hackdoc:// HSCloud Docs

Deploying docker image on hscloud

In this chapter, we will deploy our registered docker image on hscloud as a simple HTTP kube service with HTTPS from Let’s Encrypt.

Requirements

Registered image from Building web app. Also, built hscloud environment from Building an environment section.

Steps

We create a prod.jsonnet file in location //personal/$hs_username/myflask/prod.jsonnet. The format of jsonnet is very similar to json, but allows the use of variables, functions, and the import of other files. For further reference on jsonnet see jsonnet.org.

# Remember to replace $hs_username with your SSO username!

# The import is done from the `kube.libsonnet` file in the `kube` folder in the `hscloud` folder.
local kube = import "../../../kube/kube.libsonnet";

{
    local top = self,
    local cfg = self.cfg,

    cfg:: {
        name: 'web-app',
        # The hscloud configuration only allows the namespace in `personal-$hs_username` format.
        namespace: 'personal-$hs_username',
        # The hscloud configuration only allows the domain in `*.$hs_username.hscloud.ovh` format.
        domain: 'web-app.$hs_username.hscloud.ovh',
        image: 'registry.k0.hswaw.net/$hs_username/myflask:2137',
    },

    ns: kube.Namespace(cfg.namespace),
    
    deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
        spec+: {
            replicas: 1,
            template+: {
                spec+: {
                    containers_: {
                        default: kube.Container("default") {
                            image: cfg.image,
                            ports_: {
                                http: { containerPort: 5000 },
                            }
                        },
                    },
                },
            },
        },
    },

    service: top.ns.Contain(kube.Service(cfg.name)) {
        target_pod:: top.deployment.spec.template,
    },

    ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
        metadata+: {
            annotations+: {
                "kubernetes.io/tls-acme": "true",
                "cert-manager.io/cluster-issuer": "letsencrypt-prod",
                "nginx.ingress.kubernetes.io/proxy-body-size": "0",
            },
        },
        spec+: {
            tls: [ { hosts: [ cfg.domain ], secretName: cfg.name + "-tls" } ],
            rules: [
                {
                    host: cfg.domain,
                    http: {
                        paths:  [
                            { path: "/", backend: top.service.name_port },
                        ],
                    },
                },
            ],
        },
    },
}

We log into the cluster:

hs_username=$USER # if your username is the same as your SSO username
prodaccess -username $hs_username

We can now deploy our application:

kubecfg update prod.jsonnet

The application should be available at http://web-app.$hs_username.hscloud.ovh. You will have to wait a few minutes for a working HTTPS service.

You can also list the pods:

# List pods in the namespace. Replace $hs_username with your SSO username!
kubectl get pods --namespace personal-$hs_username

You should see something like this:

NAME                          READY   STATUS             RESTARTS   AGE
...
web-app-569996b8d8-lfl68      1/1     Running            0          18m

To remove the application, execute following command, taking your pod name from the previous command, in this case web-app-569996b8d8-lfl68:

# Delete the pod. Replace $hs_username with your SSO username!
kubectl delete pod web-app-569996b8d8-lfl68 --namespace personal-$hs_username