c4k-taiga/README.md

134 lines
5.2 KiB
Markdown
Raw Permalink Normal View History

2023-07-19 11:44:04 +00:00
# convention 4 kubernetes: c4k-taiga
2023-07-19 12:01:15 +00:00
[![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-taiga.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-taiga) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-taiga/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-taiga/-/commits/main)
2023-07-19 11:44:04 +00:00
2023-07-19 12:01:15 +00:00
[<img src="https://domaindrivenarchitecture.org/img/delta-chat.svg" width=20 alt="DeltaChat"> chat over e-mail](mailto:buero@meissa-gmbh.de?subject=community-chat) | [<img src="https://meissa-gmbh.de/img/community/Mastodon_Logotype.svg" width=20 alt="team@social.meissa-gmbh.de"> team@social.meissa-gmbh.de](https://social.meissa-gmbh.de/@team) | [taiga & Blog](https://domaindrivenarchitecture.org)
2023-07-19 11:44:04 +00:00
2023-08-09 11:04:33 +00:00
## Configuration Issues
2023-07-19 11:44:04 +00:00
2023-08-30 10:36:12 +00:00
We currently can no login even after `python manage.py createsuperuser --noinput` in the taiga-back-deployment container. What might help: https://docs.taiga.io/setup-production.html#taiga-back
2023-07-19 11:44:04 +00:00
2023-08-09 11:04:33 +00:00
Note: taiga-manage,-back und -async verwenden die gleichen docker images mit unterschiedlichen entry-points.
2023-07-20 12:19:03 +00:00
2023-08-30 10:36:12 +00:00
https://github.com/kaleidos-ventures/taiga-docker
https://community.taiga.io/t/taiga-30min-setup/170
### Steps to start and get an admin user
Philosophy: First create the superuser, then populate the DB.
https://docs.taiga.io/setup-production.html#taiga-back
https://docs.taiga.io/setup-production.html#_configure_an_admin_user
https://github.com/kaleidos-ventures/taiga-back/blob/main/docker/entrypoint.sh
In the init container we create the super user. Difference between init-container and container: CELERY_ENABLED: false
The init container gets the following command and args:
```yaml
command: ["/bin/bash"]
2023-09-01 07:37:32 +00:00
args: ["-c", "source /opt/venv/bin/activate && python manage.py createsuperuser --noinput"]
```
Thus the dockerfile default entrypoint is ignored.
Problem: Login using this method is still not available with the proposed credentials.
#### Option 1: Init container, currently under test
Create an init container (celery disabled) with the python manage.py command and the taiga-manage createsuperuser args
#### Option 2: Single container
Create a single container that has celery disabled at the beginning.
Runs the following cmds:
* python manage.py taiga-manage createsuperuser
* enable celery
* execute entrypoint.sh
2023-07-20 12:19:03 +00:00
### HTTPS
Terminiert am ingress. Wie interagiert das mit taiga?
Eventuell wird dies hier relevant:
https://github.com/kaleidos-ventures/taiga-docker#session-cookies-in-django-admin
2023-08-10 13:33:35 +00:00
### Docker Compose (DC) -> Kubernetes
2023-07-20 12:19:03 +00:00
2023-08-10 13:33:35 +00:00
We implemented a deployment and service in kubernetes for each DC Service.
Configmaps and secrets were implemented, to avoid redundancy and readability also to increase security a bit.
For all volumes described in DC we implemented PVCs and volume refs.
2023-07-20 12:19:03 +00:00
2023-08-10 13:33:35 +00:00
A config.py (used for taiga-back ) was introduced for reference.
A config.json (used for taiga-front ) was introduced for reference.
NB: It might be necessary to actually map both from a config map to their respective locations in taiga-back and taiga-front. Description for that is [here](https://docs.taiga.io/setup-production.html).
A mix of both env-vars and config.py in one container is not possible.
2023-07-20 12:19:03 +00:00
2023-08-10 13:33:35 +00:00
#### depends_on
2023-07-20 12:19:03 +00:00
2023-08-10 13:33:35 +00:00
We currently assume, that it will work without explicitly defining a startup order.
2023-07-20 12:19:03 +00:00
2023-08-10 13:33:35 +00:00
#### DC Networking
2023-07-20 12:19:03 +00:00
2023-08-10 13:33:35 +00:00
https://github.com/compose-spec/compose-spec/blob/master/spec.md
2023-07-20 12:19:03 +00:00
2023-08-10 13:33:35 +00:00
The `hostname` KW sets the hostname of a container.
It should have no effect on the discoverability of the container in kubernetes.
2023-07-20 12:19:03 +00:00
2023-08-10 13:33:35 +00:00
The `networks` KW defines the networks that service containers are attached to, referencing entries under the top-level networks key.
This should be taken care of by our kubernetes installation.
2023-07-26 13:32:33 +00:00
2023-08-10 13:33:35 +00:00
#### Pod to Pod Possible Communications
2023-07-26 13:32:33 +00:00
2023-08-10 13:33:35 +00:00
Taiga containers that need to reach other taiga containers:
taiga-async -> taiga-async-rabbitmq
taiga-events -> taiga-events-rabbitmq
This is not quite clear, but probably solved with the implementation of services.
2023-07-26 13:32:33 +00:00
2023-08-10 13:33:35 +00:00
### Deployments
2023-08-09 14:07:02 +00:00
2023-08-10 13:33:35 +00:00
Separate deployments exist for each of the taiga modules:
2023-08-09 10:11:37 +00:00
2023-08-10 13:33:35 +00:00
Taiga-back reads many values in config.py from env vars as can be seen in the taiga-back [config.py](
https://github.com/kaleidos-ventures/taiga-back/blob/main/docker/config.py). These are read from configmaps and secrets in the deployment.
2023-08-09 10:11:37 +00:00
2023-07-19 12:01:15 +00:00
## Purpose
2023-07-19 11:44:04 +00:00
## Status
## Try out
## Usage
You need:
2023-07-19 12:01:15 +00:00
...
2023-07-19 11:44:04 +00:00
* and a kubernetes cluster provisioned by [provs]
2023-07-19 12:01:15 +00:00
...
Let c4k-taiga generate your .yaml file.
2023-07-19 11:44:04 +00:00
Apply this file on your cluster with `kubectl apply -f yourApp.yaml`.
Done.
### resource requests and limits
You may want to adjust the resource requests and limits of the build and init containers to your specific scenario.
## Development & mirrors
2023-07-19 12:01:15 +00:00
Development happens at: https://repo.prod.meissa.de/meissa/c4k-taiga
2023-07-19 11:44:04 +00:00
Mirrors are:
2023-07-20 12:33:28 +00:00
* https://gitlab.com/domaindrivenarchitecture/c4k-taiga (issues and PR, CI)
* https://github.com/DomainDrivenArchitecture/c4k-taiga
2023-07-19 11:44:04 +00:00
For more details about our repository model see: https://repo.prod.meissa.de/meissa/federate-your-repos
## License
Copyright © 2022 meissa GmbH
Licensed under the [Apache License, Version 2.0](LICENSE) (the "License")
Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE)
[provs]: https://gitlab.com/domaindrivenarchitecture/provs/