In this chapter, we will deploy a database, configure our application to use it, and set up automatic DB migrations and initializations.
The application described in this chapter is not intended for use in production environments as-is. Note that successful completion of this entire guide is required to create a production-ready application.
Preparing the environment
If you haven’t prepared your environment during previous steps, please, do it using the instructions provided in the “Preparing the environment” chapter.
If your environment has stopped working or instructions in this chapter don’t work, please, refer to these hints:
Let’s launch Docker Desktop. It takes some time for this application to start Docker. If there are no errors during the startup process, check that Docker is running and is properly configured:
docker run hello-world
You will see the following output if the command completes successfully:
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete
Digest: sha256:9f6ad537c5132bcce57f7a0a20e317228d382c3cd61edae14650eec68b2b345c
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
Should you have any problems, please refer to the Docker documentation.
Let’s launch the Docker Desktop application. It takes some time for the application to start Docker. If there are no errors during the startup process, then check that Docker is running and is properly configured:
docker run hello-world
You will see the following output if the command completes successfully:
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete
Digest: sha256:9f6ad537c5132bcce57f7a0a20e317228d382c3cd61edae14650eec68b2b345c
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
Should you have any problems, please refer to the Docker documentation.
Start Docker:
sudo systemctl restart docker
Make sure that Docker is running:
sudo systemctl status docker
If the Docker start is successful, you will see the following output:
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2021-06-24 13:05:17 MSK; 13s ago
TriggeredBy: ● docker.socket
Docs: https://docs.docker.com
Main PID: 2013888 (dockerd)
Tasks: 36
Memory: 100.3M
CGroup: /system.slice/docker.service
└─2013888 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
dockerd[2013888]: time="2021-06-24T13:05:16.936197880+03:00" level=warning msg="Your kernel does not support CPU realtime scheduler"
dockerd[2013888]: time="2021-06-24T13:05:16.936219851+03:00" level=warning msg="Your kernel does not support cgroup blkio weight"
dockerd[2013888]: time="2021-06-24T13:05:16.936224976+03:00" level=warning msg="Your kernel does not support cgroup blkio weight_device"
dockerd[2013888]: time="2021-06-24T13:05:16.936311001+03:00" level=info msg="Loading containers: start."
dockerd[2013888]: time="2021-06-24T13:05:17.119938367+03:00" level=info msg="Loading containers: done."
dockerd[2013888]: time="2021-06-24T13:05:17.134054120+03:00" level=info msg="Daemon has completed initialization"
systemd[1]: Started Docker Application Container Engine.
dockerd[2013888]: time="2021-06-24T13:05:17.148493957+03:00" level=info msg="API listen on /run/docker.sock"
Now let’s check if Docker is available and its configuration is correct:
docker run hello-world
You will see the following output if the command completes successfully:
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete
Digest: sha256:9f6ad537c5132bcce57f7a0a20e317228d382c3cd61edae14650eec68b2b345c
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
Should you have any problems, please refer to the Docker documentation.
Let’s start the minikube cluster we have already configured in the “Preparing the environment” chapter:
minikube start
Set the default Namespace so that you don’t have to specify it every time you invoke kubectl:
kubectl config set-context minikube --namespace=werf-guide-app
You will see the following output if the command completes successfully:
😄 minikube v1.20.0 on Ubuntu 20.04
✨ Using the docker driver based on existing profile
👍 Starting control plane node minikube in cluster minikube
🚜 Pulling base image ...
🎉 minikube 1.21.0 is available! Download it: https://github.com/kubernetes/minikube/releases/tag/v1.21.0
💡 To disable this notice, run: 'minikube config set WantUpdateNotification false'
🔄 Restarting existing docker container for "minikube" ...
🐳 Preparing Kubernetes v1.20.2 on Docker 20.10.6 ...
🔎 Verifying Kubernetes components...
▪ Using image gcr.io/google_containers/kube-registry-proxy:0.4
▪ Using image k8s.gcr.io/ingress-nginx/controller:v0.44.0
▪ Using image registry:2.7.1
▪ Using image docker.io/jettech/kube-webhook-certgen:v1.5.1
▪ Using image docker.io/jettech/kube-webhook-certgen:v1.5.1
▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🔎 Verifying registry addon...
🔎 Verifying ingress addon...
