Details
-
Type:
Story
-
Status: Done
-
Resolution: Done
-
Fix Version/s: None
-
Component/s: Stack Documentation and UX
-
Labels:
-
Story Points:11.6
-
Epic Link:
-
Team:SQuaRE
Description
ltd-keeper should be deployed as a Docker container as a best practice for maintainable cloud microservices.
This involves writing a Dockerfile committed to the ltd-keeper repo and demonstrating that the container can be stood up on Google Container Engine.
I plan on use data-containers attached to the service’s container to maintain the sqlite DB. This ticket should document how to operate ltd-keeper and apply updates to both the ltd-keeper app and DB migrations..
This ticket also involves initial overhead in researching Docker/Kubernetes.
Attachments
Issue Links
Activity
Created a Google Cloud Platform account for SQuaRE (creds in 1Password)- Got the node.js tutorial to work but had issues with tutorials hosted by Google itself, such as the Wordpress with persistent storage tutorial. I think now that I was having trouble getting my pods scheduled on the cluster.
Question of how to do TLS termination in a Kubernetes service load balancer. Options are:
1. Use a Compute Engine load balancer with HTTPS - https://cloud.google.com/compute/docs/load-balancing/http/
2. Add an Nginx pod that does TLS termination - e.g. https://github.com/GoogleCloudPlatform/kube-jenkins-imager
3. Use the new Ingress Resource features of Kubernetes 1.2 - http://kubernetes.io/docs/user-guide/ingress/ Here the Ingress resource would sit in front of the load balancing service.
If the Ingress resource living on a node dies and get’s rescheduled, will the new Ingress resource have a different external IP? How can this be made to work with AWS Route 53 DNS (e.g., for a ltd-keeper.lsst.io domain to serve the API)
The documentation is notes that the TLS ingress controller will use a "static" IP. https://github.com/kubernetes/contrib/blob/master/ingress/controllers/gce/BETA_LIMITATIONS.md#static-and-ephemeral-ips I presume that means the IP will persistence across controller restarts?
My preference would be to go the pure kubernetes path, if feasible. On the basis that, In theory, it should be fairly painless to move between kubernetes clusters. My second choice would be to use a GCE loadbalancer, as this would likely require less fiddling than a DIY solution.
There are two branches to look at here:
1. https://github.com/lsst-sqre/ltd-keeper/pull/5 for the main Kubernetes deployment
2. https://github.com/lsst-sqre/nginx-python-docker/pull/1 for the uWSGI container
We can talk about this at the Thursday meeting so I can run you through it.
This ticket was presented at the SQuaRE group meeting and signed-off. Future tickets will touch upon code improvements to the deployment practices or codebase.