From ecc5918fe037a3a7141caf168ece95946370f093 Mon Sep 17 00:00:00 2001 From: Martin Petkov Date: Fri, 17 Apr 2020 16:03:21 -0400 Subject: [PATCH 1/2] Add pointer to Kubernetes setup instructions --- Terraform/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Terraform/README.md b/Terraform/README.md index 6f37e549d9..6eee4e6ac7 100644 --- a/Terraform/README.md +++ b/Terraform/README.md @@ -3,7 +3,7 @@ These directories define the entire GCP infrastructure app to run the FDA MyStudies application. -## Pre-Requisites +## Prerequisites 1. Install the following dependencies and add them to your PATH: @@ -155,5 +155,8 @@ To see what resources each deployment provisions, check out the comments in each 1. Follow `$ROOT/cicd/README.md` to set up CICD pipelines for Terraform configs. +1. Follow `$ROOT/kubernetes/README.md` to deploy the Kubernetes resources in + the GKE cluster. + 1. Revoke your super admin access by running `gcloud auth revoke` and authenticate as a normal user for daily activities. From 675fab58ae0259db5df864c7123632ab48d1b0b5 Mon Sep 17 00:00:00 2001 From: Martin Petkov Date: Mon, 20 Apr 2020 11:36:22 -0400 Subject: [PATCH 2/2] Update kubeapply.sh to do deployments and not fetch the SA --- .../{heroes-hat-cert.yaml => cert.yaml} | 0 kubernetes/kubeapply.sh | 19 ++++++++++++------- 2 files changed, 12 insertions(+), 7 deletions(-) rename kubernetes/{heroes-hat-cert.yaml => cert.yaml} (100%) diff --git a/kubernetes/heroes-hat-cert.yaml b/kubernetes/cert.yaml similarity index 100% rename from kubernetes/heroes-hat-cert.yaml rename to kubernetes/cert.yaml diff --git a/kubernetes/kubeapply.sh b/kubernetes/kubeapply.sh index 27df2bdc7d..9131513a92 100755 --- a/kubernetes/kubeapply.sh +++ b/kubernetes/kubeapply.sh @@ -3,11 +3,12 @@ # Short helper script to run repetitive commands for Kubernetes deployments. # Args: # kubeapply.sh -# +# # It does the following: -# * Activate sthe cluster for kubectl via `gcloud container clusters get-credentials`. +# * Activates the cluster for kubectl via `gcloud container clusters get-credentials`. # * Applies the pod security policies. -# * Applies the heroes-hat cert configuration. +# * Applies the cert configuration. +# * Applies all deployments from children of the parent folder. # * Applies all services from children of the parent folder. # * Applies the ingress configuration # @@ -29,8 +30,6 @@ shift 1 set -e -serviceaccount="$(gcloud container clusters describe "${cluster}" --region="us-east1" --project="heroes-hat-dev-apps" --format='value(nodeConfig.serviceAccount)')" - echo "=== Switching kubectl to cluster ${cluster} ===" read -p "Press enter to continue" gcloud container clusters get-credentials "${cluster}" --region="us-east1" --project="heroes-hat-dev-apps" @@ -41,9 +40,15 @@ for policy in $(find . -name "pod_security_policy*.yaml"); do kubectl apply -f ${policy} done -echo '=== Applying heroes-hat-cert.yaml ===' +echo '=== Applying cert.yaml ===' read -p "Press enter to continue" -kubectl apply -f ./heroes-hat-cert.yaml +kubectl apply -f ./cert.yaml + +for deployment in $(find .. -name "deployment.yaml"); do + echo "=== Applying deployment ${deployment} ===" + read -p "Press enter to continue" + kubectl apply -f ${deployment} +done for service in $(find .. -name "service.yaml"); do echo "=== Applying service ${service} ==="