Nowadays, theres synopsysctl and a series of helm 3 charts for installing blackduck...
BUT if you go bak a few years to https://github.com/blackducksoftware/hub/releases/tag/v4.4.0 , (2018) we used to just have ordered yaml files
1-***
2-***
3-***
And customers would just patch the app like so...
This was an intuitive way to iteratively get the hub microservices up and running.
If we were to do this again would we use YTT ? https://carvel.dev/ytt/ ? maybe...
The early days of blackduck hub, before synopsysctl, looked something like this:
1529 vim 2-postgres-db-internal.yml
1530 kubectl create -f 2-postgres-db-internal.yml
1531 vim 2-postgres-db-internal.yml
1532* kubectl get deployments -A
1534 kubectl create -f 2-postgres-db-internal.yml
1536 ls
1537 vim 2-postgres-db-internal.yml
1538 kubectl create -f 2-postgres-db-internal.yml
1539 ls
1540 vim 3-hub.yml
1541 kubectl create -f 3-hub.yml
1542 kubectl get pods -A
1543 kubectl get pods
1544 history
1546 ;ls
1547 ls
1549 kubectl get pods -A
1550 kubectl get pods
ubuntu-ci-1804-001 :: 9-9-2022/hub/kubernetes ‹154615b*› » kubectl get pods
NAME READY STATUS RESTARTS AGE
cfssl-5bf8758b6-n6zvb 1/1 Running 0 7m7s
documentation-69c8b9b676-lgx49 1/1 Running 0 2m7s
hub-authentication-7657f48645-z49wf 0/1 Pending 0 2m6s
hub-scan-64c6987dd4-wj2k9 0/1 Pending 0 2m6s
hub-sidecar-nxm4q 1/1 Running 0 20m
jobrunner-6ff777c4db-n6p84 1/1 Running 0 2m7s
registration-7df48975b9-69q9d 0/1 Pending 0 2m7s
solr-785fb5cf8f-97sz4 1/1 Running 0 2m7s
webapp-logstash-7f9944bf7-mnz24 0/2 Pending 0 2m7s
webserver-5d5986477c-27clv 1/1 Running 0 2m7s
zookeeper-b677b8998-62hnt 1/1 Running 0 2m7s
ubuntu-ci-1804-001 :: 9-9-2022/hub/kubernetes ‹154615b*› » kubectl get pods
NAME READY STATUS RESTARTS AGE
cfssl-5bf8758b6-n6zvb 1/1 Running 0 7m31s
documentation-69c8b9b676-lgx49 1/1 Running 0 2m31s
hub-authentication-7657f48645-z49wf 0/1 Pending 0 2m30s
hub-scan-64c6987dd4-wj2k9 0/1 Pending 0 2m30s
hub-sidecar-nxm4q 1/1 Running 0 21m
jobrunner-6ff777c4db-n6p84 1/1 Running 0 2m31s
registration-7df48975b9-69q9d 0/1 Pending 0 2m31s
solr-785fb5cf8f-97sz4 1/1 Running 0 2m31s
webapp-logstash-7f9944bf7-mnz24 0/2 Pending 0 2m31s
webserver-5d5986477c-27clv 1/1 Running 0 2m31s
zookeeper-b677b8998-62hnt 1/1 Running 0 2m31s
original startup logs
cfssl
ubuntu-ci-1804-001 :: 9-9-2022/hub/kubernetes ‹154615b*› » kubectl logs cfssl-5bf8758b6-n6zvb 130 ↵
Generating default CA configuration file: /etc/cfssl/ca-config.json
Generating default CA certificate signing request file: /etc/cfssl/ca-csr.json
Attempting to generate CA files.
2022/09/09 20:51:44 [INFO] generating a new CA key and certificate from CSR
2022/09/09 20:51:44 [INFO] generate received request
2022/09/09 20:51:44 [INFO] received CSR
2022/09/09 20:51:44 [INFO] generating key: rsa-2048
2022/09/09 20:51:45 [INFO] encoded CSR
2022/09/09 20:51:45 [INFO] signed certificate with serial number 44141918945650179145623037548325414571726388654
2022/09/09 20:51:45 [INFO] Initializing signer
2022/09/09 20:51:45 [WARNING] couldn't initialize ocsp signer: open : no such file or directory
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/info' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/gencrl' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/newcert' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/init_ca' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/bundle' endpoint
2022/09/09 20:51:45 [INFO] bundler API ready
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/certinfo' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/scan' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/ocspsign' endpoint
2022/09/09 20:51:45 [WARNING] endpoint '/api/v1/cfssl/ocspsign' is disabled: signer not initialized
2022/09/09 20:51:45 [INFO] Setting up '/' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/sign' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/authsign' endpoint
2022/09/09 20:51:45 [WARNING] endpoint '/api/v1/cfssl/authsign' is disabled: {"code":5200,"message":"Invalid or unknown policy"}
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/newkey' endpoint
2022/09/09 20:51:45 [INFO] setting up key / CSR generator
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/scaninfo' endpoint
2022/09/09 20:51:45 [INFO] Setting up '/api/v1/cfssl/revoke' endpoint
2022/09/09 20:51:45 [WARNING] endpoint '/api/v1/cfssl/revoke' is disabled: cert db not configured (missing -db-config)
2022/09/09 20:51:45 [INFO] Handler set up complete.
2022/09/09 20:51:45 [INFO] Now listening on 0.0.0.0:8888
2022/09/09 20:56:06 [INFO] setting up scaninfo handler
2022/09/09 20:56:06 [INFO] [::1]:46154 - "GET /api/v1/cfssl/scaninfo" 200
2022/09/09 20:56:36 [INFO] setting up scaninfo handler
2022/09/09 20:56:36 [INFO] [::1]:45174 - "GET /api/v1/cfssl/scaninfo" 200
2022/09/09 20:57:02 [INFO] 100.96.1.21:57632 - "POST /api/v1/cfssl/info" 200
2022/09/09 20:57:03 [INFO] request for CSR
2022/09/09 20:57:03 [INFO] generate received request
2022/09/09 20:57:03 [INFO] received CSR
2022/09/09 20:57:03 [INFO] generating key: rsa-2048
2022/09/09 20:57:03 [INFO] encoded CSR
2022/09/09 20:57:03 [INFO] signed certificate with serial number 196369349399805472845327794892265293831273931775
No comments:
Post a Comment