From 543d5d27fa03c9054d2d5bb0c11afd7e7ef927d8 Mon Sep 17 00:00:00 2001 From: Aric Beagley Date: Wed, 11 Apr 2018 16:45:09 -0600 Subject: [PATCH 1/2] GCP Start --- gcp/prisma_cluster.jinja | 61 +++++++++++++++++++++++++++++++++ gcp/prisma_cluster.jinja.schema | 29 ++++++++++++++++ gcp/prisma_cluster.yml | 8 +++++ gcp/prisma_manifest.yml | 14 ++++++++ gcp/prisma_secrets.yml | 24 +++++++++++++ 5 files changed, 136 insertions(+) create mode 100644 gcp/prisma_cluster.jinja create mode 100644 gcp/prisma_cluster.jinja.schema create mode 100644 gcp/prisma_cluster.yml create mode 100644 gcp/prisma_manifest.yml create mode 100644 gcp/prisma_secrets.yml diff --git a/gcp/prisma_cluster.jinja b/gcp/prisma_cluster.jinja new file mode 100644 index 0000000..c97ee99 --- /dev/null +++ b/gcp/prisma_cluster.jinja @@ -0,0 +1,61 @@ +resources: + - name: PrismaNodePool + type: container.v1.nodepool + properties: + name: prisma-node-pool + initialNodeCount: {{ properties['initialNodeCount'] }} + autoscaling: + enabled: true + minNodeCount: {{ properties['minNodeCount'] }} + maxNodeCount: {{ properties['maxNodeCount'] }} + config: + oauthScopes: + - https://www.googleapis.com/auth/compute + - https://www.googleapis.com/auth/devstorage.read_only + - https://www.googleapis.com/auth/logging.write + - https://www.googleapis.com/auth/monitoring + - name: PrismaCluster + type: container.v1.cluster + properties: + description: The kubernetes cluster for Prisma + name: prisma-cluster + clusterIpv4Cidr: 10.0.0.0/24 + zone: {{ properties['zone'] }} + nodePools: + - ${ref.PrismaNodePool.selfLink} + addonsConfig: + httpLoadBalancing: + disabled: false + HorizontalPodAutoscaling: + disabled: false + KubernetesDashboard: + disabled: true + NetworkPolicyConfig: + disabled: false + NetworkPolicy: + enabled: true + provider: CALICO + - name: PrismaClusterType + type: deploymentmanager.v2beta.typeProvider + properties: + options: + validationOptions: + schemaValidation: IGNORE_WITH_WARNINGS + # These mappings initialize the type for use within the executors GCP platform + inputMappings: + - fieldName: name + location: PATH + methodMatch: ^(GET|DELETE|PUT)$ + value: $.ifNull($.resource.properties.metadata.name, $.resource.name) + - fieldName: metadata.name + location: BODY + methodMatch: ^(PUT|POST)$ + value: $.ifNull($.resource.properties.metadata.name, $.resource.name) + - fieldName: Authorization + location: HEADER + value: > + $.concat("Bearer ", $.googleOauth2AccessToken()) + +outputs: + - name: clusterType + value: PrismaClusterType::api/v1 diff --git a/gcp/prisma_cluster.jinja.schema b/gcp/prisma_cluster.jinja.schema new file mode 100644 index 0000000..019ff38 --- /dev/null +++ b/gcp/prisma_cluster.jinja.schema @@ -0,0 +1,29 @@ +info: + title: Prisma Cluster + author: Aric Beagley + description: | + Creates a Kubernetes cluster which hosts a prisma cluster and sets a reference point for other DM scripts + +required: + - zone + +properties: + zone: + type: string + description: Which zone you want your cluster to exist in + initialNodeCount: + type: integer + description: How many nodes you want to run in your cluster by default + default: 2 + minNodeCount: + type: integer + description: How many nodes you want to run in your cluster by default + default: 1 + maxNodeCount: + type: integer + description: How many nodes you want to run in your cluster by default + default: 2 + +outputs: + clusterType: + description: The provider you use to create resources inside of the cluster after creation diff --git a/gcp/prisma_cluster.yml b/gcp/prisma_cluster.yml new file mode 100644 index 0000000..d3d5be3 --- /dev/null +++ b/gcp/prisma_cluster.yml @@ -0,0 +1,8 @@ +imports: + - path: prisma_cluster.jinja + +resources: + - name: prisma-cluster + type: prisma_cluster.jinja + properties: + zone: us-west-2b diff --git a/gcp/prisma_manifest.yml b/gcp/prisma_manifest.yml new file mode 100644 index 0000000..9cf71b5 --- /dev/null +++ b/gcp/prisma_manifest.