github/podinfo
1
0
Fork 0
mirror of https://github.com/stefanprodan/podinfo.git synced 2026-04-07 03:26:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: github:0.2.2
Branches Tags
github:master github:dependabot/github_actions/actions-cb5fd4910d github:gh-pages github:test-source-watcher github:feat/notation github:v6.x github:v5.x github:v3.x github:v1.x github:v0.x
github:6.11.2 github:6.11.1 github:6.11.0 github:6.10.2 github:6.10.1 github:6.10.0 github:6.9.4 github:6.9.3 github:6.9.2 github:6.9.1 github:6.9.0 github:6.8.0 github:6.7.1 github:6.7.0 github:6.6.3 github:6.6.2 github:6.6.1 github:6.6.0 github:6.5.4 github:6.5.3 github:6.5.2 github:6.5.1 github:6.5.0 github:6.4.1 github:6.4.0 github:6.3.6 github:6.3.5 github:6.3.4 github:6.3.3 github:6.3.2 github:6.3.1 github:6.3.0 github:6.2.3 github:6.2.2 github:6.2.1 github:6.2.0 github:6.1.8 github:6.1.7 github:6.1.6 github:6.1.5 github:6.1.4 github:6.1.3 github:6.1.2 github:6.1.1 github:6.1.0 github:6.0.4 github:6.0.3 github:6.0.2 github:6.0.1 github:6.0.0 github:5.2.1 github:5.2.0 github:5.1.4 github:5.1.3 github:5.1.2 github:5.1.1 github:5.1.0 github:5.0.3 github:5.0.2 github:5.0.1 github:5.0.0 github:4.0.6 github:4.0.5 github:4.0.4 github:4.0.3 github:4.0.2 github:4.0.1 github:4.0.0 github:3.3.1 github:3.3.0 github:3.2.4 github:3.2.3 github:3.2.2 github:3.2.1 github:3.2.0 github:3.1.5 github:3.1.4 github:3.1.3 github:3.1.2 github:3.1.1 github:3.1.0 github:3.0.0 github:2.1.3 github:2.1.2 github:2.1.1 github:2.1.0 github:2.0.2 github:2.0.1 github:2.0.0 github:v1.8.0 github:v1.7.0 github:v1.6.0 github:v1.4.2 github:v1.4.1 github:v1.4.0 github:v1.3.1 github:v1.3.0 github:v1.2.1 github:v1.2.0 github:v1.1.1 github:v1.1.0 github:v1.0.0 github:v0.5.0 github:v0.4.0 github:0.2.2
...
compare: github:v1.2.1
Branches Tags
github:dependabot/github_actions/actions-cb5fd4910d github:gh-pages github:master github:test-source-watcher github:feat/notation github:v6.x github:v5.x github:v3.x github:v1.x github:v0.x
github:6.11.2 github:6.11.1 github:6.11.0 github:6.10.2 github:6.10.1 github:6.10.0 github:6.9.4 github:6.9.3 github:6.9.2 github:6.9.1 github:6.9.0 github:6.8.0 github:6.7.1 github:6.7.0 github:6.6.3 github:6.6.2 github:6.6.1 github:6.6.0 github:6.5.4 github:6.5.3 github:6.5.2 github:6.5.1 github:6.5.0 github:6.4.1 github:6.4.0 github:6.3.6 github:6.3.5 github:6.3.4 github:6.3.3 github:6.3.2 github:6.3.1 github:6.3.0 github:6.2.3 github:6.2.2 github:6.2.1 github:6.2.0 github:6.1.8 github:6.1.7 github:6.1.6 github:6.1.5 github:6.1.4 github:6.1.3 github:6.1.2 github:6.1.1 github:6.1.0 github:6.0.4 github:6.0.3 github:6.0.2 github:6.0.1 github:6.0.0 github:5.2.1 github:5.2.0 github:5.1.4 github:5.1.3 github:5.1.2 github:5.1.1 github:5.1.0 github:5.0.3 github:5.0.2 github:5.0.1 github:5.0.0 github:4.0.6 github:4.0.5 github:4.0.4 github:4.0.3 github:4.0.2 github:4.0.1 github:4.0.0 github:3.3.1 github:3.3.0 github:3.2.4 github:3.2.3 github:3.2.2 github:3.2.1 github:3.2.0 github:3.1.5 github:3.1.4 github:3.1.3 github:3.1.2 github:3.1.1 github:3.1.0 github:3.0.0 github:2.1.3 github:2.1.2 github:2.1.1 github:2.1.0 github:2.0.2 github:2.0.1 github:2.0.0 github:v1.8.0 github:v1.7.0 github:v1.6.0 github:v1.4.2 github:v1.4.1 github:v1.4.0 github:v1.3.1 github:v1.3.0 github:v1.2.1 github:v1.2.0 github:v1.1.1 github:v1.1.0 github:v1.0.0 github:v0.5.0 github:v0.4.0 github:0.2.2

156 Commits
0.2.2 ... v1.2.1

Author SHA1 Message Date
Stefan Prodan
97d36bd8bb Release v1.2.1 
- wait for the readiness probe to remove the endpoint from the LB before entering HTTP server graceful shutdown
 2018-09-25 12:10:46 +03:00
Stefan Prodan
18a22d1b94 Add shutdown delay (wait for the readiness probe) 2018-09-25 12:01:01 +03:00
Stefan Prodan
083de34465 Fix podinfo-istio chart health checks 2018-09-19 13:16:25 +03:00
Stefan Prodan
64b85dc30d Move Istio docs to the istio-gke repo 2018-09-18 14:54:30 +03:00
Stefan Prodan
fed964e223 Expose Istio Grafana 2018-09-17 18:34:34 +03:00
Stefan Prodan
efb6a76242 Mention Istio Gateway reload cert issue 2018-09-17 13:58:38 +03:00
Stefan Prodan
fb199b72a1 Split GKE and Could DNS setup 2018-09-17 12:51:01 +03:00
Stefan Prodan
ce117e1706 Add Could DNS verify commands 2018-09-16 20:47:34 +03:00
Stefan Prodan
23e67f9923 Remove istio sub domain 2018-09-16 14:29:41 +03:00
Stefan Prodan
30b030a685 Add CloudDNS CNAME record 2018-09-16 14:07:04 +03:00
Stefan Prodan
0fe4a7a3a9 Add GKE, CloudDNS and Helm setup steps 2018-09-16 13:48:58 +03:00
Stefan Prodan
982063ab9b Resize Istio cert-manager diagram 2018-09-16 12:49:48 +03:00
Stefan Prodan
c3256bd18f Add Istio cert-manager diagram 2018-09-16 12:43:08 +03:00
Stefan Prodan
d947fc5b2c Add OpenFaaS Istio port-forward commands 2018-09-14 16:49:41 +03:00
Stefan Prodan
dc6d64137d Add OpenFaaS Istio intro 2018-09-14 13:25:20 +03:00
Stefan Prodan
f3c1ee7dbc Add OpenFaaS Istio canary diagram 2018-09-14 12:04:58 +03:00
Stefan Prodan
6b6dd86fea Add OpenFaaS Istio diagram 2018-09-14 11:13:09 +03:00
Stefan Prodan
02e5f233d0 Release v1.2.0 2018-09-11 22:18:58 +03:00
Stefan Prodan
b89f46ac04 Add websocket client command to CLI 2018-09-11 22:14:59 +03:00
Stefan Prodan
59cd692141 Add websocket echo handler 2018-09-11 22:13:54 +03:00
Stefan Prodan
bcd61428d1 Import gorilla/websocket 2018-09-11 22:12:37 +03:00
Stefan Prodan
f8ec9c0947 Fix multi-arch docker push 2018-09-11 18:04:13 +03:00
Stefan Prodan
6c98fbf1f4 Add JWT token issue and validate handlers 2018-09-10 11:36:11 +03:00
Stefan Prodan
54f6d9f74d Add env handler 2018-09-10 01:29:49 +03:00
Stefan Prodan
1d35304d9d OpenfaaS canary deployments 2018-09-09 16:38:37 +03:00
Stefan Prodan
457a56f71a Publish podinfo CLI to GitHub with goreleaser 2018-09-09 12:38:23 +03:00
Stefan Prodan
fbcab6cf56 Upgrade to go 1.11 and alpine 3.8 2018-09-09 12:37:58 +03:00
Stefan Prodan
0126282669 add goreleaser 2018-09-08 19:05:37 +03:00
Stefan Prodan
ff1fb39f43 Release v1.1.0 
- add podinfo CLI to Quay docker image
- use podinfo CLI for health checks (Istio mTLS support)
 2018-09-08 11:38:48 +03:00
Stefan Prodan
84f0e1c9e2 Add CLI check certificate 2018-09-07 15:26:07 +03:00
Stefan Prodan
3eb4cc90f9 Add CLI to Quay docker image 2018-09-07 14:55:24 +03:00
Stefan Prodan
b6c3d36bde Add CLI check tcp command 2018-09-07 14:54:55 +03:00
Stefan Prodan
a8a85e6aae Add CLI version cmd 2018-09-07 14:54:35 +03:00
Stefan Prodan
79b2d784bf Add OpenFaaS Istio guide WIP 2018-09-07 13:38:39 +03:00
Stefan Prodan
bfd35f6cc0 Make health checks compatible with Istio mTLS 2018-09-07 13:38:18 +03:00
Stefan Prodan
f1775ba090 Add podinfo CLI WIP 2018-09-07 13:37:40 +03:00
Stefan Prodan
7a2d59de8e Add OpenFaaS Istio mTLS and policies 2018-09-05 15:38:53 +03:00
Stefan Prodan
8191871761 Add Istio A/B test dashboard 2018-09-05 15:38:24 +03:00
Stefan Prodan
36bb719b1c Bump version to 1.0.1 2018-08-27 16:26:30 +01:00
Stefan Prodan
ecd204b15e Release v1.0.0 2018-08-22 00:57:53 +03:00
Stefan Prodan
979fd669df Use gorilla mux route name as Prometheus path label 2018-08-21 15:19:21 +03:00
Stefan Prodan
feac686e60 Release v1.0.0-beta.1 2018-08-21 12:03:34 +03:00
Stefan Prodan
d362dc5f81 Set env var prefix to PODINFO 2018-08-21 11:58:37 +03:00
Stefan Prodan
593ccaa0cd Add random delay and errors middleware 2018-08-21 03:12:20 +03:00
Stefan Prodan
0f098cf0f1 Add config file support 2018-08-21 02:02:47 +03:00
Stefan Prodan
2ddbc03371 Replace zerolog with zap 2018-08-21 02:01:26 +03:00
Stefan Prodan
f2d95bbf80 Add logging middleware and log level option 2018-08-20 17:03:07 +03:00
Stefan Prodan
7d18ec68b3 Use plag, viper and zap 2018-08-20 11:30:18 +03:00
Stefan Prodan
774d34c1dd Rewrite HTTP server with gorilla mux 2018-08-20 11:29:11 +03:00
Stefan Prodan
f13d006993 Add Kubernetes probes handlers 2018-08-20 11:28:06 +03:00
Stefan Prodan
aeeb146c2a Add UI handler 2018-08-20 11:27:40 +03:00
Stefan Prodan
11bd74eff2 Add local storage read/write handler 2018-08-20 11:27:08 +03:00
Stefan Prodan
af6d11fd33 Add panic handler 2018-08-20 11:26:24 +03:00
Stefan Prodan
49746fe2fb Add fscache reader handler 2018-08-20 11:26:08 +03:00
Stefan Prodan
da24d729bb Add runtime info handler 2018-08-20 11:25:36 +03:00
Stefan Prodan
449fcca3a9 Add HTTP status code handler 2018-08-20 11:25:15 +03:00
Stefan Prodan
2b0a742974 Add echo headers handler 2018-08-20 11:24:49 +03:00
Stefan Prodan
153f4dce45 Add echo handler with backend propagation 2018-08-20 11:24:23 +03:00
Stefan Prodan
4c8d11cc3e Add delay handler 2018-08-20 11:23:45 +03:00
Stefan Prodan
08415ce2ce Add version handler 2018-08-20 11:23:13 +03:00
Stefan Prodan
d26b7a96d9 Add UI index handler 2018-08-20 11:22:48 +03:00
Stefan Prodan
3c897b8bd7 Rename git commit to revision 2018-08-20 11:21:51 +03:00
Stefan Prodan
511ab87a18 Update deps for v1.0 2018-08-20 11:20:56 +03:00
Stefan Prodan
21922197b5 Add resource usage to blue/green dashboard 2018-08-18 14:22:35 +03:00
Stefan Prodan
7ea943525f Add Helm chart for load testing 2018-08-17 18:45:52 +03:00
Stefan Prodan
57ff4465cd Add Istio Blue/Green Grafana dashboard 2018-08-17 17:25:04 +03:00
Stefan Prodan
a86ef1fdb6 Add frontend, backend and store chart values 
- add Istio virtual service weight for blue/green
 2018-08-17 15:41:23 +03:00
Stefan Prodan
ddf1b80e1b Log backend errors 2018-08-17 15:38:35 +03:00
Stefan Prodan
896aceb240 Add Helm chart for Istio canary deployments and A/B testing 2018-08-16 15:24:04 +03:00
Stefan Prodan
7996f76e71 Release v0.6.1 
- update page title when hostname changes
 2018-08-16 15:21:26 +03:00
Stefan Prodan
8b04a8f502 Remove old charts 2018-08-16 15:20:21 +03:00
Stefan Prodan
8a6a4e8901 Release v0.6 
- Helm chart: use quay image, add color env var, rename backend env var, adjust deployment strategy and set liveness probe to 2s
 2018-08-16 00:09:02 +03:00
Stefan Prodan
cf8531c224 Move ping to api/echo 2018-08-16 00:05:32 +03:00
Stefan Prodan
d1574a6601 Decrease Istio HTTP 503 errors with preStop 2018-08-15 19:42:08 +03:00
Stefan Prodan
75d93e0c54 Inject delay and failures for the orange backend 2018-08-15 13:37:40 +03:00
Stefan Prodan
7622dfb74f Add store service 2018-08-15 12:28:03 +03:00
Stefan Prodan
85a26ed71e Add X-Api-Version header 
- inject version header for backend calls
- route frontend calls to backend based on API version
 2018-08-15 11:16:20 +03:00
Stefan Prodan
81b22f08f8 Add instrumentation list 2018-08-15 11:14:59 +03:00
Stefan Prodan
7d9e3afde7 Beta release v0.6.0-beta.10 2018-08-14 16:41:58 +03:00
Stefan Prodan
3d2028a124 Display hostname as title 2018-08-14 16:41:14 +03:00
Stefan Prodan
1b56648f5b Enable HTTPS redirect in Istio gateway 2018-08-14 16:04:44 +03:00
Stefan Prodan
3a704215a4 Move the public gateway to istio-system ns 
- expose Jaeger and Grafana
 2018-08-14 15:57:07 +03:00
Stefan Prodan
25aaeff13c Ignore DS_Store 2018-08-14 13:33:36 +03:00
Stefan Prodan
3b93a3445e Make message and color configurable via env vars 2018-08-14 13:21:35 +03:00
Stefan Prodan
a6cc3d2ef9 Reload page when version changes and use fetch API for backend calls 2018-08-14 13:20:05 +03:00
Stefan Prodan
718d8ba4e0 Get external IP from httpbin.org 2018-08-14 11:24:22 +03:00
Stefan Prodan
24ceb25930 Beta release v0.6.0-beta.2 2018-08-13 14:56:13 +03:00
Stefan Prodan
fc8dfc7678 Add Istio Gateway manifests 2018-08-13 14:55:27 +03:00
Stefan Prodan
8e656fdfd0 Add UI/API response and forward OpenTracing headers to backend 2018-08-13 14:54:46 +03:00
Stefan Prodan
a945842e9b Add VueJS UI 2018-08-13 14:52:49 +03:00
Stefan Prodan
09a743f5c2 Add CPU and Memory stress test flags 2018-08-10 11:48:12 +03:00
Stefan Prodan
c44a58602e Release v0.5.1 2018-08-08 12:17:05 +03:00
Stefan Prodan
2ee11bf6b2 Remove deleted files from cache instead of clearing the whole cache 2018-08-08 12:14:26 +03:00
Stefan Prodan
70b0e92555 Release v0.5 2018-08-04 02:04:07 +03:00
Stefan Prodan
7a78c93a49 Set log level flag and update zerolog pkg 2018-08-04 02:02:47 +03:00
Stefan Prodan
be915d44cc Reload configmaps and secrets when kubelet updates them 2018-08-01 03:22:39 +03:00
Weave Flux
82f2f9ecf9 Automated: default:deployment/podinfo 
[ci skip]
 2018-07-05 16:20:52 +00:00
Weave Flux
035f78edc1 Deautomated: default:deployment/podinfo 
[ci skip]
 2018-07-05 16:18:53 +00:00
Weave Flux
91c61d4fa5 Automated: default:deployment/podinfo 
[ci skip]
 2018-07-05 16:18:37 +00:00
Weave Flux
e673dae20d Release all latest to default:deployment/podinfo 
[ci skip]
 2018-07-05 16:04:30 +00:00
Weave Flux
adfff4a923 Release stefanprodan/podinfo:62fa684 to default:deployment/podinfo 
[ci skip]
 2018-07-05 16:01:53 +00:00
Weave Flux
4db9d5a1ed Release stefanprodan/podinfo:92114c0 to default:deployment/podinfo 
[ci skip]
 2018-07-05 16:01:21 +00:00
Ilya Dmitrichenko
92114c05c9 Change hash algorithm 2018-07-05 16:20:48 +01:00
Stefan Prodan
62fa684440 Release v4.0 2018-06-14 16:03:16 -07:00
Stefan Prodan
2aba7a3ed2 Update release automation list 2018-05-23 14:01:25 +03:00
Stefan Prodan
fda68019ea Merge pull request #5 from errordeveloper/master 
Fix deploy guard logic
 2018-05-21 13:06:28 +03:00
Ilya Dmitrichenko
39dde13700 Fix deploy guard logic, use multiple lines 2018-05-21 09:55:02 +01:00
Stefan Prodan
2485a10189 Merge pull request #3 from errordeveloper/master 2018-05-19 16:42:50 +03:00
Ilya Dmitrichenko
6c3569e131 Skip deploy on PR 2018-05-18 16:54:42 +01:00
Ilya Dmitrichenko
9b3a033845 Production deployment manifest for skaffold blog 2018-05-18 16:29:22 +01:00
Stefan Prodan
f02ebc267a Merge pull request #2 from errordeveloper/master 
Add CircleCI
 2018-05-17 14:55:31 +03:00
Ilya Dmitrichenko
01631a0a43 Add CircleCI 2018-05-17 12:51:52 +01:00
Stefan Prodan
a1e5cb77fd Merge pull request #1 from errordeveloper/master 
Add Skaffold config files
 2018-05-15 16:17:23 +03:00
Ilya Dmitrichenko
cdc6765b51 Add skaffold 2018-05-15 12:38:53 +01:00
Ilya Dmitrichenko
ff9cf93b14 Add .dockerignore 2018-05-11 14:53:17 +01:00
Stefan Prodan
5665149191 Set default port to 9898 2018-05-11 16:13:47 +03:00
Stefan Prodan
5a1f009200 Add Weave Flux Helm Operator diagram 2018-05-10 13:49:05 +03:00
Stefan Prodan
b6be95ee77 Bump podinfo Helm chart app version to v0.3 2018-05-10 11:56:47 +03:00
Stefan Prodan
ad22fdb933 Add canary deployments docs for Istio and Ambassador 2018-05-10 11:50:19 +03:00
Stefan Prodan
9b287dbf5c Add git poll interval option to Flux chart 2018-05-07 12:23:26 +03:00
Stefan Prodan
e81277f217 Release Flux chart 1.3.0 and Helm Operator v1alpha2 2018-05-07 11:16:00 +03:00
Stefan Prodan
e24c83525a Use http_request_duration_seconds for RED metrics 2018-05-07 11:03:02 +03:00
Stefan Prodan
65d03a557b Fix Quay push 2018-05-07 11:00:02 +03:00
Stefan Prodan
e93d0682fb bump version to 0.3.0 2018-05-02 23:08:43 +02:00
Stefan Prodan
a1bedc8c43 Update Weave Flux chart (Weave Cloud token option) 2018-04-25 15:01:19 +03:00
Stefan Prodan
07d3192afb Add Weave Cloud service token option 2018-04-25 15:00:27 +03:00
Stefan Prodan
ee10c878a0 Istio Canary GitOps mention the cluster config repo 2018-04-25 14:52:26 +03:00
Stefan Prodan
db9bf53e4f Istio Canary GitOps pipeline 2018-04-25 14:22:56 +03:00
Stefan Prodan
53d2609d8f Weave Scope Istio canary observability 2018-04-25 11:39:31 +03:00
Stefan Prodan
b34653912d Weave Cloud Istio canary observability 2018-04-25 11:17:43 +03:00
Stefan Prodan
1a2029f74d Use Weave Flux Helm Operator master-d5c374c 2018-04-24 00:09:51 +03:00
Stefan Prodan
68babf42e1 Add Weave Flux Helm Operator 2018-04-22 13:39:29 +03:00
Stefan Prodan
1330decdaa Add Weave Flux to podinfo Helm repo 2018-04-22 12:17:13 +03:00
Stefan Prodan
1682f79478 Add Weave Flux Git deploy setup docs 2018-04-22 12:16:49 +03:00
Stefan Prodan
93dee060dc Add Weave Flux OSS Helm chart 2018-04-21 21:34:06 +03:00
Stefan Prodan
797a4200dd Add Weave Cloud chart 2018-04-20 12:26:39 +03:00
Stefan Prodan
0c84164b65 Add Istio ingress to v1alpha3, remove v1alpha2 2018-04-20 01:03:16 +03:00
Stefan Prodan
b104769f20 Istio use Hey to generate load 2018-04-20 00:56:36 +03:00
Stefan Prodan
4acfdba296 Add ClusterIP service definition 2018-04-19 10:21:05 +03:00
Stefan Prodan
b5719fea3f Use test namespace 2018-04-17 14:58:40 +03:00
Stefan Prodan
00106faf8d Istio install steps 2018-04-17 14:13:08 +03:00
Stefan Prodan
88f417ee1c split Istio configs 2018-04-17 13:56:23 +03:00
Stefan Prodan
94441ef933 Istio - using same hosts has no effect 2018-04-17 11:47:44 +03:00
Stefan Prodan
b1871f827b Istio broken 2018-04-12 11:37:15 +01:00
Stefan Prodan
753799812a Fix istio.io/v1alpha3 definitions 2018-04-12 11:08:45 +01:00
Stefan Prodan
6aa5cbbaee Canary istio.io/v1alpha3 2018-04-12 10:15:13 +01:00
Stefan Prodan
4efde133e5 fix Travis Quay login 2018-04-12 10:14:51 +01:00
Stefan Prodan
60c0601128 try fix Travis Docker login 2018-04-11 18:05:02 +01:00
Stefan Prodan
d4882b4212 Istio canary deployments 2018-04-11 15:27:41 +01:00
Stefan Prodan
e4c765160a All namespace ops from K9 pod 2018-04-10 16:44:46 +01:00
Stefan Prodan
130e1dac8e Clone GCP Git repo on K9 IDE startup 2018-04-09 14:49:27 +01:00
Stefan Prodan
510864654f Add GCP Git support 2018-04-09 11:52:05 +01:00
Stefan Prodan
310643b0df Add Flux to the k9 setup 2018-04-08 01:24:17 +03:00
Stefan Prodan
6de537a315 Use Cloud9 golang image 2018-04-07 02:46:47 +03:00
Stefan Prodan
5d992a92bb Clone git repo at startup 
- mount known_hosts from the ssh secret
 2018-04-07 02:15:55 +03:00
Stefan Prodan
0aade8c049 Automate Git server repo seeding 2018-04-07 01:40:13 +03:00
864 changed files with 260448 additions and 7918 deletions
Expand all files Collapse all files

38
.circleci/config.yml Normal file
View File

@@ -0,0 +1,38 @@
version: 2
jobs:
build:
docker:
- image: errordeveloper/skaffold:66cc263ef18f107adce245b8fc622a8ea46385f2
steps:
- checkout
- setup_remote_docker: {docker_layer_caching: true}
- run:
name: Run unit tests and build the image with Skaffold
command: skaffold build --profile=test
deploy:
docker:
- image: errordeveloper/skaffold:66cc263ef18f107adce245b8fc622a8ea46385f2
steps:
- checkout
- setup_remote_docker: {docker_layer_caching: true}
- run:
name: Build and push the image to the registry with Skaffold
command: |
if [[ -z "${CIRCLE_PULL_REQUEST}" ]] && [[ "${CIRCLE_PROJECT_USERNAME}" = "stefanprodan" ]] ; then
echo $REGISTRY_PASSWORD | docker login --username $REGISTRY_USERNAME --password-stdin
skaffold build --profile=production
else
echo "Do not push image"
fi
workflows:
version: 2
main:
jobs:
- build
- deploy:
requires: [build]
filters:
branches: {only: [master]}

9
.dockerignore Normal file
View File

@@ -0,0 +1,9 @@
docs
deploy
charts
cloudbuild.yaml
skaffold.yaml
.gitignore
.travis.yml
LICENSE
README.md

4
.gitignore vendored
View File

@@ -10,8 +10,12 @@
# Output of the go coverage tool, specifically when used with LiteIDE
*.out
.DS_Store
# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
.glide/
.idea/
release/
build/
gcloud/
dist/

21
.goreleaser.yml Normal file
View File

@@ -0,0 +1,21 @@
builds:
- main: ./cmd/podcli
binary: podcli
ldflags: -s -w -X github.com/stefanprodan/k8s-podinfo/pkg/version.REVISION={{.Commit}}
goos:
- windows
- darwin
- linux
goarch:
- amd64
env:
- CGO_ENABLED=0
ignore:
- goos: darwin
goarch: 386
- goos: windows
goarch: 386
archive:
name_template: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
files:
- none*

22
.travis.yml
View File

@@ -2,7 +2,7 @@ sudo: required
language: go
go:
- 1.9.x
- 1.11.x
services:
- docker
@@ -14,30 +14,28 @@ addons:
before_install:
- make dep
# - curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
# - mkdir -p .bin; mv ./kubectl .bin/kubectl && chmod +x .bin/kubectl
# - export PATH="$TRAVIS_BUILD_DIR/.bin:$PATH"
# - wget https://cdn.rawgit.com/Mirantis/kubeadm-dind-cluster/master/fixed/dind-cluster-v1.8.sh && chmod +x dind-cluster-v1.8.sh && ./dind-cluster-v1.8.sh up
# - export PATH="$HOME/.kubeadm-dind-cluster:$PATH"
script:
- make test
- make build docker-build
# - kubectl get nodes
# - kubectl run podinfo --image=podinfo:latest --port=9898
# - sleep 5
# - kubectl get pods
after_success:
- if [ -z "$DOCKER_USER" ]; then
echo "PR build, skipping Docker Hub push";
else
docker login -u $DOCKER_USER -p $DOCKER_PASS;
echo $DOCKER_PASS | docker login -u $DOCKER_USER --password-stdin;
make docker-push;
fi
- if [ -z "$QUAY_USER" ]; then
echo "PR build, skipping Quay push";
else
docker login -u $QUAY_USER -p $QUAY_PASS quay.io;
echo $QUAY_PASS | docker login -u $QUAY_USER --password-stdin quay.io;
make quay-push;
fi
deploy:
- provider: script
skip_cleanup: true
script: curl -sL http://git.io/goreleaser | bash
on:
tags: true

2
Dockerfile
View File

@@ -6,7 +6,7 @@ RUN addgroup -S app \
curl openssl netcat-openbsd
WORKDIR /home/app
COPY ./ui ./ui
ADD podinfo .
RUN chown -R app:app ./

1
Dockerfile.build
View File

@@ -1,5 +1,6 @@
FROM alpine:3.7
COPY ./ui ./ui
ADD podinfo /podinfo
CMD ["./podinfo"]

13
Dockerfile.ci
View File

@@ -1,4 +1,4 @@
FROM golang:1.9 as builder
FROM golang:1.11 as builder
RUN mkdir -p /go/src/github.com/stefanprodan/k8s-podinfo/
@@ -11,10 +11,14 @@ RUN go test $(go list ./... | grep -v integration | grep -v /vendor/ | grep -v /
RUN gofmt -l -d $(find . -type f -name '*.go' -not -path "./vendor/*") && \
GIT_COMMIT=$(git rev-list -1 HEAD) && \
CGO_ENABLED=0 GOOS=linux go build -ldflags "-s -w \
-X github.com/stefanprodan/k8s-podinfo/pkg/version.GITCOMMIT=${GIT_COMMIT}" \
-X github.com/stefanprodan/k8s-podinfo/pkg/version.REVISION=${GIT_COMMIT}" \
-a -installsuffix cgo -o podinfo ./cmd/podinfo
FROM alpine:3.7
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags "-s -w \
-X github.com/stefanprodan/k8s-podinfo/pkg/version.REVISION=${GIT_COMMIT}" \
-a -installsuffix cgo -o podcli ./cmd/podcli
FROM alpine:3.8
RUN addgroup -S app \
&& adduser -S -g app app \
@@ -24,7 +28,8 @@ RUN addgroup -S app \
WORKDIR /home/app
COPY --from=builder /go/src/github.com/stefanprodan/k8s-podinfo/podinfo .
COPY --from=builder /go/src/github.com/stefanprodan/k8s-podinfo/podcli /usr/local/bin/podcli
COPY ./ui ./ui
RUN chown -R app:app ./
USER app

