Skip to content

Deployment

Jump to bottom
Ben Chen edited this page May 26, 2025 · 3 revisions

Install K3s and Docker

K3s is a light distribution of Kubernetes. PeachIDE does not require K8s to well function.

On Ubuntu/Debian, install Docker

for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo   "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" |   sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo chmod a+r /etc/apt/keyrings/docker.asc
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo groupadd docker 
sudo gpasswd -a ${USER} docker 
sudo chmod a+rw /var/run/docker.sock
sudo systemctl restart docker

kubectl and K3s

sudo apt-get install -y apt-transport-https ca-certificates curl gnupg
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
sudo chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg # allow unprivileged APT programs to read this keyring   
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo chmod 644 /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubectl

# k3s
export TOKEN=<your-token>
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="server" sh -s - --flannel-backend none --token $TOKEN
sudo k3s kubectl config view --raw | tee ~/.kube/config
chmod 600 ~/.kube/config

sudo cp .kube/config /etc/rancher/k3s/k3s.yaml
sudo systemctl daemon-reload
sudo systemctl restart k3s

Network Issues

Chinese users may encounter network errors if their server locates in China mainland. Install K3s by

curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh - # extra options above

Docker is not affected if apt mirror is good, otherwise, use USTC Mirror or other mirrors. Fix Docker registry by

sudo vim /etc/docker/daemon.json

# daemon.json
# {
#     "registry-mirrors": [
#         "https://mirror.example.com",
#     ]
# }

sudo systemctl daemon-reload
sudo systemctl restart docker

K3s registry can be configure as the same mirror of Docker

cat > /etc/rancher/k3s/registries.yaml <<EOF
mirrors:
  docker.io:
    endpoint:
      - "https://mirror.example.com/"
EOF

Setup Piston

Piston is a code execution engine for executing code snippet. Piston is hosted outside of Kubernetes cluster.

# clone piston
git clone https://github.com/engineer-man/piston

# Start the API container
cd piston
docker-compose up -d api

# Install all the dependencies for the cli
cd cli && npm i && cd -

And install runtimes to suit your need

# List all available packages
cli/index.js ppman list

# Install latest python
cli/index.js ppman install python

Configs

Config files in backend/config is applied manually, and may need to modify.

  1. Apply cert-manager. This is optional if you don't have a domain. You need to change domain to yours and server must be accessible in Internet (reverse proxy is ok)
cd config
kubectl apply -f cert-manager.yaml cluster-issuer.yaml peachide-tls.yaml
  1. Setup Postgres. You need to setup your own password for database POSTGRES_PASSWORD: "your-password" 
kubectl apply -f postgres.yaml
  1. Setup backend and frontend. You will need to build your own images
cd <repo>/peachide
docker build . --file Dockerfile --tag ghcr.io/chanbengz/peachide:latest
cd <repo>/backend
docker build . --file Dockerfile --tag ghcr.io/chanbengz/peach-backend:latest

and fillin the names of your built images in peachide.yaml and backend.yaml, and also the DASHSCOPE_API_KEY. For piston, change the IP address to your local address in piston-service.yaml

kubectl apply -f peachide.yaml backend-storage.yaml backend.yaml piston-service.yaml
  1. Setup traefik ingress
kubectl apply -f ingress.yaml 
# Optional. This enables traefik dashboard
kubectl apply -f traefik.yaml
  1. (Optional) Disable Internet access of student's practicum environment.
kubectl apply -f practicum.yaml
Clone this wiki locally