Kubernetes integration (#80)

* chore(): skaffold

* chore(): kubernetes integration

* chore(skaffold): refine shokohsc profile

* chore(): removed docker & kubernetes from database + stoppedApp pin option

* Revert "chore(): removed docker & kubernetes from database + stoppedApp pin option"

This reverts commit 5111c7ad79.
This commit is contained in:
Dimitri Pommier 2021-08-17 10:32:15 +02:00 committed by GitHub
parent c1b61f9cd9
commit 8681f75bab
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 5567 additions and 89 deletions

View file

@ -2,3 +2,5 @@ node_modules
github github
public public
build.sh build.sh
k8s
skaffold.yaml

16
Dockerfile.dev Normal file
View file

@ -0,0 +1,16 @@
FROM node:lts-alpine as build-front
RUN apk add --no-cache curl
WORKDIR /app
COPY ./client .
RUN npm install --production \
&& npm run build
FROM node:lts-alpine
WORKDIR /app
RUN mkdir -p ./public
COPY --from=build-front /app/build/ ./public
COPY package*.json ./
RUN npm install
COPY . .
CMD ["npm", "run", "skaffold"]

View file

@ -22,6 +22,7 @@ Flame is self-hosted startpage for your server. Its design is inspired (heavily)
- TypeScript - TypeScript
- Deployment - Deployment
- Docker - Docker
- Kubernetes
## Development ## Development
@ -80,6 +81,13 @@ services:
restart: unless-stopped restart: unless-stopped
``` ```
#### Skaffold
```sh
# use skaffold
skaffold dev
```
### Without Docker ### Without Docker
Follow instructions from wiki: [Installation without Docker](https://github.com/pawelmalak/flame/wiki/Installation-without-docker) Follow instructions from wiki: [Installation without Docker](https://github.com/pawelmalak/flame/wiki/Installation-without-docker)
@ -170,6 +178,21 @@ labels:
And you must have activated the Docker sync option in the settings panel. And you must have activated the Docker sync option in the settings panel.
### Kubernetes integration
In order to use the Kubernetes integration, each ingress must have the following annotations:
```yml
metadata:
annotations:
- flame.pawelmalak/type=application # "app" works too
- flame.pawelmalak/name=My container
- flame.pawelmalak/url=https://example.com
- flame.pawelmalak/icon=icon-name # Optional, default is "kubernetes"
```
And you must have activated the Kubernetes sync option in the settings panel.
### Custom CSS ### Custom CSS
> This is an experimental feature. Its behaviour might change in the future. > This is an experimental feature. Its behaviour might change in the future.

View file

@ -52,6 +52,7 @@ const OtherSettings = (props: ComponentProps): JSX.Element => {
bookmarksSameTab: 0, bookmarksSameTab: 0,
searchSameTab: 0, searchSameTab: 0,
dockerApps: 1, dockerApps: 1,
kubernetesApps: 1,
unpinStoppedApps: 1 unpinStoppedApps: 1
}); });
@ -71,6 +72,7 @@ const OtherSettings = (props: ComponentProps): JSX.Element => {
bookmarksSameTab: searchConfig('bookmarksSameTab', 0), bookmarksSameTab: searchConfig('bookmarksSameTab', 0),
searchSameTab: searchConfig('searchSameTab', 0), searchSameTab: searchConfig('searchSameTab', 0),
dockerApps: searchConfig('dockerApps', 0), dockerApps: searchConfig('dockerApps', 0),
kubernetesApps: searchConfig('kubernetesApps', 0),
unpinStoppedApps: searchConfig('unpinStoppedApps', 0) unpinStoppedApps: searchConfig('unpinStoppedApps', 0)
}); });
}, [props.loading]); }, [props.loading]);
@ -297,6 +299,21 @@ const OtherSettings = (props: ComponentProps): JSX.Element => {
<option value={0}>False</option> <option value={0}>False</option>
</select> </select>
</InputGroup> </InputGroup>
{/* KUBERNETES SETTINGS */}
<h2 className={classes.SettingsSection}>Kubernetes</h2>
<InputGroup>
<label htmlFor='kubernetesApps'>Use Kubernetes Ingress API</label>
<select
id='kubernetesApps'
name='kubernetesApps'
value={formData.kubernetesApps}
onChange={e => inputChangeHandler(e, true)}
>
<option value={1}>True</option>
<option value={0}>False</option>
</select>
</InputGroup>
<Button>Save changes</Button> <Button>Save changes</Button>
</form> </form>
); );

View file

@ -19,5 +19,6 @@ export interface SettingsForm {
bookmarksSameTab: number; bookmarksSameTab: number;