286
Gopkg.lock generated
View File

@@ -3,83 +3,325 @@
[[projects]]
branch = "master"
digest = "1:d6afaeed1502aa28e80a4ed0981d570ad91b2579193404256ce672ed0a609e0d"
name = "github.com/beorn7/perks"
packages = ["quantile"]
revision = "4c0e84591b9aa9e6dcfdf3e020114cd81f89d5f9"
pruneopts = "UT"
revision = "3a771d992973f24aa725d07868b467d1ddfceafb"
[[projects]]
digest = "1:b95738a1e6ace058b5b8544303c0871fc01d224ef0d672f778f696265d0f2917"
name = "github.com/chzyer/readline"
packages = ["."]
pruneopts = "UT"
revision = "62c6fe6193755f722b8b8788aa7357be55a50ff1"
version = "v1.4"
[[projects]]
digest = "1:76dc72490af7174349349838f2fe118996381b31ea83243812a97e5a0fd5ed55"
name = "github.com/dgrijalva/jwt-go"
packages = ["."]
pruneopts = "UT"
revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e"
version = "v3.2.0"
[[projects]]
digest = "1:865079840386857c809b72ce300be7580cb50d3d3129ce11bf9aa6ca2bc1934a"
name = "github.com/fatih/color"
packages = ["."]
pruneopts = "UT"
revision = "5b77d2a35fb0ede96d138fc9a99f5c9b6aef11b4"
version = "v1.7.0"
[[projects]]
digest = "1:abeb38ade3f32a92943e5be54f55ed6d6e3b6602761d74b4aab4c9dd45c18abd"
name = "github.com/fsnotify/fsnotify"
packages = ["."]
pruneopts = "UT"
revision = "c2828203cd70a50dcccfb2761f8b1f8ceef9a8e9"
version = "v1.4.7"
[[projects]]
digest = "1:97df918963298c287643883209a2c3f642e6593379f97ab400c2a2e219ab647d"
name = "github.com/golang/protobuf"
packages = ["proto"]
revision = "925541529c1fa6821df4e44ce2723319eb2be768"
version = "v1.0.0"
pruneopts = "UT"
revision = "aa810b61a9c79d51363740d207bb46cf8e620ed5"
version = "v1.2.0"
[[projects]]
digest = "1:c79fb010be38a59d657c48c6ba1d003a8aa651fa56b579d959d74573b7dff8e1"
name = "github.com/gorilla/context"
packages = ["."]
pruneopts = "UT"
revision = "08b5f424b9271eedf6f9f0ce86cb9396ed337a42"
version = "v1.1.1"
[[projects]]
digest = "1:e73f5b0152105f18bc131fba127d9949305c8693f8a762588a82a48f61756f5f"
name = "github.com/gorilla/mux"
packages = ["."]
pruneopts = "UT"
revision = "e3702bed27f0d39777b0b37b664b6280e8ef8fbf"
version = "v1.6.2"
[[projects]]
digest = "1:7b5c6e2eeaa9ae5907c391a91c132abfd5c9e8a784a341b5625e750c67e6825d"
name = "github.com/gorilla/websocket"
packages = ["."]
pruneopts = "UT"
revision = "66b9c49e59c6c48f0ffce28c2d8b8a5678502c6d"
version = "v1.4.0"
[[projects]]
branch = "master"
digest = "1:a361611b8c8c75a1091f00027767f7779b29cb37c456a71b8f2604c88057ab40"
name = "github.com/hashicorp/hcl"
packages = [
".",
"hcl/ast",
"hcl/parser",
"hcl/printer",
"hcl/scanner",
"hcl/strconv",
"hcl/token",
"json/parser",
"json/scanner",
"json/token",
]
pruneopts = "UT"
revision = "ef8a98b0bbce4a65b5aa4c368430a80ddc533168"
[[projects]]
digest = "1:870d441fe217b8e689d7949fef6e43efbc787e50f200cb1e70dbca9204a1d6be"
name = "github.com/inconshreveable/mousetrap"
packages = ["."]
pruneopts = "UT"
revision = "76626ae9c91c4f2a10f34cad8ce83ea42c93bb75"
version = "v1.0"
[[projects]]
digest = "1:c568d7727aa262c32bdf8a3f7db83614f7af0ed661474b24588de635c20024c7"
name = "github.com/magiconair/properties"
packages = ["."]
pruneopts = "UT"
revision = "c2353362d570a7bfa228149c62842019201cfb71"
version = "v1.8.0"
[[projects]]
digest = "1:c658e84ad3916da105a761660dcaeb01e63416c8ec7bc62256a9b411a05fcd67"
name = "github.com/mattn/go-colorable"
packages = ["."]
pruneopts = "UT"
revision = "167de6bfdfba052fa6b2d3664c8f5272e23c9072"
version = "v0.0.9"
[[projects]]
digest = "1:0981502f9816113c9c8c4ac301583841855c8cf4da8c72f696b3ebedf6d0e4e5"
name = "github.com/mattn/go-isatty"
packages = ["."]
pruneopts = "UT"
revision = "6ca4dbf54d38eea1a992b3c722a76a5d1c4cb25c"
version = "v0.0.4"
[[projects]]
digest = "1:ff5ebae34cfbf047d505ee150de27e60570e8c394b3b8fdbb720ff6ac71985fc"
name = "github.com/matttproud/golang_protobuf_extensions"
packages = ["pbutil"]
revision = "3247c84500bff8d9fb6d579d800f20b3e091582c"
version = "v1.0.0"
pruneopts = "UT"
revision = "c12348ce28de40eed0136aa2b644d0ee0650e56c"
version = "v1.0.1"
[[projects]]
name = "github.com/pkg/errors"
branch = "master"
digest = "1:5ab79470a1d0fb19b041a624415612f8236b3c06070161a910562f2b2d064355"
name = "github.com/mitchellh/mapstructure"
packages = ["."]
revision = "645ef00459ed84a119197bfb8d8205042c6df63d"
version = "v0.8.0"
pruneopts = "UT"
revision = "f15292f7a699fcc1a38a80977f80a046874ba8ac"
[[projects]]
digest = "1:95741de3af260a92cc5c7f3f3061e85273f5a81b5db20d4bd68da74bd521675e"
name = "github.com/pelletier/go-toml"
packages = ["."]
pruneopts = "UT"
revision = "c01d1270ff3e442a8a57cddc1c92dc1138598194"
version = "v1.2.0"
[[projects]]
digest = "1:d14a5f4bfecf017cb780bdde1b6483e5deb87e12c332544d2c430eda58734bcb"
name = "github.com/prometheus/client_golang"
packages = [
"prometheus",
"prometheus/promhttp"
"prometheus/promhttp",
]
pruneopts = "UT"
revision = "c5b7fccd204277076155f10851dad72b76a49317"
version = "v0.8.0"
[[projects]]
branch = "master"
digest = "1:2d5cd61daa5565187e1d96bae64dbbc6080dacf741448e9629c64fd93203b0d4"
name = "github.com/prometheus/client_model"
packages = ["go"]
revision = "99fa1f4be8e564e8a6b613da7fa6f46c9edafc6c"
pruneopts = "UT"
revision = "5c3871d89910bfb32f5fcab2aa4b9ec68e65a99f"
[[projects]]
branch = "master"
digest = "1:63b68062b8968092eb86bedc4e68894bd096ea6b24920faca8b9dcf451f54bb5"
name = "github.com/prometheus/common"
packages = [
"expfmt",
"internal/bitbucket.org/ww/goautoneg",
"model"
"model",
]
revision = "e4aa40a9169a88835b849a6efb71e05dc04b88f0"
pruneopts = "UT"
revision = "c7de2306084e37d54b8be01f3541a8464345e9a5"
[[projects]]
branch = "master"
digest = "1:8c49953a1414305f2ff5465147ee576dd705487c35b15918fcd4efdc0cb7a290"
name = "github.com/prometheus/procfs"
packages = [
".",
"internal/util",
"nfs",
"xfs"
"xfs",
]
revision = "54d17b57dd7d4a3aa092476596b3f8a933bde349"
pruneopts = "UT"
revision = "05ee40e3a273f7245e8777337fc7b46e533a9a92"
[[projects]]
name = "github.com/rs/zerolog"
digest = "1:bd1ae00087d17c5a748660b8e89e1043e1e5479d0fea743352cda2f8dd8c4f84"
name = "github.com/spf13/afero"
packages = [
".",
"internal/json",
"log"
"mem",
]
revision = "56a970de510213e50dbaa39ad73ac07c9ec75606"
version = "v1.5.0"
pruneopts = "UT"
revision = "787d034dfe70e44075ccc060d346146ef53270ad"
version = "v1.1.1"
[[projects]]
digest = "1:516e71bed754268937f57d4ecb190e01958452336fa73dbac880894164e91c1f"
name = "github.com/spf13/cast"
packages = ["."]
pruneopts = "UT"
revision = "8965335b8c7107321228e3e3702cab9832751bac"
version = "v1.2.0"
[[projects]]
digest = "1:645cabccbb4fa8aab25a956cbcbdf6a6845ca736b2c64e197ca7cbb9d210b939"
name = "github.com/spf13/cobra"
packages = ["."]
pruneopts = "UT"
revision = "ef82de70bb3f60c65fb8eebacbb2d122ef517385"
version = "v0.0.3"
[[projects]]
branch = "master"
digest = "1:8a020f916b23ff574845789daee6818daf8d25a4852419aae3f0b12378ba432a"
name = "github.com/spf13/jwalterweatherman"
packages = ["."]
pruneopts = "UT"
revision = "14d3d4c518341bea657dd8a226f5121c0ff8c9f2"
[[projects]]
digest = "1:dab83a1bbc7ad3d7a6ba1a1cc1760f25ac38cdf7d96a5cdd55cd915a4f5ceaf9"
name = "github.com/spf13/pflag"
packages = ["."]
pruneopts = "UT"
revision = "9a97c102cda95a86cec2345a6f09f55a939babf5"
version = "v1.0.2"
[[projects]]
digest = "1:4fc8a61287ccfb4286e1ca5ad2ce3b0b301d746053bf44ac38cf34e40ae10372"
name = "github.com/spf13/viper"
packages = ["."]
pruneopts = "UT"
revision = "907c19d40d9a6c9bb55f040ff4ae45271a4754b9"
version = "v1.1.0"
[[projects]]
digest = "1:3c1a69cdae3501bf75e76d0d86dc6f2b0a7421bc205c0cb7b96b19eed464a34d"
name = "go.uber.org/atomic"
packages = ["."]
pruneopts = "UT"
revision = "1ea20fb1cbb1cc08cbd0d913a96dead89aa18289"
version = "v1.3.2"
[[projects]]
digest = "1:60bf2a5e347af463c42ed31a493d817f8a72f102543060ed992754e689805d1a"
name = "go.uber.org/multierr"
packages = ["."]
pruneopts = "UT"
revision = "3c4937480c32f4c13a875a1829af76c98ca3d40a"
version = "v1.1.0"
[[projects]]
digest = "1:c52caf7bd44f92e54627a31b85baf06a68333a196b3d8d241480a774733dcf8b"
name = "go.uber.org/zap"
packages = [
".",
"buffer",
"internal/bufferpool",
"internal/color",
"internal/exit",
"zapcore",
]
pruneopts = "UT"
revision = "ff33455a0e382e8a81d14dd7c922020b6b5e7982"
version = "v1.9.1"
[[projects]]
branch = "master"
digest = "1:e3e7f51633f98fce9404940f74dfd65cf306ee173ddf5a8b247c9c830e42b38a"
name = "golang.org/x/sys"
packages = ["unix"]
pruneopts = "UT"
revision = "1a700e749ce29638d0bbcb531cce1094ea096bd3"
[[projects]]
digest = "1:8029e9743749d4be5bc9f7d42ea1659471767860f0cdc34d37c3111bd308a295"
name = "golang.org/x/text"
packages = [
"internal/gen",
"internal/triegen",
"internal/ucd",
"transform",
"unicode/cldr",
"unicode/norm",
]
pruneopts = "UT"
revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
version = "v0.3.0"
[[projects]]
digest = "1:342378ac4dcb378a5448dd723f0784ae519383532f5e70ade24132c4c8693202"
name = "gopkg.in/yaml.v2"
packages = ["."]
revision = "7f97868eec74b32b0982dd158a51a446d1da7eb5"
version = "v2.1.1"
pruneopts = "UT"
revision = "5420a8b6744d3b0345ab293f6fcba19c978f1183"
version = "v2.2.1"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
inputs-digest = "4f1e9200a330a22000fc47075b59e68e57c94bcb3d9f444f3ce85cab77e07fde"
input-imports = [
"github.com/chzyer/readline",
"github.com/dgrijalva/jwt-go",
"github.com/fatih/color",
"github.com/fsnotify/fsnotify",
"github.com/gorilla/mux",
"github.com/gorilla/websocket",
"github.com/prometheus/client_golang/prometheus",
"github.com/prometheus/client_golang/prometheus/promhttp",
"github.com/spf13/cobra",
"github.com/spf13/pflag",
"github.com/spf13/viper",
"go.uber.org/zap",
"go.uber.org/zap/zapcore",
]
solver-name = "gps-cdcl"
solver-version = 1

37
Gopkg.toml
View File

@@ -1,19 +1,38 @@
[[constraint]]
name = "github.com/pkg/errors"
version = "0.8.0"
[[constraint]]
name = "github.com/prometheus/client_golang"
version = "0.8.0"
[[constraint]]
name = "github.com/rs/zerolog"
version = "1.5.0"
name = "github.com/gorilla/mux"
version = "v1.6.2"
[[constraint]]
name = "gopkg.in/yaml.v2"
version = "2.1.1"
name = "github.com/gorilla/websocket"
version = "v1.4.0"
[[constraint]]
name = "go.uber.org/zap"
version = "v1.9.1"
[[override]]
name = "github.com/fsnotify/fsnotify"
version = "1.2.9"
[[constraint]]
name = "github.com/spf13/pflag"
version = "v1.0.2"
[[constraint]]
name = "github.com/spf13/viper"
version = "v1.1.0"
[[constraint]]
name = "github.com/spf13/cobra"
version = "v0.0.3"
[[constraint]]
name = "github.com/dgrijalva/jwt-go"
version = "v3.2.0"
[prune]
go-tests = true

19
Makefile
View File

@@ -20,7 +20,8 @@ build:
@rm -rf build && mkdir build
@echo Building: linux/$(LINUX_ARCH) $(VERSION) ;\
for arch in $(LINUX_ARCH); do \
mkdir -p build/linux/$$arch && CGO_ENABLED=0 GOOS=linux GOARCH=$$arch go build -ldflags="-s -w -X $(GITREPO)/pkg/version.GITCOMMIT=$(GITCOMMIT)" -o build/linux/$$arch/$(NAME) ./cmd/$(NAME) ;\
mkdir -p build/linux/$$arch && CGO_ENABLED=0 GOOS=linux GOARCH=$$arch go build -ldflags="-s -w -X $(GITREPO)/pkg/version.REVISION=$(GITCOMMIT)" -o build/linux/$$arch/$(NAME) ./cmd/$(NAME) ;\
cp -r ui/ build/linux/$$arch/ui;\
done
.PHONY: tar
@@ -45,6 +46,7 @@ docker-build: tar
@for arch in $(LINUX_ARCH); do \
mkdir -p build/docker/linux/$$arch ;\
tar -xzf release/$(NAME)_$(VERSION)_linux_$$arch.tgz -C build/docker/linux/$$arch ;\
cp -r ui/ build/docker/linux/$$arch/ui;\
if [ $$arch == amd64 ]; then \
cp Dockerfile build/docker/linux/$$arch ;\
cp Dockerfile build/docker/linux/$$arch/Dockerfile.in ;\
@@ -72,15 +74,15 @@ docker-build: tar
docker-push:
@echo Pushing: $(VERSION) to $(DOCKER_IMAGE_NAME)
for arch in $(LINUX_ARCH); do \
docker push $(DOCKER_IMAGE_NAME):$(NAME)-$$arch ;\
done
docker push $(DOCKER_IMAGE_NAME):$(NAME)-$$arch ;\
done
manifest-tool push from-args --platforms $(PLATFORMS) --template $(DOCKER_IMAGE_NAME):podinfo-ARCH --target $(DOCKER_IMAGE_NAME):$(VERSION)
manifest-tool push from-args --platforms $(PLATFORMS) --template $(DOCKER_IMAGE_NAME):podinfo-ARCH --target $(DOCKER_IMAGE_NAME):latest
.PHONY: quay-push
quay-push:
@echo Pushing: $(VERSION) to quay.io/$(DOCKER_IMAGE_NAME):$(VERSION)
@cd build/docker/linux/amd64/ ; docker build -t quay.io/$(DOCKER_IMAGE_NAME):$(VERSION) . ; docker push quay.io/$(DOCKER_IMAGE_NAME):$(VERSION)
@docker build -t quay.io/$(DOCKER_IMAGE_NAME):$(VERSION) -f Dockerfile.ci . ; docker push quay.io/$(DOCKER_IMAGE_NAME):$(VERSION)
.PHONY: clean
clean:
@@ -93,7 +95,7 @@ gcr-build:
.PHONY: test
test:
cd pkg/server ; go test -v -race ./...
go test -v -race ./...
.PHONY: dep
dep:
@@ -103,11 +105,10 @@ dep:
.PHONY: charts
charts:
cd charts/ && helm package podinfo/
mv charts/podinfo-0.1.0.tgz docs/
cd charts/ && helm package podinfo-istio/
cd charts/ && helm package loadtest/
cd charts/ && helm package ambassador/
mv charts/ambassador-0.1.0.tgz docs/
cd charts/ && helm package grafana/
mv charts/grafana-0.1.0.tgz docs/
cd charts/ && helm package ngrok/
mv charts/ngrok-0.1.0.tgz docs/
mv charts/*.tgz docs/
helm repo index docs --url https://stefanprodan.github.io/k8s-podinfo --merge ./docs/index.yaml

35
README.md
View File

@@ -5,33 +5,39 @@ that showcases best practices of running microservices in Kubernetes.
Specifications:
* Multi-arch build and release automation (Make/TravisCI)
* Release automation (Make/TravisCI/CircleCI/Quay.io/Google Cloud Container Builder/Skaffold/Weave Flux)
* Multi-platform Docker image (amd64/arm/arm64/ppc64le/s390x)
* Health checks (readiness and liveness)
* Graceful shutdown on interrupt signals
* Prometheus instrumentation (RED metrics)
* Dependency management with golang/dep
* Structured logging with zerolog
* Error handling with pkg/errors
* File watcher for secrets and configmaps
* Instrumented with Prometheus
* Tracing with Istio and Jaeger
* Structured logging with zap
* 12-factor app with viper
* Fault injection (random errors and latency)
* Helm chart
Web API:
* `GET /` prints runtime information, environment variables, labels and annotations
* `GET /` prints runtime information
* `GET /version` prints podinfo version and git commit hash
* `GET /metrics` http requests duration and Go runtime metrics
* `GET /metrics` return HTTP requests duration and Go runtime metrics
* `GET /healthz` used by Kubernetes liveness probe
* `GET /readyz` used by Kubernetes readiness probe
* `POST /readyz/enable` signals the Kubernetes LB that this instance is ready to receive traffic
* `POST /readyz/disable` signals the Kubernetes LB to stop sending requests to this instance
* `GET /error` returns code 500 and logs the error
* `GET /status/{code}` returns the status code
* `GET /panic` crashes the process with exit code 255
* `POST /echo` echos the posted content, logs the SHA1 hash of the content
* `GET /echoheaders` prints the request HTTP headers
* `POST /job` long running job, json body: `{"wait":2}`
* `POST /echo` forwards the call to the backend service and echos the posted content
* `GET /env` returns the environment variables as a JSON array
* `GET /headers` returns a JSON with the request HTTP headers
* `GET /delay/{seconds}` waits for the specified period
* `POST /token` issues a JWT token valid for one minute `JWT=$(curl -sd 'anon' podinfo:9898/token | jq -r .token)`
* `GET /token/validate` validates the JWT token `curl -H "Authorization: Bearer $JWT" podinfo:9898/token/validate`
* `GET /configs` returns a JSON with configmaps and/or secrets mounted in the `config` volume
* `POST /write` writes the posted content to disk at /data/hash and returns the SHA1 hash of the content
* `POST /read` receives a SHA1 hash and returns the content of the file /data/hash if exists
* `POST /backend` forwards the call to the backend service on `http://backend-podinfo:9898/echo`
* `GET /read/{hash}` returns the content of the file /data/hash if exists
* `GET /ws/echo` echos content via websockets `podcli ws ws://localhost:9898/ws/echo`
### Guides
@@ -39,5 +45,6 @@ Web API:
* [Horizontal Pod Auto-scaling](docs/2-autoscaling.md)
* [Monitoring and alerting with Prometheus](docs/3-monitoring.md)
* [StatefulSets with local persistent volumes](docs/4-statefulsets.md)
* [Canary Deployments and A/B Testing](docs/5-canary.md)
* [Expose Kubernetes services over HTTPS with Ngrok](docs/6-ngrok.md)
* [A/B Testing with Ambassador API Gateway](docs/5-canary.md)
* [Canary Deployments with Istio](docs/7-istio.md)

1636
charts/grafana/dashboards/istio-bluegreen.json Normal file
View File

File diff suppressed because it is too large Load Diff

6
charts/grafana/templates/deployment.yaml
View File

@@ -3,7 +3,7 @@ kind: Deployment
metadata:
name: {{ template "grafana.fullname" . }}
labels:
app: {{ template "grafana.name" . }}
app: {{ template "grafana.fullname" . }}
chart: {{ template "grafana.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
@@ -11,12 +11,12 @@ spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ template "grafana.name" . }}
app: {{ template "grafana.fullname" . }}
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ template "grafana.name" . }}
app: {{ template "grafana.fullname" . }}
release: {{ .Release.Name }}
annotations:
prometheus.io/scrape: 'false'

2
charts/grafana/templates/service.yaml
View File

@@ -15,5 +15,5 @@ spec:
protocol: TCP
name: http
selector:
app: {{ template "grafana.name" . }}
app: {{ template "grafana.fullname" . }}
release: {{ .Release.Name }}

21
charts/loadtest/.helmignore Normal file
View File

@@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

5
charts/loadtest/Chart.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: v1
appVersion: "1.0"
description: Hey load test Helm chart for Kubernetes
name: loadtest
version: 0.1.0

1
charts/loadtest/templates/NOTES.txt Normal file
View File

@@ -0,0 +1 @@
{{ template "loadtest.fullname" . }} has been deployed successfully!

