/django-in-k8s

Primary LanguageHTML

django-in-k8s

This project demonstrates using docker and helm to deploy a django application to a k8s cluster.

The django project being used is https://github.com/shacker/gtd which is a full implemtation of https://github.com/shacker/django-todo application.

django-todo

Tools

  • ansible - build and deploy helm chart to k8s cluster

  • docker - container engine

  • helm - package k8s resources

  • helmfile - install multiple charts at once

  • podman - to install minikube in M1 Apple Chip Macbook

  • minikube - setup a basic k8s cluster

  • kubernetes - container orchestration

  • uWSGI - python server

  • Caddy - web server

  • Supervisord - to run uWSGI and Caddy

Requirement

Environment (Tested)

  • Apple M1
  • MacOS Monterey

Tools (Required)

Usage

Install Homebrew and Ansible

# Install Homebrew
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

# Install Ansible
brew install ansible

Run Ansible playbook to setup and deploy app into k8s cluster

# Run Ansible Script
cd ansible
ansible-playbook playbook.yaml | tee output.log

Enable Minikube loadbalancer

minikube tunnel

Access the webapp

Finally to access the webapp; headover to https://localhost

Cleanup

# Clear minikube
minikube delete --all --purge
# Stop Podman Machine
podman machine stop podman-machine-default
# Remove Podman Machine
podman machine rm podman-machine-default

Development

Start docker-desktop on your computer then run the following command in your terminal

sudo docker-compose up --build -d

Todo

  • Run the application
  • Take settings from env
  • Dockerize the application for development
  • Docker compose for development mode
  • Postgres docker container for development
  • Setup k8s cluster using minikube
  • Dockerize the application for prod
  • Create a basic helm chart
  • Add a deployment for the django app
  • Install postgresql chart
  • Make postgresql chart volume persistent
  • Add config map and secrets for env
  • Add an nginx ingress controller
  • Install cert manager for self signed ssl key
  • Encrypt helm secrets
  • Write ansible task for generating trusted selfsigned CA cert
  • Write ansible task for installing all dependencies
  • Write ansible task for building docker image
  • Write ansible task for deploying helm chart

Notes

  • Instead of building the docker image in host system, the image is being built inside podman using minikube docker daemon. Although this significantly increases the build time, its a quick fix for avoiding M1/Arm architecture related issues.
  • Wanted to implement encryption of secrets in helm values, but thought maybe its not too important right now. implemented them as b64 encoded k8s secrets for now.
  • Automation of the steps are implemented as Ansible Tasks rather than roles for simplicities sake. Will change them to roles later on.