Application Management

By leveraging Shipa, you can provide developers with an easier and seamless way to deploy their applications across multiple Kubernetes clusters and Linux nodes.

📘

Shipa Application and Deployment Object Merge - Shipa 1.7.1

Shipa has merged the Application and Deployment Terraform Objects in Shipa 1.7.1+. If using a prior version, check out the previous version's documentation.

Creating and Deploying Applications

The code snippet below creates an application on Shipa.

apiVersion: shipa.crossplane.io/v1alpha1
kind: AppDeploy
metadata:
  name: crossplane-app
spec:
  forProvider:
    app: crossplane-app
    image: docker.io/shipasoftware/bulletinboard:1.0
    appConfig:
      team: shipa-team
      framework: sample-framework
      env:
      - VARIABLE_ONE=v1
      - VARIABLE_TWO=v2
      plan: shipa-plan
      tags:
      - soaktest
      - chaos_acceptance
    port:
      number: 2121
      protocol: TCP
    registry:
      user: docker.user
      secret: docker.secret
    volumes:
    - name: mysql
      mountPath: var/lib/mysql
    - name: scratch
      mountPath: tmp/scratch

Top-Level Attributes

Here are the attributes that provide top-level information about each component definition.

Component

Type

Description

apiVersion

string

the version of the API.

kind

string

the kind of custom resource that will be created by Shipa.

AppDeploy is the kind used by Shipa for creating and deploying applications.

metadata

the name of the custom resource that will be created by Shipa. A good practice is to keep this as the application name.

spec

the specification that will be used by Shipa when creating the application.

Specification - For Provider

Main deployment object e.g. the image.

Component

Type

Description

app

string

the name of the application.

Required: Yes

image

string

the address of the image that should be used by Shipa for deployment.

Required: Yes

Specification - For Provider - App Config

Application specific configs.

Component

Type

Description

team

string

the name of the team who will own the application.

Required: Yes

framework

string

the name of the framework that should be used for creating the application.

Required: Yes

env

array

array of environmental variable objects. In the format variable_name=variable_value.

Required: No

plan

string

the name of the resource limit plan that should be used by this application.

If not defined, the one defined at the framework level will be used.

Required: No

tags

array

a list of tags that should be assigned to the application.

Required: No

Specification - For Provider - Port (Not Required)

Custom Port exposure. Add this section if wanting to expose a certain port.

Component

Type

Description

number

integer

a specific port that should be assigned to the application for it to be exposed.

If not specified, Shipa will automatically expose port 8888 to the application.

Required: No
Condition: Only when port is specified.

protocol

string

the protocol your application can accept ingress or egress.

Required: No
Condition: Only when port is specified.

Specification - For Provider - Registry (Not Required)

Private Registry wiring. Add this section if wanting to use a Private Registry.

Component

Type

Descriptiomn

user

string

the username of the private registry for authentication, so Shipa can pull the image.

Required: No
Condition: Only when registry is specified.

secret

string

the password of the private registry for authentication, so Shipa can pull the image.

Required: No
Condition: Only when registry is specified.

Specification - For Provider - Volumes (Not Required)

Shipa Volumes to be bound. A Volume Plan and Volume will need to be created before.

Component

Type

Description

name

string

name of shipa volume.

Required: No
Condition: Only when volumes is specified.

mountPath

string

mount path of volume to be exposed.

Required: No
Condition: Only when volumes is specified.

CNAME Management

The code snippet below adds a CNAME entry to an existing application:

apiVersion: shipa.crossplane.io/v1alpha1
kind: AppCname
metadata:
  name: crossplane-app
spec:
  forProvider:
    app: crossplane-app
    cname: www.test.com
    encrypt: true

Top-Level Attributes

Here are the attributes that provide top-level information about each component definition.

Component

Type

Description

apiVersion

string

the version of the API.

kind

string

AppCname is the kind used by Shipa for assigning a CNAME to an existing application.

metadata

the name of the custom resource that will be created by Shipa.

spec

the name of the custom resource that will be created by Shipa.

Metadata

Component

Type

Description

name

string

the name of the custom resource that will be created by Shipa.

Specification

Component

Type

Description

app

string

the name of the application where deployment should happen.

Required: Yes

cname

string

the CNAME you want to assign to your existing application.

Required: Yes

encrypt

boolean

if Shipa should automatically create a certificate and assign to your CNAME so your application is served over HTTPS.

Required: No

Networking Management

The code snippet below adds a network policy entry to an existing application:

apiVersion: shipa.crossplane.io/v1alpha1
kind: NetworkPolicy
metadata:
  name: netpolicy-k8-app1
spec:
  forProvider:
    app: k8-app1
    networkPolicy:
      ingress:
        policy_mode: allow-custom-rules-only
        custom_rules:
          - id: framework
            enabled: true
            description: framework block
            allowed_apps:
              - app1
              - app2
            allowed_frameworks:
              - cp-prod
            ports:
              - port: 8080
                protocol: TCP
      egress:
        policy_mode: allow-all
      restart_app: true

Top-Level Attributes

Here are the attributes that provide top-level information about each component definition.

Component

Type

Description

apiVersion

string

version

kind

string

NetworkPolicy is the kind used by Shipa for assigning a CNAME to an existing application.

metadata

the name of the custom resource that will be created by Shipa.

spec

the specification that will be used by Shipa when deploying the application.

Metadata

Component

Type

Description

name

string

the name of the custom resource that will be created by Shipa.

Specification

Component

Type

Description

ingress

ingress definition that will be applied to the application.

if not defined, Shipa will leverage the network policies defined at the framework level.

Required: No

policy_mode

string

the policy mode that should be applied to your application.

Current options from this provider are:

  • allow-all
  • deny-all
  • allow-custom-rules-only

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

custom_rules

if policy_mode is set to allow-custom-rules-only, you can define custom rules for detailed ingress or egress configuration for the application.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

id

string

the name of the custom rule.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

enabled

bool

if the custom rule is enabled by default or not for this application.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

description

string

The description of the custom rule being enforced.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

allowed_apps

string

the specific applications that communicate with your application.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

allowed_frameworks

string

allow traffic from applications deployed through this, or list of, frameworks.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

ports

port configuration where your application can accept ingress or egress.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

port

int

the specific port (or list of ports) where your application can accept ingress or egress.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

protocol

string

the protocol your application can accept ingress or egress.

Required: No
Condition: Only when policy_mode is set to allow-custom-rules-only

egress

egress definition that will be accepted by your application.

if not defined, Shipa will leverage the network policies defined at the framework level.

Required: No

restart_app

bool

if the application should be restarted automatically once the network policy is defined.

network policy is only in effect once the application is restarted. If not set to yes, the application won't be restarted and the new policy will only take effect when you restart the application manually.

Required: No

📘

Detailed network policies

Shipa enables you to define more granular network policies through its dashboard. If rules are overly complex, we recommend using the dashboard to define a sample framework and network policy.


Did this page help you?