kube-platform 3.3.1.gk.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f0fa30c6eab08a09c802b4448ddebbc4280426b5bc55f4ac6aaad4af29f90d2f
+  data.tar.gz: 974dcbd7dbf25549f1f05ddebb6d8f00b81a7fc89bc4721f5bb28ebcdd57fefe
+SHA512:
+  metadata.gz: fa7223e94c5afe62c5fd00ee0212f3bbb6da855514827a0fa5a7b129208dcc95eb1af2bdcc4fb99fa9686878a65953decc8ef11b75e07ab0c59e3a26ebbf59a0
+  data.tar.gz: 76af5469a7b1098779d503ea0ae0c481e88a386d158e05366c42fc3f40361006b0e072d1cfeaadb93bde96fee9ef8fc2e2248475c0d311b254a78df286e4d5b0

data/Gemfile

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+PRIVATE_GEM_SERVER = "https://gem.fury.io/invoca"
+PUBLIC_GEM_SERVER = "https://rubygems.org"
+
+source PUBLIC_GEM_SERVER
+
+source PUBLIC_GEM_SERVER do
+  gem "openid_connect", "~> 2.2"
+  gem "rack", ">= 2.2.6.1"
+  gemspec
+end
+
+source PRIVATE_GEM_SERVER do
+  gem "invocaops_docker-render", "~> 1.0", ">= 1.0.1"
+end
+
+group :development do
+  source PUBLIC_GEM_SERVER do
+    gem  "pry"
+    gem  "pry-byebug"
+    gem  "rake"
+    gem  "rspec", "~> 3.11"
+    gem  "rspec_junit_formatter"
+    gem  "rubocop"
+    gem  "simplecov"
+    gem  "vcr"
+    gem  "webmock"
+    gem "invoca-utils"
+  end
+end

data/README.md

@@ -0,0 +1,192 @@
+# kube-platform
+A tool for managing Invoca developer platforms.
+
+`kube-platform` can be run from any location that has a properly configured `kubectl` (configuring `kubectl` is outside the scope of this README).  The currently selected context inside `$HOME/.kube/config` will be used by default, but can be overriden with the `--context` flag.
+
+See the #dev-qa-infrastructure slack channel for further discussion.
+
+## Installation
+
+1. Follow the instructions for configuring `kubectl` on your local workstation: [kubectl configuration instructions](https://ringrevenue.atlassian.net/wiki/spaces/DEV/pages/86717012/Kubectl+Configuration).
+2. Install the Invoca tools Homebrew tap.
+```bash
+$ brew tap invoca/tools git@github.com:Invoca/homebrew-tools.git
+```
+3. Install `kube-platform`.  The initial install builds a dedicated Ruby, which adds 3-5 minutes to the install time.
+```
+$ brew install kube-platform
+```
+4. [Configure Development AWS IAM account Credentials](https://ringrevenue.atlassian.net/wiki/spaces/DEV/pages/54001806/AWS+Dev+Environment+IAM+User+Guide#AWSDevEnvironmentIAMUserGuide-AWSCredentialsFile) on your local workstation
+
+### Upgrading
+
+At times, changes will require that `kube-platform` be upgraded. When necessary you'll receive a message like this:
+
+```bash
+This version of kube-platform is out-of-date: 1.1.0 is required, but running 1.0.0.
+Please update kube-platform: brew update && brew upgrade kube-platform
+```
+
+To upgrade, run
+
+```bash
+brew update && brew upgrade kube-platform
+```
+
+## Platform Creation
+To create a platform, run:
+
+```
+$ kube-platform create <platform-name> [image tags] [options]
+```
+
+`<platform-name>` corresponds to the Kubernetes namespace that the platform will be started in.  A full list of available options can be viewed by running `kube-platform help create`.  The [developer mode](#developer-mode), and [continuous testing](#continuous-testing) options are explained below.
+
+Image tags for various containers can be provided on the command line.  If an image tag is not provided for a container, `latest` is assumed, with one exception: if a tag is provided for `invocaops/web_app`, it will be the default tag for all containers started from `invocaops/web_app`.
+
+To list the available tags, run `kube-platform help create`.
+
+Platform creation failure? See the troubleshooting runbook in [confluence](https://ringrevenue.atlassian.net/wiki/spaces/DEV/pages/861831619/Cluster+Creation+Failure+-+Troubleshooting+Runbook)
+
+## Platform Update
+To update the image tags of a running platform, run:
+
+```
+$ kube-platform update <platform-name> [image tags]
+```
+
+Any database migrations contained in the new `web` image will be applied before the containers are restarted.
