new gke cluster

devinburnette · devinburnette · commit c54f4fcb9da7 · 2022-04-15T13:58:57.000-04:00
diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml
@@ -8,8 +8,8 @@ on:
       - completed
 env:
   PROJECT_ID: ${{ secrets.GKE_PROJECT }}
-  GKE_CLUSTER: p5js-web-editor-cluster
-  GKE_ZONE: us-east1-c
+  GKE_CLUSTER: p5-gke-cluster
+  GKE_ZONE: us-east4
   DEPLOYMENT_NAME: web-editor-node
   IMAGE: ${{ secrets.DOCKER_USERNAME }}/p5.js-web-editor-staging
 jobs:
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -8,8 +8,8 @@ on:
       - completed
 env:
   PROJECT_ID: ${{ secrets.GKE_PROJECT }}
-  GKE_CLUSTER: p5js-web-editor-cluster
-  GKE_ZONE: us-east1-c
+  GKE_CLUSTER: p5-gke-cluster
+  GKE_ZONE: us-east4
   DEPLOYMENT_NAME: web-editor-node
   IMAGE: ${{ secrets.DOCKER_USERNAME }}/p5.js-web-editor
 jobs:
@@ -60,6 +60,6 @@ jobs:
       # Deploy the Docker image to the GKE cluster
       - name: Deploy
         run: |-
-          kubectl set image deployment/$DEPLOYMENT_NAME web-editor-app=index.docker.io/$IMAGE:$GITHUB_SHA
+          kubectl set image deployment/$DEPLOYMENT_NAME web-editor-app=index.docker.io/$IMAGE:$GITHUB_SHA --namespace=production
           kubectl get services -o wide
 
diff --git a/.gitignore b/.gitignore
@@ -16,6 +16,7 @@ cert_chain.crt
 localhost.crt
 localhost.key
 privkey.pem
+terraform/.terraform/
 
 storybook-static
 duplicates.json
diff --git a/deploy.sh b/deploy.sh
@@ -20,4 +20,4 @@ gcloud --quiet container clusters get-credentials $CLUSTER_NAME_PRD
 kubectl config view
 kubectl config current-context
 
