The deployed images are private. You need to configure a secret object on the node in order to deploy applications, otherwise Kubernetes won't be able to pull images.
The following commands describe how to authenticate on the GHCR with Docker using a GitHub token and to use these credentials to authetnicate in Kubernetes.
~/.docker/config.json. After you've created the secret, you can delete credentials from this file.
# Login on Docker
GH_USERNAME=<github_username>
GH_TOKEN=<access_token_github>
docker login ghcr.io --username $GH_USERNAME --password $GH_TOKEN
# Copy login credentials from local Docker configuration
# Copia login da Docker locale
kubectl create secret generic regcred \
--from-file=.dockerconfigjson=/home/$USER/.docker/config.json \
--type=kubernetes.io/dockerconfigjsonThe commands above will create a secret named regcred, which is used by the deployments in this repo.
Change all credentials in values.yaml for Postgres and Keycloak.
The app is deployed through Helm and Helmfile. Install both of them.
On Arch Linux:
sudo pacman -S helm helmfileThen initialize Helmfile:
helmfile initFinally, deploy the app:
helmfile syncOnce deployed, if the cluster is modified, it can be updated using the following command:
helmfile syncThe cluster can be deleted with the following command:
helmfile destroyHowever, cert-manager and trust-manager leave behind some CRDs. To delete them:
# Clean CRS left by cert-manager
kubectl delete crd \
issuers.cert-manager.io \
clusterissuers.cert-manager.io \
certificates.cert-manager.io \
certificaterequests.cert-manager.io \
orders.acme.cert-manager.io \
challenges.acme.cert-manager.io
# Clean CRS left by trust-manager
kubectl delete crd bundles.trust.cert-manager.io