Skip to content

Commit

Permalink
Upmerge v0.32 to edge (#1119)
Browse files Browse the repository at this point in the history 
* Update docs for v0.32.0

* Update environment logic (#1097)

Signed-off-by: Aaron Crawfis <[email protected]>

* Superbeeny/adding podspec secrets (#1100)

* Adding example on how to access secrets and add them to the container environment

Signed-off-by: Nick Beenham <[email protected]>

* Adding code tabs where the commands differ between linux/windows

Signed-off-by: Nick Beenham <[email protected]>

* Apply suggestions from code review

Co-authored-by: Will <[email protected]>
Signed-off-by: Nick Beenham <[email protected]>

* Updates requested from PR review

Signed-off-by: Nick Beenham <[email protected]>

* nit: add a new line for spacing aesthetics

Signed-off-by: Will <[email protected]>

---------

Signed-off-by: Nick Beenham <[email protected]>
Signed-off-by: Will <[email protected]>
Co-authored-by: Will <[email protected]>

* Make env configurable (#1102)

Signed-off-by: Reshma Abdul Rahim <[email protected]>
Co-authored-by: Will <[email protected]>

* fix(bug): Update index.md (#1113)

* fix(bug): Update index.md

Fixed a bug in the cleanup script.

The command `rad app delete demo -y`
results in this output:
`Application 'demo' does not exist or has already been deleted.`

The command should be:
`rad app delete -y`
The output will be:
`Application first-app deleted`

Signed-off-by: Loek Duys <[email protected]>

* Update docs/content/getting-started/index.md

Signed-off-by: Reshma Abdul Rahim <[email protected]>

---------

Signed-off-by: Loek Duys <[email protected]>
Signed-off-by: Reshma Abdul Rahim <[email protected]>
Co-authored-by: Reshma Abdul Rahim <[email protected]>

* Fix broken link in faq (#1112)

* fix broken link in index.md

Signed-off-by: Dan Moseley <[email protected]>

* Update index.md

Signed-off-by: Dan Moseley <[email protected]>

* Update docs/content/concepts/faq/index.md

Signed-off-by: Reshma Abdul Rahim <[email protected]>

---------

Signed-off-by: Dan Moseley <[email protected]>
Signed-off-by: Reshma Abdul Rahim <[email protected]>
Co-authored-by: Reshma Abdul Rahim <[email protected]>

* add Connections crosslinks to Existing app tutorial (#1103)

* add Connections crosslinks to Existing app tutorial

Signed-off-by: Will Tsai <[email protected]>

* add more crosslinks

Signed-off-by: Will Tsai <[email protected]>

---------

Signed-off-by: Will Tsai <[email protected]>

---------

Signed-off-by: Aaron Crawfis <[email protected]>
Signed-off-by: Nick Beenham <[email protected]>
Signed-off-by: Will <[email protected]>
Signed-off-by: Reshma Abdul Rahim <[email protected]>
Signed-off-by: Loek Duys <[email protected]>
Signed-off-by: Reshma Abdul Rahim <[email protected]>
Signed-off-by: Dan Moseley <[email protected]>
Signed-off-by: Will Tsai <[email protected]>
Co-authored-by: Radius CI Bot <[email protected]>
Co-authored-by: Aaron Crawfis <[email protected]>
Co-authored-by: Nick Beenham <[email protected]>
Co-authored-by: Will <[email protected]>
Co-authored-by: Reshma Abdul Rahim <[email protected]>
Co-authored-by: Loek Duys <[email protected]>
Co-authored-by: Dan Moseley <[email protected]>
  • Loading branch information
@willdavsmith @rad-ci-bot
@AaronCrawfis @superbeeny @willtsai @Reshrahim @loekd @danmoseley
8 people authored Apr 25, 2024
1 parent a8df58d commit f512b47
Show file tree
Hide file tree
Showing 7 changed files with 247 additions and 3 deletions.
2 changes: 1 addition & 1 deletion docs/content/concepts/faq/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ Currently yes. Although Radius is architected to run on any platform, today Kube

### Can I incrementally adopt, or "try out" Radius?

Yes. The easiest way to add Radius to an existing application is through [Radius annotations](#TODO). Simply add the annotations to your existing Helm chart or Kubernetes YAML and you can use the Radius app graph, connections, and Recipes. [Try the tutorial](#TODO) to learn more.
Yes. The easiest way to add Radius to an existing application is through [Radius annotations]({{< ref "/tutorials/tutorial-add-radius#step-3-add-radius-to-the-guestbook-application" >}}). Simply add the annotations to your existing Helm chart or Kubernetes YAML and you can use the Radius app graph, connections, and Recipes. [Try the tutorial]({{< ref "/tutorials/tutorial-add-radius" >}}) to learn more.

### Do I have to self-host Radius? Is there a managed service for Radius?

Expand Down
2 changes: 1 addition & 1 deletion docs/content/getting-started/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ Resources:
To delete your app, run the [rad app delete]({{< ref rad_application_delete >}}) command to cleanup the app and its resources, including the Recipe resources:

```bash
rad app delete demo -y
rad app delete first-app -y
```

## Next steps
Expand Down
149 changes: 149 additions & 0 deletions docs/content/guides/author-apps/kubernetes/how-to-access-secrets/index.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,149 @@
---
type: docs
title: "How-To: Access Kubernetes secrets using PodSpec"
linkTitle: "Secrets using PodSpec"
description: "Learn how to patch Kubernetes secrets into the container environment using PodSpec definitions"
weight: 300
slug: 'secrets-podspec'
categories: "How-To"
tags: ["containers","Kubernetes", "secrets"]
---

This how-to guide will provide an overview of how to:

- Patch existing Kubernetes secrets using [PodSpec](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec) definitions and provide them to the environment of a container.

## Prerequisites

- [rad CLI]({{< ref getting-started >}})
- [Radius initialized with `rad init`]({{< ref howto-environment >}})
- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)

## Step 1: Define a container

Begin by creating a file named `app.bicep` with a Radius [container]({{< ref "guides/author-apps/containers" >}}):

{{< rad file="snippets/secrets-container.bicep" embed=true >}}

## Step 2: Deploy the app and container

Run this command to deploy the app and container:

```bash
rad run ./app.bicep -a demo
```

Once the deployment completes successfully, you should see the following confirmation message along with some system logs:

```
Building app.bicep...
Deploying template 'app.bicep' for application 'demo' and environment 'dev' from workspace 'dev'...
Deployment In Progress...
.. demo Applications.Core/containers
Completed demo Applications.Core/applications
Deployment Complete
Resources:
demo Applications.Core/applications
demo Applications.Core/containers
Starting log stream...
+ demo-7d94db59f6-ps6cf › demo
demo-7d94db59f6-ps6cf demo No APPLICATIONINSIGHTS_CONNECTION_STRING found, skipping Azure Monitor setup
demo-7d94db59f6-ps6cf demo Using in-memory store: no connection string found
demo-7d94db59f6-ps6cf demo Server is running at http://localhost:3000
dashboard-7f7db87c5-7d2jf dashboard [port-forward] connected from localhost:7007 -> ::7007
demo-7d94db59f6-ps6cf demo [port-forward] connected from localhost:3000 -> ::3000
```

Verify the pod is running:

```bash
kubectl get pods -n dev-demo
```
You should see the following output in your console:
```
NAME READY STATUS RESTARTS AGE
demo-7d94db59f6-k7dfb 1/1 Running 0 62s
```

## Step 3: Create a secret

Create a secret in your Kubernetes cluster using the following command:

```bash
kubectl create secret generic my-secret --from-literal=secret-key=secret-value -n dev-demo
```

Verify the secret is created:

```bash
kubectl get secrets -n dev-demo
```

## Step 4: Patch the secret

Patch the secret into the container by adding the following `runtimes` block to the `container` resource in your `app.bicep` file:

{{< rad file="snippets/secrets-patch.bicep" embed=true markdownConfig="{linenos=table,hl_lines=[\"25-60\"]}" >}}

## Step 5: Redeploy the app and container

Redeploy and run your app:

```bash
rad app deploy demo
```

Once the deployment completes successfully, you should see the environment variable in the container.

To validate this, first get the pod name:

```bash
kubectl get pods -n dev-demo
```

You should see the following output in your console, with the pod name:
```
NAME READY STATUS RESTARTS AGE
demo-d64cc4d6d-xjnjz 1/1 Running 0 62s
```

Then, exec into the pod and check the environment variable (substitute the pod name with the one you got from the previous command):

{{< tabs "macOS/Linux/WSL" "Windows" >}}

{{% codetab %}}

```bash
kubectl -n dev-demo exec demo-d64cc4d6d-xjnjz -- env | grep MY_SECRET
```

{{% /codetab %}}

{{% codetab %}}

```powershell
kubectl -n dev-demo exec demo-d64cc4d6d-xjnjz -- env | findstr MY_SECRET
```

{{% /codetab %}}

{{< /tabs >}}

## Cleanup

Run the following command to [delete]({{< ref "guides/deploy-apps/howto-delete" >}}) your app and container:

```bash
rad app delete demo
```

## Further reading

- [Kubernetes in Radius containers]({{< ref "guides/author-apps/containers/overview#kubernetes" >}})
- [PodSpec in Radius containers]({{< ref "reference/resource-schema/core-schema/container-schema#runtimes" >}})
26 changes: 26 additions & 0 deletions ...tent/guides/author-apps/kubernetes/how-to-access-secrets/snippets/secrets-container.bicep
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
import radius as radius

@description('Specifies the environment for resources.')
param environment string

resource app 'Applications.Core/applications@2023-10-01-preview' = {
name: 'demo'
properties: {
environment: environment
}
}

resource demo 'Applications.Core/containers@2023-10-01-preview' = {
name: 'demo'
properties: {
application: app.id
container: {
image: 'ghcr.io/radius-project/samples/demo:latest'
ports: {
web: {
containerPort: 3000
}
}
}
}
}
62 changes: 62 additions & 0 deletions .../content/guides/author-apps/kubernetes/how-to-access-secrets/snippets/secrets-patch.bicep
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
import radius as radius

@description('Specifies the environment for resources.')
param environment string

resource app 'Applications.Core/applications@2023-10-01-preview' = {
name: 'demo'
properties: {
environment: environment
}
}

resource demo 'Applications.Core/containers@2023-10-01-preview' = {
name: 'demo'
properties: {
application: app.id
container: {
image: 'ghcr.io/radius-project/samples/demo:latest'
ports: {
web: {
containerPort: 3000
}
}
}
runtimes: {
kubernetes: {
pod: {
volumes: [ {
name: 'secrets-vol'
secret: {
secretName: 'my-secret'
}
}
]
containers: [
{
name: 'demo'
volumeMounts: [ {
name: 'secrets-vol'
readOnly: true
mountPath: '/etc/secrets-vol'
}
]
env: [
{
name: 'MY_SECRET'
valueFrom: {
secretKeyRef: {
name: 'my-secret'
key: 'secret-key'
}
}
}
]
}
]
hostNetwork: true
}
}
}
}
}
8 changes: 7 additions & 1 deletion docs/content/tutorials/helm/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,11 +192,12 @@ From here you will go through a series of steps to incrementally add more Radius
# Add the following two lines
annotations:
radapp.io/enabled: 'true'
radapp.io/environment: '{{ .Values.environment }}'
spec:
...
```

Adding the `radapp.io/enabled: 'true'` annotation enables Radius for the deployment.
Adding the `radapp.io/enabled: 'true'` annotation enables Radius for the deployment. The `radapp.io/environment` annotation is optional and is used to set the environment for the application. If not specified, Radius will use the default environment.

1. Save the file after you have made the edits and deploy the application again using Helm. Since the namespace and secret have already been created, we only need to run the `helm` command.

Expand Down Expand Up @@ -246,6 +247,7 @@ From here you will go through a series of steps to incrementally add more Radius
```bash
rad app graph -a demo -g default-demo
```
where `-a demo` specifies the application name and `-g default-demo` specifies the resource group name. [Resource groups]({{< ref "guides/operations/groups/overview" >}}) are a way to organize resources in Radius.

The output should look like this:

Expand Down Expand Up @@ -311,6 +313,7 @@ In this step you will:
name: db
namespace: {{ .Release.Namespace }}
spec:
environment: '{{ .Values.environment }}'
type: Applications.Datastores/redisCaches
secretName: redis-secret
```
Expand Down Expand Up @@ -462,6 +465,7 @@ Make sure the `app.yaml` file from `./demo/Chart/templates/app.yaml` is open in
namespace: {{ .Release.Namespace }}
annotations:
radapp.io/enabled: 'true'
radapp.io/environment: '{{ .Values.environment }}'
radapp.io/connection-redis: 'db'
spec:
...
Expand All @@ -488,6 +492,7 @@ Make sure the `app.yaml` file from `./demo/Chart/templates/app.yaml` is open in
namespace: {{ .Release.Namespace }}
annotations:
radapp.io/enabled: 'true'
radapp.io/environment: '{{ .Values.environment }}'
radapp.io/connection-redis: 'db'
spec:
selector:
Expand All @@ -510,6 +515,7 @@ Make sure the `app.yaml` file from `./demo/Chart/templates/app.yaml` is open in
name: db
namespace: {{ .Release.Namespace }}
spec:
environment: '{{ .Values.environment }}'
type: Applications.Datastores/redisCaches
```

Expand Down
1 change: 1 addition & 0 deletions docs/content/tutorials/tutorial-add-radius/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -321,4 +321,5 @@ This output shows that Radius has detected the three container resources in the

- To learn more about authoring Radius applications, visit the [Authoring applications guide]({{< ref "guides/author-apps" >}})
- To learn more about deploying applications using Radius, visit the [Deploying applications guide]({{< ref "guides/deploy-apps" >}})
- To learn more about using the [Radius Connections]({{< ref "guides/author-apps/containers/overview#connections" >}}) annotations to connect your containers and resources, visit the [Radius Helm tutorial]({{< ref "tutorials/helm#step-6-add-connection" >}})
- To learn more about Radius Recipes, visit the [Recipes guide]({{< ref "guides/recipes" >}})

0 comments on commit f512b47

Please sign in to comment.