32
charts/loadtest/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,32 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "loadtest.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "loadtest.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "loadtest.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

31
charts/loadtest/templates/jobs.yaml Normal file
View File

@@ -0,0 +1,31 @@
{{- $fullname := include "loadtest.fullname" . -}}
{{- $name := include "loadtest.name" . -}}
{{- $chart := include "loadtest.chart" . -}}
{{- $image := .Values.image -}}
{{- range $test := .Values.tests }}
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: {{ $fullname }}-{{ .name }}
labels:
app: {{ $name }}
chart: {{ $chart }}
spec:
schedule: "*/1 * * * *"
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 3
jobTemplate:
spec:
template:
spec:
containers:
- name: loadtest
image: {{ $image }}
args:
- /bin/sh
- -c
- "hey -z 58s {{ $test.cmd }} {{ $test.url }}"
restartPolicy: OnFailure
{{- end -}}

11
charts/loadtest/values.yaml Normal file
View File

@@ -0,0 +1,11 @@
# Default values for loadtest.
image: stefanprodan/loadtest:latest
tests:
- name: "blue"
url: "https://canary.istio.weavedx.com/api/echo"
cmd: "-h2 -m POST -d '{test: 1}' -H 'X-API-Version: 0.6.0' -c 50 -q 5"
- name: "green"
url: "https://canary.istio.weavedx.com/api/echo"
cmd: "-h2 -m POST -d '{test: 2}' -H 'X-API-Version: 0.6.1' -c 10 -q 5"

21
charts/podinfo-istio/.helmignore Normal file
View File

@@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

12
charts/podinfo-istio/Chart.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
version: 1.2.1
appVersion: 1.2.1
engine: gotpl
name: podinfo-istio
description: Podinfo Helm chart for Istio
home: https://github.com/stefanprodan/k8s-podinfo
maintainers:
- email: stefanprodan@users.noreply.github.com
name: stefanprodan
sources:
- https://github.com/stefanprodan/k8s-podinfo

80
charts/podinfo-istio/README.md Normal file
View File

@@ -0,0 +1,80 @@
# Podinfo Istio
Podinfo is a tiny web application made with Go
that showcases best practices of running microservices in Kubernetes.
## Installing the Chart
Create an Istio enabled namespace:
```console
kubectl create namespace demo
kubectl label namespace demo istio-injection=enabled
```
Create an Istio Gateway in the `istio-system` namespace named `public-gateway`:
```yaml
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: public-gateway
namespace: istio-system
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
tls:
httpsRedirect: true
- port:
number: 443
name: https
protocol: HTTPS
hosts:
- "*"
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
```
Create the `frontend` release by specifying the external domain name:
```console
helm upgrade frontend --install ./charts/podinfo-istio \
--namespace=demo \
--set host=podinfo.example.com \
--set gateway.name=public-gateway \
--set gateway.create=false \
-f ./charts/podinfo-istio/frontend.yaml
```
Create the `backend` release:
```console
helm upgrade backend --install ./charts/podinfo-istio \
--namespace=demo \
-f ./charts/podinfo-istio/backend.yaml
```
Create the `store` release:
```console
helm upgrade store --install ./charts/podinfo-istio \
--namespace=demo \
-f ./charts/podinfo-istio/store.yaml
```
Start load test:
```console
helm upgrade --install loadtest ./charts/loadtest \
--namespace=loadtesting
```

34
charts/podinfo-istio/apply.sh Executable file
View File

@@ -0,0 +1,34 @@
#!/usr/bin/env bash
#Usage: fswatch -o ./podinfo-istio/ | xargs -n1 ./podinfo-istio/apply.sh
set -e
MARK='\033[0;32m'
NC='\033[0m'
log (){
echo -e "$(date +%Y-%m-%dT%H:%M:%S%z) ${MARK}${1}${NC}"
}
log "installing frontend"
helm upgrade frontend --install ./podinfo-istio \
--namespace=demo \
--set host=canary.istio.weavedx.com \
--set gateway.name=public-gateway \
--set gateway.create=false \
-f ./podinfo-istio/frontend.yaml
log "installing backend"
helm upgrade backend --install ./podinfo-istio \
--namespace=demo \
-f ./podinfo-istio/backend.yaml
log "installing store"
helm upgrade store --install ./podinfo-istio \
--namespace=demo \
-f ./podinfo-istio/store.yaml
log "finished installing frontend, backend and store"

21
charts/podinfo-istio/backend.yaml Normal file
View File

@@ -0,0 +1,21 @@
# Default values for backend demo.
# expose the blue/green deployments inside the cluster
host: backend
# stable release
blue:
replicas: 2
tag: "1.1.1"
backend: http://store:9898/api/echo
# canary release
green:
replicas: 2
tag: "1.2.0"
routing:
# target green callers
- match:
- sourceLabels:
color: green
backend: http://store:9898/api/echo

39
charts/podinfo-istio/frontend.yaml Normal file
View File

@@ -0,0 +1,39 @@
# Default values for frontend demo.
# external domain
host:
exposeHost: true
# no more than one Gateway can be created on a cluster
# if TLS is enabled the istio-ingressgateway-certs secret must exist in istio-system ns
# if you have a Gateway running you can set the name to your own gateway and turn off create
gateway:
name: public-gateway
create: false
tls: true
httpsRedirect: true
# stable release
blue:
replicas: 2
tag: "1.1.1"
message: "Greetings from the blue frontend"
backend: http://backend:9898/api/echo
# canary release
green:
replicas: 2
tag: "1.2.0"
routing:
# target Safari
- match:
- headers:
user-agent:
regex: "^(?!.*Chrome).*Safari.*"
# target API clients by version
- match:
- headers:
x-api-version:
regex: "^(v{0,1})0\\.6\\.([1-9]).*"
message: "Greetings from the green frontend"
backend: http://backend:9898/api/echo

1636
charts/podinfo-istio/grafana/istio-bluegreen.json Normal file
View File

File diff suppressed because it is too large Load Diff

19
charts/podinfo-istio/store.yaml Normal file
View File

@@ -0,0 +1,19 @@
# Default values for backend demo.
# expose the store deployment inside the cluster
host: store
# load balance 80/20 between blue and green
blue:
replicas: 2
tag: "1.1.1"
backend: https://httpbin.org/anything
weight: 80
green:
replicas: 2
tag: "1.2.0"
backend: https://httpbin.org/anything
externalServices:
- httpbin.org

1
charts/podinfo-istio/templates/NOTES.txt Normal file
View File

@@ -0,0 +1 @@
{{ template "podinfo-istio.fullname" . }} has been deployed successfully!

36
charts/podinfo-istio/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,36 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "podinfo-istio.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
The release name is used as a full name.
*/}}
{{- define "podinfo-istio.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- define "podinfo-istio.blue" -}}
{{- printf "%s-%s" .Release.Name "blue" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "podinfo-istio.green" -}}
{{- printf "%s-%s" .Release.Name "green" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "podinfo-istio.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

79
charts/podinfo-istio/templates/blue-deployment.yaml Normal file
View File

@@ -0,0 +1,79 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "podinfo-istio.blue" . }}
labels:
app: {{ template "podinfo-istio.fullname" . }}
chart: {{ template "podinfo-istio.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
color: blue
version: {{ .Values.blue.tag }}
spec:
replicas: {{ .Values.blue.replicas }}
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ template "podinfo-istio.fullname" . }}
color: blue
template:
metadata:
labels:
app: {{ template "podinfo-istio.fullname" . }}
color: blue
version: {{ .Values.blue.tag }}
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: podinfod
image: "{{ .Values.blue.repository }}:{{ .Values.blue.tag }}"
imagePullPolicy: {{ .Values.imagePullPolicy }}
command:
- ./podinfo
- --port={{ .Values.containerPort }}
- --level={{ .Values.logLevel }}
- --random-delay={{ .Values.blue.faults.delay }}
- --random-error={{ .Values.blue.faults.error }}
env:
- name: PODINFO_UI_COLOR
value: blue
{{- if .Values.blue.backend }}
- name: PODINFO_BACKEND_URL
value: {{ .Values.blue.backend }}
{{- end }}
{{- if .Values.blue.message }}
- name: PODINFO_UI_MESSAGE
value: {{ .Values.blue.message }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.containerPort }}
protocol: TCP
livenessProbe:
exec:
command:
- podcli
- check
- http
- localhost:{{ .Values.containerPort }}/healthz
readinessProbe:
exec:
command:
- podcli
- check
- http
- localhost:{{ .Values.containerPort }}/readyz
periodSeconds: 3
volumeMounts:
- name: data
mountPath: /data
resources:
{{ toYaml .Values.resources | indent 12 }}
volumes:
- name: data
emptyDir: {}

20
charts/podinfo-istio/templates/destionation-rule.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: {{ template "podinfo-istio.fullname" . }}
labels:
app: {{ template "podinfo-istio.fullname" . }}
chart: {{ template "podinfo-istio.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
host: {{ template "podinfo-istio.fullname" . }}
subsets:
- name: blue
labels:
color: blue
{{- if gt .Values.green.replicas 0.0 }}
- name: green
labels:
color: green
{{- end }}

22
charts/podinfo-istio/templates/external-services.yaml Normal file
View File

@@ -0,0 +1,22 @@
{{- if .Values.externalServices -}}
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: {{ template "podinfo-istio.fullname" . }}-external-svcs
labels:
app: {{ template "podinfo-istio.fullname" . }}
chart: {{ template "podinfo-istio.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
hosts:
{{- range .Values.externalServices }}
- {{ . }}
{{- end }}
location: MESH_EXTERNAL
ports:
- number: 443
name: https
protocol: HTTPS
resolution: DNS
{{- end }}

31
charts/podinfo-istio/templates/gateway.yaml Normal file
View File

@@ -0,0 +1,31 @@
{{- if .Values.gateway.create -}}
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: {{ .Values.gateway.name }}
namespace: istio-system
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
tls:
httpsRedirect: {{ .Values.gateway.httpsRedirect }}
{{- if .Values.gateway.tls }}
- port:
number: 443
name: https
protocol: HTTPS
hosts:
- "*"
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
{{- end }}
{{- end }}

81
charts/podinfo-istio/templates/green-deployment.yaml Normal file
View File

@@ -0,0 +1,81 @@
{{- if gt .Values.green.replicas 0.0 -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "podinfo-istio.green" . }}
labels:
app: {{ template "podinfo-istio.fullname" . }}
chart: {{ template "podinfo-istio.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
color: green
version: {{ .Values.green.tag }}
spec:
replicas: {{ .Values.green.replicas }}
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ template "podinfo-istio.fullname" . }}
color: green
template:
metadata:
labels:
app: {{ template "podinfo-istio.fullname" . }}
color: green
version: {{ .Values.green.tag }}
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: podinfod
image: "{{ .Values.green.repository }}:{{ .Values.green.tag }}"
imagePullPolicy: {{ .Values.imagePullPolicy }}
command:
- ./podinfo
- --port={{ .Values.containerPort }}
- --level={{ .Values.logLevel }}
- --random-delay={{ .Values.green.faults.delay }}
- --random-error={{ .Values.green.faults.error }}
env:
- name: PODINFO_UI_COLOR
value: green
{{- if .Values.green.backend }}
- name: PODINFO_BACKEND_URL
value: {{ .Values.green.backend }}
{{- end }}
{{- if .Values.green.message }}
- name: PODINFO_UI_MESSAGE
value: {{ .Values.green.message }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.containerPort }}
protocol: TCP
livenessProbe:
exec:
command:
- podcli
- check
- http
- localhost:{{ .Values.containerPort }}/healthz
readinessProbe:
exec:
command:
- podcli
- check
- http
- localhost:{{ .Values.containerPort }}/readyz
periodSeconds: 3
volumeMounts:
- name: data
mountPath: /data
resources:
{{ toYaml .Values.resources | indent 12 }}
volumes:
- name: data
emptyDir: {}
{{- end }}

18
charts/podinfo-istio/templates/service.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "podinfo-istio.fullname" . }}
labels:
app: {{ template "podinfo-istio.fullname" . }}
chart: {{ template "podinfo-istio.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
type: ClusterIP
ports:
- port: {{ .Values.containerPort }}
targetPort: http
protocol: TCP
name: http
selector:
app: {{ template "podinfo-istio.fullname" . }}

43
charts/podinfo-istio/templates/virtual-service.yaml Normal file
View File

@@ -0,0 +1,43 @@
{{- $host := .Release.Name -}}
{{- $timeout := .Values.timeout -}}
{{- $greenWeight := (sub 100 (.Values.blue.weight|int)) | int -}}
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: {{ template "podinfo-istio.fullname" . }}
labels:
app: {{ template "podinfo-istio.fullname" . }}
chart: {{ template "podinfo-istio.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
hosts:
- {{ .Values.host }}
{{- if .Values.exposeHost }}
gateways:
- {{ .Values.gateway.name }}.istio-system.svc.cluster.local
{{- end }}
http:
{{- if gt .Values.green.replicas 0.0 }}
{{- range .Values.green.routing }}
- match:
{{ toYaml .match | indent 6 }}
route:
- destination:
host: {{ $host }}
subset: green
timeout: {{ $timeout }}
{{- end }}
{{- end }}
- route:
- destination:
host: {{ template "podinfo-istio.fullname" . }}
subset: blue
weight: {{ .Values.blue.weight }}
{{- if gt .Values.green.replicas 0.0 }}
- destination:
host: {{ template "podinfo-istio.fullname" . }}
subset: green
weight: {{ $greenWeight }}
{{- end }}
timeout: {{ $timeout }}

60
charts/podinfo-istio/values.yaml Normal file
View File

@@ -0,0 +1,60 @@
# Default values for podinfo-istio.
# host can be an external domain or a local one
host: podinfo
# if the host is an external domain must be exposed via the Gateway
exposeHost: false
timeout: 30s
# creates public-gateway.istio-system.svc.cluster.local
# no more than one Gateway can be created on a cluster
# if TLS is enabled the istio-ingressgateway-certs secret must exist in istio-system ns
# if you have a Gateway running you can set the name to your own gateway and turn off create
gateway:
name: public-gateway
create: false
tls: false
httpsRedirect: false
# authorise external https services
#externalServices:
# - api.github.com
# - apis.google.com
# - googleapis.com
# stable release
# by default all traffic goes to blue
blue:
replicas: 2
repository: quay.io/stefanprodan/podinfo
tag: "1.2.1"
# green must have at at least one replica to set weight under 100
weight: 100
message:
backend:
faults:
delay: false
error: false
# canary release
# disabled with 0 replicas
green:
replicas: 0
repository: quay.io/stefanprodan/podinfo
tag: "1.2.1"
message:
backend:
routing:
faults:
delay: false
error: false
# blue/green common settings
logLevel: info
containerPort: 9898
imagePullPolicy: IfNotPresent
resources:
limits:
requests:
cpu: 1m
memory: 16Mi

14
charts/podinfo/Chart.yaml
View File

@@ -1,12 +1,12 @@
apiVersion: v1
appVersion: "0.2.1"
description: Podinfo Helm chart for Kubernetes
version: 1.2.1
appVersion: 1.2.1
name: podinfo
version: 0.1.0
engine: gotpl
description: Podinfo Helm chart for Kubernetes
home: https://github.com/stefanprodan/k8s-podinfo
maintainers:
- email: stefanprodan@users.noreply.github.com
name: stefanprodan
sources:
- https://github.com/stefanprodan/k8s-podinfo
maintainers:
- name: stefanprodan
email: stefanprodan@users.noreply.github.com
engine: gotpl

41
charts/podinfo/README.md
View File

@@ -8,7 +8,8 @@ that showcases best practices of running microservices in Kubernetes.
To install the chart with the release name `my-release`:
```console
$ helm install stable/podinfo --name my-release
$ helm repo add sp https://stefanprodan.github.io/k8s-podinfo
$ helm upgrade my-release --install sp/podinfo
```
The command deploys podinfo on the Kubernetes cluster in the default namespace.
@@ -31,23 +32,27 @@ The following tables lists the configurable parameters of the podinfo chart and
Parameter | Description | Default
--- | --- | ---
`affinity` | node/pod affinities | None
`hpa.enabled` | Enables HPA | `false`
`hpa.cpu` | Target CPU usage per pod | None
`hpa.memory` | Target memory usage per pod | None
`hpa.requests` | Target requests per second per pod | None
`hpa.maxReplicas` | Maximum pod replicas | `10`
`ingress.hosts` | Ingress accepted hostnames | None
`ingress.tls` | Ingress TLS configuration | None:
`image.pullPolicy` | Image pull policy | `IfNotPresent`
`image.repository` | Image repository | `stefanprodan/podinfo`
`image.tag` | Image tag | `0.0.1`
`ingress.enabled` | Enables Ingress | `false`
`ingress.annotations` | Ingress annotations | None
`ingress.hosts` | Ingress accepted hostnames | None
`ingress.tls` | Ingress TLS configuration | None
`color` | UI color | blue
`backend` | echo backend URL | None
`faults.delay` | random HTTP response delays between 0 and 5 seconds | `false`
`faults.error` | 1/3 chances of a random HTTP response error | `false`
`hpa.enabled` | enables HPA | `false`
`hpa.cpu` | target CPU usage per pod | None
`hpa.memory` | target memory usage per pod | None
`hpa.requests` | target requests per second per pod | None
`hpa.maxReplicas` | maximum pod replicas | `10`
`ingress.hosts` | ingress accepted hostnames | None
`ingress.tls` | ingress TLS configuration | None:
`image.pullPolicy` | image pull policy | `IfNotPresent`
`image.repository` | image repository | `stefanprodan/podinfo`
`image.tag` | image tag | `0.0.1`
`ingress.enabled` | enables ingress | `false`
`ingress.annotations` | ingress annotations | None
`ingress.hosts` | ingress accepted hostnames | None
`ingress.tls` | ingress TLS configuration | None
`message` | UI greetings message | None
`nodeSelector` | node labels for pod assignment | `{}`
`podAnnotations` | annotations to add to each pod | `{}`
`replicaCount` | desired number of pods | `1`
`replicaCount` | desired number of pods | `2`
`resources.requests/cpu` | pod CPU request | `1m`
`resources.requests/memory` | pod memory request | `16Mi`
`resources.limits/cpu` | pod CPU limit | None
@@ -56,7 +61,7 @@ Parameter | Description | Default
`service.internalPort` | internal port for the service | `9898`
`service.nodePort` | node port for the service | `31198`
`service.type` | type of service | `ClusterIP`
`tolerations` | List of node taints to tolerate | `[]`
`tolerations` | list of node taints to tolerate | `[]`
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,

48
charts/podinfo/templates/deployment.yaml
View File

@@ -7,45 +7,71 @@ metadata:
chart: {{ template "podinfo.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
color: {{ .Values.color }}
version: {{ .Values.image.tag }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: {{ template "podinfo.name" . }}
color: {{ .Values.color }}
version: {{ .Values.image.tag }}
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ template "podinfo.name" . }}
color: {{ .Values.color }}
version: {{ .Values.image.tag }}
release: {{ .Release.Name }}
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- ./podinfo
- -port={{ .Values.service.containerPort }}
{{- if .Values.logLevel }}
- -debug=true
{{- end }}
- --port={{ .Values.service.containerPort }}
- --level={{ .Values.logLevel }}
- --random-delay={{ .Values.faults.delay }}
- --random-error={{ .Values.faults.error }}
env:
- name: backend_url
- name: PODINFO_UI_COLOR
value: {{ .Values.color }}
{{- if .Values.message }}
- name: PODINFO_UI_MESSAGE
value: {{ .Values.message }}
{{- end }}
{{- if .Values.backend }}
- name: PODINFO_BACKEND_URL
value: {{ .Values.backend }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.service.containerPort }}
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: http
exec:
command:
- podcli
- check
- http
- localhost:{{ .Values.service.containerPort }}/healthz
readinessProbe:
httpGet:
path: /readyz
port: http
exec:
command:
- podcli
- check
- http
- localhost:{{ .Values.service.containerPort }}/readyz
periodSeconds: 3
volumeMounts:
- name: data
mountPath: /data

18
charts/podinfo/values.yaml
View File

@@ -1,11 +1,18 @@
# Default values for podinfo.
replicaCount: 1
backend: http://backend-podinfo:9898/echo
replicaCount: 2
logLevel: info
color: blue
backend: #http://backend-podinfo:9898/echo
message: #UI greetings
faults:
delay: false
error: false
image:
repository: stefanprodan/podinfo
tag: 0.2.1
repository: quay.io/stefanprodan/podinfo
tag: 1.2.1
pullPolicy: IfNotPresent
service:
@@ -14,7 +21,7 @@ service:
containerPort: 9898
nodePort: 31198
# Heapster or metrics-server add-on required
# metrics-server add-on required
hpa:
enabled: false
maxReplicas: 10
@@ -50,4 +57,3 @@ tolerations: []
affinity: {}
logLevel: debug

245
cmd/podcli/check.go Normal file
View File

@@ -0,0 +1,245 @@
package main
import (
"bytes"
"context"
"crypto/tls"
"fmt"
"net"
"net/http"
"net/url"
"os"
"strings"
"time"
"github.com/spf13/cobra"
"go.uber.org/zap"
)
var (
retryCount int
retryDelay time.Duration
method string
body string
timeout time.Duration
)
var checkCmd = &cobra.Command{
Use: `check`,
Short: "Health check commands",
Long: "Commands for running health checks",
}
var checkUrlCmd = &cobra.Command{
Use: `http [address]`,
Short: "HTTP(S) health check",
Example: ` check http https://httpbin.org/anything --method=POST --retry=2 --delay=2s --timeout=3s --body='{"test"=1}'`,
RunE: runCheck,
}
var checkTcpCmd = &cobra.Command{
Use: `tcp [address]`,
Short: "TCP health check",
Example: ` check tcp httpbin.org:443 --retry=1 --delay=2s --timeout=2s`,
RunE: runCheckTCP,
}
var checkCertCmd = &cobra.Command{
Use: `cert [address]`,
Short: "SSL/TLS certificate validity check",
Example: ` check cert httpbin.org`,
RunE: runCheckCert,
}
func init() {
checkUrlCmd.Flags().StringVar(&method, "method", "GET", "HTTP method")
checkUrlCmd.Flags().StringVar(&body, "body", "", "HTTP POST/PUT content")
checkUrlCmd.Flags().IntVar(&retryCount, "retry", 0, "times to retry the HTTP call")
checkUrlCmd.Flags().DurationVar(&retryDelay, "delay", 1*time.Second, "wait duration between retries")
checkUrlCmd.Flags().DurationVar(&timeout, "timeout", 5*time.Second, "timeout")
checkCmd.AddCommand(checkUrlCmd)
checkTcpCmd.Flags().IntVar(&retryCount, "retry", 0, "times to retry the TCP check")
checkTcpCmd.Flags().DurationVar(&retryDelay, "delay", 1*time.Second, "wait duration between retries")
checkTcpCmd.Flags().DurationVar(&timeout, "timeout", 5*time.Second, "timeout")
checkCmd.AddCommand(checkTcpCmd)
checkCmd.AddCommand(checkCertCmd)
rootCmd.AddCommand(checkCmd)
}
func runCheck(cmd *cobra.Command, args []string) error {
if retryCount < 0 {
return fmt.Errorf("--retry is required")
}
if len(args) < 1 {
return fmt.Errorf("address is required! example: check http https://httpbin.org")
}
address := args[0]
if !strings.HasPrefix(address, "http://") && !strings.HasPrefix(address, "https://") {
address = fmt.Sprintf("http://%s", address)
}
for n := 0; n <= retryCount; n++ {
if n != 1 {
time.Sleep(retryDelay)
}
req, err := http.NewRequest(method, address, bytes.NewBuffer([]byte(body)))
if err != nil {
logger.Info("check failed",
zap.String("address", address),
zap.Error(err))
os.Exit(1)
}
ctx, cancel := context.WithTimeout(req.Context(), timeout)
resp, err := http.DefaultClient.Do(req.WithContext(ctx))
cancel()
if err != nil {
logger.Info("check failed",
zap.String("address", address),
zap.Error(err))
continue
}
if resp.Body != nil {
resp.Body.Close()
}
if resp.StatusCode >= 200 && resp.StatusCode < 400 {
logger.Info("check succeed",
zap.String("address", address),
zap.Int("status code", resp.StatusCode),
zap.String("response size", fmtContentLength(resp.ContentLength)))
os.Exit(0)
} else {
logger.Info("check failed",
zap.String("address", address),
zap.Int("status code", resp.StatusCode))
continue
}
}
os.Exit(1)
return nil
}
func runCheckTCP(cmd *cobra.Command, args []string) error {
if retryCount < 0 {
return fmt.Errorf("--retry is required")
}
if len(args) < 1 {
return fmt.Errorf("address is required! example: check tcp httpbin.org:80")
}
address := args[0]
for n := 0; n <= retryCount; n++ {
if n != 1 {
time.Sleep(retryDelay)
}
conn, err := net.DialTimeout("tcp", address, timeout)
if err != nil {
logger.Info("check failed",
zap.String("address", address),
zap.Error(err))
continue
}
conn.Close()
logger.Info("check succeed", zap.String("address", address))
os.Exit(0)
}
os.Exit(1)
return nil
}
func runCheckCert(cmd *cobra.Command, args []string) error {
if len(args) < 1 {
return fmt.Errorf("address is required! example: check cert httpbin.org")
}
host := args[0]
if !strings.HasPrefix(host, "https://") {
host = "https://" + host
}
u, err := url.Parse(host)
if err != nil {
logger.Info("check failed",
zap.String("address", host),
zap.Error(err))
os.Exit(1)
}
address := u.Hostname() + ":443"
ipConn, err := net.DialTimeout("tcp", address, 5*time.Second)
if err != nil {
logger.Info("check failed",
zap.String("address", address),
zap.Error(err))
os.Exit(1)
}
defer ipConn.Close()
conn := tls.Client(ipConn, &tls.Config{
InsecureSkipVerify: true,
ServerName: u.Hostname(),
})
if err = conn.Handshake(); err != nil {
logger.Info("check failed",
zap.String("address", address),
zap.Error(err))
os.Exit(1)
}
defer conn.Close()
addr := conn.RemoteAddr()
_, _, err = net.SplitHostPort(addr.String())
if err != nil {
logger.Info("check failed",
zap.String("address", address),
zap.Error(err))
os.Exit(1)
}
cert := conn.ConnectionState().PeerCertificates[0]
timeNow := time.Now()
if timeNow.After(cert.NotAfter) {
logger.Info("check failed",
zap.String("address", address),
zap.String("issuer", cert.Issuer.CommonName),
zap.String("subject", cert.Subject.CommonName),
zap.Time("expired", cert.NotAfter))
os.Exit(1)
}
logger.Info("check succeed",
zap.String("address", address),
zap.String("issuer", cert.Issuer.CommonName),
zap.String("subject", cert.Subject.CommonName),
zap.Time("notAfter", cert.NotAfter),
zap.Time("notBefore", cert.NotBefore))
return nil
}
func fmtContentLength(b int64) string {
const unit = 1000
if b < unit {
return fmt.Sprintf("%d B", b)
}
div, exp := int64(unit), 0
for n := b / unit; n >= unit; n /= unit {
div *= unit
exp++
}
return fmt.Sprintf("%.1f %cB", float64(b)/float64(div), "kMGTPE"[exp])
}

39
cmd/podcli/main.go Normal file
View File

@@ -0,0 +1,39 @@
package main
import (
"fmt"
"log"
"os"
"strings"
"github.com/spf13/cobra"
"go.uber.org/zap"
)
var rootCmd = &cobra.Command{
Use: "podcli",
Short: "podinfo command line",
Long: `
podinfo command line utilities`,
}
var (
logger *zap.Logger
)
func main() {
var err error
logger, err = zap.NewDevelopment()
if err != nil {
log.Fatalf("can't initialize zap logger: %v", err)
}
defer logger.Sync()
rootCmd.SetArgs(os.Args[1:])
if err := rootCmd.Execute(); err != nil {
e := err.Error()
fmt.Println(strings.ToUpper(e[:1]) + e[1:])
os.Exit(1)
}
}

21
cmd/podcli/version.go Normal file
View File

@@ -0,0 +1,21 @@
package main
import (
"fmt"
"github.com/spf13/cobra"
"github.com/stefanprodan/k8s-podinfo/pkg/version"
)
func init() {
rootCmd.AddCommand(versionCmd)
}
var versionCmd = &cobra.Command{
Use: `version`,
Short: "Prints podcli version",
RunE: func(cmd *cobra.Command, args []string) error {
fmt.Println(version.VERSION)
return nil
},
}

143
cmd/podcli/ws.go Normal file
View File

@@ -0,0 +1,143 @@
package main
import (
"encoding/hex"
"fmt"
"net/http"
"net/url"
"os"
"regexp"
"strings"
"github.com/chzyer/readline"
"github.com/fatih/color"
"github.com/gorilla/websocket"
"github.com/spf13/cobra"
"go.uber.org/zap"
)
var origin string
func init() {
wsCmd.Flags().StringVarP(&origin, "origin", "o", "", "websocket origin")
rootCmd.AddCommand(wsCmd)
}
var wsCmd = &cobra.Command{
Use: `ws [address]`,
Short: "Websocket client",
Example: ` ws localhost:9898/ws/echo`,
RunE: func(cmd *cobra.Command, args []string) error {
if len(args) < 1 {
return fmt.Errorf("address is required")
}
address := args[0]
if !strings.HasPrefix(address, "ws://") && !strings.HasPrefix(address, "wss://") {
address = fmt.Sprintf("ws://%s", address)
}
dest, err := url.Parse(address)
if err != nil {
return err
}
if origin != "" {
} else {
originURL := *dest
if dest.Scheme == "wss" {
originURL.Scheme = "https"
} else {
originURL.Scheme = "http"
}
origin = originURL.String()
}
err = connect(dest.String(), origin, &readline.Config{
Prompt: "> ",
})
if err != nil {
logger.Info("websocket closed", zap.Error(err))
}
return nil
},
}
type session struct {
ws *websocket.Conn
rl *readline.Instance
errChan chan error
}
func connect(url, origin string, rlConf *readline.Config) error {
headers := make(http.Header)
headers.Add("Origin", origin)
ws, _, err := websocket.DefaultDialer.Dial(url, headers)
if err != nil {
return err
}
rl, err := readline.NewEx(rlConf)
if err != nil {
return err
}
defer rl.Close()
sess := &session{
ws: ws,
rl: rl,
errChan: make(chan error),
}
go sess.readConsole()
go sess.readWebsocket()
return <-sess.errChan
}
func (s *session) readConsole() {
for {
line, err := s.rl.Readline()
if err != nil {
s.errChan <- err
return
}
err = s.ws.WriteMessage(websocket.TextMessage, []byte(line))
if err != nil {
s.errChan <- err
return
}
}
}
func bytesToFormattedHex(bytes []byte) string {
text := hex.EncodeToString(bytes)
return regexp.MustCompile("(..)").ReplaceAllString(text, "$1 ")
}
func (s *session) readWebsocket() {
rxSprintf := color.New(color.FgGreen).SprintfFunc()
for {
msgType, buf, err := s.ws.ReadMessage()
if err != nil {
fmt.Fprint(s.rl.Stdout(), rxSprintf("< %s\n", err.Error()))
os.Exit(1)
return
}
var text string
switch msgType {
case websocket.TextMessage:
text = string(buf)
case websocket.BinaryMessage:
text = bytesToFormattedHex(buf)
default:
s.errChan <- fmt.Errorf("unknown websocket frame type: %d", msgType)
return
}
fmt.Fprint(s.rl.Stdout(), rxSprintf("< %s\n", text))
}
}

