From 691e4fbae6519004db32ad78c39e753dbf9e3766 Mon Sep 17 00:00:00 2001 From: Alexander Twrdik <6052859+DiCanio@users.noreply.github.com> Date: Mon, 18 Mar 2024 18:03:09 +0100 Subject: [PATCH] fix: fixup --- k8s/README.md | 46 ++++++++++++++++++- k8s/deploy-to-minikube.sh | 11 ++++- k8s/{ => manifests}/broker-db-service.yml | 0 k8s/{ => manifests}/broker-db-statefulset.yml | 0 k8s/{ => manifests}/broker-deployment.yml | 4 +- k8s/{ => manifests}/broker-service.yml | 0 k8s/{ => manifests}/hub-auth-secret.yml | 0 k8s/{ => manifests}/ingress.yml | 0 8 files changed, 55 insertions(+), 6 deletions(-) rename k8s/{ => manifests}/broker-db-service.yml (100%) rename k8s/{ => manifests}/broker-db-statefulset.yml (100%) rename k8s/{ => manifests}/broker-deployment.yml (95%) rename k8s/{ => manifests}/broker-service.yml (100%) rename k8s/{ => manifests}/hub-auth-secret.yml (100%) rename k8s/{ => manifests}/ingress.yml (100%) diff --git a/k8s/README.md b/k8s/README.md index cfdef2e..301b0a1 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -1,6 +1,48 @@ # k8s > [!CAUTION] -> Files found in this directory should be used with caution. They are mainly for showcasing purposes. So, adjust them as necessary before applying them to your cluster. +> Files found in this directory should be used with caution and NOT in a production environment! They are mainly for showcasing purposes. So, adjust them as necessary before applying them to your cluster. -TODO: minikube usage doc \ No newline at end of file +This directory contains: +- a deployment script (`deploy-to-minikube.sh`) +- k8s manifest files + +## Prerequisites + +Make sure the following `minikube` addons are enabled before using this deployment solution: + +- ingress +- registry +- storage-provisioner + +You can enable addons using the following command: + +```shell +minikube addons enable +``` + +For further information, see: [minikube addon docs](https://minikube.sigs.k8s.io/docs/commands/addons/). + +## Usage + +The script will install a single message broker instance to an already existing `minikube` cluster. In order to use it make sure the following environment variables are set: + +| ENV VAR | DESCRIPTION | +|---------|-------------| +| AUTH_JWKS_URL | URL to obtain JWKS from. Using keycloak this has the pattern `/realms//protocol/openid-connect/certs`. | +| HUB_AUTH_ROBOT_ID | ID of the robot account to be used. Needs to exist on the central side (hub) at `https://auth.privateaim.net/`. | +| ROBOT_SECRET | Associated secret of the robot account. | +| NODE_MESSAGE_BROKER_HOST | Host to be used for the message broker. It will be accessible under `message-broker..nip.io`. | +| NAMESPACE | Namespace to be used within the minikube cluster. | + +Set the following optional environment variables for further configuration: + +| ENV VAR | DESCRIPTION | +|---------|-------------| +| HUB_BASE_URL | Base URL of the central side (hub). Defaults to `https://api.privateaim.net`. | +| HUB_AUTH_BASE_URL | Base URL of the central side's (hub) auth provider. Defaults to `https://auth.privateaim.net`. | + +After that simply call the script with: +```shell +./deploy-to-minikube +``` diff --git a/k8s/deploy-to-minikube.sh b/k8s/deploy-to-minikube.sh index 8143201..e7da0a1 100755 --- a/k8s/deploy-to-minikube.sh +++ b/k8s/deploy-to-minikube.sh @@ -8,6 +8,11 @@ # - NODE_MESSAGE_BROKER_HOST # - NAMESPACE +# Optional environment variables: +# +# - HUB_AUTH_BASE_URL +# - HUB_BASE_URL + BASE_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 || exit 1 ; pwd -P )" if [[ -z "${AUTH_JWKS_URL}" || -z "${HUB_AUTH_ROBOT_ID}" || -z "${ROBOT_SECRET}" || -z "${NODE_MESSAGE_BROKER_HOST}" || -z "${NAMESPACE}" ]]; then @@ -32,7 +37,7 @@ else fi echo -n "Copying k8s manifest files..." -for f in "${BASE_DIR}"/*.yml; do +for f in "${BASE_DIR}"/manifests/*.yml; do cp "${f}" "${WORK_DIR}" done if [ $? -ne 0 ]; then @@ -45,6 +50,8 @@ fi echo -n "Preparing broker deployment..." sed -i -e "s##${AUTH_JWKS_URL}#" \ -e "s##${HUB_AUTH_ROBOT_ID}#" \ + -e "s##${HUB_AUTH_BASE_URL:-"https://auth.privateaim.net"}#" \ + -e "s##${HUB_BASE_URL:-"https://api.privateaim.net"}#" \ "${WORK_DIR}/broker-deployment.yml" if [ $? -ne 0 ]; then echo "FAILED" @@ -94,7 +101,7 @@ fi echo -n "Applying manifest files..." # TODO: make namespace adjustable!!! -kubectl --namespace "${NAMESPACE}" apply -f "${WORK_DIR}/hub-auth-secret.yml" \ +minikube kubectl -- --namespace "${NAMESPACE}" apply -f "${WORK_DIR}/hub-auth-secret.yml" \ -f "${WORK_DIR}/broker-db-service.yml" \ -f "${WORK_DIR}/broker-db-statefulset.yml" \ -f "${WORK_DIR}/broker-service.yml" \ diff --git a/k8s/broker-db-service.yml b/k8s/manifests/broker-db-service.yml similarity index 100% rename from k8s/broker-db-service.yml rename to k8s/manifests/broker-db-service.yml diff --git a/k8s/broker-db-statefulset.yml b/k8s/manifests/broker-db-statefulset.yml similarity index 100% rename from k8s/broker-db-statefulset.yml rename to k8s/manifests/broker-db-statefulset.yml diff --git a/k8s/broker-deployment.yml b/k8s/manifests/broker-deployment.yml similarity index 95% rename from k8s/broker-deployment.yml rename to k8s/manifests/broker-deployment.yml index 9a4a92e..6c9bed7 100644 --- a/k8s/broker-deployment.yml +++ b/k8s/manifests/broker-deployment.yml @@ -41,9 +41,9 @@ spec: - name: MONGO_DB_NAME value: "message-broker" - name: HUB_BASE_URL - value: "https://api.privateaim.net/" + value: - name: HUB_AUTH_BASE_URL - value: "https://auth.privateaim.net/" + value: - name: HUB_AUTH_ROBOT_ID value: - name: HUB_AUTH_ROBOT_SECRET diff --git a/k8s/broker-service.yml b/k8s/manifests/broker-service.yml similarity index 100% rename from k8s/broker-service.yml rename to k8s/manifests/broker-service.yml diff --git a/k8s/hub-auth-secret.yml b/k8s/manifests/hub-auth-secret.yml similarity index 100% rename from k8s/hub-auth-secret.yml rename to k8s/manifests/hub-auth-secret.yml diff --git a/k8s/ingress.yml b/k8s/manifests/ingress.yml similarity index 100% rename from k8s/ingress.yml rename to k8s/manifests/ingress.yml