+
+## Platform Destruction
+To tear down your platform once you're done with it, run:
+
+```
+$ kube-platform destroy <platform-name>
+```
+
+## Developer Mode
+
+Applications within containers run as PID 1.  When PID 1 exits, it signals to the container manager that the container has stopped, which results in it being torn down and restarted.  When the container is restarted, any local changes made inside the container will be lost.
+
+If there's a need to edit and restart the code inside a container, the application must not be running as PID 1. The `--dev-mode` flag runs the application inside a simple bash loop, which allows the process to be killed and restarted while maintaining the container's state.
+
+Dev mode can be enabled during platform creation with the `--dev-mode` option.
+
+```
+$ kube-platform create <namespace> --dev-mode [image tags] [options]
+```
+
+After enabling dev mode, perform the following steps to restart a process:
+
+Login to the container (eg. frontend)
+
+```
+$ kubectl --namespace=<namespace> exec -it frontend-rc-<id> -c unicorn bash
+```
+
+Verify the process is not running as PID 1. See the `unicorn master` PID in this example:
+
+```
+root@frontend-rc-jx467:/srv/app# ps auxw
+USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
+root         1  0.0  0.0  18096  1656 ?        Ss   23:40   0:00 /bin/bash /invoca_run.sh frontend
+root        75 84.1  2.5 829512 385848 ?       Sl   23:42   0:41 unicorn master -c /srv/app/config/unicorn_docker.rb -E   staging
+root       127  0.1  2.4 829512 380168 ?       Sl   23:43   0:00 unicorn worker[0] -c /srv/app/config/unicorn_docker.rb -E staging
+root       130  0.1  2.4 829512 380160 ?       Sl   23:43   0:00 unicorn worker[1] -c /srv/app/config/unicorn_docker.rb -E staging
+root       133  0.0  2.4 829512 380160 ?       Sl   23:43   0:00 unicorn worker[2] -c /srv/app/config/unicorn_docker.rb -E staging
+root       136  0.0  2.4 829512 380160 ?       Sl   23:43   0:00 unicorn worker[3] -c /srv/app/config/unicorn_docker.rb -E staging
+root       139  0.1  2.4 829512 380160 ?       Sl   23:43   0:00 unicorn worker[4] -c /srv/app/config/unicorn_docker.rb -E staging
+root       142  0.1  2.4 829512 380164 ?       Sl   23:43   0:00 unicorn worker[5] -c /srv/app/config/unicorn_docker.rb -E staging
+```
+
+Make any necessary changes to the code, configuration files, etc.
+
+Kill the PID of the application, `unicorn master` in this example.
+
+```
+root@frontend-rc-jx467:/srv/app# kill 75
+```
+
+Observe that the unicorn master and its worker processes have restarted after a few seconds and that the container remains up.
+
+```
+root@frontend-rc-jx467:/srv/app# ps auxw
+USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
+root         1  0.0  0.0  18096  1656 ?        Ss   23:40   0:00 /bin/bash /invoca_run.sh frontend
+root       157  0.0  0.0  18232  2092 ?        Ss   23:43   0:00 bash
+root       242 45.3  2.4 694728 384656 ?       Sl   23:50   0:39 unicorn master -c /srv/app/config/unicorn_docker.rb -E staging
+root       291  0.0  2.4 694728 378716 ?       Sl   23:51   0:00 unicorn worker[0] -c /srv/app/config/unicorn_docker.rb -E staging
+root       294  0.0  2.4 694728 378700 ?       Sl   23:51   0:00 unicorn worker[1] -c /srv/app/config/unicorn_docker.rb -E staging
+root       297  0.0  2.4 694728 378700 ?       Sl   23:51   0:00 unicorn worker[2] -c /srv/app/config/unicorn_docker.rb -E staging
+root       300  0.0  2.4 694728 378700 ?       Sl   23:51   0:00 unicorn worker[3] -c /srv/app/config/unicorn_docker.rb -E staging
+root       303  0.0  2.4 694728 378700 ?       Sl   23:51   0:00 unicorn worker[4] -c /srv/app/config/unicorn_docker.rb -E staging
+root       306  0.0  2.4 694728 378704 ?       Sl   23:51   0:00 unicorn worker[5] -c /srv/app/config/unicorn_docker.rb -E staging
+```
+
+## Continuous Testing Mode
+A normal developer platform requires access from the outside world.  Frontends and PNAPI endpoints need to accessible, calls need to be routed into the platform, and so on.  Most of the ingress points into a platform are provided by ELBs.  This can cause problems during periods of heavy Autobahn usage; AWS rate limits the number of ELBs that can be created at once.
+
+Since Autobahn runs inside the platform, the ingress points aren't necessary.  Continuous testing mode eliminates the ELBs from the platform and routes all traffic to internal platform IP addresses. This mode will also create an autobahn pod within the platform.  **This option should only be used for Autobahn runs**.
+
+To create a platform in continuous testing mode, run:
+
+```
+$ kube-platform create <platform-name> --ct [image tags] [options]
+```
+
+## Autobahn Development Mode
+In this mode, an autobahn pod will be created within the platform, to be used for Autobahn development and testing. Normal platforms created without this option do not include an autobahn pod.
+
+To create a platform in autobahn developer mode, run:
+
+```
+$ kube-platform create <platform-name> --autobahn-dev [image tags] [options]
+```
+
+## FAKETIME
+With `--faketime` option enabled, the date/time presented to select running application can be changed by editing `/srv/app/FAKETIME` file. The running application does not need to be restarted when `/srv/app/FAKETIME` is modified.
+
+NOTE: `--faketime` option requires `--dev_mode` therefore `dev_mode` is automatically enabled when `--faketime` option is specified.
+
+For example, by putting "-30d" (without quotes) into `/srv/app/FAKETIME`, then killing the master unicorn and allowing the unicorns to come back up, the application will see date as 30 days before today.
+
+See https://github.com/wolfcw/libfaketime for more info.
+
+Frontend (**unicorn**), **job** and **task** applications will honor changes to `/srv/app/FAKETIME` file when `--faketime` option is enabled.
+
+To create a platform with FAKETIME support, include `--faketime` option during platform creation:
+
+```
+$ kube-platform create <platform-name> [image tags] --faketime [options]
+```
+To include scope to script/con:
+
+LD_PRELOAD=/usr/local/lib/libfaketime.so.1 script/console + bundle exec rails console
+
+# CONTRIBUTING
+## The Rough Steps
+- Update kube-platform itself
+- Manually release the new version via Github
+- Seed the new version into Homebrew
+- Make an announcement
+- Update tooling (if required)
+
+## The Detailed Steps
+- Merge or push new kube-platform functionality to mainline.
+- Tag the kube-platform release manually here, bumping the version according to semantic versioning.
+- Clone invoca/homebrew-tools (Invoca’s custom Homebrew tap) and update the kube-platform Homebrew formula with the new version.
+- Open PR and after review, merge to mainline.
+  - After merging to mainline, running brew update will pull in the new formula, meaning that a subsequent brew upgrade will update kube-platform.
+- Make an announcement/post in #dev-announcements about the new version
+  - If you plan to continue below, make sure to call out that an upgrade will be required in some timeframe (perhaps give a day or two for engineers to brew upgrade).
+
+**The below steps are when you want to force all previous version of kube-platform to be upgraded to the new version.**
+
+- Clone invoca/invocaops_docker (which contains Invoca's Kubernetes resources) and change the version field in `kube-platform/manifest.jsonnet` to match the new version number. Doing so will cause any kube-platform commands ran from a previous version to fail with a prompt asking the user to upgrade.
+- Open PR and after review, merge to mainline.
+  - You do not have to tag this “as a release” since kube-platform pulls the manifest.yaml.erb from the repository with every command.
+- Update Thanatos with the new release of kube-platform since Thanatos uses kube-platform as a gem to handle platform deletions.
+  - Run bundle update —conservative kube-platform in Invoca/thanatos
+  - Open a PR with the Gemfile.lock changes, and after review merge to mainline.
+  - Note! Someone will need to redeploy Thanatos by deleting the Pod when the mainline build completes so the new SHA can come up.
+    - kubectl delete pod --context <color>.staging.us-east-1 --namespace=ops-tools -l app=thanatos

data/bin/kube-platform

@@ -0,0 +1,37 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "kube-platform"
+require_relative "../lib/kube-platform/logger.rb"
+
+EXPECTED_EXCEPTIONS = [ # no need to show backtrace for these
+  KubePlatform::KubePlatformException
+].freeze
+
+def exception_cause_suffix(ex)
+  cause_suffix = +""
+  ex_next = ex
+  while cause = ex_next.cause
+    cause_suffix << "\n---caused by---\n#{cause.class.name}: #{cause.message}"
+    ex_next = cause
+  end
+  cause_suffix
+end
+
+begin
+  STDOUT.isatty and puts ""
+  KubePlatform::CLI.start("#{__dir__}/../config/images.yaml", ARGV)
+rescue Interrupt
+  KubePlatform::Logger.logger.info("kube-platform interrupted by ^C")
+  exit(2)
+rescue *EXPECTED_EXCEPTIONS => ex
+  cause_suffix = exception_cause_suffix(ex)
+  KubePlatform::Logger.logger.error("kube-platform exception: #{ex.class.name}: #{ex.message}#{cause_suffix}")
+  exit(1)
+rescue Exception => ex
+  STDOUT.isatty and puts ""   # this will leave the last log line visible on the screen, which may be helpful to understand this unexpected exception
+  cause_suffix = exception_cause_suffix(ex)
+  KubePlatform::Logger.logger.error("kube-platform exception: #{ex.class.name}: #{ex.message}#{cause_suffix}\n#{ex.backtrace.join("\n")}")
+  exit(1)
+end

data/lib/kube-platform/application.rb

@@ -0,0 +1,203 @@
+# frozen_string_literal: true
+
+module KubePlatform
+  class Application
+    include Logger
+
+    ImageMissingException = Class.new(KubePlatformException)
+    UpdateRequiredException = Class.new(KubePlatformException)
+    ImageAvailabilityCheckFailed = Class.new(KubePlatformException)
+    InvalidPlatformNameException = Class.new(KubePlatformException)
+
+    CLUSTER_DEFINITIONS = {
+      standard: "standard",
+      continuous_testing: "continuous-testing",
+      titan_e2e_testing: "titan-testing",
+      autobahn_dev: "autobahn-dev"
+    }.freeze
+    VALID_PLATFORM_NAME = /\A[a-z0-9][a-z0-9-]*[a-z0-9]\z/.freeze
+
+    def initialize(cluster_name:, image_descriptors:, options:)
+      @cluster_name = cluster_name
+      @image_descriptors = image_descriptors
+      @options = options
+      configure_logger
+    end
+
+    def create
+      raise_if_platform_name_invalid!
+      raise_if_images_unavailable!
+      build_cluster(&:create)
+    end
+
+    def update
+      execute_cluster_operation(:update) do |cluster|
+        existing_key_tag_pairs = cluster.image_key_tag_pairs
+        image_repository.add_key_tag_pairs(existing_key_tag_pairs)
+        raise_if_images_unavailable!
+      end
+    end
+
+    def destroy
+      execute_cluster_operation(:delete)
+    end
+
+    def config
+      @config ||= config_from_options(@options, @cluster_name, image_repository)
+    end
+
+    private
+
+    def config_from_options(options, cluster_name, image_repository)
+      KubePlatform::Configuration.new do |c|
+        c.cluster_definition          = cluster_definition_from_options
+        c.cluster_name                = cluster_name
+        c.ct_mode                     = options[:ct] || options[:titan_e2e_testing]
+        c.dev_mode                    = options[:dev_mode]
+        if options[:faketime]
+          c.faketime                  = options[:faketime]
+          c.dev_mode                  = true
+        end
+        c.dockerhub_secret_name       = options[:dockerhub_secret_name]
+        c.dockerhub_secret_namespace  = options[:dockerhub_secret_namespace]
+        c.domain_name                 = options[:domain_name]
+        c.image_repository            = image_repository
+        c.git_branch                  = options[:git_branch]
+        c.git_resource_path           = options[:git_resource_path]
+        c.git_url                     = options[:git_url]
+        c.kubectl_context             = options[:context]
+        c.manifest_path               = options[:manifest_path]
+        c.user                        = options[:user]
+        c.force_api_calls             = options[:force]
+        c.api_endpoint                = client.api_endpoint_from_context
+      end
+    end
+
+    def configure_logger
+      if @options[:verbose]
+        KubePlatform::Logger.verbose = true
+        KubePlatform::Logger.logger.level = ::Logger::DEBUG
+      else
+        KubePlatform::Logger.logger.level = @options[:log_level]
+      end
+    end
+
+    def raise_if_platform_name_invalid!
+      if !VALID_PLATFORM_NAME.match(@cluster_name)
+        raise InvalidPlatformNameException, "Invalid lowercase RFC 1123 platform name '#{@cluster_name}'. "\
+          "Platform name may include only lowercase alphanumeric characters and '-' "\
+          "(and must start and end with lowercase alphanumeric characters)."
+      end
+    end
+
+    def raise_if_images_unavailable!
