From c8a5cfa2362fc6e93782bbc2825d5fb8297e86cc Mon Sep 17 00:00:00 2001 From: Justin Garrison Date: Sun, 18 Sep 2016 22:04:44 -0700 Subject: [PATCH] Switched rc -> deployment and using secret instead of configmap. Added README with steps to run postgres. --- k8s/README.md | 105 ++++++++++++++++++ k8s/mattermost.configmap.yaml | 102 ----------------- k8s/mattermost.deployment.yaml | 61 ++++++++++ k8s/mattermost.ing.yaml | 13 --- k8s/mattermost.rc.yml | 44 -------- k8s/mattermost.secret.yaml | 19 ++++ ...mattermost.svc.yml => mattermost.svc.yaml} | 0 7 files changed, 185 insertions(+), 159 deletions(-) create mode 100644 k8s/README.md delete mode 100644 k8s/mattermost.configmap.yaml create mode 100644 k8s/mattermost.deployment.yaml delete mode 100644 k8s/mattermost.ing.yaml delete mode 100644 k8s/mattermost.rc.yml create mode 100644 k8s/mattermost.secret.yaml rename k8s/{mattermost.svc.yml => mattermost.svc.yaml} (100%) diff --git a/k8s/README.md b/k8s/README.md new file mode 100644 index 0000000..58c68ba --- /dev/null +++ b/k8s/README.md @@ -0,0 +1,105 @@ +Mattermost on Kubernetes +======= + +You can use these manifests as a starting point to run Mattermost on kubernetes. + +If you already have a Kubernetes cluster you can skip this first step. + +### Start local Kubernetes cluster + +To get started we can use [minikube](https://github.com/kubernetes/minikube/) to run a local kubernetes cluster. + +Download and install minikube and any dependancies for your operating system (see minikube readme). You will also need to install [kubectl](http://kubernetes.io/docs/user-guide/prereqs/). + +Start the minikube VM + +``` +minikube start +``` + +### Start a Postgres database + +#### WARNING: The database is not backup up and will lose all data if the pod is restarted. Consider using a [persistent volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) for storing pgdata + +This will run a postgres deployment with default values for database name, username, and password. + +``` +kubectl run postgres --image=postgres:9 \ + --env="POSTGRES_PASSWORD=mmuser_password" \ + --env="POSTGRES_DB=mattermost" \ + --env="POSTGRES_USER=mmuser" +``` +Expose the postgres database as a service named "db" +``` +kubectl expose deployment postgres \ + --name=db \ + --port 5432 \ + --target-port 5432 +``` + +### Run Mattermost container + +The Mattermost application is split into three manifests. + +First create the secret which will set the environment varibles for the main application container. If you changed the values for the Postgres container you will also need to set the values in mattermost.secret.yaml using the [manual steps for creating a secret](http://kubernetes.io/docs/user-guide/secrets/#creating-a-secret-manually). +``` +kubectl create -f mattermost.secret.yaml +``` +Next create the mattermost deployment (main application) with +``` +kubectl create -f mattermost.deployment.yaml +``` +You should check that the pod started successfully with `kubectl get po -l app=mattermost` + +Finally you can expose the application with a service so you can easily access the application from a web browser. The example service is using a `type: NodePort` which means it will be exposed on a random high port on your cluster nodes (or minikube VM if you're using minikube). +``` +kubectl create -f mattermost.svc.yaml +``` +Now you can get your VM's IP address with +``` +minikube ip +192.168.99.100 +``` +and the exposed port for the application with +``` +kubectl describe svc mattermost +Name: mattermost +Namespace: default +Labels: +Selector: app=mattermost,tier=app +Type: NodePort +IP: 10.0.0.194 +Port: http 80/TCP +NodePort: http 32283/TCP +Endpoints: 172.17.0.4:80 +Session Affinity: None +No events. +``` +Make sure the Endpoints shows an IP address. This should correlate to the pod IP started by the deployment. + +Now browse to your node IP and exposed NodePort in your browser to view the application or test it with curl + +``` +curl -L http://192.168.99.100:32283 +``` + +### Optional steps + + * If you want your data to be persistent you will need to make persistent volume for Mattermost and Postgres. + * If you want to change advanced settings for the mattermost container you can make a [configMap](http://blog.kubernetes.io/2016/04/configuration-management-with-containers.html) for the /mattermost/config/config.json file + * If you want the application exposed on port 80 you can either specify the port in the service manifest or use an ingress controller and an ingress mapp for the mattermost service. A sample ingress map would be + ``` +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: mattermost +spec: + rules: + - host: mattermost + http: + paths: + - backend: + serviceName: mattermost + servicePort: 80 +``` diff --git a/k8s/mattermost.configmap.yaml b/k8s/mattermost.configmap.yaml deleted file mode 100644 index ad30deb..0000000 --- a/k8s/mattermost.configmap.yaml +++ /dev/null @@ -1,102 +0,0 @@ -kind: ConfigMap -apiVersion: v1 -metadata: - name: mattermost.config - namespace: default -data: - config.json: |- - { - "ServiceSettings": { - "ListenAddress": ":80", - "MaximumLoginAttempts": 10, - "SegmentDeveloperKey": "", - "GoogleDeveloperKey": "", - "EnableOAuthServiceProvider": false, - "EnableIncomingWebhooks": false, - "EnableOutgoingWebhooks": false, - "EnablePostUsernameOverride": false, - "EnablePostIconOverride": false, - "EnableTesting": false, - "EnableSecurityFixAlert": true - }, - "TeamSettings": { - "SiteName": "Mattermost", - "MaxUsersPerTeam": 50, - "EnableTeamCreation": true, - "EnableUserCreation": true, - "RestrictCreationToDomains": "", - "RestrictTeamNames": true, - "EnableTeamListing": false - }, - "SqlSettings": { - "DriverName": "postgres", - "DataSource": "postgres://mmuser:mmuser_password@mattermost-db:5432/mattermost?sslmode=disable&connect_timeout=10", - "DataSourceReplicas": [], - "MaxIdleConns": 10, - "MaxOpenConns": 10, - "Trace": false, - "AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QVg" - }, - "LogSettings": { - "EnableConsole": false, - "ConsoleLevel": "INFO", - "EnableFile": true, - "FileLevel": "INFO", - "FileFormat": "", - "FileLocation": "" - }, - "FileSettings": { - "DriverName": "local", - "Directory": "/mattermost/data/", - "EnablePublicLink": true, - "PublicLinkSalt": "A705AklYF8MFDOfcwh3I488G8vtLlVip", - "ThumbnailWidth": 120, - "ThumbnailHeight": 100, - "PreviewWidth": 1024, - "PreviewHeight": 0, - "ProfileWidth": 128, - "ProfileHeight": 128, - "InitialFont": "luximbi.ttf", - "AmazonS3AccessKeyId": "", - "AmazonS3SecretAccessKey": "", - "AmazonS3Bucket": "", - "AmazonS3Region": "" - }, - "EmailSettings": { - "EnableSignUpWithEmail": true, - "SendEmailNotifications": false, - "RequireEmailVerification": false, - "FeedbackName": "", - "FeedbackEmail": "", - "SMTPUsername": "", - "SMTPPassword": "", - "SMTPServer": "", - "SMTPPort": "", - "ConnectionSecurity": "", - "InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9YoS", - "PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5eL", - "ApplePushServer": "", - "ApplePushCertPublic": "", - "ApplePushCertPrivate": "" - }, - "RateLimitSettings": { - "EnableRateLimiter": true, - "PerSec": 10, - "MemoryStoreSize": 