Skip to content

Commit

Permalink
feat: add templates for debugging purposes (eduNEXT#25)
Browse files Browse the repository at this point in the history 
This PR adds k8s templates for debug pods, i.e pods running with non-production setup (root user, container entrypoint/command changed, ...), which allow developers to debug services like LMS/CMS in a production-like environment.
  • Loading branch information
@mariajgrimaldi
mariajgrimaldi authored Nov 30, 2022
1 parent 1ee0ad1 commit 2cc049d
Show file tree
Hide file tree
Showing 10 changed files with 363 additions and 0 deletions.
2 changes: 2 additions & 0 deletions drydock/templates/kustomized/tutor13/defaults.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,3 +45,5 @@ DRYDOCK_FORUM_REQUEST_CPU: "200m"
DRYDOCK_FORUM_MAX_REPLICAS: 1
DRYDOCK_FORUM_MIN_REPLICAS: 1
DRYDOCK_FORUM_TARGET_CPU: 90
DRYDOCK_DEBUG: False
OPENEDX_DEBUG_COOKIE: ednx_enable_debug
108 changes: 108 additions & 0 deletions drydock/templates/kustomized/tutor13/extensions/debug/deployments.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
{% if RUN_CMS %}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cms-debug
labels:
app.kubernetes.io/name: cms-debug
annotations:
argocd.argoproj.io/sync-wave: "5"
spec:
replicas: 0
selector:
matchLabels:
app.kubernetes.io/name: cms-debug
template:
metadata:
labels:
app.kubernetes.io/name: cms-debug
spec:
securityContext:
runAsUser: 0
runAsGroup: 0
containers:
- name: cms-debug
args: [./manage.py cms runserver 0.0.0.0:8000]
command: ["/bin/bash", "-c"]
image: {{ DOCKER_IMAGE_OPENEDX }}
env:
- name: SERVICE_VARIANT
value: cms
- name: DJANGO_SETTINGS_MODULE
value: cms.envs.tutor.production
ports:
- containerPort: 8000
volumeMounts:
- mountPath: /openedx/edx-platform/lms/envs/tutor/
name: settings-lms
- mountPath: /openedx/edx-platform/cms/envs/tutor/
name: settings-cms
- mountPath: /openedx/config
name: config
securityContext:
allowPrivilegeEscalation: false
volumes:
- name: settings-lms
configMap:
name: openedx-settings-lms
- name: settings-cms
configMap:
name: openedx-settings-cms
- name: config
configMap:
name: openedx-config
{% endif %}
{% if RUN_LMS %}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: lms-debug
labels:
app.kubernetes.io/name: lms-debug
spec:
replicas: 0
selector:
matchLabels:
app.kubernetes.io/name: lms-debug
template:
metadata:
labels:
app.kubernetes.io/name: lms-debug
spec:
securityContext:
runAsUser: 0
runAsGroup: 0
containers:
- name: lms-debug
args: [./manage.py lms runserver 0.0.0.0:8000]
command: ["/bin/bash", "-c"]
image: {{ DOCKER_IMAGE_OPENEDX }}
env:
- name: SERVICE_VARIANT
value: lms
- name: DJANGO_SETTINGS_MODULE
value: lms.envs.tutor.production
ports:
- containerPort: 8000
volumeMounts:
- mountPath: /openedx/edx-platform/lms/envs/tutor/
name: settings-lms
- mountPath: /openedx/edx-platform/cms/envs/tutor/
name: settings-cms
- mountPath: /openedx/config
name: config
securityContext:
allowPrivilegeEscalation: false
volumes:
- name: settings-lms
configMap:
name: openedx-settings-lms
- name: settings-cms
configMap:
name: openedx-settings-cms
- name: config
configMap:
name: openedx-config
{% endif %}
35 changes: 35 additions & 0 deletions drydock/templates/kustomized/tutor13/extensions/debug/ingress.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-debug
namespace: {{ K8S_NAMESPACE }}
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/canary: "true"
nginx.ingress.kubernetes.io/canary-by-cookie: {{ OPENEDX_DEBUG_COOKIE }}
{%- if DRYDOCK_AUTO_TLS and not DRYDOCK_CUSTOM_CERTS%}
cert-manager.io/issuer: letsencrypt
{%- endif %}
argocd.argoproj.io/sync-wave: "5"
spec:
rules:
{%- for host, prefix in [(LMS_HOST, "lms"), (CMS_HOST, "cms")] %}
- host: {{ host }}
http:
paths:
- backend:
service:
name: {{prefix}}-debug
port:
number: 8000
path: /
pathType: Prefix
{%- endfor %}
{% if DRYDOCK_AUTO_TLS -%}
tls:
- hosts:
{%- for host in [LMS_HOST, CMS_HOST] %}
- {{ host }}
{%- endfor %}
secretName: {{ K8S_NAMESPACE }}-tls
{%- endif %}
34 changes: 34 additions & 0 deletions drydock/templates/kustomized/tutor13/extensions/debug/services.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
{% if RUN_LMS %}
---
apiVersion: v1
kind: Service
metadata:
name: lms-debug
namespace: {{ K8S_NAMESPACE }}
annotations:
argocd.argoproj.io/sync-wave: "5"
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 8000
selector:
app.kubernetes.io/name: lms-debug
type: ClusterIP
{% endif %}
{% if RUN_CMS %}
---
apiVersion: v1
kind: Service
metadata:
name: cms-debug
namespace: {{ K8S_NAMESPACE }}
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 8000
selector:
app.kubernetes.io/name: cms-debug
type: ClusterIP
{% endif %}
5 changes: 5 additions & 0 deletions drydock/templates/kustomized/tutor13/extensions/kustomization.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,11 @@ resources:
- drydock-jobs/notes.yml
- drydock-jobs/extra-jobs.yml
{%- endif %}
{%- if DRYDOCK_DEBUG %}
- debug/deployments.yml
- debug/services.yml
- debug/ingress.yml
{%- endif %}
- multipurpose-jobs.yml

