Shipa Blog

Latest updates on our products, plus helpful articles relating to Kubernetes, container security, microservices and more

Your First Shipa Cloud Deployment

After registering for Shipa Cloud or installing Shipa on your own infrastructure, you are now ready to deploy your first application. The beauty of Shipa is that in the spectrum of source code to a built image, Shipa can help you get these applications into the wild. There are a lot of great examples on the Shipa Blog such as creating a data-rich application with Snowflake, a more simplistic example to get up and running is just grabbing a premade image and having Shipa take care of some of the complexities for you. Feel free to watch the video and follow along with the blog.

A Home for Your Application

You will need some infrastructure to deploy your application to. Our recent minikube guide shows how to get started with Shipa Cloud and minikube in no time. Though if you want to look at a more baked setup, can create a Kubernetes Cluster with your cloud provider of choice then wire your cluster to Shipa Cloud. 

Create an EKS Cluster

Here I will be using Amazon EKS, and creating a cluster with EKSCTL.  If you have not used EKSCTL before, it is pretty simple. All you need is access to an AWS Account, kubectl, and the EKSCTL CLI; in my case, I just used Homebrew to install the CLI.  

Execute the following to create an EKS Cluster. 

eksctl create cluster \
--name your-small-eks-cluster \
--version 1.20 \
--region ap-southeast-1 \
--nodegroup-name standard-workers \
--node-type t3.medium \
--nodes 1 \
--nodes-min 1 \
--nodes-max 2 \
--node-ami-family AmazonLinux2
Create EKS Cluster

Can run a quick kubectl get nodes to ensure connectivity.

EKS Cluster Up

With your cluster created, now you can add your cluster to Shipa Cloud. The first piece you will need to do that is a Shipa Framework

Shipa Framework and Cluster Wirings 

The Shipa Framework is the lifeblood of Shipa. A central home to all of the controls and policies. For our vanilla example, we will not be configuring an advanced Framework as our focus will be deploying as quickly as possible. 

Shipa Framework

Shipa Cloud -> Frameworks + Create Framework – Basic

Add Shipa Framework

Once you click Next, can name this basic Framework “vanillaframework” and leverage the default Plan [shipa-plan] and default Team [shipa-team] that is created for you in Shipa Cloud. Or can select an appropriate Plan/Team(s) if your organization is leveraging Shipa. 

Shipa Framework Configuration

Once you click Create, your Framework will be created. 

Shipa Framework Added

The power of a Shipa Framework is to quickly automate common policies and infrastructure that your application needs in the wild. Shipa out of the box by default will scan your images for security vulnerabilities. You can suppress this behavior by modifying the Framework. 

Later on in the post, we will be deploying WordPress. With static analysis scanners, a public image could have vulnerabilities reported by the scanner. For this example, can suppress the scanner by modifying the Framework.

Shipa Cloud -> Frameworks -> vanillaframework -> Update

Shipa Vanilla Framework

On the Security Scans step, click on the “Disable app scans” checkbox. 

Disable Shipa Security Scan

Click Next then Update. With the Framework out of the way, now you can add your Kubernetes Cluster. 

Adding a Kubernetes Cluster

Adding a Kubernetes Cluster to Shipa requires three items; the address of the cluster, authorization token, and CA Certificate. 

Grabbing the cluster address e.g the Kubernetes API Endpoint is easy in EKS. Can navigate to the cluster in the AWS Console and the endpoint is provided for you. 

EKS Kubernetes API Endpoint

The next step would be to create the Kubernetes Authentication Token. Creating an authorization token based on a Kubernetes role is straightforward. The Shipa Documentation for connecting a cluster gives the needed manifest to create the role and base the token off of. 

Create shipa-admin-service-account.yaml

Shipa Admin Service Account

Then apply the manifest. 

kubectl apply -f shipa-admin-service-account.yaml
Add Shipa Admin Role

With the service account created, you can grab the authorization token. Can re-run the below command when it is time to copy and paste into Shipa Cloud. 

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep shipa-admin | awk '{print $1}')
Get EKS Authorization Token

You can also grab the CA Certificate by running the following command. Similarly can re-run when needed to copy and paste into Shipa Cloud. 

kubectl get secret $(kubectl get secret | grep default-token | awk '{print $1}') -o jsonpath='{.data.ca\.crt}' | base64 --decode
Get CA Cert

With the three pieces you need, now you can wire your cluster to Shipa. 

Adding the Cluster

Once you have the three needed pieces, you can add the cluster to Shipa Cloud. 

Shipa Cloud -> Clusters + Add Cluster 

Can name the cluster “ekscluster” and leverage your framework you created earlier e.g “vanillaframework”.

Add EKS Cluster to Shipa

Click Next and add the connectivity information. 

Shipa EKS Cluster Connection

Click Next to configure an Ingress Controller if you choose to. Shipa by default if you are using the Basic Framework will configure a Traefik Ingress Controller for you. Leaving the fields blank will leverage the defaults. 

Shipa Traefik Controller

Once you click Create, after a few moments, your Cluster should be available. 

Shipa EKS Cluster Running

After your Cluster is available, now you are ready to deploy your application goodness. 

Deploying Your First App from Shipa Cloud 

There are several ways to deploy with the help of Shipa. From source to image or anything between, Shipa Cloud can provide value. For brevity, deploying a docker image can show off a few Shipa concepts with ease.  

A good starting image to get started is WordPress. If you were tasked with installing WordPress on a Kubernetes cluster, easier said than done. There are several moving parts and networking complexities to expose your WordPress instance to the world. 

Create an Application

The first item to do is create a Shipa Application. 

Shipa Cloud -> Applications + Create App

Can name the Application “wordpress” and assign to “vanillaframework” and “shipa-team”. 

Wordpress Shipa Add

Click Create and you are now ready to configure the Shipa Application. 

Shipa Application Idle

Clicking into the Application, on the top navigation by Application Details, click on the Deploy icon.

Select “Public registry” as the Deployment Source and “docker.io/wordpress” as the Image Name. 

Deploy Public Image WordPress

Click Submit. You can watch the progress on the Application Map. 

Application Details

Clicking on the Applicaiton Map will visualize prudent parts of the stack. 

Shipa Application Map

Especially for myself, one of the consternations is just figuring out the endpoint on how to access my application in Kubernetes. The soup of ingress/egress/Kubernetes services/etc can be a little murky to navigate. Luckily Shipa Cloud will expose that for you. 

Clicking back into your Application Details, the Endpoint will be exposed upfront for you. 

Shipa Cloud -> Applications -> wordpress

Shipa Application Endpoint

Copy the Endpoint to your clipboard and paste it into your browser and just like that, your WordPress installation will available for you to configure. 

Running Example

Just like that, you are well on your way with your first Shipa Cloud Deployment. If you have not already, feel free to sign up for Shipa Cloud and stay tuned for more examples and updates from the Shipa Team.

Cheers,

-Ravi