New User Deployment#
New requests should be submitted via a Jira ticket to track and update the progress as well as for keeping records of who wanted deployments. We provide an example of what information to provide in the ticket to users but ensure you have everything required
Below is an example template for the information that should be returned to the user:
Hello,
The application has been deployed and I have confirmed that I am able to access it via <user_URL>.
The application is configured to automatically update whenever changes are made to the Helm chart in the associated GitHub repository. Typically this will be when a new application image is built and there is a new image tag to use in the Helm chart values.yaml file. More information on the Argo CD GitOps automation implementation can be found at this link: https://ncar.github.io/cisl-cloud/how-to/K8s/argocd/argo-intro.html
A new Project, <project_name>, in Rancher has been created to host your application in a dedicated namespace, <project_namespace>. More information about Rancher and interacting with the K8s objects for your application can be viewed at this link: https://ncar.github.io/cisl-cloud/how-to/K8s/Rancher/rancher-intro.html
Your image is being hosted on the on-premise clouds internal container registry at the following location hub.k8s.ucar.edu/<users_sso>/<projectname>. Details on utilizing the internal container registry can be found at this link: https://ncar.github.io/cisl-cloud/how-to/K8s/harbor/harbor-intro.html
Please let us know if you have any issues or questions.
Thanks,
Details on how to implement and provide all these details are described in detail below.
User Requirements#
In order to deploy a Users application on the CISL Cloud K8s cluster a few things need to be in place from the users side
- A containerized version of their application
- A GitHub repository to connect to Argo CD
- A Helm chart to control the deployment options
Verify Users configuration#
As administrators we need to verify the container image works, the repository is accessible, and the Helm chart and values.yaml
file used is appropriate for the deployment. When looking at the values.yaml file we need to ensure that unique values are being used for the FQDN and the TLS secret name. Please work directly with the user, or team, when running through the confirmation steps. Update the user if any changes need to be made and provide valid reasoning to why those changes are required.
Note
If the user is not hosting their image in Harbor use the Harbor proxy for their public repository. Update the Helm chart with the user and discuss the advantages of using Harbor.
Create Rancher Project & K8s namespace#
The best way to isolate a users application in our k8s architecture is to utilize Projects inside Rancher and then add a K8s namespace inside that project. Login to the Rancher UI, select the siodine cluster, and on the left hand navigation panel select Projects/Namespaces to navigate to that menu. Inside the Projects/Namespaces menu there is a Create Project
button. User the users sso username, or team name, for the project name and create it.
If there is not an existing namespace that makes sense to place the users application, a new one will need to be created. By default using a users sso username or a team name for the namespace is best. It will allow us to track who made the request, and get in touch with them, or the team, quickly in the event of an issue.
Here is the link to documentation for creating a namespace in K8s
Setup Argo CD#
Argo CD enables us to automatically sync changes made to a Helm chart hosted in a code repository.
It’s necessary to create a specific project in Argo CD if one does not already exist for the user, or team, that requested a deployment. Again, using the users sso username, or team name, is best practice for naming a project as it makes it easier to identify ownership long term.
The project settings need to be updated to include the source code repository and the kubernetes cluster and namespace to use.
With that in place a new application for the user can be created from the Applications tab. Make sure everything deploys correctly. If there are issues please work with the user, if necessary, to fix the source code for the deployment.
Here is the link to documentation for deployments on Argo CD.
Close Jira Ticket#
When the work has been completed, and everything is confirmed to be working, please update and close the Jira ticket submitted by the user. Include information about the kubernetes namespace, Argo CD project, and any URLs that may be in use for an audit trail for the request.