Lab11

ansible/ANSIBLE.md

@@ -60,24 +60,126 @@ ansible-inventory -i inventory --list
 
 ```json
 {
-    "_meta": {
-        "hostvars": {
-            "host_1": {
-                "ansible_host": "82.97.244.125",
-                "ansible_user": "metafates"
-            }
-        }
-    },
-    "all": {
-        "children": [
-            "ungrouped",
-            "my_hosts"
-        ]
-    },
-    "my_hosts": {
-        "hosts": [
-            "host_1"
-        ]
+  "_meta": {
+    "hostvars": {
+      "host_1": {
+        "ansible_host": "82.97.244.125",
+        "ansible_user": "metafates"
+      }
     }
+  },
+  "all": {
+    "children": ["ungrouped", "my_hosts"]
+  },
+  "my_hosts": {
+    "hosts": ["host_1"]
+  }
 }
-```
+```
+
+## Lab 6
+
+### Task 1
+
+```bash
+ansible-playbook playbooks/dev/app_python/main.yml -i inventory
+```
+
+```
+PLAY [Deploy python app] *****************************************************************************************************************************************************
+TASK [Gathering Facts] *******************************************************************************************************************************************************
+ok: [host_1]
+TASK [../../../roles/web_app : Directory create] *****************************************************************************************************************************
+changed: [host_1]
+TASK [../../../roles/web_app : Docker compose file] **************************************************************************************************************************
+changed: [host_1]
+TASK [../../../roles/web_app : Start the app] ********************************************************************************************************************************
+changed: [host_1]
+PLAY RECAP *******************************************************************************************************************************************************************
+host_1                    : ok=4    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+```
+
+Checking on server
+
+```
+REPOSITORY             TAG       IMAGE ID       CREATED       SIZE
+metafates/app_python   latest    bf33a4f6514a   2 weeks ago   116MB
+```
+
+```
+CONTAINER ID   IMAGE                  COMMAND                                        CREATED              STATUS              PORTS                                       NAMES
+babfd329b767   metafates/app_python   "uvicorn app:app --host 0.0.0.0 --port 8000"   About a minute ago   Up About a minute   0.0.0.0:8000->8000/tcp, :::8000->8000/tcp   app_python-web_app-1
+```
+
+## Task 2
+
+### Wipe
+
+```bash
+ansible-playbook playbooks/dev/app_python/main.yml -i inventory --tags wipe
+```
+
+```bash
+PLAY [Deploy python app] *****************************************************************************************************************************************************
+
+TASK [Gathering Facts] *******************************************************************************************************************************************************
+ok: [host_1]
+
+TASK [../../../roles/web_app : Remove docker related stuff] *********************************************************************************************************
+changed: [host_1]
+
+TASK [../../../roles/web_app : Remove app directory] *************************************************************************************************************************
+changed: [host_1]
+
+PLAY RECAP *******************************************************************************************************************************************************************
+host_1                    : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+```
+
+### Run all
+
+```bash
+ansible-playbook playbooks/dev/app_python/main.yml -i inventory
+```
+
+```bash
+PLAY [Deploy python app] *****************************************************************************************************************************************************
+
+TASK [Gathering Facts] *******************************************************************************************************************************************************
+ok: [host_1]
+
+TASK [docker : Install pip] ************************************************************************************************************************************************
+ok: [host_1]
+
+TASK [docker : Install required system packages] *****************************************************************************************************************************
+ok: [host_1]
+
+TASK [docker : Add Docker GPG key] *******************************************************************************************************************************************
+ok: [host_1]
+
+TASK [docker : Add Docker Repository] ****************************************************************************************************************************************
+ok: [host_1]
+
+TASK [docker : Install Docker] ***********************************************************************************************************************************************
+ok: [host_1]
+
+TASK [docker : Install Docker Compose] ***************************************************************************************************************************************
+ok: [host_1]
+
+TASK [../../../roles/web_app : Directory create] *****************************************************************************************************************************
+ok: [host_1]
+
+TASK [../../../roles/web_app : Docker compose file] **************************************************************************************************************************
+ok: [host_1]
+
+TASK [../../../roles/web_app : Start the app] ********************************************************************************************************************************
+ok: [host_1]
+
+TASK [../../../roles/web_app : Remove docker related stuff] *********************************************************************************************************
+changed: [host_1]
+
