Skip to content

hassonor/wiser

Repository files navigation

Nest Logo

A progressive Node.js framework for building efficient and scalable server-side applications.

NPM Version Package License NPM Downloads CircleCI Coverage Discord Backers on Open Collective Sponsors on Open Collective Support us

Description

GCP CI/CD Deployment with Kubernetes

*Note: anything like var it means you have to fill this with appropriate value:

1- Enable Google Container Registry API & Artifact Registry:

a. Create Repository for each service:

    i. Install gcloud cli

    ii. Initialize gcloud

    iii. Set project of gcloud to your project

    iv. gcloud authentication

b. Build & push images (e.g. reservations):

cd /apps/reservations/
docker build -t reservations -f ./Dockerfile ../../
docker tag reservations _reservations_repo_url_/production
docker image push _reservations_repo_url_/production

2- Automated CI/CD with Google CloudBuild:

a. Create cloudbuild.yaml file at your project’s root: each repository will have two steps:

    i. Build step

    ii. Push step

b. Set up a build trigger that pulls from your github repo and builds images using the latest changes on code.

3- Setup Kubernetes (locally)

a. Enable Kubernetes from Docker Desktop

b. Install "helm" as dependency manager for Kubernetes cluster

c. mkdir k8s directory, and: cd k8s/

d. Create a new HELM chart (e.g. named wiser):

helm create wiser

e. Create Deployments (pods) for each one of the services:

    i. Install kubectl if not exists.

    ii. Create deployment:

    kubectl create deployment reservations --image=_gcloud_image_url_ --dry-run=client -o yaml > ./wiser/templates/reservations/deployment.yaml

    iii. Install helm chart named "wiser":

    helm install wiser ./k8s/

    iv. Double check created pod with command:

    kubectl get pods

4- Enable local Kubernetes cluster to access Artifact Registry images:

a. Get API keys:

    i. Go to GCloud: "APIs & Services" -> credentials -> service account (Role: artifact registry reader)

    ii. Service account -> Keys -> Json -> create

b. Tell Kubernetes to use the JSON key file when pulling from GCR:

    i. Create Kubernetes secret:

    kubectl create secret docker-registry gcr-json-key --docker-server=_first_part_of_service_url_ --docker-username=_json_key --docker-password="$(cat _path_to_json_key_file_)" --docker-email=blabla@blac.com

    ii. Tell the "default" service-account, in GCP, to use this secret:

    kubectl patch serviceaccount default -p '{"imagePullSecrets": [ { "name": "gcr-json-key" } ] }'

    iii. Double Check:

    kubectl get pods

5- Create Kubernetes cluster services:

a. To create generic secrets for sensitive env vars to be used in services to use: (e.g. secret object "jwt" and variable "refreshToken" with value "blablabla")

    i. Create secret:

    kubectl create secret generic "jwt" --from-literal=refreshToken=blablabla

    ii. Update chart with command:

    helm upgrade wiser ./k8s/wiser

    iii. To update a current secret (e.g., google) for a service (e.g., notifications):

    kubectl edit secret google
    kubectl rollout restart deployment notifications
    kubectl get pods

b. Generate a service for a microservice (e.g. auth, ports exposed 3002/tcp, and 3001/http):

    i. Create two services, one for tcp, and one for http:

    kubectl create service clusterip "auth-tcp" --tcp=3002 --dry-run=client -o yaml > k8s/wiser/templates/auth/service-tcp.yaml
    kubectl create service nodeport auth-http --tcp=3001 --dry-run=client -o yaml > k8s/wiser/templates/auth/service-http.yaml

    ii. Update chart:

    helm upgrade wiser k8s/wiser

    iii. Double check with:

    kubectl get svc

6- To connect local machine to the online Google Kubernetes Engine’s cluster:

a. Get connect command from: GKE -> Clusters -> “Connect” Button , and then run it locally.

b. List all contexts (clusters) to copy the name of the GKE one:

kubectl config get-contexts

c. Switch to online GKE cluster:

kubectl config use-context _context_name_

Nest framework TypeScript starter repository.

Installation

$ pnpm install

Running the app

# development
$ pnpm run start

# watch mode
$ pnpm run start:dev

# production mode
$ pnpm run start:prod

Test

# unit tests
$ pnpm run test

# e2e tests
$ pnpm run test:e2e

# test coverage
$ pnpm run test:cov

Support

Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support by the amazing backers. If you'd like to join them, please read more here.

Stay in touch

License

Nest is MIT licensed.