Skip to main content
Skip table of contents

EKS Deployment Resource Hook Configuration & Deployment Flow

Last Updated:

Introduction

The following details the resource hook configuration and deployment flow for Vets API on EKS.

The vets-api EKS servers need the following components :

  • Service Account

  • Ingress Route

  • Horizontal Pod Autoscaler

  • External Sercrets

  • Server Deployment

  • Worker Deployment

  • Schema Migrations

  • SSO certificates

During deployments, the schema migration job runs before the server and worker pods are deployed. After the migration jobs runs, all other pods are deployed at the same time which has caused issues. The migration job is dependent on the External Secrets and the Service Account pods, which are not present when deploying an application to ArgoCD. The deployment had to be terminated and the External Secrets and Service Account had to be manually synced before the deployment could be manually ran again.

Resource Hooks are scripts that can be run before deploying a new version of the app. PreSync hooks were confiugred in the parent helm charts and the secrets.yaml to ensure the External Secrets and Service Account pods were deployed before the migration was ran and the server and worker pods are deployed.

Vets-api Resource Hook Deployment Flow

Resource Hook Deployment Flow for Vets API on EKS

https://mermaid.live/edit#pako:eNpdkMFqwzAQRH9F7Dk-tEcfCo7tOgkECg70IPUg5HUiYq2MIocG43_vRtQUenszDOzMzmB8h5DDOejxIk6VomL-CNg-yIjsdVG0_ZMvLMtVMlfzL9Sy9NTb81GPty9F77L-jhhIDy2agPHpNbLFcLcGRWGMnyiyt5OtuaDT4mj5fLSe2NynIAZR4Tj4h8MUPchPH67_3UJk2ZvYcskEJddLwCvqBA2XWaFJsOOzCfYrHBQpgg04DE7bjn8xKxJCQeRuqCBn7LDX0xAVKFo4qqfon9Mhj2HCDUxjpyNWVvMMB3mvhxsuP57tda4

CODE 
graph TD
A{PreSync -2}
B{PreSync -1}
C{PreSync}
D{Sync}
A --> B
B --> C
C --> D

E[ConfigMaps]
F[ExternalSecrets]
G[Service Account]
H[Schema Migration]
I[Server Deployment]
J[Worker Deployment]
E --> G
F --> G
G --> H
H --> I
H --> J

Vets-api PreSync hook configuration

Manifest type: ConfigMap and ExternalSecret

Files:

vets-api

  • chart/templates/ssoe-config.yaml

  • chart/templates/settings-configmap.yaml

  • chart/templates/lighthouse-pre-configs.yaml

vsp-infra-application-manifests

  • apps/vets-api/(dev | staging | sandbox | prod)/templates/secrets.yaml

CODE 
apiVersion: v1
kind: ConfigMap | ExternalSecret
metadata:
  name: {{ $key.name }}
  annotations:
    argocd.argoproj.io/hook: PreSync
    argocd.argoproj.io/sync-wave: "-2"

Manifest type: ServiceAccount

Files:

vets-api

  • chart/templates/sa.yaml

CODE 
apiVersion: v1
kind: ServiceAccount
metadata:
  annotations:
    argocd.argoproj.io/hook: PreSync
    argocd.argoproj.io/sync-wave: "-1"

Manifest type: Schema Migration - Job

Files:

vets-api

  • chart/templates/db-migrate-job.yaml

CODE 
apiVersion: v1
kind: Job
metadata:
  annotations:
    argocd.argoproj.io/hook: PreSync

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close