k8s-droneci-argocd
Run a CI/CD stack in Kubernetes composed of a Docker Registry, DroneCI, ArgoCD which deploys a demo app
Requirements
- A working Kubernetes cluster with
ingress-nginx. Since this is provider specific, make sure to follow https://kubernetes.github.io/ingress-nginx/deploy/ - DNS records for (replace
example.comwith your domain):- Drone:
drone.example.com - Docker Registry:
registry.example.com - Demo app (FooBarQix):
example.com
- Drone:
kubectl: Required to manage the Kubernetes resourceshtpasswd: Required to generate the auth of the Docker Registry
Optional, required to update some manifests:
helm
Try it out!
- Replace the placeholders with your values:
# Create the file (its gitignored)
cp .placeholders.tmpl .placeholders
# Edit the contents
vi .placeholders
# Execute the script
env $(cat .placeholders | xargs) bash scripts/replace-placeholders.sh- Set up your secrets:
# Create the file (its gitignored)
cp .secrets.tmpl .secrets
# Edit the contents
vi .placeholders
# Execute the script
env $(cat .secrets | xargs) bash scripts/populate-secrets.sh- Provision the stack
bash ./scripts/provision.shClarifications
LetsEncrypt
Since we use LetsEncrypt to manage the SSL certificates, be wary of the rate-limits.
You can verify the status of the orders with:
kubectl describe order --all-namespaces=trueHere is an example output snippet of being rate limited:
$ kubectl describe order --all-namespaces=true
(...)
Issuer Ref:
Group: cert-manager.io
Kind: ClusterIssuer
Name: letsencrypt-production
Status:
Failure Time: 2020-08-09T22:21:17Z
Reason: Failed to create Order: 429 urn:ietf:params:acme:error:rateLimited: Error creating new order :: too many certificates already issued for exact set of domains: example.com: see https://letsencrypt.org/docs/rate-limits/
State: errored
Events: <none>