healthchecks

2025-04-06 17:57:45 -05:00 · 2025-04-06 17:57:45 -05:00 · 87ac12ff9d
parent b46e96eef8
commit 87ac12ff9d
11 changed files with 134 additions and 30 deletions
--- a/bitbucket-pipelines.yml
+++ b/bitbucket-pipelines.yml
@ -67,10 +67,10 @@ pipelines:
            - VERSION="latest"
            - docker load --input "coturn.tar"
            - docker load --input "coturn-dns.tar"
-            - docker tag "coturn" "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}"
-            - docker tag "coturn-dns" "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}"
-            - docker push "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}"
-            - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}"
+            - docker tag "coturn" "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION-staging}"
+            - docker tag "coturn-dns" "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION-staging}"
+            - docker push "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION-staging}"
+            - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION-staging}"
          services:
            - docker
      - step:
@ -113,3 +113,72 @@ pipelines:
              variables:
                KUBE_CONFIG: $KUBE_CONFIG_PRD
                KUBECTL_COMMAND: '-n coturn-dns rollout status -w deployment/coturn-dns'
+    develop:
+      - parallel:
+          - step:
+              name: Build images
+              script:
+                - docker build . --file docker/coturn/Dockerfile --tag coturn
+                - docker build . --file docker/coturn-dns/Dockerfile --tag coturn-dns
+                - docker save coturn --output "coturn.tar"
+                - docker save coturn-dns --output "coturn-dns.tar"
+              services:
+                - docker
+              caches:
+                - docker
+              artifacts:
+                - "*.tar"
+          - step:
+              name: Deploy terraform
+              image: hashicorp/terraform:latest
+              script:
+                - cd terraform/
+                - terraform init
+                - terraform plan
+                - terraform apply -input=false -auto-approve
+      - step:
+          name: Deploy K8s apps (staging)
+          script:
+            - pipe: atlassian/kubectl-run:3.1.2
+              variables:
+                KUBE_CONFIG: $KUBE_CONFIG_STG
+                KUBECTL_COMMAND: '-n argocd apply -k k8s/argocd/overlays/staging'
+      - step:
+          name: Push images
+          image: google/cloud-sdk:alpine
+          script:
+            # Authenticating with the service account key file
+            - echo $GCLOUD_API_KEYFILE | base64 -d > ./gcloud-api-key.json
+            - gcloud auth activate-service-account --key-file gcloud-api-key.json
+            - gcloud config set project $GCLOUD_PROJECT
+            - cat ./gcloud-api-key.json | docker login -u _json_key --password-stdin https://gcr.io
+            # Push Docker images
+            - VERSION="latest"
+            - docker load --input "coturn.tar"
+            - docker load --input "coturn-dns.tar"
+            - docker tag "coturn" "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}"
+            - docker tag "coturn-dns" "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}"
+            - docker push "gcr.io/${GCLOUD_PROJECT}/coturn:${VERSION}"
+            - docker push "gcr.io/${GCLOUD_PROJECT}/coturn-dns:${VERSION}"
+          services:
+            - docker
+      - step:
+          name: Deploy coturn/coturn-dns to staging
+          deployment: staging
+          script:
+            - pipe: atlassian/kubectl-run:1.1.2
+              variables:
+                KUBE_CONFIG: $KUBE_CONFIG_STG
+                KUBECTL_COMMAND: '-n coturn rollout restart deployment/coturn'
+            - pipe: atlassian/kubectl-run:1.1.2
+              variables:
+                KUBE_CONFIG: $KUBE_CONFIG_STG
+                KUBECTL_COMMAND: '-n coturn rollout status -w deployment/coturn'
+            - pipe: atlassian/kubectl-run:1.1.2
+              variables:
+                KUBE_CONFIG: $KUBE_CONFIG_STG
+                KUBECTL_COMMAND: '-n coturn-dns rollout restart deployment/coturn-dns'
+            - pipe: atlassian/kubectl-run:1.1.2
+              variables:
+                KUBE_CONFIG: $KUBE_CONFIG_STG
+                KUBECTL_COMMAND: '-n coturn-dns rollout status -w deployment/coturn-dns'
--- a/docker/coturn-dns/pod-node-register.py
+++ b/docker/coturn-dns/pod-node-register.py
@ -1,3 +1,4 @@
+from ipaddress import ip_address, IPv4Address 
 from kubernetes import client, config
 import boto3
 import time
@ -9,14 +10,23 @@ COTURN_DOMAIN_NAME=os.environ['COTURN_DOMAIN_NAME']
 config.load_incluster_config()
 v1 = client.CoreV1Api()

