diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index 909c294..ae1cd4f 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -67,10 +67,10 @@ pipelines: - VERSION="latest" - docker load --input "coturn.tar" - docker load --input "coturn-dns.tar" - - docker tag "coturn" "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}" - - docker tag "coturn-dns" "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}" - - docker push "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}" - - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}" + - docker tag "coturn" "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION-staging}" + - docker tag "coturn-dns" "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION-staging}" + - docker push "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION-staging}" + - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION-staging}" services: - docker - step: @@ -112,4 +112,73 @@ pipelines: - pipe: atlassian/kubectl-run:1.1.2 variables: KUBE_CONFIG: $KUBE_CONFIG_PRD + KUBECTL_COMMAND: '-n coturn-dns rollout status -w deployment/coturn-dns' + develop: + - parallel: + - step: + name: Build images + script: + - docker build . --file docker/coturn/Dockerfile --tag coturn + - docker build . --file docker/coturn-dns/Dockerfile --tag coturn-dns + - docker save coturn --output "coturn.tar" + - docker save coturn-dns --output "coturn-dns.tar" + services: + - docker + caches: + - docker + artifacts: + - "*.tar" + - step: + name: Deploy terraform + image: hashicorp/terraform:latest + script: + - cd terraform/ + - terraform init + - terraform plan + - terraform apply -input=false -auto-approve + - step: + name: Deploy K8s apps (staging) + script: + - pipe: atlassian/kubectl-run:3.1.2 + variables: + KUBE_CONFIG: $KUBE_CONFIG_STG + KUBECTL_COMMAND: '-n argocd apply -k k8s/argocd/overlays/staging' + - step: + name: Push images + image: google/cloud-sdk:alpine + script: + # Authenticating with the service account key file + - echo $GCLOUD_API_KEYFILE | base64 -d > ./gcloud-api-key.json + - gcloud auth activate-service-account --key-file gcloud-api-key.json + - gcloud config set project $GCLOUD_PROJECT + - cat ./gcloud-api-key.json | docker login -u _json_key --password-stdin https://gcr.io + # Push Docker images + - VERSION="latest" + - docker load --input "coturn.tar" + - docker load --input "coturn-dns.tar" + - docker tag "coturn" "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}" + - docker tag "coturn-dns" "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}" + - docker push "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}" + - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}" + services: + - docker + - step: + name: Deploy coturn/coturn-dns to staging + deployment: staging + script: + - pipe: atlassian/kubectl-run:1.1.2 + variables: + KUBE_CONFIG: $KUBE_CONFIG_STG + KUBECTL_COMMAND: '-n coturn rollout restart deployment/coturn' + - pipe: atlassian/kubectl-run:1.1.2 + variables: + KUBE_CONFIG: $KUBE_CONFIG_STG + KUBECTL_COMMAND: '-n coturn rollout status -w deployment/coturn' + - pipe: atlassian/kubectl-run:1.1.2 + variables: + KUBE_CONFIG: $KUBE_CONFIG_STG + KUBECTL_COMMAND: '-n coturn-dns rollout restart deployment/coturn-dns' + - pipe: atlassian/kubectl-run:1.1.2 + variables: + KUBE_CONFIG: $KUBE_CONFIG_STG KUBECTL_COMMAND: '-n coturn-dns rollout status -w deployment/coturn-dns' \ No newline at end of file diff --git a/docker/coturn-dns/pod-node-register.py b/docker/coturn-dns/pod-node-register.py index 97f8361..36a3a08 100644 --- a/docker/coturn-dns/pod-node-register.py +++ b/docker/coturn-dns/pod-node-register.py @@ -1,3 +1,4 @@ +from ipaddress import ip_address, IPv4Address from kubernetes import client, config import boto3 import time @@ -9,14 +10,23 @@ COTURN_DOMAIN_NAME=os.environ['COTURN_DOMAIN_NAME'] config.load_incluster_config() v1 = client.CoreV1Api() + +def validIPAddress(IP: str) -> str: + try: + return "IPv4" if type(ip_address(IP)) is IPv4Address else "IPv6" + except ValueError: + return "Invalid" + while(True): ips=[] pods = v1.list_namespaced_pod(namespace="coturn") + for i in pods.items: node_status = v1.read_node(name=i.spec.node_name) for adr in node_status.status.addresses: - if adr.type=="ExternalIP": + # only collect IPv4 addresses, because we are only updating A records here + if adr.type=="ExternalIP" and validIPAddress(adr.address) == "IPv4": ips.append({'Value': adr.address}) print("Node IPs: "+str(ips)) diff --git a/k8s/coturn-dns/templates/deployment.yaml b/k8s/coturn-dns/templates/deployment.yaml index 4679eab..b2f69ea 100644 --- a/k8s/coturn-dns/templates/deployment.yaml +++ b/k8s/coturn-dns/templates/deployment.yaml @@ -22,7 +22,7 @@ spec: - name: gcr-json-key containers: - name: coturn-dns - image: gcr.io/tough-craft-276813/coturn-dns:latest + image: gcr.io/tough-craft-276813/coturn-dns:{{ .Values.coturn_dns_image_tag }} imagePullPolicy: Always env: - name: AWS_ACCESS_KEY_ID diff --git a/k8s/coturn-dns/values-production.yaml b/k8s/coturn-dns/values-production.yaml index bb5fd0d..1a6c9cc 100644 --- a/k8s/coturn-dns/values-production.yaml +++ b/k8s/coturn-dns/values-production.yaml @@ -1 +1,3 @@ -domain: "video.jamkazam.com" \ No newline at end of file +domain: "video.jamkazam.com" +# The version of the coturn-dns image in GCR +coturn_dns_image_tag: 1.0.9 diff --git a/k8s/coturn-dns/values-staging.yaml b/k8s/coturn-dns/values-staging.yaml index d2b5376..62b29d2 100644 --- a/k8s/coturn-dns/values-staging.yaml +++ b/k8s/coturn-dns/values-staging.yaml @@ -1 +1,3 @@ -domain: "staging.video.jamkazam.com" \ No newline at end of file +domain: "staging.video.jamkazam.com" +# The docker image tag for coturn-dns in GCR +coturn_dns_image_tag: 1.0.9 diff --git a/k8s/coturn/templates/deployment.yml b/k8s/coturn/templates/deployment.yml index 8824063..8bcdb94 100644 --- a/k8s/coturn/templates/deployment.yml +++ b/k8s/coturn/templates/deployment.yml @@ -26,12 +26,6 @@ spec: valueFrom: fieldRef: fieldPath: status.podIP - resources: - requests: - memory: "3800Mi" - cpu: "1200m" - limits: - memory: "3800Mi" ports: - containerPort: 3478 name: coturn diff --git a/k8s/webrtc-be/templates/deployment.yml b/k8s/webrtc-be/templates/deployment.yml index 4b1cf7d..cca8506 100644 --- a/k8s/webrtc-be/templates/deployment.yml +++ b/k8s/webrtc-be/templates/deployment.yml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: webrtc-be + namespace: webrtc-be labels: app: webrtc-be spec: @@ -19,14 +20,14 @@ spec: - name: gcr-json-key containers: - name: webrtc-be - image: gcr.io/tough-craft-276813/webrtc_be:latest + image: gcr.io/tough-craft-276813/webrtc_be:{{ .Values.webrtc_tag }} imagePullPolicy: Always - resources: - requests: - memory: "3800Mi" - cpu: "1200m" - limits: - memory: "3800Mi" + #resources: + #requests: + # memory: "3800Mi" + # cpu: "1200m" + #limits: + # memory: "3800Mi" env: - name: RTC_MIN_PORT value: "30000" @@ -41,3 +42,19 @@ spec: ports: - name: websocket-port containerPort: 5001 + livenessProbe: + httpGet: + path: /healthcheck + port: 5001 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + tcpSocket: + port: 5001 + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 diff --git a/k8s/webrtc-be/templates/gcr-secret.yml b/k8s/webrtc-be/templates/gcr-secret.yml index 07b68f3..085edef 100644 --- a/k8s/webrtc-be/templates/gcr-secret.yml +++ b/k8s/webrtc-be/templates/gcr-secret.yml @@ -4,4 +4,5 @@ data: kind: Secret metadata: name: gcr-json-key + namespace: webrtc-be type: kubernetes.io/dockerconfigjson \ No newline at end of file diff --git a/k8s/webrtc-be/templates/ingress.yaml b/k8s/webrtc-be/templates/ingress.yaml index fbfc35b..3215655 100644 --- a/k8s/webrtc-be/templates/ingress.yaml +++ b/k8s/webrtc-be/templates/ingress.yaml @@ -1,4 +1,4 @@ -apiVersion: networking.k8s.io/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: @@ -9,14 +9,17 @@ metadata: name: webrtc-be spec: rules: - - host: &host {{ .Values.domain }} + - host: {{ .Values.domain }} http: paths: - - backend: - serviceName: webrtc-be-service - servicePort: 5001 - path: / + - path: / + pathType: Prefix + backend: + service: + name: webrtc-be-service + port: + number: 5001 tls: - secretName: webrtc-be hosts: - - *host \ No newline at end of file + - {{ .Values.domain }} \ No newline at end of file diff --git a/k8s/webrtc-be/values-production.yaml b/k8s/webrtc-be/values-production.yaml index b67453f..fe5b45c 100644 --- a/k8s/webrtc-be/values-production.yaml +++ b/k8s/webrtc-be/values-production.yaml @@ -2,4 +2,7 @@ domain: "webrtc-be.video.jamkazam.com" # Webrtc env variables backendUrl: "https://www.jamkazam.com" -auth: true \ No newline at end of file +auth: true +# Webrtc_be image version +webrtc_tag: 1.0.131 + diff --git a/k8s/webrtc-be/values-staging.yaml b/k8s/webrtc-be/values-staging.yaml index 52fb7b1..8f5327b 100644 --- a/k8s/webrtc-be/values-staging.yaml +++ b/k8s/webrtc-be/values-staging.yaml @@ -1,4 +1,7 @@ # Ingress domain: "webrtc-be.staging.video.jamkazam.com" # Webrtc env variables -backendUrl: "https://staging.jamkazam.com" \ No newline at end of file +backendUrl: "https://staging.jamkazam.com" +# Webrtc_be image version +webrtc_tag: 1.0.131 +