cheshire
/
hscloud-docs
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
hscloud-docs/04-deploy-web-app.md

2.9 KiB
Raw Permalink Blame History

Deploying docker image on hscloud

In this chapter, we will deploy our registered docker image on hscloud as a simple HTTP kube service with HTTPS from Let's Encrypt.

Requirements

Working nix. You can install nix with command:

sh <(curl -L https://nixos.org/nix/install) --daemon

and start it with:

nix-shell
bazel build //tools:install
bazel run //tools:install

inside hscloud repo.

We need a registered docker image in the registry. If you don't have one, you can create it by following the Building your own Flask web service chapter. We also need a running prodaccess authorization (details: Building environment).

Steps

We create a prod.jsonnet file in location //personal/$hs_username/myflask/prod.jsonnet:

# Remember to replace $hs_username with your SSO username!

local kube = import "../../../kube/kube.libsonnet";

{
    local top = self,
    local cfg = self.cfg,

    cfg:: {
        name: 'web-app',
        namespace: 'personal-$hs_username',
        domain: 'web-app.$hs_username.hscloud.ovh',
        image: 'registry.k0.hswaw.net/$hs_username/myflask:latest',
    },

    ns: kube.Namespace(cfg.namespace),
    
    deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
        spec+: {
            replicas: 1,
            template+: {
                spec+: {
                    containers_: {
                        default: kube.Container("default") {
                            image: cfg.image,
                            ports_: {
                                http: { containerPort: 5000 },
                            }
                        },
                    },
                },
            },
        },
    },

    service: top.ns.Contain(kube.Service(cfg.name)) {
        target_pod:: top.deployment.spec.template,
    },

    ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
        metadata+: {
            annotations+: {
                "kubernetes.io/tls-acme": "true",
                "cert-manager.io/cluster-issuer": "letsencrypt-prod",
                "nginx.ingress.kubernetes.io/proxy-body-size": "0",
            },
        },
        spec+: {
            tls: [ { hosts: [ cfg.domain ], secretName: cfg.name + "-tls" } ],
            rules: [
                {
                    host: cfg.domain,
                    http: {
                        paths:  [
                            { path: "/", backend: top.service.name_port },
                        ],
                    },
                },
            ],
        },
    },
}

We can now deploy our application:

kubecfg update prod.jsonnet

The application should be available at http://web-app.$hs_username.hscloud.ovh. You will have to wait several seconds for the working HTTPS service.

To remove the application, execute:

kubecfg delete prod.jsonnet