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: prisma + realm: prisma +spec: + containers: + - name: prisma-container + image: prismagraphql/prisma + imagePullPolicy: Always + ports: + - containerPort: 60000 + hostPort: 60000 + env: diff --git a/gcp/prisma_secrets.yml b/gcp/prisma_secrets.yml new file mode 100644 index 0000000..25a43f5 --- /dev/null +++ b/gcp/prisma_secrets.yml @@ -0,0 +1,24 @@ +# Kubernetes secrets are base64 encoded - make sure when changing values you encode them + +apiVersion: v1 +kind: Secret +metadata: + name: prisma-secrets +type: Opaque +data: + PORT: 60000 + SQL_CLIENT_HOST: + SQL_CLIENT_PORT: + SQL_CLIENT_USER: + SQL_CLIENT_PASSWORD: + SQL_CLIENT_CONNECTION_LIMIT: 10 + SQL_INTERNAL_HOST: + SQL_INTERNAL_PORT: + SQL_INTERNAL_USER: + SQL_INTERNAL_PASSWORD: + SQL_INTERNAL_DATABASE: graphcool + SQL_INTERNAL_CONNECTION_LIMIT: 10 + JAVA_OPTS: + CLUSTER_ADDRESS: + SCHEMA_MANAGER_SECRET: + BUGSNAG_API_KEY: "" From 3f94f04b1cb158bcce2a29589dce7904a0420b68 Mon Sep 17 00:00:00 2001 From: Aric Beagley Date: Wed, 11 Apr 2018 23:04:40 -0600 Subject: [PATCH 2/2] Progress. Working cluster deployment - flaky due to open issue on GH. --- gcp/README.md | 17 ++++++++ gcp/prisma_cluster.jinja | 74 ++++++++++++++++----------------- gcp/prisma_cluster.jinja.schema | 14 +------ gcp/prisma_cluster.yml | 3 +- gcp/prisma_manifest.yml | 14 ------- gcp/prisma_secrets.yml | 24 ----------- gcp/prisma_service.jinja | 68 ++++++++++++++++++++++++++++++ gcp/prisma_service.jinja.schema | 41 ++++++++++++++++++ gcp/prisma_service.yml | 0 9 files changed, 164 insertions(+), 91 deletions(-) create mode 100644 gcp/README.md delete mode 100644 gcp/prisma_manifest.yml delete mode 100644 gcp/prisma_secrets.yml create mode 100644 gcp/prisma_service.jinja create mode 100644 gcp/prisma_service.jinja.schema create mode 100644 gcp/prisma_service.yml diff --git a/gcp/README.md b/gcp/README.md new file mode 100644 index 0000000..51a9c2a --- /dev/null +++ b/gcp/README.md @@ -0,0 +1,17 @@ +# GCP templates + +This collection of templates is intended to be used with GPC Deployment Manager. + +How to use: +* Currently a work in progress. There seems to be some bugs around GKE and Deployment Manager that the Google team are working on. +* Essentially this template is a two step process for creating re-usable deployment +templates on GCP. We start by creating the cluster and a custom type to create concepts with, and then move +to the actual service definitions for GKE. + +## Deployment Manager + +TBD + +## GKE + +TBD \ No newline at end of file diff --git a/gcp/prisma_cluster.jinja b/gcp/prisma_cluster.jinja index c97ee99..8e50d4c 100644 --- a/gcp/prisma_cluster.jinja +++ b/gcp/prisma_cluster.jinja @@ -1,47 +1,46 @@ +# This script is a little flaky due to what seems to be an issue pointed out here: +# +# https://github.com/GoogleCloudPlatform/deploymentmanager-samples/issues/148 +# +# Looks like GKE might need a bit of an update in order to properly setup the initial cluster for the follow up step. +# I've also found that after a few retries I've had success and the cluster gets created. + +# Endpoints needed to create proper resources +{% set K8S_ENDPOINTS = {'': 'api/v1', '-v1beta1-extensions': 'apis/extensions/v1beta1', '-apps-v1beta1': 'apps/v1beta1'} %} + resources: - - name: PrismaNodePool - type: container.v1.nodepool - properties: - name: prisma-node-pool - initialNodeCount: {{ properties['initialNodeCount'] }} - autoscaling: - enabled: true - minNodeCount: {{ properties['minNodeCount'] }} - maxNodeCount: {{ properties['maxNodeCount'] }} - config: - oauthScopes: - - https://www.googleapis.com/auth/compute - - https://www.googleapis.com/auth/devstorage.read_only - - https://www.googleapis.com/auth/logging.write - - https://www.googleapis.com/auth/monitoring - - name: PrismaCluster + # https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.zones.clusters + - name: prisma-cluster type: container.v1.cluster properties: - description: The kubernetes cluster for Prisma - name: prisma-cluster - clusterIpv4Cidr: 10.0.0.0/24 + # In order to change versions run the following command and replace with the version you desire. + # gcloud container get-server-config + initialClusterVersion: 1.9.6-gke.0 zone: {{ properties['zone'] }} - nodePools: - - ${ref.PrismaNodePool.selfLink} - addonsConfig: - httpLoadBalancing: - disabled: false - HorizontalPodAutoscaling: - disabled: false - KubernetesDashboard: - disabled: true - NetworkPolicyConfig: - disabled: false - NetworkPolicy: - enabled: true - provider: CALICO - - name: PrismaClusterType + # You'll notice the key doesn't exist in the definition for this particular resource. This is the primary + # key that will get mapped to values below for our custom type definition and give us a reference to + # our Kubernetes api. + cluster: + name: prisma-cluster + initialNodeCount: {{ properties['initialNodeCount'] }} + nodeConfig: + oauthScopes: + - https://www.googleapis.com/auth/compute + - https://www.googleapis.com/auth/devstorage.read_only + - https://www.googleapis.com/auth/logging.write + - https://www.googleapis.com/auth/monitoring + {% for typeSuffix, endpoint in K8S_ENDPOINTS.iteritems() %} + # https://cloud.google.com/deployment-manager/docs/reference/v2beta/typeProviders + - name: prisma-cluster-type{{typeSuffix}} type: deploymentmanager.v2beta.typeProvider properties: + # We're only setting up the official api/v1 endpoint for Kubernetes here. If you need additional + # url extensions you can create a loop to make X custom types per endpoint. Prisma doesn't require anything + # that isn't in the standard V1 API. + descriptorUrl: https://$(ref.prisma-cluster.endpoint)/swaggerapi/{{ endpoint }} options: validationOptions: schemaValidation: IGNORE_WITH_WARNINGS - # These mappings initialize the type for use within the executors GCP platform inputMappings: - fieldName: name location: PATH @@ -55,7 +54,4 @@ resources: location: HEADER value: > $.concat("Bearer ", $.googleOauth2AccessToken()) - -outputs: - - name: clusterType - value: PrismaClusterType::api/v1 + {% endfor %} diff --git a/gcp/prisma_cluster.jinja.schema b/gcp/prisma_cluster.jinja.schema index 019ff38..1fcf208 100644 --- a/gcp/prisma_cluster.jinja.schema +++ b/gcp/prisma_cluster.jinja.schema @@ -2,7 +2,7 @@ info: title: Prisma Cluster author: Aric Beagley description: | - Creates a Kubernetes cluster which hosts a prisma cluster and sets a reference point for other DM scripts + Creates a Kubernetes cluster which will host a prisma cluster and sets a reference point for other DM scripts required: - zone @@ -15,15 +15,3 @@ properties: type: integer description: How many nodes you want to run in your cluster by default default: 2 - minNodeCount: - type: integer - description: How many nodes you want to run in your cluster by default - default: 1 - maxNodeCount: - type: integer - description: How many nodes you want to run in your cluster by default - default: 2 - -outputs: - clusterType: - description: The provider you use to create resources inside of the cluster after creation diff --git a/gcp/prisma_cluster.yml b/gcp/prisma_cluster.yml index d3d5be3..54f80aa 100644 --- a/gcp/prisma_cluster.yml +++ b/gcp/prisma_cluster.yml @@ -5,4 +5,5 @@ resources: - name: prisma-cluster type: prisma_cluster.jinja properties: - zone: us-west-2b + zone: us-west1-b + # initialNodeCount: 2 diff --git a/gcp/prisma_manifest.yml b/gcp/prisma_manifest.yml deleted file mode 100644 index 9cf71b5..0000000 --- a/gcp/prisma_manifest.yml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: prisma - realm: prisma -spec: - containers: - - name: prisma-container - image: prismagraphql/prisma - imagePullPolicy: Always - ports: - - containerPort: 60000 - hostPort: 60000 - env: diff --git a/gcp/prisma_secrets.yml b/gcp/prisma_secrets.yml deleted file mode 100644 index 25a43f5..0000000 --- a/gcp/prisma_secrets.