Skip to content

Commit

Permalink
support: add deploy setting
Browse files Browse the repository at this point in the history
Signed-off-by: Victor Login <batazor@evrone.com>
  • Loading branch information
batazor committed Jun 19, 2023
1 parent 1ab33b1 commit 7a57fa9
Show file tree
Hide file tree
Showing 14 changed files with 277 additions and 36 deletions.
1 change: 1 addition & 0 deletions internal/services/support/.adr-dir
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
docs/ADR/decisions
9 changes: 7 additions & 2 deletions internal/services/support/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
## Support Services

This service implements the support services for our platform.
This service implements the support services for our customers.

### ADR

- [ADR-0001](./docs/ADR/decisions/0001-init.md) - Init project
- [ADR-0002](./docs/ADR/decisions/0002-network.md) - Network configuration

### Stack

Expand All @@ -13,4 +18,4 @@ This service implements the support services for our platform.
#### Best Practices

- [**Behat**](https://docs.behat.org/en/latest/index.html) is a PHP framework for BDD.
- rector is a tool to automatically upgrade and refactor PHP 5.3+ code.
- **rector** is a tool to automatically upgrade and refactor PHP 5.3+ code.
42 changes: 42 additions & 0 deletions internal/services/support/docs/ADR/decisions/0001-init.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# 1. Init

Date: 2023-06-19

## Status

Accepted

## Context

We are embarking on the development of a new "Support Service" microservice.
This service is intended to enhance our platform's user experience by providing robust customer support.
Our goal is to ensure a quick resolution of issues and effective communication with our users.
We need a technology stack and best practices that can handle high loads, ensure system stability,
and can be easily maintained and updated.

## Decision

We've decided to use PHP for coding, with OPCache for speed and Composer for managing dependencies. For best practices,
we'll use Behat for Behavior Driven Development (BDD), and Rector for easy PHP code updates.

## Consequences

Using PHP, OPCache, and Composer will make coding, code execution, and managing dependencies easier.
BDD with Behat will make testing user-oriented. Rector will simplify PHP code updates.

#### Mermaid Schema

```mermaid
graph TD;
A[Start] --> B[PHP];
B --> C[OPCache];
B --> D[Composer];
B --> E[Behat];
B --> F[Rector];
C --> G[Speedy Code];
D --> H[Managed Dependencies];
E --> I[User Oriented Testing];
F --> J[Easy Code Updates];
```

This flow chart shows how our chosen tech stack and practices (from PHP to Rector) lead to the desired outcomes (from speedy code to easy code updates).
59 changes: 59 additions & 0 deletions internal/services/support/docs/ADR/decisions/0002-network.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
# 2. Network Setup for Support Service

Date: 2023-06-19

## Status

Accepted

## Context

Our "Support Service" needs a high-performance network setup to handle customer requests effectively.
This service needs to handle high traffic volumes while providing responsive and reliable support to our users.

## Decision

After considering several options, we have decided to use Nginx as a reverse proxy due to its high performance, stability,
and efficient handling of both static and dynamic content. We have configured Nginx to listen
on port 8080 for both IPv4 and IPv6 traffic.

```nginx configuration
server {
listen 8080;
listen [::]:8080;
server_name _;
}
```

For PHP script execution, we've chosen PHP-FPM due to its capability to handle heavy loads and its compatibility
with OPCache, which we are using for performance optimization. We have enabled the PHP-FPM status page
for easy monitoring and management of our PHP service.

```php-fpm configuration
# Enable the PHP-FPM status page
pm.status_path = /status
pm.status_listen = 127.0.0.1:9001
``````
## Consequences
Our setup using Nginx, PHP-FPM, and OPCache will offer enhanced performance, effective traffic management,
and faster PHP processing. This setup requires careful configuration and monitoring to maintain optimal performance.
While this introduces additional tools that the team will need to familiarize themselves with,
the benefits of improved performance and reliability outweigh the initial learning curve.
### Implementation Strategy
The implementation will involve setting up and configuring the Nginx server, installing and setting up PHP-FPM with OPCache,
and ensuring the correct routing of requests. The development team will be responsible for this setup and ongoing management.
```mermaid
graph LR;
A[Client Request] --> B[Nginx-Proxy];
B --> C[PHP-FPM & OPCache];
C --> D[PHP Processing];
D --> E[Server Response];
```

This flowchart visualizes a client request journey from Nginx proxy to PHP-FPM with OPCache for processing,
and finally a server response is sent back to the client.
2 changes: 1 addition & 1 deletion internal/services/support/src/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,4 @@

require_once 'config/init.php';

echo "Hello, World!";
echo msgfmt_format_message('en_US', 'Hello, {name}!', ['name' => 'World']);
16 changes: 0 additions & 16 deletions ops/Helm/shortlink-logger/templates/cert.yaml

This file was deleted.

