add fluxcd

This commit is contained in:
2022-08-17 18:13:21 +02:00
parent de5c9f7282
commit 9d7a7f7ea1
6 changed files with 57 additions and 44 deletions

View File

@@ -12,4 +12,7 @@ Main purpose of this projects is to have personal extensive API training on mult
* Proper seeder / faker for quick starting with filled DB
* Separated RW / RO database connections for maximizing performance between these 2 contexts
* Proper suited QA + production Dockerfile
* Complete CI/CD deployment on Kubernetes with [Concourse](https://concourse.okami101.io/)
* Complete CI on Kubernetes with [Concourse](https://concourse.okami101.io/)
* Automatic CD on Kubernetes using [Flux](https://fluxcd.io/)
See complete production deployment manifests [here](https://gitea.okami101.io/adr1enbe4udou1n/flux-source/src/branch/main/conduit), allowing **GitOps** management.

View File

@@ -1,4 +1,4 @@
[`Vue 3 TS`](https://vuejs.org/) implementation written with Composition API. Instead of using outdated [Bootstrap v4 alpha 2 theme](https://github.com/gothinkster/conduit-bootstrap-template), I rewrite it on [UnoCSS](https://github.com/unocss/unocss), an awesome efficient Tailwind-like utility-first CSS framework.
[`Vue 3 TS`](https://vuejs.org/) implementation written with Composition API. Instead of using outdated [Bootstrap v4 alpha 2 theme](https://github.com/gothinkster/conduit-bootstrap-template), I rewrite it on [UnoCSS](https://github.com/unocss/unocss), an awesome efficient Tailwind-like utility-first CSS framework, with Dark Mode support.
For API communication, as we have full proper OpenAPI spec, it's a real benefit to have a generated Typescript client for full autocompletion feature. I generally hate generated boilerplate code and the well known [OpenAPI Generator](https://github.com/OpenAPITools/openapi-generator) is not very nice to use.

View File

@@ -32,12 +32,14 @@ Mastering installations and maintenance of `Docker Swarm` or bare metal `Kuberne
* [`HAProxy`] for **high-availability** across multiple frontend workers
* [`Traefik`](https://traefik.io/traefik/) as main automatic service discovery / ingress controller
* [`cert-manager`](https://cert-manager.io/) as central certificate solution for Kubernetes cluster
* [`Portainer`](https://www.portainer.io/) as simple GUI for containers management
* [`Loki`](https://grafana.com/oss/loki/), [`Prometheus`](https://prometheus.io) and [`Jaeger`](https://www.jaegertracing.io/) as respective *logging*, *metrics* and *tracing* tools
* [`Grafana`](https://grafana.com) as GUI dashboard builder, designed for *Ops*
* [`Gitea`](https://gitea.io/) or [`GitLab`](https://about.gitlab.com/) as self-hosted *VCS*
* [`Drone CI`](https://www.drone.io/) or [`Concourse`](https://concourse-ci.org/) as both *CI/CD* solutions
* [`SonarQube`](https://www.sonarqube.org/) for automatic quality code scan
* [`Drone`](https://www.drone.io/) or [`Concourse`](https://concourse-ci.org/) as *CI* solutions
* [`Flux CD v2`](https://fluxcd.io/) as main *CD* solution for Kubernetes, allowing **GitOps** cluster management
I can install and manage primary-replica databases clusters, mainly [`PostgreSQL`](https://www.postgresql.org/) and [`MySQL`](https://www.mysql.com/fr/), whether bare-metal or cloud managed with Kubernetes (statefulsets), with Prometheus metrics exporters.
@@ -47,12 +49,20 @@ Have some experiences with many mid-range cloud providers as [Digital Ocean](htt
Some notes of this blog :
* Hosted on Hetzner Cloud
* Powered by [`Hugo`](https://gohugo.io/)
* Using **Hetzner Cloud** as cloud provider
* Hosted on bare-metal `Kubernetes` multi-nodes cluster, installed with `Terraform` and [`k0s`](https://k0sproject.io/) distribution
* **HA** setup using **Hetzner LB** and 2 worker nodes
* `Traefik` as reverse proxy, configured for HA 🛣️
* `cert-manager` with wildcard certificate 📜
* Source code on my own [`Gitea`](https://gitea.okami101.io/adr1enbe4udou1n/blog)
* Automatically deployed through my own [`Concourse`](https://concourse.okami101.io) instance
* Compiled by my own [`Concourse`](https://concourse.okami101.io) instance as a final docker container image into private registry (**CI** 🏗️)
* Automatically deployed by `Flux CD v2` to the Kubernetes cluster from [central Git source](https://gitea.okami101.io/adr1enbe4udou1n/flux-source/) (**CD** 🚀)
* Fully monitored by self-hosted Kube Prometheus Stack 📊
* Tracked with [`Matomo`](https://matomo.okami101.io/)
All the above tools are **self-hosted** on custom multi-nodes **bare metal** `Kubernetes` installed with [`k0s`](https://k0sproject.io/).
All above tools are 💯% self-hosted ! Just sadly missing my own Homelab with Proxmox because no fiber 😿
Seems [overkill](https://twitter.com/memenetes/status/1559208569588912132) ? Yeah, but why not ? I'm not able to write a single post without all that 😿
See some of [my open sourced works]({{< ref "works" >}} "Okami101 Works").

