-
Notifications
You must be signed in to change notification settings - Fork 1
Configure the backend
The last step is to configure our backend. The backend contains a configuration file in configs/appconfig.json. The file contains relative paths so it is important to execute the application with the repository root as working directory, as written in the ReadMe.md file.
The config file contains a section called kubernetes with several fields that needs to be configured.
...
"kubernetes": {
"server": "https://192.168.80.129:51999",
"certificate-authority": "C:\\Users\\Chris\\Documents\\GoLang\\minikube_vm\\ca.crt",
"nginx": {
"namespace": "kube-system",
"tcp_config_map_name": "tcp-services",
"deployment_name": "ingress-nginx-controller",
"container_name": "controller"
},
"operators": {
"postgres": {
"pgo_url": "https://ingress.local:51998",
"pgo_username": "admin",
"pgo_password": "examplepassword",
"pgo_version": "4.6.2",
"pgo_ca_path": "C:\\Users\\Chris\\Documents\\GoLang\\minikube_vm\\pgo_cert.cer"
}
}
},
...| Field | Description | Where to find? | Example value |
|---|---|---|---|
| server | Kubernetes address | kubeconfig file | https://192.168.80.129:51999 |
| certificate-authority | Kubernetes CA file path | kubeconfig file | /home/chris/.minikube/ca.crt |
| nginx.namespace | Namespace of the nginx deployment | kubectl get namespaces | kube-system |
| nginx.tcp_config_map_name | Name of the nginx config map for tcp settings within the nginx namespace | kubectl get configmaps -n $NGINX_NAMESPACE | tcp-services |
| nginx.deployment_name | Name of the nginx deployment within the nginx namespace | kubectl get deployments -n $NGINX_NAMESPACE | ingress-nginx-controller |
| nginx.container_name | Name of the container-field within the nginx deployment where the port should be added | kubectl get deployments -n $NGINX_NAMESPACE $NGINX_DEPLOYMENT -o yaml | controller |
| operators.postgres.pgo_url | Address of the pgo operator | kubectl get ingress -n pgo | https://ingress.local:51998 |
| operators.postgres.pgo_username | Username of the pgo operator | Configured with InstallPostgressOperatorIngress.sh script | admin |
| operators.postgres.pgo_password | Password of the pgo operator | Configured with InstallPostgressOperatorIngress.sh script | examplepassword |
| operators.postgres.pgo_version | Version of the pgo operator | Navigating to $PGO_URL/version | 4.6.2 |
| operators.postgres.pgo_ca_path | Filepath to the ca certificate of the operator | I.e. export by navigating to $PGO_URL/version with a browser and export with the browser tools | /home/pgo/cert.cer |
If you have the certifcate data within your kubeconfig file, you have to extract and base64 decode it. This can be done using the following command:
cat ~/.kube/config | grep certificate-authority-data | awk -F ': ' '{print $2}' | base64 -d > ca.crtIn the previous step we created a user with prefix KUB_TEMP_PREFIX user0 which results in the following kubernetes ressources:
- A namespace called
user0-namespace - A clusterrole called
user0-role - A serviceaccount called
user0-user - A clusterrolebinding called
user0-clusterrolebinding
In order to add the user to the configuration we have to readout the service-account token first. The token can be printed by using the following command:
kubectl -n $KUB_TEMP_PREFIX-namespace describe secret $(kubectl -n $KUB_TEMP_PREFIX-namespace get secret | (grep $KUB_TEMP_PREFIX-user || echo "$_") | awk '{print $1}') | grep token: | awk '{print $2}'The last step is to create an user object in the users array in the config file. The following example shows how this would look like:
...
"users": [
{
"name": "user0",
"password": "user0PlaintextPassword",
"kubernetes_access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Il9aV0F1RnNOSEV0VllHVWt3UmVPTFlGTWpFb1g2RHRCNzA2TVRsV2NLRlkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi14N2Q3eCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjgyZDBjNTMyLTNhN2YtNGNlOC1hY2ZjLTNmY2Y3MDU5NWE2ZSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.DafDiqQFz1DSDQlF8XNDk20x7JCEsYWeAXYzxdVHNt5Q82ukbsYWhHvUTLP_paZO1KpfOokl-m-zjVncCaD8PltDdL-xFGqJuHZ-0qqK3S8jJEIaKNo4foXRmZA56I8UaubuulATKc-busblViQ8MfLG9R0jmWWhqkQCTKWu1duiEx2E3QCZFL7WelkAi3XoEmYhHNAALERA03ZyItA1vkbHoHbA4-e8xZDOuGogBPqFWOWO30IXftRxGm1y8UX-JCqHhhG0BIAP_Jl9NzA_lXaV18wgTPSF2wcD5HSPHhJZ3U4fnu93Ojq0iqVtkJ_9uS83Sif6tOAKYXa1HWZzeA",
"kubernetes_namespace": "user0-namespace"
},
...
To start the application with the config file we have to pass the parameters start -c configs/appconfig.json. If your config file has relative paths, then ensure you have set the correct working directory for the application.
To start the application in the demo mode (without a real cluster) with the config file we have to pass the parameters demo -c configs/appconfig.json. If your config file has relative paths, then ensure you have set the correct working directory for the application.
The application can be build and executed using docker. The following commands will build and start the container:
docker build -t devoilapers-backend .
docker run --name devoilapers-backend -v /home/backendConfigDir/:/usr/src/app/configs -p 8080:8080 devoilapers-backendEnsure that you replace /home/backendConfigDir/ with a path to a directory which contains the configuration files. Ensure the app config file is named appconfig_docker.json. Be careful with relative paths as the working directory will be the repository root and not the configuration folder.