Skip to content

How to add a new service to Kubernetes

This guide assumes that you have created a service via dev-cli scaffold php-service ... and the services container images are present in the Docker registry.

$ dev-cli ssh kubectl

$ bootstrap-service

Service Name? Need so be the same name as in the gitlab CI pipeline: dad-jokes
Production or Staging? (prod/stag): stag
Password for 'kubectl1' on mysql1.stag.smartweb.io. Used to create the schema and database users for service. See https://netadmin.zitcom.dk/servers/71409/configuration for passwords :

Generating schemas on mysql1.stag.smartweb.io and minifest for kube2clu3-dk2-virtualdatacenter-nu (stag)
Creating MySQL user for service 'dad-jokes' on mysql1.prod.smartweb.io

CREATE USER 'dad_jokes'@'10.10.%.%' IDENTIFIED BY '[masked]';
mysql: [Warning] Using a password on the command line interface can be insecure.

CREATE USER 'dad_jokes_admin'@'10.10.%.%' IDENTIFIED BY '[masked]';
mysql: [Warning] Using a password on the command line interface can be insecure.

CREATE DATABASE dad_jokes CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
mysql: [Warning] Using a password on the command line interface can be insecure.

GRANT SELECT,DELETE,INSERT,UPDATE ON dad_jokes.* TO 'dad_jokes'@'10.10.%.%';
mysql: [Warning] Using a password on the command line interface can be insecure.

GRANT CREATE,DROP,DELETE,INSERT,SELECT,UPDATE,ALTER,REFERENCES ON dad_jokes.* TO 'dad_jokes_admin'@'10.10.%.%';
mysql: [Warning] Using a password on the command line interface can be insecure.

GRANT SELECT ON dad_jokes.* TO 'readonly'@'10.10.%.%';
mysql: [Warning] Using a password on the command line interface can be insecure.

Making service manifest folder 32473-dad-jokes

Generating sealed secrets
Saving sealed secrets to 32473-dad-jokes/dad-jokes-secrets-sealed.yaml
Generating service manifest
Saving service manifest to 32473-dad-jokes/dad-jokes.yaml
Generating image auto update for stag
Saving to 32473-dad-jokes/dad-jokes-automation-stag.yaml

# Copy them to your local machine and put them in git. The commands needs to be runned from your local machine

$ scp zcdn@kubectl1.smartweb.io:~/32473-dad-jokes/dad-jokes.yaml .

$ scp zcdn@kubectl1.smartweb.io:~/32473-dad-jokes/dad-jokes-secrets-sealed.yaml .

$ scp zcdn@kubectl1.smartweb.io:~/32473-dad-jokes/dad-jokes-automation-stag.yaml .

###

# Use the above scp commands to copy the files to your local machine and commit them to the stag or prod git repo. Depending on which environment you inputted

###

After putting the service into kubernetes make sure the following is done.

  1. That the "readonly" team is added to the permissions on the service container image. i.e. https://hub.docker.com/repository/docker/smartweb/design-store/permissions
  2. A webhook is created on the Docker registry pointing to: https://notification-webhook.hostedshop.dk/hook/f34a008ced2012fe00c7e7582f48cefa0ef005ebe21e0c2af89179cc9aa4590c. Fx https://hub.docker.com/repository/docker/smartweb/design-store/webhooks