View File

@@ -17,8 +17,8 @@
<img src="/kube.png" width="30" height="30" alt="Kubernetes"
title="Run on bare metal Kubernetes on Hetzner Cloud" />
<a href="https://concourse.okami101.io/teams/main/pipelines/blog" target="_blank">
<img src="https://concourse.okami101.io/api/v1/teams/main/pipelines/blog/badge" />
<a href="https://concourse.okami101.io/teams/main/pipelines/okami-blog" target="_blank">
<img src="https://concourse.okami101.io/api/v1/teams/main/pipelines/okami-blog/badge" />
</a>
{{/* Copyright */}}

View File

@@ -10,7 +10,7 @@
"license": "MIT",
"devDependencies": {
"autoprefixer": "^10.4.8",
"postcss": "^8.4.14",
"tailwindcss": "^3.1.7"
"postcss": "^8.4.16",
"tailwindcss": "^3.1.8"
}
}

68
pnpm-lock.yaml generated
View File

@@ -2,13 +2,13 @@ lockfileVersion: 5.4
specifiers:
autoprefixer: ^10.4.8
postcss: ^8.4.14
tailwindcss: ^3.1.7
postcss: ^8.4.16
tailwindcss: ^3.1.8
devDependencies:
autoprefixer: 10.4.8_postcss@8.4.14
postcss: 8.4.14
tailwindcss: 3.1.7
autoprefixer: 10.4.8_postcss@8.4.16
postcss: 8.4.16
tailwindcss: 3.1.8
packages:
@@ -64,7 +64,7 @@ packages:
resolution: {integrity: sha512-PYjyFOLKQ9y57JvQ6QLo8dAgNqswh8M1RMJYdQduT6xbWSgK36P/Z/v+p888pM69jMMfS8Xd8F6I1kQ/I9HUGg==}
dev: true
/autoprefixer/10.4.8_postcss@8.4.14:
/autoprefixer/10.4.8_postcss@8.4.16:
resolution: {integrity: sha512-75Jr6Q/XpTqEf6D2ltS5uMewJIx5irCU1oBYJrWjFenq/m12WRRrz6g15L1EIoYvPLXTbEry7rDOwrcYNj77xw==}
engines: {node: ^10 || ^12 || >=14}
hasBin: true
@@ -72,11 +72,11 @@ packages:
postcss: ^8.1.0
dependencies:
browserslist: 4.21.3
caniuse-lite: 1.0.30001373
caniuse-lite: 1.0.30001378
fraction.js: 4.2.0
normalize-range: 0.1.2
picocolors: 1.0.0
postcss: 8.4.14
postcss: 8.4.16
postcss-value-parser: 4.2.0
dev: true
@@ -97,8 +97,8 @@ packages:
engines: {node: ^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7}
hasBin: true
dependencies:
caniuse-lite: 1.0.30001373
electron-to-chromium: 1.4.208
caniuse-lite: 1.0.30001378
electron-to-chromium: 1.4.222
node-releases: 2.0.6
update-browserslist-db: 1.0.5_browserslist@4.21.3
dev: true
@@ -108,8 +108,8 @@ packages:
engines: {node: '>= 6'}
dev: true
/caniuse-lite/1.0.30001373:
resolution: {integrity: sha512-pJYArGHrPp3TUqQzFYRmP/lwJlj8RCbVe3Gd3eJQkAV8SAC6b19XS9BjMvRdvaS8RMkaTN8ZhoHP6S1y8zzwEQ==}
/caniuse-lite/1.0.30001378:
resolution: {integrity: sha512-JVQnfoO7FK7WvU4ZkBRbPjaot4+YqxogSDosHv0Hv5mWpUESmN+UubMU6L/hGz8QlQ2aY5U0vR6MOs6j/CXpNA==}
dev: true
/chokidar/3.5.3:
@@ -159,8 +159,8 @@ packages:
resolution: {integrity: sha512-+HlytyjlPKnIG8XuRG8WvmBP8xs8P71y+SKKS6ZXWoEgLuePxtDoUEiH7WkdePWrQ5JBpE6aoVqfZfJUQkjXwA==}
dev: true
/electron-to-chromium/1.4.208:
resolution: {integrity: sha512-diMr4t69FigAGUk2KovP0bygEtN/9AkqEVkzjEp0cu+zFFbZMVvwACpTTfuj1mAmFR5kNoSW8wGKDFWIvmThiQ==}
/electron-to-chromium/1.4.222:
resolution: {integrity: sha512-gEM2awN5HZknWdLbngk4uQCVfhucFAfFzuchP3wM3NN6eow1eDU0dFy2kts43FB20ZfhVFF0jmFSTb1h5OhyIg==}
dev: true
/escalade/3.1.1:
@@ -236,8 +236,8 @@ packages:
binary-extensions: 2.2.0
dev: true
/is-core-module/2.9.0:
resolution: {integrity: sha512-+5FPy5PnwmO3lvfMb0AsoPaBG+5KHUI0wYFXOtYPnVVVspTFUuMZNfNaNVRt3FZadstu2c8x23vykRW/NBoU6A==}
/is-core-module/2.10.0:
resolution: {integrity: sha512-Erxj2n/LDAZ7H8WNJXd9tw38GYM3dv8rk8Zcs+jJuxYTW7sozH+SS8NtrSjVL1/vpLvWi1hxy96IzjJ3EHTJJg==}
dependencies:
has: 1.0.3
dev: true
@@ -324,29 +324,29 @@ packages:
engines: {node: '>=0.10.0'}
dev: true
/postcss-import/14.1.0_postcss@8.4.14:
/postcss-import/14.1.0_postcss@8.4.16:
resolution: {integrity: sha512-flwI+Vgm4SElObFVPpTIT7SU7R3qk2L7PyduMcokiaVKuWv9d/U+Gm/QAd8NDLuykTWTkcrjOeD2Pp1rMeBTGw==}
engines: {node: '>=10.0.0'}
peerDependencies:
postcss: ^8.0.0
dependencies:
postcss: 8.4.14
postcss: 8.4.16
postcss-value-parser: 4.2.0
read-cache: 1.0.0
resolve: 1.22.1
dev: true
/postcss-js/4.0.0_postcss@8.4.14:
/postcss-js/4.0.0_postcss@8.4.16:
resolution: {integrity: sha512-77QESFBwgX4irogGVPgQ5s07vLvFqWr228qZY+w6lW599cRlK/HmnlivnnVUxkjHnCu4J16PDMHcH+e+2HbvTQ==}
engines: {node: ^12 || ^14 || >= 16}
peerDependencies:
postcss: ^8.3.3
dependencies:
camelcase-css: 2.0.1
postcss: 8.4.14
postcss: 8.4.16
dev: true
/postcss-load-config/3.1.4_postcss@8.4.14:
/postcss-load-config/3.1.4_postcss@8.4.16:
resolution: {integrity: sha512-6DiM4E7v4coTE4uzA8U//WhtPwyhiim3eyjEMFCnUpzbrkK9wJHgKDT2mR+HbtSrd/NubVaYTOpSpjUl8NQeRg==}
engines: {node: '>= 10'}
peerDependencies:
@@ -359,17 +359,17 @@ packages:
optional: true
dependencies:
lilconfig: 2.0.6
postcss: 8.4.14
postcss: 8.4.16
yaml: 1.10.2
dev: true
/postcss-nested/5.0.6_postcss@8.4.14:
/postcss-nested/5.0.6_postcss@8.4.16:
resolution: {integrity: sha512-rKqm2Fk0KbA8Vt3AdGN0FB9OBOMDVajMG6ZCf/GoHgdxUJ4sBFp0A/uMIRm+MJUdo33YXEtjqIz8u7DAp8B7DA==}
engines: {node: '>=12.0'}
peerDependencies:
postcss: ^8.2.14
dependencies:
postcss: 8.4.14
postcss: 8.4.16
postcss-selector-parser: 6.0.10
dev: true
@@ -385,8 +385,8 @@ packages:
resolution: {integrity: sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==}
dev: true
/postcss/8.4.14:
resolution: {integrity: sha512-E398TUmfAYFPBSdzgeieK2Y1+1cpdxJx8yXbK/m57nRhKSmk1GB2tO4lbLBtlkfPQTDKfe4Xqv1ASWPpayPEig==}
/postcss/8.4.16:
resolution: {integrity: sha512-ipHE1XBvKzm5xI7hiHCZJCSugxvsdq2mPnsq5+UF+VHCjiBvtDrlxJfMBToWaP9D5XlgNmcFGqoHmUn0EYEaRQ==}
engines: {node: ^10 || ^12 || >=14}
dependencies:
nanoid: 3.3.4
@@ -420,7 +420,7 @@ packages:
resolution: {integrity: sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==}
hasBin: true
dependencies:
is-core-module: 2.9.0
is-core-module: 2.10.0
path-parse: 1.0.7
supports-preserve-symlinks-flag: 1.0.0
dev: true
@@ -446,8 +446,8 @@ packages:
engines: {node: '>= 0.4'}
dev: true
/tailwindcss/3.1.7:
resolution: {integrity: sha512-r7mgumZ3k0InfVPpGWcX8X/Ut4xBfv+1O/+C73ar/m01LxGVzWvPxF/w6xIUPEztrCoz7axfx0SMdh8FH8ZvRQ==}
/tailwindcss/3.1.8:
resolution: {integrity: sha512-YSneUCZSFDYMwk+TGq8qYFdCA3yfBRdBlS7txSq0LUmzyeqRe3a8fBQzbz9M3WS/iFT4BNf/nmw9mEzrnSaC0g==}
engines: {node: '>=12.13.0'}
hasBin: true
dependencies:
@@ -464,11 +464,11 @@ packages:
normalize-path: 3.0.0
object-hash: 3.0.0
picocolors: 1.0.0
postcss: 8.4.14
postcss-import: 14.1.0_postcss@8.4.14
postcss-js: 4.0.0_postcss@8.4.14
postcss-load-config: 3.1.4_postcss@8.4.14
postcss-nested: 5.0.6_postcss@8.4.14
postcss: 8.4.16
postcss-import: 14.1.0_postcss@8.4.16
postcss-js: 4.0.0_postcss@8.4.16
postcss-load-config: 3.1.4_postcss@8.4.16
postcss-nested: 5.0.6_postcss@8.4.16
postcss-selector-parser: 6.0.10
postcss-value-parser: 4.2.0
quick-lru: 5.1.1