107 lines
2.9 KiB
Markdown
107 lines
2.9 KiB
Markdown
|
# Deploying docker image on hscloud
|
||
|
|
||
|
In this chapter, we will deploy our registered docker image on `hscloud` as a simple HTTP kube service with HTTPS from Let's Encrypt.
|
||
|
|
||
|
## Requirements
|
||
|
|
||
|
Working `nix`. You can install `nix` with command:
|
||
|
|
||
|
```bash
|
||
|
sh <(curl -L https://nixos.org/nix/install) --daemon
|
||
|
```
|
||
|
|
||
|
and start it with:
|
||
|
|
||
|
```bash
|
||
|
nix-shell
|
||
|
bazel build //tools:install
|
||
|
bazel run //tools:install
|
||
|
```
|
||
|
|
||
|
inside `hscloud` repo.
|
||
|
|
||
|
We need a registered docker image in the registry. If you don't have one, you can create it by following the [Building your own Flask web service](03-build-web-app.md) chapter. We also need a running `prodaccess` authorization (details: [Building environment](01-1-build-on-ubuntu.md)).
|
||
|
|
||
|
## Steps
|
||
|
|
||
|
We create a `prod.jsonnet` file in location `//personal/$hs_username/myflask/prod.jsonnet`:
|
||
|
|
||
|
|
||
|
```jsonnet
|
||
|
# Remember to replace $hs_username with your SSO username!
|
||
|
|
||
|
local kube = import "../../../kube/kube.libsonnet";
|
||
|
|
||
|
{
|
||
|
local top = self,
|
||
|
local cfg = self.cfg,
|
||
|
|
||
|
cfg:: {
|
||
|
name: 'web-app',
|
||
|
namespace: 'personal-$hs_username',
|
||
|
domain: 'web-app.$hs_username.hscloud.ovh',
|
||
|
image: 'registry.k0.hswaw.net/$hs_username/myflask:latest',
|
||
|
},
|
||
|
|
||
|
ns: kube.Namespace(cfg.namespace),
|
||
|
|
||
|
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
|
||
|
spec+: {
|
||
|
replicas: 1,
|
||
|
template+: {
|
||
|
spec+: {
|
||
|
containers_: {
|
||
|
default: kube.Container("default") {
|
||
|
image: cfg.image,
|
||
|
ports_: {
|
||
|
http: { containerPort: 5000 },
|
||
|
}
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
|
||
|
service: top.ns.Contain(kube.Service(cfg.name)) {
|
||
|
target_pod:: top.deployment.spec.template,
|
||
|
},
|
||
|
|
||
|
ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
|
||
|
metadata+: {
|
||
|
annotations+: {
|
||
|
"kubernetes.io/tls-acme": "true",
|
||
|
"cert-manager.io/cluster-issuer": "letsencrypt-prod",
|
||
|
"nginx.ingress.kubernetes.io/proxy-body-size": "0",
|
||
|
},
|
||
|
},
|
||
|
spec+: {
|
||
|
tls: [ { hosts: [ cfg.domain ], secretName: cfg.name + "-tls" } ],
|
||
|
rules: [
|
||
|
{
|
||
|
host: cfg.domain,
|
||
|
http: {
|
||
|
paths: [
|
||
|
{ path: "/", backend: top.service.name_port },
|
||
|
],
|
||
|
},
|
||
|
},
|
||
|
],
|
||
|
},
|
||
|
},
|
||
|
}
|
||
|
```
|
||
|
|
||
|
We can now deploy our application:
|
||
|
|
||
|
```bash
|
||
|
kubecfg update prod.jsonnet
|
||
|
```
|
||
|
|
||
|
The application should be available at `http://web-app.$hs_username.hscloud.ovh`. You will have to wait several seconds for the working HTTPS service.
|
||
|
|
||
|
To remove the application, execute:
|
||
|
|
||
|
```bash
|
||
|
kubecfg delete prod.jsonnet
|
||
|
```
|