Skip to content

Instantly share code, notes, and snippets.

@fieldju

fieldju/microk8s-dev.yaml

Last active November 24, 2020 18:13
Show Gist options
  • Save fieldju/670c1696d202ebd211876eff99ec45f5 to your computer and use it in GitHub Desktop.
Save fieldju/670c1696d202ebd211876eff99ec45f5 to your computer and use it in GitHub Desktop.
Download ZIP
Justin's Operator Config for his microk8s operator shrek env
Raw
microk8s-dev.yaml
apiVersion: spinnaker.armory.io/v1alpha2
kind: SpinnakerService
metadata:
name: spinnaker-armory-dev
namespace: spinnaker-armory-dev
spec:
spinnakerConfig:
config:
version: 2.22.0
persistentStorage:
persistentStoreType: s3
s3:
bucket: armory-fieldju-dev
rootFolder: microk8s-armory-dev/persistent-storage
region: us-west-2
features:
auth: false
fiat: false
chaos: false
entityTags: false
artifacts: true
artifactsRewrite: true
timezone: America/Los_Angeles
artifacts:
github:
enabled: true
accounts:
- name: github
username: armory-jenkins
token: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:jenkins-user-gh-api-token
- name: public-github
gitrepo:
enabled: true
accounts:
- name: github
username: armory-jenkins
token: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:jenkins-user-gh-api-token
sshTrustUnknownHosts: false
http:
enabled: true
accounts:
- name: public-http
canary:
enabled: true
serviceIntegrations:
- name: aws
enabled: true
accounts:
- name: aws-dev-s3-canary-storage
bucket: armory-fieldju-dev
rootFolder: microk8s-dev/canary-persistent-storage
region: us-west-2
supportedTypes:
- CONFIGURATION_STORE
- OBJECT_STORE
- name: newrelic
enabled: true
accounts:
- name: new-relic-armory-managed
apiKey: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:new-relic-query-key
applicationKey: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:new-relic-account-id
supportedTypes:
- METRICS_STORE
reduxLoggerEnabled: true
defaultJudge: NetflixACAJudge-v1.0
stagesEnabled: true
templatesEnabled: true
showAllConfigsEnabled: true
stats:
enabled: false
armory:
dinghy:
enabled: false
diagnostics:
enabled: false
terraform:
enabled: true
git:
enabled: true
accessToken: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:jenkins-user-gh-api-token
username: armory-jenkins
providers:
kubernetes:
enabled: false
aws:
enabled: true
primaryAccount: acme-prod
accounts:
- name: acme-prod
accountId: "510537551160"
assumeRole: arn:aws:iam::510537551160:role/spinnaker-iam-role-SpinnakerManagedIamRole-6KXHPWYHC6SE
externalId: my-external-id
permissions: {}
providerVersion: V1
regions:
- name: us-west-2
bakeryDefaults:
awsAssociatePublicIpAddress: true
templateFile: node-application.json
defaultVirtualizationType: hvm
awsSubnetId: subnet-00c959f42907f31f4
awsVpcId: vpc-04c0cd4adb36b1863
baseImages:
- baseImage:
id: ubuntu
shortDescription: v20.04
detailedDescription: Canonical, Ubuntu, 20.04 LTS, amd64 focal image build on 2020-09-24
packageType: deb
virtualizationSettings:
- region: us-west-2
virtualizationType: hvm
instanceType: t2.micro
sourceAmi: ami-02c45ea799467b51b
sshUserName: ubuntu
spotPrice: 0
spotPriceAutoProduct: Linux/UNIX (Amazon VPC)
features:
cloudFormation:
enabled: true
defaultRegions:
- name: us-west-2
service-settings:
clouddriver:
artifactId: docker.io/armory/clouddriver:2.21.7-externalId.2
env:
AWS_REGION: us-west-2
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
deck:
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
echo:
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
fiat:
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
front50:
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
gate:
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
igor:
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
kayenta:
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
orca:
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
rosco:
artifactId: registry.fieldju.com:32000/rosco:2.22.0-RC4
kubernetes:
podAnnotations:
iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile
profiles:
# UI Settings
deck:
settings-local.js: |
window.spinnakerSettings.feature.kustomizeEnabled = true;
window.spinnakerSettings.feature.artifactsRewrite = true;
window.spinnakerSettings.feature.terraform = true;
// wtf!
# Rosco
rosco:
packer:
additionalParameters:
- -var
- encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:artifactory-username-packer-var
