Uninstall Gitmoxi

Uninstall Gitmoxi from ECS Fargate

After you are done testing Gitmoxi you can remove it using terraform destroy. Go to the gitmoxi-trial directory, which is the directory obtained by unzipping the downloaded package received in email.

cd gitmoxi-trial
cd ecs-fargate
terraform destroy --auto-approve

Uninstall Gitmoxi from EKS

If you installed Gitmoxi on EKS then we will first delete all the Gitmoxi service components from the cluster and then delete the cluster itself.

cd gitmoxi-trial
cd eks
kubectl delete -k install_gitmoxi/
cd create_cluster
terraform destroy --auto-approve

Note make sure to delete any other test applications that you deployed otherwise the terraform destroy will fail because the network interfaces will be in use by the applications pods.

Gitmoxi architecture for trial deployment

For trial, we will deploy all the containers needed for Gitmoxi in a single ECS task (or EKS pod). Below picture captures the overall architecture for the trial deployment that will be created by Terraform. The same architecture applies to EKS as well with ingress controller handling the traffic routing path with ALB.

Gitmoxi Trial Architecture

Gitmoxi task: This task consists of 6 containers
- gm-frontend manages the Gitmoxi UI. It serves requests on port 3000 which is exposed via the Application Load Balancer (ALB)
- gm-backend handles the API calls It serves requests on port 8080 which is also exposed via the ALB.
- gm-worker is the main controller logic that handles deployments. It can handle multiple deployments in parallel.
- gm-poller provides ability to listen for GitHub changes and automatically deploy the changes without requiring invocation of Gitmoxi deploy calls. We refer this as the pull (or listening) model.
- dynamodb-local stores all the Gitmoxi configuration and deployment records. The local dynamodb stores data in memory. So when the task restarts all the data will be lost. For production you will use AWS Dynamodb service instead of local container. The dynamodb-local serves requests on port 8000 which is accessible only within the private subnet of the VPC.
- redis is used for the gm-worker for parallel processing of multiple deployments. It serves request on port 6379 which is also accessible only within the private subnet of the VPC.
The Gitmoxi task is allocated 2vCPU and 4GB of RAM. And the architecture for the containers is ARM64; so it will run on Fargate backed by Graviton instances.
Gitmoxi service is a load balanced service which takes two target groups, one for gm-frontend (port 3000) and another for gm-backend (port 8080).
- The service deploys tasks on private subnets
- The security group allows access to the 3000, 8080, 8000, and 6379 required by the Gitmoxi task containers. Only 3000 and 8080 are connected to target groups and accessible from outside the VPC.
ALB is used to access the Gitmoxi frontend and backend services. For trial, the listener is connected to port 80. The listener has default forwarding rule to send traffic to the frontend target group which relays request to gm-frontend. The listener has another rule with higher priority that forwards all traffic on /api/* and /auth/* to the backend target group which relays to gm-backend.

IAM rules used

Task execution role uses the AWS managed policy arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy which grants access to read ECR repositories and to put logs in CloudWatch.
Gitmoxi task IAM role uses the following AWS managed policies
- policy_arn = "arn:aws:iam::aws:policy/AmazonECS_FullAccess to manage entire lifecycle of ECS service, task, and tasksets.
- policy_arn = "arn:aws:iam::aws:policy/AWSLambda_FullAccess to manage entire lifecycle of Lambda functions.
- policy_arn = "arn:aws:iam::aws:policy/ElasticLoadBalancingFullAccess for reading the ELB listener rules and modifying the traffic weights during blue-green traffic shifting.
- policy_arn = "arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator for testing Lambda with API-Gateway
- policy_arn = "arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess to read the CloudWatch alarms.
- policy_arn = "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess to deploy Lambda functions

Note that the production deployment has more tighter and specific roles for the Gitmoxi task.

