Add deployment and service files for Jitsu stack

Addresses gitlab-org/gitlab#369024 (closed)

This MR adds manifests files for deploying Jitsu in a Kuberenetes cluster and follows steps from the Scale with Jitsu page.

Specifically, these manifests will create:

• A Deployment of Jitsu Server with 3 replicas
• A Deployment of Jitsu Configurator with 1 replica
• A Deployment of Redis for use with Jitsu with 1 replica
• A Deployment of Redis for use with Jitsu user recognition with 1 replica
• Several Service objects to expose all the relevant ports between the different services

Testing this MR

Getting the cluster setup

To quickly apply all manifest files:

cd jitsu/manifests && find . -name "*.yaml" | xargs -I^ kubectl apply -f ^

To quickly unapply all manifest files:

cd jitsu/manifests && find . -name "*.yaml" | xargs -I^ kubectl delete -f ^

Exposing ports for access outside the cluster

Jitsu Configurator

To interact with this, you need to expose the port for Jitsu Configurator to the outside world. You can use a Kubernetes IDE to do this or you can use port-forward command like:

kubectl port-forward service/jitsu-configurator 7000:7000

Jitsu Server

Now we need to ensure that you can actually reach the Jitsu Server not the Configurator. That is because the servers are listening on port 8001 on one IP where the Jitsu Configurator is listening on port 7000 on a different IP. Similar to what we did above, forward port 8001 so it can be accessed outside the cluster.

kubectl port-forward service/jitsu-server 8001:8001

Testing that Jitsu is working and configured correctly

The next step of testing this MR means checking that you can successfully login to Jitsu, configure it to connect to Clickhouse (or some destination), as well as receive data.

Login to Jitsu

Assuming you have done port forwarding to expose the service jitsu-configurator on port 7000, go to htpp://localhost:7000 (or wherever your cluster is hosted if not localhost) and you should see a sign up screen. Fill out the prompts and remember the username and password. You should be able to successfully login once registered.

Connect to Clickhouse

This step assumes that you have a clickhouse instance running at http://clickhouse:8123 inside your cluster.

Add a destination in Jitsu if you are not prompted to do so automatically. Fill out the form with the destination http://clickhouse:8123 and the database jitsu as shown below. Then click Test Connection. You should get a Successfully connected! message at the top of the screen. If you get an error, look at the logs in the jitsu-configurator pod to see what went wrong.

Send data to Jitsu

This step is going to let you test that your Jitsu instance can receive events by sending it a small event.

First you need to find out what your reporting token looks like. You can find it under the API Keys screen:

Note that we want the JS Key, which looks like js.c1xo1xee7cgblai5klwqxv.4mj0bbo195o7ko77tcseev or similar.

Save this file as test.html locally:

<html>
    <head>
<script src="http://localhost:8001/s/lib.js"
        data-key="<YOUR TOKEN>"
        data-init-only="false"
        defer></script>
<script>window.jitsu = window.jitsu || (function(){(window.jitsuQ = window.jitsuQ || []).push(arguments);})</script>
    </head>
    <body />
</html>

You'll note that in the HTML file above, we used port 8001 rather than 7000. This is so that we are retrieving the JS file from the Jitsu Server, not the Jitsu Configurator.

Open test.html locally and ensure that the lib.js file was successfully retrieved. You can do this by looking at the Network tab in Chrome Dev Tools if you like.

Once that is done, you should see the event in Jitsu:

Future Work

Ingress

This MR deploys 3 replicas of Jitsu Server, but it does not incorporate a load-balancing ingress. This will need to be done to ensure that load is distributed evenly across the various replicas that have been created.

Resource limits

These manifests include no resource limits on any containers. This means they could potentially consume more resources than intended and starve other containers. This should be investigated and addressed before a production deployment.

Hardcode credentials

These manifests use a hardcoded admin token for communication between the Jitsu Server and Jitsu Configurator containers. This should be managed differently in a production environment, most likely using a Kubernetes Secret object.