17 changes: 0 additions & 17 deletions ops/Helm/shortlink-logger/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,23 +15,6 @@ serviceAccount:
# -- Auto-mount the service account token in the pod
automountServiceAccountToken: false

# ==============================================================================
# This secret for dev-stand. For production use CI-variables
secret:
enabled: false
grpcServerCert: |
-----BEGIN CERTIFICATE-----
Your cert...
-----END CERTIFICATE-----
grpcServerKey: |
-----BEGIN EC PRIVATE KEY-----
Your key...
-----END EC PRIVATE KEY-----
grpcIntermediateCA: |
-----BEGIN CERTIFICATE-----
Your CA...
-----END CERTIFICATE-----
# ==============================================================================
deploy:
replicaCount: 1
Expand Down
22 changes: 22 additions & 0 deletions ops/Helm/shortlink-support/.helmignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
23 changes: 23 additions & 0 deletions ops/Helm/shortlink-support/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: v2 # The chart API version (required)
appVersion: "1.0.0" # The version of the app that this contains (optional)
name: shortlink-support # The name of the chart (required)
description: Shortlink support service # A single-sentence description of this project (optional)
version: 0.1.0 # A SemVer 2 version (required)
kubeVersion: ">= 1.24.0 || >= v1.24.0-0" # A SemVer range of compatible Kubernetes versions (optional)
keywords: # A list of keywords about this project (optional)
- logger
- shortlink
home: https://batazor.github.io/shortlink/ # The URL of this project's home page (optional)
sources: # A list of URLs to source code for this project (optional)
- https://github.com/shortlink-org/shortlink
maintainers:
- email: batazor111@gmail.com
name: batazor
url: batazor.ru
engine: gotpl
type: application # It is the type of chart (optional)
deprecated: false # Whether this chart is deprecated (optional, boolean)
dependencies:
- name: shortlink-common
version: 0.5.5
repository: "file://../shortlink-common"
Binary file not shown.
7 changes: 7 additions & 0 deletions ops/Helm/shortlink-support/templates/NOTES.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
CHART NAME: {{ .Chart.Name }}
CHART VERSION: {{ .Chart.Version }}
APP VERSION: {{ .Chart.AppVersion }}

** Please be patient while the chart is being deployed **

{{- include "common.warnings.rollingTag" .Values.deploy.image }}
11 changes: 11 additions & 0 deletions ops/Helm/shortlink-support/templates/base.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{/* vim: set filetype=mustache: */}}

{{ include "shortlink-common.ServiceAccount" . }}

{{ include "shortlink-common.Deployment" . }}

{{ include "shortlink-common.Service" . }}

{{ include "shortlink-common.ServiceMonitor" . }}

{{ include "shortlink-common.PodDisruptionBudget" . }}
98 changes: 98 additions & 0 deletions ops/Helm/shortlink-support/values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
# Common default values for shortlink.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

# -- Pods Service Account
# @ignored ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
serviceAccount:
# -- Specifies whether a service account should be created
create: false

# -- The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the `helpers.fullname` template
# name: shortlink

# -- Auto-mount the service account token in the pod
automountServiceAccountToken: false

# ==============================================================================
deploy:
replicaCount: 1

env:
TRACER_URI: http://grafana-tempo.grafana:14268/api/traces

image:
repository: registry.gitlab.com/shortlink-org/shortlink/support
tag: 0.16.13
# -- Global imagePullPolicy
# Default: 'Always' if image tag is 'latest', else 'IfNotPresent'
# Ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
pullPolicy: IfNotPresent

# -- define a liveness probe that checks every 5 seconds, starting after 5 seconds
livenessProbe:
httpGet:
path: /live
port: 9090
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
failureThreshold: 1

# -- define a readiness probe that checks every 5 seconds, starting after 5 seconds
readinessProbe:
httpGet:
path: /ready
port: 9090
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
failureThreshold: 30

resources:
# -- We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 10m
memory: 32Mi

podSecurityContext:
# -- fsGroup is the group ID associated with the container
fsGroup: 1000

# -- Security Context policies for controller pods
# See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for
# notes on enabling and using sysctls
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
# runAsUser is the user ID used to run the container
runAsUser: 1000
# runAsGroup is the primary group ID used to run all processes within any container of the pod
runAsGroup: 1000
# readOnlyRootFilesystem is a flag to enable readOnlyRootFilesystem for the Hazelcast security context
readOnlyRootFilesystem: "true"
capabilities:
drop:
- ALL

# ==============================================================================
service:
type: ClusterIP
ports: []

# ==============================================================================
# Prometheus Operator ServiceMonitor configuration
monitoring:
enabled: true

# ==============================================================================
# PodDisruptionBudget
podDisruptionBudget:
enabled: false
6 changes: 6 additions & 0 deletions ops/gitlab/workflows/matrix_build_base.yml
Original file line number Diff line number Diff line change
Expand Up @@ -73,3 +73,9 @@
REGISTRY_IMAGE: $CI_REGISTRY_IMAGE/bff-web
DOCKERFILE_PATH: ops/dockerfile/go.Dockerfile
CMD_PATH: "--build-arg CMD_PATH=./internal/services/bff-web/cmd"
- APPLICATION: support
REGISTRY_IMAGE: $CI_REGISTRY_IMAGE/support
DOCKERFILE_PATH: ops/dockerfile/support/support.Dockerfile
- APPLICATION: support-proxy
REGISTRY_IMAGE: $CI_REGISTRY_IMAGE/support-proxy
DOCKERFILE_PATH: ops/dockerfile/support/support-proxy.Dockerfile

0 comments on commit 7a57fa9

Please sign in to comment.