From 58124209bcde202ff65fb2d74a46798d71028562 Mon Sep 17 00:00:00 2001 From: Ulf Gebhardt Date: Wed, 24 Feb 2021 01:12:42 +0100 Subject: [PATCH] READMEs & ignore value files --- deployment/README.md | 5 ++ deployment/kubernetes/.gitignore | 3 + deployment/kubernetes/README.md | 111 +++++++++++++++++++++++++++++++ 3 files changed, 119 insertions(+) create mode 100644 deployment/README.md create mode 100644 deployment/kubernetes/.gitignore create mode 100644 deployment/kubernetes/README.md diff --git a/deployment/README.md b/deployment/README.md new file mode 100644 index 000000000..1800e1a29 --- /dev/null +++ b/deployment/README.md @@ -0,0 +1,5 @@ +# Deployment + +You have the following options for a deployment: + +- [Kubernetes with Helm](./kubernetes/README.md) \ No newline at end of file diff --git a/deployment/kubernetes/.gitignore b/deployment/kubernetes/.gitignore new file mode 100644 index 000000000..e0473b0fd --- /dev/null +++ b/deployment/kubernetes/.gitignore @@ -0,0 +1,3 @@ +/dns.values.yaml +/nginx.values.yaml +/values.yaml diff --git a/deployment/kubernetes/README.md b/deployment/kubernetes/README.md new file mode 100644 index 000000000..c3722dd7d --- /dev/null +++ b/deployment/kubernetes/README.md @@ -0,0 +1,111 @@ +# Helm installation of Ocelot.social + +Deploying Ocelot.social with Helm is very straight forward. All you have to do is to change certain parameters, like domain names and API keys, then you just install our provided Helm chart to your cluster. + +## Configuration + +You can customize the network with your configuration by changing the `values.yaml`, all variables will be available as environment variables in your deployed kubernetes pods. For more details refer to the `values.yaml.dist` file. + +Besides the `values.yaml.dist` file we provide a `nginx.values.yaml.dist` and `dns.values.yaml.dist`. The `nginx.values.yaml` is the configuration for the ingress-nginx helm chart, while the `dns.values.yaml` file is for automatically updating the dns values on digital ocean and therefore optional. + +As hinted above you should copy the given files and rename them accordingly. Then go ahead and modify the values in the newly created files accordingly. + +## Installation + +Due to the many limitations of Helm you still have to do several manual steps. Those occur before you run the actual ocelot helm chart. Obviously it is expected of you to have `helm` and `kubectl` installed. For Digital Ocean you might require `doctl` aswell. + +### Cert Manager (https) + +Please refer to https://cert-manager.io/docs/installation/kubernetes/ for more details. + +1. Create Namespace + +```bash +kubectl --kubeconfig=/../kubeconfig.yaml create namespace cert-manager +``` + +2. Add Helm Repo & update + +```bash +helm repo add jetstack https://charts.jetstack.io +helm repo update +``` + +3. Install Cert-Manager Helm chart +```bash +# this can not be included sine the CRDs cant be installed properly via helm... +helm --kubeconfig=/../kubeconfig.yaml \ + install cert-manager jetstack/cert-manager \ + --namespace cert-manager \ + --version v1.1.0 \ + --set installCRDs=true +``` + +### Ingress-Nginx + +1. Add Helm Repo & update +```bash +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update +``` + +2. Install ingress-nginx +```bash +helm --kubeconfig=/../kubeconfig.yaml install ingress-nginx ingress-nginx/ingress-nginx -f nginx.values.yaml +``` + +### Digital Ocean Firewall + +This is only necessary if you run Digital Ocean without load balancer. + +1. Authenticate towards DO with your local `doctl` + +You will need a DO token for that. +```bash +doctl auth init +``` + +2. Generate DO firewall +```bash +doctl compute firewall create \ +--inbound-rules="protocol:tcp,ports:80,address:0.0.0.0/0,address:::/0 protocol:tcp,ports:443,address:0.0.0.0/0,address:::/0" \ +--tag-names=k8s:1ebf0cdc-86c9-4384-936b-40010b71d049 \ +--name=my-domain-http-https +``` + +### DNS + +This chart is only necessary (recommended is more precise) if you run Digital Ocean without load balancer. +You need to generate a token for the `dns.values.yaml`. + +1. Add Helm Repo & update +```bash +helm repo add bitnami https://charts.bitnami.com/bitnami +helm repo update +``` + +2. Install DNS +```bash +helm --kubeconfig=/../kubeconfig.yaml install dns bitnami/external-dns -f dns.values.yaml +``` + +### Ocelot.social + +All commands for ocelot need to be executed in the kubernetes folder. Therefore `cd deployment/kubernetes/` is expected to be run before every command. Furthermore the given commands will install ocelot into the default namespace. This can be modified to by attaching `--namespace not.default`. + +#### Install +```bash +helm --kubeconfig=/../kubeconfig.yaml install ocelot ./ +``` + +#### Upgrade +```bash +helm --kubeconfig=/../kubeconfig.yaml upgrade ocelot ./ +``` + +#### Uninstall +Be aware that if you uninstall ocelot the formerly bound volumes become unbound. Those volumes contain all data from uploads and database. You have to manually free their reference in order to bind them again when reinstalling. Once unbound from their former container references they should automatically be rebound (considering the sizes did not change) + +```bash +helm --kubeconfig=/../kubeconfig.yaml uninstall ocelot +``` \ No newline at end of file