searchSameTab: number; searchSameTab: number;
dockerApps: number; dockerApps: number;
kubernetesApps: number;
unpinStoppedApps: number; unpinStoppedApps: number;
} }

View file

@ -6,6 +6,7 @@ const { Sequelize } = require('sequelize');
const axios = require('axios'); const axios = require('axios');
const Logger = require('../utils/Logger'); const Logger = require('../utils/Logger');
const logger = new Logger(); const logger = new Logger();
const k8s = require('@kubernetes/client-node');
// @desc Create new app // @desc Create new app
// @route POST /api/apps // @route POST /api/apps
@ -51,6 +52,9 @@ exports.getApps = asyncWrapper(async (req, res, next) => {
const useDockerApi = await Config.findOne({ const useDockerApi = await Config.findOne({
where: { key: 'dockerApps' } where: { key: 'dockerApps' }
}); });
const useKubernetesApi = await Config.findOne({
where: { key: 'kubernetesApps' }
});
const unpinStoppedApps = await Config.findOne({ const unpinStoppedApps = await Config.findOne({
where: { key: 'unpinStoppedApps' } where: { key: 'unpinStoppedApps' }
}); });
@ -116,6 +120,64 @@ exports.getApps = asyncWrapper(async (req, res, next) => {
} }
} }
if (useKubernetesApi && useKubernetesApi.value == 1) {
let ingresses = null;
try {
const kc = new k8s.KubeConfig();
kc.loadFromCluster();
const k8sNetworkingV1Api = kc.makeApiClient(k8s.NetworkingV1Api);
await k8sNetworkingV1Api.listIngressForAllNamespaces()
.then((res) => {
ingresses = res.body.items;
});
} catch {
logger.log("Can't connect to the kubernetes api", 'ERROR');
}
if (ingresses) {
apps = await App.findAll({
order: [[orderType, 'ASC']]
});
ingresses = ingresses.filter(e => Object.keys(e.metadata.annotations).length !== 0);
const kubernetesApps = [];
for (const ingress of ingresses) {
const annotations = ingress.metadata.annotations;
if (
'flame.pawelmalak/name' in annotations &&
'flame.pawelmalak/url' in annotations &&
/^app/.test(annotations['flame.pawelmalak/type'])
) {
kubernetesApps.push({
name: annotations['flame.pawelmalak/name'],
url: annotations['flame.pawelmalak/url'],
icon: annotations['flame.pawelmalak/icon'] || 'kubernetes'
});
}
}
if (unpinStoppedApps && unpinStoppedApps.value == 1) {
for (const app of apps) {
await app.update({ isPinned: false });
}
}
for (const item of kubernetesApps) {
if (apps.some(app => app.name === item.name)) {
const app = apps.filter(e => e.name === item.name)[0];
await app.update({ ...item, isPinned: true });
} else {
await App.create({
...item,
isPinned: true
});
}
}
}
}
if (orderType == 'name') { if (orderType == 'name') {
apps = await App.findAll({ apps = await App.findAll({
order: [[Sequelize.fn('lower', Sequelize.col('name')), 'ASC']] order: [[Sequelize.fn('lower', Sequelize.col('name')), 'ASC']]

28
k8s/base/deployment.yaml Normal file
View file

@ -0,0 +1,28 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: flame
spec:
selector:
matchLabels:
app: flame
template:
metadata:
labels:
app: flame
spec:
serviceAccountName: flame
securityContext:
fsGroup: 1000
containers:
- name: flame
image: shokohsc/flame
ports:
- name: http
containerPort: 5005
protocol: TCP
readinessProbe:
httpGet:
path: /
port: http

17
k8s/base/ingress.yaml Normal file
View file

@ -0,0 +1,17 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: flame
spec:
rules:
- host: flame.cluster.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: flame
port:
number: 80

View file

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: flame
resources:
- namespace.yaml
- deployment.yaml
- service.yaml
- ingress.yaml
- rbac.yaml

8
k8s/base/namespace.yaml Normal file
View file

@ -0,0 +1,8 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: flame
labels:
namespace: flame
goldilocks.fairwinds.com/enabled: "true"

26
k8s/base/rbac.yaml Normal file
View file

@ -0,0 +1,26 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: flame
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: flame
rules:
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: flame
subjects:
- kind: ServiceAccount
name: flame
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flame

