bhaweshksingh/byor-voting-infrastructure

BYOR-VotingApp [infrastructure]

Welcome to the repository for the infrastructure setup of BYOR-VotingApp!

You can find more information about the BYOR-VotingApp in the web-app Github repository.

Table Of Contents

Running BYOR-VotingApp locally

Deploy BYOR-VotingApp to AWS Lambda

• Prerequisites
• Setting up AWS
• Deploying the application
• Updating the application

Deploy BYOR-VotingApp to Kubernetes

• Provisioning AWS EKS Kubernetes cluster
  • Setting up AWS
  • Provisioning with Terraform
• Setting up an already provisioned cluster
• Deploying the application
• Updating the application
• HOWTOs
  • Access Kubernetes Dashboard
  • Validating certificate issuer
  • Generating certificates with Let's encrypt
  • How to manage secrets

How to contribute to the project

Running BYOR-VotingApp locally

1. install Docker
2. open the terminal
3. clone the project

   git clone https://github.com/thoughtworks/byor-voting-web-app.git

4. move into the project folder

   cd byor-voting-web-app

5. ⚠️ [TODO] startup web app, server, and a local MongoDB

   docker-compose up 

6. access the application on http://localhost:4200

Please refer to CONTRIBUTING.md for more options on running the web app locally.

Please refer to BYOR-VotingApp [server] Github repository for more options on running the server locally and connect to a MongoDB database.

Deploy BYOR-VotingApp to AWS Lambda

Prerequisites

• install GNU Bash
• install GNU Make
• install npm
• install AWS Command Line interface
• clone VotingApp [web-app]

git clone https://github.com/thoughtworks/byor-voting-web-app.git

• clone VotingApp [server]

git clone https://github.com/thoughtworks/byor-voting-server.git

Setting up AWS

• create a S3 bucket for deploying the web-app

if you want you can use aws/create_s3_bucket.sh script to perform the operation

• configure the S3 bucket to act as static contents' web server

Deploying the application

1. open terminal and login into AWS
2. 1. move into the VotingApp [server] project folder
3. get last updates

   git pull

4. install the required packages

   make install

5. deploy on AWS infrastructure via Serverless framework:

   make deploy

   By default, the target stage is dev, but, at the user prompt you can specify any other stages as target for the deployment.

   At the user prompt, you'll also have to enter your AWSkeys.

   For any stage, the following variables are expected toexist as parameters in AWS Systems Manager Parameter Store:

   • <stage>ByorMongoUri (secure): the fullURI to let the application connecting to MongoDB
   • <stage>ByorMongoUriAdmin (secure): thefull URI to perform admin operations on MongoDB (createdelete collections and indexes)
   • <stage>ByorMongoDbName: the mongo databasename

   After a successful deploy, pending database migrations(if any) are automatically run against the target stage'sdatabase.

6. take note of the backend url generated during deploy
7. move into the VotingApp [web-app] project folder
8. get last updates

   git pull

9. install the required packages

   make install

10. build the application for production

    make build

    The script will ask for the backend url, paste the value captured at step 6.

Please refer to BYOR-VotingApp [web-app] for more options about how to build for production

1. clear the existing content of the S3 bucket with:

   aws s3 rm s3://<your-bucket-name-here>/ --recursive

2. deploy the new files with:

   aws s3 cp dist/ng-build-your-own-radar s3://<your-bucket-name-here>/ --recursive

Updating the application

To update the web-app or the server, just repeat the steps above.

Deploy BYOR-VotingApp to Kubernetes

Provisioning AWS EKS Kubernetes cluster

• install AWS Command Line interface
• install aws-iam-authenticator
• install Terraform
• install kubectl

Setting up AWS

1. login into AWS console:
   • create programmatic access for provisioning resources using Terraform and attach the right EC2 policies.
   • configure AWS cli to interact with AWS
   • create EC2 keypair
   • create AMI
   • create S3 bucket to store Terraform state file

   if you want you can use aws/create_s3_bucket.sh script to perform the operation

   • set permission on S3 to ensure to be accessible only by your organization
2. inside terraform.tf
   • replace <terraform-state-storage> with the S3 bucket you create above
   • replace <region> with the AWS region of your choice
3. inside variable.tf
   • replace <AMI-ID> with the AMI ID
   • replace <keypair name> with the Keypair name
   • customize other settings for eks (e.g. node_instance_type) based on your needs.
4. inside terraform.tfvars replace <aws_access_key>, <aws_secret_key>,<aws_zones> with your AWS settings

Provisioning with Terraform

1. open terminal and login into AWS
2. move into the VotingApp [infrastructure] project folder
3. duplicate terraform template files to replace sample variables:

   cp terraform.tf.sample terraform.tf
   cp terraform.tfvars.sample terraform.tfvars
   cp variables.rf.sample variables.rf

4. if this is the first time you run terraform, execute:

   terraform init

5. review the plan outputs:

   terraform plan

6. if everything looks good, run:

   terraform apply

7. if everything looks good, run:

   terraform apply

8. to install Isto, Cert-Manager, Kiali secrets, and Let's encrypt secrets:

   source k8s/k8s_setup.sh

9. if you want to delete all the resources managed by terraform, run:

   terraform destroy

Setting up an already provisioned Kubernetes cluster

1. set the KUBECONFIG context

   export KUBECONFIG=<path-to-kubeconfig>
   echo "export KUBECONFIG=${KUBECONFIG}" >> ${HOME}/.bashrc

2. if you don't have already installed Isto, Cert-Manager, Kiali secrets, and Let's encrypt secrets, you can do it running:

   k8s/k8s_setup.sh

Deploying the application

1. install helm
2. add the repositories for web-app, server, and infrastructure

   helm repo add byor-voting-web-app https://raw.githubusercontent.com/thoughtworks/byor-voting-web-app/master/charts
   helm repo add byor-voting-server https://raw.githubusercontent.com/thoughtworks/byor-voting-server/master/charts
   helm repo add byor-voting-infrastructure https://raw.githubusercontent.com/thoughtworks/byor-voting-infrastructure/master/charts

3. deploy BYOR-VotingApp:

   helm install byor-voting-chart

Updating the application

To update the VotingApp, just repeat the step 3 above.

HOWTOs

Access Kubernetes Dashboard:

Admin Username : k8s-admin

1. get token

   kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep k8s-admin | awk '{print $1}')

2. run the proxy

   kubectl proxy`` command in provision machine.

3. access the dashboard at http://localhost:8001/api/v1/namespaces/kube-system/services/

Validating certificate issuer.

kubectl describe clusterissuer <cluster issuer name>
kubectl -n istio-system describe certificate <certificate name>

Access Kiali dashboard

kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=kiali -o jsonpath='{.items[0].metadata.name}') 20001:20001 &

Access Jaeger dashboard

⚠️ [TODO]

kubectl port-forward -n istio-system $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686:16686  &

Access Grafana dashboard

⚠️ [TODO]

kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 &

Generating certificates with Let's encrypt

⚠️ [TODO]

How to manage secrets

⚠️ [TODO]

How to contribute to the project

Please refer to CONTRIBUTING.md for all the information about how to contribute.