🌟 Enabled addons: storage-provisioner, registry, default-storageclass, ingress
🏄 Done! kubectl is now configured to use "minikube" cluster and "werf-guide-app" namespace by default
Make sure that the command output contains the following line:
Restarting existing docker container for "minikube"
Its absence means that a new minikube cluster was created instead of using the old one. In this case, repeat all the steps required to install the environment using minikube.
Now run the command in the background PowerShell terminal (do not close its window):
minikube tunnel --cleanup=true
Let’s start the minikube cluster we have already configured in the “Preparing the environment” chapter:
minikube start --namespace werf-guide-app
Set the default Namespace so that you don’t have to specify it every time you invoke kubectl:
kubectl config set-context minikube --namespace=werf-guide-app
You will see the following output if the command completes successfully:
😄 minikube v1.20.0 on Ubuntu 20.04
✨ Using the docker driver based on existing profile
👍 Starting control plane node minikube in cluster minikube
🚜 Pulling base image ...
🎉 minikube 1.21.0 is available! Download it: https://github.com/kubernetes/minikube/releases/tag/v1.21.0
💡 To disable this notice, run: 'minikube config set WantUpdateNotification false'
🔄 Restarting existing docker container for "minikube" ...
🐳 Preparing Kubernetes v1.20.2 on Docker 20.10.6 ...
🔎 Verifying Kubernetes components...
▪ Using image gcr.io/google_containers/kube-registry-proxy:0.4
▪ Using image k8s.gcr.io/ingress-nginx/controller:v0.44.0
▪ Using image registry:2.7.1
▪ Using image docker.io/jettech/kube-webhook-certgen:v1.5.1
▪ Using image docker.io/jettech/kube-webhook-certgen:v1.5.1
▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🔎 Verifying registry addon...
🔎 Verifying ingress addon...
🌟 Enabled addons: storage-provisioner, registry, default-storageclass, ingress
🏄 Done! kubectl is now configured to use "minikube" cluster and "werf-guide-app" namespace by default
Make sure that the command output contains the following line:
Restarting existing docker container for "minikube"
Its absence means that a new minikube cluster was created instead of using the old one. In this case, repeat all the steps required to install the environment from scratch using minikube.
If you have inadvertently deleted Namespace of the application, you must run the following commands to proceed with the guide:
kubectl create namespace werf-guide-app
kubectl create secret docker-registry registrysecret \
--docker-server='https://index.docker.io/v1/' \
--docker-username='<Docker Hub username>' \
--docker-password='<Docker Hub password>'
You will see the following output if the command completes successfully:
namespace/werf-guide-app created
secret/registrysecret created
If nothing worked, repeat all the steps described in the “Preparing the environment” chapter and create a new environment from scratch. If creating an environment from scratch did not help either, please, tell us about your problem in our Telegram chat or create an issue on GitHub. We will be happy to help you!
Preparing the repository
Update the existing repository containing the application:
Run the following commands in PowerShell:
cd ~/werf-guide/app
# To see what changes we will make later in this chapter, let's replace all the application files
# in the repository with new, modified files containing the changes described below.
git rm -r .
cp -Recurse -Force ~/werf-guide/guides/examples/laravel/040_db/* .
git add .
git commit -m WIP
# Enter the command below to show the files we are going to change.
git show --stat
# Enter the command below to show the changes that will be made.
git show
Run the following commands in Bash:
cd ~/werf-guide/app
# To see what changes we will make later in this chapter, let's replace all the application files
# in the repository with new, modified files containing the changes described below.
git rm -r .
cp -rf ~/werf-guide/guides/examples/laravel/040_db/. .
git add .
git commit -m WIP
# Enter the command below to show files we are going to change.
git show --stat
# Enter the command below to show the changes that will be made.
git show
Doesn’t work? Try the instructions on the “I am just starting from this chapter” tab above.
Prepare a new repository with the application:
Run the following commands in PowerShell:
# Clone the example repository to ~/werf-guide/guides (if you have not cloned it yet).
if (-not (Test-Path ~/werf-guide/guides)) {
git clone https://github.com/werf/website $env:HOMEPATH/werf-guide/guides
}
# Copy the (unchanged) application files to ~/werf-guide/app.
rm -Recurse -Force ~/werf-guide/app
cp -Recurse -Force ~/werf-guide/guides/examples/laravel/030_assets ~/werf-guide/app
# Make the ~/werf-guide/app directory a git repository.
cd ~/werf-guide/app
git init
git add .
git commit -m initial
# To see what changes we will make later in this chapter, let's replace all the application files
# in the repository with new, modified files containing the changes described below.
git rm -r .
cp -Recurse -Force ~/werf-guide/guides/examples/laravel/040_db/* .
git add .
git commit -m WIP
# Enter the command below to show the files we are going to change.
git show --stat
# Enter the command below to show the changes that will be made.
git show
Run the following commands in Bash:
# Clone the example repository to ~/werf-guide/guides (if you have not cloned it yet).
test -e ~/werf-guide/guides || git clone https://github.com/werf/website ~/werf-guide/guides
# Copy the (unchanged) application files to ~/werf-guide/app.
rm -rf ~/werf-guide/app
cp -rf ~/werf-guide/guides/examples/laravel/030_assets ~/werf-guide/app
# Make the ~/werf-guide/app directory a git repository.
cd ~/werf-guide/app
git init
git add .
git commit -m initial
# To see what changes we will make later in this chapter, let's replace all the application files
# in the repository with new, modified files containing the changes described below.
git rm -r .
cp -rf ~/werf-guide/guides/examples/laravel/040_db/. .
git add .
git commit -m WIP
# Enter the command below to show files we are going to change.
git show --stat
# Enter the command below to show the changes that will be made.
git show
Making our application stateful
At this point, our application does not use a database and does not store any data (i.e., it is stateless). To make it stateful, we need to add the appropriate components to the image and configure the application to work with the MySQL database (we will use it to store the state).
We have migrated the configuration for MySQL from the official Laravel repository. The following changes have been made to our application:
- Adding
mysql-clientand thepdo_mysqlPHP module to the Dockerfile.
Adding /remember and /say endpoints to the application
Let’s add two new endpoints to our application. The /remember endpoint will store the data to the database while the /say endpoint will retrieve the data from it.
Below are our listings for a new controller and model:
<?php
namespace App\Http\Controllers;
use App\Models\Talker;
use Illuminate\Http\Request;
use Illuminate\Routing\Controller;
class TalkerController extends Controller
{
public function say(): string
{
/** @var Talker $talker */
$talker = Talker::first();
if (!$talker) {
return "I have nothing to say";
}
return $talker->answer . ", " . $talker->name . "!";
}
public function remember(Request $request): string
{
if (!$request->has('answer')) {
return "You forgot the answer :(";
}
if (!$request->has('name')) {
return "You forgot the name :(";
}
/** @var Talker $talker */
$talker = Talker::firstOrNew();
$talker->answer = $request->input('answer');
$talker->name = $request->input('name');
$talker->save();
return "Got it.";
}
}
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
/**
* @property string $answer
* @property string $name
* @property string $created_at
* @property string $updated_at
* @property string $deleted_at
*/
class Talker extends Model
{
/**
* The attributes that are mass assignable.
*
* @var string[]
*/
protected $fillable = [
'answer',
'name',
];
}
Let’s add new paths to the route list:
<?php
use App\Http\Controllers\PingController;
use App\Http\Controllers\TalkerController;
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::get('/ping', [PingController::class, 'ping']);
Route::get('/image', function () {
return view('image');
});
Route::get('/say', [TalkerController::class, 'say']);
Route::get('/remember', [TalkerController::class, 'remember']);
Now it’s time to define two basic migrations:
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateTalkersTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('talkers', function (Blueprint $table) {
$table->id();
$table->text('answer');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('talkers');
}
}
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class AddNameToTalkers extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('talkers', function(Blueprint $table) {
$table->string('name');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('talkers', function(Blueprint $table) {
$table->dropColumn('name');
});
}
}
New endpoints, /remember and /say, are ready.
Deploying a MySQL database and connecting to it
In real life, a database can be a part of the Kubernetes infrastructure or run outside of it. Outside of Kubernetes, you can deploy and maintain a database yourself or use a managed solution like Amazon RDS. For illustrative purposes, let’s deploy a MySQL database inside the Kubernetes cluster using the following basic StatefulSet:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql
spec:
serviceName: mysql
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8
args: ["--default-authentication-plugin=mysql_native_password"]
ports:
- containerPort: 3306
env:
- name: MYSQL_DATABASE
value: werf-guide-app
- name: MYSQL_ROOT_PASSWORD
value: password
volumeMounts:
- name: mysql-data
mountPath: /var/lib/mysql
volumeClaimTemplates:
- metadata:
name: mysql-data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: "100Mi"
---
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
selector:
app: mysql
ports:
- port: 3306
Note that you can also use a database deployed differently. In this case, you will not need the above StatefulSet, while all further steps remain unchanged.
Now let’s configure our application to use the new database:
...
- name: DB_HOST
value: mysql
- name: DB_DATABASE
value: werf-guide-app
- name: DB_USERNAME
value: root
- name: DB_PASSWORD
value: password
Great, the database and the application are ready to be deployed.
Initializing and migrating the database
There are several ways to initialize and migrate a database when deploying applications to Kubernetes. We will use one straightforward yet efficient method. It involves database migration (and initialization, if needed) by a dedicated Job simultaneously with deploying the application and the database.
We require the following conditions to be met to deploy resources in the desired order:
- Before starting, the job to initialize/migrate the database must make sure the database is available and ready.
- Before starting, applications must wait until the database is available and ready and all migrations are complete.
This way, all K8s resources are created at the same time but being run in the following order:
- The database starts.
- The initialization/migration Job runs.
- The applications start.
Let’s now add a Job to perform database migrations/initializations:
apiVersion: batch/v1
kind: Job
metadata:
name: "migrate-db"
annotations:
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "-1"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
backoffLimit: 0
template:
spec:
restartPolicy: Never
imagePullSecrets:
- name: registrysecret
containers:
- name: migrate-db
image: {{ .Values.werf.image.backend }}
command:
- sh
- -euc
- |
is_mysql_available() {
tries=$1
i=0
while [ $i -lt $tries ]; do
mysqladmin -h $DB_HOST -P 3306 -u $DB_USERNAME -p$DB_PASSWORD ping || return 1
i=$((i+1))
sleep 1
done
}
until is_mysql_available 10; do
sleep 1
done
php artisan migrate --force
env:
- name: DB_HOST
value: mysql
- name: DB_DATABASE
value: werf-guide-app
- name: DB_USERNAME
value: root
- name: DB_PASSWORD
value: password
Running mysqladmin ping, say, once may result in an incorrect conclusion that the database is ready. This is because the check has been completed before MySQL’s StatefulSet restart during deployment. In such cases, the database may be unavailable during initialization/migrations.
In addition, in database images, the main database process may restart several times during the first run (while the container does not restart). In this case, the single database check may show that the database is ready; next, the initialization/migration job starts only to find that the main database process is restarting. To avoid this, we run mysqladmin ping several times in a row.
You can change the number of successful checks in a row; 10 is used as an example.
Testing the application/database
Let’s deploy the application:
werf converge --repo <DOCKER HUB USERNAME>/werf-guide-app
You should see the following output:
...
┌ ⛵ image backend
│ ┌ Building stage backend/dockerfile
│ │ backend/dockerfile Sending build context to Docker daemon 510.5kB
│ │ backend/dockerfile Step 1/19 : FROM php:8.0-fpm-alpine as base
│ │ backend/dockerfile ---> 52c511f481c5
...
│ │ backend/dockerfile Successfully built 0a1d03dc74ac
│ │ backend/dockerfile Successfully tagged c5514065-5c4c-4e73-9a84-a777c9be56a3:latest
│ ├ Info
│ │ name: <DOCKER HUB USERNAME>/werf-guide-app:c1c78d5859300a5b439f0aff914ca2025ff5af4ad7cac3022d561bac-1633696904980
│ │ id: 0a1d03dc74ac
│ │ created: 2022-10-08 15:41:44 +0000 UTC
│ │ size: 56.7 MiB
│ └ Building stage backend/dockerfile (28.12 seconds)
└ ⛵ image backend (33.26 seconds)
┌ ⛵ image frontend
│ ┌ Building stage frontend/dockerfile
│ │ frontend/dockerfile Sending build context to Docker daemon 510.5kB
│ │ frontend/dockerfile Step 1/30 : FROM php:8.0-fpm-alpine as base
│ │ frontend/dockerfile ---> 52c511f481c5
...
│ │ frontend/dockerfile Successfully built 0644ab57979f
│ │ frontend/dockerfile Successfully tagged 2128b312-2942-4163-9de5-06f9fd191bc9:latest
│ ├ Info
│ │ name: <DOCKER HUB USERNAME>/werf-guide-app:773d56f3d626435554c0d2d85e7949ecd4cc0a6fea3e8557848366b0-1633696968872
│ │ id: 0644ab57979f
│ │ created: 2022-10-08 15:42:48 +0000 UTC
│ │ size: 9.4 MiB
│ └ Building stage frontend/dockerfile (89.50 seconds)
└ ⛵ image frontend (94.24 seconds)
┌ Waiting for release resources to become ready
│ ┌ Status progress
│ │ DEPLOYMENT REPLICAS AVAILABLE UP-TO-DATE
│ │ werf-guide-app 2->1/1 2->1 1
│ │ │ POD READY RESTARTS STATUS
│ │ ├── guide-app-645c598898-lfncm 0/2 0 Terminating
│ │ └── guide-app-6b57898748-tjg9k 2/2 0 Running
│ │ STATEFULSET REPLICAS READY UP-TO-DATE
│ │ mysql 1/1 0->1 1
│ │ │ POD READY RESTARTS STATUS
│ │ └── 0 1/1 0 ContainerCreating ->
│ │ Running
│ └ Status progress
└ Waiting for release resources to become ready (12.62 seconds)
┌ Waiting for helm hook job/migrate-db termination
│ ┌ job/migrate-db po/migrate-db-ddrgt container/migrate-db logs
│ │ mysqld is alive
│ │ mysqld is alive
│ │ Migration table created successfully.
│ │ Migrating: 2019_12_14_000001_create_personal_access_tokens_table
│ │ Migrated: 2019_12_14_000001_create_personal_access_tokens_table (139.30ms)
│ │ Migrating: 2021_10_04_000000_create_talkers_table
│ │ Migrated: 2021_10_04_000000_create_talkers_table (50.37ms)
│ │ Migrating: 2021_10_04_000001_add_name_to_talkers
│ │ Migrated: 2021_10_04_000001_add_name_to_talkers (40.98ms)
│ └ job/migrate-db po/migrate-db-ddrgt container/migrate-db logs
│
│ ┌ Status progress
│ │ JOB ACTIVE DURATION SUCCEEDED/FAILED
│ │ migrate-db 0 29s 0->1/0
│ │ │ POD READY RESTARTS STATUS
│ │ └── db-ddrgt 0/1 0 Running -> Completed
│ └ Status progress
└ Waiting for helm hook job/migrate-db termination (29.70 seconds)
Release "werf-guide-app" has been upgraded. Happy Helming!
NAME: werf-guide-app
LAST DEPLOYED: Fri Oct 8 15:43:57 2022
NAMESPACE: werf-guide-app
STATUS: deployed
REVISION: 14
TEST SUITE: None
Running time 57.27 seconds
Don’t worry if the process seems to be stuck at this point and many errors appear in the messages. This happens due to checking the MySQL status; you just need to wait a bit when it’s done (usually, it takes no more than 1-2 minutes).
Now let’s try to access the /say endpoint that retrieves the data from the database:
curl http://werf-guide-app.test/say
Since the database is still empty, it should return the following message:
I have nothing to say.
Let’s save some data to the database using /remember:
curl "http://werf-guide-app.test/remember?answer=Love+you&name=sweetie"
The database must respond with the following:
Got it.
Let’s try to retrieve the data from the database using the /say endpoint once again:
curl http://werf-guide-app.test/say
If successful, you will see the following output:
Love you, sweetie!
You can also make sure that the data is in the database by directly querying the table contents:
kubectl exec -it statefulset/mysql -- mysql -ppassword -e "SELECT * from talkers" werf-guide-app
You should see the following output:
+----+----------+---------------------+---------------------+---------+
| id | answer | created_at | updated_at | name |
+----+----------+---------------------+---------------------+---------+
| 1 | Love you | 2021-10-08 12:46:22 | 2021-10-08 12:46:22 | sweetie |
+----+----------+---------------------+---------------------+---------+
Done!
In this chapter, we turned our application into a stateful one by connecting it to the corresponding database. We deployed the database to the Kubernetes cluster, initialized it, and performed necessary DB migrations. Note that the above approach should work well with any relational database.
As usual, you can see all the changes made in this chapter by running the commands provided at the beginning.