+      logger.info("Checking for image availability")
+      missing = all_check_for_missing_images.uniq
+      if missing.empty?
+        logger.info("Successfully located all images")
+      else
+        raise ImageMissingException, "Missing images: #{missing.map(&:name)}"
+      end
+    end
+
+    def all_check_for_missing_images
+      image_repository.missing_images
+    rescue
+      raise ImageAvailabilityCheckFailed, <<~EOS
+        Failed to check image availability.
+        Perhaps you are running in the wrong kubectx context?
+
+            `kubectx --current` = #{kubectx_current}
+      EOS
+    end
+
+    def kubectx_current
+      kubectx_output = `kubectx --current`.chomp
+      if kubectx_output["USAGE:\n"]
+        "Note: you must upgrade kubectx to version 0.7.1 or greater to support the --current option"
+      else
+        kubectx_output
+      end
+    rescue => ex
+      "Command failed: #{ex.class.name}: #{ex.message}"
+    end
+
+    def image_repository
+      @image_repository ||= KubePlatform::Images::Repository.new(image_descriptors: @image_descriptors,
+                                                                image_tags: image_tags_from_options,
+                                                                image_factory: docker_hub_image_factory)
+    end
+
+    def execute_cluster_operation(action)
+      build_cluster_with_definition_switching(cluster_definition_from_options) do |c|
+        yield c if block_given?
+        c.send(action)
+      end
+    end
+
+    def build_cluster_with_definition_switching(cluster_definition_name, &block)
+      build_cluster(cluster_definition_name: cluster_definition_name, &block)
+    rescue Cluster::PlatformDefinitionMismatchException => ex
+      logger.warn("Platform #{@cluster_name} was launched with definition #{ex.expected_definition}, "\
+                  "but the operation was started with #{ex.received_definition}")
+      logger.warn("Switching to platform definition #{ex.expected_definition}")
+
+      build_cluster_with_definition_switching(ex.expected_definition, &block)
+    end
+
+    def build_cluster(cluster_definition_name: cluster_definition_from_options)
+      resource_repository.retrieve do |repository_path|
+        manifest = manifest(repository_path)
+
+        update_checker(manifest).update_required? and raise UpdateRequiredException
+        cluster_definition = manifest.cluster_definition_by_name(cluster_definition_name)
+        yield Cluster.new(name: config.cluster_name, cluster_definition: cluster_definition, client: client, config: config)
+      end
+    end
+
+    def resource_repository
+      @resource_repository ||= ResourceRepository.new(url: config.git_url, branch: config.git_branch)
+    end
+
+    def manifest(resource_repository_dir)
+      manifest_filename = File.join(resource_repository_dir, config.manifest_path)
+      resource_dir = File.join(resource_repository_dir, config.git_resource_path)
+      Manifest.new(filename: manifest_filename, resource_dir: resource_dir, config: config)
+    end
+
+    def update_checker(manifest)
+      UpdateChecker.new(manifest: manifest)
+    end
+
+    def cluster_definition_from_options
+      key = if @options[:ct]
+              :continuous_testing
+            elsif @options[:autobahn_dev]
+              :autobahn_dev
+            elsif @options[:titan_e2e_testing]
+              :titan_e2e_testing
+            else
+              :standard
+            end
+      CLUSTER_DEFINITIONS[key]
+    end
+
+    def image_tags_from_options
+      @image_tags_from_options ||= @image_descriptors.map(&:key).each_with_object({}) { |key, tags| tags[key] = @options[key] }
+    end
+
+    def docker_hub_image_factory
+      @docker_hub_image_factory ||= KubePlatform::Images::DockerHubImageFactory.new(secret_provider: docker_hub_auth_provider)
+    end
+
+    def docker_hub_auth_provider
+      @docker_hub_auth_provider ||= KubePlatform::Images::KubernetesDockerHubSecretProvider.new(
+        client: client, secret_name: @options[:dockerhub_secret_name], secret_namespace: @options[:dockerhub_secret_namespace]
+      )
+    end
+
+    def client
+      @client ||= Client.new(context_name: @options[:context])
+    end
+  end
+end

data/lib/kube-platform/cli.rb

@@ -0,0 +1,114 @@
+# frozen_string_literal: true
+
+require "thor"
+require_relative "logger"
+
+module KubePlatform
+  class CLI < Thor
+    include Logger
+
+    COMMANDS_WITH_TAG_OPTIONS = ["create", "update"].freeze
+
+    def self.start(image_config_path, *args)
+      @image_descriptors = KubePlatform::Images::Descriptor.array_from_yaml_file(filename: image_config_path)