197
cmd/podinfo/main.go
View File

@@ -1,37 +1,192 @@
package main
import (
"flag"
"fmt"
"io/ioutil"
"os"
"path/filepath"
"strings"
"time"
"github.com/rs/zerolog"
"github.com/rs/zerolog/log"
"github.com/stefanprodan/k8s-podinfo/pkg/server"
"github.com/spf13/pflag"
"github.com/spf13/viper"
"github.com/stefanprodan/k8s-podinfo/pkg/api"
"github.com/stefanprodan/k8s-podinfo/pkg/signals"
"github.com/stefanprodan/k8s-podinfo/pkg/version"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"
)
var (
port string
debug bool
)
func init() {
flag.StringVar(&port, "port", "8989", "Port to listen on.")
flag.BoolVar(&debug, "debug", false, "sets log level to debug")
}
func main() {
flag.Parse()
// flags definition
fs := pflag.NewFlagSet("default", pflag.ContinueOnError)
fs.Int("port", 9898, "port")
fs.String("level", "info", "log level debug, info, warn, error, flat or panic")
fs.String("backend-url", "", "backend service URL")
fs.Duration("http-client-timeout", 2*time.Minute, "client timeout duration")
fs.Duration("http-server-timeout", 30*time.Second, "server read and write timeout duration")
fs.Duration("http-server-shutdown-timeout", 5*time.Second, "server graceful shutdown timeout duration")
fs.String("data-path", "/data", "data local path")
fs.String("config-path", "", "config dir path")
fs.String("config", "config.yaml", "config file name")
fs.String("ui-path", "./ui", "UI local path")
fs.String("ui-color", "blue", "UI color")
fs.String("ui-message", fmt.Sprintf("greetings from podinfo v%v", version.VERSION), "UI message")
fs.Bool("random-delay", false, "between 0 and 5 seconds random delay")
fs.Bool("random-error", false, "1/3 chances of a random response error")
fs.Int("stress-cpu", 0, "Number of CPU cores with 100 load")
fs.Int("stress-memory", 0, "MB of data to load into memory")
zerolog.SetGlobalLevel(zerolog.InfoLevel)
if debug {
zerolog.SetGlobalLevel(zerolog.DebugLevel)
versionFlag := fs.BoolP("version", "v", false, "get version number")
// parse flags
err := fs.Parse(os.Args[1:])
switch {
case err == pflag.ErrHelp:
os.Exit(0)
case err != nil:
fmt.Fprintf(os.Stderr, "Error: %s\n\n", err.Error())
fs.PrintDefaults()
os.Exit(2)
case *versionFlag:
fmt.Println(version.VERSION)
os.Exit(0)
}
log.Info().Msgf("Starting podinfo version %s commit %s", version.VERSION, version.GITCOMMIT)
log.Debug().Msgf("Starting HTTP server on port %v", port)
// bind flags and environment variables
viper.BindPFlags(fs)
viper.RegisterAlias("backendUrl", "backend-url")
hostname, _ := os.Hostname()
viper.SetDefault("jwt-secret", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9")
viper.Set("hostname", hostname)
viper.Set("version", version.VERSION)
viper.Set("revision", version.REVISION)
viper.SetEnvPrefix("PODINFO")
viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
viper.AutomaticEnv()
// load config from file
if _, err := os.Stat(filepath.Join(viper.GetString("config-path"), viper.GetString("config"))); err == nil {
viper.SetConfigName(strings.Split(viper.GetString("config"), ".")[0])
viper.AddConfigPath(viper.GetString("config-path"))
if err := viper.ReadInConfig(); err != nil {
fmt.Printf("Error reading config file, %v\n", err)
}
}
// configure logging
logger, _ := initZap(viper.GetString("level"))
defer logger.Sync()
stdLog := zap.RedirectStdLog(logger)
defer stdLog()
// start stress tests if any
beginStressTest(viper.GetInt("stress-cpu"), viper.GetInt("stress-memory"), logger)
// load HTTP server config
var srvCfg api.Config
if err := viper.Unmarshal(&srvCfg); err != nil {
logger.Panic("config unmarshal failed", zap.Error(err))
}
// log version and port
logger.Info("Starting podinfo",
zap.String("version", viper.GetString("version")),
zap.String("revision", viper.GetString("revision")),
zap.String("port", viper.GetString("port")),
)
// start HTTP server
srv, _ := api.NewServer(&srvCfg, logger)
stopCh := signals.SetupSignalHandler()
server.ListenAndServe(port, 5*time.Second, stopCh)
srv.ListenAndServe(stopCh)
}
func initZap(logLevel string) (*zap.Logger, error) {
level := zap.NewAtomicLevelAt(zapcore.InfoLevel)
switch logLevel {
case "debug":
level = zap.NewAtomicLevelAt(zapcore.DebugLevel)
case "info":
level = zap.NewAtomicLevelAt(zapcore.InfoLevel)
case "warn":
level = zap.NewAtomicLevelAt(zapcore.WarnLevel)
case "error":
level = zap.NewAtomicLevelAt(zapcore.ErrorLevel)
case "fatal":
level = zap.NewAtomicLevelAt(zapcore.FatalLevel)
case "panic":
level = zap.NewAtomicLevelAt(zapcore.PanicLevel)
}
zapEncoderConfig := zapcore.EncoderConfig{
TimeKey: "ts",
LevelKey: "level",
NameKey: "logger",
CallerKey: "caller",
MessageKey: "msg",
StacktraceKey: "stacktrace",
LineEnding: zapcore.DefaultLineEnding,
EncodeLevel: zapcore.LowercaseLevelEncoder,
EncodeTime: zapcore.ISO8601TimeEncoder,
EncodeDuration: zapcore.SecondsDurationEncoder,
EncodeCaller: zapcore.ShortCallerEncoder,
}
zapConfig := zap.Config{
Level: level,
Development: false,
Sampling: &zap.SamplingConfig{
Initial: 100,
Thereafter: 100,
},
Encoding: "json",
EncoderConfig: zapEncoderConfig,
OutputPaths: []string{"stderr"},
ErrorOutputPaths: []string{"stderr"},
}
return zapConfig.Build()
}
var stressMemoryPayload []byte
func beginStressTest(cpus int, mem int, logger *zap.Logger) {
done := make(chan int)
if cpus > 0 {
logger.Info("starting CPU stress", zap.Int("cores", cpus))
for i := 0; i < cpus; i++ {
go func() {
for {
select {
case <-done:
return
default:
}
}
}()
}
}
if mem > 0 {
path := "/tmp/podinfo.data"
f, err := os.Create(path)
if err != nil {
logger.Error("memory stress failed", zap.Error(err))
}
if err := f.Truncate(1000000 * int64(mem)); err != nil {
logger.Error("memory stress failed", zap.Error(err))
}
stressMemoryPayload, err = ioutil.ReadFile(path)
f.Close()
os.Remove(path)
if err != nil {
logger.Error("memory stress failed", zap.Error(err))
}
logger.Info("starting CPU stress", zap.Int("memory", len(stressMemoryPayload)))
}
}

82
deploy/auto-scaling/podinfo-dep.yaml
View File

@@ -9,75 +9,41 @@ spec:
metadata:
labels:
app: podinfo
#role: openfaas-system
annotations:
prometheus.io/scrape: 'true'
spec:
containers:
- name: podinfod
image: stefanprodan/podinfo:0.0.9
imagePullPolicy: Always
image: quay.io/stefanprodan/podinfo:1.0.1
command:
- ./podinfo
- -port=9898
- -logtostderr=true
- -v=2
volumeMounts:
- name: metadata
mountPath: /etc/podinfod/metadata
readOnly: true
- name: resources
mountPath: /etc/podinfod/resources
readOnly: true
- --port=9898
- --level=debug
ports:
- containerPort: 9898
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
initialDelaySeconds: 1
periodSeconds: 2
failureThreshold: 1
livenessProbe:
httpGet:
path: /healthz
port: 9898
initialDelaySeconds: 1
periodSeconds: 3
failureThreshold: 2
exec:
command:
- /bin/sh
- -c
- wget --quiet --tries=1 --spider http://localhost:9898/healthz || exit 1
readinessProbe:
exec:
command:
- /bin/sh
- -c
- wget --quiet --tries=1 --spider http://localhost:9898/readyz || exit 1
resources:
requests:
memory: "32Mi"
cpu: "10m"
limits:
memory: "256Mi"
cpu: "100m"
volumes:
- name: metadata
downwardAPI:
items:
- path: "labels"
fieldRef:
fieldPath: metadata.labels
- path: "annotations"
fieldRef:
fieldPath: metadata.annotations
- name: resources
downwardAPI:
items:
- path: "cpu_limit"
resourceFieldRef:
containerName: podinfod
resource: limits.cpu
- path: "cpu_request"
resourceFieldRef:
containerName: podinfod
resource: requests.cpu
- path: "mem_limit"
resourceFieldRef:
containerName: podinfod
resource: limits.memory
- path: "mem_request"
resourceFieldRef:
containerName: podinfod
resource: requests.memory
env:
- name: color
value: "blue"
- name: message
value: "Greetings from podinfo blue"
- name: backendURL
value: "http://podinfo-backend:9898/backend"

5
deploy/auto-scaling/podinfo-svc-clusterip.yaml
View File

@@ -2,13 +2,14 @@
apiVersion: v1
kind: Service
metadata:
name: podinfo-clusterip
name: podinfo
labels:
app: podinfo
spec:
type: ClusterIP
ports:
- port: 9898
- name: http
port: 9898
targetPort: 9898
protocol: TCP
selector:

28
deploy/istio-system/gateway.yaml Normal file
View File

@@ -0,0 +1,28 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: public-gateway
namespace: istio-system
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
tls:
httpsRedirect: true
- port:
number: 443
name: https
protocol: HTTPS
hosts:
- "*"
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt

17
deploy/istio-system/grafana-virtual-service.yaml Normal file
View File

@@ -0,0 +1,17 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: grafana
namespace: istio-system
spec:
hosts:
- "grafana.istio.weavedx.com"
gateways:
- public-gateway.istio-system.svc.cluster.local
http:
- route:
- destination:
host: grafana
timeout: 30s

17
deploy/istio-system/grafanax-virtual-service.yaml Normal file
View File

@@ -0,0 +1,17 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: grafanax
namespace: istio-system
spec:
hosts:
- "grafanax.istio.weavedx.com"
gateways:
- public-gateway.istio-system.svc.cluster.local
http:
- route:
- destination:
host: grafanax
timeout: 30s

17
deploy/istio-system/jaeger-virtual-service.yaml Normal file
View File

@@ -0,0 +1,17 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: jaeger
namespace: istio-system
spec:
hosts:
- "jaeger.istio.weavedx.com"
gateways:
- public-gateway.istio-system.svc.cluster.local
http:
- route:
- destination:
host: jaeger-query
timeout: 30s

19
deploy/istio-system/openfaas-canary-virtual-service.yaml Normal file
View File

@@ -0,0 +1,19 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: env
namespace: openfaas-fn
spec:
hosts:
- env
http:
- route:
- destination:
host: env
weight: 90
- destination:
host: env-canary
weight: 10
timeout: 30s

51
deploy/istio-system/openfaas-mtls.yaml Normal file
View File

@@ -0,0 +1,51 @@
apiVersion: authentication.istio.io/v1alpha1
kind: Policy
metadata:
name: default
namespace: openfaas
spec:
peers:
- mtls: {}
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: default
namespace: openfaas
spec:
host: "*.openfaas.svc.cluster.local"
trafficPolicy:
tls:
mode: ISTIO_MUTUAL
---
apiVersion: authentication.istio.io/v1alpha1
kind: Policy
metadata:
name: default
namespace: openfaas-fn
spec:
peers:
- mtls: {}
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: default
namespace: openfaas-fn
spec:
host: "*.openfaas-fn.svc.cluster.local"
trafficPolicy:
tls:
mode: ISTIO_MUTUAL
---
apiVersion: authentication.istio.io/v1alpha1
kind: Policy
metadata:
name: openfaas-permissive
namespace: openfaas
spec:
targets:
- name: gateway
peers:
- mtls:
mode: PERMISSIVE

13
deploy/istio-system/openfaas-ns.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
istio-injection: enabled
name: openfaas
---
apiVersion: v1
kind: Namespace
metadata:
labels:
istio-injection: enabled
name: openfaas-fn

55
deploy/istio-system/openfaas-policies.yaml Normal file
View File

@@ -0,0 +1,55 @@
apiVersion: config.istio.io/v1alpha2
kind: denier
metadata:
name: denyhandler
namespace: openfaas
spec:
status:
code: 7
message: Not allowed
---
apiVersion: config.istio.io/v1alpha2
kind: checknothing
metadata:
name: denyrequest
namespace: openfaas
spec:
---
apiVersion: config.istio.io/v1alpha2
kind: rule
metadata:
name: denyopenfaasfn
namespace: openfaas
spec:
match: destination.namespace == "openfaas" && source.namespace == "openfaas-fn" && source.labels["role"] != "openfaas-system"
actions:
- handler: denyhandler.denier
instances: [ denyrequest.checknothing ]
---
apiVersion: config.istio.io/v1alpha2
kind: denier
metadata:
name: denyhandler
namespace: openfaas-fn
spec:
status:
code: 7
message: Not allowed
---
apiVersion: config.istio.io/v1alpha2
kind: checknothing
metadata:
name: denyrequest
namespace: openfaas-fn
spec:
---
apiVersion: config.istio.io/v1alpha2
kind: rule
metadata:
name: denyopenfaasfn
namespace: openfaas-fn
spec:
match: destination.namespace == "openfaas-fn" && source.namespace != "openfaas" && source.labels["role"] != "openfaas-system"
actions:
- handler: denyhandler.denier
instances: [ denyrequest.checknothing ]

17
deploy/istio-system/openfaas-virtual-service.yaml Normal file
View File

@@ -0,0 +1,17 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: gateway
namespace: openfaas
spec:
hosts:
- "openfaas.istio.weavedx.com"
gateways:
- public-gateway.istio-system.svc.cluster.local
http:
- route:
- destination:
host: gateway
timeout: 30s

53
deploy/istio-v1alpha3/canary-dep.yaml Normal file
View File

@@ -0,0 +1,53 @@
---
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: podinfo-canary
namespace: test
labels:
app: podinfo
release: canary
spec:
replicas: 1
selector:
matchLabels:
app: podinfo
release: canary
template:
metadata:
labels:
app: podinfo
release: canary
annotations:
prometheus.io/scrape: 'true'
spec:
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:0.2.2
imagePullPolicy: Always
command:
- ./podinfo
- -port=9898
- -debug=true
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
initialDelaySeconds: 1
periodSeconds: 5
failureThreshold: 1
livenessProbe:
httpGet:
path: /healthz
port: 9898
initialDelaySeconds: 1
periodSeconds: 10
failureThreshold: 2
resources:
requests:
memory: "32Mi"
cpu: "10m"

18
deploy/istio-v1alpha3/canary-svc.yaml Normal file
View File

@@ -0,0 +1,18 @@
---
apiVersion: v1
kind: Service
metadata:
name: podinfo-canary
namespace: test
labels:
app: podinfo-canary
spec:
type: ClusterIP
ports:
- name: http
port: 9898
targetPort: http
protocol: TCP
selector:
app: podinfo
release: canary

53
deploy/istio-v1alpha3/ga-dep.yaml Normal file
View File

@@ -0,0 +1,53 @@
---
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: podinfo-ga
namespace: test
labels:
app: podinfo
release: ga
spec:
replicas: 1
selector:
matchLabels:
app: podinfo
release: ga
template:
metadata:
labels:
app: podinfo
release: ga
annotations:
prometheus.io/scrape: 'true'
spec:
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:0.2.1
imagePullPolicy: Always
command:
- ./podinfo
- -port=9898
- -debug=true
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
initialDelaySeconds: 1
periodSeconds: 5
failureThreshold: 1
livenessProbe:
httpGet:
path: /healthz
port: 9898
initialDelaySeconds: 1
periodSeconds: 10
failureThreshold: 2
resources:
requests:
memory: "32Mi"
cpu: "10m"

18
deploy/istio-v1alpha3/ga-svc.yaml Normal file
View File

@@ -0,0 +1,18 @@
---
apiVersion: v1
kind: Service
metadata:
name: podinfo-ga
namespace: test
labels:
app: podinfo-ga
spec:
type: ClusterIP
ports:
- name: http
port: 9898
targetPort: http
protocol: TCP
selector:
app: podinfo
release: ga

17
deploy/istio-v1alpha3/ing.yaml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: podinfo
namespace: test
annotations:
kubernetes.io/ingress.class: istio
spec:
rules:
- host: podinfo.co.uk
http:
paths:
- path: /.*
backend:
serviceName: podinfo
servicePort: 9898

15
deploy/istio-v1alpha3/istio-destination-rule.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: podinfo
namespace: test
spec:
name: podinfo.test
subsets:
- name: ga
labels:
release: ga
- name: canary
labels:
release: canary

19
deploy/istio-v1alpha3/istio-gateway.yaml Normal file
View File

@@ -0,0 +1,19 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: podinfo-gateway
namespace: test
spec:
selector:
app: podinfo
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- podinfo.co.uk
- podinfo.test.svc.cluster.local

40
deploy/istio-v1alpha3/istio-virtual-service.yaml Normal file
View File

@@ -0,0 +1,40 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: podinfo
namespace: test
spec:
hosts:
- podinfo
- podinfo.co.uk
gateways:
- mesh
- podinfo-gateway
http:
- route:
- destination:
name: podinfo.test
subset: canary
weight: 20
- destination:
name: podinfo.test
subset: ga
weight: 80
# http:
# - match:
# - headers:
# x-user:
# exact: insider
# source_labels:
# release: ga
# route:
# - destination:
# name: podinfo.test
# subset: canary
# weight: 100
# - route:
# - destination:
# name: podinfo.test
# subset: ga
# weight: 100

17
deploy/istio-v1alpha3/svc.yaml Normal file
View File

@@ -0,0 +1,17 @@
---
apiVersion: v1
kind: Service
metadata:
name: podinfo
namespace: test
labels:
app: podinfo
spec:
type: ClusterIP
ports:
- name: http
port: 9898
targetPort: http
protocol: TCP
selector:
app: podinfo

14
deploy/istio/backend-destination-rule.yaml Normal file
View File

@@ -0,0 +1,14 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: podinfo-backend
spec:
host: podinfo-backend
subsets:
- name: grey
labels:
color: grey
- name: orange
labels:
color: orange

64
deploy/istio/backend-grey-dep.yaml Normal file
View File

@@ -0,0 +1,64 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo-backend-grey
labels:
app: podinfo-backend
color: grey
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: podinfo-backend
color: grey
template:
metadata:
labels:
app: podinfo-backend
color: grey
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:0.6.0
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- sleep 3
command:
- ./podinfo
- -port=9898
- -logLevel=debug
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
livenessProbe:
httpGet:
path: /healthz
port: 9898
resources:
requests:
memory: "32Mi"
cpu: "10m"
env:
- name: color
value: "grey"
- name: message
value: "Greetings from backend grey"
- name: backendURL
value: "http://podinfo-store:9898/echo" #"https://httpbin.org/anything"

64
deploy/istio/backend-orange-dep.yaml Normal file
View File

@@ -0,0 +1,64 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo-backend-orange
labels:
app: podinfo-backend
color: orange
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: podinfo-backend
color: orange
template:
metadata:
labels:
app: podinfo-backend
color: orange
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:0.6.0
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- sleep 3
command:
- ./podinfo
- -port=9898
- -logLevel=debug
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
livenessProbe:
httpGet:
path: /healthz
port: 9898
resources:
requests:
memory: "32Mi"
cpu: "10m"
env:
- name: color
value: "orange"
- name: message
value: "Greetings from backend orange"
- name: backendURL
value: "http://podinfo-store:9898/echo" #"https://httpbin.org/anything"

15
deploy/istio/backend-svc.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
name: podinfo-backend
labels:
app: podinfo-backend
spec:
type: ClusterIP
ports:
- port: 9898
targetPort: http
protocol: TCP
name: http
selector:
app: podinfo-backend

29
deploy/istio/backend-virtual-service.yaml Normal file
View File

@@ -0,0 +1,29 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: podinfo-backend
spec:
hosts:
- podinfo-backend
http:
# new version
# forward 100% of the traffic to orange
- match:
# - headers:
# x-api-version:
# regex: "^(v{0,1})0\\.6\\.([0-9]{1,3}).*"
- sourceLabels:
color: blue
route:
- destination:
host: podinfo-backend
subset: orange
timeout: 20s
# default route
# forward 100% of the traffic to grey
- route:
- destination:
host: podinfo-backend
subset: grey
timeout: 20s

65
deploy/istio/blue-dep.yaml Normal file
View File

@@ -0,0 +1,65 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo-blue
labels:
app: podinfo
color: blue
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: podinfo
color: blue
template:
metadata:
labels:
app: podinfo
color: blue
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:0.6.0
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- sleep 3
command:
- ./podinfo
- -port=9898
- -logLevel=debug
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
initialDelaySeconds: 10
livenessProbe:
httpGet:
path: /healthz
port: 9898
resources:
requests:
memory: "32Mi"
cpu: "10m"
env:
- name: color
value: "blue"
- name: message
value: "Greetings from podinfo blue"
- name: backendURL
value: "http://podinfo-backend:9898/backend"

14
deploy/istio/frontend-destination-rule.yaml Normal file
View File

@@ -0,0 +1,14 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: podinfo
spec:
host: podinfo
subsets:
- name: blue
labels:
color: blue
- name: green
labels:
color: green

15
deploy/istio/frontend-svc.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
name: podinfo
labels:
app: podinfo
spec:
type: ClusterIP
ports:
- port: 9898
targetPort: http
protocol: TCP
name: http
selector:
app: podinfo

82
deploy/istio/frontend-virtual-service.yaml Normal file
View File

@@ -0,0 +1,82 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: podinfo
spec:
hosts:
- "podinfo.istio.weavedx.com"
gateways:
- public-gateway.istio-system.svc.cluster.local
http:
# Opera: forward 100% of the traffic to green
- match:
- headers:
user-agent:
regex: ".*OPR.*"
route:
- destination:
host: podinfo
subset: green
timeout: 30s
# Chrome: 50/50 load balancing between blue and green
- match:
- headers:
user-agent:
regex: ".*Chrome.*"
route:
- destination:
host: podinfo
subset: blue
weight: 50
- destination:
host: podinfo
subset: green
weight: 50
timeout: 30s
# Safari: 70/30 load balancing between blue and green
- match:
- headers:
user-agent:
regex: "^(?!.*Chrome).*Safari.*"
route:
- destination:
host: podinfo
subset: blue
weight: 100
- destination:
host: podinfo
subset: green
weight: 0
timeout: 30s
# Route based on color header
- match:
- headers:
x-color:
exact: "blue"
route:
- destination:
host: podinfo
subset: blue
timeout: 30s
retries:
attempts: 3
perTryTimeout: 3s
- match:
- headers:
x-color:
exact: "green"
route:
- destination:
host: podinfo
subset: green
timeout: 30s
retries:
attempts: 3
perTryTimeout: 3s
# Any other browser: forward 100% of the traffic to blue
- route:
- destination:
host: podinfo
subset: blue
timeout: 35s

68
deploy/istio/green-dep.yaml Normal file
View File

@@ -0,0 +1,68 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo-green
labels:
app: podinfo
color: green
spec:
replicas: 3
minReadySeconds: 15
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: podinfo
color: green
template:
metadata:
labels:
app: podinfo
color: green
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:0.6.0
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- sleep 4
command:
- ./podinfo
- -port=9898
- -logLevel=debug
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
initialDelaySeconds: 1
periodSeconds: 2
failureThreshold: 1
livenessProbe:
httpGet:
path: /healthz
port: 9898
resources:
requests:
memory: "32Mi"
cpu: "10m"
env:
- name: color
value: "green"
- name: message
value: "Greetings from podinfo green"
- name: backendURL
value: "http://podinfo-backend:9898/backend"

15
deploy/istio/httpbin-service-entry.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: httpbin
spec:
hosts:
- httpbin.org
ports:
- number: 80
name: http
protocol: HTTP
- number: 443
name: https
protocol: HTTPS
resolution: DNS

62
deploy/istio/store-dep.yaml Normal file
View File

@@ -0,0 +1,62 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo-store
labels:
app: podinfo-store
version: "0.6"
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: podinfo-store
version: "0.6"
template:
metadata:
labels:
app: podinfo-store
version: "0.6"
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:0.6.0
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- sleep 3
command:
- ./podinfo
- -port=9898
- -logLevel=debug
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
livenessProbe:
httpGet:
path: /healthz
port: 9898
resources:
requests:
memory: "32Mi"
cpu: "10m"
env:
- name: color
value: "yellow"
- name: message
value: "Greetings from store yellow"

15
deploy/istio/store-svc.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
name: podinfo-store
labels:
app: podinfo-store
spec:
type: ClusterIP
ports:
- port: 9898
targetPort: http
protocol: TCP
name: http
selector:
app: podinfo-store

27
deploy/istio/store-virtual-service.yaml Normal file
View File

@@ -0,0 +1,27 @@
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: podinfo-store
spec:
hosts:
- podinfo-store
http:
- match:
- sourceLabels:
color: orange
route:
- destination:
host: podinfo-store
timeout: 15s
fault:
delay:
percent: 50
fixedDelay: 500ms
abort:
percent: 50
httpStatus: 500
- route:
- destination:
host: podinfo-store
timeout: 15s

