Application Management
Provide developers with an easy and seamless way to deploy cloud-native applications.
Creating Applications
The definition below creates an application on Kubernetes using Shipa and GitHub Actions:
app:
name: app1
teamowner: shipa-team
framework: aks-prod
| Component | Type | Description |
|---|---|---|
| name | string | The name of the application. Required: Yes |
| teamowner | string | The name of the team who will own the application. Required: Yes |
| framework | string | The name of the policy framework that should be used for creating and deploying the application. Required: Yes |
Environment Variables
The definition below creates environment variables to an existing application on Shipa.
app-env:
app: app1
envs:
- name: CR_ENV1
value: test-1
- name: CR_ENV3
value: test-3
norestart: true
private: false
| Component | Type | Description |
|---|---|---|
| app | string | The name of the existing application that should should receive the environment variables. Required: Yes |
| envs | envs | Details of the environment variables that should be created. |
| norestart | bool | If the application should be restarted when environment variables are added or removed. If not specified, the application won't be restarted automatically. Required: No |
| private | bool | If the values of the environment variables being set should be displayed encrypted. If not specified, the environment variable values will be displayed in plain text. Required: No |
Application Variables
Multiple environment variables can be set at once when creating the environment variables.
| Component | Type | Description |
|---|---|---|
| name | string | The name of the environment variable to be set. Required: Yes |
| value | string | The value that should be assigned to the environment variable Required: Yes |
Deploying Applications
The definition below deploys an application to Kubernetes using Shipa.
app-deploy:
app: github-app-v3
image: docker.io/shipasoftware/bulletinboard:1.0
port: 8000
private-image: false
registry-user: [email protected]
registry-secret: secret
steps: 2
step-weight: 1
step-interval: 3m
shipayaml: ./example/shipa.yaml
| Component | Type | Description |
|---|---|---|
| app | string | The name of the application where deployment should happen. Required: Yes |
| image | string | The image URL that should be used by Shipa for deployment. Required: Yes |
| port | int | A specific port that should be assigned to the application for it to be exposed. If not specified, Shipa will automatically expose port 8888 to the application. Required: No |
| private-image | bool | If the image is hosted in a private registry. If not specified, Shipa will assume the image is hosted in a public registry and will not try to authenticate when pulling the image. Required: No |
| registry-user | string | The username of the private registry for authentication, so Shipa can pull the image. Required: No Condition: Only when private-image is set to true |
| registry-secret | string | The password of the private registry for authentication, so Shipa can pull the image. Required: No Condition: Only when private-image is set to true |
| steps | int | How many steps should be used for deploying a new version to the application, when using canary. If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version. Required: No |
| step-weight | int | The weight of traffic that should shift to the new version on each step. If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version. Required: No |
| step-interval | int | The wait time in minutes between each step. If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version. Required: No |
| shipayaml | file path | Path to the shipa.yaml file to be added to the application deployment Required: No |
Network Policies
The definition below adds a network policy entry to an application at deployment:
network-policy:
app: github-app-v3
ingress:
policy_mode: allow-custom-rules-only
custom_rules:
- id: gateway
enabled: true
description: gateway block test
allowed_frameworks:
- cinema-gateway
egress:
policy_mode: allow-all
restart_app: false
| Component | Type | Description |
|---|---|---|
| app | string | The application name to which the network policy should be applied to. |
| ingress | Ingress definition that will be applied to the application. if not defined, Shipa will leverage the network policies defined at the policy framework level. Required: No | |
| policy_mode | string | The policy mode that should be applied to your application network policy. Options are: - allow-all - deny-all - allow-custom-rules-only Required: No Condition: Only when policy_mode is set to allow-custom-rules-only |
| custom_rules | If policy_mode is set to allow-custom-rules-only, you can define custom rules for detailed ingress or egress configuration for the application. Required: No Condition: Only when policy_mode is set to allow-custom-rules-only | |
| id | string | The name of the custom rule. Required: No Condition: Only when policy_mode is set to allow-custom-rules-only |
| enabled | bool | If the custom rule is enabled by default or not for this application. Required: No Condition: Only when policy_mode is set to allow-custom-rules-only |
| description | string | The description of the custom rule being enforced. Required: No Condition: Only when policy_mode is set to allow-custom-rules-only |
| allowed_apps | string | The specific applications that communicate with your application. Required: No Condition: Only when policy_mode is set to allow-custom-rules-only |
| ports | Port configuration where your application can accept ingress or egress. Required: No Condition: Only when policy_mode is set to allow-custom-rules-only | |
| port | int | Specific port (or list of ports) where your application can accept ingress or egress. Required: No Condition: Only when policy_mode is set to allow-custom-rules-only |
| protocol | string | The protocol your application can accept ingress or egress. Required: No Condition: Only when policy_mode is set to allow-custom-rules-only |
| egress | Egress definition that will be accepted by your application. if not defined, Shipa will leverage the network policies defined at the policy framework level. Required: No | |
| restart_app | bool | If the application should be restarted automatically once the network policy is defined. Network policies are only in effect once the application is restarted. Required: No |
Managing CNAME
app-cname:
app: gha-app
cname: app-name.shipa.io
encrypted: true
| Component | Type | Description |
|---|---|---|
| app | string | The name of the application where the new CNAME should be added. Required: Yes |
| cname | string | The CNAME that should be assigned to the application. Required: Yes |
| encrypted | bool | Defines if the new CNAME should be HTTP or HTTPS. If encrypted, an HTTPS endpoint will be added to the application and a certificate will be automatically generated using Let's Encrypt. Required: No If not defined, an HTTP endpoint will be automatically generated. |
Updated about 1 year ago