root
/
public
mirror of https://github.com/01-edu/public.git
14
27
Fork 0
Code Releases Wiki Activity
Browse Source

docs (orchestrator) add audit

pull/1953/head
Zouhair AMAZZAL 2 years ago committed by Zouhair AMAZZAL
parent
8fcd3e2591
commit
c1d7be1844
2 changed files with 254 additions and 15 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 49
      subjects/devops/orchestrator/README.md
  2. 220
      subjects/devops/orchestrator/audit/README.md

49
subjects/devops/orchestrator/README.md
unescape_control_characters View File

@ -1,6 +1,6 @@
## Orchestrator ## Orchestrator
![Orchestrator](pictures/Orchestrator.jpg) ![Orchestrator](pictures/orchestrator.jpg)
### Objectives ### Objectives
@ -17,7 +17,7 @@ In this project, you will deploy a microservices architecture on Kubernetes, You
### Architecture ### Architecture
![Architecture](pictures/Architecture.png) ![Architecture](pictures/architecture.png)
You have to deploy this microservices architecture in a k3s cluster consisting of the following components: You have to deploy this microservices architecture in a k3s cluster consisting of the following components:
@ -41,6 +41,7 @@ By using k3s in Vagrant you must create 2 virtual machines:
You must install `kubectl` on your machine to manage your cluster. You must install `kubectl` on your machine to manage your cluster.
The nodes must be connected and available! The nodes must be connected and available!
```console ```console
$> kubectl get nodes -A $> kubectl get nodes -A
NAME STATUS ROLES AGE VERSION NAME STATUS ROLES AGE VERSION
@ -49,6 +50,18 @@ NAME STATUS ROLES AGE VERSION
$> $>
``` ```
You must provide a `orchestrator.sh` script that run and create and manage the infrastructure
````console
$> ./orchestrator create
cluster created
$> ./orchestrator start
cluster started
$> ./orchestrator stop
cluster stoped
$>
```
### Dockerhub ### Dockerhub
You will need to push the Docker images for each component to Docker Hub. You will need to push the Docker images for each component to Docker Hub.
@ -72,36 +85,41 @@ You must store your passwords and credentials as a k8s secrets
Your Node.JS applications must be deployed as a deployment and they must be scaled horizontally automatically, depending on CPU consumption. Your Node.JS applications must be deployed as a deployment and they must be scaled horizontally automatically, depending on CPU consumption.
- `api-gateway`: - `api-gateway`:
max replication: 3 max replication: 3
min replication: 1 min replication: 1
cpu percent triger: 60% cpu percent triger: 60%
- `billing-app`: - `billing-app`:
max replication: 3 max replication: 3
min replication: 1 min replication: 1
cpu percent triger: 60% cpu percent triger: 60%
- `inventory-app`: - `inventory-app`:
max replication: 3 max replication: 3
min replication: 1 min replication: 1
cpu percent triger: 60% cpu percent triger: 60%
### Databases ### Databases
Your databases must be deployed as Stateful in your k3s cluster, and you must create volumes that enable containers to move across infrastructure without losing the data. Your databases must be deployed as Statefulset in your k3s cluster, and you must create volumes that enable containers to move across infrastructure without losing the data.
### Documentation ### Documentation
You must push a `README.md` file containing full documentation of your solution (Prerequisites, Configuration, Setup, Usage, ...). You must push a `README.md` file containing full documentation of your solution (Prerequisites, Configuration, Setup, Usage, ...).
### Bonus ### Bonus
If you complete the mandatory part successfully and you still have free time, you can implement anything that you feel deserves to be a bonus. If you complete the mandatory part successfully and you still have free time, you can implement anything that you feel deserves to be a bonus, We can suggest:
- Deploy a Kubernetes Dashboard to monitor the cluster
- Deploy a dashboard for applications logs
...
Challenge yourself! Challenge yourself!
### Submission and audit ### Submission and audit
You must submit the `README.md` file and all files used to create and delete and manage your infrastructure: Vagrantfiles, Dockerfiles, Manifests,... You must submit the `README.md` file and all files used to create and delete and manage your infrastructure: Vagrantfile, Dockerfiles, Manifests,...
```console ```console
. .
@ -112,7 +130,8 @@ You must submit the `README.md` file and all files used to create and delete and
├── Dockerfiles ├── Dockerfiles
│ └── [...] │ └── [...]
└── Vagrantfile └── Vagrantfile
``` ````
If you decide to use a different structure for your project remember you should be able to explain and justify your decision during the audit. If you decide to use a different structure for your project remember you should be able to explain and justify your decision during the audit.
> In the audit you will be asked different questions about the concepts and the practice of this project, prepare yourself! > In the audit you will be asked different questions about the concepts and the practice of this project, prepare yourself!