{% if DRYDOCK_NEWRELIC -%}
Expand Down
2 changes: 2 additions & 0 deletions drydock/templates/kustomized/tutor14/defaults.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,3 +45,5 @@ DRYDOCK_FORUM_REQUEST_CPU: "200m"
DRYDOCK_FORUM_MAX_REPLICAS: 1
DRYDOCK_FORUM_MIN_REPLICAS: 1
DRYDOCK_FORUM_TARGET_CPU: 90
DRYDOCK_DEBUG: False
OPENEDX_DEBUG_COOKIE: ednx_enable_debug
103 changes: 103 additions & 0 deletions drydock/templates/kustomized/tutor14/extensions/debug/deployments.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
{% if RUN_CMS %}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cms-debug
labels:
app.kubernetes.io/name: cms-debug
annotations:
argocd.argoproj.io/sync-wave: "5"
spec:
replicas: 0
selector:
matchLabels:
app.kubernetes.io/name: cms-debug
template:
metadata:
labels:
app.kubernetes.io/name: cms-debug
spec:
securityContext:
runAsUser: 0
runAsGroup: 0
containers:
- name: cms-debug
args: [./manage.py cms runserver 0.0.0.0:8000]
command: ["/bin/bash", "-c"]
image: {{ DOCKER_IMAGE_OPENEDX }}
env:
- name: SERVICE_VARIANT
value: cms
ports:
- containerPort: 8000
volumeMounts:
- mountPath: /openedx/edx-platform/lms/envs/tutor/
name: settings-lms
- mountPath: /openedx/edx-platform/cms/envs/tutor/
name: settings-cms
- mountPath: /openedx/config
name: config
securityContext:
allowPrivilegeEscalation: false
volumes:
- name: settings-lms
configMap:
name: openedx-settings-lms
- name: settings-cms
configMap:
name: openedx-settings-cms
- name: config
configMap:
name: openedx-config
{% endif %}
{% if RUN_LMS %}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: lms-debug
labels:
app.kubernetes.io/name: lms-debug
annotations:
argocd.argoproj.io/sync-wave: "5"
spec:
replicas: 0
selector:
matchLabels:
app.kubernetes.io/name: lms-debug
template:
metadata:
labels:
app.kubernetes.io/name: lms-debug
spec:
securityContext:
runAsUser: 0
runAsGroup: 0
containers:
- name: lms-debug
args: [./manage.py lms runserver 0.0.0.0:8000]
command: ["/bin/bash", "-c"]
image: {{ DOCKER_IMAGE_OPENEDX }}
ports:
- containerPort: 8000
volumeMounts:
- mountPath: /openedx/edx-platform/lms/envs/tutor/
name: settings-lms
- mountPath: /openedx/edx-platform/cms/envs/tutor/
name: settings-cms
- mountPath: /openedx/config
name: config
securityContext:
allowPrivilegeEscalation: false
volumes:
- name: settings-lms
configMap:
name: openedx-settings-lms
- name: settings-cms
configMap:
name: openedx-settings-cms
- name: config
configMap:
name: openedx-config
{% endif %}
35 changes: 35 additions & 0 deletions drydock/templates/kustomized/tutor14/extensions/debug/ingress.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-debug
namespace: {{ K8S_NAMESPACE }}
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/canary: "true"
nginx.ingress.kubernetes.io/canary-by-cookie: {{ OPENEDX_DEBUG_COOKIE }}
{%- if DRYDOCK_AUTO_TLS and not DRYDOCK_CUSTOM_CERTS%}
cert-manager.io/issuer: letsencrypt
{%- endif %}
argocd.argoproj.io/sync-wave: "5"
spec:
rules:
{%- for host, prefix in [(LMS_HOST, "lms"), (CMS_HOST, "cms")] %}
- host: {{ host }}
http:
paths:
- backend:
service:
name: {{prefix}}-debug
port:
number: 8000
path: /
pathType: Prefix
{%- endfor %}
{% if DRYDOCK_AUTO_TLS -%}
tls:
- hosts:
{%- for host in [LMS_HOST, CMS_HOST] %}
- {{ host }}
{%- endfor %}
secretName: {{ K8S_NAMESPACE }}-tls
{%- endif %}
34 changes: 34 additions & 0 deletions drydock/templates/kustomized/tutor14/extensions/debug/services.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
{% if RUN_LMS %}
---
apiVersion: v1
kind: Service
metadata:
name: lms-debug
namespace: {{ K8S_NAMESPACE }}
annotations:
argocd.argoproj.io/sync-wave: "5"
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 8000
selector:
app.kubernetes.io/name: lms-debug
type: ClusterIP
{% endif %}
{% if RUN_CMS %}
---
apiVersion: v1
kind: Service
metadata:
name: cms-debug
namespace: {{ K8S_NAMESPACE }}
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 8000
selector:
app.kubernetes.io/name: cms-debug
type: ClusterIP
{% endif %}
5 changes: 5 additions & 0 deletions drydock/templates/kustomized/tutor14/extensions/kustomization.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,11 @@ resources:
- drydock-jobs/notes.yml
- drydock-jobs/extra-jobs.yml
{%- endif %}
{%- if DRYDOCK_DEBUG %}
- debug/deployments.yml
- debug/services.yml
- debug/ingress.yml
{%- endif %}
- multipurpose-jobs.yml

{% if DRYDOCK_NEWRELIC -%}
Expand Down

0 comments on commit 2cc049d

Please sign in to comment.