vtimofei
/
kubernetes-do-challenge
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
11 Commits 1 Branch 0 Tags 277 KiB
Shell 100%
Go to file
Victor Timofei 8685876b3a
Update README 		2021-12-31 15:06:05 +02:00
cert-manager Various changes 2021-12-29 15:27:14 +02:00
.gitignore Add initial installation script 2021-12-08 23:51:00 +02:00
LICENSE Initial commit 2021-12-07 11:07:12 +02:00
README.md Update README 2021-12-31 15:06:05 +02:00
env Various changes 2021-12-29 15:27:14 +02:00
get-argocd-admin-password.sh Add script for getting initial admin password 2021-12-29 16:16:12 +02:00
install-cert-manager.sh Various changes 2021-12-29 15:27:14 +02:00
install.sh Configure the tekton persistent volume 2021-12-29 16:24:30 +02:00
logger.sh Various changes 2021-12-29 15:27:14 +02:00

README.md

kubernetes-do-challenge

Kubernetes Digital Ocean Challenge

Deploy a GitOps CI/CD implementation

Installation

Run the install.sh script, which will install Helm, Nginx Ingress controller, ArgoCD, and tekton.

./install.sh

Update the DNS records to point to the load balancer. Install cert-manager and create Ingress for ArgoCD.

DOMAIN=my.domain EMAIL_ADDRESS=victor@my.domain ./install-cert-manager.sh

Create the pipeline

To create the pipeline fork the https://github.com/victor-timofei/tekton-example-pipeline repo. You should also fork the application repo https://github.com/victor-timofei/tekton-pipeline-example-app.

Create the secrets inside the tekton-pipeline/resources/secrets directory. You can get the ArgoCD admin password by running the get-argocd-admin-password.sh script from this repo.

For the docker password you can create an access token if you are using docker hub.

For the github password you should use the personal access token.

cat << EOF > argocd_secrets.env
ARGOCD_USERNAME=admin
ARGOCD_PASSWORD=<admin_password>
EOF

cat << EOF > docker_secrets.env
username=<service_principal_id>
password=<service_principal_password>
EOF

cat << EOF > git_app_secrets.env
username=<username>
password=<personal_access_token>
EOF

Edit the ARGOCD_SERVER in tekton-pipeline/resources/argocd-task-cm.yaml with your ArgoCD server address:

  ARGOCD_SERVER: argocd.k8s-argocd.tk

Edit the git and docker url in tekton-pipeline/resources/secrets.yaml:

    tekton.dev/git-0: https://github.com/victor-timofei/tekton-pipeline-example-app
...
    tekton.dev/docker-0: registry.hub.docker.com

Edit the DOCKER_IMAGE_NAME and DOCKER_NAMESPACE in tekton-pipeline/resources/secrets.yaml. Since I was using docker hub, the docker namespace was my username.

  DOCKER_IMAGE_NAME: hello-app
  DOCKER_NAMESPACE: vtimofei

Edit the docker registry name in the tekton-pipeline/triggers/trigger-template.yaml.

    spec:
      params:
      - name: url
        # Replace <docker_registry_name> with your docker registry name (e.g. my-acr.azurecr.io)
        value: registry.hub.docker.com

Edit the trigger binding params in tekton-pipeline/triggers/trigger-binding.yaml. These are extracted from the GitHub request webhook, depending on your git hosting service the request schema might be different.

spec:
  params:
  - name: git-app-repo-url
    value: $(body.repository.url)
  - name: git-app-repo-revision
    value: $(body.repository.default_branch)

Set your own address on the certficates and ingresses. Edit the tekton-pipeline/triggers/certficate.yaml on the tekton-example-pipeline repo and kustomize/certficate.yaml on the tekton-pipeline-example-app repo.

  dnsNames:
    - k8s-argocd.tk

Edit the tekton-pipeline/triggers/ingress.yaml on the tekton-example-pipeline repo and kustomize/ingress.yaml on the tekton-pipeline-example-app repo.

  dnsNames:
    - k8s-argocd.tk
...
  tls:
  - hosts:
    - k8s-argocd.tk

Add the pipeline to ArgoCD

Login to argocd via the CLI:

argocd login argocd.k8s-argocd.tk

You might want to add the argocd binary that was downloaded via the install script to your path. You can do it easily with:

source env

Add your cluster to ArgoCD:

argocd cluster add do-fra1-k8s-challenge

Create the pipeline secretes:

kubectl apply -k tekton-pipeline/resources/.

Register your git repos with ArgoCD:

export SCM_USERNAME=<git_repo_username>
export SCM_PAT=<git_repo_personal_access_token>
argocd repo add <pipeline_repo_url> --username $SCM_USERNAME --password $SCM_PAT
argocd repo add <app_repo_url> --username $SCM_USERNAME --password $SCM_PAT

Create the ArgoCD applications:

argocd app create tekton-pipeline-app --repo <pipeline_repo_url> --path tekton-pipeline --dest-server https://kubernetes.default.svc --dest-namespace tekton-argocd-example
argocd app create 2048-game-app --repo <app_repo> --path kustomize --dest-server https://kubernetes.default.svc --dest-namespace game-2048 --sync-option CreateNamespace=true

Sync the tekton pipeline:

argocd app sync tekton-pipeline-app --prune

Register the tekton webhook with your git provider. The webhook should be like https://k8s-argocd.tk/tekton-argocd-example-build-webhook.

Now you everytime you push to your default application branch the pipeline is triggered, your application is built and push to the container registry and finally it is deployed.