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Kubernetes secrets are base64 encoded - make sure when changing values you encode them - -apiVersion: v1 -kind: Secret -metadata: - name: prisma-secrets -type: Opaque -data: - PORT: 60000 - SQL_CLIENT_HOST: - SQL_CLIENT_PORT: - SQL_CLIENT_USER: - SQL_CLIENT_PASSWORD: - SQL_CLIENT_CONNECTION_LIMIT: 10 - SQL_INTERNAL_HOST: - SQL_INTERNAL_PORT: - SQL_INTERNAL_USER: - SQL_INTERNAL_PASSWORD: - SQL_INTERNAL_DATABASE: graphcool - SQL_INTERNAL_CONNECTION_LIMIT: 10 - JAVA_OPTS: - CLUSTER_ADDRESS: - SCHEMA_MANAGER_SECRET: - BUGSNAG_API_KEY: "" diff --git a/gcp/prisma_service.jinja b/gcp/prisma_service.jinja new file mode 100644 index 0000000..5734bb4 --- /dev/null +++ b/gcp/prisma_service.jinja @@ -0,0 +1,68 @@ +resources: + - name: prisma-service + type: prisma-cluster-type:/api/v1/namespaces/{namespace}/service + properties: + apiVersion: v1 + kind: Service + namespace: default + metadata: + name: prisma-service + spec: + type: LoadBalancer + ports: + - port: 60000 + targetPort: 60000 + protocol: TCP + selector: + name: prisma-service + + - name: prisma-deployment + type: prisma-cluster-type-apps-v1beta1:/apps/v1beta1/deployment + properties: + apiVersion: apps/v1beta1 + kind: Deployment + metadata: + name: prisma-deployment + spec: + replicas: 2 + template: + metadata: + labels: + app: prisma-instance + spec: + containers: + - name: prisma-container + image: prismagraphql/prisma:1.6-beta + env: + - name: PORT + value: 60000 + - name: SQL_CLIENT_HOST + value: {{ properties['dbHost'] }} + - name: SQL_CLIENT_PORT + value: {{ properties['dbPort'] }} + - name: SQL_CLIENT_USER + value: {{ properties['dbUser'] }} + - name: SQL_CLIENT_PASSWORD + value: {{ properties['dbPass'] }} + - name: SQL_CLIENT_CONNECTION_LIMIT + value: 10 + - name: SQL_INTERNAL_HOST + value: {{ properties['dbHost'] }} + - name: SQL_INTERNAL_PORT + value: {{ properties['dbPort'] }} + - name: SQL_INTERNAL_USER + value: {{ properties['dbUser'] }} + - name: SQL_INTERNAL_PASSWORD + value: {{ properties['dbPass'] }} + - name: SQL_INTERNAL_DATABASE + value: graphcool + - name: SQL_INTERNAL_CONNECTION_LIMIT + value: 10 + - name: JAVA_OPTS + value: {{ properties['jvmOpts'] }} + - name: CLUSTER_ADDRESS + value: {{ properties['clusterAddress'] }} + - name: SCHEMA_MANAGER_SECRET + value: notrequired + - name: BUGSNAG_API_KEY + value: "" diff --git a/gcp/prisma_service.jinja.schema b/gcp/prisma_service.jinja.schema new file mode 100644 index 0000000..0180ce3 --- /dev/null +++ b/gcp/prisma_service.jinja.schema @@ -0,0 +1,41 @@ +info: + title: Prisma Service + author: Aric Beagley + description: | + Creates the proper concepts for the created prisma-cluster in order to run a GCP hosted prisma cluster + +required: + - dbHost + - dbUser + - dbPassword + +properties: + dbHost: + description: The MySQL database host for Prisma to consume + type: string + + dbPort: + type: integer + description: The MySQL database port for Prisma to consume + default: 3306 + + dbUser: + description: The MySQL database user for Prisma to consume + type: string + + dbPassword: + description: The MySQL database password for Prisma to consume + type: string + + jvmOpts: + description: The JVM options passed to prisma. For example, change this value when changing the memory parameter. Max heap memory (Xmx) should be roughly two thirds of the total memory. + type: String + default: '-Xmx1350m' + + clusterAddress: + description: The url or ip of your public service that connects to the Prisma nodes + type: String + + clusterPublicKey: + description: The RSA public key you want to secure your cluster with. Omitting leads to your cluster deployment and introspection endpoints being unsecured. + type: String \ No newline at end of file diff --git a/gcp/prisma_service.yml b/gcp/prisma_service.yml new file mode 100644 index 0000000..e69de29