Application Management

Provide developers with an easy and seamless way to deploy applications across multiple Kubernetes clusters and Linux nodes.

Creating Applications

The code snippet below creates an application on Shipa.

import * as pulumi from "@pulumi/pulumi";
import * as shipa from "@shipa-corp/pulumi";


const app = new shipa.App("app", {
    app: {
        name: "pulumi-app-1",
        framework: "policy-fw-name",
        teamowner: "shipa-team",
        description: "app description"
    }
});

export const appName = app.app.name;

Specification

ComponentTypeDescription
namestringThe name of the application.

Required: Yes
teamownerstringThe name of the team who will own the application.

Required: Yes
frameworkstringThe name of the policy framework that should be used for creating and deploying the application.

Required: Yes
descriptionstringApplication description.

Required: No

Environment Variables

The code snippet below creates environment variables to an existing application on Shipa.

import * as pulumi from "@pulumi/pulumi";
import * as shipa from "@shipa-corp/pulumi";


const appDeploy = new shipa.AppEnv("app-env", {
    app: "pulumi-app-1",
    appEnv: {
        envs: [
            {name: "SHIPA_ENV_JS_1", value: "js-1"},
            {name: "SHIPA_ENV_JS_2", value: "js-2"},
        ],
        norestart: true,
        private: false
    }
});

export const appName = appDeploy.app;

Specification

ComponentTypeDescription
appstringThe name of the existing application that should should receive the environment variables.

Required: Yes
app_envapp_envDetails of the environment variables that should be created.
norestartboolIf the application should be restarted when environment variables are added or removed.

If not specified, the application won't be restarted automatically.

Required: No
privateboolIf the values of the environment variables being set should be displayed encrypted.

If not specified, the environment variable values will be displayed in plain text.

Required: No

Application Variables

Multiple environment variables can be set at once when creating the environment variables.

ComponentTypeDescription
namestringThe name of the environment variable to be set.

Required: Yes
valuestringThe value that should be assigned to the environment variable

Required: Yes

Deploying Applications

The code snippet below deploys an application using Shipa.

import * as pulumi from "@pulumi/pulumi";
import * as shipa from "@shipa-corp/pulumi";


const appDeploy = new shipa.AppDeploy("app-deploy", {
    app: "pulumi-app-1",
    deploy: {
        image: "docker.io/shipasoftware/bulletinboard:1.0",
        port: 8080,
        privateImage: false,
        registryUser: "registry-user",
        registrySecret: "user-secret",
        steps: 2,
        stepWeight: 1,
        stepInterval: 1
    }
});

export const appName = appDeploy.app;

Specification

ComponentTypeDescription
appstringThe name of the application where deployment should happen.

Required: Yes
imagestringThe image URL that should be used by Shipa for deployment.

Required: Yes
portintA specific port that should be assigned to the application for it to be exposed.

If not specified, Shipa will automatically expose port 8888 to the application.

Required: No
privateImageboolIf the image is hosted in a private registry.

If not specified, Shipa will assume the image is hosted in a public registry and will not try to authenticate when pulling the image.

Required: No
registryUserstringThe username of the private registry for authentication, so Shipa can pull the image.

Required: No

Condition: Only when privateImage is set to true
registrySecretstringThe password of the private registry for authentication, so Shipa can pull the image.

Required: No

Condition: Only when privateImage is set to true
stepsintHow many steps should be used for deploying a new version to the application, when using canary.

If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version.

Required: No
stepWeightintThe weight of traffic that should shift to the new version on each step.

If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version.

Required: No
stepIntervalintThe wait time in minutes between each step.

If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version.

Required: No

CNAME Management

The code snippet below adds a CNAME entry to an existing application:

import * as pulumi from "@pulumi/pulumi";
import * as shipa from "@shipa-corp/pulumi";


const appCname = new shipa.AppCname("app-cname", {
    app: "pulumi-app-1",
    cname: "pulumi-app1.com",
    encrypt: false
});

export const appName = appCname.app;

Specification

ComponentTypeDescription
appstringThe name of the application where the new CNAME should be added.

Required: Yes
cnamestringThe CNAME you want to assign to your existing application.
encryptboolIf Shipa should automatically create a certificate and assign to your CNAME so your application is served over HTTPS.

Required: No

Default if not specified: No

Network Policies

The code snippet below adds a network policy entry to an existing application:

import * as pulumi from "@pulumi/pulumi";
import * as shipa from "@shipa-corp/pulumi";


const item = new shipa.NetworkPolicy("pulumi-netpolicy-app1", {
    networkPolicy: {
        app: "pulumi-app-1",
        networkPolicy: {
            ingress: {
                policyMode: "allow-custom-rules-only",
                customRules: [
                    {
                        id: "framework",
                        enabled: true,
                        description: "framework block",
                        allowedFrameworks: ["cp-prod"],
                        allowedApps: ["app1", "app2"],
                        ports: [{
                            port: 8080,
                            protocol: "TCP",
                        }]
                    },
                ]
            },
            egress: {
                policyMode: "allow-all",
            },
            restartApp: true,
        }
    }
});

export const appName = item.networkPolicy.app;

Specification

ComponentTypeDescription
appstringThe application name to which the network policy should be applied to.
ingressIngress definition that will be applied to the application.

if not defined, Shipa will leverage the network policies defined at the policy framework level.

Required: No
policyModestringThe policy mode that should be applied to your application network policy.

Options are:
- allow-all
- deny-all
- allow-custom-rules-only

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
customRulesIf policyMode is set to allow-custom-rules-only, you can define custom rules for detailed ingress or egress configuration for the application.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
idstringThe name of the custom rule.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
enabledboolIf the custom rule is enabled by default or not for this application.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
descriptionstringThe description of the custom rule being enforced.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
allowedFrameworksstringAllow traffic from applications deployed through this, or list of, policy frameworks.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
allowedAppsstringThe specific applications that communicate with your application.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
portsPort configuration where your application can accept ingress or egress.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
portintSpecific port (or list of ports) where your application can accept ingress or egress.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
protocolstringThe protocol your application can accept ingress or egress.

Required: No

Condition: Only when policyMode is set to allow-custom-rules-only
egressEgress definition that will be accepted by your application.

if not defined, Shipa will leverage the network policies defined at the policy framework level.

Required: No
restartAppboolIf the application should be restarted automatically once the network policy is defined.

Network policies are only in effect once the application is restarted.

Required: No

📘

Defining detailed network policies

We recommend you use Shipa's dashboard to define a policy framework where network policy rules are overly complex.

You can also export a policy framework configuration which gives you detailed network policy configuration in a file.