+      add_image_tag_options
+      super(*args)
+    end
+
+    def self.add_image_tag_options
+      options = image_descriptors.map { |descriptor| Thor::DescriptorToOptionAdapter.new(descriptor: descriptor) }
+      COMMANDS_WITH_TAG_OPTIONS.each do |command|
+        options.each { |option| add_image_tag_option(option, command) }
+      end
+    end
+
+    def self.add_image_tag_option(option, command)
+      class_exec do
+        method_option option.key, aliases: option.aliases, desc: option.desc, banner: "tag", type: :string, for: command
+      end
+    end
+
+    class << self
+      attr_reader :image_descriptors
+
+      def username
+        ENV["USER"] || ""
+      end
+    end
+
+
+    class_option :ct, desc: "Continuous testing mode", type: :boolean, default: false
+    class_option :autobahn_dev, desc: "Autobahn development mode", type: :boolean, default: false
+    class_option :titan_e2e_testing, desc: "Continuous testing mode specifically for Titan E2E testing", type: :boolean, default: false
+    class_option :context, desc: "kubectl context to use to connect to Kubernetes", type: :string, default: ENV["KUBERNETES_CONTEXT"]
+    class_option :log_level, aliases: ["-l"], desc: "Log level (defaults to info when interactive, error if not)",
+                             type: :string, default: (STDOUT.isatty && !defined?(RSpec) ? "info" : "error"), enum: ["debug", "info", "warn", "error", "fatal"]
+
+    class_option :verbose, desc: "Verbose logging used for debugging.  Automatically sets log level to debug, and disables interactive mode logging",
+                           type: :boolean, default: false
+
+    class_option :git_branch, desc: "git branch to use when checking out the Kubernetes resource repository",
+                              type: :string, default: "master"
+
+    class_option :git_url, desc: "URL to the git repository containing the Kubernetes resources",
+                           type: :string, default: "git@github.com:Invoca/invocaops_docker.git"
+
+    class_option :manifest_path, desc: "Path to the manifest, relative to the root of the resource repository",
+                                 hide: true, type: :string, default: "kube-platform/manifest.jsonnet"
+
+    class_option :git_resource_path, desc: "Directory inside the resource repository that contains the Kubernetes resources",
+                                     hide: true, type: :string, default: "/"
+
+    option :user, hide: true, desc: "The username to associate with the platform", type: :string, default: username
+    option :dockerhub_secret_name, hide: true, type: :string, default: "dockerhub"
+    option :dockerhub_secret_namespace, hide: true, type: :string, default: "default"
+    option :domain_name, hide: true, type: :string, default: "invocadev.com"
+    option :dev_mode, aliases: ["-d"], desc: "Allows restarting of processes inside containers", type: :boolean, default: false
+    option :faketime, desc: "Set date/time by editing FAKETIME", type: :boolean, default: false
+
+    desc "create PLATFORM_NAME", "Create a new platform"
+
+    def create(cluster_name)
+      create_application(cluster_name).create
+    end
+
+    option :user, hide: true, desc: "The username to associate with the platforms", type: :string, default: username
+    option :dockerhub_secret_name, hide: true, type: :string, default: "dockerhub"
+    option :dockerhub_secret_namespace, hide: true, type: :string, default: "default"
+    option :domain_name, hide: true, type: :string, default: "invocadev.com"
+    option :dev_mode, aliases: ["-d"], desc: "Allows restarting of processes inside containers", type: :boolean, default: false
+    option :faketime, desc: "Set date/time by editing FAKETIME", type: :boolean, default: false
+
+    desc "update PLATFORM_NAME", "Update a platform"
+
+    def update(cluster_name)
+      create_application(cluster_name).update
+    end
+
+    desc "destroy PLATFORM_NAME", "Destroy a platform"
+
+    option :force, aliases: ["--force"], desc: "Ignores checks when deleting platforms", type: :boolean, default: false
+
+    def destroy(cluster_name)
+      create_application(cluster_name).destroy
+    end
+
+    desc "version", "Show the kube-platform version"
+
+    def version
+      puts "kube-platform version #{KubePlatform::VERSION}"
+    end
+
+    private
+
+    no_tasks do
+      def create_application(cluster_name)
+        Application.new(cluster_name: cluster_name, image_descriptors: image_descriptors, options: options)
+      end
+
+      def image_descriptors
+        self.class.image_descriptors
+      end
+    end
+  end
+end