Issue #3276175 by onotm, yas: Add instructions to README.md to deploy Cloud...

Issue #3276175 by onotm, yas: Add instructions to README.md to deploy Cloud Orchestrator on a a K8s cluster

Issue #3276175 by onotm, yas: Add instructions to README.md to deploy Cloud...
4d854933 · Tomohiro Ono · Yas Naoi · 420d1eb2 · 4d854933 · 4d854933
Commit 4d854933 authored 3 years ago by Tomohiro Ono Committed by Yas Naoi 3 years ago
--- a/deployments/kubernetes/README.md
+++ b/deployments/kubernetes/README.md
 USAGE INSTRUCTIONS
 ==================

-**1. Build a Cloud Orchestrator image**
+**1. Apply [`cloud_orchestrator.yml`](amd64/cloud_orchestrator.yml)**
+**to your K8s cluster**
+
+Note that [default usernames and passwords](amd64/cloud_orchestrator.yml#L18-24) will be set.

 ```
-$ git clone https://git.drupalcode.org/project/cloud.git
-$ cd cloud/deployments/docker
-$ docker image build -t cloud_orchestrator:latest .
+$ kubectl apply -f https://git.drupalcode.org/project/cloud/-/raw/5.x/deployments/kubernetes/amd64/cloud_orchestrator.yml
 ```

-**2. Push the image to your Docker repository**
+If your K8s cluster consists ARM64-based nodes, use
+[`arm64/cloud_orchestrator.yml`](arm64/cloud_orchestrator.yml) instead.

 ```
-$ docker image tag cloud_orchestrator:latest your/repository:latest
-$ docker image push your/repository:latest
+$ kubectl apply -f https://git.drupalcode.org/project/cloud/-/raw/5.x/deployments/kubernetes/arm64/cloud_orchestrator.yml
 ```

-**3. Edit `cloud_orchestrator.yml`**
-
-* [Line 18- 24](https://git.drupalcode.org/project/cloud/-/blob/5.x/deployments/kubernetes/cloud_orchestrator.yml#L18-24): Set your usernames, passwords, e-mail address and database name
-* [Line 113](https://git.drupalcode.org/project/cloud/-/blob/5.x/deployments/kubernetes/cloud_orchestrator.yml#L113): Set `your/repository:latest`
-
-**4. Apply `cloud_orchestrator.yml` to your K8s cluster**
+If you want to set your usernames and passwords, follow these commands instead.

 ```
+$ curl -LO https://git.drupalcode.org/project/cloud/-/raw/5.x/deployments/kubernetes/amd64/cloud_orchestrator.yml
+$ vi cloud_orchestrator.yml  # Update line 18- 24
 $ kubectl apply -f cloud_orchestrator.yml
 ```

-**5. (Optional) Add a load balancer**
-**to access Cloud Orchestrator from your browser**
+
+**2. (Optional) Add a load balancer to access Cloud Orchestrator from your**
+**browser**

 If you are using EKS, you can add a load balancer to access Cloud Orchestrator
 from your browser as follows. Initially, this load balancer accepts all inbound
@@ -36,23 +35,24 @@ traffic. To restrict access to Cloud Orchestrator, change the security group
 associated with that load balancer.

 ```
-$ kubectl expose service cloud_orchestrator  \
-    --namespace=cloud_orchestrator  \
+$ kubectl expose service cloud-orchestrator  \
+    --namespace=cloud-orchestrator  \
    --type=LoadBalancer  \
-    --name=cloud_orchestrator-lb
+    --name=cloud-orchestrator-lb
 ```

-**6. Remove Cloud Orchestrator from your K8s cluster**
+
+**3. Remove Cloud Orchestrator from your K8s cluster**

 ```
-$ kubectl delete -f cloud_orchestrator.yml
+$ kubectl delete -f https://git.drupalcode.org/project/cloud/-/raw/5.x/deployments/kubernetes/amd64/cloud_orchestrator.yml
 ```

-`cloud_orchestrator.yml` installs Cloud Orchestrator and stores MariaDB database
-on a filesystem of one of the K8s nodes via PersistentVolumes of the type
-hostPath. When these PersistentVolumes are deleted, files stored in the node's
-filesystem are NOT deleted. If you want to delete them, log in to the node and
-execute the following command:
+`*/cloud_orchestrator.yml` installs Cloud Orchestrator and stores MariaDB
+database on a filesystem of one of the K8s nodes via PersistentVolumes of the
+type hostPath. When these PersistentVolumes are deleted, files stored in the
+node's filesystem are NOT deleted. If you want to delete them, log in to the
+node and execute the following command:

 * Cloud Orchestrator
  - `rm -r /var/www/cloud_orchestrator`

--- a/deployments/kubernetes/cloud_orchestrator.yml
+++ b/deployments/kubernetes/cloud_orchestrator.yml
@@ -110,7 +110,7 @@ spec:
    spec:
      containers:
        - name: cloud-orchestrator
-          image: docomoinnovations/cloud_orchestrator:latest
+          image: docomoinnovations/cloud_orchestrator:5.x-dev
          imagePullPolicy: Always
          command: ["bash", "-c"]
          args:

--- a/deployments/kubernetes/arm64/cloud_orchestrator.yml
+++ b/deployments/kubernetes/arm64/cloud_orchestrator.yml
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator
+
+---
+
+kind: Secret
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-secret
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator
+type: Opaque
+stringData:
+  # Change the followings
+  drupal-user: cloud_admin               # Drupal administrator username
+  drupal-password: cloud_admin_password  # Drupal administrator password
+  drupal-email: cloud_admin@example.com  # Drupal administrator email address
+  drupal-timezone: America/Los_Angeles   # Drupal default time zone
+  mysql-user: mysql_admin                # MySQL administrator username
+  mysql-password: mysql_admin_password   # MySQL administrator password
+  mysql-database: cloud_orchestrator     # MySQL database name
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator
+spec:
+  ports:
+    - port: 80
+      targetPort: 80
+      protocol: TCP
+  selector:
+    k8s-app: cloud-orchestrator
+
+---
+
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-pvc
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Mi
+
+---
+
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-pv
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator
+spec:
+  capacity:
+    storage: 100Mi
+  storageClassName: manual
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  # A hostPath volume mounts a file or directory from the host node's
+  # filesystem into your Pod.
+  # When this PersistentVolume is deleted, files written to the node's
+  # filesystem are NOT deleted. If you want to delete them, log in to the node
+  # and execute the following command.
+  #   rm -r /var/www/cloud_orchestrator
+  # For production use, choose another volume type instead of the hostPath.
+  # https://kubernetes.io/docs/concepts/storage/volumes/#hostpath
+  hostPath:
+    path: /var/www/cloud_orchestrator
+  persistentVolumeReclaimPolicy: Retain
+  claimRef:
+    name: cloud-orchestrator-pvc
+    namespace: cloud-orchestrator
+
+---
+
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: cloud-orchestrator
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      k8s-app: cloud-orchestrator
+  template:
+    metadata:
+      labels:
+        k8s-app: cloud-orchestrator
+    spec:
+      containers:
+        - name: cloud-orchestrator
+          image: docomoinnovations/cloud_orchestrator:5.x-dev-arm64
+          imagePullPolicy: Always
+          command: ["bash", "-c"]
+          args:
+          - |
+            export SCRIPT='/entrypoint.sh';
+            if ! [ -f "${SCRIPT}" ]; then
+              curl -L 'https://git.drupalcode.org/project/cloud/-/raw/5.x/deployments/kubernetes/entrypoint.sh' -o "${SCRIPT}"
+              chmod +x "${SCRIPT}"
+            fi;
+            "${SCRIPT}"
+          env:
+            - name: CLOUD_ORCHESTRATOR_VERSION
+              value: 5.x-dev
+            - name: DRUPAL_USER
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: drupal-user
+            - name: DRUPAL_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: drupal-password
+            - name: DRUPAL_EMAIL
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: drupal-email
+            - name: DRUPAL_TIMEZONE
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: drupal-timezone
+            - name: MYSQL_HOST
+              value: cloud-orchestrator-mysql
+            - name: MYSQL_PORT
+              value: '3306'
+            - name: MYSQL_USER
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: mysql-user
+            - name: MYSQL_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: mysql-password
+            - name: MYSQL_DATABASE
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: mysql-database
+            - name: MEMCACHED_HOST
+              value: cloud-orchestrator-memcached
+            - name: MEMCACHED_PORT
+              value: '11211'
+          ports:
+            - containerPort: 80
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              scheme: HTTP
+              path: /user/login
+              port: 80
+            initialDelaySeconds: 600
+            timeoutSeconds: 30
+            periodSeconds: 300
+          volumeMounts:
+            - name: cloud-orchestrator-volume
+              mountPath: /var/www/cloud_orchestrator
+      volumes:
+        - name: cloud-orchestrator-volume
+          persistentVolumeClaim:
