diff --git a/charts/platform-code-test-app/Chart.yaml b/charts/platform-code-test-app/Chart.yaml new file mode 100644 index 0000000..3f0796c --- /dev/null +++ b/charts/platform-code-test-app/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: platform-code-test-app +description: Platform code test application +type: application +version: 0.1.0 +appVersion: "1.0" diff --git a/charts/platform-code-test-app/templates/deployment.yaml b/charts/platform-code-test-app/templates/deployment.yaml new file mode 100644 index 0000000..b2396d2 --- /dev/null +++ b/charts/platform-code-test-app/templates/deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.name }} + labels: + app: {{ .Values.name }} +spec: + selector: + matchLabels: + app: {{ .Values.name }} + template: + metadata: + labels: + app: {{ .Values.name }} + spec: + containers: + - name: app + image: {{ .Values.image.repository }} + resources: + limits: + cpu: {{ .Values.resources.limits.cpu | quote }} + memory: {{ .Values.resources.limits.memory }} + requests: + cpu: {{ .Values.resources.requests.cpu }} + memory: {{ .Values.resources.requests.memory }} + {{- if or .Values.db.host .Values.db.existingSecret }} + env: + {{- if .Values.db.host }} + - name: DB_HOST + value: {{ .Values.db.host | quote }} + {{- end }} + {{- if .Values.db.user }} + - name: DB_USER + value: {{ .Values.db.user | quote }} + {{- end }} + {{- if .Values.db.existingSecret }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.db.existingSecret }} + key: DB_PASSWORD + {{- end }} + {{- end }} diff --git a/charts/platform-code-test-app/templates/ingress.yaml b/charts/platform-code-test-app/templates/ingress.yaml new file mode 100644 index 0000000..e76b05d --- /dev/null +++ b/charts/platform-code-test-app/templates/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.name }} + annotations: + alb.ingress.kubernetes.io/subnets: {{ .Values.ingress.subnets }} + kubernetes.io/ingress.class: alb + alb.ingress.kubernetes.io/certificate-arn: {{ .Values.ingress.certificateArn }} + alb.ingress.kubernetes.io/security-groups: {{ .Values.ingress.securityGroupId }} + alb.ingress.kubernetes.io/scheme: internet-facing + alb.ingress.kubernetes.io/target-type: ip + alb.ingress.kubernetes.io/healthcheck-path: /healthcheck + alb.ingress.kubernetes.io/target-group-attributes: load_balancing.cross_zone.enabled=true +spec: + rules: + - http: + paths: + - path: /* + pathType: ImplementationSpecific + backend: + service: + name: {{ .Values.name }} + port: + number: 8080 diff --git a/charts/platform-code-test-app/templates/service.yaml b/charts/platform-code-test-app/templates/service.yaml new file mode 100644 index 0000000..10f5f15 --- /dev/null +++ b/charts/platform-code-test-app/templates/service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.name }} +spec: + selector: + app: {{ .Values.name }} + ports: + - port: 8080 + type: NodePort diff --git a/charts/platform-code-test-app/values.yaml b/charts/platform-code-test-app/values.yaml new file mode 100644 index 0000000..cb287a4 --- /dev/null +++ b/charts/platform-code-test-app/values.yaml @@ -0,0 +1,23 @@ +image: + repository: "" + +name: "" + +resources: + limits: + cpu: "0.5" + memory: 512Mi + requests: + cpu: 250m + memory: 512Mi + +ingress: + subnets: "" + certificateArn: "" + securityGroupId: "" + +db: + host: "" + user: "" + # Name of a Kubernetes Secret containing a DB_PASSWORD key + existingSecret: "" diff --git a/terraform/app_deployment.tf b/terraform/app_deployment.tf index 84d7d7f..6beb299 100644 --- a/terraform/app_deployment.tf +++ b/terraform/app_deployment.tf @@ -1,43 +1,23 @@ -resource "kubernetes_deployment" "app" { +resource "helm_release" "app" { depends_on = [ aws_eks_fargate_profile.apps_default, + helm_release.aws_load_balancer_controller, ] - metadata { - name = var.app_name - } + name = var.app_name + chart = "${path.module}/../charts/platform-code-test-app" - spec { - selector { - match_labels = { - app = var.app_name + values = [ + yamlencode({ + name = var.app_name + image = { + repository = data.aws_ecr_image.app_image.image_uri } - } - - template { - metadata { - labels = { - app = var.app_name - } + ingress = { + subnets = join(",", [aws_subnet.subnet_public_a.id, aws_subnet.subnet_public_b.id]) + certificateArn = aws_acm_certificate.main_public.arn + securityGroupId = aws_security_group.test_app_alb_public.id } - - spec { - container { - image = data.aws_ecr_image.app_image.image_uri - name = "app" - - resources { - limits = { - cpu = "0.5" - memory = "512Mi" - } - requests = { - cpu = "250m" - memory = "512Mi" - } - } - } - } - } - } + }) + ] } diff --git a/terraform/app_dns.tf b/terraform/app_dns.tf index 68c0452..1eb82ab 100644 --- a/terraform/app_dns.tf +++ b/terraform/app_dns.tf @@ -1,3 +1,11 @@ +data "kubernetes_ingress_v1" "test_app_public" { + depends_on = [helm_release.app] + + metadata { + name = var.app_name + } +} + resource "aws_route53_record" "test_app_public" { name = "${var.app_name}.${local.dns_public_domain}" type = "CNAME" @@ -5,6 +13,6 @@ resource "aws_route53_record" "test_app_public" { ttl = 60 records = [ - kubernetes_ingress_v1.test_app_public.status.0.load_balancer.0.ingress.0.hostname + data.kubernetes_ingress_v1.test_app_public.status.0.load_balancer.0.ingress.0.hostname ] } diff --git a/terraform/app_ingress.tf b/terraform/app_ingress.tf index eded55c..7edbdf4 100644 --- a/terraform/app_ingress.tf +++ b/terraform/app_ingress.tf @@ -1,61 +1,3 @@ -resource "kubernetes_ingress_v1" "test_app_public" { - depends_on = [ - helm_release.aws_load_balancer_controller, - ] - - metadata { - name = var.app_name - annotations = { - "alb.ingress.kubernetes.io/subnets" = join(",", [ - aws_subnet.subnet_public_a.id, - aws_subnet.subnet_public_b.id, - ]) - "kubernetes.io/ingress.class" = "alb" - "alb.ingress.kubernetes.io/certificate-arn" = aws_acm_certificate.main_public.arn - "alb.ingress.kubernetes.io/security-groups" = aws_security_group.test_app_alb_public.id - "alb.ingress.kubernetes.io/scheme" = "internet-facing" - "alb.ingress.kubernetes.io/target-type" = "ip" - "alb.ingress.kubernetes.io/healthcheck-path" = "/healthcheck" - "alb.ingress.kubernetes.io/target-group-attributes" = "load_balancing.cross_zone.enabled=true" - } - } - - spec { - rule { - http { - path { - backend { - service { - name = kubernetes_service.app_node_port.metadata.0.name - port { - number = 8080 - } - } - } - path = "/*" - } - } - } - } - - wait_for_load_balancer = true -} - -resource "kubernetes_service" "app_node_port" { - metadata { - name = var.app_name - } - spec { - selector = { - app = var.app_name - } - port { - port = 8080 - } - type = "NodePort" - } -} - resource "aws_security_group" "test_app_alb_public" { name = "${var.app_name}-alb" description = "Allow traffic for ${var.app_name} alb-public" diff --git a/terraform/outputs.tf b/terraform/outputs.tf new file mode 100644 index 0000000..b7706c6 --- /dev/null +++ b/terraform/outputs.tf @@ -0,0 +1,12 @@ +output "db_host" { + value = aws_rds_cluster.test_app.endpoint +} + +output "db_user" { + value = var.app_rds_master_username +} + +output "db_password" { + value = random_id.test_app_rds_master_password.b64_url + sensitive = true +}