END USER LICENSE AGREEMENT (EULA) IMPORTANT: PLEASE READ THIS AGREEMENT CAREFULLY BEFORE DOWNLOADING, INSTALLING, OR USING THE SOFTWARE. By downloading, installing, or using this software, you acknowledge that you have read this Agreement, understand it, and agree to be bound by its terms. If you do not agree to these terms, do not install or use the software. ------------------------------------------------------------------------------- 1. GRANT OF LICENSE Subject to the terms of this Agreement, SKAI Software Corporation grants you a limited, non-exclusive, non-transferable, non-sublicensable license to install and use the software solely for your personal or internal business purposes. ------------------------------------------------------------------------------- 2. RESTRICTIONS You may NOT: a) Modify, adapt, translate, or create derivative works from the software. b) Reverse engineer, decompile, or disassemble the software, except as expressly permitted by applicable law. c) Rent, lease, loan, sell, sublicense, distribute, or otherwise transfer the software to any third party. d) Remove, alter, or obscure any proprietary notices, trademarks, or labels from the software. ------------------------------------------------------------------------------- 3. OWNERSHIP The software is and remains the exclusive property of SKAI Software Corporation. This Agreement does NOT transfer ownership of the software; it only grants you a limited license to use it. SKAI Software Corporation reserves all rights not expressly granted. ------------------------------------------------------------------------------- 4. TERMINATION This Agreement is effective until terminated. Your rights under this Agreement will automatically terminate without notice if you violate any provision. Upon termination, you MUST IMMEDIATELY: - Cease all use of the software. - Delete or destroy all copies in your possession. Termination does not limit SKAI Software Corporation’s right to pursue any other remedies available under law or equity. ------------------------------------------------------------------------------- 5. DISCLAIMER OF WARRANTY THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. SKAI SOFTWARE CORPORATION DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. SKAI SOFTWARE CORPORATION DOES NOT WARRANT THAT THE SOFTWARE WILL BE ERROR-FREE, UNINTERRUPTED, OR COMPATIBLE WITH ALL SYSTEMS. YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT USE OF THE SOFTWARE IS AT YOUR SOLE RISK. ------------------------------------------------------------------------------- 6. LIMITATION OF LIABILITY TO THE FULLEST EXTENT PERMITTED BY LAW: IN NO EVENT SHALL SKAI SOFTWARE CORPORATION BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO LOST PROFITS, BUSINESS INTERRUPTION, OR LOSS OF DATA, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT SHALL SKAI SOFTWARE CORPORATION'S TOTAL LIABILITY UNDER THIS AGREEMENT EXCEED THE AMOUNT YOU PAID FOR THE SOFTWARE, IF ANY. SOME JURISDICTIONS DO NOT ALLOW CERTAIN LIMITATIONS OF LIABILITY, SO SOME OF THESE LIMITATIONS MAY NOT APPLY TO YOU. ------------------------------------------------------------------------------- 7. INDEMNIFICATION You agree to INDEMNIFY, DEFEND, AND HOLD HARMLESS SKAI Software Corporation, its affiliates, officers, directors, employees, and agents from any claims, liabilities, damages, costs, or expenses (including attorneys’ fees) arising out of: a) Your use or misuse of the software. b) Your violation of this Agreement. c) Your violation of any applicable laws or third-party rights. ------------------------------------------------------------------------------- 8. GOVERNING LAW & JURISDICTION This Agreement shall be governed by and construed in accordance with the LAWS OF THE STATE OF DELAWARE, U.S.A., WITHOUT REGARD TO ITS CONFLICT OF LAW PRINCIPLES. ANY DISPUTE ARISING FROM OR RELATED TO THIS AGREEMENT SHALL BE EXCLUSIVELY RESOLVED IN THE STATE OR FEDERAL COURTS LOCATED IN DELAWARE, AND YOU IRREVOCABLY CONSENT TO SUCH JURISDICTION. ------------------------------------------------------------------------------- 9. SEVERABILITY If any provision of this Agreement is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect. ------------------------------------------------------------------------------- 10. FORCE MAJEURE SKAI Software Corporation shall NOT BE LIABLE for any failure or delay in performance due to causes beyond its reasonable control, including but not limited to natural disasters, war, government actions, network failures, or cyber-attacks. ------------------------------------------------------------------------------- 11. ENTIRE AGREEMENT This Agreement constitutes the ENTIRE AGREEMENT between you and SKAI Software Corporation regarding the software and supersedes all prior agreements, representations, or understandings. ------------------------------------------------------------------------------- BY DOWNLOADING, INSTALLING, OR USING THIS SOFTWARE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS AGREEMENT AND AGREE TO BE BOUND BY ITS TERMS.

Navigation Pane