jonny/gcp-hockey-results
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
00f6c6576a
gcp-hockey-results/motm_app/helm-chart/motm-app/README.md

5.1 KiB
Raw Blame History

MOTM App Helm Chart

This Helm chart deploys the MOTM (Man of the Match) Hockey Voting Application to a Kubernetes cluster.

Prerequisites

  • Kubernetes 1.19+
  • Helm 3.0+
  • PostgreSQL database (or MySQL/SQLite)
  • S3-compatible storage (optional)

Installation

1. Build and Push Docker Image

First, build and push your Docker image to a registry:

# Build the image
docker build -t your-registry/motm-app:latest .

# Push to registry
docker push your-registry/motm-app:latest

2. Configure Values

Copy the default values file and customize it:

cp values.yaml my-values.yaml

Key values to update in my-values.yaml:

# Image configuration
image:
  repository: your-registry/motm-app
  tag: "latest"

# Database configuration
database:
  host: "your-postgresql-service"
  name: "motm"
  username: "motm_user"

# S3 configuration (if using S3)
s3:
  enabled: true
  endpoint: "https://s3.amazonaws.com"
  bucket: "your-bucket-name"

# Ingress configuration
ingress:
  enabled: true
  hosts:
    - host: motm.yourdomain.com
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: motm-app-tls
      hosts:
        - motm.yourdomain.com

# Secrets (set these via --set or separate secret management)
secrets:
  dbPassword: "your-db-password"
  s3AccessKey: "your-s3-access-key"
  s3SecretKey: "your-s3-secret-key"

3. Deploy with Helm

Option A: Using values file

helm install motm-app ./motm-app -f my-values.yaml

Option B: Using command line parameters

helm install motm-app ./motm-app \
  --set image.repository=your-registry/motm-app \
  --set database.host=your-postgresql-service \
  --set ingress.hosts[0].host=motm.yourdomain.com \
  --set secrets.dbPassword=your-db-password

Option C: Using external secret management

If using external secret management (e.g., Sealed Secrets, External Secrets Operator), create the secrets separately and set:

secrets:
  dbPassword: ""  # Will be managed externally
  s3AccessKey: ""  # Will be managed externally
  s3SecretKey: ""  # Will be managed externally

Configuration

Database Setup

The application supports PostgreSQL, MySQL, and SQLite. Configure your database connection in the values file:

database:
  type: "postgresql"  # postgresql, mysql, or sqlite
  host: "postgresql-service"
  port: 5432
  name: "motm"
  username: "motm_user"

S3 Configuration

Configure S3-compatible storage for asset management:

s3:
  enabled: true
  endpoint: "https://s3.amazonaws.com"
  region: "us-east-1"
  bucket: "motm-assets"

Resource Limits

Adjust resource limits based on your cluster capacity:

resources:
  limits:
    cpu: 500m
    memory: 512Mi
  requests:
    cpu: 100m
    memory: 256Mi

Autoscaling

Enable horizontal pod autoscaling:

autoscaling:
  enabled: true
  minReplicas: 2
  maxReplicas: 10
  targetCPUUtilizationPercentage: 80

Upgrading

To upgrade the application:

helm upgrade motm-app ./motm-app -f my-values.yaml

Uninstalling

To uninstall the application:

helm uninstall motm-app

Troubleshooting

Check Pod Status

kubectl get pods -l app.kubernetes.io/name=motm-app

View Logs

kubectl logs -l app.kubernetes.io/name=motm-app

Check Service

kubectl get svc -l app.kubernetes.io/name=motm-app

Debug Database Connection

kubectl exec -it deployment/motm-app -- python -c "
from database import sql_read_static
from sqlalchemy import text
try:
    result = sql_read_static(text('SELECT 1'))
    print('Database connection successful')
except Exception as e:
    print(f'Database connection failed: {e}')
"

Values Reference

Key Type Default Description
image.repository string "your-registry/motm-app" Image repository
image.tag string "latest" Image tag
service.type string "ClusterIP" Service type
ingress.enabled bool true Enable ingress
database.type string "postgresql" Database type
database.host string "postgresql-service" Database host
s3.enabled bool true Enable S3 storage
resources.limits.cpu string "500m" CPU limit
resources.limits.memory string "512Mi" Memory limit

Security Considerations

  1. Secrets Management: Use proper secret management solutions (e.g., Sealed Secrets, External Secrets Operator)
  2. Network Policies: Implement network policies to restrict pod-to-pod communication
  3. RBAC: Configure proper RBAC for service accounts
  4. Image Security: Use non-root containers and scan images for vulnerabilities
  5. TLS: Enable TLS for ingress and internal communication

Monitoring

The chart includes basic health checks. For production deployments, consider adding:

  • Prometheus metrics endpoint
  • ServiceMonitor for Prometheus Operator
  • Grafana dashboards
  • Alerting rules

Support

For issues and questions, please refer to the application documentation or create an issue in the repository.