Merge pull request #156 from junior/feature/orm_stack_part2

Feature/orm stack part2 - mushop-stack-v2.0.0.zip release

Author: junior

deploy/complete/helm-chart/setup/requirements.lock

@@ -1,21 +1,21 @@
 dependencies:
 - name: prometheus
   repository: https://kubernetes-charts.storage.googleapis.com
-  version: 11.1.5
+  version: 11.3.0
 - name: grafana
   repository: https://kubernetes-charts.storage.googleapis.com
-  version: 5.0.20
+  version: 5.0.25
 - name: metrics-server
   repository: https://kubernetes-charts.storage.googleapis.com
   version: 2.11.1
 - name: ingress-nginx
   repository: https://kubernetes.github.io/ingress-nginx
-  version: 2.0.2
+  version: 2.1.0
 - name: catalog
   repository: https://svc-catalog-charts.storage.googleapis.com
   version: 0.3.0-beta.2
 - name: cert-manager
   repository: https://charts.jetstack.io
-  version: v0.15-alpha.3
-digest: sha256:1e9ae93188d05ab1c34d354de48df0a8b4730da94956cb14feb4a7b084240f59
-generated: "2020-05-06T17:08:59.300353-05:00"
+  version: v0.15.0
+digest: sha256:920a4254b36b9dc3b68fcba8b51931ba7a6dd150c40ce065857c2a584237b5b0
+generated: "2020-05-18T19:46:04.576498-05:00"

deploy/complete/helm-chart/setup/requirements.yaml

@@ -5,12 +5,12 @@
 dependencies:
   # Prometheus
   - name: prometheus
-    version: 11.1.5
+    version: 11.3.0
     condition: prometheus.enabled
     repository: https://kubernetes-charts.storage.googleapis.com
   # Grafana
   - name: grafana
-    version: 5.0.20
+    version: 5.0.25
     condition: grafana.enabled
     repository: https://kubernetes-charts.storage.googleapis.com
   # HPA Metrics
@@ -20,7 +20,7 @@ dependencies:
     repository: https://kubernetes-charts.storage.googleapis.com
   # Ingress Controller
   - name: ingress-nginx
-    version: 2.0.2
+    version: 2.1.0
     condition: ingress-nginx.enabled
     repository: https://kubernetes.github.io/ingress-nginx
   # Service Catalog
@@ -30,6 +30,6 @@ dependencies:
     repository: https://svc-catalog-charts.storage.googleapis.com 
   # cert-manager
   - name: cert-manager
-    version: 0.15.0-alpha.3
+    version: 0.15.0
     condition: cert-manager.enabled
     repository: https://charts.jetstack.io

deploy/complete/helm-chart/setup/values.yaml

@@ -10,6 +10,13 @@ metrics-server:
 # https://github.com/helm/charts/blob/master/stable/prometheus/README.md
 prometheus:
   enabled: true
+  extraScrapeConfigs: |
+    - job_name: 'ingress-nginx'
+      metrics_path: /metrics
+      scrape_interval: 5s
+      static_configs:
+        - targets:
+          - {{ .Release.Name }}-ingress-nginx-controller-metrics:9913
 
 # https://github.com/kubernetes-sigs/service-catalog/blob/master/charts/catalog/README.md
 catalog:
@@ -18,6 +25,9 @@ catalog:
 # https://kubernetes.github.io/ingress-nginx/
 ingress-nginx:
   enabled: true
+  controller:
+    metrics:
+      enabled: true
 
 # https://github.com/jetstack/cert-manager/blob/master/README.md
 cert-manager:

deploy/complete/terraform/chart-values/prometheus.yaml

@@ -0,0 +1,11 @@
+# Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+extraScrapeConfigs: |
+    - job_name: 'ingress-nginx'
+      metrics_path: /metrics
+      scrape_interval: 5s
+      static_configs:
+        - targets:
+          - mushop-utils-ingress-nginx-controller-metrics:9913

deploy/complete/terraform/datasources.tf

@@ -17,17 +17,12 @@ data "oci_identity_availability_domains" "ADs" {
   compartment_id = var.tenancy_ocid
 }
 
-resource "random_string" "deploy_id" {
-  length  = 4
-  special = false
-}
-
+# Gets kubeconfig
 data "oci_containerengine_cluster_kube_config" "oke_cluster_kube_config" {
-  cluster_id = oci_containerengine_cluster.oke-mushop_cluster.id
+  cluster_id = oci_containerengine_cluster.oke_mushop_cluster.id
 }
 
