Page MenuHomePhabricator
Create Task
Maniphest T291915

toolforge: automate how we deploy custom k8s components
Closed, ResolvedPublic
Actions

Description

See: https://wikitech.wikimedia.org/wiki/Portal:Toolforge/Admin/Kubernetes/Custom_components

We have a growing list of components that deploy to Toolforge kubernetes using this pattern:

  • git repository with source code
  • checkout on a docker builder host
  • build the docker image, tag it, etc
  • upload to our internal docker registry
NOTE: there is now a spicerack cookbook to automate the steps above: cookbook wmcs.toolforge.k8s.component.build
NOTE: there is now a spicerack cookbook to automate the steps above: cookbook wmcs.toolforge.k8s.component.deploy

This is a very good candidate for automation using spicerack/cookbook or whatever.

Known cases:

Details

SubjectRepoBranchLines +/-
wmcs: toolforge: k8s: add cookbook to automate deploying componentsoperations/cookbookswmcs+156 -0
wmcs: toolforge: k8s: add cookbook to automate deploying custom componentsoperations/cookbookswmcs+188 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

aborrero created this task.Sep 28 2021, 10:49 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 28 2021, 10:49 AM
aborrero renamed this task from toolforge: automate how we deploy custom components to toolforge: automate how we deploy custom k8s components.Sep 28 2021, 10:49 AM
aborrero triaged this task as Low priority.
taavi added a project: Toolforge.Sep 28 2021, 11:14 AM
taavi subscribed.Sep 29 2021, 11:24 AM
  • git repository with source code
  • checkout on a docker builder host
  • build the docker image, tag it, etc
  • upload to our internal docker registry

Could we modify the buildpack CD workflow here to auto build + push the images? At least for toolsbeta I'm also fine with also automatically deploying newer version

[optionally] manage auth things, like certificates etc

Automated cert renewal would be awesome if we can pull it off :-)

taavi updated the task description. (Show Details)Sep 29 2021, 11:27 AM
taavi added a comment.Oct 6 2021, 6:44 PM
In T291915#7387460, @Majavah wrote:

[optionally] manage auth things, like certificates etc

Automated cert renewal would be awesome if we can pull it off :-)

see also: T292238: Figure out certificate generation for admission webhooks before we lose the certificates/v1beta1

aborrero mentioned this in T293675: Proposal to move kubernetes upgrades to blue green deploy.Oct 19 2021, 9:17 AM
taavi mentioned this in T295258: Automatically build Docker images for Toolforge custom components.Nov 7 2021, 5:38 PM
dcaro subscribed.Mar 7 2022, 4:20 PM
dcaro added a comment.Mar 7 2022, 4:23 PM

Could we modify the buildpack CD workflow here to auto build + push the images? At least for toolsbeta I'm also fine with also automatically deploying newer version

Most probably yes, once we move to harbor (what the toolforge build service uses/will use), might require some custom buildpack though, but sounds like a good candidate to both dog-food our infra, and automate at least partially this flow.

gerritbot added a comment.Mar 15 2022, 4:56 PM

Change 770971 had a related patch set uploaded (by Arturo Borrero Gonzalez; author: Arturo Borrero Gonzalez):

[operations/cookbooks@wmcs] wmcs: toolforge: k8s: add cookbook to automate deploying custom components

https://gerrit.wikimedia.org/r/770971

gerritbot added a project: Patch-For-Review.Mar 15 2022, 4:56 PM
gerritbot added a comment.Mar 15 2022, 5:03 PM

Change 770971 merged by Arturo Borrero Gonzalez:

[operations/cookbooks@wmcs] wmcs: toolforge: k8s: add cookbook to automate deploying custom components

https://gerrit.wikimedia.org/r/770971

aborrero updated the task description. (Show Details)Mar 15 2022, 5:05 PM
Maintenance_bot removed a project: Patch-For-Review.Mar 15 2022, 5:18 PM
gerritbot added a comment.Mar 15 2022, 5:48 PM

Change 770986 had a related patch set uploaded (by Arturo Borrero Gonzalez; author: Arturo Borrero Gonzalez):

[operations/cookbooks@wmcs] wmcs: toolforge: k8s: add cookbook to automate deploying components

https://gerrit.wikimedia.org/r/770986

gerritbot added a project: Patch-For-Review.Mar 15 2022, 5:48 PM
gerritbot added a comment.Mar 15 2022, 6:00 PM

Change 770986 merged by jenkins-bot:

[operations/cookbooks@wmcs] wmcs: toolforge: k8s: add cookbook to automate deploying components

https://gerrit.wikimedia.org/r/770986

Maintenance_bot removed a project: Patch-For-Review.Mar 15 2022, 6:10 PM
aborrero updated the task description. (Show Details)Mar 23 2022, 4:20 PM
aborrero updated the task description. (Show Details)Nov 16 2022, 4:09 PM
dcaro mentioned this in rCCKB7750f73faa4c: wmcs: toolforge: k8s: add cookbook to automate deploying custom components.Dec 14 2022, 3:33 PM
dcaro mentioned this in rCCKB56c926520028: wmcs: toolforge: k8s: add cookbook to automate deploying components.
fnegri edited projects, added cloud-services-team; removed cloud-services-team (Kanban).Jan 18 2023, 6:46 PM
fnegri moved this task from Kanban to Inbox on the cloud-services-team board.
taavi added a comment.Mar 6 2023, 2:09 PM

Closing. Further improvements will be made in T320667: Cloud services enhancement proposal: Toolforge Kubernetes component workflow improvements.

taavi closed this task as Resolved.Mar 6 2023, 2:09 PM
taavi claimed this task.
taavi closed subtask T295258: Automatically build Docker images for Toolforge custom components as Resolved.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL