Introduction

I was recently tasked with the migration of the following RChain websites:



developer.rchain.coop, node-js apps with [postgres] backend

blog.rchain.coop a multi-home wordpress blog

www.rchain.coop

rsong.rchain.coop

This migration also included building a new infrastructure for hosting the sites. The ideal solution must satisfy the non-functional requirements:

Scalable: scale up/down to meet demands

Self-healing system that can determine which service is healthy and which is not (and apply auto-healing)

Extendable: easily extend the architecture for additional websites/web apps

Provide tractability and audibility of the sites

Reversion: Revert back to any previously known stable state

Hot-deploy: Rapid deployment without downtime

Secure connection: ssl/tls certificates

Luckily, we had a solution in rsong -proxy and rsong -acquisition

that met all above non-functional requirements. RSong IaC provides:

CI/CD pipeline

Kubernetes, k8, clustering

helm charts to streamlines installing and managing Kubernetes applications.

ssl / tls certificates by utilizing k8 ingress and letsencrypt

And so we began our migration journey and creating the workflow for managing RChain web content.

The Pipeline

To take full advantage of the RSong deployment infrastructure, we first had to dockerize the RChain web content. We used a simple Gulp script to generate project structure from existing assets. The docker files build the corresponding projects and expose the http port upon successful babel transpilation . The final step involved applying RSong helm charts to provision and deploy the applications. google cloud-build and google-container registry took care of the rest.



Step 1: git

The first step was to create a www git repo. Next, we configured git branch policies to enforce code quality and change management standards.

Step 2: provisioning

The second step was to re-use RSong helm charts to provision the required kubernetes , k8, infrastructure. This step entails installing:

ingress controller to: manages external access to the services in a cluster fan out route traffic from a single IP address to all services mange TLS certs load balancing

TLS certificate issuer, to issuer certs manager, to manage certs lifecycle



Step 3 CI/CD

We used google cloud build for this step. Cloud-build jobs are triggered when git repo www master branch is changed. The pipelines:

create docker image for each site

publish docker images to google cloud container registry

deploy using Rsong helm charts

Reflection