 # Helm repos
-
 ## stable
 data "helm_repository" "stable" {
   name = "stable"
@@ -52,4 +47,76 @@ data "helm_repository" "jetstack" {
 data "helm_repository" "ingress-nginx" {
   name = "ingress-nginx"
   url  = "https://kubernetes.github.io/ingress-nginx"
-}
+}
+
+# MuShop
+## Kubernetes Service: mushop-utils-ingress-nginx-controller
+data "kubernetes_service" "mushop_ingress" {
+  metadata {
+    name      = "mushop-utils-ingress-nginx-controller" # mushop-utils included to be backwards compatible to the docs and setup chart install
+    namespace = kubernetes_namespace.mushop_utilities_namespace.id
+  }
+  depends_on = [helm_release.ingress-nginx]
+}
+
+## Kubernetes Secret: Grafana Admin Password
+data "kubernetes_secret" "mushop_utils_grafana" {
+  metadata {
+    name      = "mushop-utils-grafana"
+    namespace = kubernetes_namespace.mushop_utilities_namespace.id
+  }
+  depends_on = [helm_release.grafana, helm_release.mushop]
+}
+
+# OCI Services
+## Autonomous Database
+### Wallet
+data "oci_database_autonomous_database_wallet" "autonomous_database_wallet" {
+  count                  = var.mushop_mock_mode_all ? 0 : 1
+  autonomous_database_id = oci_database_autonomous_database.mushop_autonomous_database[0].id
+  password               = random_string.autonomous_database_wallet_password.result
+  generate_type          = var.autonomous_database_wallet_generate_type
+  base64_encode_content  = true
+}
+
+## Available Services
+data "oci_core_services" "all_services" {
+  filter {
+    name   = "name"
+    values = ["All .* Services In Oracle Services Network"]
+    regex  = true
+  }
+}
+
+## Object Storage
+data "oci_objectstorage_namespace" "ns" {
+  compartment_id = var.compartment_ocid
+}
+
+# Randoms
+resource "random_string" "deploy_id" {
+  length  = 4
+  special = false
+}
+
+### Passwords using random_string instead of random_password to be compatible with ORM (Need to update random provider)
+resource "random_string" "autonomous_database_wallet_password" {
+  length           = 16
+  special          = true
+  min_upper        = 3
+  min_lower        = 3
+  min_numeric      = 3
+  min_special      = 3
+  override_special = "{}#^*<>[]%~"
+}
+
+resource "random_string" "autonomous_database_admin_password" {
+  length           = 16
+  special          = true
+  min_upper        = 3
+  min_lower        = 3
+  min_numeric      = 3
+  min_special      = 3
+  override_special = "{}#^*<>[]%~"
+}
+

deploy/complete/terraform/mushop-utilities.tf

@@ -3,11 +3,11 @@
 # 
 
 # Create namespace mushop-utilities for supporting services
-resource "kubernetes_namespace" "mushop-utilities_namespace" {
+resource "kubernetes_namespace" "mushop_utilities_namespace" {
   metadata {
     name = "mushop-utilities"
   }
-  depends_on = [oci_containerengine_node_pool.oke-mushop_node_pool]
+  depends_on = [oci_containerengine_node_pool.oke_mushop_node_pool]
 }
 
 # MuShop Utilities helm charts
@@ -17,20 +17,24 @@ resource "helm_release" "prometheus" {
   name       = "prometheus"
   repository = data.helm_repository.stable.metadata[0].name
   chart      = "prometheus"
-  version    = "11.1.5"
-  namespace  = kubernetes_namespace.mushop-utilities_namespace.id
+  version    = "11.3.0"
+  namespace  = kubernetes_namespace.mushop_utilities_namespace.id
   wait       = false
 
+  values = [
+    file("${path.module}/chart-values/prometheus.yaml"),
+  ]
+
   depends_on = [helm_release.ingress-nginx] # Ugly workaround because of the oci pvc provisioner not be able to wait for the node be active and retry.
 }
 
-## # https://github.com/helm/charts/blob/master/stable/grafana/README.md
+## https://github.com/helm/charts/blob/master/stable/grafana/README.md
 resource "helm_release" "grafana" {
   name       = "mushop-utils-grafana" # mushop-utils included to be backwards compatible to the docs and setup chart install
   repository = data.helm_repository.stable.metadata[0].name
   chart      = "grafana"
-  version    = "5.0.20"
-  namespace  = kubernetes_namespace.mushop-utilities_namespace.id
+  version    = "5.0.25"
+  namespace  = kubernetes_namespace.mushop_utilities_namespace.id
   wait       = false
 
   values = [
@@ -46,7 +50,7 @@ resource "helm_release" "metrics-server" {
   repository = data.helm_repository.stable.metadata[0].name
   chart      = "metrics-server"
   version    = "2.11.1"
-  namespace  = kubernetes_namespace.mushop-utilities_namespace.id
+  namespace  = kubernetes_namespace.mushop_utilities_namespace.id
   wait       = false
 
   values = [
@@ -58,14 +62,19 @@ resource "helm_release" "metrics-server" {
 
 ## https://kubernetes.github.io/ingress-nginx/
 resource "helm_release" "ingress-nginx" {
-  name       = "mushop-utils-ingress-nginx"
+  name       = "mushop-utils-ingress-nginx" # mushop-utils included to be backwards compatible to the docs and setup chart install
   repository = data.helm_repository.ingress-nginx.metadata[0].name
   chart      = "ingress-nginx/ingress-nginx"
-  version    = "2.0.2"
-  namespace  = kubernetes_namespace.mushop-utilities_namespace.id
+  version    = "2.1.0"
+  namespace  = kubernetes_namespace.mushop_utilities_namespace.id
   wait       = true
 
-  timeout = 600 # workaround to wait the node be active for other charts
+  set {
+    name  = "controller.metrics.enable"
+    value = true
+  }
+
+  timeout = 1800 # workaround to wait the node be active for other charts
 }
 
 ## https://github.com/kubernetes-sigs/service-catalog/blob/master/charts/catalog/README.md
@@ -74,7 +83,7 @@ resource "helm_release" "svc-cat" {
   repository = data.helm_repository.svc-cat.metadata[0].name
   chart      = "catalog"
   version    = "0.3.0-beta.2"
-  namespace  = kubernetes_namespace.mushop-utilities_namespace.id
+  namespace  = kubernetes_namespace.mushop_utilities_namespace.id
   wait       = false
 
   depends_on = [helm_release.ingress-nginx] # Ugly workaround because of the oci pvc provisioner not be able to wait for the node be active and retry.
@@ -85,8 +94,8 @@ resource "helm_release" "cert-manager" {
   name       = "cert-manager"
   repository = data.helm_repository.jetstack.metadata[0].name
   chart      = "cert-manager"
-  version    = "0.15.0-alpha.3"
-  namespace  = kubernetes_namespace.mushop-utilities_namespace.id
+  version    = "0.15.0"
+  namespace  = kubernetes_namespace.mushop_utilities_namespace.id
   wait       = false
 
   set {

deploy/complete/terraform/mushop.tf

@@ -7,7 +7,7 @@ resource "kubernetes_namespace" "mushop_namespace" {
   metadata {
     name = "mushop"
   }
-  depends_on = [oci_containerengine_node_pool.oke-mushop_node_pool]
+  depends_on = [oci_containerengine_node_pool.oke_mushop_node_pool]
 }
 
 # Deploy mushop chart
@@ -17,9 +17,36 @@ resource "helm_release" "mushop" {
   namespace = kubernetes_namespace.mushop_namespace.id
   wait      = false
 
-  values = [
-    file("${path.module}/../helm-chart/mushop/values-mock.yaml"),
-  ]
+  set_string {
+    name  = "global.mock.service"
+    value = var.mushop_mock_mode_all ? "all" : "false"
+  }
+  set {
+    name  = "global.oadbAdminSecret"
+    value = var.db_admin_name
+  }
+  set {
+    name  = "global.oadbConnectionSecret"
+    value = var.db_connection_name
+  }
+  set {
+    name  = "global.oadbWalletSecret"
+    value = var.db_wallet_name
+  }
+  # set {
+  #   name  = "global.oosBucketSecret" # Commented until come with solution to gracefull removal of objects when terraform destroy
+  #   value = var.oos_bucket_name
+  # }
+  set {
+    name  = "tags.atp"
+    value = var.mushop_mock_mode_all ? false : true
+  }
+  set {
+    name  = "tags.streaming"
+    value = var.mushop_mock_mode_all ? false : false
+  }
 
   depends_on = [helm_release.ingress-nginx] # Ugly workaround because of the oci pvc provisioner not be able to wait for the node be active and retry.
+
+  timeout = 500
 }