220
subjects/devops/orchestrator/audit/README.md
unescape_control_characters View File

@ -0,0 +1,220 @@
#### General
##### Check the Repo content
A `README.md` and `orchestrator.sh` and `Vagrantfile` files and all files used to create and delete and manage the student infrastructure must be submitted in the repo.
```console
.
├── Manifests
│ └── [...]
├── Scripts
│ └── [...]
├── Dockerfiles
│ └── [...]
└── Vagrantfile
```
###### Are all the required files present?
##### Ask the following questions to the group or student
- What are Container orchestration and what are their benefits of it?
- What are Kubernetes and what is its main role of it?
- What are K3s and what is its main role of it?
###### Did the student reply correctly to the questions?
##### Check the Student Documentation
The Documentation must exists in the `README.md` file!
###### Did the README.md file contains the all required information about the solution(Prerequisites, Configuration, Setup, Usage, ...)?
##### Check the docker images in dockerhub:
###### Does the used docker images in the YAML manifests must be uploaded in the student dockerhub account?
##### Check the cluster:
By using k3s in Vagrant 2 virtual machines must be created:
1. Master: the master in the k3s cluster.
2. Agent: an agent in the k3s cluster.
`kubectl` must be installed and configured in the learner machine to manage the cluster.
The nodes must be connected and available, try:
```console
$> kubectl get nodes -A
NAME STATUS ROLES AGE VERSION
<master-node> Ready <none> XdXh vX
<agent1-node> Ready <none> XdXh vX
$>
```
###### Does the cluster created by a Vagrantfile?
###### Does the cluster contains 2 nodes (master and agent)?
###### Does kubectl installed and configured in the learner machine
###### Does the nodes is connected and ready for usage?
##### Check the student infrastructure:
The student must implement this architecture:
![architecture](../pictures/architecture.png)
##### Run the student infrastructure:
```console
user:~$ ./orchestrator.sh create
cluster created
user:~$
```
###### did the student provide a `orchestrator.sh` script that run and create and manage the infrastructure
###### did the student respect the architecture?
###### did the infrastructure start correctly?
##### Verify the K8s Manifests:
###### Is there a YAML Manifest for each service?
###### Are credentials not exists in the YAML manifests, except the secret manifests?
##### Ask the following questions to the group or student
- Explain What is a K8s manifest
- Explain the K8s manifests
- Did the student reply correctly to the questions?
###### Did the student reply correctly to the questions?
##### Check the secrets
```console
$> kubectl get secrets -o json
<...>
$>
```
###### Is the all used credentials and passwords presented in the secrets?
##### Check all deployed resources:
```console
user:~$ kubectl get all
<...>
user:~$
```
- `inventory-database container` is a PostgreSQL database server that contains your inventory database, it must be accessible via port `5432`.
- `billing-database container` is a PostgreSQL database server that contains your billing database, it must be accessible via port `5432`.
- `inventory-app container` is a Node.Js server that contains your inventory-app code running and connected to the inventory database and accessible via port `8080`.
- `billing-app container` is a Node.Js server that contains your billing-app code running and connected to the billing database and consuming the messages from the RabbitMQ queue, and it can be accessed via port `8080`.
- `RabbitMQ container` is a RabbitMQ server that contains the queue.
- `api-gateway-app container` is a Node.Js server that contains your api-gateway-app code running and forwarding the requests to the other services and it's accessible via port `3000`.
###### Did the all required applications is deployed?
- databases must be deployed as Statefulset, and volumes that enable containers to move across infrastructure without losing the data must be created.
- Node.JS applications must be deployed as a deployment and they must be scaled horizontally automatically, depending on CPU consumption:
1. `api-gateway`:
max replication: 3
min replication: 1
cpu percent triger: 60%
2. `billing-app`:
max replication: 3
min replication: 1
cpu percent triger: 60%
3. `inventory-app`:
max replication: 3
min replication: 1
cpu percent triger: 60%
###### Do all apps deployed with the correct configuration?
##### Ask the following questions to the group or student
- What is statefulset in k8s?
- What is deployment in k8s?
- What is difference between deployment and statefulset in k8s?
- What is scaling and why we use it?
- What is a load balancer and what is the role of it?
- Why we don´t put the database as a deployment?
###### Did the student reply correctly to the questions?
##### Test The solution
#### Inventory API Endpoints
##### Open Postman and make a `POST` request to `http://[GATEWAY_IP]:[GATEWAY_PORT]/api/movies/` address with the following body as `Content-Type: application/json`:
```json
{
"title": "A new movie",
"description": "Very short description"
}
```
###### Can you confirm the response was the success code `200`?
##### In Postman make a `GET` request to `http://[GATEWAY_IP]:[GATEWAY_PORT]/api/movies/` address.
###### Can you confirm the response was success code `200` and the body of the response is in `json` with the information of the last added movie?
#### Billing API Endpoints
##### Open Postman and make a `POST` request to `http://[GATEWAY_IP]:[GATEWAY_PORT]/api/billing/` address with the following body as `Content-Type: application/json`:
```json
{
"user_id": "20",
"number_of_items": "99",
"total_amount": "250"
}
```
###### Can you confirm the response was success code `200`?
##### Stop the billing-app container
###### Can you confirm the `billing-app` container was correctly stopped?
##### Open Postman and make a `POST` request to `http://[GATEWAY_IP]:[GATEWAY_PORT]/api/billing/` address with the following body as `Content-Type: application/json`:
```json
{
"user_id": "22",
"number_of_items": "10",
"total_amount": "50"
}
```
###### Can you confirm the response was success code `200` even if the `billing_app` is not working?
#### Bonus
###### + Did the student add any optional bonus?
###### + Is this project an outstanding project?
Write Preview
Loading…
Cancel
Save