Managed Kubernetes on DigitalOcean

Kubernetes has taken the spotlight for its capabilities in handling containerized applications across various kinds of physical, virtual, and cloud environments. One prominent cloud provider offering managed Kubernetes services is DigitalOcean. Their Kubernetes (DOKS) service ensures automated updates, simplified scaling, and a user-friendly management console, among other benefits.

For those organizations seeking a streamlined CI/CD pipeline with Kubernetes on DigitalOcean, using tools and platforms like CTO.ai provides a simplified, efficient, and collaborative approach.

Prerequisites

  • CTO.ai Account and CTO.ai CLI installed
  • Docker installed on your local machine
  • Access to a DigitalOcean Account & CLI installed on your machine
  • Terraform Account

Set up DigitalOcean Infrastructure

The DigitalOcean workflow is open-source on GitHub, and you can install it by cloning the repository.

git clone git@github.com:workflows-sh/do-k8s-cdktf.git


cd do-k8s-cdktf

Before starting, you must create your API and SPACES keys on DigitalOcean. These keys will be required for your workflow when writing your `ops.yml` file. In setting up the DigitalOcean Infrastructure, we’ll create five keys, the DigitalOcean Token from the Application API, the Terraform Token from your Terraform workspace, DigitalOcean Spaces Access, and the Secret key from the spaces token on the DigitalOcean UI, and the GitHub Token from GitHub.

CTO.ai will use these API keys to authenticate, request, and create your DigitalOcean Workflow.

  • Next, after creating your API keys and Tokens, add them to your secrets vault on CTO.ai.

  • Next, you can set up your DigitalOcean Infrastructure using ops run -b .  and set up your DigitalOcean resources. You can see all the stacks and packages created when you set up your DigitalOcean Infrastructure in the infrastructure repo src directory.

Using the predefined commands and configurations on CTO.ai, teams can automate the setup of their Kubernetes infrastructure on DigitalOcean. Below is a snippet of a CTO.ai configuration that aims to define commands for setting up, deploying, and managing services on DOKS.

A typical CTOai command setup for DOKS might look something like this:

commands:
  - name: setup-do-k8s-cdktf:0.1.2
    ...
    env:
      static:
        - STACK_TYPE=do-k8s-cdktf
        ...
      secrets:
        - DO_TOKEN
        ...

Each command involves running a TypeScript file with relevant environment variables and secrets that interact with the DigitalOcean API and the Terraform Cloud.

Command Variants:

  • setup: Initiates and configures the DOKS environment.
  • deploy: Utilizes the setup to deploy services.
  • destroy: Teardown resources and services.
  • vault: Manages secrets within the environment.

Building and Executing Pipelines with CTO.ai on DOKS

With the infrastructure in place, constructing a pipeline via CTO.ai to facilitate CI/CD processes for applications hosted on DOKS becomes the subsequent step. A basic pipeline setup might resemble the following snippet:

version: "1"
pipelines:
  - name: sample-expressjs-pipeline-do-k8s-cdktf:0.2.5
    description: Build and Publish an image in a DigitalOcean Container Registry
    env:
      static:
        - DEBIAN_FRONTEND=noninteractive
        - STACK_TYPE=do-k8s-cdktf
        - ORG=cto-ai
        - GH_ORG=workflows-sh
        - REPO=sample-expressjs-do-k8s-cdktf
        - BIN_LOCATION=/tmp/tools
      secrets:
        - GITHUB_TOKEN
        - DO_TOKEN
    events:
      - "github:workflows-sh/sample-expressjs-do-k8s-cdktf:pull_request.opened"
      - "github:workflows-sh/sample-expressjs-do-k8s-cdktf:pull_request.synchronize"
      - "github:workflows-sh/sample-expressjs-do-k8s-cdktf:pull_request.merged"
    jobs:
      - name: sample-expressjs-build-do-k8s-cdktf
        description: Build step for sample-expressjs-do-k8s-cdktf
        packages:
          - git
          - unzip
          - wget
          - tar
        steps:
          - mkdir -p $BIN_LOCATION
          - export PATH=$PATH:$BIN_LOCATION
          - ls -asl $BIN_LOCATION
          - DOCTL_DL_URL='https://github.com/digitalocean/doctl/releases/download/v1.79.0/doctl-1.79.0-linux-amd64.tar.gz' # Update to latest doctl binary here by providing URL
          - wget $DOCTL_DL_URL -O doctl.tar.gz
          - tar xf doctl.tar.gz -C $BIN_LOCATION
          - doctl version
          - git version
          - git clone https://oauth2:$GITHUB_TOKEN@github.com/$GH_ORG/$REPO
          - cd $REPO && ls -asl
          - git fetch -a && git checkout "${REF}"
          - doctl auth init -t $DO_TOKEN
          - doctl registry login
          - CLEAN_REF=$(echo "${REF}" | sed 's/[^a-zA-Z0-9]/-/g' )
          - docker build -f Dockerfile -t one-img-to-rule-them-all:latest .
          - docker tag one-img-to-rule-them-all:latest registry.digitalocean.com/$ORG/$REPO:$CLEAN_REF
          - docker push registry.digitalocean.com/$ORG/$REPO:$CLEAN_REF
services:
  - name: sample-expressjs-service-do-k8s-cdktf:0.1.6
    description: Preview of image built by the pipeline
    run: node /ops/index.js
    port: [ '8080:8080' ]
    sdk: off
    domain: ""
    env:
      static:
        - PORT=8080
    events:
      - "github:workflows-sh/sample-expressjs-do-k8s-cdktf:pull_request.opened"
      - "github:workflows-sh/sample-expressjs-do-k8s-cdktf:pull_request.synchronize"
      - "github:workflows-sh/sample-expressjs-do-k8s-cdktf:pull_request.merged"
    trigger:
      - build
      - publish
      - start
  • jobs: Define tasks such as build, test, and deployment steps. They can leverage several package management and deployment tools, integrating them with DigitalOcean's services.
  • services: Present preview capabilities of the built image and the entire service.
  • Various trigger events control pipeline activation, such as GitHub pull request events.

Executing  Pipelines with Kubernetes Deployments

Image Building and Deployment: Pipelines frequently handle the build process of Docker images from source code, later pushing them to a container registry. DOKS can then deploy these images into Kubernetes pods. Utilizing predefined commands, images are tagged and pushed to DigitalOcean's Container Registry.

Service Preview and Testing: After the build, image pushing, and Kubernetes deployment, CTO.ai offers services that allow previews and temporary hosting of applications, facilitating review and testing environments tied to the specific build or PR.


Conclusion

Managed Kubernetes on DigitalOcean, when coupled with streamlined pipelines via platforms like CTO.ai, becomes a potent toolset for organizations to scale, manage, and deploy their applications with enhanced efficiency and minimal overhead.

Using CTO.ai configurations and definitions, teams can automate, manage, and visualize their entire workflow from code commits to deployment, reducing manual intervention and ensuring consistent, reliable, and repeatable processes across all development stages.