Merge pull request #14 from BobJWalker/feature/helm

Adding helm chart and upgrading ingress to gateway api

.github/workflows/build.yml

@@ -36,7 +36,7 @@ jobs:
             - name: update tag
               uses: richardsimko/update-tag@v1
               with:
-                tag_name: ${{ env.GitVersion_MajorMinorPatch }}.${{ env.GitVersion_PreReleaseNumber || env.GitVersion_PreReleaseTag || github.run_number }}${{ env.GitVersion_PreReleaseLabelWithDash }}
+                tag_name: ${{ env.GitVersion_SemVer }}
               env: 
                 GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
               if: github.ref == 'refs/heads/main'
@@ -51,14 +51,14 @@ jobs:
               uses: crazy-max/ghaction-docker-buildx@v1
               with:
                 version: latest
-            - name: build and push website container
-              working-directory: src
+            - name: build and push website container              
+              working-directory: src              
               run: | 
-                  docker buildx build --push --platform linux/amd64,linux/arm64 -f "./RandomQuotes.Web/Dockerfile"  --build-arg APP_VERSION=${{ env.GitVersion_MajorMinorPatch }}.${{ env.GitVersion_PreReleaseNumber || env.GitVersion_PreReleaseTag || github.run_number }} --tag bobjwalker99/randomquotes-k8s:${{ env.GitVersion_MajorMinorPatch }}.${{ env.GitVersion_PreReleaseNumber || env.GitVersion_PreReleaseTag || github.run_number }} --tag bobjwalker99/randomquotes-k8s:latest .            
+                  docker buildx build --push --platform linux/amd64,linux/arm64 -f "./RandomQuotes.Web/Dockerfile"  --build-arg APP_VERSION=${{ env.GitVersion_SemVer }} --tag ${{ secrets.DOCKERHUB_REPO }}:${{ env.GitVersion_SemVer }} --tag ${{ secrets.DOCKERHUB_REPO }}:latest .            
             - name: update kustomize overlay             
               uses: mikefarah/yq@master              
               with:
-                cmd: yq -i '.images.[0].newTag = "${{ env.GitVersion_MajorMinorPatch }}.${{ env.GitVersion_PreReleaseNumber || env.GitVersion_PreReleaseTag || github.run_number }}"' 'k8s/overlays/${{ github.ref == 'refs/heads/main' && 'test' || 'dev' }}/kustomization.yaml'              
+                cmd: yq -i '.images.[0].newTag = "${{ env.GitVersion_SemVer }}"' 'k8s/overlays/${{ github.ref == 'refs/heads/main' && 'test' || 'dev' }}/kustomization.yaml'              
             - id: commit_kustomize_change
               name: commit kustomize change
               run : |
@@ -67,7 +67,7 @@ jobs:
                 git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/$GITHUB_REPOSITORY                
                 git checkout "${GITHUB_REF:11}"                
                 git stage 'k8s/overlays/${{ github.ref == 'refs/heads/main' && 'test' || 'dev' }}/kustomization.yaml'
-                git commit -am "[promotion:demo] Updating ${{ github.ref == 'refs/heads/main' && 'test' || 'dev' }} to ${{ env.GitVersion_MajorMinorPatch }}.${{ env.GitVersion_PreReleaseNumber || env.GitVersion_PreReleaseTag || github.run_number }}"
+                git commit -am "[promotion:demo] Updating ${{ github.ref == 'refs/heads/main' && 'test' || 'dev' }} to ${{ env.GitVersion_SemVer }}"
                 git push --set-upstream origin ${GITHUB_REF:11} 
                 
                 echo "The current branch is ${{ github.ref }}"

Readme.md

@@ -1,6 +1,28 @@
-This is a sample application deploy to Kubernetes.  It's a good first application as it has no other components, but has an environment variable you can use to practice secrets on.
+This is a sample application deploy to Kubernetes.  It's a good first application as it has no other components, but it is simple and can be easily modified.
 
