Application Demo: Gitea
This tutorial explains how to run Gitea on APPUiO Cloud.
If you aren’t familiar with issuing commands on a terminal session, we recommend familiarizing yourself with it before continuing this tutorial.
Requirements
To follow this guide, please make sure that you have the following tools installed:
oc
-
You can download the OpenShift command directly from APPUiO Cloud, selecting the help menu (marked as a question mark) and selecting the "Command line tools" entry
About the Application
Gitea - Git with a cup of tea
A painless self-hosted Git service.
Gitea is a community managed lightweight code hosting solution written in Go. It’s published under the MIT license.
Step 1: Create a Project
All the following steps are currently only working on the Exoscale APPUiO Zone because of the Application Catalog service availability. |
Follow these steps to login to APPUiO Cloud on your terminal:
-
Login to the APPUiO Cloud console:
oc login --server=https://api.${zone}.appuio.cloud:6443
You can find the exact URL of your chosen zone in the APPUiO Cloud Portal.
This command displays a URL on your terminal:
You must obtain an API token by visiting https://oauth-openshift.apps.${zone}.appuio.cloud/oauth/token/request
-
Click on the link above and open it in your browser.
-
Click "Display token" and copy the login command shown as "Log in with this token"
-
Paste the
oc login
command on the terminal:oc login --token=sha256~_xxxxxx_xxxxxxxxxxxxxxxxxxxxxx-xxxxxxxxxx-X \ --server=https://api.${zone}.appuio.cloud:6443
-
Create a new project called "[YOUR_USERNAME]-application-demo"
oc new-project "[YOUR_USERNAME]-application-demo"
Step 2: Deploy the application
To deploy the application we will use standard Kubernetes objects.
Save the example YAML Kubernetes resources into a file and apply it with oc apply -f <myfile.yaml>
.
-
First, we need a database:
Database ordering from the VSHN Application CatalogapiVersion: exoscale.appcat.vshn.io/v1 kind: ExoscaleMySQL metadata: name: example-app spec: writeConnectionSecretToRef: name: mysql-creds
This will create a MySQL DBaaS instance with default settings. See the AppCat docs for more information.
-
Then we deploy the application:
Application deployment with all other needed resourcesapiVersion: apps/v1 kind: Deployment metadata: name: gitea labels: app.kubernetes.io/name: demo-app spec: selector: matchLabels: app.kubernetes.io/name: demo-app replicas: 1 strategy: type: Recreate template: metadata: labels: app.kubernetes.io/name: demo-app spec: containers: - name: demoapp image: quay.io/gpte-devops-automation/gitea:1.19.0 imagePullPolicy: Always ports: - name: web containerPort: 3000 protocol: TCP resources: limits: {} requests: {} volumeMounts: - name: app-data mountPath: /data - name: db-ca mountPath: /srv/db-ca volumes: - name: app-data persistentVolumeClaim: claimName: app-data - name: db-ca secret: secretName: mysql-creds optional: false items: - key: ca.crt path: ca.crt --- apiVersion: v1 kind: Service metadata: name: example-app labels: app.kubernetes.io/name: demo-app spec: type: ClusterIP sessionAffinity: None ports: - name: web port: 443 protocol: TCP targetPort: web selector: app.kubernetes.io/name: demo-app --- kind: PersistentVolumeClaim apiVersion: v1 metadata: name: app-data labels: app.kubernetes.io/name: demo-app spec: accessModes: - ReadWriteOnce resources: requests: storage: "1Gi" --- apiVersion: route.openshift.io/v1 kind: Route metadata: name: example-app spec: port: targetPort: web to: kind: Service name: example-app weight: 100 wildcardPolicy: None tls: termination: edge insecureEdgeTerminationPolicy: Redirect
-
Now wait until your pod appears with the status "Running":
oc get pods --watch
-
Last but not least retrieve the URL of your Gitea instance:
oc get route example-app -o jsonpath='{.spec.host}'
Configure Gitea
Gitea will display a configuration screen where you need to enter the connection details of your database. You can use this script to display them at the terminal:
#!/usr/bin/env bash
# Database
PGDATABASE=$(oc get secret mysql-creds -ojson | jq -r '.data.MYSQL_DB' | base64 -d)
PGUSER=$(oc get secret mysql-creds -ojson | jq -r '.data.MYSQL_USER' | base64 -d)
PGPASSWORD=$(oc get secret mysql-creds -ojson | jq -r '.data.MYSQL_PASSWORD' | base64 -d)
PGPORT=$(oc get secret mysql-creds -ojson | jq -r '.data.MYSQL_PORT' | base64 -d)
PGHOST=$(oc get secret mysql-creds -ojson | jq -r '.data.MYSQL_HOST' | base64 -d)
echo "Host: $PGHOST:$PGPORT"
echo "Username: $PGUSER"
echo "Password: $PGPASSWORD"
echo "Database name: $PGDATABASE"
Remember to create a default account by expanding the "Administrator Account Settings" section at the bottom of the form! |
Click the Install Gitea button. The installation should only take a few seconds.
You can now login to your Gitea instance clicking on the Sign In button on the top right and using the credentials entered during the installation.
This example configuration isn’t meant for a production ready service. |
What’s next?
For a production ready service, we recommend the following parts to be implemented and configured:
-
While the database is already being backed up because it’s a managed service, you should still backup your persistent volume with K8up.
-
Add some monitoring for your application:
-
Use your own URL with Let’s Encrypt.
-
Choose appropriate sizing:
-
Persistent storage volume size
-
-
Maybe you want to use an
RWX
storage class which allows you to scale your application by running multiple Pods. -
Configure proper requests and limits for your Pod.
-
Use a pinned image version and set the
imagePullPolicy
toIfNotPresent
. -
Keep your app up-to-date! Install patches and upgrades as they get available. One way to achieve that, is to use a GitOps style deployment, either push or pull, and leverage the mighty Renovate Bot to keep your image references clean.
-
Using a Helm Chart for production deployments or Kustomize setup for different stages can be an advantage.
Once you’re done evaluating this example application, cleanup again to not cause any unwanted costs:
oc delete project [YOUR_USERNAME]-application-demo