VERSION: 1.0.0
First of all, it is recommended to create a python virtual environment to play around.
For a Python 3 virtual environment type, to create virtual environment with the command:
python3 -m venv .venv
This will create a directory .venv
along with directories inside it
containing a copy of the Python interpreter, the standard library, and various supporting files.
To add modules and packages in our Environment, we need to activate it first. In order to package the whole moduel as a wheel package, we have to install wheel module as well.
source .venv/bin/activate
pip install wheel
To build dsa_auth
as a wheel package.
python3 setup.py bdist_wheel
Download buildkit latest release from the link and install it.
In k3s environment, you need to start buildkitd
with the parameter
--containerd-worker-addr /run/k3s/containerd/containerd.sock
And then, you can build containerd image as follow:
buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=. --output type=image,name=lenovonetapp.io/library/dsm_auth:1.0
ctr -n buildkit image export dsm_auth-1.0.tar lenovonetapp.io/library/dsm_auth:1.0
By default, the image built by buildctl is in buildkit
namespace. You can
use the parameter --namespace=default
to set the namespace for the image.
Copy the image dsm_auth-1.0.tar to each K3S node and then import them on each node.
ctr image import dsm_auth-1.0.tar
Deploy all the yaml files in the directory yaml
. There are including the
following yaml files:
- ingress.yaml: create a ingress resource, which will leverage Traefik
middleware
authentication-middleware
defined inmiddleware.yaml
for authentication. After that, the request will forward to web service. - middleware.yaml: Generate Traefik middleware, which will forward the
request to
dsm_auth
service. - cm_dsm_auth.yaml: Define the configuration for dsm_auth service, including database configuration, flask configuration.
- deploy_dsm_auth.yaml: Deploy
dsm_auth
service for authentication. - deploy_web_service.yaml: Deploy
web-service
service.
The user can run the command kubectl apply -R -f ./yaml
to deploy all the
resources.
User can use the curl command to verify:
curl http://root:xuanyuan=1@10.128.131.240:32080/hello/ -H "Host:management.magnascale.com"
In this demo, the user has to run python3 manager.py
in dsm_auth
pod to
inject the authentication user first.