10000, - "VaryByRemoteAddr": true, - "VaryByHeader": "" - }, - "PrivacySettings": { - "ShowEmailAddress": true, - "ShowFullName": true - }, - "GitLabSettings": { - "Enable": false, - "Secret": "", - "Id": "", - "Scope": "", - "AuthEndpoint": "", - "TokenEndpoint": "", - "UserApiEndpoint": "" - } - } diff --git a/k8s/mattermost.deployment.yaml b/k8s/mattermost.deployment.yaml new file mode 100644 index 0000000..3ecdc5a --- /dev/null +++ b/k8s/mattermost.deployment.yaml @@ -0,0 +1,61 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: mattermost-app + labels: + app: mattermost + tier: app + namespace: default +spec: + replicas: 1 + template: + metadata: + name: mattermost-app + labels: + app: mattermost + tier: app + spec: + containers: + - name: mattermost-app + image: "mattermost/mattermost-prod-app:3" + env: + - name: DB_HOST + valueFrom: + secretKeyRef: + name: mattermost.env + key: db-host + - name: DB_PORT + valueFrom: + secretKeyRef: + name: mattermost.env + key: db-port + - name: MM_USERNAME + valueFrom: + secretKeyRef: + name: mattermost.env + key: mm-username + - name: MM_PASSWORD + valueFrom: + secretKeyRef: + name: mattermost.env + key: mm-password + - name: MM_DBNAME + valueFrom: + secretKeyRef: + name: mattermost.env + key: mm-dbname + volumeMounts: + # optional persistant storage + #- name: appdata + #mountPath: /mattermost/data + - name: etclocaltime + mountPath: /etc/localtime + readOnly: true + volumes: + # optional persistant storage + #- name: appdata + #persistentVolumeClaim: + # claimName: mattermost-app + - name: etclocaltime + hostPath: + path: /etc/localtime diff --git a/k8s/mattermost.ing.yaml b/k8s/mattermost.ing.yaml deleted file mode 100644 index ca4ebaa..0000000 --- a/k8s/mattermost.ing.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: mattermost -spec: - rules: - - host: mattermost - http: - paths: - - backend: - serviceName: mattermost - servicePort: 80 diff --git a/k8s/mattermost.rc.yml b/k8s/mattermost.rc.yml deleted file mode 100644 index 40c61d3..0000000 --- a/k8s/mattermost.rc.yml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: v1 -kind: ReplicationController -metadata: - name: mattermost-app - labels: - app: mattermost - tier: app - namespace: default -spec: - replicas: 1 - selector: - app: mattermost - tier: app - template: - metadata: - name: mattermost-app - labels: - app: mattermost - tier: app - spec: - containers: - - name: mattermost-app - image: "mattermost/mattermost-prod-app" - env: - - name: DB_HOST - value: "mattermost-db" - volumeMounts: - - name: appconfig - mountPath: /mattermost/config - - name: appdata - mountPath: /mattermost/data - - name: etclocaltime - mountPath: /etc/localtime - readOnly: true - volumes: - - name: appconfig - configMap: - name: mattermost.config - - name: appdata - persistentVolumeClaim: - claimName: mattermost-app - - name: etclocaltime - hostPath: - path: /etc/localtime diff --git a/k8s/mattermost.secret.yaml b/k8s/mattermost.secret.yaml new file mode 100644 index 0000000..595b9c2 --- /dev/null +++ b/k8s/mattermost.secret.yaml @@ -0,0 +1,19 @@ +kind: Secret +apiVersion: v1 +metadata: + name: mattermost.env + namespace: default +type: Opaque +data: + # see http://kubernetes.io/docs/user-guide/secrets/#creating-a-secret-using-kubectl-create-secret + # for creating secrets manually + # db + db-host: ZGI= + # 5432 + db-port: NTQzMg== + # mmuser + mm-username: bW11c2Vy + # mmuser_password + mm-password: bW11c2VyX3Bhc3N3b3Jk + # mattermost + mm-dbname: bWF0dGVybW9zdA== diff --git a/k8s/mattermost.svc.yml b/k8s/mattermost.svc.yaml similarity index 100% rename from k8s/mattermost.svc.yml rename to k8s/mattermost.svc.yaml