cheshire
/
hscloud-docs
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
hscloud-docs/02-create-service.md

2.9 KiB
Raw Permalink Blame History

Creating a public service in hscloud

In this chapter, I will show you how to create a service that will be publicly available on the Internet.

Requirements

Working nix. You can install nix with command:

sh <(curl -L https://nixos.org/nix/install) --daemon

and start it with:

nix-shell
bazel build //tools:install
bazel run //tools:install

Creating a copy of ldapweb

We start by enabling the nix-shell environment:

cd hscloud
nix-shell

We start in the hscloud folder, with the nix-shell environment enabled. If you don't have your namespace in the //personal folder yet, we create it:

mkdir personal/$hs_username

We copy the configuration of the ldapweb service into the workspace:

cp -r hswaw/ldapweb/ personal/$hs_username/
cd personal/$hs_username/ldapweb/

Modifying the service

The configuration of ldapweb is contained in the prod.jsonnet file. The format of jsonnet is very similar to json, but allows the use of variables, functions, and the import of other files.

We are interested in the initial part of the file:

local kube = import "../../kube/kube.libsonnet"

{
    local top = self,
    local cfg = self.cfg,

    cfg:: {
        name: 'ldapweb',
        namespace: 'ldapweb',
        domain: 'profile.hackerspace.pl',
        image: 'registry.k0.hswaw.net/radex/ldap-web:1695486391',
    },
...
}

The import is done from the kube.libsonnet file in the kube folder in the hscloud folder. In order for the import to proceed correctly in this case, we need to go back one more folder: ../../../kube/kube.libsonnet.

The hscloud configuration only allows the namespace in personal-$hs_username format. In addition, we need to change the domain to *.$hs_username.hscloud.ovh. Finally, we change the service name to test.

Finally, the above fragment of the prod.jsonnet file should look like this:

# remember to replace $hs_username with your username!

local kube = import "../../../kube/kube.libsonnet";

{
    local top = self,
    local cfg = self.cfg,


    cfg:: {
        name: 'test',
        namespace: 'personal-$hs_username',
        domain: 'test.$hs_username.hscloud.ovh',
        image: 'registry.k0.hswaw.net/radex/ldap-web:1695486391',
    },
...
}

We log into the cluster:

hs_username=$USER # if your username is the same as your SSO username
prodaccess -username $hs_username

We invoke the command to apply the changes:

kubecfg update prod.jsonnet

Our service should be at https://test.$hs_username.hscloud.ovh/. During the first couple of minutes we will get a message about an invalid certificate, because the Let's Encrypt service has not yet managed to generate a certificate for our domain.

To remove the service, call:

kubecfg delete prod.jsonnet

or

kubectl delete service test -n personal-$hs_username