hasura/hasura-k8s-stack hasura/hasura-k8s-stack

  • Stars
    star
    138
  • Rank 255,943 (Top 6 %)
  • Language
    JavaScript
  • License
    MIT License
  • Created over 5 years ago
  • Updated about 5 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
hasura/hasura-k8s-stack
github

hasura

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A feature-complete Hasura stack on Kubernetes

hasura-k8s-stack

A feature-complete Hasura stack on Kubernetes.

Components

  • Postgres (For production use cases, it is recommended to have a managed/highly available Postgres instance)
  • Hasura GraphQL Engine
  • Nginx for Ingress
  • Cert Manager for auto SSL with Let's Encrypt
  • Remote Schema with Express.js and GraphQL.js
  • Event Triggers with Express.js

Architecture

architecture

Setting up

This guide is written with the assumption that the user is well versed with Kubernetes and the user has a Kubernetes cluster with enough resources ready for consumption.

Postgres

Postgres is the primary datastore and is created as a Kubernetes Deployment backed by a Persistent Volume. This is only intended for a development setup and should not be used in a production scenario. If there is no first-class storage support, Postgres should be outside the Kubernetes cluster.

A Kubernetes Service object is created to direct traffic to Postgres pod in this Deployment.

Kubernetes Secrets are used to store the Postgres username, password etc. Actual secret files should never be committed to the repo.

Installation

cd postgres

# copy the secret.yaml file
cp secret.yaml secret.prod.yaml

# edit secret.prof.yaml and change username, password, dbname
vim secret.prod.yaml

# create the secret
kubectl apply -f secret.prod.yaml

# create the PVC
kubectl apply -f pvc.yaml

# create deployment and service
kubectl apply -f deployment-service.yaml

Once these components are successfully created, Postgres will be available at postgres://postgres:5432 on the Kubernetes cluster in the default namespace.

Hasura GraphQL Engine

Hasura GraphQL Engine is deployed as a Kubernetes Deployment along with a Service object to load balance traffic to multiple pods. The default deployment launches one instance of GraphQL Engine connected to the Postgres DB provisioned earlier.

Installation

cd hasura

# copy secret.yaml
cp secret.yaml secret.prod.yaml

# edit secret.prod.yaml and add an admin secret (access key) and db url
vim secret.prod.yaml

# create the secret
kubectl apply -f secret.prod.yaml

# create the deployment and service
kubectl apply -f deployment-service.yaml

Hasura should be available as http://hasura:80 inside the cluster. This service can be publicly exposed with an ingress rule and we'll explore it in the ingress section.

Scaling

Hasura can be horizontally scaled without any side-effects. Just increase the number of replicas for the Kubernetes deployment. Make sure that there is enough CPU/RAM available for the new replicas.

kubectl scale deployment/hasura --replicas 3

Migrations

Hasura can keep track of the database and metadata changes and store them as declarative files so that it can be version controlled. It is a flexible system that let's you write migrations by hand or it can auto-generate migrations when you use the console.

To use migrations, install the Hasura CLI - instructions are in the docs.

Once CLI is installed, open the console using CLI.

cd hasura

# open console
hasura console --endpoint <hasura-endpoint> --access-key <hasura-access-key>

As and when you use the console to make changes, CLI will write migration files (yaml) to the migrations directory.

Read more about migrations.

The same migrations can then be applied on another Hasura instance:

cd hasura

# apply migrations on another instance
hasura migrate apply --endpoint <another-hasura-endpoint> --access-key <access-key>

Until PR#1574 is merged, it is recommended to scale the replicas back to one to apply migrations and then scale them back up again.

Nginx Ingress

Nginx Ingress Controller let's us define ingress rules and expose services running in the cluster on an external domain. Behind the scenes, it is an Nginx container which can be configured using Ingress objects to add specific routing rules. It can also do SSL termination which we will be using along with cert manager.

Installation

cd nginx-ingress

# create namespace, configmaps and deployment
kubectl apply -f mandatory.yaml

# create the loadbalancer
kubectl apply -f cloud-generic.yaml

Ingress resource for Hasura

Now that the Ingress controller is created, we can create an Ingress object to route external traffic to our Hasura container.

Before that, we need to configure a domain and add the load balancer's IP address to the domain's DNS records.

# get load balancer ip
kubectl -n ingress-nginx get service

NAME            TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)                      AGE
ingress-nginx   LoadBalancer   10.0.162.204   52.172.9.111   80:31186/TCP,443:30609/TCP   30h

# copy the EXTERNAL-IP

Once you have the EXTERNAL-IP from the output above, add an A record for your domain from the DNS dashboard.

