I have tried two ways to deploy to my k8s cluster in GKE when I was building a backend using undertow and rest-easy.
- Kubectl
- Helm + Tillerless
Kubectl
Kubectl is the simplest way to do. This was my first approach as well. The main drawback I found with this approach was - there was no easy way to pass the variables to deployment.yaml file
I am using gitlab for my deployment. So, I’ll share what I experienced in that env. Here’s what my final deploy task looks like
deploy:
stage: deploy
image: registry.gitlab.com/gitlab-examples/kubernetes-deploy
environment:
test
script:
# point to the k8s cluster you want to deploy to
- kubectl config set-cluster ${CLUSTER_NAME} —server="${KUBE_URL}" --certificate-authority="${KUBE_CA_PEM_FILE}"
# set credentials to give the command line authority to push
- kubectl config set-credentials gitlab --token="${KUBE_TOKEN}"
# tell it to which namespace you want to push to
- kubectl config set-context default --cluster=${CLUSTER_NAME} --user=gitlab --namespace="${KUBE_NAMESPACE}"
- kubectl config use-context default
# see if everything Is setup fine
- kubectl config view
# now push.….
- kubectl apply -f deployment.yamlBefore running this, make sure that your cluster has access to pull images from your docker registry.
Since my images are stored in the gitlab ‘s docker registry, I needed to give access to GKE to pull down image from there.
- kubectl create secret docker-registry gitlab-auth --docker-server=https://registry.gitlab.com --docker-username=${CI_DEPLOY_USER} --docker-password=${CI_DEPLOY_PASSWORD} --docker-email=${GITLAB_USER_EMAIL}then also needed to add this to the deployment.yaml file
imagePullSecrets:
- name: gitlab-authNow going back to the task, the script is very straightforward. It does the setup for the kubernetes command line to talk to your prod k8s cluster. See the comments inline to to get an overview of what each line does.
Helm + Tillerless
I needed to pass in the name of the image and other env variables to the deployment.yaml file. So it took me a while to get a solution with helm working. I am very glad I found https://rimusz.net/tillerless-helm to help with.
For those who are as new as I was - Helm is the kubernetes package manager. Tiller is the server component that runs inside your k8s cluster.
I never really liked the idea of install something on the server side in order to be able to deploy. Then came across a plugin that will make tiller run outside cluster.
You should spend some time reading Helm documentation to understand how Helm Charts work. I had to add 3 files:
- Chart.yaml - defines the name and the version of the helm chart
- values.yaml - default values for the env variables you want to pass.
- .helmignore - This will ignore files to copy. Helm has a max file size it will copy over for deployment. Use this file to ignore the files you don’t need. This is like a .gitignore file.
Chart.yaml
apiVersion: v1
name: test-chart
version: 0.0.1values.yaml
image:
tag: latest
mysql:
hostname: localhost
user: root
pwd: pwd
aes:
secretkey: abc
salt: abcThis is what my final deployment script looked like.
deploy:
stage: deploy
image: dtzar/helm-kubectl
environment:
test
variables:
CLUSTER_NAME: test-cluster
script:
- kubectl config set-cluster ${CLUSTER_NAME} --server="${KUBE_URL}" --certificate-authority="${KUBE_CA_PEM_FILE}"
- kubectl config set-credentials gitlab --token="${KUBE_TOKEN}"
- kubectl config set-context default --cluster=${CLUSTER_NAME} --user=gitlab --namespace="${KUBE_NAMESPACE}"
- kubectl config use-context default
- kubectl config view
- helm version --client
- helm init --client-only
- helm plugin install https://github.com/rimusz/helm-tiller
- helm tiller start-ci
- export HELM_HOST=localhost:44134
- helm ls
- helm upgrade test-chart ./ --install --namespace="${KUBE_NAMESPACE}" --set image.tag=${CI_COMMIT_SHORT_SHA} --set mysql.hostname=${MYSQL_HOSTNAME} --set mysql.user=${MYSQL_USER} --set mysql.pwd=${MYSQL_PWD} --set aes.secretkey=${AES_SECRETKEY} --set aes.salt=${AES_SALT}
- helm tiller stopHope this saves you some time in learning how to deploy your application to GKE. This is just a start, if you choose to use Helm, definitely do read the documentation.