From d58d6fc2acede3f9762303e679b21f1cf34ab000 Mon Sep 17 00:00:00 2001 From: Anil Vishnoi Date: Wed, 25 Sep 2024 23:51:52 -0700 Subject: [PATCH 1/5] Move Kind deployment related menifests files to kind overlay directory Signed-off-by: Anil Vishnoi --- Makefile | 4 ++-- deploy/k8s/{ => overlays/kind}/kind-ingress.yaml | 0 deploy/k8s/{ => overlays/kind}/kind.yaml | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename deploy/k8s/{ => overlays/kind}/kind-ingress.yaml (100%) rename deploy/k8s/{ => overlays/kind}/kind.yaml (100%) diff --git a/Makefile b/Makefile index 841d791..8a63969 100644 --- a/Makefile +++ b/Makefile @@ -89,9 +89,9 @@ stop-dev-kind: check-kind ## Stop the Kind cluster to destroy the development en .PHONY: setup-kind setup-kind: check-kind check-kubectl stop-dev ## Create a Kind cluster with ingress enabled - $(CMD_PREFIX) kind create cluster --config ./deploy/k8s/kind.yaml + $(CMD_PREFIX) kind create cluster --config ./deploy/k8s/overlays/kind/kind.yaml $(CMD_PREFIX) kubectl cluster-info - $(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) apply -f ./deploy/k8s/kind-ingress.yaml + $(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) apply -f ./deploy/k8s/overlays/kind/kind-ingress.yaml .PHONY: wait-for-readiness wait-for-readiness: # Wait for operators to be ready diff --git a/deploy/k8s/kind-ingress.yaml b/deploy/k8s/overlays/kind/kind-ingress.yaml similarity index 100% rename from deploy/k8s/kind-ingress.yaml rename to deploy/k8s/overlays/kind/kind-ingress.yaml diff --git a/deploy/k8s/kind.yaml b/deploy/k8s/overlays/kind/kind.yaml similarity index 100% rename from deploy/k8s/kind.yaml rename to deploy/k8s/overlays/kind/kind.yaml From 899f1c0869bdc3cd4add7005563e4f17d74adabf Mon Sep 17 00:00:00 2001 From: Anil Vishnoi Date: Thu, 26 Sep 2024 00:02:53 -0700 Subject: [PATCH 2/5] Move qa deployment manifest under openshift/qa directory Signed-off-by: Anil Vishnoi --- Makefile | 27 ++++++++++--------- .../openshift/{ => qa}/certificate.yaml | 2 +- .../overlays/openshift/{ => qa}/issuer.yaml | 0 .../openshift/{ => qa}/kustomization.yaml | 0 4 files changed, 16 insertions(+), 13 deletions(-) rename deploy/k8s/overlays/openshift/{ => qa}/certificate.yaml (95%) rename deploy/k8s/overlays/openshift/{ => qa}/issuer.yaml (100%) rename deploy/k8s/overlays/openshift/{ => qa}/kustomization.yaml (100%) diff --git a/Makefile b/Makefile index 8a63969..d17b9dc 100644 --- a/Makefile +++ b/Makefile @@ -123,24 +123,27 @@ undeploy: ## Undeploy the InstructLab UI stack from a kubernetes cluster .PHONY: start-dev-kind ## Run the development environment on Kind cluster start-dev-kind: setup-kind deploy ## Setup a Kind cluster and deploy InstructLab UI on it -##@ OpenShift - UI deployment in OpenShift -.PHONY: deploy-openshift -deploy-openshift: ## Deploy the InstructLab UI on OpenShift +##@ OpenShift - UI prod and qa deployment on OpenShift +.PHONY: deploy-qa-openshift +deploy-qa-openshift: ## Deploy QA stack of the InstructLab UI on OpenShift $(CMD_PREFIX) if [ ! -f .env ]; then \ echo "Please create a .env file in the root of the project." ; \ exit 1 ; \ fi - $(CMD_PREFIX) yes | cp -rf .env ./deploy/k8s/overlays/openshift/.env - $(CMD_PREFIX) oc apply -k ./deploy/k8s/overlays/openshift + $(CMD_PREFIX) yes | cp -rf .env ./deploy/k8s/overlays/openshift/qa/.env + $(CMD_PREFIX) oc apply -k ./deploy/k8s/overlays/openshift/qa $(CMD_PREFIX) oc wait --for=condition=Ready pods -n $(ILAB_KUBE_NAMESPACE) --all -l app.kubernetes.io/part-of=ui --timeout=15m -.PHONY: redeploy-openshift -redeploy-openshift: deploy-openshift ## Redeploy the InstructLab UI on OpenShift +.PHONY: redeploy-qa-openshift +redeploy-qa-openshift: ## Redeploy QA stack of the