+            claimName: cloud-orchestrator-pvc
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-mysql
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator-mysql
+spec:
+  ports:
+    - port: 3306
+      targetPort: 3306
+      protocol: TCP
+  selector:
+    k8s-app: cloud-orchestrator-mysql
+
+---
+
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-mysql-pvc-data
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator-mysql
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 4Gi
+
+---
+
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-mysql-pv-data
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator-mysql
+spec:
+  capacity:
+    storage: 4Gi
+  storageClassName: manual
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  # A hostPath volume mounts a file or directory from the host node's
+  # filesystem into your Pod.
+  # When this PersistentVolume is deleted, files written to the node's
+  # filesystem are NOT deleted. If you want to delete them, log in to the node
+  # and execute the following command.
+  #   rm -r /var/cloud_orchestrator/mysql/data
+  # For production use, choose another volume type instead of the hostPath.
+  # https://kubernetes.io/docs/concepts/storage/volumes/#hostpath
+  hostPath:
+    path: /var/cloud_orchestrator/mysql/data
+  persistentVolumeReclaimPolicy: Retain
+  claimRef:
+    name: cloud-orchestrator-mysql-pvc-data
+    namespace: cloud-orchestrator
+
+---
+
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-mysql-pvc-backup
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator-mysql
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 4Gi
+
+---
+
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-mysql-pv-backup
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator-mysql
+spec:
+  capacity:
+    storage: 4Gi
+  storageClassName: manual
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  # A hostPath volume mounts a file or directory from the host node's
+  # filesystem into your Pod.
+  # When this PersistentVolume is deleted, files written to the node's
+  # filesystem are NOT deleted. If you want to delete them, log in to the node
+  # and execute the following command.
+  #   rm -r /var/cloud_orchestrator/mysql/backup
+  # For production use, choose another volume type instead of the hostPath.
+  # https://kubernetes.io/docs/concepts/storage/volumes/#hostpath
+  hostPath:
+    path: /var/cloud_orchestrator/mysql/backup
+  persistentVolumeReclaimPolicy: Retain
+  claimRef:
+    name: cloud-orchestrator-mysql-pvc-backup
+    namespace: cloud-orchestrator
+
+---
+
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: cloud-orchestrator-mysql
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator-mysql
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      k8s-app: cloud-orchestrator-mysql
+  template:
+    metadata:
+      labels:
+        k8s-app: cloud-orchestrator-mysql
+    spec:
+      containers:
+        - name: cloud-orchestrator-mysql
+          image: mariadb:10.7
+          imagePullPolicy: Always
+          env:
+            - name: MYSQL_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: mysql-password
+            - name: MYSQL_USER
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: mysql-user
+            - name: MYSQL_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: mysql-password
+            - name: MYSQL_DATABASE
+              valueFrom:
+                secretKeyRef:
+                  name: cloud-orchestrator-secret
+                  key: mysql-database
+          ports:
+            - containerPort: 3306
+              protocol: TCP
+          volumeMounts:
+            - name: data-volume
+              mountPath: /var/lib/mysql
+            - name: backup-volume
+              mountPath: /backup
+      volumes:
+        - name: data-volume
+          persistentVolumeClaim:
+            claimName: cloud-orchestrator-mysql-pvc-data
+        - name: backup-volume
+          persistentVolumeClaim:
+            claimName: cloud-orchestrator-mysql-pvc-backup
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: cloud-orchestrator-memcached
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator-memcached
+spec:
+  ports:
+    - port: 11211
+      targetPort: 11211
+      protocol: TCP
+  selector:
+    k8s-app: cloud-orchestrator-memcached
+
+---
+
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: cloud-orchestrator-memcached
+  namespace: cloud-orchestrator
+  labels:
+    k8s-app: cloud-orchestrator-memcached
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      k8s-app: cloud-orchestrator-memcached
+  template:
+    metadata:
+      labels:
+        k8s-app: cloud-orchestrator-memcached
+    spec:
+      containers:
+        - name: cloud-orchestrator-memcached
+          image: memcached:1.6
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 11211
+              protocol: TCP