Skip to content

Instantly share code, notes, and snippets.

@tobybellwood

tobybellwood/Readme.md

Last active June 16, 2021 22:07
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save tobybellwood/6f2b7764eb27d77d796640e4ffad72d4 to your computer and use it in GitHub Desktop.
Save tobybellwood/6f2b7764eb27d77d796640e4ffad72d4 to your computer and use it in GitHub Desktop.
Download ZIP
Rough Lagoon2 instructions
Raw
Readme.md

Cloning the repo

To set up Lagoon 2 as easily as possible, use the lagoon-charts repository from the uselagoon organisation

git clone git@github.com:uselagoon/lagoon-charts.git
cd lagoon-charts

Setting up the cluster

Create the KinD cluster to host this Lagoon (NB other k8s are a WIP)

make create-kind-cluster

You can connect Lens/Octant/k9s up to this cluster, using the kubeconfig located at ~/.kube/config

Install the necessary charts and apps to support Lagoon

make install-test-cluster

Install Lagoon core and remote to the same cluster. Edit the true/false for services in the Makefile to enable UI&Webhooks etc

To proceed with this tutorial, edit the following services in the makefile

...
		--set ui.enabled=true \
		--set webhookHandler.enabled=true \
		--set webhookHandler.image.repository=testlagoon/webhookHandler \
		--set webhookHandler.image.tag=pr-2198 \
		--set webhooks2tasks.enabled=true \
		--set webhooks2tasks.image.repository=testlagoon/webhooks2tasks \
		--set webhooks2tasks.image.tag=pr-2198 \

Now install Lagoon with these settings

make install-lagoon

Install the test apparatus (this will also pre-fill the API database), and provide a service you can use later to interact with the API

make install-tests

At this stageEnsure that your kubectl is pointing at the lagoon namespace in the kind-kind cluster - kubectx and kubens are great tools for this

OPTIONAL - Run a test to make sure it works ok

make run-tests

Enable the services needed to interact with Lagoon

COnfiguring the following port forwards allows you to connect to the key Lagoon services from your local machine

kubectl port-forward -n lagoon svc/lagoon-core-keycloak 8080 &
kubectl port-forward -n lagoon svc/lagoon-core-api 7070:80 &
kubectl port-forward -n lagoon svc/lagoon-core-ui 6060:3000 &
kubectl port-forward -n lagoon svc/lagoon-core-ssh 2020 &

Configuring users and access

Log in to Keycloak administration console first at http://localhost:8080 - the username is admin and the password can be found by running:

kubectl get secret -n lagoon lagoon-core-keycloak -o jsonpath="{.data.KEYCLOAK_ADMIN_PASSWORD}" | base64 --decode

Once logged in, add a new user called lagoonadmin, add it to the admin role mapping and set the following secret as it's non-temporary password

kubectl get secret -n lagoon lagoon-core-keycloak -o jsonpath="{.data.KEYCLOAK_LAGOON_ADMIN_PASSWORD}" | base64 --decode

Sign out of the Keycloak admin console, and into the UI at http://localhost:6060, using the lagoonadmin user and password you just set, and you will see all the default projects created by the testing process.

GraphQL access

To interact with the API via GraphQL or Insomnia etc, you will need a token. To grant yourself a non-expiring one, use the script in the api-data-watcher-pusher

kubectl exec -n lagoon $(kubectl get pod -n lagoon | grep api-data-watcher-pusher | awk '{print $1}') -- python3 /home/create_jwt.py

Use this token as a bearer token, and http://localhost:7070/graphql as the URL in your GraphQL app

To see All the Projects in your Lagoon

query whatIsThereAlready {
  allProjects {
    id
    name
    gitUrl
    branches
    openshift {
      id
      name
    }
    envVariables {
      scope
      name
      value
    }
    environments {
      id
      name
      openshiftProjectName
      environmentType
    }
  }
}