-The docker image is built using a GitHub action and it is pushed to Docker Hub.  You can find the docker repository here: https://hub.docker.com/r/bobjwalker99/randomquotes-k8s/tags
+Configuring Kubernetes to host this particular container will teach you the following:
+
+- [Pods](https://kubernetes.io/docs/concepts/workloads/pods/)
+- [ReplicaSets](https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/)
+- [Kubernetes Deployment Object](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/)
+- [Environment Variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/)
+- [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/)
+- [Namespaces](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/)
+- [Gateway](https://gateway-api.sigs.k8s.io/)
+- [Gateway Listener](https://gateway-api.sigs.k8s.io/guides/tls/?h=listener#downstream-tls)
+- [HTTPRoute](https://gateway-api.sigs.k8s.io/api-types/httproute/)
+
+# GitHub Action and Docker Repository
+
+The Docker Container is built using a GitHub action and it is pushed to Docker Hub.  Both a Linux/x86 and Linux/arm64 image are built.  
+
+You can find the docker repository here: https://hub.docker.com/r/bobjwalker99/randomquotes-k8s/tags.
+
+If you fork this repo you will need to set the following repo secrets:
+
+- `DOCKERHUB_PAT_USERNAME` - your username
+- `DOCKERHUB_PAT` - the PAT of your user
+- `DOCKERHUB_REPO` - the docker hub repo to store the container
 
 # Configuration
 
@@ -21,7 +43,8 @@ Install ONE of the following on a VM or locally!
 Open up a command prompt or terminal.  Change the current directory in the terminal to the `k8s/provision` folder in this repo.
 - Run the following commands:
     - Create all the namespaces: `kubectl apply -f namespaces.yaml`
-    - Install the NGINX Ingress Controller: `kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.9.5/deploy/static/provider/cloud/deploy.yaml`
+    - Install the NGINX Gateway Resources: `kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml`
+    - Install the NGINX Gateway: `helm install ngf oci://ghcr.io/nginxinc/charts/nginx-gateway-fabric --create-namespace -n nginx-gateway`
 
 ## 3. Configure your hosts file.
 Go to your hosts file (if on Windows) and add the following entries.  The nginx ingress controller uses host headers for all routing.  Doing this will allow you to easily access the application running on your k8s cluster.
@@ -32,6 +55,7 @@ Go to your hosts file (if on Windows) and add the following entries.  The nginx
 127.0.0.1       randomquotestest.local
 127.0.0.1       randomquotesstaging.local
 127.0.0.1       randomquotesprod.local
+127.0.0.1       argocd.local
 ```
 
 ## 3. Install Argo
@@ -41,12 +65,11 @@ This will install ArgoCD on your cluster.  Perfect for poking around!
 - Install ArgoCD
     - Run `kubectl create namespace argocd`
     - Run `kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml`
+    - Change the current directory in the terminal to the `k8s/provision` folder in this repo.
+    - Run `kubectl apply -n argocd -f argocd-gateway.yaml`
 - To access ArgoCD UI
-    - Run `kubectl port-forward svc/argocd-server -n argocd 8080:443`
-        - **Important** The port forwarding will only work while that window is open.
-        - If you want to, you can mess with ingress rules, but this is the quick and dirty approach to getting going.
     - To login
-        - URL is https://localhost:8080
+        - URL is https://argocd.local
         - You will likely get a cert error, go ahead and proceed
         - Username is admin
         - Run `kubectl get secret argocd-initial-admin-secret -o jsonpath='{.data.password}' --namespace argocd` to get the password.  
@@ -67,12 +90,12 @@ These instructions will deploy the following to the default namespace.
 - Secret
 - Deployment (Image)
 - ClusterIp Service
-- Ingress Rule
+- Gateway Listener
+- HTTP Route
 
 To perform the deployment do the following:
 - Go to https://hub.docker.com/r/bobjwalker99/randomquotes-k8s/tags and find the latest version tag (0.1.3 for example).  Update the `image` entry in the randomquotes-deployment.yaml file.
 - Open up a command prompt or terminal.  Change the current directory in the terminal to the `k8s/base` folder in this repo. 
-- Run `kubectl apply -f randomquotes-secrets.yaml`
 - Run `kubectl apply -f randomquotes-deployment.yaml`
 
 It might take a moment for the deployment to finish.  I like to check the status of the pods.  Run `kubectl get pods` until the randomquotes pod shows up as healthy.
@@ -87,7 +110,7 @@ In the previous activity we deployed to the default namespace.  In the real-worl
 
 - The image version
 - The secret value
-- The ingress rule
+- The http route
 
 If we were using ArgoCD or some other similar tool we could use these kustomize overlays with no additional configuration changes.  
 

k8s/base/randomquotes-deployment.yaml

@@ -1,3 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: random-quotes-secrets
+type: Opaque
+stringData:
+  homepageDisplay: "blah"
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -14,7 +22,7 @@ spec:
     spec:
       containers:
         - name: randomquotes-web
-          image: bobjwalker99/randomquotes-k8s:0.1.60
+          image: bobjwalker99/randomquotes-k8s:0.1.80.1
           imagePullPolicy: "Always"
           ports:
            - containerPort: 8080
@@ -38,20 +46,31 @@ spec:
     - port: 6801
       targetPort: 8080
 ---
-apiVersion: networking.k8s.io/v1
-kind: Ingress
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: randomquotes-gateway-nginx  
+spec:
+  gatewayClassName: nginx
+  listeners:
+  - name: http
+    port: 80
+    protocol: HTTP
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
 metadata:
-  name: randomquotes-ingress-nginx  
+  name: randomquotes-gateway-route-nginx
 spec:
-  ingressClassName: nginx
+  parentRefs:
+  - name: randomquotes-gateway-nginx
+  hostnames:
+  - "randomquotes.local"  
   rules:
-    - host: randomquotes.local
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: randomquotes-app-cluster-ip-service
-                port:
-                  number: 6801
+    - matches:
+      - path:
+          type: PathPrefix
+          value: /
+      backendRefs:
+      - name: randomquotes-app-cluster-ip-service
+        port: 6801

k8s/charts/chart.yaml

@@ -0,0 +1,16 @@
+apiVersion: v2
+name: bobjwalker-randomquotesk8s # The chart name is also used as the repository name when publishing
+description: A simple .NET application used to learn Kubernetes deployments
+
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.88
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.1.88"

k8s/charts/templates/randomquotes-deployment.yaml

@@ -0,0 +1,75 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: randomquotes-deployment  
+spec:
+  replicas: 1
+  selector:
+    matchLabels: 
+      component: randomquotes-web
+  template:
+    metadata:
+      labels:
+        component: randomquotes-web
+    spec:
+      containers:
+        - name: randomquotes-web
+          image: octopussamples/randomquotes-k8s:{{ default .Chart.AppVersion .Values.randomquotes.image.tag }}
+          resources:
+            requests:
+              memory: "64Mi"
+              cpu: "250m"
+            limits:
+              memory: "128Mi"
+              cpu: "500m"
+          imagePullPolicy: "Always"
+          ports:
+           - containerPort: 5000
+             name: http-port
+          env:
+           - name: RANDOM_SECRET_PHRASE
+             valueFrom:
+               secretKeyRef:
+                 name: random-quotes-secrets
+                 key: homepageDisplay          
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: randomquotes-app-cluster-ip-service  
+spec:
+  type: ClusterIP
+  selector:
+    component: randomquotes-web
+  ports:
+    - port: 6801
+      targetPort: 8080
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: randomquotes-gateway-nginx  
+spec:
+  gatewayClassName: nginx
+  listeners:
+  - name: http
+    port: 80
+    protocol: HTTP
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: randomquotes-gateway-route-nginx
+spec:
+  parentRefs:
+  - name: randomquotes-gateway-nginx
+  hostnames:
+  - "randomquotes.local"  
+  rules:
+    - matches:
+      - path:
+          type: PathPrefix
+          value: /
+      backendRefs:
+      - name: randomquotes-app-cluster-ip-service
+        port: 6801

k8s/charts/templates/randomquotes-secrets.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: random-quotes-secrets
+type: Opaque
+stringData:
+  homepageDisplay: {{ .Values.randomquotes.homepageDisplaySecret }}

k8s/charts/values.yaml

@@ -0,0 +1,4 @@
+randomquotes:
+  homepageDisplaySecret: "blah"
+  image:
+    tag: "0.1.88"

k8s/overlays/dev/kustomization.yaml

@@ -6,9 +6,9 @@ resources:
 images:
   - name: bobjwalker99/randomquotes-k8s
     newName: bobjwalker99/randomquotes-k8s
-    newTag: "0.1.88.1"
+    newTag: "0.1.90-helm.5"
 patches:
   - target:
-      kind: Ingress
-      name: randomquotes-ingress-nginx
+      kind: HTTPRoute
+      name: randomquotes-gateway-route-nginx
     path: randomquotes-ingress-nginx.yaml

k8s/overlays/dev/randomquotes-ingress-nginx.yaml

@@ -1,3 +1,3 @@
   - op: replace
-    path: /spec/rules/0/host
+    path: /spec/hostnames/0
     value: randomquotesdev.local

k8s/overlays/prod/kustomization.yaml

@@ -10,6 +10,6 @@ images:
 
 patches:
  - target:
-    kind: Ingress
-    name: randomquotes-ingress-nginx
+    kind: HTTPRoute
+    name: randomquotes-gateway-route-nginx
    path: randomquotes-ingress-nginx.yaml

k8s/overlays/prod/randomquotes-ingress-nginx.yaml

@@ -1,3 +1,3 @@
   - op: replace
-    path: /spec/rules/0/host
+    path: /spec/hostnames/0
     value: randomquotesprod.local

k8s/overlays/staging/kustomization.yaml

@@ -11,6 +11,6 @@ images:
 
 patches:
  - target:
-    kind: Ingress
-    name: randomquotes-ingress-nginx
+    kind: HTTPRoute
+    name: randomquotes-gateway-route-nginx
    path: randomquotes-ingress-nginx.yaml

k8s/overlays/staging/randomquotes-ingress-nginx.yaml

@@ -1,3 +1,3 @@
   - op: replace
-    path: /spec/rules/0/host
+    path: /spec/hostnames/0
     value: randomquotesstaging.local

k8s/overlays/test/kustomization.yaml

@@ -9,6 +9,6 @@ images:
     newTag: "0.1.88.7"
 patches:
   - target:
-      kind: Ingress
-      name: randomquotes-ingress-nginx
+      kind: HTTPRoute
+      name: randomquotes-gateway-route-nginx
     path: randomquotes-ingress-nginx.yaml

k8s/overlays/test/randomquotes-ingress-nginx.yaml

@@ -1,3 +1,3 @@
   - op: replace
-    path: /spec/rules/0/host
+    path: /spec/hostnames/0
     value: randomquotestest.local

k8s/provision/argocd-gateway.yaml

@@ -0,0 +1,29 @@
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
+metadata:
+  name: argocd-gateway-nginx  
+spec:
+  gatewayClassName: nginx
+  listeners:
+  - name: https
+    port: 443
+    protocol: HTTPS
+---
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: argo-gateway-route-nginx
+spec:
+  parentRefs:
+  - name: argo-gateway-nginx
+  hostnames:
+  - "argocd.local"  
+  rules:
+    - matches:
+      - path:
+          type: PathPrefix
+          value: /
+      backendRefs:
+      - name: svc/argocd-server
+        port: 443