_SERVICE_PORT_HTTPS=443
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
EXECUTOR_SERVICE_HOST=10.110.235.26
API_PORT_8301_TCP_ADDR=10.109.56.152
ASPNETCORE_URLS=http://+:80
DOTNET_RUNNING_IN_CONTAINER=true
DOTNET_VERSION=6.0.3
ASPNET_VERSION=6.0.3
Logging__Console__FormatterName=Json
HOME=/root

[riesentoaster]

Prerequisite:

• Install minkube
• Install helm
• Start minikube: minikube start

Current usage:

• Create persistent volume: kubectl create -f local-storage-claim.yaml
• Install helm chart: helm install helm --generate-name (the second helm is the directory. I'll change the name sometime before this PR goes live.)

Uninstall/restart:

• Uninstall helm chart: helm list, get ID, helm uninstall [ID]
• Uninstall Persistant Volume Claim: kubectl get pvc, get ID, kubectl delete pvc [ID] – not necessary if automatically deleted
• Uninstall Persistant Volume: kubectl get pv, get ID, kubectl delete pv [ID] – reinstallation is necessary every time, otherwise, the claim is never resolved.

What works:

• Containers start
• DB is initialized correctly (username, password, default database name, storage location)
• API can access itself (kubectl get pods, get API ID, kubectl exec [ID] -it -- /bin/bash, install curl, curl localhost)

What doesn't work:

• API can't access API service (maybe see above)
• API can't access DB (don't know what is lacking, possibly a credentials missmatch)

What I haven't started:

• Ingress
• API access from executor/editor
• Deployment

[riesentoaster]

ToDos:

• Possibly rename db service to something more sensible (and stable!)
• Configure db
• See above

[sonarcloud]

[Executor] Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

[sonarcloud]

[Editor] Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

[sonarcloud]

[API] Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information