- -var
- encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:artifactory-password-packer-var
# Global Settings
spinnaker:
spinnaker:
extensibility:
plugins:
Armory.ObservabilityPlugin:
enabled: false
version: 1.0.0
config.metrics:
armoryRecommendedFiltersEnabled: true
additionalTags:
customerName: fieldju
customerEnvName: armory-dev
newrelic:
enabled: true
apiKey: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:new-relic-insert-key
stepInSeconds: 120
meterRegistryConfig.armoryRecommendedFiltersEnabled: true
repositories:
armory-observability-plugin-releases:
url: https://raw.githubusercontent.com/armory-plugins/armory-observability-plugin-releases/master/repositories.json
files:
profiles__rosco__packer__node-application.json: |
{
"variables": {
"aws_access_key": "",
"aws_secret_key": "",
"aws_region": null,
"aws_source_ami": null,
"aws_target_ami": null,
"aws_subnet_id": "{{env `AWS_SUBNET_ID`}}",
"aws_vpc_id": "{{env `AWS_VPC_ID`}}",
"aws_ssh_username": null,
"artifactory_username": null,
"artifactory_password": null,
"packages": null
},
"builders": [{
"type": "amazon-ebs",
"assume_role": {
"role_arn" : "arn:aws:iam::510537551160:role/spinnaker-iam-role-SpinnakerManagedIamRole-6KXHPWYHC6SE",
"session_name": "ami-bake",
"external_id": "my-external-id"
},
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"vpc_id": "{{user `aws_vpc_id`}}",
"subnet_id": "{{user `aws_subnet_id`}}",
"region": "{{user `aws_region`}}",
"source_ami": "{{user `aws_source_ami`}}",
"ami_name": "{{user `aws_target_ami`}}",
"instance_type": "t2.micro",
"ssh_pty": true,
"ssh_timeout": "5m",
"ssh_username": "{{user `aws_ssh_username`}}",
"tags" : {
"base_ami" : "{{user `aws_source_ami`}}",
"ami_creation_time": "{{timestamp}}"
}
}],
"provisioners": [
{
"type" : "file",
"source" : "/opt/rosco/config/packer/ecosystem.config.js.mustache",
"destination": "/tmp/ecosystem.config.js.mustache"
},
{
"type" : "file",
"source" : "/opt/rosco/config/packer/setup-artifact.sh",
"destination": "/tmp/setup-artifact.sh"
},
{
"type": "shell",
"inline": [
"bash /tmp/setup-artifact.sh"
],
"environment_vars": [
"ARTIFACTORY_USER={{user `artifactory_username`}}",
"ARTIFACTORY_PASSWORD={{user `artifactory_password`}}",
"PACKAGE={{user `packages`}}"
]
}
]
}
profiles__rosco__packer__setup-artifact.sh: |
#!/usr/bin/env bash
#############################
# Install NVM
#############################
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.36.0/install.sh | bash
export NVM_DIR="$HOME/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm
#############################
# Install latest node lts
#############################
nvm install --lts
#############################
# Install latest pm2
#############################
npm install pm2@latest -g
export NVM_DIR=\"$HOME/.nvm\"
[ -s \"$NVM_DIR/nvm.sh\" ] && \\. \"$NVM_DIR/nvm.sh\"
# Set up artifact
sudo mkdir -p /opt/node-app/
sudo chown -R ubuntu:ubuntu /opt/node-app/
# CD to app dir
cd /opt/node-app/
# Install Mustache
sudo apt update && sudo apt install -y unzip
wget https://github.com/quantumew/mustache-cli/releases/download/v1.0.0/mustache-cli-linux-amd64.zip
unzip mustache-cli-linux-amd64.zip
chmod +x mustache
# Install artifact
echo '@armory:registry=https://armory.jfrog.io/artifactory/api/npm/npm-all' > .npmrc
echo 'registry=https://armory.jfrog.io/artifactory/api/npm/npm-all' >> .npmrc
curl -u${ARTIFACTORY_USER}:${ARTIFACTORY_PASSWORD} https://armory.jfrog.io/artifactory/api/npm/auth >> .npmrc
npm install @armory/${PACKAGE}
# Inject package name into pm2 ecosystem file
./mustache ENV /tmp/ecosystem.config.js.mustache > /opt/node-app/ecosystem.config.js
# Misc clean up
rm -fr mustache-cli-linux-amd64.zip mustache .npmrc /tmp/ecosystem.config.js.mustache
# Configure PM2 to run the artifact
pm2 start /opt/node-app/ecosystem.config.js
pm2 save
sudo env PATH=$PATH:/home/ubuntu/.nvm/versions/node/$(node -v)/bin /home/ubuntu/.nvm/versions/node/$(node -v)/lib/node_modules/pm2/bin/pm2 startup systemd -u ubuntu --hp /home/ubuntu
profiles__rosco__packer__ecosystem.config.js.mustache: |
module.exports = {
apps : [{
name : "Node Application",
script : "/opt/node-app/node_modules/@armory/{{ PACKAGE }}/dist/main.js",
cwd : "/opt/node-app",
watch : true,
env: {
"NODE_ENV": "production",
}
}]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment