Lightkeeper tool - department-of-veterans-affairs/abd-vro GitHub Wiki
Prerequisite: You must be a member of the VA-ABD-RRD GitHub team
Followed Getting Started instructions and GETTING-STARTED page to install lightkeeper.
Development Environment Step:
- Execute below command on a GFE (a machine within the VA network).
lightkeeper create clusterconfig nonprod > kube_config
- Transfer
kube_configfrom GFE to development laptop (wherekubectlis installed) and save it as~/.kube/config. - Execute below command for Prod cluster ( containing
prod-testandprod),
lightkeeper create clusterconfig prod > kube_config`
- see Development environments#LHDI for cluster info.
- Remember to specify the namespace (e.g.,
--namespace va-abd-rrd-dev) for allkubectlcommands, e.g.:
Important
-
Kube
configneeds to be renewed every 90 days. -
Be cautious when running commands as this may affect others using VRO in these environments, particularly in the
prod-testandprodenvironments where PII/PHI and various secrets are visible. -
Tip: For a nice GUI to monitor the status, try the Lens app.
-
Tip: By default, your access to virtual machines inside VA Network does not permit bi-directional clipboard access. This is true for both Citrix Access Gateway (CAG), and Azure Remote Desktop. This restriction makes it extremely difficult to operate in these environments. Clipboard access is highly recommended, and we encourage all engineers working within the LHDI environment to request clipboard permissions by following the steps in this article (note: accessing this article requires being within the VA Network to begin with).
Watch VRO logs
To follow the logs for the app container in the dev environment:
# Use the namespace corresponding to the dev environment
alias kc='kubectl -n va-abd-rrd-dev'
# List the pods; we want the vro-api pod with 7 containers in it
kc get pods
NAME READY STATUS RESTARTS AGE
vro-api-7ff6569c78-jj9zk 7/7 Running 2 (17m ago) 22m
vro-api-postgres-7776cbd54f-wkf8r 1/1 Running 0 22m
vro-api-rabbit-mq-7ff55bcb5f-6rg46 1/1 Running 0 22m
vro-api-redis-555446854-ksgjt 1/1 Running 0 22m
# Follow the logs for the abd-vro-api in the vro-api pod
kc logs -f vro-api-7ff6569c78-jj9zk -c abd-vro-api
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.7.4)
2022-11-18 18:47:11.835 INFO 1 --- [ main] gov.va.vro.VroApplication : Starting VroApplication using Java 17.0.5 on vro-api-7ff6569c78-jj9zk with PID 1 (/project/vro-app.jar started by docker in /project)
2022-11-18 18:47:11.839 INFO 1 --- [ main] gov.va.vro.VroApplication : The following 2 profiles are active: "compose", "dev"
2022-11-18 18:47:15.525 INFO 1 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode
Machine user login (DevOPS - Step only ):
IMPORTANT:- This step is only for Automated GH workflows and GH Actions. Not for Development use.
Use this step to generate kubernetes config for both prod and non-prod clusters
- Execute
.\lighkeeper login - Follow the OTP Url generated by lightkeeper in a browser
- Follow instruction provided in section OTP https://github.com/department-of-veterans-affairs/abd-vro/wiki/Machine-User-Account to log in to GitHub
- Generate *_KUBE_CONFIG secrets for GitHub Action workflows by executing
lightkeeper create clusterconfig nonprod | base64 > DEV_KUBE_CONFIG
lightkeeper create clusterconfig prod | base64 > PROD_KUBE_CONFIG
-
Update DEV_KUBE_CONFIG and PROD_KUBE_CONFIG in GitHub secrets in git GH Action secrets
-
Then test deploying to LHDI.
-
IMPORTANT: Since the config expires in 90 days, theDEV_KUBE_CONFIGandPROD_KUBE_CONFIGin git GH Action secrets need to be updated regularly so that GitHub Action workflows that interact with LHDI continue to work.