-kubectl set image deployment/${KUBE_DEPLOYMENT_NAME} ${KUBE_DEPLOYMENT_CONTAINER_NAME}=index.docker.io/$DOCKER_USERNAME/$DOCKER_REPOSITORY:$TRAVIS_TAG
+kubectl set image deployment/${KUBE_DEPLOYMENT_NAME} ${KUBE_DEPLOYMENT_CONTAINER_NAME}=index.docker.io/$DOCKER_USERNAME/$DOCKER_REPOSITORY:$TRAVIS_TAG --namespace=production
diff --git a/kubernetes_app.yml b/kubernetes_app.yml
@@ -1,30 +1,44 @@
-apiVersion: extensions/v1beta1
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: production
+  labels:
+    name: production
+---
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: editor-ingress
+  name: web-editor-ingress
+  namespace: production
   annotations:
-    kubernetes.io/ingress.global-static-ip-name: "web-editor-ip"
+    kubernetes.io/ingress.global-static-ip-name: "production-p5-web-editor-ip"
 spec:
-  backend:
-    serviceName: web-editor-node
-    servicePort: 8000
+  defaultBackend:
+    service:
+      name: web-editor-node
+      port:
+        number: 8000
 ---
-apiVersion: extensions/v1beta1
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: preview-editor-ingress
+  namespace: production
   annotations:
     # need to make another global static ip
-    kubernetes.io/ingress.global-static-ip-name: "preview-editor-ip"
+    kubernetes.io/ingress.global-static-ip-name: "production-p5-preview-editor-ip"
 spec:
-  backend:
-    serviceName: web-editor-node
-    servicePort: 8002
+  defaultBackend:
+    service:
+      name: web-editor-node
+      port:
+        number: 8002
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: web-editor-node
+  namespace: production
   labels:
     app: web-editor
 spec:
@@ -46,11 +60,12 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: web-editor-node
+  namespace: production
 spec:
   selector:
     matchLabels:
       app: web-editor
-  replicas: 1
+  replicas: 3
   template:
     metadata:
       labels:
@@ -81,9 +96,8 @@ spec:
 apiVersion: autoscaling/v1
 kind: HorizontalPodAutoscaler
 metadata:
-  annotations:
   name: web-editor-node
-  namespace: default
+  namespace: production
 spec:
   maxReplicas: 6
   minReplicas: 2
@@ -142,29 +156,33 @@ metadata:
   labels:
     name: staging
 ---
-apiVersion: extensions/v1beta1
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: staging-editor-ingress
+  name: web-editor-ingress
   namespace: staging
   annotations:
-    kubernetes.io/ingress.global-static-ip-name: "web-editor-staging-ip"
+    kubernetes.io/ingress.global-static-ip-name: "staging-p5-web-editor-ip"
 spec:
-  backend:
-    serviceName: web-editor-node
-    servicePort: 8001
+  defaultBackend:
+    service:
+      name: web-editor-node
+      port:
+        number: 8001
 ---
-apiVersion: extensions/v1beta1
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: staging-preview-ingress
+  name: preview-editor-ingress
   namespace: staging
   annotations:
-    kubernetes.io/ingress.global-static-ip-name: "preview-staging-ip"
+    kubernetes.io/ingress.global-static-ip-name: "staging-p5-preview-editor-ip"
 spec:
-  backend:
-    serviceName: web-editor-node
-    servicePort: 8003
+  defaultBackend:
+    service:
+      name: web-editor-node
+      port:
+        number: 8003
 ---
 apiVersion: v1
 kind: Service
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
diff --git a/terraform/README.md b/terraform/README.md
@@ -0,0 +1,65 @@
+#### Running Terraform
+
+1. Auth with GCP by running:
+```
+$ gcloud auth application-default login
+```
+
+2. If it's your first time running the terraform you will need to init to download the module code:
+```
+$ terraform init
+```
+
+3. Run plan to see the changes terraform will make:
+```
+$ terraform plan
+```
+
+4. Run apply if the changes look correct and terraform will prompt you to confirm the changes:
+```
+$ terraform apply
+```
+
+#### Using Kubectl (or other clients) to interact with the cluster
+
+##### New cluster
+1. Auth with GCP by running:
+```
+$ gcloud auth login
+```
+
+2. Set the project as the default:
+```
+$ gcloud config set project p5js-web-editor-project
+```
+
+3. Download the kubeconfig from gcloud by running the following command:
+```
+gcloud container clusters get-credentials p5-gke-cluster --zone us-east4
+```
+
+4. Run kubectl commands as normal:
+```
+$ kubectl get pods
+```
+
+##### Legacy cluster
+1. Auth with GCP by running:
+```
+$ gcloud auth login
+```
+
+2. Set the project as the default:
+```
+$ gcloud config set project p5js-web-editor-project
+```
+
+3. Download the kubeconfig from gcloud by running the following command:
+```
+$ gcloud container clusters get-credentials p5js-web-editor-cluster --zone us-east1-c
+```
+
+4. Run kubectl commands as normal:
+```
+$ kubectl get pods
+```
diff --git a/terraform/backend.tf b/terraform/backend.tf
@@ -0,0 +1,6 @@
+terraform {
+  backend "gcs" {
+    bucket = "p5js-terraform-state"
+    prefix = "terraform/state"
+  }
+}
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -0,0 +1,45 @@
+provider "google" {
+  project = var.project
+  region  = var.region
+}
+
+resource "google_container_cluster" "primary" {
+  name               = "p5-gke-cluster"
+  location           = var.region
+  network            = google_compute_network.p5.name
+  subnetwork         = google_compute_subnetwork.p5.name
+  min_master_version = var.gke_version
+
+  release_channel {
+    channel = "UNSPECIFIED"
+  }
+
+  # We can't create a cluster with no node pool defined, but we want to only use
+  # separately managed node pools. So we create the smallest possible default
+  # node pool and immediately delete it.
+  remove_default_node_pool = true
+  initial_node_count       = 1
+}
+
+resource "google_container_node_pool" "primary" {
+  name       = "primary-pool"
+  location   = var.region
+  cluster    = google_container_cluster.primary.name
+  version    = var.gke_version
+  node_count = 1
+
+  node_config {
+    disk_size_gb = 100
+    machine_type = "n1-standard-1"
+  }
+
+  autoscaling {
+    min_node_count = 1
+    max_node_count = 10
+  }
+
+  management {
+    auto_repair  = true
+    auto_upgrade = false
+  }
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -0,0 +1,14 @@
+variable "project" {
+  type    = string
+  default = "p5js-web-editor-project"
+}
+
+variable "region" {
+  type    = string
+  default = "us-east4"
+}
+
+variable "gke_version" {
+  type    = string
+  default = "1.22.8-gke.200"
+}
diff --git a/terraform/vpc.tf b/terraform/vpc.tf
@@ -0,0 +1,27 @@
+resource "google_compute_network" "p5" {
+  name                    = "${var.project}-vpc"
+  auto_create_subnetworks = false
+}
+
+resource "google_compute_subnetwork" "p5" {
+  name          = "${var.project}-subnet"
+  network       = google_compute_network.p5.name
+  ip_cidr_range = "10.10.0.0/24"
+  region        = var.region
+}
+
+resource "google_compute_global_address" "production_p5_web_editor_ip" {
+  name = "production-p5-web-editor-ip"
+}
+
+resource "google_compute_global_address" "production_p5_preview_editor_ip" {
+  name = "production-p5-preview-editor-ip"
+}
+
+resource "google_compute_global_address" "staging_p5_web_editor_ip" {
+  name = "staging-p5-web-editor-ip"
+}
+
+resource "google_compute_global_address" "staging_p5_preview_editor_ip" {
+  name = "staging-p5-preview-editor-ip"
+}
