crates/collab/k8s 🔗
@@ -0,0 +1 @@
+../collab2/k8s
Add nightly environment for collab
Max Brunsfeld and Conrad created
Also, move postgrest service + deployment into a separate manifest
file, which is deployed via a separate script, `deploy-postgrest`.
This way, we don't have unused postgrest instances in preview and
nightly, since those use the prod database.
Co-authored-by: Conrad <conrad@zed.dev>Change summary
crates/collab/k8s | 1
crates/collab/k8s/environments/production.sh | 4
crates/collab/k8s/environments/staging.sh | 4
crates/collab/k8s/manifest.template.yml | 177 ----------------------
crates/collab/k8s/migrate.template.yml | 21 --
crates/collab2/k8s/collab.template.yml | 56 ------
crates/collab2/k8s/environments/nightly.sh | 2
crates/collab2/k8s/postgrest.template.yml | 55 ++++++
script/deploy-collab | 7
script/deploy-postgrest | 25 +++
10 files changed, 83 insertions(+), 269 deletions(-)
Detailed changes
crates/collab/k8s/environments/production.sh 🔗
@@ -1,4 +0,0 @@
-ZED_ENVIRONMENT=production
-RUST_LOG=info
-INVITE_LINK_PREFIX=https://zed.dev/invites/
-DATABASE_MAX_CONNECTIONS=85
crates/collab/k8s/environments/staging.sh 🔗
@@ -1,4 +0,0 @@
-ZED_ENVIRONMENT=staging
-RUST_LOG=info
-INVITE_LINK_PREFIX=https://staging.zed.dev/invites/
-DATABASE_MAX_CONNECTIONS=5
crates/collab/k8s/manifest.template.yml 🔗
@@ -1,177 +0,0 @@
----
-apiVersion: v1
-kind: Namespace
-metadata:
- name: ${ZED_KUBE_NAMESPACE}
-
----
-kind: Service
-apiVersion: v1
-metadata:
- namespace: ${ZED_KUBE_NAMESPACE}
- name: collab
- annotations:
- service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
- service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
-spec:
- type: LoadBalancer
- selector:
- app: collab
- ports:
- - name: web
- protocol: TCP
- port: 443
- targetPort: 8080
-
----
-kind: Service
-apiVersion: v1
-metadata:
- namespace: ${ZED_KUBE_NAMESPACE}
- name: pgadmin
- annotations:
- service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
- service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
-spec:
- type: LoadBalancer
- selector:
- app: postgrest
- ports:
- - name: web
- protocol: TCP
- port: 443
- targetPort: 8080
-
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- namespace: ${ZED_KUBE_NAMESPACE}
- name: collab
-
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: collab
- template:
- metadata:
- labels:
- app: collab
- annotations:
- ad.datadoghq.com/collab.check_names: |
- ["openmetrics"]
- ad.datadoghq.com/collab.init_configs: |
- [{}]
- ad.datadoghq.com/collab.instances: |
- [
- {
- "openmetrics_endpoint": "http://%%host%%:%%port%%/metrics",
- "namespace": "collab_${ZED_KUBE_NAMESPACE}",
- "metrics": [".*"]
- }
- ]
- spec:
- containers:
- - name: collab
- image: "${ZED_IMAGE_ID}"
- args:
- - serve
- ports:
- - containerPort: 8080
- protocol: TCP
- livenessProbe:
- httpGet:
- path: /healthz
- port: 8080
- initialDelaySeconds: 5
- periodSeconds: 5
- timeoutSeconds: 5
- readinessProbe:
- httpGet:
- path: /
- port: 8080
- initialDelaySeconds: 1
- periodSeconds: 1
- env:
- - name: HTTP_PORT
- value: "8080"
- - name: DATABASE_URL
- valueFrom:
- secretKeyRef:
- name: database
- key: url
- - name: DATABASE_MAX_CONNECTIONS
- value: "${DATABASE_MAX_CONNECTIONS}"
- - name: API_TOKEN
- valueFrom:
- secretKeyRef:
- name: api
- key: token
- - name: LIVE_KIT_SERVER
- valueFrom:
- secretKeyRef:
- name: livekit
- key: server
- - name: LIVE_KIT_KEY
- valueFrom:
- secretKeyRef:
- name: livekit
- key: key
- - name: LIVE_KIT_SECRET
- valueFrom:
- secretKeyRef:
- name: livekit
- key: secret
- - name: INVITE_LINK_PREFIX
- value: ${INVITE_LINK_PREFIX}
- - name: RUST_BACKTRACE
- value: "1"
- - name: RUST_LOG
- value: ${RUST_LOG}
- - name: LOG_JSON
- value: "true"
- - name: ZED_ENVIRONMENT
- value: ${ZED_ENVIRONMENT}
- securityContext:
- capabilities:
- # FIXME - Switch to the more restrictive `PERFMON` capability.
- # This capability isn't yet available in a stable version of Debian.
- add: ["SYS_ADMIN"]
-
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- namespace: ${ZED_KUBE_NAMESPACE}
- name: postgrest
-
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: postgrest
- template:
- metadata:
- labels:
- app: postgrest
- spec:
- containers:
- - name: postgrest
- image: "postgrest/postgrest"
- ports:
- - containerPort: 8080
- protocol: TCP
- env:
- - name: PGRST_SERVER_PORT
- value: "8080"
- - name: PGRST_DB_URI
- valueFrom:
- secretKeyRef:
- name: database
- key: url
- - name: PGRST_JWT_SECRET
- valueFrom:
- secretKeyRef:
- name: postgrest
- key: jwt_secret
crates/collab/k8s/migrate.template.yml 🔗
@@ -1,21 +0,0 @@
-apiVersion: batch/v1
-kind: Job
-metadata:
- namespace: ${ZED_KUBE_NAMESPACE}
- name: ${ZED_MIGRATE_JOB_NAME}
-spec:
- template:
- spec:
- restartPolicy: Never
- containers:
- - name: migrator
- imagePullPolicy: Always
- image: ${ZED_IMAGE_ID}
- args:
- - migrate
- env:
- - name: DATABASE_URL
- valueFrom:
- secretKeyRef:
- name: database
- key: url
crates/collab2/k8s/manifest.template.yml → crates/collab2/k8s/collab.template.yml 🔗
@@ -23,25 +23,6 @@ spec:
port: 443
targetPort: 8080
----
-kind: Service
-apiVersion: v1
-metadata:
- namespace: ${ZED_KUBE_NAMESPACE}
- name: pgadmin
- annotations:
- service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
- service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
-spec:
- type: LoadBalancer
- selector:
- app: postgrest
- ports:
- - name: web
- protocol: TCP
- port: 443
- targetPort: 8080
-
---
apiVersion: apps/v1
kind: Deployment
@@ -138,40 +119,3 @@ spec:
# FIXME - Switch to the more restrictive `PERFMON` capability.
# This capability isn't yet available in a stable version of Debian.
add: ["SYS_ADMIN"]
-
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- namespace: ${ZED_KUBE_NAMESPACE}
- name: postgrest
-
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: postgrest
- template:
- metadata:
- labels:
- app: postgrest
- spec:
- containers:
- - name: postgrest
- image: "postgrest/postgrest"
- ports:
- - containerPort: 8080
- protocol: TCP
- env:
- - name: PGRST_SERVER_PORT
- value: "8080"
- - name: PGRST_DB_URI
- valueFrom:
- secretKeyRef:
- name: database
- key: url
- - name: PGRST_JWT_SECRET
- valueFrom:
- secretKeyRef:
- name: postgrest
- key: jwt_secret
crates/collab/k8s/environments/preview.sh → crates/collab2/k8s/environments/nightly.sh 🔗
@@ -1,4 +1,4 @@
-ZED_ENVIRONMENT=preview
+ZED_ENVIRONMENT=nightly
RUST_LOG=info
INVITE_LINK_PREFIX=https://zed.dev/invites/
DATABASE_MAX_CONNECTIONS=10
crates/collab2/k8s/postgrest.template.yml 🔗
@@ -0,0 +1,55 @@
+---
+kind: Service
+apiVersion: v1
+metadata:
+ namespace: ${ZED_KUBE_NAMESPACE}
+ name: postgrest
+ annotations:
+ service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
+ service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
+spec:
+ type: LoadBalancer
+ selector:
+ app: postgrest
+ ports:
+ - name: web
+ protocol: TCP
+ port: 443
+ targetPort: 8080
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ namespace: ${ZED_KUBE_NAMESPACE}
+ name: postgrest
+
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: postgrest
+ template:
+ metadata:
+ labels:
+ app: postgrest
+ spec:
+ containers:
+ - name: postgrest
+ image: "postgrest/postgrest"
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ env:
+ - name: PGRST_SERVER_PORT
+ value: "8080"
+ - name: PGRST_DB_URI
+ valueFrom:
+ secretKeyRef:
+ name: database
+ key: url
+ - name: PGRST_JWT_SECRET
+ valueFrom:
+ secretKeyRef:
+ name: postgrest
+ key: jwt_secret
script/deploy → script/deploy-collab 🔗
@@ -10,11 +10,6 @@ fi
environment=$1
version=$2
-if [[ ${environment} == "nightly" ]]; then
- echo "nightly is not yet supported"
- exit 1
-fi
-
export_vars_for_environment ${environment}
image_id=$(image_id_for_version ${version})
@@ -23,6 +18,6 @@ export ZED_KUBE_NAMESPACE=${environment}
export ZED_IMAGE_ID=${image_id}
target_zed_kube_cluster
-envsubst < crates/collab/k8s/manifest.template.yml | kubectl apply -f -
+envsubst < crates/collab/k8s/collab.template.yml | kubectl apply -f -
echo "deployed collab v${version} to ${environment}"
script/deploy-postgrest 🔗
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+set -eu
+source script/lib/deploy-helpers.sh
+
+if [[ $# < 1 ]]; then
+ echo "Usage: $0 <production|staging> (postgrest not needed on preview or nightly)"
+ exit 1
+fi
+environment=$1
+
+if [[ ${environment} == "preview" || ${environment} == "nightly" ]]; then
+ echo "website does not exist in preview or nightly"
+ exit 1
+fi
+
+export_vars_for_environment ${environment}
+
+export ZED_DO_CERTIFICATE_ID=$(doctl compute certificate list --format ID --no-header)
+export ZED_KUBE_NAMESPACE=${environment}
+
+target_zed_kube_cluster
+envsubst < crates/collab/k8s/postgrest.template.yml | kubectl apply -f -
+
+echo "deployed postgrest"