search for movie posters using the TMDB API, running on containerized python flask
1. sign up to tmdb.com
and create an api key under profile settings.
for a quick rundown, use this bash script
#! /bin/bash
if [ "$#" -ne 1 ]
then
echo "Error: No domain name argument provided"
echo "Usage: Provide a domain name as an argument"
exit 1
fi
DOMAIN=$1
# Create root CA & Private key
openssl req -x509 \
-sha256 -days 356 \
-nodes \
-newkey rsa:2048 \
-subj "/CN=${DOMAIN}/C=US/L=San Fransisco" \
-keyout rootCA.key -out rootCA.crt
# Generate Private key
openssl genrsa -out ${DOMAIN}.key 2048
# Create csf conf
cat > csr.conf <<EOF
[ req ]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
C = US
ST = California
L = San Fransisco
O = MLopsHub
OU = MlopsHub Dev
CN = ${DOMAIN}
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = ${DOMAIN}
DNS.2 = www.${DOMAIN}
IP.1 = 192.168.1.5
IP.2 = 192.168.1.6
EOF
# create CSR request using private key
openssl req -new -key ${DOMAIN}.key -out ${DOMAIN}.csr -config csr.conf
# Create a external config file for the certificate
cat > cert.conf <<EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = ${DOMAIN}
EOF
# Create SSl with self signed CA
openssl x509 -req \
-in ${DOMAIN}.csr \
-CA rootCA.crt -CAkey rootCA.key \
-CAcreateserial -out ${DOMAIN}.crt \
-days 365 \
-sha256 -extfile cert.conf
save it as cert.sh
chmod +x cert.sh
./cert.sh <your domain name>
-
add the rootCA cert to your trusted root CA list in your browser
-
edit your hosts file on your machine to point 127.0.0.1 to your domain name like this:
127.0.0.1 EXAMPLE_DOMAIN
windows is usually
C:\Windows\System32\drivers\etc\hosts
and for linux\mac its usually
/etc/hosts
make sure there is no preceding line addressing routing to "127.0.0.1" if there is, you can just comment it using "#", for later reversing.
3. install helm
minikube start
install and create minikube cluster.
git clone https://github.com/OmriBenHur/k8s-web-app.git
cd helm/poster-app
- appSecret.apiKey (your previously created TMDB api key)
- certificate.crt (the DOMAIN_NAME.crt you created/have)
- certificate.tlsKey (the DOMAIN_NAME.key)
- appIngress.domain (the domain name you have configured the certificate to)
- optionally you can change the values of the mongodb root username and password
helm install poster-app .
you can change the "poster-app" to any name you want
6. if you are using docker driver enter on a separate shell environment (that you will keep open) enter:
minikube tunnel