diff --git a/deploy/kubernetes/README.md b/deploy/kubernetes/README.md index 12e9c01..abf04ac 100644 --- a/deploy/kubernetes/README.md +++ b/deploy/kubernetes/README.md @@ -17,12 +17,17 @@ 4. A single job runner to run wrestlingdev background jobs. ## How do I update the app? -Each push to master updates the docker `prod` tag and also pushes a tag with the git hash. +First, be sure your secrets.yaml has all envs up to date. Then, make sure you get all manifest changes +1. Run `kubectl apply -f https://raw.githubusercontent.com/jcwimer/wrestlingApp/master/deploy/kubernetes/manifests/wrestlingdev.yaml` + +Each push to master updates the docker `prod` tag and also pushes a tag with the git hash. You will want to update to those tags. 1. Set the git hash as a variable `TAG=$(git rev-parse --verify HEAD)` 2. Update the wrestlingdev deployment tag `kubectl --record deployment.apps/wrestlingdev-app-deployment set image deployment.v1.apps/wrestlingdev-app-deployment wrestlingdev-app=jcwimer/wrestlingdev:${TAG}` 3. Update the wrestlingdev job runner tag `kubectl --record deployment.apps/wrestlingdev-worker-deployment set image deployment.v1.apps/wrestlingdev-worker-deployment wrestlingdev-worker=jcwimer/wrestlingdev:${TAG}` -4. Delete the db migrations job so you can re-run it `kubectl delete job wrestlingdev-db-create-migrate` -5. Re-run the db migrations job `kubectl apply -f deploy/kubernetes/manifests/db-migration.yaml` + +Finally, run db-migrations +1. Delete the db migrations job so you can re-run it `kubectl delete job wrestlingdev-db-create-migrate` +2. Re-run the db migrations job `kubectl apply -f https://raw.githubusercontent.com/jcwimer/wrestlingApp/master/deploy/kubernetes/manifests/db-migration.yaml` ## I'm a pro. What's bad about this? Right now, mariadb's root password comes from the secrets.yaml and wrestlingdev uses the root password to run. Ideally, you'd create another secret for mariadb's root password and you'd create a user specifically for wrestlingdev. diff --git a/deploy/kubernetes/manifests/db-migration.yaml b/deploy/kubernetes/manifests/db-migration.yaml index 2e49270..e278ddf 100644 --- a/deploy/kubernetes/manifests/db-migration.yaml +++ b/deploy/kubernetes/manifests/db-migration.yaml @@ -32,7 +32,10 @@ spec: - name: MEMCACHIER_SERVERS value: wrestlingdev-memcached:11211 - name: WRESTLINGDEV_DB_HOST - value: wrestlingdev-mariadb + valueFrom: + secretKeyRef: + name: wrestlingdev-secrets + key: dbhost - name: WRESTLINGDEV_DEVISE_SECRET_KEY valueFrom: secretKeyRef: diff --git a/deploy/kubernetes/manifests/wrestlingdev.yaml b/deploy/kubernetes/manifests/wrestlingdev.yaml index fedaf98..261a58a 100644 --- a/deploy/kubernetes/manifests/wrestlingdev.yaml +++ b/deploy/kubernetes/manifests/wrestlingdev.yaml @@ -57,7 +57,10 @@ spec: - name: MEMCACHIER_SERVERS value: wrestlingdev-memcached:11211 - name: WRESTLINGDEV_DB_HOST - value: wrestlingdev-mariadb + valueFrom: + secretKeyRef: + name: wrestlingdev-secrets + key: dbhost - name: WRESTLINGDEV_DEVISE_SECRET_KEY valueFrom: secretKeyRef: @@ -155,7 +158,10 @@ spec: - name: MEMCACHIER_SERVERS value: wrestlingdev-memcached:11211 - name: WRESTLINGDEV_DB_HOST - value: wrestlingdev-mariadb + valueFrom: + secretKeyRef: + name: wrestlingdev-secrets + key: dbhost - name: WRESTLINGDEV_DEVISE_SECRET_KEY valueFrom: secretKeyRef: diff --git a/deploy/kubernetes/secrets/secrets.yaml b/deploy/kubernetes/secrets/secrets.yaml index b2b3ec4..d84f6de 100644 --- a/deploy/kubernetes/secrets/secrets.yaml +++ b/deploy/kubernetes/secrets/secrets.yaml @@ -7,6 +7,7 @@ type: Opaque stringData: dbusername: root dbpassword: PUT_SECRET_HERE + dbhost: wrestlingdev-mariadb (if using the mariadb-standalone from this repo, otherwise use your hostname for your database) devisesecretkey: PUT_SECRET_HERE get from running rails secret railssecretkey: PUT_SECRET_HERE get from running rails secret emailpassword: PUT_EMAIL_PASSWORD_HERE