Skip to main content
GOV.UK
Developer docs
Menu
Get started
Manual
Kubernetes
Apps
Repos
Mobile
Schemas
Document types
Table of contents
Search (via Google)
Search
GOV.UK Kubernetes cluster documentation for developers
Kubernetes/EKS cheatsheet for GOV.UK developers
Prerequisites
Common tasks
View recent logs for an app
Open a Rails console
Open a shell in an app container
Open a shell on Router
List the available Rake tasks for an app
Run a Rake task
App releases and rollouts / deployments
Smokey test logs
Dashboards
Before you start
Get started
Tutorials
Update an application’s environment configuration
Deploy a new version of the example test app, check the deployment, monitor the app on Grafana and view application logs
Maintenance
Set up tools to use the GOV.UK Kubernetes platform
Install kubectl
Install Helm
Install Argo CLI
Install gds-cli and aws-vault
Install gds-cli
Install aws-vault
Access a GOV.UK EKS cluster
Prerequisites
Obtain AWS credentials for your role in the cluster’s AWS account
Access a cluster for the first time
Access a cluster that you have accessed before
Create a new application
Assumptions
Allow your application to be built as a Docker image
Add Github Actions workflows
Add image tag files to govuk-helm-charts
Add initial secrets to AWS Secrets Manager
Sentry
Add app to app-config chart values
Start with integration
Validate your deployment
Continue with the other environments
Congratulations!
Manage your app
Get information about your app
Choose and set a namespace
Get a list of all deployed apps in a namespace
Describe an app deployment
List all pods in an app
Describe a pod
View app logs
View Kubernetes events
Further information
Manage state in your app
Troubleshooting
Argo application sync stuck waiting for “waiting for completion of hook”
How apps are deployed
Deploying a release of a GOV.UK app
Continuous deployment of a release of a GOV.UK app
Check the Argo CD logs
Check the Argo CD integration environment
Check the Argo CD staging and production environments
Set or change an environment variable for your app
Update an ordinary (non-secret) environment variable
Per-app environment variables
Global environment variables
Update an environment variable from a Secrets Manager secret
Scale your app
Scaling your app
What you can scale
Vertically scaling your app
Horizontally scaling your app
How scaling your app affects platform resources
How a new version of an app is released
Roll back your app
Updating the image tag to an older release
Triggering the deploy GitHub Action to deploy an older release
Re-enabling automatic image updates after manual deploys
Set access permissions for your app
Add secrets to your app
Creating the secret in AWS Secrets Manager
Creating an AWS managed database secret
Creating a non-database secret
Defining an ExternalSecret in Kubernetes
Use the Kubernetes secret inside the app
Supporting information
Create a new environment
Create secrets for the new environment
Create a new cluster
Deploy the Terraform modules
1. Deploy the ecr module
2. Deploy the cluster-infrastructure module
Delete the aws-auth configmap
3. Deploy the govuk-publishing-infrastructure module
4. Deploy the cluster-services module
Check the environment is working
Supporting information
Fix your app
Fixing an app’s configuration
Allocating more resources to an app
Giving an app access to required AWS services
If you suspect a problem with the cluster itself
General debugging
Getting logs for your apps
Creating a shell inside a running container
Port-forwarding to a pod
Following a troubleshooting guide
How the platform works
Platform cluster add-ons
External secrets
ExternalDNS
AWS load balancer controller
Cluster autoscaler
Dex OpenID connect provider
AWS EBS CSI Driver
Platform cluster user authentication
GOV.UK Platform Engineering team
Get in touch
What we can help with
!
Warning
This document has not been updated for a while now. It may be out of date.
Last updated:
25 Aug 2023
Set access permissions for your app