Skip to content

Instantly share code, notes, and snippets.

@roberthamel

roberthamel/cart-deployment.yaml

Last active September 17, 2018 14:15
Show Gist options
  • Save roberthamel/ee00cbc4ac6099e6837bdedbac65b713 to your computer and use it in GitHub Desktop.
Save roberthamel/ee00cbc4ac6099e6837bdedbac65b713 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
cart-deployment.yaml
###############################################################
# Cart Service
###############################################################
apiVersion: v1
kind: Service
metadata:
name: carts
labels:
app: carts
visualize: "true"
spec:
ports:
- port: 8080
name: http
selector:
app: carts
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: carts
labels:
app: carts
version: v1
visualize: "true"
spec:
replicas: 1
template:
metadata:
labels:
app: carts
version: v1
visualize: "true"
spec:
containers:
- name: carts
image: accenturepbg/webstore-cart-service:1.0
imagePullPolicy: Always
ports:
- containerPort: 8080
env:
- name: spring_data_mongodb_uri
value: mongodb://carts-mongodb/${MONGO_DATABASE}
- name: spring_data_mongodb_host
value: carts-mongodb
- name: spring_data_mongodb_database
value: ${MONGO_DATABASE}
- name: spring_data_mongodb_username
value: ${MONGO_USERNAME}
- name: spring_data_mongodb_password
value: ${MONGO_PASSWORD}
- name: MONGO_DATABASE
valueFrom:
configMapKeyRef:
name: carts-mongodb-config
key: database-name
- name: MONGO_USERNAME
valueFrom:
secretKeyRef:
name: carts-mongodb-secret
key: database-user
- name: MONGO_PASSWORD
valueFrom:
secretKeyRef:
name: carts-mongodb-secret
key: database-password
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: carts
spec:
hosts:
- "*"
gateways:
- frontend-gateway
http:
- match:
- uri:
prefix: /api/v1/cart
route:
- destination:
host: carts
port:
number: 8080
---
###############################################################
# Mongo DB
###############################################################
apiVersion: v1
kind: Service
metadata:
name: carts-mongodb
labels:
app: carts-mongodb
spec:
ports:
- port: 27017
name: mongo
selector:
app: carts-mongodb
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: carts-mongodb
labels:
app: carts-mongodb
visualize: "true"
spec:
replicas: 1
selector:
matchLabels:
app: carts-mongodb
template:
metadata:
annotations:
sidecar.istio.io/inject: "false"
labels:
app: carts-mongodb
visualize: "true"
spec:
containers:
- name: carts-mongodb
image: mongo:latest
ports:
- containerPort: 27017
volumeMounts:
- name: carts-mongodb-persistent-storage
mountPath: /data/db
volumes:
- name: carts-mongodb-persistent-storage
persistentVolumeClaim:
claimName: carts-mongodb-pv-claim
---
apiVersion: v1
kind: ConfigMap
metadata:
name: carts-mongodb-config
data:
database-name: carts
---
apiVersion: v1
kind: Secret
metadata:
name: carts-mongodb-secret
type: Opaque
data:
database-user: cm9vdA== # root
database-password: ZXhhbXBsZQo= # example
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: carts-mongodb-pv-claim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
Raw
dashboard-admin.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system
Raw
frontend-deployment.yaml
######################################################################################
# Frontend
######################################################################################
apiVersion: v1
kind: Service
metadata:
name: frontend
labels:
app: frontend
visualize: "true"
spec:
ports:
- port: 8080
name: http
selector:
app: frontend
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: frontend-v2
labels:
app: frontend
visualize: "true"
spec:
replicas: 1
template:
metadata:
labels:
app: frontend
version: v2
visualize: "true"
spec:
containers:
- name: frontend
image: accenturepbg/webstore-front-end:1.1
imagePullPolicy: Always
ports:
- containerPort: 8080
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: frontend
spec:
hosts:
- "*"
gateways:
- frontend-gateway
http:
- match:
- uri:
prefix: /
route:
- destination:
host: frontend
port:
number: 8080
Raw
gateway.yaml
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: frontend-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
Raw
inventory-deployment.yaml
######################################################################################
# Inventory Service
######################################################################################
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: inventory
spec:
hosts:
- "*"
gateways:
- frontend-gateway
http:
- match:
- uri:
prefix: /api/v1/inventory
route:
- destination:
host: inventory
port:
number: 8080
---
apiVersion: v1
kind: Service
metadata:
name: inventory
labels:
app: inventory
visualize: "true"
spec:
ports:
- port: 8080
name: http
selector:
app: inventory
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: inventory
labels:
app: inventory
version: v1
visualize: "true"
spec:
replicas: 1
template:
metadata:
labels:
app: inventory
version: v1
visualize: "true"
spec:
containers:
- name: inventory
image: accenturepbg/webstore-inventory-service:1.0
imagePullPolicy: Always
ports:
- containerPort: 8080
env:
- name: spring_profiles_active
value: mysql
- name: spring_jpa_database
value: mysql
- name: spring_datasource_url
value: jdbc:mysql://inventory-mysql/test?useSSL=false
- name: spring_datasource_username
valueFrom:
secretKeyRef:
name: inventory-mysql-secret
key: dbusername
- name: spring_datasource_password
valueFrom:
secretKeyRef:
name: inventory-mysql-secret
key: dbpassword
---
######################################################################################
# MySQL Inventory
######################################################################################
apiVersion: v1
kind: Service
metadata:
name: inventory-mysql
labels:
app: inventory-mysql
visualize: "true"
spec:
ports:
- port: 3306
name: mysql
selector:
app: inventory-mysql
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: inventory-mysql
labels:
app: inventory-mysql
visualize: "true"
spec:
replicas: 1
selector:
matchLabels:
app: inventory-mysql
strategy:
type: Recreate
template:
metadata:
annotations:
sidecar.istio.io/inject: "false"
labels:
app: inventory-mysql
visualize: "true"
spec:
containers:
- image: mysql:5.7
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: inventory-mysql-secret
key: root-password
- name: MYSQL_DATABASE
valueFrom:
secretKeyRef:
name: inventory-mysql-secret
key: database-name
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: inventory-mysql-secret
key: dbusername
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: inventory-mysql-secret
key: dbpassword
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: inventory-mysql-persistent-storage
subPath: lost+found
mountPath: /var/lib/mysql
volumes:
- name: inventory-mysql-persistent-storage
persistentVolumeClaim:
claimName: inventory-mysql-pv-claim
---
apiVersion: v1
kind: Secret
metadata:
name: inventory-mysql-secret
type: Opaque
data:
root-password: cGFzc3dvcmQ= #password
database-name: dGVzdA== #test
dbusername: dGVzdHVzZXI= #testuser
dbpassword: dGVzdDEyMw== #test123
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: inventory-mysql-pv-claim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 250Mi
Raw
istio-logging.yaml
########################################################################
# Logging
########################################################################
# Logging Namespace. All below are a part of this namespace.
apiVersion: v1
kind: Namespace
metadata:
name: logging
---
# Elasticsearch Service
apiVersion: v1
kind: Service
metadata:
name: elasticsearch
namespace: logging
labels:
app: elasticsearch
spec:
ports:
- port: 9200
protocol: TCP
targetPort: db
selector:
app: elasticsearch
---
# Elasticsearch Deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: elasticsearch
namespace: logging
labels:
app: elasticsearch
annotations:
sidecar.istio.io/inject: "false"
spec:
template:
metadata:
labels:
app: elasticsearch
spec:
containers:
- image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.1.1
name: elasticsearch
resources:
# need more cpu upon initialization, therefore burstable class
limits:
cpu: 1000m
requests:
cpu: 100m
env:
- name: discovery.type
value: single-node
ports:
- containerPort: 9200
name: db
protocol: TCP
- containerPort: 9300
name: transport
protocol: TCP
volumeMounts:
- name: elasticsearch
mountPath: /data
volumes:
- name: elasticsearch
emptyDir: {}
---
# Fluentd Service
apiVersion: v1
kind: Service
metadata:
name: fluentd-es
namespace: logging
labels:
app: fluentd-es
spec:
ports:
- name: fluentd-tcp
port: 24224
protocol: TCP
targetPort: 24224
- name: fluentd-udp
port: 24224
protocol: UDP
targetPort: 24224
selector:
app: fluentd-es
---
# Fluentd Deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: fluentd-es
namespace: logging
labels:
app: fluentd-es
annotations:
sidecar.istio.io/inject: "false"
spec:
template:
metadata:
labels:
app: fluentd-es
spec:
containers:
- name: fluentd-es
image: gcr.io/google-containers/fluentd-elasticsearch:v2.0.1
env:
- name: FLUENTD_ARGS
value: --no-supervisor -q
resources:
limits:
memory: 500Mi
requests:
cpu: 100m
memory: 200Mi
volumeMounts:
- name: config-volume
mountPath: /etc/fluent/config.d
terminationGracePeriodSeconds: 30
volumes:
- name: config-volume
configMap:
name: fluentd-es-config
---
# Fluentd ConfigMap, contains config files.
kind: ConfigMap
apiVersion: v1
data:
forward.input.conf: |-
# Takes the messages sent over TCP
<source>
type forward
</source>
output.conf: |-
<match **>
type elasticsearch
log_level info
include_tag_key true
host elasticsearch
port 9200
logstash_format true
# Set the chunk limits.
buffer_chunk_limit 2M
buffer_queue_limit 8
flush_interval 5s
# Never wait longer than 5 minutes between retries.
max_retry_wait 30
# Disable the limit on the number of retries (retry forever).
disable_retry_limit
# Use multiple threads for processing.
num_threads 2
</match>
metadata:
name: fluentd-es-config
namespace: logging
---
# Kibana Service
apiVersion: v1
kind: Service
metadata:
name: kibana
namespace: logging
labels:
app: kibana
spec:
ports:
- port: 5601
protocol: TCP
targetPort: ui
selector:
app: kibana
---
# Kibana Deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kibana
namespace: logging
labels:
app: kibana
annotations:
sidecar.istio.io/inject: "false"
spec:
template:
metadata:
labels:
app: kibana
spec:
containers:
- name: kibana
image: docker.elastic.co/kibana/kibana-oss:6.1.1
resources:
# need more cpu upon initialization, therefore burstable class
limits:
cpu: 1000m
requests:
cpu: 100m
env:
- name: ELASTICSEARCH_URL
value: http://elasticsearch:9200
ports:
- containerPort: 5601
name: ui
protocol: TCP
---
########################################################################
# Fluentd Istio
########################################################################
# Configuration for logentry instances
apiVersion: "config.istio.io/v1alpha2"
kind: logentry
metadata:
name: newlog
namespace: istio-system
spec:
severity: '"info"'
timestamp: request.time
variables:
source: source.labels["app"] | source.workload.name | "unknown"
user: source.user | "unknown"
destination: destination.labels["app"] | destination.workload.name | "unknown"
responseCode: response.code | 0
responseSize: response.size | 0
latency: response.duration | "0ms"
monitored_resource_type: '"UNSPECIFIED"'
---
# Configuration for a fluentd handler
apiVersion: "config.istio.io/v1alpha2"
kind: fluentd
metadata:
name: handler
namespace: istio-system
spec:
address: "fluentd-es.logging:24224"
---
# Rule to send logentry instances to the fluentd handler
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
name: newlogtofluentd
namespace: istio-system
spec:
match: "true" # match for all requests
actions:
- handler: handler.fluentd
instances:
- newlog.logentry
---
Raw
products-deployment.yaml
###############################################################
# Product Service
###############################################################
apiVersion: v1
kind: Service
metadata:
name: products
labels:
app: products
visualize: "true"
spec:
ports:
- port: 8080
name: http
selector:
app: products
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: products
labels:
app: products
visualize: "true"
spec:
replicas: 1
selector:
matchLabels:
app: products
template:
metadata:
labels:
app: products
version: v2
visualize: "true"
spec:
containers:
- image: accenturepbg/webstore-product-service:1.1
imagePullPolicy: Always
name: products
ports:
- containerPort: 8080
env:
- name: SPRING_PROFILES_ACTIVE
value: mysql
- name: spring_jpa_database
value: mysql
- name: spring_datasource_url
value: jdbc:mysql://products-mysql/test?useSSL=false
- name: spring_datasource_username
valueFrom:
secretKeyRef:
name: products-mysql-secret
key: MYSQL_USER
- name: spring_datasource_password
valueFrom:
secretKeyRef:
name: products-mysql-secret
key: MYSQL_PASSWORD
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: products
spec:
hosts:
- "*"
gateways:
- frontend-gateway
http:
- match:
- uri:
prefix: /api/v1/product
route:
- destination:
host: products
port:
number: 8080
---
###############################################################
# MySQL
###############################################################
apiVersion: v1
kind: Service
metadata:
name: products-mysql
labels:
app: products-mysql
visualize: "true"
spec:
ports:
- port: 3306
name: mysql
selector:
app: products-mysql
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: products-mysql
labels:
app: products-mysql
visualize: "true"
spec:
selector:
matchLabels:
app: products-mysql
strategy:
type: Recreate
template:
metadata:
annotations:
sidecar.istio.io/inject: "false"
labels:
app: products-mysql
visualize: "true"
spec:
containers:
- image: mysql:5.7
name: mysql
args:
- "--ignore-db-dir=lost+found"
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: products-mysql-secret
key: MYSQL_ROOT_PASSWORD
- name: MYSQL_DATABASE
valueFrom:
secretKeyRef:
name: products-mysql-secret
key: MYSQL_DATABASE
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: products-mysql-secret
key: MYSQL_USER
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: products-mysql-secret
key: MYSQL_PASSWORD
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
subPath: lost+found
mountPath: /var/lib/mysql
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: products-mysql-pv-claim
---
apiVersion: v1
kind: Secret
metadata:
name: products-mysql-secret
type: Opaque
data:
MYSQL_ROOT_PASSWORD: cGFzc3dvcmQ= #password
MYSQL_DATABASE: dGVzdA== #test
MYSQL_USER: dGVzdHVzZXI= #testuser
MYSQL_PASSWORD: dGVzdDEyMw== #test123
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: products-mysql-pv-claim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 250Mi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment