helm/wwwgmo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
wwwgmo/README.md

232 lines
6.9 KiB
Markdown
Raw Blame History

# wwwgmo stack
## Description
Examples site with nginx, phpfpm, mysql, phpmyadmin, elasticsearch and kibana
## Build environment
|**folders**|**description**|
|:---|:---|
|docker.sh|files to build the docker image|
|docker/mariadb|env file|
|docker/phpmyadmin|config for phpmyadmin|
|docker/nginx|config file|
|docker/php-fpm|files to create docker image|
|docker/elasticsearch|env file + script for elasticsearch|
|docker/kibana|env file|
|src|site source|
## Docker
### Global environment variables
Copy file ALL `.env.dist` to `.env`
Complete or modify the values according to your needs
### Build
The **docker.sh** script is use to manage docker image. See `./docker.sh -h` for more informations
#### Build image
```bash
./docker.sh build
```
or
```bash
./docker.sh build-no-cache
```
#### Build image multi-plaform (amd64 and amr64)
```bash
./docker.sh build-multi
```
or
```bash
./docker.sh build-multi-no-cache
```
### Start
```bash
./docker.sh start
```
#### Check
```bash
docker exec <COMPOSE_PROJECT_NAME>-mariadb-1 mysql -uroot -p<MYSQL_ROOT_PASSWORD> mysql -e 'SELECT user,host FROM mysql.user;'
```
```bash
docker exec <COMPOSE_PROJECT_NAME>-elasticsearch-1 curl -u elastic:<ELASTIC_PASSWORD> http://elasticsearch:9200/_cluster/health?pretty
```
```bash
docker exec <COMPOSE_PROJECT_NAME>-php-fpm-1 curl -u elastic:<ELASTIC_PASSWORD> http://wwwgmo-elasticsearch:9200/_cluster/health?pretty
```
#### Access
https://<server_name>:<NGINX_PORT>
## kubernetes
|**folders**|**description**|
|:---|:---|
|deploy.sh|files to deploy on k8s or k3s (see ./deploy.s -h)|
|helm|Chart root folder|
|Chart.yaml|Charts file|
|values-configs.yml|configs file use for kubernetes manifest|
|values-secrets.yaml|secrets file for kubernetes manifet (Must be encrypted with sops in a production environment)|
|templates/elasticsearch|manifests for elasticsearch|
|templates/kibana|manifests for kibana|
|templates/mariadb|manifests for mariadb|
|templates/phpmyadmin|manifests for phpmyadmin|
|templates/php-fpm|manifest for php-fpm|
### Secret registry (regcred)
You need credential to pull an image from private registry.
Create or modify the secret
```bash
kubectl create secret docker-registry secret-regcred --dry-run=client \
--docker-server=https://index.docker.io/v1/ \
--docker-username=<username> \
--docker-password=<secret> \
--docker-email=<adress@sample.com> -o yaml > helm/template/secret-regcred.yaml
```
### Certificats
```bash
cat certs/tls.key | base64 -w0
```
copy the base64 result into file `values-secrets.yaml` in ssl_key key
```bash
cat certs/tls.crt | base64 -w0
```
copy the base64 result into file `values-config.yaml` in ssl_crt key
### Docker image version
In the `helm/Chart.yaml` file, the `appVersion` value must match the version of the docker image (see DOCKER_IMAGE_VERSION in the `.env` file and SITE_VERSION in the `docker/php-fpm/.env` file)
## Deployment by script
This is the recommended way
>This script builds the docker image based on the Kubernetes VM architecture (AMD64 or ARM64). At each deployment the minor version of the image is incremented by 1.
```bash
./deploy.md -n wwwgmo -k k3s
```
## Manual deployment
### Set kubesystem config
```bash
rm -f $HOME/.kube/config
```
for **k3s**
```bash
ln -s $HOME/.kube/k3s $HOST/.kube/config
```
for **k8s**
```bash
ln -s $HOST/.kube/k8s $HOST/.kube/config
```
### Set namespace and kube system
```bash
export NS=wwwgmo
export KUBE_SYS=k3s|k8s
```
### Test template
```bash
helm template $NS --set kube=$KUBE_SYS ./helm --values=./helm/values-configs.yaml --values=./helm/values-secrets.yaml --namespace $NS
```
### Chart deployment
```bash
helm upgrade $NS --set kube=$KUBE_SYS ./helm --install --atomic --cleanup-on-fail --values=./helm/values-configs.yaml --values=./helm/values-secrets.yaml --namespace $NS --create-namespace
```
## Remove
```bash
helm uninstall $NS -n $NS
kubectl delete namespaces $NS
```
## NOTES
### Cronjob
When we deploy manually (I do not why) you must trig manually the cronjob to make a DB backup to termine correctly the helm command
```bash
kubectl create job -n $NS --from=cronjob/cronjob-mariadb-backupdb dbbackup-$(date +%Y-%m-%d-%H-%M-%S)
```
## Database
Not necessary because created during deployment. We leave the procedure below for information
First export NS environment variable
```bash
export NS=<your_namespace>
```
You can use `createDBOnKube.sh` or create manually with below commands
#### Create user
```bash
kubectl -n $NS exec statefulset-mariadb-0 --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e \"CREATE USER 'gmo_db'@'%' IDENTIFIED BY '<dbPass>';\""
```
#### Check user
```bash
kubectl -n $NS exec statefulset-mariadb-0 --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e 'SELECT user,host FROM mysql.user;'"
```
#### Create database
```bash
kubectl -n $NS exec statefulset-mariadb-0 --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e \"CREATE DATABASE gmo_db;\""
```
#### Check database
```bash
kubectl -n $NS exec statefulset-mariadb-0 --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e 'SHOW DATABASES;'"
```
#### Grants access
```bash
kubectl -n $NS exec statefulset-mariadb-0 --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootpass> -e \"GRANT ALL PRIVILEGES ON gmo_db.* TO 'gmo_db'@'%';FLUSH PRIVILEGES;\""
```
#### Check grants
```bash
kubectl -n $NS exec statefulset-mariadb-0 --container mariadb -- /bin/bash -c "/usr/bin/mysql -u root -p<rootPass> -e \"SHOW GRANTS FOR 'gmo_db'@'%';\""
```
## Troubeshooting
### How to Fix "Pods stuck in Terminating status" Error
```bash
kubectl get pods --all-namespaces | grep Terminating | while read line; do
pod_name=$(echo $line | awk '{print $2}' ) \
name_space=$(echo $line | awk '{print $1}' ); \
kubectl delete pods $pod_name -n $name_space --grace-period=0 --force
done
```
## Sources
[Elasticsearch-PHP](https://www.elastic.co/guide/en/elasticsearch/client/php-api/current/index.html)
[Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/)
[MariaDB Statefulset](https://mariadb.org/create-statefulset-mariadb-application-in-k8s/)
[PHP-FPM, nginx, kubernetes and docker](https://matthewpalmer.net/kubernetes-app-developer/articles/php-fpm-nginx-kubernetes.html)
https://www.elastic.co/guide/en/elasticsearch/reference/8.18/docker.html
## Changelog
### 3.25 (2024-04-14)
**New features:**
* added elasticsearch and kibana
* added option `install` to script `docker.sh` to install php elasticserch module
* created `deploy.sh` script
**Fixed bugs:**
* problem with display environment var in php site
**Updated:**
* added new features in README.md
* added Changelog part in README.md
---
### 2.5 (2024-03-29)
**Fixed bugs:**
* fixed somes bugs
**New features:**
* posibility to deploy on k3s or k8s
**Updated:**
* updated README.md
---
### 1.0 (2024-03-01)
* Created from scratch
Reference in New Issue View Git Blame Copy Permalink