16
k8s/base/service.yaml Normal file
View file

@ -0,0 +1,16 @@
---
apiVersion: v1
kind: Service
metadata:
name: flame
labels:
app: flame
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
selector:
app: flame

View file

@ -0,0 +1,36 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: flame
spec:
selector:
matchLabels:
app: flame
template:
metadata:
labels:
app: flame
spec:
serviceAccountName: flame-dev
securityContext:
fsGroup: 1000
containers:
- name: flame
image: shokohsc/flame
command:
- npm
args:
- run
- skaffold
env:
- name: NODE_ENV
value: development
ports:
- name: http
containerPort: 5005
protocol: TCP
readinessProbe:
httpGet:
path: /
port: http

View file

@ -0,0 +1,28 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: flame
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: ca-cluster-issuer
flame.pawelmalak/name: flame
flame.pawelmalak/url: dev.flame.shokohsc.home
flame.pawelmalak/type: app
flame.pawelmalak/icon: fire
spec:
rules:
- host: dev.flame.shokohsc.home
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: flame
port:
number: 80
tls:
- hosts:
- dev.flame.shokohsc.home
secretName: flame-cert

View file

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: flame-dev
resources:
- namespace.yaml
- deployment.yaml
- service.yaml
- ingress.yaml
- rbac.yaml

View file

@ -0,0 +1,8 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: flame-dev
labels:
namespace: flame-dev
goldilocks.fairwinds.com/enabled: "true"

View file

@ -0,0 +1,26 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: flame-dev
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: flame-dev
rules:
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: flame-dev
subjects:
- kind: ServiceAccount
name: flame-dev
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flame-dev

View file

@ -0,0 +1,16 @@
---
apiVersion: v1
kind: Service
metadata:
name: flame
labels:
app: flame
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
selector:
app: flame

5229
package-lock.json generated

File diff suppressed because it is too large Load diff

View file

@ -10,11 +10,13 @@
"dev-init": "npm run init-server && npm run init-client", "dev-init": "npm run init-server && npm run init-client",
"dev-server": "nodemon server.js", "dev-server": "nodemon server.js",
"dev-client": "npm start --prefix client", "dev-client": "npm start --prefix client",
"dev": "concurrently \"npm run dev-server\" \"npm run dev-client\"" "dev": "concurrently \"npm run dev-server\" \"npm run dev-client\"",
"skaffold": "concurrently \"npm run init-client\" \"npm run dev-server\""
}, },
"author": "", "author": "",
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"@kubernetes/client-node": "^0.15.0",
"@types/express": "^4.17.11", "@types/express": "^4.17.11",
"axios": "^0.21.1", "axios": "^0.21.1",
"colors": "^1.4.0", "colors": "^1.4.0",

65
skaffold.yaml Normal file
View file

@ -0,0 +1,65 @@
apiVersion: skaffold/v2beta20
kind: Config
metadata:
name: flame
build:
artifacts:
- image: shokohsc/flame
context: .
sync:
manual:
- src: controllers/*.js
dest: .
docker:
dockerfile: Dockerfile.dev
deploy:
kustomize:
paths:
- k8s/base
profiles:
- name: dev
activation:
- command: dev
build:
artifacts:
- image: shokohsc/flame
sync:
manual:
- src: controllers/*.js
dest: .
docker:
dockerfile: Dockerfile.dev
- name: shokohsc
build:
artifacts:
- image: shokohsc/flame
sync:
manual:
- src: controllers/*.js
dest: .
kaniko:
dockerfile: Dockerfile.dev
cache:
repo: shokohsc/flame
cluster:
dockerConfig:
secretName: kaniko-secret
namespace: kaniko
pullSecretName: kaniko-secret
deploy:
kustomize:
paths:
- k8s/overlays/shokohsc
- name: prod
build:
artifacts:
- image: shokohsc/flame
kaniko:
dockerfile: Dockerfile
cache:
repo: shokohsc/flame
cluster:
dockerConfig:
secretName: kaniko-secret
namespace: kaniko
pullSecretName: kaniko-secret

View file

@ -68,6 +68,10 @@
"key": "dockerApps", "key": "dockerApps",
"value": false "value": false
}, },
{
"key": "kubernetesApps",
"value": false
},
{ {
"key": "unpinStoppedApps", "key": "unpinStoppedApps",
"value": false "value": false