Skip to content

Commit

Permalink
ci: migrate to application suite
Browse files Browse the repository at this point in the history
  • Loading branch information
@idoshamun
idoshamun committed Sep 14, 2022
1 parent 91eafca commit 4922d7f
Show file tree
Hide file tree
Showing 2 changed files with 491 additions and 203 deletions.
274 changes: 145 additions & 129 deletions .infra/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,12 @@
import * as gcp from '@pulumi/gcp';
import {
config,
createK8sServiceAccountFromGCPServiceAccount,
createMigrationJob,
createServiceAccountAndGrantRoles,
k8sServiceAccountToIdentity,
getImageTag,
createKubernetesSecretFromRecord,
createAutoscaledExposedApplication,
convertRecordToContainerEnvVars,
getMemoryAndCpuMetrics,
createAutoscaledApplication, getPubSubUndeliveredMessagesMetric, getFullSubscriptionLabel, createPubSubCronJobs,
getVpcNativeCluster, gracefulTerminationHook
createPubSubCronJobs,
deployApplicationSuite
} from '@dailydotdev/pulumi-common';
import {Input, ProviderResource, Resource} from '@pulumi/pulumi';
import {Input} from '@pulumi/pulumi';

const imageTag = getImageTag();
const name = 'monetization';
Expand All @@ -33,11 +26,6 @@ const {namespace} = config.requireObject<{ namespace: string }>('k8s');

const envVars = config.requireObject<Record<string, string>>('env');

const containerEnvVars = convertRecordToContainerEnvVars({
secretName: name,
data: envVars,
});

const image = `gcr.io/daily-ops/daily-${name}:${imageTag}`;

const apiLimits: Input<{
Expand All @@ -59,117 +47,117 @@ const probe = {
initialDelaySeconds: 5,
};

const deployKubernetesResources = (name: string, isPrimary: boolean, {
provider,
resourcePrefix = '',
}: { provider?: ProviderResource; resourcePrefix?: string } = {}): void => {
createKubernetesSecretFromRecord({
data: envVars,
resourceName: `${resourcePrefix}k8s-secret`,
name,
namespace,
provider,
});
// Create K8S service account and assign it to a GCP service account
const k8sServiceAccount = createK8sServiceAccountFromGCPServiceAccount(
`${resourcePrefix}${name}-k8s-sa`,
name,
namespace,
serviceAccount,
provider
);
new gcp.serviceaccount.IAMBinding(`${resourcePrefix}${name}-k8s-iam-binding`, {
role: 'roles/iam.workloadIdentityUser',
serviceAccountId: serviceAccount.id,
members: [k8sServiceAccountToIdentity(k8sServiceAccount)],
});

const deploymentDependsOn: Input<Resource>[] = [];
if (isPrimary) {
const migrationJob = createMigrationJob(
`${name}-migration`,
namespace,
image,
['/main', 'migrate'],
containerEnvVars,
k8sServiceAccount,
{provider, resourcePrefix},
);
deploymentDependsOn.push(migrationJob);
}

createAutoscaledApplication({
resourcePrefix: `${resourcePrefix}bg-`,
name: `${name}-bg`,
namespace,
version: imageTag,
serviceAccount: k8sServiceAccount,
containers: [
{
name: 'app',
image,
args: ['/main', 'background'],
env: containerEnvVars,
resources: {
requests: bgLimits,
limits: bgLimits,
},
},
],
minReplicas: 1,
maxReplicas: 4,
metrics: [{
external: {
metric: {
name: getPubSubUndeliveredMessagesMetric(),
selector: {
matchLabels: {
[getFullSubscriptionLabel('app')]: name,
},
},
},
target: {
type: 'Value',
averageValue: '20',
},
},
type: 'External',
}],
deploymentDependsOn,
provider,
});

createAutoscaledExposedApplication({
resourcePrefix,
name,
namespace: namespace,
version: imageTag,
serviceAccount: k8sServiceAccount,
containers: [
{
name: 'app',
image,
ports: [{name: 'http', containerPort: 3000, protocol: 'TCP'}],
readinessProbe: probe,
livenessProbe: probe,
env: [
...containerEnvVars,
{name: 'PORT', value: '3000'},
{name: 'ENV', value: 'PROD'},
],
resources: {
requests: apiLimits,
limits: apiLimits,
},
lifecycle: gracefulTerminationHook(),
},
],
maxReplicas: 10,
metrics: getMemoryAndCpuMetrics(),
deploymentDependsOn,
provider,
});
}
// const deployKubernetesResources = (name: string, isPrimary: boolean, {
// provider,
// resourcePrefix = '',
// }: { provider?: ProviderResource; resourcePrefix?: string } = {}): void => {
// createKubernetesSecretFromRecord({
// data: envVars,
// resourceName: `${resourcePrefix}k8s-secret`,
// name,
// namespace,
// provider,
// });
// // Create K8S service account and assign it to a GCP service account
// const k8sServiceAccount = createK8sServiceAccountFromGCPServiceAccount(
// `${resourcePrefix}${name}-k8s-sa`,
// name,
// namespace,
// serviceAccount,
// provider
// );
// new gcp.serviceaccount.IAMBinding(`${resourcePrefix}${name}-k8s-iam-binding`, {
// role: 'roles/iam.workloadIdentityUser',
// serviceAccountId: serviceAccount.id,
// members: [k8sServiceAccountToIdentity(k8sServiceAccount)],
// });
//
// const deploymentDependsOn: Input<Resource>[] = [];
// if (isPrimary) {
// const migrationJob = createMigrationJob(
// `${name}-migration`,
// namespace,
// image,
// ['/main', 'migrate'],
// containerEnvVars,
// k8sServiceAccount,
// {provider, resourcePrefix},
// );
// deploymentDependsOn.push(migrationJob);
// }
//
// createAutoscaledApplication({
// resourcePrefix: `${resourcePrefix}bg-`,
// name: `${name}-bg`,
// namespace,
// version: imageTag,
// serviceAccount: k8sServiceAccount,
// containers: [
// {
// name: 'app',
// image,
// args: ['/main', 'background'],
// env: containerEnvVars,
// resources: {
// requests: bgLimits,
// limits: bgLimits,
// },
// },
// ],
// minReplicas: 1,
// maxReplicas: 4,
// metrics: [{
// external: {
// metric: {
// name: getPubSubUndeliveredMessagesMetric(),
// selector: {
// matchLabels: {
// [getFullSubscriptionLabel('app')]: name,
// },
// },
// },
// target: {
// type: 'Value',
// averageValue: '20',
// },
// },
// type: 'External',
// }],
// deploymentDependsOn,
// provider,
// });
//
// createAutoscaledExposedApplication({
// resourcePrefix,
// name,
// namespace: namespace,
// version: imageTag,
// serviceAccount: k8sServiceAccount,
// containers: [
// {
// name: 'app',
// image,
// ports: [{name: 'http', containerPort: 3000, protocol: 'TCP'}],
// readinessProbe: probe,
// livenessProbe: probe,
// env: [
// ...containerEnvVars,
// {name: 'PORT', value: '3000'},
// {name: 'ENV', value: 'PROD'},
// ],
// resources: {
// requests: apiLimits,
// limits: apiLimits,
// },
// lifecycle: gracefulTerminationHook(),
// },
// ],
// maxReplicas: 10,
// metrics: getMemoryAndCpuMetrics(),
// deploymentDependsOn,
// provider,
// });
// }

const jobs = createPubSubCronJobs(name, [{
name: 'delete-old-tags',
Expand Down Expand Up @@ -213,6 +201,34 @@ new gcp.pubsub.Subscription(`${name}-sub-new-ad`, {
},
});

const vpcNativeProvider = getVpcNativeCluster();
deployKubernetesResources(name, true);
deployKubernetesResources(name, false, {provider: vpcNativeProvider.provider, resourcePrefix: 'vpc-native-'});
// const vpcNativeProvider = getVpcNativeCluster();
// deployKubernetesResources(name, true);
// deployKubernetesResources(name, false, {provider: vpcNativeProvider.provider, resourcePrefix: 'vpc-native-'});

deployApplicationSuite({
name,
namespace,
image,
imageTag,
serviceAccount,
secrets: envVars,
migration: {
args: ['/main', 'migrate']
},
apps: [{
port: 3000,
env: [{name: 'PORT', value: '3000'}, {name: 'ENV', value: 'PROD'}],
maxReplicas: 10,
limits: apiLimits,
readinessProbe: probe,
metric: {type: 'memory_cpu', cpu: 70},
createService: true,
}, {
nameSuffix: 'bg',
args: ['/main', 'background'],
minReplicas: 1,
maxReplicas: 4,
limits: bgLimits,
metric: {type: 'pubsub', labels: {app: name}, targetAverageValue: 20},
}],
});
Loading

0 comments on commit 4922d7f

Please sign in to comment.