Setel Database

Table of Contents Uji Koneksi Console CloudShell Local Proxy Ijin Admin Directory Run Proxy Tes Proxy Stop Proxy Lingkungn Setel Proxy Generic File yaml Deploy Referensi

Uji Koneksi

Lihat panduan set environment variables.

Untuk tes koneksi SQL di saleor amannya kita tidak setel DATABASE_URL spt dijelaskan di sbb:

Note (5. Create a PostgreSQL user)
You need to create the user to use within your project. 
Username and password are extracted from the DATABASE_URL environmental variable. 
If absent they both default to saleor.

Note (6. Create a PostgreSQL database)
Database name is extracted from the DATABASE_URL environment variable. 
If absent it defaults to saleor.

Console

Buat user saleor dengan password saleor di PENGGUNA dan database saleor di BASIS DATA

CloudShell

https://console.cloud.google.com/cloudshell/environment/view
Matikan dahulu SSL dengan cara Izinkan koneksi yang tidak aman di KONEKSI

gcloud sql connect cloud-sql-postgres-instance --user=saleor

Output

Whitelisting your IP for incoming connection for 5 minutes...done.
Connecting to database with SQL user [saleor].Password for user saleor:

Masukan password saleor tekan Enter. Outputnya spt berikut:

psql (9.6.10)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES128-GCM-SHA256, bits: 128, compression: off)
Type "help" for help.
saleor=>

Tekan Ctrl+C untuk keluar..

Local Proxy

Aktifkan SSL dengan cara Hanya izinkan koneksi yang aman di KONEKSI

Ijin Admin

https://codelabs.developers.google.com/codelabs/cloud-postgresql-gke-memegen/#5

gcloud iam service-accounts create proxy-user --display-name "proxy-user"
gcloud iam service-accounts list

gcloud projects add-iam-policy-binding marketstore --member \
serviceAccount:[email protected] --role roles/cloudsql.client

gcloud iam service-accounts keys create key.json --iam-account \
[email protected]

Directory

~$ ls
cloud_sql_proxy  key.json  Pipfile  Pipfile.lock  Tutorial-Buka-Toko

Run Proxy

export CONNECTION_NAME=marketstore:asia-southeast1:cloud-sql-postgres-instance
export INSTANCE_CONNECTION_NAME="$CONNECTION_NAME=tcp:5432"
./cloud_sql_proxy -instances=$INSTANCE_CONNECTION_NAME -credential_file=key.json &

Output

2019/02/09 09:59:47 Rlimits for file descriptors set to {&{8500 1048576}}
2019/02/09 09:59:47 using credential file for authentication; [email protected]
2019/02/09 09:59:47 Listening on 127.0.0.1:5432 for marketstore:asia-southeast1:cloud-sql-postgres-instance
2019/02/09 09:59:47 Ready for new connections

Tes Proxy

Buka CloudShell baru..
Proxy dibuka menggunakan tcp:5432
Jadi untuk tes kita gunakan TCP Socket (bukan Unix Socket) sbb:

psql "host=127.0.0.1 sslmode=disable dbname=saleor user=saleor"

masukkan password: saleor
. Outputnya spt berikut:

psql (9.6.10)
Type "help" for help.

saleor=>

Masukkan /q dan tekan Enter untuk keluar..

Di CloudShell sebelumnya akan didapat output sbb:

2019/02/09 10:08:20 New connection for "marketstore:asia-southeast1:cloud-sql-postgres-instance"
2019/02/09 10:08:21 Client closed local connection on 127.0.0.1:5432
2019/02/09 09:59:47 Ready for new connections

Stop Proxy

killall cloud_sql_proxy

Lingkungn

pip install -r requirements.txt

********************************************************************************
You are running pip as root. Note that that your Cloud Shell machine is ephemeral
and no system-wide change will persist beyond session end.
You can customize your environment to permanently include this package by
updating your environment at https://cloud.google.com/console/cloudshell/environment/view.
********************************************************************************

Solusinya kita harus buat lingkungan terpisah dari sistem

Setel Proxy

Generic

Follow a guide to setup "generic" Kubernetes cluster and remember to set environment variables when creating your workload based on the uploaded image.

kubectl create secret generic cloudsql-instance-credentials \
--from-file=credentials.json=key.json

kubectl create secret generic cloudsql-db-credentials \
    --from-literal=secretKey=[SECRET_KEY] \
    --from-literal=allowedHosts=shop.chetabahana.com \
    --from-literal=currency=Rp

File yaml

Nama: saleor_deployment.yaml
Sumber: gmemegen_deployment.yaml

wget https://raw.githubusercontent.com/GoogleCloudPlatform/gmemegen/master/gmemegen_deployment.yaml
mv gmemegen_deployment.yaml saleor_deployment.yaml
sed -i 's!gcr.io/[PROJECT_ID]/gmemegen!gcr.io/marketstore/chetabahana-app!g' saleor_deployment.yaml
sed -i 's/gmemegen/saleor/g' saleor_deployment.yaml
sed -i 's/8080/8000/g' saleor_deployment.yaml
sed -i 's/-instances=<INSTANCE_CONNECTION_NAME>=tcp:5432/marketstore:asia-southeast1:cloud-sql-postgres-instance=tcp:5432/g' saleor_deployment.yaml

Hasil modifikasi

# Copyright 2018 Google LLC
# 
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# 
#     https://www.apache.org/licenses/LICENSE-2.0
# 
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: saleor
  labels:
    app: saleor
spec:
  template:
    metadata:
      labels:
        app: saleor
    spec:
      # This section describes the containers that make up the deployment
      containers:
        - name: saleor
          image: gcr.io/marketstore/chetabahana-app
          ports:
            - containerPort: 8000
          # Set env variables used for Postgres Connection
          env:
            - name: DB_USER
              valueFrom:
                secretKeyRef:
                  name: cloudsql-db-credentials
                  key: username
            - name: DB_PASS
              valueFrom:
                secretKeyRef:
                  name: cloudsql-db-credentials
                  key: password
            - name: DB_NAME
              valueFrom:
                secretKeyRef:
                  name: cloudsql-db-credentials
                  key: dbname
        # Change <INSTANCE_CONNECTION_NAME> here to include your GCP
        # project, the region of your Cloud SQL instance and the name
        # of your Cloud SQL instance. The format is $PROJECT:$REGION:$INSTANCE
        - name: cloudsql-proxy
          image: gcr.io/cloudsql-docker/gce-proxy:1.11
          command: ["/cloud_sql_proxy",
                    "-instances=marketstore:asia-southeast1:cloud-sql-postgres-instance=tcp:5432",
                    "-credential_file=/secrets/cloudsql/credentials.json"]
          volumeMounts:
            - name: my-secrets-volume
              mountPath: /secrets/cloudsql
              readOnly: true
      volumes:
        - name: my-secrets-volume
          secret:
            secretName: cloudsql-instance-credentials

Deploy

kubectl delete deployment saleor
kubectl get deployments --all-namespaces

kubectl delete service saleor
kubectl get service

kubectl create -f saleor_deployment.yaml
kubectl get pods
kubectl expose deployment saleor --type=LoadBalancer --port 80 --target-port 8000

Referensi

• https://docs.getsaleor.com/en/latest/gettingstarted/configuration.html
• https://codelabs.developers.google.com/codelabs/cloud-postgresql-gke-memegen/#7
• https://codeburst.io/beginners-guide-to-deploying-a-django-postgresql-project-on-google-cloud-s-flexible-app-engine-e3357b601b91