From 76abd4943e513f6f5a1f575a7a0dd38e301ed9a3 Mon Sep 17 00:00:00 2001 From: Adam Sandor Date: Wed, 3 Aug 2016 12:09:03 +0200 Subject: [PATCH] Small step to add certificate to sonar deployment --- opt/sonar/certificate.yaml | 7 +++++++ opt/sonar/setup.md | 17 ++++++++--------- 2 files changed, 15 insertions(+), 9 deletions(-) create mode 100644 opt/sonar/certificate.yaml diff --git a/opt/sonar/certificate.yaml b/opt/sonar/certificate.yaml new file mode 100644 index 00000000..889ab99d --- /dev/null +++ b/opt/sonar/certificate.yaml @@ -0,0 +1,7 @@ +apiVersion: extensions/v1beta1 +kind: ThirdPartyResource +description: "A specification of a Let's Encrypt Certificate to manage." +metadata: + name: "certificate.stable.hightower.com" +versions: + - name: v1 diff --git a/opt/sonar/setup.md b/opt/sonar/setup.md index 05f9717f..cdf2ab49 100644 --- a/opt/sonar/setup.md +++ b/opt/sonar/setup.md @@ -11,15 +11,10 @@ `gcloud compute instances detach-disk jenkins-ci-4 --disk minimesos-sonar-postgres-disk` ### Create cluster -`gcloud container clusters create minimesos-sonar --machine-type n1-standard-2 --zone europe-west1-d` +`gcloud container clusters create "minimesos-sonar" --zone "europe-west1-d" --machine-type "n1-standard-2" --num-nodes "1" --network "ci-network" --enable-cloud-logging` - -Did this one from the web console, so couldn't record the command. Here are the details of the cluster: -Cluster size: 1 -Node type: n1-standard-2 (2 vCPUs, 7.5 GB memory) -Master zone: europe-west1-d -Node zones: europe-west1-d -Network: ci-network +Download cluster credentials into kubectl: +`gcloud container clusters get-credentials minimesos-sonar` ### Create database password secret This password gets applied to the postgres database on first start, changin it later is not possible as it's persisted @@ -28,7 +23,11 @@ to the persistent disk echo -n "thepassword" > password `kubectl create secret generic postgres-pwd --from-file=./password` -### TODO +### Create Certificate + +kubectl create -f certificate.yaml + + 1. Create new domain name as old one can't be shared anymore between Jenkins and Sonar. sonar.minimesos.ci.container-solutions.com 2. Make https work for sonar