InstructLab UI on OpenShift + $(CMD_PREFIX) oc -n $(ILAB_KUBE_NAMESPACE) rollout restart deploy/ui + $(CMD_PREFIX) oc -n $(ILAB_KUBE_NAMESPACE) rollout restart deploy/pathservice -.PHONY: undeploy-openshift -undeploy-openshift: ## Undeploy the InstructLab UI on OpenShift - $(CMD_PREFIX) oc delete -k ./deploy/k8s/overlays/openshift - $(CMD_PREFIX) if [ -f ./deploy/k8s/overlays/openshift/.env ]; then \ - rm ./deploy/k8s/overlays/openshift/.env ; \ + +.PHONY: undeploy-qa-openshift +undeploy-qa-openshift: ## Undeploy QA stack of the InstructLab UI on OpenShift + $(CMD_PREFIX) oc delete -k ./deploy/k8s/overlays/openshift/qa + $(CMD_PREFIX) if [ -f ./deploy/k8s/overlays/openshift/qa/.env ]; then \ + rm ./deploy/k8s/overlays/openshift/qa/.env ; \ fi diff --git a/deploy/k8s/overlays/openshift/certificate.yaml b/deploy/k8s/overlays/openshift/qa/certificate.yaml similarity index 95% rename from deploy/k8s/overlays/openshift/certificate.yaml rename to deploy/k8s/overlays/openshift/qa/certificate.yaml index 3d1d125..4fa9010 100644 --- a/deploy/k8s/overlays/openshift/certificate.yaml +++ b/deploy/k8s/overlays/openshift/qa/certificate.yaml @@ -8,7 +8,7 @@ spec: renewBefore: 360h0m0s subject: organizations: - - nexodus + - InstructLab privateKey: algorithm: RSA encoding: PKCS1 diff --git a/deploy/k8s/overlays/openshift/issuer.yaml b/deploy/k8s/overlays/openshift/qa/issuer.yaml similarity index 100% rename from deploy/k8s/overlays/openshift/issuer.yaml rename to deploy/k8s/overlays/openshift/qa/issuer.yaml diff --git a/deploy/k8s/overlays/openshift/kustomization.yaml b/deploy/k8s/overlays/openshift/qa/kustomization.yaml similarity index 100% rename from deploy/k8s/overlays/openshift/kustomization.yaml rename to deploy/k8s/overlays/openshift/qa/kustomization.yaml From ec06d30a5d37bdaddff3878f146f3133bacaf5fd Mon Sep 17 00:00:00 2001 From: Anil Vishnoi Date: Thu, 26 Sep 2024 00:14:42 -0700 Subject: [PATCH 3/5] Manifest files for production deployment of InstructLab UI stack Signed-off-by: Anil Vishnoi --- Makefile | 24 +++++++++ .../overlays/openshift/prod/certificate.yaml | 23 +++++++++ .../k8s/overlays/openshift/prod/issuer.yaml | 14 ++++++ .../openshift/prod/kustomization.yaml | 49 +++++++++++++++++++ .../overlays/openshift/qa/kustomization.yaml | 4 +- 5 files changed, 112 insertions(+), 2 deletions(-) create mode 100644 deploy/k8s/overlays/openshift/prod/certificate.yaml create mode 100644 deploy/k8s/overlays/openshift/prod/issuer.yaml create mode 100644 deploy/k8s/overlays/openshift/prod/kustomization.yaml diff --git a/Makefile b/Makefile index d17b9dc..0c52c2d 100644 --- a/Makefile +++ b/Makefile @@ -147,3 +147,27 @@ undeploy-qa-openshift: ## Undeploy QA stack of the InstructLab UI on OpenShift $(CMD_PREFIX) if [ -f ./deploy/k8s/overlays/openshift/qa/.env ]; then \ rm ./deploy/k8s/overlays/openshift/qa/.env ; \ fi + +.PHONY: deploy-prod-openshift +deploy-prod-openshift: ## Deploy production stack of the InstructLab UI on OpenShift + $(CMD_PREFIX) if [ ! -f .env ]; then \ + echo "Please create a .env file in the root of the project." ; \ + exit 1 ; \ + fi + + $(CMD_PREFIX) yes | cp -rf .env ./deploy/k8s/overlays/openshift/prod/.env + $(CMD_PREFIX) oc apply -k ./deploy/k8s/overlays/openshift/prod + $(CMD_PREFIX) oc wait --for=condition=Ready pods -n $(ILAB_KUBE_NAMESPACE) --all -l app.kubernetes.io/part-of=ui --timeout=15m + +.PHONY: redeploy-prod-openshift +redeploy-prod-openshift: ## Redeploy production stack of the InstructLab UI on OpenShift + $(CMD_PREFIX) oc -n $(ILAB_KUBE_NAMESPACE) rollout restart deploy/ui + $(CMD_PREFIX) oc -n $(ILAB_KUBE_NAMESPACE) rollout restart deploy/pathservice + + +.PHONY: undeploy-prod-openshift +undeploy-prod-openshift: ## Undeploy