Deploying to AWS
For general deployment instructions please follow guide on Cloud deployment (AWS).
Setting secrets
If you followed the guide above, the Kubernetes cluster should be setup and applications deployed via the CI. The applications will not work until you set the environment variables.
To add environment variables to the deployment, we first have to add cluster secrets. We can do that by using the kubectl
command.
If you opted for output_secrets
option when setting up the infrastructure, the database credentials should be located in the infrastructure/cloud/outputs
folder.
kubectl create secret generic auth --from-literal=authentication-secret=secret
kubectl create secret generic queue \
--from-literal=url=amqp://guest:[email protected]:5672/
kubectl create secret generic redis \
--from-literal=url=redis://redis-master.default.svc.cluster.local:6379/
kubectl create secret generic database \
--from-literal=database=<database> \
--from-literal=username=<user> \
--from-literal=password=<password> \
--from-literal=port=<port> \
--from-literal=hostname=<hostname without port>
When the cluster secrets are set, we can apply the environment variables to service deployments by editing deployment-values.yaml
file, located inside the service folder.
secrets:
enabled: true
env:
- name: AUTHENTICATION_SECRET
valueFrom:
secretKeyRef:
name: auth
key: authentication-secret
- name: QUEUE_URL
valueFrom:
secretKeyRef:
name: queue
key: url
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: redis
key: url
- name: TYPEORM_DATABASE
valueFrom:
secretKeyRef:
name: database
key: database
- name: TYPEORM_HOST
valueFrom:
secretKeyRef:
name: database
key: hostname
- name: TYPEORM_PASSWORD
valueFrom:
secretKeyRef:
name: database
key: password
- name: TYPEORM_PORT
valueFrom:
secretKeyRef:
name: database
key: port
- name: TYPEORM_USERNAME
valueFrom:
secretKeyRef:
name: database
key: username
With the secrets added for all 3 services, we can now re-deploy the application by tagging the branch. After the deployment is done, the services should have status Running!
You can now test the API by using the api.<your domain>
url.
Last updated