37
deploy/k9/README.md
View File

@@ -12,13 +12,22 @@ Create a secret with the Git ssh key:
kubectl apply -f ./deploy/k9/ssh-key.yaml
```
Create the Git Server deploy and service:
Create the Git Server deployment and service:
```bash
kubectl apply -f ./deploy/k9/git-dep.yaml
kubectl apply -f ./deploy/k9/git-svc.yaml
```
Deploy Flux (modify fux-dep.yaml and add your weave token):
```bash
kubectl apply -f ./deploy/k9/memcache-dep.yaml
kubectl apply -f ./deploy/k9/memcache-svc.yaml
kubectl apply -f ./deploy/k9/flux-rbac.yaml
kubectl apply -f ./deploy/k9/flux-dep.yaml
```
Create the Cloud9 IDE deployment:
```bash
@@ -31,35 +40,21 @@ Find the public IP:
kubectl -n ide get svc --selector=name=ide
```
Open Cloud9 IDE in your browser, login with `username/password` and run the following commands:
Open Cloud9 IDE in your browser, login with `username/password` and config git:
```bash
ssh-keyscan gitsrv >> ~/.ssh/known_hosts
git config --global user.email "user@weavedx.com"
git config --global user.name "User"
```
Exec into the Git server and create a repo:
Commit a change to podinfo repo:
```bash
kubectl -n ide exec -it gitsrv-69b4cd5fc-dd6rf -- sh
/git-server # cd repos
/git-server # mkdir myrepo.git
/git-server # cd myrepo.git
/git-server # git init --shared=true
/git-server # git add .
/git-server # git config --global user.email "user@weavedx.com"
/git-server # git config --global user.name "User"
/git-server # git commit -m "init"
/git-server # git checkout -b dummy
```
Go back to the Cloud9 IDE and clone the repo:
```bash
git clone ssh://git@gitsrv/git-server/repos/myrepo.git
cd k8s-podinfo
rm Dockerfile.build
git add .
git commit -m "test"
git push origin master
```

52
deploy/k9/flux-dep.yaml Executable file
View File

@@ -0,0 +1,52 @@
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
labels:
name: flux
name: flux
namespace: ide
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
name: flux
template:
metadata:
labels:
name: flux
spec:
serviceAccount: flux
volumes:
- name: ssh-git
secret:
defaultMode: 0400
secretName: ssh-git
- name: git-keygen
emptyDir:
medium: Memory
containers:
- name: flux
image: quay.io/weaveworks/flux:1.2.5
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3030
volumeMounts:
- name: ssh-git
mountPath: /root/.ssh
readOnly: true
- name: ssh-git
mountPath: /etc/fluxd/ssh
readOnly: true
- name: git-keygen
mountPath: /var/fluxd/keygen
args:
- --ssh-keygen-dir=/var/fluxd/keygen
- --k8s-secret-name=ssh-git
- --git-url=ssh://git@gitsrv/git-server/repos/cluster.git
- --git-branch=master
#- --git-path=deploy/canary
#- --connect=wss://cloud.weave.works/api/flux
#- --token=yghrfcs5berdqp68z7wfndcea93rq6nx

36
deploy/k9/flux-rbac.yaml Executable file
View File

@@ -0,0 +1,36 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
name: flux
name: flux
namespace: ide
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
labels:
name: flux
name: flux
rules:
- apiGroups: ['*']
resources: ['*']
verbs: ['*']
- nonResourceURLs: ['*']
verbs: ['*']
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
labels:
name: flux
name: flux
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flux
subjects:
- kind: ServiceAccount
name: flux
namespace: ide

13
deploy/k9/git-dep.yaml
View File

@@ -17,8 +17,13 @@ spec:
name: gitsrv
spec:
containers:
- image: jkarlos/git-server-docker
- image: stefanprodan/gitsrv:0.0.5
name: git
env:
- name: REPO
value: "cluster.git"
- name: TAR_URL
value: "https://github.com/stefanprodan/kubecon-cluster/archive/0.0.1.tar.gz"
ports:
- containerPort: 22
name: ssh
@@ -33,5 +38,7 @@ spec:
secret:
secretName: ssh-git
- name: git-server-data
persistentVolumeClaim:
claimName: git-server-data
emptyDir: {}
# - name: git-server-data
# persistentVolumeClaim:
# claimName: git-server-data

16
deploy/k9/k9-cfg.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: k9-cfg
namespace: ide
data:
gcp-clone.sh: |
#!/usr/bin/env sh
export PATH=/google-cloud-sdk/bin:$PATH
git config --global credential.helper gcloud.sh
git config --global user.email "dx+training@weave.works"
git config --global user.name "k8s fan"
git clone -b master $1

44
deploy/k9/k9-dep.yaml
View File

@@ -21,23 +21,37 @@ spec:
serviceAccount: ide
serviceAccountName: ide
initContainers:
- command:
- name: git-clone-cluster
command:
- /bin/sh
- -c
- test -d /workspace/k8s-podinfo || git clone https://github.com/stefanprodan/k8s-podinfo
k8s-podinfo
image: stefanprodan/k9c:0.1.0
- test -d /workspace/cluster || git clone -b master ssh://git@gitsrv/git-server/repos/cluster.git
image: stefanprodan/k9c:v2-gcloud
imagePullPolicy: IfNotPresent
name: git-clone
volumeMounts:
- mountPath: /workspace
name: data
name: ide-workspace-data
- mountPath: /root/.ssh
name: ssh-git
- name: git-clone-podinfo
command:
- /bin/bash
- -c
- /root/gcp-clone.sh https://source.developers.google.com/p/dx-general/r/podinfo
image: stefanprodan/k9c:v2-gcloud
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /workspace
name: ide-workspace-data
- mountPath: /root/gcp-clone.sh
subPath: gcp-clone.sh
name: git-init
containers:
- name: ide
args:
- --auth
- username:password
image: stefanprodan/k9c:0.1.0
image: stefanprodan/k9c:v2-gcloud
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
@@ -71,7 +85,7 @@ spec:
timeoutSeconds: 1
volumeMounts:
- mountPath: /workspace
name: data
name: ide-workspace-data
- mountPath: /var/run/docker.sock
name: dockersocket
- mountPath: /root/.ssh
@@ -81,12 +95,16 @@ spec:
secret:
defaultMode: 0600
secretName: ssh-git
- name: data
- name: git-init
configMap:
defaultMode: 0744
name: k9-cfg
- name: dockersocket
hostPath:
path: /var/run/docker.sock
type: ""
- name: ide-workspace-data
emptyDir: {}
# - name: ide-workspace-data
# persistentVolumeClaim:
# claimName: ide-workspace-data
- hostPath:
path: /var/run/docker.sock
type: ""
name: dockersocket

8
deploy/k9/k9-rbac.yaml
View File

@@ -19,15 +19,11 @@ rules:
resources:
- '*'
verbs:
- get
- list
- watch
- '*'
- nonResourceURLs:
- '*'
verbs:
- get
- list
- watch
- '*'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding

31
deploy/k9/memcache-dep.yaml Executable file
View File

@@ -0,0 +1,31 @@
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
labels:
name: memcached
name: memcached
namespace: ide
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
name: memcached
template:
metadata:
labels:
name: memcached
spec:
containers:
- name: memcached
image: memcached:1.4.25
imagePullPolicy: IfNotPresent
args:
- -m 64 # Maximum memory to use, in megabytes. 64MB is default.
- -p 11211 # Default port, but being explicit is nice.
- -vv # This gets us to the level of request logs.
ports:
- name: clients
containerPort: 11211

15
deploy/k9/memcache-svc.yaml Executable file
View File

@@ -0,0 +1,15 @@
---
apiVersion: v1
kind: Service
metadata:
name: memcached
namespace: ide
spec:
# The memcache client uses DNS to get a list of memcached servers and then
# uses a consistent hash of the key to determine which server to pick.
clusterIP: None
ports:
- name: memcached
port: 11211
selector:
name: memcached

2
deploy/k9/ssh-key.yaml
View File

@@ -3,6 +3,8 @@
apiVersion: v1
kind: Secret
data:
known_hosts: Z2l0c3J2IHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRRHQ2NU0wc2FGQTZFd3NqYzhtUTQwNWJJNDA2QnNGU0pyYkd6OUdGcmJXQm4wUnMzTG9pNFM2QURXZ1RXbGNzcEh2YmZtZjd2WFc5b2lUanhla2U4b0hQQ2ZGWXJIRmRQSzI2QmlnMkoxa0UyRHpST05pelpXY2R3OGRwcVJodnhsdDIrL0VKdXVheThDR1h6M1ZMQ1Y4TmdKYzVBWW1Bd05Qa25VaFdLeGFBemp3dlJkLzBjeVhyNHZ2Y1REY213UjYzb2lXY1JQa0hDWjVMQ2xGdVpFMDY1VWxtMm82Q2dJdGwrZTZNNW91RFNKV1pEcFlXV21tSkpKdjFEUW9ScnVOYmFmNWY0YmdXVmtLanJRLzBjQTRpV1dsa3dKTWxBV1FncDlzYUQwRzJGODNocmYyWGFwTS9jbFdURnlia3pQcVBxYXcyQkV3WFA2dldwNkExaVVSCmdpdHNydiBlY2RzYS1zaGEyLW5pc3RwMjU2IEFBQUFFMlZqWkhOaExYTm9ZVEl0Ym1semRIQXlOVFlBQUFBSWJtbHpkSEF5TlRZQUFBQkJCTTZXeVV4UVJQdFpoWUx4akc2WVJRT0hEL1NYLyt1STRYQm80NFVUU3UyMXVxbWYvbEc4Y0xXVGRNVnpEbFVEWTkvRHg0dEZ6OTZMVDk3a1VDMXBMSnM9CmdpdHNydiBzc2gtZWQyNTUxOSBBQUFBQzNOemFDMWxaREkxTlRFNUFBQUFJQU12MXoyWW5EdWc1TTRLbHAzRk1iQnZ3OU5kRnJ4N09tNXVFS0ZRczA3dAo=
identity: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBczNuS2xrdkhLYlBEVlZCZTJLdGJSQ0dIcmphYU5MVkI3bVRHMjEwSjZpRXg4RnJYCldkR1YvZDJOUWJhYVFDQ1JDaHc3THdqSFFkeU5lVHJoam0xbGgzY0xzRk04RTJxRUEwZ0hMdVVyL2dlTkx6K0kKN2pzc0xTakJ0MTB6NWVYVzFjNUJaWWRBdElOK3dOTmpPTFptR21uV0NCQjBBUmx2M3d6RFNjOXE4NXZ2UXRjRwpxWjNnY0tReS9ZVDd3TXM0Y052ZW9CWDlBNVZOcnZrTjlrT3VBYmlCTFpUMWtCMWxxNVVsQ3FRVUpBNFQ4bVN5Clh5eXNsejhGcWxTb2xac1FKQmtSZmlDYlNQcENPcEVmc1h4L3ltTzlCaGVzMTVBOW42cDlVc253dDRjRzhwYjYKaEV6K0ZYQ0M5N3QrUXJ6L2dIV2w1bGI5SFViWFJPQ3FSaGxZWFFJREFRQUJBb0lCQURPNmNhcDU4dEJSTUlhQgpZS1RnVnJDL1hVVFlGZ0FGRWhpczBTZmVuQUh3U1YxMlFVVnhBK01rblJjSWsxTFNVQnR5NFpmLzFyWmo1QjdCCjJzcmJPdjBkVWJBamZWZzNSZzlRRGtuMDRZWVpGUmMrSDdCU083eFVWK2tLb3UrckhBMkpvZzJxT3ZzTVAxZEMKVmdHOWlKWXFWUGNFRHZ0V0lvbE9PMmNsc2pTK0REZEd4b0J2amFRbzhHVlZkaUZrekdOVmdTQkZnM1dPZnRsOApKMjZyNndzYVVXZDYrYyt1aTRFdUtJTjg2SEhNT0t0bDExbjd6QjNYVWllTEZVSW1GUjhHNHRHQlZwZXhzeVFpCmxjc2dUM1NnWEZDOUp6Q0VSUGRrTXVLSHVWMDBad01maU1ZK3N4Z3RsdXJRMnNhbVhXTmV4eGRlanpDR1RIcWcKV2xRWkJtRUNnWUVBNE5CN3VwMjZURFlUV0tyZ014aGJueHJaT0wxY3VhT1lWQUJnWWh5b2JnMWVabE10Mk1pVgpVaWxaamFkRnZ5emZjR1BTVEpjSjVmMmkvQ0dzS243RXFxUXdoZnd1S3ZRZTQyazgwbk5BcUczdTkvdkl4bklCCnFGZW5kTTE3SlN2WkU3NXFCVE9uTXVVZ1NuNFJoTXpzOEg3UTFmZFQ4UGMvTVRmRVVKcTQzcGtDZ1lFQXpGOUMKd1g0Z0UvUnZlbWZRc0ZVZ29TQ0lQdkR1bFhNNzNsK09XRnByOE00MWxpeGcvd0lvQ2NFZlpGcFdLUkpqSmwvUwpOVFh3YVhnOGg4RGl3a3d3dzJmcmNvWTl2TGNIcGxvWVRkN1ZjUVk4UGRKdjNJeGFReld6SHpMR3N0M29hZ08rCmJDbStsMEY5TnY0VUdWRHUrT0RSQjJyRWo2b1ZGRmh0SUQxbmRtVUNnWUJHS3V3alQrMkFzZlFSM2F1Q1p4eloKcVFDWmhBajM3QWEwV1RXOENhUE1UYUhrSUJ3VUtHN3FxUHRKaWlicngyNnAzbzRaMTU2QVNVemdrd1h3Y1lhaQptQUtKSHkrdHVtb1ZvcGdZTzE2Mzh5LzkrSGt1N3hCellZQmpwV3JGTEUxaHF6SGVFOFFnejREbm56ZUtrb2QxCmZLOWp5UUZMR1hDQXhSNGg1bGpES1FLQmdRQytqUjlmNjZvYkVQQ1Q3NUhicHpPS0tCd0FtNEhJWkszd2M2WHoKNlRMMVRqOFdhd0J4SStDUzM3YldTWWhHT1RlckF2S3EzRVR4QWNObVM4amhva3BoRjFhbTdGVkp6Rm5jbCtwTApTTFkzOExsZ1p3SVhYK0dWQXMrbENpSExpaTMyRXRHTVpndW5XYzlXNCtWM2lVZVhVMzV4N1BHaWhkR3JxNXJyCjBYVFRKUUtCZ0FReUF0RlloVHRONktCSER2NFdiTDQxcnBtcUlVcUlpV0R6a3FPT1ZXcHgzYkpTdWVNeDEyUjQKWHVVaGkwL2ZqbGFvMmYwWTBqbTBDUlQ5ZmlhQW56WHNMRXNzN2JYQ0ZZcGt3V3ZrNnNqV1BCWGdPUnBZbklHNQpRRWNFeklzRDFKQm1EY0RxdWxpZ0dnUzNIdGhiWTl5WW4vU3l4d0owcU5ob3BDS1d2OWNOCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
id_rsa: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBczNuS2xrdkhLYlBEVlZCZTJLdGJSQ0dIcmphYU5MVkI3bVRHMjEwSjZpRXg4RnJYCldkR1YvZDJOUWJhYVFDQ1JDaHc3THdqSFFkeU5lVHJoam0xbGgzY0xzRk04RTJxRUEwZ0hMdVVyL2dlTkx6K0kKN2pzc0xTakJ0MTB6NWVYVzFjNUJaWWRBdElOK3dOTmpPTFptR21uV0NCQjBBUmx2M3d6RFNjOXE4NXZ2UXRjRwpxWjNnY0tReS9ZVDd3TXM0Y052ZW9CWDlBNVZOcnZrTjlrT3VBYmlCTFpUMWtCMWxxNVVsQ3FRVUpBNFQ4bVN5Clh5eXNsejhGcWxTb2xac1FKQmtSZmlDYlNQcENPcEVmc1h4L3ltTzlCaGVzMTVBOW42cDlVc253dDRjRzhwYjYKaEV6K0ZYQ0M5N3QrUXJ6L2dIV2w1bGI5SFViWFJPQ3FSaGxZWFFJREFRQUJBb0lCQURPNmNhcDU4dEJSTUlhQgpZS1RnVnJDL1hVVFlGZ0FGRWhpczBTZmVuQUh3U1YxMlFVVnhBK01rblJjSWsxTFNVQnR5NFpmLzFyWmo1QjdCCjJzcmJPdjBkVWJBamZWZzNSZzlRRGtuMDRZWVpGUmMrSDdCU083eFVWK2tLb3UrckhBMkpvZzJxT3ZzTVAxZEMKVmdHOWlKWXFWUGNFRHZ0V0lvbE9PMmNsc2pTK0REZEd4b0J2amFRbzhHVlZkaUZrekdOVmdTQkZnM1dPZnRsOApKMjZyNndzYVVXZDYrYyt1aTRFdUtJTjg2SEhNT0t0bDExbjd6QjNYVWllTEZVSW1GUjhHNHRHQlZwZXhzeVFpCmxjc2dUM1NnWEZDOUp6Q0VSUGRrTXVLSHVWMDBad01maU1ZK3N4Z3RsdXJRMnNhbVhXTmV4eGRlanpDR1RIcWcKV2xRWkJtRUNnWUVBNE5CN3VwMjZURFlUV0tyZ014aGJueHJaT0wxY3VhT1lWQUJnWWh5b2JnMWVabE10Mk1pVgpVaWxaamFkRnZ5emZjR1BTVEpjSjVmMmkvQ0dzS243RXFxUXdoZnd1S3ZRZTQyazgwbk5BcUczdTkvdkl4bklCCnFGZW5kTTE3SlN2WkU3NXFCVE9uTXVVZ1NuNFJoTXpzOEg3UTFmZFQ4UGMvTVRmRVVKcTQzcGtDZ1lFQXpGOUMKd1g0Z0UvUnZlbWZRc0ZVZ29TQ0lQdkR1bFhNNzNsK09XRnByOE00MWxpeGcvd0lvQ2NFZlpGcFdLUkpqSmwvUwpOVFh3YVhnOGg4RGl3a3d3dzJmcmNvWTl2TGNIcGxvWVRkN1ZjUVk4UGRKdjNJeGFReld6SHpMR3N0M29hZ08rCmJDbStsMEY5TnY0VUdWRHUrT0RSQjJyRWo2b1ZGRmh0SUQxbmRtVUNnWUJHS3V3alQrMkFzZlFSM2F1Q1p4eloKcVFDWmhBajM3QWEwV1RXOENhUE1UYUhrSUJ3VUtHN3FxUHRKaWlicngyNnAzbzRaMTU2QVNVemdrd1h3Y1lhaQptQUtKSHkrdHVtb1ZvcGdZTzE2Mzh5LzkrSGt1N3hCellZQmpwV3JGTEUxaHF6SGVFOFFnejREbm56ZUtrb2QxCmZLOWp5UUZMR1hDQXhSNGg1bGpES1FLQmdRQytqUjlmNjZvYkVQQ1Q3NUhicHpPS0tCd0FtNEhJWkszd2M2WHoKNlRMMVRqOFdhd0J4SStDUzM3YldTWWhHT1RlckF2S3EzRVR4QWNObVM4amhva3BoRjFhbTdGVkp6Rm5jbCtwTApTTFkzOExsZ1p3SVhYK0dWQXMrbENpSExpaTMyRXRHTVpndW5XYzlXNCtWM2lVZVhVMzV4N1BHaWhkR3JxNXJyCjBYVFRKUUtCZ0FReUF0RlloVHRONktCSER2NFdiTDQxcnBtcUlVcUlpV0R6a3FPT1ZXcHgzYkpTdWVNeDEyUjQKWHVVaGkwL2ZqbGFvMmYwWTBqbTBDUlQ5ZmlhQW56WHNMRXNzN2JYQ0ZZcGt3V3ZrNnNqV1BCWGdPUnBZbklHNQpRRWNFeklzRDFKQm1EY0RxdWxpZ0dnUzNIdGhiWTl5WW4vU3l4d0owcU5ob3BDS1d2OWNOCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
id_rsa.pub: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDemVjcVdTOGNwczhOVlVGN1lxMXRFSVlldU5wbzB0VUh1Wk1iYlhRbnFJVEh3V3RkWjBaWDkzWTFCdHBwQUlKRUtIRHN2Q01kQjNJMTVPdUdPYldXSGR3dXdVendUYW9RRFNBY3U1U3YrQjQwdlA0anVPeXd0S01HM1hUUGw1ZGJWemtGbGgwQzBnMzdBMDJNNHRtWWFhZFlJRUhRQkdXL2ZETU5KejJyem0rOUMxd2FwbmVCd3BETDloUHZBeXpodzI5NmdGZjBEbFUydStRMzJRNjRCdUlFdGxQV1FIV1dybFNVS3BCUWtEaFB5WkxKZkxLeVhQd1dxVktpVm14QWtHUkYrSUp0SStrSTZrUit4ZkgvS1k3MEdGNnpYa0QyZnFuMVN5ZkMzaHdieWx2cUVUUDRWY0lMM3UzNUN2UCtBZGFYbVZ2MGRSdGRFNEtwR0dWaGQgdXNlckB3ZWF2ZWR4LmNvbQo=
metadata:

48
deploy/skaffold/dev/deployment.yaml Normal file
View File

@@ -0,0 +1,48 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo
labels:
app: podinfo
spec:
replicas: 1
selector:
matchLabels:
app: podinfo
template:
metadata:
labels:
app: podinfo
annotations:
prometheus.io/scrape: 'true'
spec:
containers:
- name: podinfod
image: podinfo
command:
- ./podinfo
- -port=9898
- -debug=true
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
initialDelaySeconds: 1
periodSeconds: 5
failureThreshold: 1
livenessProbe:
httpGet:
path: /healthz
port: 9898
initialDelaySeconds: 1
periodSeconds: 10
failureThreshold: 2
resources:
requests:
memory: "32Mi"
cpu: "10m"

50
deploy/skaffold/production/deployment.yaml Normal file
View File

@@ -0,0 +1,50 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo
labels:
app: podinfo
annotations:
flux.weave.works/automated: 'true'
spec:
replicas: 1
selector:
matchLabels:
app: podinfo
template:
metadata:
labels:
app: podinfo
annotations:
prometheus.io/scrape: 'true'
spec:
containers:
- name: podinfod
image: stefanprodan/podinfo:92114c0
command:
- ./podinfo
- -port=9898
- -debug=true
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
initialDelaySeconds: 1
periodSeconds: 5
failureThreshold: 1
livenessProbe:
httpGet:
path: /healthz
port: 9898
initialDelaySeconds: 1
periodSeconds: 10
failureThreshold: 2
resources:
requests:
memory: "32Mi"
cpu: "10m"

8
deploy/skaffold/test/basic-auth.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
data:
basic_auth_password: ODM4NzIwYTUxMjgxNDlkMzJmMTIxYTViMWQ4N2FjMzUwNzAxZThmZQ==
basic_auth_test: YWRtaW4=
kind: Secret
metadata:
name: basic-auth
type: Opaque

79
deploy/skaffold/test/deployment.yaml Normal file
View File

@@ -0,0 +1,79 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo
labels:
app: podinfo
spec:
replicas: 3
minReadySeconds: 15
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
selector:
matchLabels:
app: podinfo
template:
metadata:
labels:
app: podinfo
annotations:
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 30
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:0.6.0
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- sleep 3
command:
- ./podinfo
- -port=9898
- -logLevel=debug
ports:
- name: http
containerPort: 9898
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9898
initialDelaySeconds: 1
periodSeconds: 2
failureThreshold: 1
livenessProbe:
httpGet:
path: /healthz
port: 9898
initialDelaySeconds: 1
periodSeconds: 10
failureThreshold: 2
resources:
requests:
memory: "32Mi"
cpu: "10m"
env:
- name: color
value: "blue"
- name: message
value: "Greetings from podinfo blue"
- name: backendURL
value: "http://podinfo-backend:9898/echo"
- name: configPath
value: "/var/secrets"
volumeMounts:
- name: auth
readOnly: true
mountPath: "/var/secrets"
volumes:
- name: auth
secret:
secretName: basic-auth

15
deploy/skaffold/test/service.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
name: podinfo
labels:
app: podinfo
spec:
type: LoadBalancer
ports:
- port: 9898
targetPort: http
protocol: TCP
name: http
selector:
app: podinfo

10
docs/3-monitoring.md
View File

@@ -7,26 +7,26 @@ Prometheus query examples of key metrics to measure and alert upon.
**Request Rate** - the number of requests per second by instance
```
sum(irate(http_requests_count{job=~".*podinfo"}[1m])) by (instance)
sum(irate(http_request_duration_seconds_count{job=~".*podinfo"}[1m])) by (instance)
```
**Request Errors** - the number of failed requests per second by URL path
```
sum(irate(http_requests_count{job=~".*podinfo", status=~"5.."}[1m])) by (path)
sum(irate(http_request_duration_seconds_count{job=~".*podinfo", status=~"5.."}[1m])) by (path)
```
**Request Duration** - average duration of each request over 10 minutes
```
sum(rate(http_requests_sum{job=~".*podinfo"}[10m])) /
sum(rate(http_requests_count{job=~".*podinfo"}[10m]))
sum(rate(http_request_duration_seconds_sum{job=~".*podinfo"}[10m])) /
sum(rate(http_request_duration_seconds_count{job=~".*podinfo"}[10m]))
```
**Request Latency** - 99th percentile request latency over 10 minutes
```
histogram_quantile(0.99, sum(rate(http_requests_bucket{job=~".*podinfo"}[10m])) by (le))
histogram_quantile(0.99, sum(rate(http_request_duration_seconds_bucket{job=~".*podinfo"}[10m])) by (le))
```
**Goroutines Rate** - the number of running goroutines over 10 minutes

2
docs/5-canary.md
View File

@@ -1,4 +1,4 @@
# Canary Deployments and A/B Testing
# A/B Testing and Canary Deployments
Canary Deployment and A/B testing with Ambassador's Envoy API Gateway.

29
docs/6-ngrok.md
View File

@@ -1,13 +1,13 @@
# Expose Kubernetes services over HTTPS with Ngrok
Have you ever wanted to expose a Kubernetes service running on Minikube on the internet and have a
temporary HTTPS address for it? If so then Ngrok is the perfect solution to do that without any
temporary HTTPS address for it? If so then Ngrok is a great fit to do that without any
firewall, NAT or DNS configurations.
If you are developing an application that works with webhooks or oauth callbacks
Ngrok can create a tunnel between your Kubernetes service and their cloud platform and provide you with
a unique HTTPS URL that you can use to test and debug your service.
For this purpose I've made a Helm chart that you can use to deploy Ngrok on Kubernetes by specifying
I've made a Helm chart that you can use to deploy Ngrok on Kubernetes by specifying
a ClusterIP service that will get exposed on the internet.
What follows is a step-by-step guide on how you can use Ngrok as a reverse proxy to
@@ -63,13 +63,36 @@ helm install sp/podinfo --name webhook
This deploys `podinfo` in the default namespace and
creates a ClusterIP service with the address `webhook-podinfo:9898`.
```yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: podinfo
chart: podinfo-0.1.0
heritage: Tiller
release: webhook
name: webhook-podinfo
namespace: default
spec:
ports:
- name: http
port: 9898
protocol: TCP
targetPort: http
selector:
app: podinfo
release: webhook
type: ClusterIP
```
### Deploy Ngrok
Before you begin go to [ngrok.com](https://ngrok.com) and register for a free account.
Ngrok will create a token for you, use it when installing the Ngrok chart.
Install Ngrok:
Install Ngrok by specifying the ClusterIP address you want to expose:
```bash
$ helm install sp/ngrok --name tunnel \

Some files were not shown because too many files have changed in this diff Show More