production stack of the InstructLab UI on OpenShift + $(CMD_PREFIX) oc delete -k ./deploy/k8s/overlays/openshift/prod + $(CMD_PREFIX) if [ -f ./deploy/k8s/overlays/openshift/prod/.env ]; then \ + rm ./deploy/k8s/overlays/openshift/prod/.env ; \ + fi diff --git a/deploy/k8s/overlays/openshift/prod/certificate.yaml b/deploy/k8s/overlays/openshift/prod/certificate.yaml new file mode 100644 index 0000000..9983311 --- /dev/null +++ b/deploy/k8s/overlays/openshift/prod/certificate.yaml @@ -0,0 +1,23 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: letsencrypt-ui +spec: + secretName: letsencrypt-ui + duration: 2160h0m0s + renewBefore: 360h0m0s + subject: + organizations: + - InstructLab + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 2048 + usages: + - server auth + - client auth + dnsNames: + - ui.instructlab.ai + issuerRef: + name: letsencrypt-ui + kind: Issuer diff --git a/deploy/k8s/overlays/openshift/prod/issuer.yaml b/deploy/k8s/overlays/openshift/prod/issuer.yaml new file mode 100644 index 0000000..18d1731 --- /dev/null +++ b/deploy/k8s/overlays/openshift/prod/issuer.yaml @@ -0,0 +1,14 @@ +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt-ui +spec: + acme: + email: avishnoi@redhat.com + privateKeySecretRef: + name: letsencrypt-ui-key + server: 'https://acme-v02.api.letsencrypt.org/directory' + solvers: + - http01: + ingress: + serviceType: ClusterIP diff --git a/deploy/k8s/overlays/openshift/prod/kustomization.yaml b/deploy/k8s/overlays/openshift/prod/kustomization.yaml new file mode 100644 index 0000000..3a5dd88 --- /dev/null +++ b/deploy/k8s/overlays/openshift/prod/kustomization.yaml @@ -0,0 +1,49 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: instructlab +resources: + - ../../base + - issuer.yaml + - certificate.yaml + +secretGenerator: +- name: ui-config + envs: + - .env + +patches: + - target: + kind: Ingress + name: ui + patch: |- + - op: replace + path: /spec/rules/0/http/paths/0/pathType + value: ImplementationSpecific + - op: replace + path: /spec/rules/0/http/paths/0/path + value: '' + - op: replace + path: /spec/rules/0/host + value: ui.instructlab.ai + - op: replace + path: /spec/tls/0/hosts/0 + value: ui.instructlab.ai + + # Override the UI image for Openshift production deployment + - target: + kind: Deployment + name: ui + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: quay.io/instructlab-ui/ui:v1.0.0-beta # Override this image if you want to use a different UI image + + # Override the pathservice image for Openshift production deployment + - target: + kind: Deployment + name: pathservice + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: quay.io/instructlab-ui/pathservice:v1.0.0-beta # Override this image if you want to use a different pathservice image + diff --git a/deploy/k8s/overlays/openshift/qa/kustomization.yaml b/deploy/k8s/overlays/openshift/qa/kustomization.yaml index 9848142..98f8e40 100644 --- a/deploy/k8s/overlays/openshift/qa/kustomization.yaml +++ b/deploy/k8s/overlays/openshift/qa/kustomization.yaml @@ -29,7 +29,7 @@ patches: path: /spec/tls/0/hosts/0 value: qa.ui.instructlab.ai - # Override the UI image for Openshift deployment + # Override the UI image for Openshift QA deployment - target: kind: Deployment name: ui @@ -38,7 +38,7 @@ patches: path: /spec/template/spec/containers/0/image value: quay.io/instructlab-ui/ui:main # Override this image if you want to use a different UI image - # Override the pathservice image for Openshift deployment + # Override the pathservice image for Openshift QA deployment - target: kind: Deployment name: pathservice From ae7b2c017bb91c8a3b3588888bfe1380327bde72 Mon Sep 17 00:00:00 2001 From: Anil Vishnoi Date: Thu, 26 Sep 2024 00:56:20 -0700 