Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy wacruit-server (dev, prod) with sso #88

Merged
merged 11 commits into from
Jul 14, 2023
Merged

Deploy wacruit-server (dev, prod) with sso #88

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
b14b120
Add codeowners
shp7724 Jun 30, 2023
ea68943
Add wacruit-dev
shp7724 Jun 30, 2023
c8c9563
Add wacruit-prod
shp7724 Jun 30, 2023
4f26f3b
Add wacruit service in kong gateway (dev, prod)
shp7724 Jun 30, 2023
4109e26
Rename iam roles
shp7724 Jun 30, 2023
ba82741
Add missing serviceAccountName
shp7724 Jun 30, 2023
5b329a2
Remove virtual service
shp7724 Jul 8, 2023
d1a54b5
Set resources: 100/128 for dev & 200/256 for prod
shp7724 Jul 8, 2023
0a4b54d
Use `wacruit.wafflestudio.com/api/*`, add dev configuration
shp7724 Jul 9, 2023
695b11a
Merge remote-tracking branch 'origin/main' into feature/wacruit-server
davin111 Jul 14, 2023
e63d766
modified
davin111 Jul 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/CODEOWNERS
View file
Open in desktop
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,7 @@ apps/siksha-dev/ @wafflestudio/siksha
apps/siksha-prod/ @wafflestudio/siksha
apps/waffledotcom-dev/waffledotcom-server @wafflestudio/waffledotcom-backend
apps/waffledotcom-prod/waffledotcom-server @wafflestudio/waffledotcom-backend
apps/wacruit-dev @wafflestudio/waffledotcom-backend
apps/wacruit-prod @wafflestudio/waffledotcom-backend
apps/pupuri-prod/ @woohm402
apps/ggzz-dev/ @wafflestudio/ggzz
11 changes: 11 additions & 0 deletions apps/sso-dev/kong-gateway/kong-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,14 @@ services:
- /api/account-service/
plugins:
- name: waffle-jwt-authorizer

- name: wacruit-service
url: http://wacruit-server.wacruit-dev.svc.cluster.local
routes:
- name: wacruit-service
hosts:
- wacruit-api-dev.wafflestudio.com
paths:
- /api/
plugins:
- name: waffle-jwt-authorizer
1 change: 1 addition & 0 deletions apps/sso-dev/kong-gateway/kong-gateway.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,7 @@ spec:
hosts:
- api-gateway-dev.wafflestudio.com
- sso-dev.wafflestudio.com
- wacruit-api-dev.wafflestudio.com
http:
- route:
- destination:
Expand Down
22 changes: 22 additions & 0 deletions apps/sso-prod/kong-gateway/kong-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,3 +26,25 @@ services:
strip_path: false
plugins:
- name: waffle-jwt-authorizer

- name: wacruit-service
url: http://wacruit-server.wacruit-prod.svc.cluster.local
routes:
- name: wacruit-web-cf
hosts:
- wacruit.wafflestudio.com
paths:
- /api/
plugins:
- name: waffle-jwt-authorizer

- name: wacruit-service-dev
url: http://wacruit-server.wacruit-dev.svc.cluster.local
routes:
- name: wacruit-web-cf
hosts:
- wacruit-dev.wafflestudio.com
paths:
- /api/
plugins:
- name: waffle-jwt-authorizer
2 changes: 2 additions & 0 deletions apps/sso-prod/kong-gateway/kong-gateway.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,8 @@ spec:
- api-gateway.wafflestudio.com
- sso.wafflestudio.com
- truffle.wafflestudio.com
- wacruit.wafflestudio.com
- wacruit-dev.wafflestudio.com
http:
- route:
- destination:
Expand Down
18 changes: 18 additions & 0 deletions apps/templates/wacruit-server-dev.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
namespace: argocd
name: wacruit-server-dev
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: {{ .Values.spec.source.repoURL }}
targetRevision: HEAD
path: apps/wacruit-dev/wacruit-server
destination:
server: {{ .Values.spec.destination.server }}
namespace: argocd
syncPolicy:
{{- .Values.spec.syncPolicy | toYaml | nindent 4 }}
18 changes: 18 additions & 0 deletions apps/templates/wacruit-server.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
namespace: argocd
name: wacruit-server
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: {{ .Values.spec.source.repoURL }}
targetRevision: HEAD
path: apps/wacruit-prod/wacruit-server
destination:
server: {{ .Values.spec.destination.server }}
namespace: argocd
syncPolicy:
{{- .Values.spec.syncPolicy | toYaml | nindent 4 }}
57 changes: 57 additions & 0 deletions apps/wacruit-dev/wacruit-server/wacruit-server.yaml
View file
Open in desktop
Copy link
Member

@davin111 davin111 Jul 9, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

설정하는 것은 자유이시지만, https://github.com/wafflestudio/waffle-world/blob/main/apps/snutt-prod/snutt-timetable/snutt-timetable.yaml#L37-L49 이런 식으로 probe 설정하여서 고장난 container 에 대한 대응이 자동으로 이뤄질 수 있도록 할 수 있습니다. https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/

startupProbe 는 서버가 초반에 늦게 뜨는 경우에만 필요할 수 있습니다. GET /health-check 같은 endpoint 는 직접 만들어두어야 합니다.

Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: wacruit-server
labels:
app: wacruit-server
namespace: wacruit-dev
spec:
replicas: 1
selector:
matchLabels:
app: wacruit-server
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
revisionHistoryLimit: 4
template:
metadata:
labels:
app: wacruit-server
spec:
serviceAccountName: wacruit-server
containers:
- image: 405906814034.dkr.ecr.ap-northeast-2.amazonaws.com/wacruit-dev/wacruit-server:3
name: wacruit-server
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 100m
memory: 128Mi
ports:
- containerPort: 8080
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: wacruit-server
namespace: wacruit-dev
annotations:
eks.amazonaws.com/role-arn: arn:aws:iam::405906814034:role/wacruit-dev-role
---
apiVersion: v1
kind: Service
metadata:
namespace: wacruit-dev
name: wacruit-server
spec:
type: ClusterIP
selector:
app: wacruit-server
ports:
- port: 80
targetPort: 8080
57 changes: 57 additions & 0 deletions apps/wacruit-prod/wacruit-server/wacruit-server.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: wacruit-server
labels:
app: wacruit-server
namespace: wacruit-prod
spec:
replicas: 1
Copy link
Member

@davin111 davin111 Jul 9, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

prod 의 경우 좀 더 욕심을 부리면... 트래픽이 튈 때를 대비해 HPA 설정도 가능. 근데 거의 그럴 일 없다 싶으면 안 해도 됩니다. snutt 수강편람 오픈 직후 정도에나 유의미하긴 해서.

https://github.com/wafflestudio/waffle-world/blob/main/apps/snutt-prod/snutt-timetable/snutt-timetable.yaml#L58-L78

Copy link
Contributor Author

@shp7724 shp7724 Jul 9, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

네 접속자 풀이 스누티티보단 많이 작을거라 모니터링 해보고 필요하다 싶으면 적용해보겠습니다.

selector:
matchLabels:
app: wacruit-server
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
revisionHistoryLimit: 4
template:
metadata:
labels:
app: wacruit-server
spec:
serviceAccountName: wacruit-server
containers:
- image: 405906814034.dkr.ecr.ap-northeast-2.amazonaws.com/wacruit-prod/wacruit-server:3
name: wacruit-server
resources:
requests:
cpu: 200m
memory: 256Mi
limits:
cpu: 200m
memory: 256Mi
ports:
- containerPort: 8080
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: wacruit-server
namespace: wacruit-prod
annotations:
eks.amazonaws.com/role-arn: arn:aws:iam::405906814034:role/wacruit-prod-role
---
apiVersion: v1
kind: Service
metadata:
namespace: wacruit-prod
name: wacruit-server
spec:
type: ClusterIP
selector:
app: wacruit-server
ports:
- port: 80
targetPort: 8080
14 changes: 14 additions & 0 deletions misc/apps/namespace.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,3 +116,17 @@ metadata:
name: waffledotcom-prod
labels:
istio-injection: enabled
---
apiVersion: v1
kind: Namespace
metadata:
name: wacruit-dev
labels:
istio-injection: enabled
---
apiVersion: v1
kind: Namespace
metadata:
name: wacruit-prod
labels:
istio-injection: enabled
shp7724 marked this conversation as resolved.
Show resolved Hide resolved