Configure GKE workloads

Once the cloud resources are created, we can deploy our applications as Kubernetes workloads. The necessary YAML files can be found as a template in the link below.

Template repo: https://github.com/coronasafe/infra_template

Editing the template repo

Using the template, replace all generic/example values to production values. Let’s go through each folder.

Certificate

1. Replace the example hostnames for ‘dnsNames’ with actual hostnames

Configmaps

1. In care-configmap.yaml, add database configurations and update the hostnames in CSRF_TRUSTED_ORIGINS and DJANGO_ALLOWED_HOSTS

2. In nginx.yaml, update the server_name with hostnames.

Helm

1. Install Helm[Ref]

2. use the static IP created from "Reserve a static IP address" step to replace the IP value in helm/scripts.sh

Ingress

1. Replace example hostnames with actual hostnames

Secrets

1. Update care-secrets.yml

2. Update metabase.yml with metabase db credentials.

Applying Configurations

1. Set the default gke cluster

   1. Get the name using: kubectl config get-contexts

   2. Set the config: kubectl config use-context <name>

2. Run the helm script: bash helm/scripts.sh

3. Use kubectl to apply all the kubernetes yaml files in the following order

   1. Deploy configmaps: kubectl apply -f 'configmaps/*'

   2. Secrets: kubectl apply -f 'secrets/*'

   3. Deployments: kubectl apply -f 'deployments/*'

   4. Services: kubectl apply -f 'services/*'

   5. Clusterissuer: kubectl apply -f ClusterIssuer/cluster-issuer.yaml

   6. Certificate: kubectl apply -f certificate/certificate.yml

   7. Ingress: kubectl apply -f ingress/care.yaml

4. Once ingress is created, kubectl get ingress care-ingress will show the IP of the TCP load balancer.

5. Once the DNS records are added, the SSL will be automatically handled.

Add DNS records

create DNS A records for each domain pointing to the static IP created from "Reserve a static IP address" step