OpenAtlas on Kubernetes
We will try to adapt and implement OpenAtlas with Kubernetes at the ACDH-CH. See working draft
Updated by Alexander Watzinger 6 months ago
Today I did some cleanup at the ACDH-CH GitLab repository. I deleted the main and develop branch and uploaded them again because, like we discussed, Kubernetes specific changes should only be made in the feature_kubernetes branch. Once everything is working with Kubernetes we may look into merging it to main but have to do this carefully to be sure to not put our productive systems at risk, e.g. now it seems like passwords may be leaked, more about that further down.Next I wanted to merge our current develop branch to feature_kubernetes. Originally it was a copy of main but I think it would be better to be a branch of develop to have the latest changes already merged. However, when pulling the latest feature_kubernetes form GitLab I noticed a few problematic changes made there:
- A SQL dump was added to the Git repository by Berni (install/demo-dev-dump.sql) which shouldn't be part of the OpenAtlas repository so please clean this up (e.g. delete and put in .gitignore).
- Dalibor removed the instance/prodution.py from .gitignore, presumably to change configuration. This is not how it is supposed to work, e.g. passwords are saved in instance/production.py. If persistent changes are needed in the repository they should be made in config/default.py or, if they are Kubernetes specific we should add a config/kubernetes.py.
- fixing .gitignore to ignore instance/ again except specified files (see .gitignore in main branch for how it should be)
- removing database dump from repository
- merge develop to feature_kubernetes to be in sync with current development
However, it's great to see that you managed to get already something running at https://demo-acdh-ch.openatlas.eu/.
Updated by Dalibor Pancic 6 months ago
Dalibor removed the instance/prodution.py from .gitignore, presumably to change configuration. This is not how it is supposed to work, e.g. passwords are saved in instance/production.py. If persistent changes are needed in the repository they should be made in config/default.py or, if they are Kubernetes specific we should add a config/kubernetes.py.
The openatlas app must be reconfigured that it can check if variables introduced over instance/prodution.py in feature_kubernetes are present as env variables.
They have to be introduced as Gitlab CI/CD variables for feature_kubernetes branch. By default, Openatlas expects that variables are hard-coded in the instance/prodution.py.
We can return instance/prodution.py to .gitignore after we adjust Openatlas that it can take variables from the "os.environ"
DATABASE_NAME = os.environ.get('POSTGRES_DB') DATABASE_USER = os.environ.get('POSTGRES_USER') DATABASE_PASS = os.environ.get('POSTGRES_PASSWORD') DATABASE_HOST = os.environ.get('POSTGRES_HOST') DATABASE_PORT = os.environ.get('POSTGRES_PORT') DATABASE_URL = os.environ.get('DATABASE_URL') SECRET_KEY = os.environ.get('SECRET_KEY')
Updated by Dalibor Pancic 5 months ago
The problem with the production.py is solved and production.py is returned to the .gitignore.
All Kubernetes related configuration is introduced over requirements.txt, Procfile, start.sh and Gitlab CI/CD evironment variables.
Only these three new files are added to the default Openatlas repo, and they are located in the root of the feature_kubernetes branch.
In order to merge the develop with the feature_kubernetes branch, we just need to remove install/demo-dev*.sql dumps.