beppe/cicdTest
1
0
Fork 0
mirror of https://github.com/bvanroll/cicdTest.git synced 2025-08-28 19:42:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

HLEP

Browse Source
This commit is contained in:
Beppe Vanrolleghem
2020-03-12 07:25:45 +01:00
parent b08a76e8a5
commit f8898596f2
5 changed files with 720 additions and 337 deletions
Download Patch File Download Diff File Expand all files Collapse all files

548
deploy.yaml
View File

@@ -1,274 +1,274 @@
--- # ---
apiVersion: v1 # apiVersion: v1
kind: Namespace # kind: Namespace
metadata: # metadata:
name: istio-project-1 # name: istio-project-1
labels: # labels:
istio-injection: enabled #zorgt voor auto sidecar injection # istio-injection: enabled #zorgt voor auto sidecar injection
--- # ---
apiVersion: apps/v1 # apiVersion: apps/v1
kind: Deployment # kind: Deployment
metadata: # metadata:
name: server-a # name: server-a
namespace: istio-project-1 # namespace: istio-project-1
spec: # spec:
replicas: 1 # replicas: 1
selector: # selector:
matchLabels: # matchLabels:
server: "http" # server: "http"
app: "project-1" #app label bepaald groepering pods in kiali dashboard dus makkelijker te gebruiken # app: "project-1" #app label bepaald groepering pods in kiali dashboard dus makkelijker te gebruiken
expose: "true" # expose: "true"
template: # template:
metadata: # metadata:
labels: # labels:
server: "http" # server: "http"
app: "project-1" # app: "project-1"
expose: "true" # expose: "true"
spec: # spec:
containers: # containers:
- name: front-end # - name: front-end
image: beppev/server-a:master # image: beppev/server-a:master
imagePullPolicy: "Always" # imagePullPolicy: "Always"
ports: # ports:
- containerPort: 5000 # - containerPort: 5000
--- # ---
apiVersion: apps/v1 # apiVersion: apps/v1
kind: Deployment # kind: Deployment
metadata: # metadata:
name: server-b # name: server-b
namespace: istio-project-1 # namespace: istio-project-1
spec: # spec:
replicas: 1 # replicas: 1
selector: # selector:
matchLabels: # matchLabels:
server: "http" # server: "http"
app: "project-1" # app: "project-1"
version: v1 # version: v1
backend: "true" # backend: "true"
template: # template:
metadata: # metadata:
labels: # labels:
server: "http" # server: "http"
app: "project-1" # app: "project-1"
version: v1 # version: v1
backend: "true" # backend: "true"
spec: # spec:
containers: # containers:
- name: front-end # - name: front-end
image: beppev/server-b:master # image: beppev/server-b:master
imagePullPolicy: "Always" # imagePullPolicy: "Always"
ports: # ports:
- containerPort: 6000 # - containerPort: 6000
--- # ---
apiVersion: apps/v1 # apiVersion: apps/v1
kind: Deployment # kind: Deployment
metadata: # metadata:
name: server-b-test # name: server-b-test
namespace: istio-project-1 # namespace: istio-project-1
spec: # spec:
replicas: 1 # replicas: 1
selector: # selector:
matchLabels: # matchLabels:
server: "http" # server: "http"
app: "project-1" # app: "project-1"
version: v2 # version: v2
backend: "true" # backend: "true"
template: # template:
metadata: # metadata:
labels: # labels:
server: "http" # server: "http"
app: "project-1" # app: "project-1"
version: v2 # version: v2
backend: "true" # backend: "true"
spec: # spec:
containers: # containers:
- name: front-end # - name: front-end
image: beppev/server-b:experimental # image: beppev/server-b:experimental
imagePullPolicy: "Always" # imagePullPolicy: "Always"
ports: # ports:
- containerPort: 6000 # - containerPort: 6000
--- # ---
apiVersion: apps/v1 # apiVersion: apps/v1
kind: Deployment # kind: Deployment
metadata: # metadata:
name: server-d # name: server-d
namespace: istio-project-1 # namespace: istio-project-1
spec: # spec:
replicas: 1 # replicas: 1
selector: # selector:
matchLabels: # matchLabels:
app: "project-1" # app: "project-1"
mirror: "true" # mirror: "true"
template: # template:
metadata: # metadata:
labels: # labels:
app: "project-1" # app: "project-1"
mirror: "true" # mirror: "true"
spec: # spec:
containers: # containers:
- name: front-end # - name: front-end
image: beppev/server-d:master # image: beppev/server-d:master
ports: # ports:
- containerPort: 6000 # - containerPort: 6000
--- # ---
apiVersion: v1 # apiVersion: v1
kind: Service # kind: Service
metadata: # metadata:
name: mirror-service # name: mirror-service
namespace: istio-project-1 # namespace: istio-project-1
labels: # labels:
app: "project-1" # app: "project-1"
spec: # spec:
selector: # selector:
mirror: "true" # mirror: "true"
ports: # ports:
- name: http # - name: http
protocol: TCP # protocol: TCP
port: 6000 # port: 6000
--- # ---
apiVersion: v1 # apiVersion: v1
kind: Service # kind: Service
metadata: # metadata:
name: server-check # name: server-check
namespace: istio-project-1 # namespace: istio-project-1
labels: # labels:
app: "project-1" # app: "project-1"
spec: # spec:
selector: # selector:
backend: "true" # backend: "true"
ports: # ports:
- name: http # - name: http
protocol: TCP # protocol: TCP
port: 6000 # port: 6000
--- # ---
apiVersion: networking.istio.io/v1alpha3 # apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule # kind: DestinationRule
metadata: # metadata:
name: server-check-destination # name: server-check-destination
namespace: istio-project-1 # namespace: istio-project-1
labels: # labels:
app: "project-1" # app: "project-1"
spec: # spec:
host: server-check # host: server-check
subsets: # subsets:
- name: v1 # - name: v1
labels: # labels:
version: v1 # version: v1
- name: v2 # - name: v2
labels: # labels:
version: v2 # version: v2
--- # ---
apiVersion: networking.istio.io/v1alpha3 # apiVersion: networking.istio.io/v1alpha3
kind: Gateway # kind: Gateway
metadata: # metadata:
name: expose-server-gateway # name: expose-server-gateway
namespace: istio-project-1 # namespace: istio-project-1
labels: # labels:
app: "project-1" # app: "project-1"
spec: # spec:
selector: # selector:
istio: ingressgateway # istio: ingressgateway
servers: # servers:
- port: # - port:
number: 80 # number: 80
name: http # name: http
protocol: HTTP # protocol: HTTP
hosts: # hosts:
- "*" # - "*"
--- # ---
apiVersion: v1 # apiVersion: v1
kind: Service # kind: Service
metadata: # metadata:
name: expose-server-service # name: expose-server-service
namespace: istio-project-1 # namespace: istio-project-1
labels: # labels:
app: "project-1" # app: "project-1"
spec: # spec:
ports: # ports:
- name: http # - name: http
port: 5000 # port: 5000
protocol: TCP # protocol: TCP
selector: # selector:
expose: "true" # expose: "true"
--- # ---
apiVersion: networking.istio.io/v1alpha3 # apiVersion: networking.istio.io/v1alpha3
kind: VirtualService # kind: VirtualService
metadata: # metadata:
name: expose-server-vservice # name: expose-server-vservice
namespace: istio-project-1 # namespace: istio-project-1
labels: # labels:
app: "project-1" # app: "project-1"
spec: # spec:
hosts: # hosts:
- "*" # - "*"
gateways: # gateways:
- expose-server-gateway # - expose-server-gateway
http: # http:
- match: # - match:
- uri: # - uri:
prefix: /server-a # prefix: /server-a
route: # route:
- destination: # - destination:
port: # port:
number: 5000 # number: 5000
host: expose-server-service # host: expose-server-service
- match: # - match:
- uri: # - uri:
prefix: /server-d # prefix: /server-d
route: # route:
- destination: # - destination:
port: # port:
number: 7000 # number: 7000
host: mirror-service # host: mirror-service
--- # TODO fix gateway zodat we ingress gateway kunnen gebruike ipv de fuken loadbalancer. # --- # TODO fix gateway zodat we ingress gateway kunnen gebruike ipv de fuken loadbalancer.
apiVersion: networking.istio.io/v1alpha3 # apiVersion: networking.istio.io/v1alpha3
kind: Gateway # kind: Gateway
metadata: # metadata:
name: server-check-gateway # name: server-check-gateway
namespace: istio-project-1 # namespace: istio-project-1
labels: # labels:
app: "project-1" # app: "project-1"
spec: # spec:
selector: # selector:
expose: "true" # expose: "true"
servers: # servers:
- port: # - port:
number: 6000 # number: 6000
name: http # name: http
protocol: HTTP # protocol: HTTP
hosts: # hosts:
- "*" # - "*"
--- # ---
apiVersion: networking.istio.io/v1alpha3 # apiVersion: networking.istio.io/v1alpha3
kind: VirtualService # kind: VirtualService
metadata: # metadata:
name: server-check-service # name: server-check-service
namespace: istio-project-1 # namespace: istio-project-1
labels: # labels:
app: "project-1" # app: "project-1"
spec: # spec:
hosts: # hosts:
- "*" # - "*"
gateways: # gateways:
- expose-server-gateway # - expose-server-gateway
tcp: # tcp:
- match: # - match:
- port: 6000 # - port: 6000
route: # route:
- destination: # - destination:
host: server-check # host: server-check
port: # port:
number: 6000 # number: 6000
subset: v1 # subset: v1
weight: 50 # weight: 50
- destination: # - destination:
host: server-check # host: server-check
port: # port:
number: 6000 # number: 6000
subset: v2 # subset: v2
weight: 50 # weight: 50
mirror: # mirror:
host: mirror-service # host: mirror-service
port: # port:
number: 6000 # number: 6000
mirror_percent: 100 # mirror_percent: 100

19
manifests/full-pipeline.yaml
View File

@@ -2,7 +2,7 @@
apiVersion: v1 apiVersion: v1
kind: Namespace kind: Namespace
metadata: metadata:
name: tekton-pipeline-istio-project-1 name: stage-tekton-pipeline
labels: labels:
istio-injection: enabled #zorgt voor auto sidecar injection istio-injection: enabled #zorgt voor auto sidecar injection
--- ---
@@ -10,7 +10,7 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: service-acc name: service-acc
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
secrets: secrets:
- name: regcred - name: regcred
--- ---
@@ -24,6 +24,7 @@ rules:
- "apps" - "apps"
- "deploy" - "deploy"
- "networking.istio.io" - "networking.istio.io"
# deze zullen we ook moeten aanpassen elke pipeline die we maken, maar, deze pipelines zijn nu specifiek per branch, dus dit zou geen probleem leveren.
resources: resources:
- pods - pods
- serviceaccounts - serviceaccounts
@@ -54,13 +55,13 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: service-acc name: service-acc
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
--- ---
apiVersion: tekton.dev/v1alpha1 apiVersion: tekton.dev/v1alpha1
kind: PipelineResource kind: PipelineResource
metadata: metadata:
name: git-master name: git-master
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
type: git type: git
params: params:
@@ -73,7 +74,7 @@ apiVersion: tekton.dev/v1alpha1
kind: PipelineResource kind: PipelineResource
metadata: metadata:
name: git-experimental name: git-experimental
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
type: git type: git
params: params:
@@ -86,7 +87,7 @@ apiVersion: tekton.dev/v1alpha1
kind: Task kind: Task
metadata: metadata:
name: build-and-push name: build-and-push
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
inputs: inputs:
resources: resources:
@@ -117,7 +118,7 @@ apiVersion: tekton.dev/v1alpha1
kind: Task kind: Task
metadata: metadata:
name: destroy-application name: destroy-application
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
inputs: inputs:
resources: resources:
@@ -137,7 +138,7 @@ apiVersion: tekton.dev/v1alpha1
kind: Task kind: Task
metadata: metadata:
name: deploy-application name: deploy-application
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
inputs: inputs:
resources: resources:
@@ -156,7 +157,7 @@ apiVersion: tekton.dev/v1alpha1
kind: Pipeline kind: Pipeline
metadata: metadata:
name: application-pipeline name: application-pipeline
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
resources: resources:
- name: git-master - name: git-master

62
manifests/github-event-listener.yaml
View File

@@ -1,9 +1,11 @@
# 1 trigger binding wordt geconfigureerd, en dan worden meerdere trigger templates aangemaakt
# voor de verschillende service mesh types. Op deze manier moet ik niet elke keer een aparte pipeline aanmaken per service mesh type. Het nadeel hieraan is dat dan elke keer elke pipeline gerunned wordt, maar uiteindelijk maakt dit niet veel uit zolang de deploy.yaml files leeg zijn wanneer de commits door gaan
--- ---
apiVersion: tekton.dev/v1alpha1 apiVersion: tekton.dev/v1alpha1
kind: TriggerBinding kind: TriggerBinding
metadata: metadata:
name: github-trigger-binding name: github-trigger-binding
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
params: params:
- name: gitrevision - name: gitrevision
@@ -21,7 +23,7 @@ apiVersion: tekton.dev/v1alpha1
kind: TriggerTemplate kind: TriggerTemplate
metadata: metadata:
name: github-trigger-template name: github-trigger-template
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
params: params:
- name: gitrevision - name: gitrevision
@@ -34,13 +36,13 @@ spec:
kind: PipelineRun kind: PipelineRun
metadata: metadata:
name: application-pipeline-run name: application-pipeline-run
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
serviceAccountName: service-acc serviceAccountName: service-acc
pipelineRef: pipelineRef:
name: application-pipeline name: application-pipeline #gebruik dit om de pipeline aan te passen naar andere versies, zolang ze zich in dezelfde namespace bevinden kunnen we deze pipeline hergebruiken om deployments op de cluster uit te voeren. service-mesh agnostisch.
resources: resources:
- name: git-master - name: git-master
resourceRef: resourceRef:
name: git-master name: git-master
- name: git-experimental - name: git-experimental
@@ -51,7 +53,7 @@ kind: Role
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
name: tekton-trigger-role name: tekton-trigger-role
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
rules: rules:
# Permissions for every EventListener deployment to function # Permissions for every EventListener deployment to function
- apiGroups: ["tekton.dev"] - apiGroups: ["tekton.dev"]
@@ -69,7 +71,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
name: tekton-trigger-role-binding name: tekton-trigger-role-binding
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: ClusterRole kind: ClusterRole
@@ -77,13 +79,13 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: service-acc name: service-acc
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
--- ---
apiVersion: tekton.dev/v1alpha1 apiVersion: tekton.dev/v1alpha1
kind: EventListener kind: EventListener
metadata: metadata:
name: github-event-listener name: github-event-listener
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
serviceAccountName: service-acc serviceAccountName: service-acc
triggers: triggers:
@@ -92,45 +94,3 @@ spec:
template: template:
name: github-trigger-template name: github-trigger-template
--- ---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: expose-event-listener
namespace: tekton-pipeline-istio-project-1
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 443
name: http
protocol: HTTP
hosts:
- "*"
- port:
number: 80
name: http2
protocol: HTTP
hosts:
- "*"
- port:
number: 8080
name: http3
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: link-gateway-listener
namespace: tekton-pipeline-istio-project-1
spec:
hosts:
- "*"
gateways:
- expose-event-listener
http:
- route:
- destination:
host: el-github-event-listener

154
manifests/github-webhook-setup.yaml
View File

@@ -8,7 +8,7 @@
# kind: Secret # kind: Secret
# metadata: # metadata:
# name: webhook-secret # name: webhook-secret
# namespace: tekton-pipeline-istio-project-1 # namespace: stage-tekton-pipeline
# stringData: # stringData:
# token: GITHUBTOKEN # token: GITHUBTOKEN
# secret: random-string-data # secret: random-string-data
@@ -17,7 +17,7 @@ apiVersion: tekton.dev/v1alpha1
kind: Task kind: Task
metadata: metadata:
name: create-webhook name: create-webhook
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
volumes: volumes:
- name: github-secret - name: github-secret
@@ -69,7 +69,7 @@ apiVersion: tekton.dev/v1alpha1
kind: TaskRun kind: TaskRun
metadata: metadata:
name: create-repo-webhook name: create-repo-webhook
namespace: tekton-pipeline-istio-project-1 namespace: stage-tekton-pipeline
spec: spec:
taskRef: taskRef:
name: create-webhook name: create-webhook
@@ -91,3 +91,151 @@ spec:
value: 35.233.93.220 value: 35.233.93.220
timeout: 1000s timeout: 1000s
serviceAccountName: service-acc serviceAccountName: service-acc
---
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: create-ingress
namespace: stage-tekton-pipeline
spec:
volumes:
- name: work
emptyDir: {}
inputs:
params:
- name: CreateCertificate
description: "Enables/disables the creation of a self-signed certificate for $(inputs.params.ExternalDomain)"
default: "true"
- name: CertificateKeyPassphrase
description: "Phrase that protects private key. This must be provided when the self-signed certificate is created"
- name: CertificateSecretName
description: "Secret name for Ingress certificate. The Secret should not exist if the self-signed certificate creation is enabled"
- name: ExternalDomain
description: "The external domain for the EventListener e.g. `$(inputs.params.EventListenerName).PROXYIP.nip.io`"
- name: Service
description: "The name of the Service used in the Ingress. This will also be the name of the Ingress."
- name: ServicePort
description: "The service port that the ingress is being created on"
- name: ServiceUID
description: "The uid of the service. If set, this creates an owner reference on the service"
default: ""
steps:
- name: generate-certificate
image: frapsoft/openssl
volumeMounts:
- name: work
mountPath: /var/tmp/work
command:
- sh
args:
- -ce
- |
set -e
cat <<EOF | sh
#!/bin/sh
if [ $(inputs.params.CreateCertificate) = "false" ];then
exit 0
fi
mkdir /var/tmp/work/ingress
openssl genrsa -des3 -out /var/tmp/work/ingress/key.pem -passout pass:$(inputs.params.CertificateKeyPassphrase) 2048
openssl req -x509 -new -nodes -key /var/tmp/work/ingress/key.pem -sha256 -days 1825 -out /var/tmp/work/ingress/certificate.pem -passin pass:$(inputs.params.CertificateKeyPassphrase) -subj /CN=$(inputs.params.ExternalDomain)
openssl rsa -in /var/tmp/work/ingress/key.pem -out /var/tmp/work/ingress/key.pem -passin pass:$(inputs.params.CertificateKeyPassphrase)
EOF
- name: create-certificate-secret
image: lachlanevenson/k8s-kubectl:latest
volumeMounts:
- name: work
mountPath: /var/tmp/work
command:
- sh
args:
- -ce
- |
set -e
cat <<EOF | sh
#!/bin/sh
if [ $(inputs.params.CreateCertificate) = "false" ];then
exit 0
fi
kubectl create secret tls $(inputs.params.CertificateSecretName) --cert=/var/tmp/work/ingress/certificate.pem --key=/var/tmp/work/ingress/key.pem || true
EOF
- name: create-ingress
image: lachlanevenson/k8s-kubectl:latest
command:
- sh
args:
- -ce
- |
set -e
if [ -n "$(inputs.params.ServiceUID)" ];then
cat <<EOF | kubectl create -f - || true
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: $(inputs.params.Service)
ownerReferences:
- name: $(inputs.params.Service)
apiVersion: v1
kind: Service
uid: $(inputs.params.ServiceUID)
spec:
tls:
- secretName: $(inputs.params.CertificateSecretName)
hosts:
- $(inputs.params.ExternalDomain)
rules:
- host: $(inputs.params.ExternalDomain)
http:
paths:
- backend:
serviceName: $(inputs.params.Service)
servicePort: $(inputs.params.ServicePort)
EOF
else
cat <<EOF | kubectl create -f - || true
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: $(inputs.params.Service)
spec:
tls:
- secretName: $(inputs.params.CertificateSecretName)
hosts:
- $(inputs.params.ExternalDomain)
rules:
- host: $(inputs.params.ExternalDomain)
http:
paths:
- backend:
serviceName: $(inputs.params.Service)
servicePort: $(inputs.params.ServicePort)
EOF
fi
---
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: create-ingress-run
namespace: stage-tekton-pipeline
spec:
taskRef:
name: create-ingress
inputs:
params:
- name: CreateCertificate
value: "true"
- name: CertificateKeyPassphrase
value: asecretphrase
- name: CertificateSecretName
value: ingresssecret
- name: ExternalDomain
value: 35.233.93.220
- name: Service
value: getting-started
- name: ServicePort
value: "443"
timeout: 1000s
serviceAccountName: service-acc

274
testing-deploy.yaml Normal file
View File

@@ -0,0 +1,274 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: istio-project-1
labels:
istio-injection: enabled #zorgt voor auto sidecar injection
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: server-a
namespace: istio-project-1
spec:
replicas: 1
selector:
matchLabels:
server: "http"
app: "project-1" #app label bepaald groepering pods in kiali dashboard dus makkelijker te gebruiken
expose: "true"
template:
metadata:
labels:
server: "http"
app: "project-1"
expose: "true"
spec:
containers:
- name: front-end
image: beppev/server-a:master
imagePullPolicy: "Always"
ports:
- containerPort: 5000
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: server-b
namespace: istio-project-1
spec:
replicas: 1
selector:
matchLabels:
server: "http"
app: "project-1"
version: v1
backend: "true"
template:
metadata:
labels:
server: "http"
app: "project-1"
version: v1
backend: "true"
spec:
containers:
- name: front-end
image: beppev/server-b:master
imagePullPolicy: "Always"
ports:
- containerPort: 6000
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: server-b-test
namespace: istio-project-1
spec:
replicas: 1
selector:
matchLabels:
server: "http"
app: "project-1"
version: v2
backend: "true"
template:
metadata:
labels:
server: "http"
app: "project-1"
version: v2
backend: "true"
spec:
containers:
- name: front-end
image: beppev/server-b:experimental
imagePullPolicy: "Always"
ports:
- containerPort: 6000
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: server-d
namespace: istio-project-1
spec:
replicas: 1
selector:
matchLabels:
app: "project-1"
mirror: "true"
template:
metadata:
labels:
app: "project-1"
mirror: "true"
spec:
containers:
- name: front-end
image: beppev/server-d:master
ports:
- containerPort: 6000
---
apiVersion: v1
kind: Service
metadata:
name: mirror-service
namespace: istio-project-1
labels:
app: "project-1"
spec:
selector:
mirror: "true"
ports:
- name: http
protocol: TCP
port: 6000
---
apiVersion: v1
kind: Service
metadata:
name: server-check
namespace: istio-project-1
labels:
app: "project-1"
spec:
selector:
backend: "true"
ports:
- name: http
protocol: TCP
port: 6000
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: server-check-destination
namespace: istio-project-1
labels:
app: "project-1"
spec:
host: server-check
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: expose-server-gateway
namespace: istio-project-1
labels:
app: "project-1"
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
---
apiVersion: v1
kind: Service
metadata:
name: expose-server-service
namespace: istio-project-1
labels:
app: "project-1"
spec:
ports:
- name: http
port: 5000
protocol: TCP
selector:
expose: "true"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: expose-server-vservice
namespace: istio-project-1
labels:
app: "project-1"
spec:
hosts:
- "*"
gateways:
- expose-server-gateway
http:
- match:
- uri:
prefix: /server-a
route:
- destination:
port:
number: 5000
host: expose-server-service
- match:
- uri:
prefix: /server-d
route:
- destination:
port:
number: 7000
host: mirror-service
--- # TODO fix gateway zodat we ingress gateway kunnen gebruike ipv de fuken loadbalancer.
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: server-check-gateway
namespace: istio-project-1
labels:
app: "project-1"
spec:
selector:
expose: "true"
servers:
- port:
number: 6000
name: http
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: server-check-service
namespace: istio-project-1
labels:
app: "project-1"
spec:
hosts:
- "*"
gateways:
- expose-server-gateway
tcp:
- match:
- port: 6000
route:
- destination:
host: server-check
port:
number: 6000
subset: v1
weight: 50
- destination:
host: server-check
port:
number: 6000
subset: v2
weight: 50
mirror:
host: mirror-service
port:
number: 6000
mirror_percent: 100