From 1f6a0874c906ae6f620b99a68ec251e13c6b4a0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= Date: Tue, 13 Jul 2021 13:54:18 +0200 Subject: [PATCH] Fulfill Ulf's suggestions and minor design fixes --- deployment/kubernetes/DigitalOcean.md | 10 ++++++- deployment/kubernetes/README.md | 30 ++++++++++--------- deployment/old/digital-ocean/README.md | 8 ++--- deployment/old/digital-ocean/https/README.md | 14 ++++----- deployment/old/volumes/README.md | 2 +- deployment/old/volumes/velero/README.md | 2 +- .../old/volumes/volume-snapshots/README.md | 4 +-- 7 files changed, 40 insertions(+), 30 deletions(-) diff --git a/deployment/kubernetes/DigitalOcean.md b/deployment/kubernetes/DigitalOcean.md index 9a96239..61998d7 100644 --- a/deployment/kubernetes/DigitalOcean.md +++ b/deployment/kubernetes/DigitalOcean.md @@ -63,7 +63,15 @@ Take one of the IPs of perhaps two or more droplets in your cluster from the lis ### Manage DNS With DigitalOcean -TODO: Describe what the purpose is and how to implement it … +***TODO:** How to configure the DigitalOcean DNS management service …* + +To understand what makes sense to do when managing your DNS with DigitalOcean, you need to know how DNS works: + +DNS means `Domain Name System`. It resolves domains like `example.com` into an IP like `123.123.123`. +DigitalOcean is not a domain registrar, but provides a DNS management service. If you use DigitalOcean's DNS management service, you can configure [your cluster](/deployment/kubernetes/README.md#dns) to always resolve the domain to the correct IP and automatically update it for that. +The IPs of the DigitalOcean machines are not necessarily stable, so the cluster's DNS service will update the DNS records managed by DigitalOcean to the new IP as needed. + +***CAUTION:** If you are using an external DNS, you currently have to do this manually, which can cause downtime.* ## Deploy diff --git a/deployment/kubernetes/README.md b/deployment/kubernetes/README.md index e34751e..18baa43 100644 --- a/deployment/kubernetes/README.md +++ b/deployment/kubernetes/README.md @@ -15,7 +15,7 @@ Managed Kubernetes: You can customize the network server with your configuration by duplicate the `values.template.yaml` to a new `values.yaml` file and change it to your need. All included variables will be available as environment variables in your deployed kubernetes pods. -Besides the `values.template.yaml` file we provide a `nginx.values.template.yaml` and `dns.values.template.yaml` for a similar procedure. The new `nginx.values.yaml` is the configuration for the ingress-nginx Helm chart, while the `dns.values.yaml` file is for automatically updating the dns values on digital ocean and therefore optional. +Besides the `values.template.yaml` file we provide a `nginx.values.template.yaml` and `dns.values.template.yaml` for a similar procedure. The new `nginx.values.yaml` is the configuration for the ingress-nginx Helm chart, while the `dns.values.yaml` file is for automatically updating the dns values on DigitalOcean and therefore optional. ## Installation @@ -27,7 +27,7 @@ Please refer to [cert-manager.io docs](https://cert-manager.io/docs/installation ***ATTENTION:*** *Be with the Terminal in your repository in the folder of this README.* -1. Create Namespace +#### 1. Create Namespace ```bash # kubeconfig.yaml set globaly @@ -36,14 +36,14 @@ $ kubectl create namespace cert-manager $ kubectl --kubeconfig=/../kubeconfig.yaml create namespace cert-manager ``` -2. Add Helm repository and update +#### 2. Add Helm repository and update ```bash $ helm repo add jetstack https://charts.jetstack.io $ helm repo update ``` -3. Install Cert-Manager Helm chart +#### 3. Install Cert-Manager Helm chart ```bash # option 1 @@ -66,14 +66,14 @@ $ helm --kubeconfig=/../kubeconfig.yaml \ ### Ingress-Nginx -1. Add Helm repository and update +#### 1. Add Helm repository and update ```bash $ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx $ helm repo update ``` -2. Install ingress-nginx +#### 2. Install ingress-nginx ```bash # kubeconfig.yaml set globaly @@ -82,11 +82,11 @@ $ helm install ingress-nginx ingress-nginx/ingress-nginx -f nginx.values.yaml $ helm --kubeconfig=/../kubeconfig.yaml install ingress-nginx ingress-nginx/ingress-nginx -f nginx.values.yaml ``` -### Digital Ocean Firewall +### DigitalOcean Firewall -This is only necessary if you run Digital Ocean without load balancer ([see here for more info](https://stackoverflow.com/questions/54119399/expose-port-80-on-digital-oceans-managed-kubernetes-without-a-load-balancer/55968709)) . +This is only necessary if you run DigitalOcean without load balancer ([see here for more info](https://stackoverflow.com/questions/54119399/expose-port-80-on-digital-oceans-managed-kubernetes-without-a-load-balancer/55968709)) . -1. Authenticate towards DO with your local `doctl` +#### 1. Authenticate towards DO with your local `doctl` You will need a DO token for that. @@ -99,7 +99,7 @@ $ doctl auth init --context You will need an API token, which you can generate in the control panel at . -2. Generate DO firewall +#### 2. Generate DO firewall Get the `CLUSTER_UUID` value from the dashboard or from the ID column via `doctl kubernetes cluster list`: @@ -134,17 +134,19 @@ $ doctl compute firewall get --context ### DNS -This chart is only necessary (recommended is more precise) if you run Digital Ocean without load balancer. +***TODO:** I thought this is necessary if we use the DigitalOcean DNS management service? See [Manage DNS With DigitalOcean](/deployment/kubernetes/DigitalOcean.md#manage-dns-with-digitalocean)* + +This chart is only necessary (recommended is more precise) if you run DigitalOcean without load balancer. You need to generate an access token with read + write for the `dns.values.yaml` at and fill it in. -1. Add Helm repository and update +#### 1. Add Helm repository and update ```bash $ helm repo add bitnami https://charts.bitnami.com/bitnami $ helm repo update ``` -2. Install DNS +#### 2. Install DNS ```bash # kubeconfig.yaml set globaly @@ -205,4 +207,4 @@ If you are lucky enough to have a kubernetes cluster with the required hardware support, try this [helm chart](https://github.com/helm/charts/tree/master/stable/sentry). On our kubernetes cluster we get "mult-attach" errors for persistent volumes. -Apparently Digital Ocean's kubernetes clusters do not fulfill the requirements. +Apparently DigitalOcean's kubernetes clusters do not fulfill the requirements. diff --git a/deployment/old/digital-ocean/README.md b/deployment/old/digital-ocean/README.md index 2ded383..c5893f6 100644 --- a/deployment/old/digital-ocean/README.md +++ b/deployment/old/digital-ocean/README.md @@ -1,10 +1,10 @@ -# Digital Ocean +# DigitalOcean -As a start, read the [introduction into Kubernetes](https://www.digitalocean.com/community/tutorials/an-introduction-to-kubernetes) by the folks at Digital Ocean. The following section should enable you to deploy ocelot.social to your Kubernetes cluster. +As a start, read the [introduction into Kubernetes](https://www.digitalocean.com/community/tutorials/an-introduction-to-kubernetes) by the folks at DigitalOcean. The following section should enable you to deploy ocelot.social to your Kubernetes cluster. ## Connect to your local cluster -1. Create a cluster at [Digital Ocean](https://www.digitalocean.com/). +1. Create a cluster at [DigitalOcean](https://www.digitalocean.com/). 2. Download the `***-kubeconfig.yaml` from the Web UI. 3. Move the file to the default location where kubectl expects it to be: `mv ***-kubeconfig.yaml ~/.kube/config`. Alternatively you can set the config on every command: `--kubeconfig ***-kubeconfig.yaml` 4. Now check if you can connect to the cluster and if its your newly created one by running: `kubectl get nodes` @@ -21,7 +21,7 @@ nifty-driscoll-uusn Ready 69d v1.13.2 If you got the steps right above and see your nodes you can continue. -Digital Ocean Kubernetes clusters don't have a graphical interface, so I suggest +DigitalOcean Kubernetes clusters don't have a graphical interface, so I suggest to setup the [Kubernetes dashboard](./dashboard/README.md) as a next step. Configuring [HTTPS](./https/README.md) is bit tricky and therefore I suggest to do this as a last step. diff --git a/deployment/old/digital-ocean/https/README.md b/deployment/old/digital-ocean/https/README.md index b306a48..8cfaabd 100644 --- a/deployment/old/digital-ocean/https/README.md +++ b/deployment/old/digital-ocean/https/README.md @@ -19,7 +19,7 @@ $ kubectl apply -f . ``` {% hint style="info" %} -CAUTION: It seems that the behaviour of Digital Ocean has changed and the load balancer is not created automatically anymore. +CAUTION: It seems that the behaviour of DigitalOcean has changed and the load balancer is not created automatically anymore. And to create a load balancer costs money. Please refine the following documentation if required. {% endhint %} @@ -29,20 +29,20 @@ And to create a load balancer costs money. Please refine the following documenta A solution without a load balance you can find [here](../no-loadbalancer/README.md). {% endtab %} -{% tab title="With Digital Ocean Load Balancer" %} +{% tab title="With DigitalOcean Load Balancer" %} {% hint style="info" %} -CAUTION: It seems that the behaviour of Digital Ocean has changed and the load balancer is not created automatically anymore. +CAUTION: It seems that the behaviour of DigitalOcean has changed and the load balancer is not created automatically anymore. Please refine the following documentation if required. {% endhint %} In earlier days by now, your cluster should have a load balancer assigned with an external IP -address. On Digital Ocean, this is how it should look like: +address. On DigitalOcean, this is how it should look like: -![Screenshot of Digital Ocean dashboard showing external ip address](./ip-address.png) +![Screenshot of DigitalOcean dashboard showing external ip address](./ip-address.png) -If the load balancer isn't created automatically you have to create it your self on Digital Ocean under Networks. -In case you don't need a Digital Ocean load balancer (which costs money by the way) have a look in the tab `Without Load Balancer`. +If the load balancer isn't created automatically you have to create it your self on DigitalOcean under Networks. +In case you don't need a DigitalOcean load balancer (which costs money by the way) have a look in the tab `Without Load Balancer`. {% endtab %} {% endtabs %} diff --git a/deployment/old/volumes/README.md b/deployment/old/volumes/README.md index 1d84968..00619d3 100644 --- a/deployment/old/volumes/README.md +++ b/deployment/old/volumes/README.md @@ -3,7 +3,7 @@ At the moment, the application needs two persistent volumes: * The `/data/` folder where `neo4j` stores its database and -* the folder `/develop-backend/public/uploads` where the backend stores uploads, in case you don't use Digital Ocean Spaces (an AWS S3 bucket) for this purpose. +* the folder `/develop-backend/public/uploads` where the backend stores uploads, in case you don't use DigitalOcean Spaces (an AWS S3 bucket) for this purpose. As a matter of precaution, the persistent volume claims that setup these volumes live in a separate folder. You don't want to accidently loose all your data in diff --git a/deployment/old/volumes/velero/README.md b/deployment/old/volumes/velero/README.md index 5b8fc9d..bf63f13 100644 --- a/deployment/old/volumes/velero/README.md +++ b/deployment/old/volumes/velero/README.md @@ -5,7 +5,7 @@ I tried Velero and it did not work reliably all the time. Sometimes the kubernetes cluster crashes during recovery or data is not fully recovered. Feel free to test it out and update this documentation once you feel that it's -working reliably. It is very likely that Digital Ocean had some bugs when I +working reliably. It is very likely that DigitalOcean had some bugs when I tried out the steps below. {% endhint %} diff --git a/deployment/old/volumes/volume-snapshots/README.md b/deployment/old/volumes/volume-snapshots/README.md index 4b6aab5..010cfc6 100644 --- a/deployment/old/volumes/volume-snapshots/README.md +++ b/deployment/old/volumes/volume-snapshots/README.md @@ -17,9 +17,9 @@ kubectl apply -f neo4j-data-snapshot.yaml kubectl apply -f backen-uploads-snapshot.yaml ``` -If you are on Digital Ocean the volume snapshot should show up in the Web UI: +If you are on DigitalOcean the volume snapshot should show up in the Web UI: -![Digital Ocean Web UI showing a volume snapshot](./digital-ocean-volume-snapshots.png) +![DigitalOcean Web UI showing a volume snapshot](./digital-ocean-volume-snapshots.png) ## Provision a Volume based on a Snapshot