+TASK [../../../roles/web_app : Remove app directory] *************************************************************************************************************************
+changed: [host_1]
+
+PLAY RECAP *******************************************************************************************************************************************************************
+host_1                    : ok=12   changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+```

ansible/playbooks/dev/app_python/main.yml

@@ -0,0 +1,10 @@
+- name: Deploy python app
+  hosts: all
+  become: true
+  roles:
+    - role: ../../../roles/web_app
+  vars:
+    app_dir: app_python
+    app_image: metafates/app_python
+    app_port: 8000
+    web_app_full_wipe: true

ansible/roles/web_app/README.md

@@ -0,0 +1,17 @@
+## web_app role
+
+The role installs the app image and starts the docker container
+
+## Requirements
+
+- Ubuntu
+- Python 3
+
+## Variables
+
+| Variable            | Description                                           |
+| ------------------- | ----------------------------------------------------- |
+| `app_dir`           | the directory, where to place docker-compose.yml file |
+| `app_image`         | the docker image                                      |
+| `app_port`          | port to map from host to docker                       |
+| `web_app_full_wipe` | wtether to wipe or not                                |

ansible/roles/web_app/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+  - role: docker
+

ansible/roles/web_app/tasks/main.yml

@@ -0,0 +1,22 @@
+- name: App deploying to timeweb
+  block:
+    - name: Directory create
+      ansible.builtin.file:
+        name: "{{ app_dir }}/"
+        state: directory
+
+    - name: Docker compose file
+      ansible.builtin.template:
+        src: templates/docker-compose.yml.j2
+        dest: "{{ app_dir }}/compose.yaml"
+
+    - name: Start the app
+      community.docker.docker_compose_v2:
+        project_src: "{{ app_dir }}"
+        state: present
+  tags: web
+
+- name: Wipe
+  import_tasks: wipe.yml
+  tags: wipe
+  when: web_app_full_wipe == true

ansible/roles/web_app/tasks/wipe.yml

@@ -0,0 +1,11 @@
+- name: Remove docker related stuff
+  community.docker.docker_compose_v2:
+    project_src: "{{ app_dir }}"
+    state: absent
+    remove_images: all
+    remove_volumes: true
+
+- name: Remove app directory
+  ansible.builtin.file:
+    path: "{{ app_dir }}/"
+    state: absent

ansible/roles/web_app/templates/docker-compose.yml.j2

@@ -0,0 +1,5 @@
+services:
+  web_app:
+    image: "{{ app_image }}"
+    ports:
+      - "{{ app_port }}:{{ app_port }}"

app_python/app.py

@@ -4,17 +4,26 @@
 import pytz
 from fastapi import FastAPI, HTTPException
 from starlette.staticfiles import StaticFiles
+from prometheus_fastapi_instrumentator import Instrumentator
 
 dir_path = pathlib.Path(__file__).parent.resolve()
 
 app = FastAPI(title="Main app")
+
+instrumentator = Instrumentator().instrument(app)
+
 api = FastAPI(title="Api app")
 
 
 def get_time_with_tz(tz: str):
     return datetime.now(pytz.timezone(tz)).strftime("%Y-%m-%d %H:%M:%S")
 
 
+@app.on_event("startup")
+async def _startup():
+    instrumentator.expose(app)
+
+
 @api.get("/time")
 def get_time(tz: str):
     if tz not in pytz.all_timezones:

app_python/requirements.txt

@@ -8,3 +8,5 @@ anyio~=4.2.0
 uvicorn[standard]==0.27.*
 pytz==2024.1
 flake8==7.0.0
+prometheus_client==0.20.0
+prometheus-fastapi-instrumentator==7.0.0

k8s/11.md

@@ -0,0 +1,74 @@
+## Task 1
+
+Create a secret
+
+```bash
+kubectl create secret generic my-secret --from-literal=key1=val1 --from-literal=key2=val2
+```
+
+Get secrets
+
+```bash
+kubectl get secrets
+```
+
+```
+NAME                                       TYPE                 DATA   AGE
+my-secret                                  Opaque               2      10s
+```
+
+Describe a secret
+
+```bash
+kubectl describe secret my-secret
+```
+
+```
+Name:         my-secret
+Namespace:    default
+Labels:       <none>
+Annotations:  <none>
+
+Type:  Opaque
+
+Data
+====
+key1:  4 bytes
+key2:  4 bytes
+```
+
+```bash
+kubectl get secret my-secret -o jsonpath='{.data}'
+```
+
+```
+{"key1":"dmFsMQ==","key2":"dmFsMg=="}
+```
+
+We can decode them by piping into base64 command
+
+```bash
+echo dmFsMQ== | base64 --decode # val1
+echo dmFsMg== | base64 --decode # val2
+```
+
+## HELM Secrets
+
+```bash
+gpg --gen-key # with password qwerty123
+gpg --list-keys # get fingerprint
+sops -p $FINGERPRINT helm-app-python/secrets.yaml
+helm secrets install helm-app-python helm-app-python -f ./helm-app-python/secrets.yaml --values ./helm-app-python/values.yaml
+```
+
+Get secret
+
+```bash
+kubectl exec helm-app-python-ff25659a37-043fa -- printenv | grep MY_PASSWORD
+```
+
+Output
+
+```bash
+MY_PASSWORD=qwerty123
+```

k8s/HELM.md

@@ -0,0 +1,20 @@
+# Task 1
+
+```bash
+helm install helm-app-python ./helm_app_python/ --values ./helm_app_python/values.yaml
+```
+
+## Output
+
+```bash
+kubectl get pods,svc
+```
+
+```
+NAME                                      READY   STATUS    RESTARTS   AGE
+pod/my-helm-app-python-6bd3e32042-14h37   1/1     Running   0          54s
+
+NAME                         TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
+service/helm-app-python      LoadBalancer   10.99.61.11     <pending>     8080:30201/TCP   14s
+service/kubernetes           ClusterIP      10.96.0.1       <none>        443/TCP          8m
+```

k8s/README.md

@@ -0,0 +1,26 @@
+# Task 1
+
+## Create
+
+```bash
+APP="app-python"
+kubectl create deployment "$APP" --image=bulatok4/app_python:latest --port=8080
+kubectl expose deployment "$APP" --type=LoadBalancer --port=8080
+kubectl get pods,svc
+```
+
+```
+NAME                              READY   STATUS    RESTARTS   AGE
+pod/app-python-cluh7h7xp0-ergkr   1/1     Running   0          3m20s
+
+NAME                 TYPE           CLUSTER-IP    EXTERNAL-IP   PORT(S)          AGE
+service/app-python   LoadBalancer   10.99.108.8   <pending>     8080:31664/TCP   1m2s
+service/kubernetes   ClusterIP      10.96.0.1     <none>        443/TCP          12m
+```
+
+## Delete
+
+```bash
+kubectl delete service "$APP"
+kubectl delete deployment "$APP"
+```