To see all the Environments in your Lagoon

query whatIsThereAlready {
  allEnvironments {
    id
    project {
      name
      id
      branches
      gitUrl
      productionEnvironment
      developmentEnvironmentsLimit
    }
    name
    deployType
    deployBaseRef
    deployHeadRef
    deployTitle
    autoIdle
    environmentType
    openshiftProjectName
    updated
    created
    deleted
    route
    routes

    envVariables {
      id
      scope
      name
      value
    }
  }
}

At this point you'll have a fully working cluster - you can see the demo projects, but these projects won't actually deploy though, so we'll have to add our own. To achieve this, we can either push to the internal git registry, or provision a different one - Gitea works well for this purpose.

To install Gitea into the cluster

Run the following to add a Gitea namespace to the cluster, and configure Gitea inside it

helm upgrade \
  --install \
  --create-namespace \
  --namespace gitea \
  --set "gitea.config.server.SSH_DOMAIN=gitea-ssh.gitea.svc.cluster.local" \
  --set "gitea.config.server.ROOT_URL=http://localhost:10080" \
  --set "ingress.hosts=localhost:10080" \
  gitea \
  gitea-charts/gitea

You can then port-forward it's services to be able to use them

kubectl --namespace gitea port-forward gitea-0 10080:3000 &
kubectl --namespace gitea port-forward gitea-0 10022:22 &

Log in to the Gitea UI at http://localhost:10080, using the admin credentials from https://gitea.com/gitea/helm-chart/src/branch/master/values.yaml (gitea@local.domain / r8sA8CPHD9!bt6d )

Once logged in, add your public SSH key to the gitea_admin profile – this will allow you to push code to the gitea instance http://localhost:10080/user/settings/keys

Also add the Lagoon-test public key to the gitea_admin user

kubectl get secret -n lagoon lagoon-test -o jsonpath="{.data.GIT_AUTHORIZED_KEYS}" | base64 --decode

Add a default Gitea webhook to http://localhost:10080/admin/hooks - Use these settings - POST, application/json, All events, Active

Target URL - http://lagoon-core-webhook-handler.lagoon.svc.cluster.local:3000
POST, application/json, All events, Active

Add a new Repository to your Gitea - call it the same as the project you're working on (in our case the drupal-example-simple project)

Connect your IDE/Git Client etc to the Gitea instance:

git remote add gitea ssh://git@localhost:10022/gitea-admin/drupal-example-simple.git
git fetch gitea

Now you are not only connected to your external git server, you're also connected to the local gitea one - this will allow you to push real-world projects to your local Lagoon!

Don't push code yet though, you need to set up the project in Lagoon first!

Adding your project to Lagoon

To add a project from the local Gitea repo to Lagoon, you're going to need to add the private key matching the public key you added to Gitea. Use the private key that the lagoon-test uses for simplicity

kubectl get secret -n lagoon lagoon-test -o jsonpath="{.data.SSH_PRIVATE_KEY}" | base64 --decode

To populate the API with the new project, use the following GraphQL - remember to replace drupal-example-simple with whatever your project was called. If you add multiple projects, remember to change the id to be unique.

mutation {
  addProject(input: {
    name: "drupal-example-simple2"
    openshift: 2001
    developmentEnvironmentsLimit: 10
    gitUrl: "git@gitea-ssh.gitea.svc.cluster.local:gitea_admin/drupal-example-simple.git"
    activeSystemsTask: "lagoon_controllerJob"
    activeSystemsMisc: "lagoon_controllerMisc"
    activeSystemsDeploy: "lagoon_controllerBuildDeploy"
    activeSystemsRemove: "lagoon_controllerRemove"
    productionEnvironment: "main"
    privateKey: "<<REPLACE WITH SSH_PRIVATE_KEY"}) {
    id
    name
  }
}

Now that your project has been created, you can push code to the gitea repository, and it'll magically deploy correctly the first time, right?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment