Giter Site home page Giter Site logo

k8s-web-app's Introduction

API movie poster application, deployed with HELM chart on k8s with TLS

search for movie posters using the TMDB API, running on containerized python flask

⚠️ requirements

1. sign up to tmdb.com

and create an api key under profile settings.

2. have a valid server certificate and matching key for your domain name.

for creating your own self-signed certificates using openssl:

  1. install openssl Windows 10/11
  2. create self signed certificate

for a quick rundown, use this bash script

#! /bin/bash

if [ "$#" -ne 1 ]
then
  echo "Error: No domain name argument provided"
  echo "Usage: Provide a domain name as an argument"
  exit 1
fi

DOMAIN=$1

# Create root CA & Private key

openssl req -x509 \
            -sha256 -days 356 \
            -nodes \
            -newkey rsa:2048 \
            -subj "/CN=${DOMAIN}/C=US/L=San Fransisco" \
            -keyout rootCA.key -out rootCA.crt 

# Generate Private key 

openssl genrsa -out ${DOMAIN}.key 2048

# Create csf conf

cat > csr.conf <<EOF
[ req ]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
C = US
ST = California
L = San Fransisco
O = MLopsHub
OU = MlopsHub Dev
CN = ${DOMAIN}

[ req_ext ]
subjectAltName = @alt_names

[ alt_names ]
DNS.1 = ${DOMAIN}
DNS.2 = www.${DOMAIN}
IP.1 = 192.168.1.5 
IP.2 = 192.168.1.6

EOF

# create CSR request using private key

openssl req -new -key ${DOMAIN}.key -out ${DOMAIN}.csr -config csr.conf

# Create a external config file for the certificate

cat > cert.conf <<EOF

authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = ${DOMAIN}

EOF

# Create SSl with self signed CA

openssl x509 -req \
    -in ${DOMAIN}.csr \
    -CA rootCA.crt -CAkey rootCA.key \
    -CAcreateserial -out ${DOMAIN}.crt \
    -days 365 \
    -sha256 -extfile cert.conf

save it as cert.sh

chmod +x cert.sh

./cert.sh <your domain name>

  1. add the rootCA cert to your trusted root CA list in your browser

  2. edit your hosts file on your machine to point 127.0.0.1 to your domain name like this:

    127.0.0.1 EXAMPLE_DOMAIN

    windows is usually

    C:\Windows\System32\drivers\etc\hosts

    and for linux\mac its usually

    /etc/hosts

    make sure there is no preceding line addressing routing to "127.0.0.1" if there is, you can just comment it using "#", for later reversing.

3. install helm

⚙️ Installation

1. create a local minikube cluster/start existing one using

minikube start

install and create minikube cluster.

2. install nginx ingress controller on your kubernetes cluster

3. clone this repo locally and cd into helm chart directory

    git clone https://github.com/OmriBenHur/k8s-web-app.git
    cd helm/poster-app

4. update the values of:

  • appSecret.apiKey (your previously created TMDB api key)
  • certificate.crt (the DOMAIN_NAME.crt you created/have)
  • certificate.tlsKey (the DOMAIN_NAME.key)
  • appIngress.domain (the domain name you have configured the certificate to)
  • optionally you can change the values of the mongodb root username and password

5. in the command line enter:

helm install poster-app .

you can change the "poster-app" to any name you want

6. if you are using docker driver enter on a separate shell environment (that you will keep open) enter:

minikube tunnel

that's it. 🎊

you can now search you domain name, and it will have https configured.

happy searching 😄

k8s-web-app's People

Contributors

omribenhur avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.