The DC website can be installed into a GKE cluster using helm.
- A GKE cluster. If you do not already have one, please follow instructions to create a regional GKE cluster.
- GKE cluster should have workload identiy enabled. This is a one time setup.
- A global static IP reserved.
- Domain from your choice of DNS provider, and have the a DNS type A record which points from the domain to the IP from above.
- Certificate for the domain provided. For example, from Cloudflare.
Note: DNS record takes up to 72 hours to propagate. While the helm chart can still be installed before it is completed, the load balancer that is created by the chart may not be ready until then.
- Make sure that the k8s credentials are configured. You can visit the GCP UI and click "CONNECT" on your cluster's page to get the command to configure the credentials.
The command below should point to your cluster.
kubectl config current-context- Paste the template below into a new file called instance-values.yaml.
website:
gcpProjectID: <GCP project>
domain: <Your domain>
flaskEnv: custom
secretGCPProjectID: <GCP project>
mixer:
hostProject: <GCP project>
serviceName: <Cloud Endpoints service name>
serviceAccount:
name: <KSA name>
ingress:
enabled: true
annotations:
{
kubernetes.io/ingress.global-static-ip-name: <Your GCP global static IP>,
ingress.gcp.kubernetes.io/pre-shared-cert: <Your self managed certificate name from GCP>,
}- Fill out all the instance specific variables from above.
The GCP project id where the website is to be deployed.
Same value will apply for website.gcpProjectID, website.secretGCPProjectID, mixer.hostProject.
Website domain that you own.
Name of the k8s service account to be used as the GCP identity of the DC website.
This assumes that the workload identity setup process has been follow.
Confirm the SA exists by calling kubectl -n website get serviceaccount in termimal.
The name of the global static ip that was reserved from GCP.
Note that this needs to be in the same GCP project as the GCP project specified elsewhere in your DC helm config.
The name of the self managed certificate from GCP.
Please follow the offical doc to create one from your cert and key from your ssl provider.
- Run the helm install command from the root directory of Website repo.
git submodule foreach git pull origin master
git submodule update --init --recursive
TAG=$(git rev-parse --short=7 HEAD)
cd mixer
MIXER_TAG=$(git rev-parse --short=7 HEAD)
cd ..
helm upgrade --install \
dc-website deploy/helm_charts/dc_website \
--atomic \
--debug \
--timeout 10m \
-f values.yaml \
--set website.githash="$TAG" \
--set mixer.githash="$MIXER_TAG" \
--set-file mixer.schemaConfigs."base\.mcf"=mixer/deploy/mapping/base.mcf \
--set-file mixer.schemaConfigs."encode\.mcf"=mixer/deploy/mapping/encode.mcf \
--set-file kgStoreConfig.bigqueryVersion=mixer/deploy/storage/bigquery.version \
--set-file kgStoreConfig.baseBigtableInfo=mixer/deploy/storage/base_bigtable_info.yaml