Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add nightly environment for collab

Browse source 
Also, move postgrest service + deployment into a separate manifest
file, which is deployed via a separate script, `deploy-postgrest`.
This way, we don't have unused postgrest instances in preview and
nightly, since those use the prod database.

Co-authored-by: Conrad <conrad@zed.dev>
This commit is contained in:
Max Brunsfeld 2024-01-02 14:05:31 -08:00
parent 9996fbee54
commit 5b35dedc5f
10 changed files with 83 additions and 269 deletions
Download patch file Download diff file Expand all files Collapse all files

1
crates/collab/k8s Symbolic link
View file

@ -0,0 +1 @@
../collab2/k8s

4
crates/collab/k8s/environments/production.sh
View file

@ -1,4 +0,0 @@
ZED_ENVIRONMENT=production
RUST_LOG=info
INVITE_LINK_PREFIX=https://zed.dev/invites/
DATABASE_MAX_CONNECTIONS=85

4
crates/collab/k8s/environments/staging.sh
View file

@ -1,4 +0,0 @@
ZED_ENVIRONMENT=staging
RUST_LOG=info
INVITE_LINK_PREFIX=https://staging.zed.dev/invites/
DATABASE_MAX_CONNECTIONS=5

177
crates/collab/k8s/manifest.template.yml
View file

@ -1,177 +0,0 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: ${ZED_KUBE_NAMESPACE}
---
kind: Service
apiVersion: v1
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: collab
annotations:
service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
spec:
type: LoadBalancer
selector:
app: collab
ports:
- name: web
protocol: TCP
port: 443
targetPort: 8080
---
kind: Service
apiVersion: v1
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: pgadmin
annotations:
service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
spec:
type: LoadBalancer
selector:
app: postgrest
ports:
- name: web
protocol: TCP
port: 443
targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: collab
spec:
replicas: 1
selector:
matchLabels:
app: collab
template:
metadata:
labels:
app: collab
annotations:
ad.datadoghq.com/collab.check_names: |
["openmetrics"]
ad.datadoghq.com/collab.init_configs: |
[{}]
ad.datadoghq.com/collab.instances: |
[
{
"openmetrics_endpoint": "http://%%host%%:%%port%%/metrics",
"namespace": "collab_${ZED_KUBE_NAMESPACE}",
"metrics": [".*"]
}
]
spec:
containers:
- name: collab
image: "${ZED_IMAGE_ID}"
args:
- serve
ports:
- containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /
port: 8080
initialDelaySeconds: 1
periodSeconds: 1
env:
- name: HTTP_PORT
value: "8080"
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: database
key: url
- name: DATABASE_MAX_CONNECTIONS
value: "${DATABASE_MAX_CONNECTIONS}"
- name: API_TOKEN
valueFrom:
secretKeyRef:
name: api
key: token
- name: LIVE_KIT_SERVER
valueFrom:
secretKeyRef:
name: livekit
key: server
- name: LIVE_KIT_KEY
valueFrom:
secretKeyRef:
name: livekit
key: key
- name: LIVE_KIT_SECRET
valueFrom:
secretKeyRef:
name: livekit
key: secret
- name: INVITE_LINK_PREFIX
value: ${INVITE_LINK_PREFIX}
- name: RUST_BACKTRACE
value: "1"
- name: RUST_LOG
value: ${RUST_LOG}
- name: LOG_JSON
value: "true"
- name: ZED_ENVIRONMENT
value: ${ZED_ENVIRONMENT}
securityContext:
capabilities:
# FIXME - Switch to the more restrictive `PERFMON` capability.
# This capability isn't yet available in a stable version of Debian.
add: ["SYS_ADMIN"]
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: postgrest
spec:
replicas: 1
selector:
matchLabels:
app: postgrest
template:
metadata:
labels:
app: postgrest
spec:
containers:
- name: postgrest
image: "postgrest/postgrest"
ports:
- containerPort: 8080
protocol: TCP
env:
- name: PGRST_SERVER_PORT
value: "8080"
- name: PGRST_DB_URI
valueFrom:
secretKeyRef:
name: database
key: url
- name: PGRST_JWT_SECRET
valueFrom:
secretKeyRef:
name: postgrest
key: jwt_secret

21
crates/collab/k8s/migrate.template.yml
View file

@ -1,21 +0,0 @@
apiVersion: batch/v1
kind: Job
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: ${ZED_MIGRATE_JOB_NAME}
spec:
template:
spec:
restartPolicy: Never
containers:
- name: migrator
imagePullPolicy: Always
image: ${ZED_IMAGE_ID}
args:
- migrate
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: database
key: url

56
crates/collab2/k8s/manifest.template.yml → crates/collab2/k8s/collab.template.yml
View file

@ -23,25 +23,6 @@ spec:
port: 443 port: 443
targetPort: 8080 targetPort: 8080
---
kind: Service
apiVersion: v1
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: pgadmin
annotations:
service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
spec:
type: LoadBalancer
selector:
app: postgrest
ports:
- name: web
protocol: TCP
port: 443
targetPort: 8080
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
@ -138,40 +119,3 @@ spec:
# FIXME - Switch to the more restrictive `PERFMON` capability. # FIXME - Switch to the more restrictive `PERFMON` capability.
# This capability isn't yet available in a stable version of Debian. # This capability isn't yet available in a stable version of Debian.
add: ["SYS_ADMIN"] add: ["SYS_ADMIN"]
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: postgrest
spec:
replicas: 1
selector:
matchLabels:
app: postgrest
template:
metadata:
labels:
app: postgrest
spec:
containers:
- name: postgrest
image: "postgrest/postgrest"
ports:
- containerPort: 8080
protocol: TCP
env:
- name: PGRST_SERVER_PORT
value: "8080"
- name: PGRST_DB_URI
valueFrom:
secretKeyRef:
name: database
key: url
- name: PGRST_JWT_SECRET
valueFrom:
secretKeyRef:
name: postgrest
key: jwt_secret

2
crates/collab/k8s/environments/preview.sh → crates/collab2/k8s/environments/nightly.sh
View file

@ -1,4 +1,4 @@
ZED_ENVIRONMENT=preview ZED_ENVIRONMENT=nightly
RUST_LOG=info RUST_LOG=info
INVITE_LINK_PREFIX=https://zed.dev/invites/ INVITE_LINK_PREFIX=https://zed.dev/invites/
DATABASE_MAX_CONNECTIONS=10 DATABASE_MAX_CONNECTIONS=10

55
crates/collab2/k8s/postgrest.template.yml Normal file
View file

@ -0,0 +1,55 @@
---
kind: Service
apiVersion: v1
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: postgrest
annotations:
service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
spec:
type: LoadBalancer
selector:
app: postgrest
ports:
- name: web
protocol: TCP
port: 443
targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: postgrest
spec:
replicas: 1
selector:
matchLabels:
app: postgrest
template:
metadata:
labels:
app: postgrest
spec:
containers:
- name: postgrest
image: "postgrest/postgrest"
ports:
- containerPort: 8080
protocol: TCP
env:
- name: PGRST_SERVER_PORT
value: "8080"
- name: PGRST_DB_URI
valueFrom:
secretKeyRef:
name: database
key: url
- name: PGRST_JWT_SECRET
valueFrom:
secretKeyRef:
name: postgrest
key: jwt_secret

7
script/deploy → script/deploy-collab
View file

@ -10,11 +10,6 @@ fi
environment=$1 environment=$1
version=$2 version=$2
if [[ ${environment} == "nightly" ]]; then
echo "nightly is not yet supported"
exit 1
fi
export_vars_for_environment ${environment} export_vars_for_environment ${environment}
image_id=$(image_id_for_version ${version}) image_id=$(image_id_for_version ${version})
@ -23,6 +18,6 @@ export ZED_KUBE_NAMESPACE=${environment}
export ZED_IMAGE_ID=${image_id} export ZED_IMAGE_ID=${image_id}
target_zed_kube_cluster target_zed_kube_cluster
envsubst < crates/collab/k8s/manifest.template.yml | kubectl apply -f - envsubst < crates/collab/k8s/collab.template.yml | kubectl apply -f -
echo "deployed collab v${version} to ${environment}" echo "deployed collab v${version} to ${environment}"

25
script/deploy-postgrest Executable file
View file

@ -0,0 +1,25 @@
#!/bin/bash
set -eu
source script/lib/deploy-helpers.sh
if [[ $# < 1 ]]; then
echo "Usage: $0 <production|staging> (postgrest not needed on preview or nightly)"
exit 1
fi
environment=$1
if [[ ${environment} == "preview" || ${environment} == "nightly" ]]; then
echo "website does not exist in preview or nightly"
exit 1
fi
export_vars_for_environment ${environment}
export ZED_DO_CERTIFICATE_ID=$(doctl compute certificate list --format ID --no-header)
export ZED_KUBE_NAMESPACE=${environment}
target_zed_kube_cluster
envsubst < crates/collab/k8s/postgrest.template.yml | kubectl apply -f -
echo "deployed postgrest"