# Deploying more advanced applications

NOTE WELL

In order to be able to run through the steps of this tutorial in an operational Avassa environment, contact usopen in new window to join our pilot program and get access to a running system.

This tutorial guides you through the steps to deploy more complex applications on the Avassa Platform. It adds on to the basic single-container, multi-site deployment covered in the first application tutorial.

It covers more features related to multi-container applications, more advanced options related to application placement in multi-host site clusters. It introduces the usage of the Strongbox distributed key-value store to manage application credentials.

This tutorial uses the supctl command line tool for certain operations.

To prepare for this tutorial, request access to an Avassa Platform environment with the "Theater Operations" scenario. This provides a setup with four edge sites, stockholm-sergel, stockholm-sture, helsingborg-roda-kvarn, and gothenburg-bergakungen.

# Check the status of the sites

To inspect the status of the sites, click Sites, pick a site and select State in the top bar. And then go through each site in the list.

Site state

Look for the state: "initialized" string that tells you that the site has successfully completed the call-home process and is ready to receive scheduled applications.

TIP

The topdc site hosts the Control Tower components including the call-home server, so it does not provide any call-home state information about itself.

# Label sites for deployment

Containers are deployed based on site-label matching. You are going to place the popcorn-controller application on the sites located in Stockholm only, so you need to add a label to the stockholm-sergel and stockholm-sture sites.

Click Sites, pick stockholm-sergel, select Config in the top bar and click Edit. Select the Name field in the Labels section, and add a label named city with value stockholm and click Add to add the label. Click Update site to save the label to the site configuration.

Add label

Do the same steps with the stockholm-sture site.

# Add a default remote registry

All containers used in this tutorial is hosted in the Avassa public GitLab container registry, so you need to add registry.gitlab.com as your default registry.

Click Remote registriesin the sidebar, and then click Connect new registry.

Site state

Paste the following into the form field and click Submit.

name: "default"
address: "registry.gitlab.com"

# Register the applications

To deploy applications, you need to register the following for each application:

  • An application specification that defines the structure and content of an application
  • A deployment specification that defines where the application shall be deployed

In this tutorial we define two applications:

  • A very simple popcorn-controller application consisting of a single container kettle-popper-manager that manages all the popcorn machines in the theaters it is deployed in
  • A more complex theater-room-manager application with two services:
    • A projector-operation service consisting of two containers projector-operations and digital-assets-manager
    • A curtain-controller service consisting of a single curtain-controller container

Click Applications in the sidebar and click Register new application.

Register new application

Paste the following into the form field and click Submit to add the popcorn-controllerapplication.

name: popcorn-controller
version: "1.0"
services:
  - name: popcorn-controller-service
    containers:
      - name: kettle-popper-manager
        image: "avassa-public/movie-theaters-demo/kettle-popper-manager:v1.0"
    mode: replicated
    replicas: 1

Go back and click Register new application again and paste the following into the form field and click Submit to add the theater-room-managerapplication.

name: theater-room-manager
version: "1.0"
services:
  - name: theater-operations
    variables:
      - name: OPERATIONS_USERNAME
        value-from-secret-map:
          strongbox-vault-name: operations
          strongbox-kv-map-name: credentials
          strongbox-data-name: username
    containers:
      - name: projector-operations
        image: "avassa-public/movie-theaters-demo/projector-operations:v1.0"
      - name: digital-assets-manager
        image: "avassa-public/movie-theaters-demo/digital-assets-manager:v1.0"
        env:
          USERNAME: ${OPERATIONS_USERNAME}
        mounts:
          - volume-name: credentials
            mount-path: /credentials
    volumes:
      - name: credentials
        secret-map-ref:
          strongbox-vault-name: operations
          strongbox-kv-map-name: credentials
    mode: replicated
    replicas: 1
  - name: curtain-controller
    containers:
      - name: curtain-controller
        image: "avassa-public/movie-theaters-demo/curtain-controller:v1.0"
    mode: replicated
    replicas: 1

# Add a distributed vault for credentials

To distribute credentials through the distributed encrypted key-value store, you must first create a named vault with a key-value map to store the username and password-pair.

The following commands creates a vault named operations containing a key-value map named credentials and adds a username and password-pair to it.

supctl create config strongbox vault <<EOF
name: operations
distribute:
  to: all
EOF
supctl create config strongbox vault operations kv-maps <<EOF
name: credentials
allow-image-access: ["*"]
data:
  username: the-user
  password: the-password
EOF

# Deploy the applications

Click Deployments in the sidebar, and click Register new deployment.

Register new deployment

Paste the following into the form field and click Submit to deploy the theater-room-manager application on sites designated to be of type system which is all sites except the one running Control Tower.

name: theater-room-manager-deployment
application: theater-room-manager
application-version: "*"
placement:
  match-site-labels: >
    system/type = edge





 

Click Register new deployment again and paste the following into the form field and click Submit to deploy the popcorn-controller application to all sites you labeled to be in the Stockholm area.

name: popcorn-deployment
application: popcorn-controller
application-version: "1.0"
placement:
  match-site-labels: >
    city = stockholm





 

The theater-room-manager is now deployed to all sites, and the popcorn-controller application is deployed to stockholm-sture, and stockholm-sergel based on label matching.

# Check the status of the applications

To inspect the status of the deployed applications, click Deployments, select each of the applications and inspect the deployment status under State in the top bar.

The oper-status: "scheduled" statement tells you that all container images in a service has been successfully pulled from the remote registry and has been scheduled for execution on the sites listed under the sites statement.

Note thay popcorn-deployment has only been scheduled for deployment in the two sites labeled as located in Stockholm.

Inspect deployment

For a more detailed view of the status of each of the deployments, run the following command for each site:

supctl -D stockholm-sergel show state applications popcorn-controller

# Update the container version in an application

To update the version of a container that is part of an application, you need to update the version tag on the service, and the image tag on the specific container in the service.

Click Applications in the sidebar, select theater-room-manager, select Config in the top bar and click Edit.

Update application

Replace the current application specification with the following updated content and click Submit to trigger an update of the projector-operations container from tag v1.0 to v2.0 in all deployed instances of the theater-room-manager application. The lines that have been changed from the previous version are highlighted.

name: theater-room-manager
version: "1.1"
services:
  - name: theater-operations
    variables:
      - name: OPERATIONS_USERNAME
        value-from-secret-map:
          strongbox-vault-name: operations
          strongbox-kv-map-name: credentials
          strongbox-data-name: username
    containers:
      - name: projector-operations
        image: "avassa-public/movie-theaters-demo/projector-operations:v2.0"
      - name: digital-assets-manager
        image: "avassa-public/movie-theaters-demo/digital-assets-manager:v1.0"
        env:
          USERNAME: ${OPERATIONS_USERNAME}
        mounts:
          - volume-name: credentials
            mount-path: /credentials
    volumes:
      - name: credentials
        secret-map-ref:
          strongbox-vault-name: operations
          strongbox-kv-map-name: credentials
    mode: replicated
    replicas: 1
  - name: curtain-controller
    containers:
      - name: curtain-controller
        image: "avassa-public/movie-theaters-demo/curtain-controller:v1.0"
    mode: replicated
    replicas: 1


 










 





















# Check the status of the updated application

To inspect the status of the updated applications, click Deployments, select theater-room-manager, and select State in the top bar.

The v2.0 tag on the projector-operations image tells you that the deployment has been updated according to the new application specification.

Inspect updated application

# Undeploy the applications

To remove all instances of an application you need to remove the deployment specification.

Click Deployments in the sidebar, and for each deployment, select the deployment in the list, select Config in the top bar, click Delete and confirm undeployment.

Undeploy application

# Conclusion

You have now deployed, updated and undeployed one simple and one complex application across different sets of sites, using label-matching for placement and using a distributed, encrypted key-value store for application credentials.

Last Updated: 6/29/2021, 2:50:44 PM