Subject: [PATCH 4/5] Add yaml lint targe to Makefile Signed-off-by: Anil Vishnoi --- Makefile | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Makefile b/Makefile index 0c52c2d..4a6ff5b 100644 --- a/Makefile +++ b/Makefile @@ -36,6 +36,16 @@ action-lint: ## Lint GitHub Action workflows fi $(CMD_PREFIX) actionlint -color +.PHONY: yaml-lint +yaml-lint: ## Lint yaml files + $(CMD_PREFIX) if ! which yamllint >/dev/null 2>&1; then \ + echo "Please install yamllint." ; \ + echo "See: https://yamllint.readthedocs.io/en/stable/quickstart.html" ; \ + exit 1 ; \ + fi + $(ECHO_PREFIX) printf " %-12s ./...\n" "[YAML LINT]" + $(CMD_PREFIX) yamllint -c .yamllint.yaml deploy --strict + ##@ Artifacts - Command to build and publish artifacts ui-image: Containerfile ## Build continaer image for the InstructLab UI $(ECHO_PREFIX) printf " %-12s Containerfile\n" "[docker]" From c6f63329ccb953a7a8924555fa7556985b0234db Mon Sep 17 00:00:00 2001 From: Anil Vishnoi Date: Thu, 26 Sep 2024 01:24:36 -0700 Subject: [PATCH 5/5] Fix yaml linting errors Signed-off-by: Anil Vishnoi --- deploy/k8s/base/ui/ingress.yaml | 6 +++--- deploy/k8s/overlays/kind/kustomization.yaml | 7 +++---- deploy/k8s/overlays/openshift/prod/kustomization.yaml | 9 ++++----- deploy/k8s/overlays/openshift/qa/kustomization.yaml | 9 ++++----- 4 files changed, 14 insertions(+), 17 deletions(-) diff --git a/deploy/k8s/base/ui/ingress.yaml b/deploy/k8s/base/ui/ingress.yaml index a539100..3d5f94b 100644 --- a/deploy/k8s/base/ui/ingress.yaml +++ b/deploy/k8s/base/ui/ingress.yaml @@ -4,9 +4,9 @@ metadata: name: ui spec: tls: - - hosts: - - localhost - secretName: letsencrypt-ui + - hosts: + - localhost + secretName: letsencrypt-ui rules: - host: localhost http: diff --git a/deploy/k8s/overlays/kind/kustomization.yaml b/deploy/k8s/overlays/kind/kustomization.yaml index fca41c7..dfed567 100644 --- a/deploy/k8s/overlays/kind/kustomization.yaml +++ b/deploy/k8s/overlays/kind/kustomization.yaml @@ -5,9 +5,9 @@ resources: - ../../base secretGenerator: -- name: ui-config - envs: - - .env + - name: ui-config + envs: + - .env patches: - target: @@ -40,4 +40,3 @@ patches: - op: replace path: /spec/template/spec/containers/0/imagePullPolicy value: Always - diff --git a/deploy/k8s/overlays/openshift/prod/kustomization.yaml b/deploy/k8s/overlays/openshift/prod/kustomization.yaml index 3a5dd88..64526af 100644 --- a/deploy/k8s/overlays/openshift/prod/kustomization.yaml +++ b/deploy/k8s/overlays/openshift/prod/kustomization.yaml @@ -2,14 +2,14 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: instructlab resources: - - ../../base + - ../../../base - issuer.yaml - certificate.yaml secretGenerator: -- name: ui-config - envs: - - .env + - name: ui-config + envs: + - .env patches: - target: @@ -46,4 +46,3 @@ patches: - op: replace path: /spec/template/spec/containers/0/image value: quay.io/instructlab-ui/pathservice:v1.0.0-beta # Override this image if you want to use a different pathservice image - diff --git a/deploy/k8s/overlays/openshift/qa/kustomization.yaml b/deploy/k8s/overlays/openshift/qa/kustomization.yaml index 98f8e40..93e905d 100644 --- a/deploy/k8s/overlays/openshift/qa/kustomization.yaml +++ b/deploy/k8s/overlays/openshift/qa/kustomization.yaml @@ -2,14 +2,14 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: instructlab resources: - - ../../base + - ../../../base - issuer.yaml - certificate.yaml secretGenerator: -- name: ui-config - envs: - - .env + - name: ui-config + envs: + - .env patches: - target: @@ -46,4 +46,3 @@ patches: - op: replace path: /spec/template/spec/containers/0/image value: quay.io/instructlab-ui/pathservice:main # Override this image if you want to use a different pathservice image -