- Use Google's Skaffold for development of local pods
- Use Terraform to start all 3rd party services (Message queues, Databases, etc...)
- Skaffold has a pipeline to build and deploy to Helm charts, and has guides on how to integrate with CI/CD.
It also has
profilescould maybe be used for production and development environments
Testing different tools for managing Kubernetes development.
-
Make sure Minikube is running
minikube start. Then make sure the tunnel is running by runningminikube tunnelin a separate terminal. -
In the
./terraform/developmentdirectory:- run
terraform init - run
terraform applyto start 3rd party dependencies - wait for it to completeley finish without errors before proceeding.
- run
-
Before starting the local services set the
PROJECT_DOMAINenvironment variable appropriateley. For local development, this should be something likeproject.127.0.0.1.sslip.io, but with the external IP of the Istio Loadbalancer.This can be configured with this one-liner:
export PROJECT_DOMAIN=$(kubectl get svc istio-ingressgateway -n istio-system -o jsonpath="project.{.status.loadBalancer.ingress[0].ip}.sslip.io") -
Run
skaffold devin the./services/directory, to build and start all micro services at once. When changes are made to any service, Skaffold will automatically rebuild them.
The project can now be accessed at http://project.127.0.0.1.sslip.io/
The kubectl CLI can be used to interact with the local Kubernetes cluster.
kubectl get all -Aget an overview of most of the running resources.kubectl get kservice -n projectget all running Knative services and their exposed URLs.kubectl get virtualservice -n projectget all Istio VirtualServices (API routes).kubectl get vs -n project api-service-routes -o yamlget info about a specific VirtualService.
For every service in the services folder change the skaffold.yaml files to the github page where the packages should be hosted E.g. - image: ghcr.io/yousofmersal/dm885_auth-service to - image: ghcr.io/{YOU_REPO}/dm885_auth-service
The configuration variables are in ´terraform.tfvars´.
By default it uses ´e2-standard-4´ instances'. Beaware small instances may not be able to run Istio.
When the cluster is deployed then change the IP-address to static.
Get the credentials and configure kubectl:
gcloud container clusters get-credentials steam-airfoil-367315-gke --region europe-west8-b
Provision the cluster by running the following commands in the terraform/google_cloud/ directory:
terraform init
terraform apply
When the cluster is up and running, run the same terraform commands as above but from the terraform/production/ directory,
this will install and start all third party services such as databases and Knative on the newly created cluster.
gcloud projects list
gcloud projects create dm885-dev
gcloud config set project dm885-dev
gcloud --project=dm885-dev services enable container.googleapis.com
gcloud --project=dm885-dev services enable compute.googleapis.com
gcloud container clusters list
gcloud container clusters get-credentials dm885-dev-gke --region europe-north1
- Add secret in github action to enable pipeline
gcloud iam service-accounts list
gcloud iam service-accounts keys create key.json --iam-account=954508260996-compute@developer.gserviceaccount.com
After retrieving your key in the repository settings under Secrets, Actions: Add the content of the key-file as a repository secret named GKE_SA_KEY.