The Shipa Developer Hub

Welcome to the Shipa developer hub. You'll find comprehensive guides and documentation to help you start working with Shipa as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    Changelog

CLI Framework Management

As your policy engine for deployment control, frameworks can be managed in 2 different ways today, through a template YAML file or manual individual commands through Shipa's CLI.

Framework Definition

Frameworks allow you to create policies across networking, RBAC, registry control, and more. These policies are then automatically applied to any application deployed using that specific framework.

Users can leverage configuration files to create and update frameworks dynamically through their pipelines or Shipa's CLI.

When using the CLI, configuration files can be used to create frameworks by using the following command:

shipa framework add template.yaml

The command below can be used to update frameworks from the CLI using a template configuration file:

shipa framework update template.yaml

Below is an example of a framework configuration file:

ShipaFramework: framework1
Resources:
   General:
      Setup:
         Force: true
         Default: true
         Public: true
         Provisioner: shipa
      Plan:
         Name: plan1    
      Security: 
         Disable-scan: false
         Scan-Platform-Layers: true
         Ignore-components: 
            - busybox
            - bash
            - curl
            - dpkg
         Ignore-CVES: 
            - CVE-xxxx-xxxx
            - CVE-xxxx-xxxx 
      Access: 
         Append: 
            - team1
            - team2
            - teamX
         Blacklist:
            - team3
            - teamN
      Services:
         Append: 
            - service1
            - service2
            - serviceX
         Blacklist:
            - service3
            - serviceN
      Volumes: 
         -  Name: volume-X
            PlanName: kube1
            Option1: capacity=1Gi
            Option2: access-modes=ReadWriteOnce

         -  Name: volume-Y
            PlanName: kube1
            Option1: capacity=5Gi
            Option2: access-modes=ReadWriteOnce

         -  Name: volume-Z
            PlanName: kube1
            Option1: capacity=100Gi
            Option2: access-modes=ReadWriteOnce
      AppQuota: 
         Limit: 3
   ShipaNode:
      Drivers: 
         - amazonec2
         - google
      AutoScale: 
         MaxContainer: 0
         MaxMemory: 0
         ScaleDown: 1.33
         Rebalance: true

Flags:

Flag

Description

Default

Will the framework be the default framework for application deployment(when none is specified during app create, this framework will be used)?

Public

Make the framework public for all teams to consume.

Provisioner

Provisioners are either shipa or kubernetes. If Kubernetes clusters are added to this framework, then kubernetes should be used. Otherwise, it should be used shipa

Shipa nodes and Kubernetes clusters cannot coexist in the same framework.

Plan

Plan which will be assigned to all applications when deployed to this framework. The plan should have been previously created through the shipa plan create command.

Security

What type of security scan and exceptions, if any, should be performed/allowed on every application deployed using this framework

Access

Which teams should have access to the framework, or their access revoked

Services

Which services can be leveraged by applications deployed to this framework

Volumes

Volumes should be created and made available to applications deployed through this framework. Please note that volumes will be created and attached to the framework but will remain available until they are bound to an application

AppQuota

The maximum amount of units (containers) each application deployed through this framework can scale to

ShipaNode/Drivers

Which node/cloud providers can be attached to this framework. Please note this is only valid when the provisioner is set to shipa in the Provisioner section.

ShipaNode/AutoScale

Node autoscale rules for Shipa nodes only

Adding Frameworks

To create a framework, users should use the Shipa framework add command, as shown below:

shipa framework add <framework> [-p/--public] [-d/--default] [--provisioner <name>] [-f/--force]

Each Shipa node added using the node-add command, by default, belongs to a framework. When creating new applications, a framework must be chosen, which means that all units of the created application will be spawned in nodes belonging to the chosen framework.

Flags:

Flag

Description

-d, --default

(= not set) Marks the framework as the default one(when none is specified during app create, this framework will be used)

-f, --force

(= false) Force overwrite default framework

-p, --public

(= false) Make framework public (all teams can use it)

--provisioner

(= "") Provisioner associated with the framework (empty for default shipa provisioner)

Manually Updating Framework Attributes

shipa framework update <framework> [--public=true/false] [--default=true/false] [-f/--force]

Updates attribute for a specific framework.

Flags:

Flag

Description

--default

(= not set) Marks the framework as the default one(when none is specified during app creation, this framework will be used)

-f, --force

(= false) Force framework to be the default.

--public

(= not set) Make framework public (all teams can use it)

Manually Adding Teams to Frameworks

After frameworks are created, users can use Shipa's framework constraint set command to add teams to the frameworks that were just created:

shipa framework constraint set framework1 team team1 team2 --append

shipa framework constraint set framework2 team team3 --append

Listing Frameworks

Listing the available frameworks in Shipa can be done by executing the following:

$ shipa framework list
+------------+------+-------------+------------+--------------------+
| Framework  | Kind | Provisioner | Teams      | Ingress Controller |
+------------+------+-------------+------------+--------------------+
| framework1 |      | kubernetes  | shipa-team | istio              |
+------------+------+-------------+------------+--------------------+
| dev        |      | kubernetes  | dev        | traefik            |
+------------+------+-------------+------------+--------------------+
| prod       |      | kubernetes  | prod       | traefik            |
+------------+------+-------------+------------+--------------------+
| qa         |      | kubernetes  | dev        | traefik            |
+------------+------+-------------+------------+--------------------+

Removing Frameworks

Frameworks can be removed at any time in Shipa. To do so, users can leverage Shipa's framework remove command:

shipa framework remove framework1

Manually Removing Teams from Frameworks

Administrators can remove one or more teams from frameworks using Shipa's framework constraint set command:

shipa framework constraint set framework1 team team1 --blacklist

shipa framework constraint set framework1 team team1 team2 team3 --blacklist

Updated 8 days ago


CLI Framework Management


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.