We'll use the same domain in our ingress configuration.

You can check the status by checking if the address is assigned. Once it is available you can go to the domain and it should load the Hasura console.

Cert Manager

Cert Manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. We'll use it to provision certificates automatically from Let's Encrypt.

This step is optional if you have already bought certificates from another vendor as it can be configured directly with the Ingress controller.

Installation

cd cert-manager

# create the namespace
kubectl apply -f namespace.yaml

# create crds
kubectl apply -f 00-crds.yaml

# create the cert manager resources
kubectl apply -f cert-manager.yaml

# create letsencrypt staging and prod issuers
kubectl apply -f le-staging-issuer.yaml
kubectl apply -f le-prod-issuer.yaml

Once the manager starts running, it will contact the Let's Encrypt staging server and issues a fake certificate. This is to make sure that misconfigurations will not lead to hitting rate limits on the prod server.

For this to happen, let's create the Ingress resource.

cd hasura

# edit ingress.yaml and replace k8s-stack.hasura.app with your domain
vim ingress.yaml

# create the ingress resource
kubectl apply -f ingress.yaml

Depending on the load balancer and the networking plugin, it will take couple of minutes for the configuration to be active.

# check the status of ingress
kubectl get ingress

NAME     HOSTS                  ADDRESS        PORTS     AGE
hasura   k8s-stack.hasura.app   52.172.9.111   80, 443   30h

Once the Ingress resource is created, cert-manager should be triggered and it will start the certificate issuance process. You can check the status using the following command:

kubectl get certificate

Checkout of you're getting a SSL certificate for the domain (it will be invalid as it is a fake CA). If everything is alright, edit the ingress resource to use the prod issuer.

# open the ingress object in an editor
kubectl edit ingress hasura

# replace letsencrypt-statging to letsencrypt-prod
#    certmanager.k8s.io/issuer: letsencrypt-prod

# save and exit

# delete the certificate that is already issue to trigger a cert issuance 
# from prod server
kubectl delete certificate <cert-name-from-get-command-above>

The domain should have a proper SSL certificate once the issuance is completed.

Event Triggers

Event triggers can be used to trigger webhooks on database events like insert, update and delete. This is typically useful for executing asynchronous business logic, like sending emails, updating a search index etc. In this stack we are using a Node.js microservice written using Express.js which exposes our webhooks. Many community contributed boilerplates are available which includes serverless functions also.

Installation

cd event-tiggers

# create kubernetes deployment and service
kubectl apply -f k8s.yaml

Once the container has started, the triggers will be available at http://event-triggers from within the cluster, there is an echo trigger that is already setup at http://event-triggers/echo.

Remote Schema

To custom business logic that is synchronous in nature, you can write a dedicated GraphQL server in any preferred language and expose the queries and mutations from that server through Hasura's GraphQL API using Remote schema feature. The stack here includes a GraphQL server written in Node.js using Express.js and GraphQL.js with a sample Hello World schema.

Installation

cd remote-schema

# create kubernetes deployment and service
kubectl apply -f k8s.yaml

The GraphQL server should be available at http://remote-schema/graphql from within the cluster.

TODO

  • Using tools like Kustomize to make deploying easier.
  • Setting up CI/CD scripts for migrations and environment promotion.
  • Docs for auth integration.

A big shoutout to the folks at appsintegra for collaborating with Hasura on this repo.

More Repositories

1

graphql-engine

Blazing fast, instant realtime GraphQL APIs on your DB with fine grained access control, also trigger webhooks on database events.
TypeScript
30,844
star
2

gitkube

Build and deploy docker images to Kubernetes using git push
Go
3,758
star
3

graphqurl

curl for GraphQL with autocomplete, subscriptions and GraphiQL. Also a dead-simple universal javascript GraphQL client.
JavaScript
3,301
star
4

skor

Now part of Hasura GraphQL Engine. Listen to postgres events and forward them as JSON payloads to a webhook
C
1,247
star
5

learn-graphql

Real world GraphQL tutorials for frontend developers with deadlines!
JavaScript
1,121
star
6

gatsby-gitbook-starter

Generate GitBook style modern docs/tutorial websites using Gatsby + MDX
JavaScript
976
star
7

awesome-react-graphql

A curated collection of resources, clients and tools that make working with `GraphQL and React/React Native` awesome
735
star
8

react-check-auth

Add auth protection anywhere in your react/react-native app
JavaScript
530
star
9

eff

🚧 a work in progress effect system for Haskell 🚧
Haskell
530
star
10

3factor-example

Canonical example of building a 3factor app : a food ordering application
JavaScript
455
star
11

awesome-live-reloading

A curated collection of live-reloading / hot-reloading / watch-reloading tools for different languages and frameworks.
435
star
12

ra-data-hasura

react-admin data provider for Hasura GraphQL Engine
TypeScript
335
star
13

awesome-vue-graphql

A curated collection of resources, clients and tools that make working with `GraphQL and Vue.js` awesome
302
star
14

graphql-bench

A super simple tool to benchmark GraphQL queries
TSQL
256
star
15

hasura-ecommerce

TypeScript
245
star
16

pgdeltastream

Streaming Postgres logical replication changes atleast-once over websockets
Go
244
star
17

graphql-engine-heroku

Blazing fast, instant realtime GraphQL APIs on Postgres with fine grained access control, also trigger webhooks on database events.
Dockerfile
229
star
18

graphql2chartjs

graphql2chartjs reshapes your GraphQL data as per the ChartJS API.
JavaScript
222
star
19

hasura-aws-stack

A complete production ready 100% serverless stack on AWS with Hasura
JavaScript
212
star
20

json2graphql

From a JSON file to postgres-backed realtime GraphQL
JavaScript
199
star
21

3factor

3factor app is an architecture pattern for modern fullstack apps. 3factor apps are fast to build and are highly scalable.
SCSS
179
star
22

client-side-graphql

147
star
23

hasura-actions-examples

Examples of handling custom business logic with Hasura Actions
JavaScript
135
star
24

awesome-angular-graphql

A curated collection of resources, clients and tools that make working with `GraphQL and Angular` awesome
132
star
25

gqless-movies-demo

A movies app using Hasura and gqless
TypeScript
127
star
26

awesome-fluent-graphql

Awesome list of fluent GraphQL clients & examples
TypeScript
103
star
27

graphiql-online

Explore your GraphQL APIs with headers
JavaScript
88
star
28

kubeformation

Create declarative cluster specifications for your managed Kubernetes vendor (GKE, AKS)
Go
86
star
29

data-dictionary

TypeScript
83
star
30

firebase2graphql

Move from Firebase realtime db to instant GraphQL APIs on Postgres
JavaScript
81
star
31

jwt-guide

TypeScript
79
star
32

nodejs-graphql-subscriptions-boilerplate

Boilerplate to setup GraphQL subscriptions in your nodejs code
JavaScript
78
star
33

graphql-serverless

Example boilerplates for GraphQL backends hosted on serverless platforms
Go
70
star
34

graphql-parser-hs

A GraphQL query parser for Haskell
Haskell
59
star
35

sphinx-graphiql

Sphinx plugin that adds a GraphiQL directive so that you can embed an interactive GraphQL query explorer in your docs
JavaScript
57
star
36

kriti-lang

A minimal JSON templating language
Haskell
53
star
37

schema-stitching-examples

JavaScript
44
star
38

gitkube-example

An example repo to be used with gitkube: git push to deploy on to Kubernetes
HTML
43
star
39

graphql-backend-benchmarks

GraphQL performance benchmarks across Hasura, Postgraphile and Prisma
Shell
42
star
40

comment-progress

Notify progress by commenting on GitHub issues, pull requests, and commits :octocat: πŸ’¬
JavaScript
38
star
41

local-development

[Deprecated] Run Hasura locally on your computer
37
star
42

rxdb-hasura-demo

An Offline first todo app
JavaScript
37
star
43

monad-validate

(NOTE: REPOSITORY MOVED TO NEW OWNER: https://github.com/lexi-lambda/monad-validate) A Haskell monad transformer library for data validation
Haskell
32
star
44

pod42

Python
31
star
45

gitlab-graphql

Install gitlab and expose the gitlab api's over GraphQL
JavaScript
29
star
46

codegen-assets

TypeScript
28
star
47

data-hub

Explore data sources from a native GraphQL API, database schemas to custom code contributed by the community.
PLpgSQL
27
star
48

pg-client-hs

A low level Haskell library to connect to postgres
Haskell
25
star
49

template-gallery

Repository containing schema sharing packages.
PLpgSQL
24
star
50

yelp-clone-react

A Yelp clone built using React + GraphQL + Hasura
JavaScript
24
star
51

authz-workshop

TSQL
23
star
52

ndc-hub

Shell
22
star
53

graphql-schema-stitching-demo

Schema Stitching Example with Hasura GraphQL + MetaWeather API
JavaScript
22
star
54