+  
+def validIPAddress(IP: str) -> str: 
+    try: 
+        return "IPv4" if type(ip_address(IP)) is IPv4Address else "IPv6"
+    except ValueError: 
+        return "Invalid"
+
 while(True):
    ips=[]

    pods = v1.list_namespaced_pod(namespace="coturn")
+
    for i in pods.items:
        node_status = v1.read_node(name=i.spec.node_name)
        for adr in node_status.status.addresses:
-            if adr.type=="ExternalIP":
+            # only collect IPv4 addresses, because we are only updating A records here
+            if adr.type=="ExternalIP" and validIPAddress(adr.address) == "IPv4":
                ips.append({'Value': adr.address})

    print("Node IPs: "+str(ips))
--- a/k8s/coturn-dns/templates/deployment.yaml
+++ b/k8s/coturn-dns/templates/deployment.yaml
@ -22,7 +22,7 @@ spec:
        - name: gcr-json-key
      containers:
        - name: coturn-dns
-          image: gcr.io/tough-craft-276813/coturn-dns:latest
+          image: gcr.io/tough-craft-276813/coturn-dns:{{ .Values.coturn_dns_image_tag }}
          imagePullPolicy: Always
          env:
          - name: AWS_ACCESS_KEY_ID
--- a/k8s/coturn-dns/values-production.yaml
+++ b/k8s/coturn-dns/values-production.yaml
@ -1 +1,3 @@
 domain: "video.jamkazam.com"
+# The version of the coturn-dns image in GCR
+coturn_dns_image_tag: 1.0.9
--- a/k8s/coturn-dns/values-staging.yaml
+++ b/k8s/coturn-dns/values-staging.yaml
@ -1 +1,3 @@
 domain: "staging.video.jamkazam.com"
+# The docker image tag for coturn-dns in GCR
+coturn_dns_image_tag: 1.0.9
--- a/k8s/coturn/templates/deployment.yml
+++ b/k8s/coturn/templates/deployment.yml
@ -26,12 +26,6 @@ spec:
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
-          resources:
-            requests:
-              memory: "3800Mi"
-              cpu: "1200m"
-            limits:
-              memory: "3800Mi"
          ports:
          - containerPort: 3478
            name: coturn
--- a/k8s/webrtc-be/templates/deployment.yml
+++ b/k8s/webrtc-be/templates/deployment.yml
@ -2,6 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: webrtc-be
+  namespace: webrtc-be
  labels:
    app: webrtc-be
 spec:
@ -19,14 +20,14 @@ spec:
        - name: gcr-json-key
      containers:
        - name: webrtc-be
-          image: gcr.io/tough-craft-276813/webrtc_be:latest
+          image: gcr.io/tough-craft-276813/webrtc_be:{{ .Values.webrtc_tag }}
          imagePullPolicy: Always
-          resources:
-            requests:
-              memory: "3800Mi"
-              cpu: "1200m"
-            limits:
-              memory: "3800Mi"
+          #resources:
+            #requests:
+            #  memory: "3800Mi"
+            #  cpu: "1200m"
+            #limits:
+            #  memory: "3800Mi"
          env:
            - name: RTC_MIN_PORT
              value: "30000"
@ -41,3 +42,19 @@ spec:
          ports:
            - name: websocket-port
              containerPort: 5001
+          livenessProbe:
+            httpGet:
+              path: /healthcheck
+              port: 5001
+              scheme: HTTP
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            timeoutSeconds: 5
+            failureThreshold: 3
+          readinessProbe:
+            tcpSocket:
+              port: 5001
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            timeoutSeconds: 5
+            failureThreshold: 3
--- a/k8s/webrtc-be/templates/gcr-secret.yml
+++ b/k8s/webrtc-be/templates/gcr-secret.yml
@ -4,4 +4,5 @@ data:
 kind: Secret
 metadata:
  name: gcr-json-key
+  namespace: webrtc-be
 type: kubernetes.io/dockerconfigjson
--- a/k8s/webrtc-be/templates/ingress.yaml
+++ b/k8s/webrtc-be/templates/ingress.yaml
@ -1,4 +1,4 @@
-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  annotations:
@ -9,14 +9,17 @@ metadata:
  name: webrtc-be
 spec:
  rules:
-  - host: &host {{ .Values.domain }}
+  - host: {{ .Values.domain }}
    http:
      paths:
-      - backend:
-          serviceName: webrtc-be-service
-          servicePort: 5001
-        path: /
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: webrtc-be-service
+            port:
+              number: 5001
  tls:
  - secretName: webrtc-be
    hosts:
-    - *host
+    - {{ .Values.domain }}
--- a/k8s/webrtc-be/values-production.yaml
+++ b/k8s/webrtc-be/values-production.yaml
@ -3,3 +3,6 @@ domain: "webrtc-be.video.jamkazam.com"
 # Webrtc env variables
 backendUrl: "https://www.jamkazam.com"
 auth: true
+# Webrtc_be image version
+webrtc_tag: 1.0.131
+
--- a/k8s/webrtc-be/values-staging.yaml
+++ b/k8s/webrtc-be/values-staging.yaml
@ -2,3 +2,6 @@
 domain: "webrtc-be.staging.video.jamkazam.com"
 # Webrtc env variables
 backendUrl: "https://staging.jamkazam.com" 
+# Webrtc_be image version
+webrtc_tag: 1.0.131
+