Introduction
I was recently tasked with the migration of the following RChain websites:
- developer.rchain.coop, node-js apps with [postgres] backend
- blog.rchain.coop a multi-home wordpress blog
- www.rchain.coop
- rsong.rchain.coop
This migration also included building a new infrastructure for hosting the sites. The ideal solution must satisfy the non-functional requirements:
- Scalable: scale up/down to meet demands
- Self-healing system that can determine which service is healthy and which is not (and apply auto-healing)
- Extendable: easily extend the architecture for additional websites/web apps
- Provide tractability and audibility of the sites
- Reversion: Revert back to any previously known stable state
- Hot-deploy: Rapid deployment without downtime
- Secure connection: ssl/tls certificates
Luckily, we had a solution in
that met all above non-functional requirements. RSong IaC provides:
- CI/CD pipeline
- Kubernetes, k8, clustering
- helm charts to streamlines installing and managing Kubernetes applications.
ssl /tls certificates by utilizing k8 ingress andletsencrypt
And so we began our migration journey and creating the workflow for managing RChain web content.
The Pipeline
To take full advantage of the RSong deployment infrastructure, we first had to
Step 1: git
The first step was to create a www git repo. Next, we configured git branch policies to enforce code quality and change management standards.
Step 2: provisioning
The second step was to re-use RSong helm charts to
- ingress controller to:
- manages external access to the services in a cluster
- fan out
- route traffic from a single IP address to all services
- mange TLS certs
- load balancing
- TLS certificate
- issuer, to issuer certs
- manager, to manage certs lifecycle
Step 3 CI/CD
We used google cloud build for this step. Cloud-build jobs are triggered when git repo
- create docker image for each site
- publish docker images to google cloud container registry
- deploy using Rsong helm charts
Reflection
Using RSong