github-integration-starter

Try out Hasura's GitHub Integration on Cloud Projects using the examples in this repo.
22
star
55

ndc-typescript-deno

Instant Hasura Native Data Connector by writing Typescript Functions
TypeScript
22
star
56

hasura-cloud-preview-apps

TypeScript
21
star
57

issues

Dump and sync org wide issues into postgres and visualise with metabase.
Python
19
star
58

imad-app

Base repository for IMAD course application.
JavaScript
19
star
59

realm-pg-sync

The realm-pg-sync microservice
JavaScript
18
star
60

graphql-data-specification

A specification for Data APIs with GraphQL
Haskell
18
star
61

hasura-discord-docs-bot

PLpgSQL
18
star
62

react-apollo-todo

A todo app with react, apollo demonstrating graphql queries, mutations and subscriptions.
CSS
17
star
63

architect-graphql-workshop

JavaScript
16
star
64

continuous-backup

Postgres wal-e continuous backup system
Shell
16
star
65

preview-actions

Starter kit to try out actions
JavaScript
16
star
66

auth-ui-kit

Web UI Kit for Hasura Authentication
JavaScript
15
star
67

graphql-example-apps

PLpgSQL
14
star
68

js-sdk

JavaScript
14
star
69

ndc-spec

NDC Specification and Reference Implementation
Rust
14
star
70

cloud-functions-boilerplates

Boilerplates for cloud functions (AWS Lambda, Google Cloud Functions, Azure Cloud Functions, Zeit, etc.) that work in conjunction with Hasura GraphQL Engine's event triggers
JavaScript
14
star
71

graphql-subscriptions-benchmark

TypeScript
13
star
72

sample-apps

TypeScript
12
star
73

smooth-checkout-buildkite-plugin

All the things you need during a Buildkite checkout 🧈 πŸͺ
Shell
12
star
74

sqlite-dataconnector-agent

SQLite Data Connector Agent for Hasura GQL Engine. Please note that this repository is a mirror. We will still accept PRs, but will have to mirror them to our upstream repo.
TypeScript
11
star
75

github-bot

Hasura's own GitHub bot πŸ€–
JavaScript
11
star
76

generator-hasura-web

JavaScript
11
star
77

demo-apps

Config to deploy Hasura demo apps using Docker Compose
HTML
11
star
78

smooth-secrets-buildkite-plugin

A buildkite plugin to setup ssh keys and env secrets for your pipelines 🧈 πŸ”’
Shell
11
star
79

chat-app-android

Java
10
star
80

custom-resolvers-boilerplate

A boilerplate for writing custom resolvers with Hasura GraphQL Engine
JavaScript
10
star
81

open-data-domain-specification

Rust
10
star
82

android-sdk

The Android SDK for Hasura
Java
9
star
83

sample-auth-webhook

Sample auth webhooks for the Hasura GraphQL engine
JavaScript
9
star
84

generator-hasura-node

JavaScript
9
star
85

graphql-asia-workshop

JavaScript
9
star
86

reactathon-workshop

9
star
87

go-buildkite-dsl

Write Buildkite configs in Go πŸͺ πŸ“
Go
8
star
88

graphql-on-various-pg

Hasura's GraphQL engine on various Postgres systems/providers
Shell
8
star
89

cli-plugins-index

8
star
90

ndc-sdk-typescript

NDC SDK for TypeScript
TypeScript
8
star
91

graphql-weather-api

A simple GraphQL express weather api server boilerplate
JavaScript
8
star
92

supergraph-top-n-challenge

JavaScript
8
star
93

haskell-docker-builder

Package haskell binaries as docker images
Makefile
7
star
94

graphql-engine-install-manifests

Various installation manifests for Hasura's GraphQL Engine
Shell
7
star
95

laravel-todo-hge

A sample Laravel app with an auth webhook
PHP
7
star
96

awesome-react-fullstack

A review of the must know concepts & tools for going fullstack with react. Awesome list to the top tools and learning resources for each concept.
7
star
97

weaviate_gdc

POC: Weaviate data connector
TypeScript
7
star
98

ai-workshop-hasuracon23

Jupyter Notebook
6
star
99

ndc-postgres

Hasura v3 Data Connector for PostgreSQL
Rust
6
star
100

trigger-serverless-zeit-example

JavaScript
6
star