Commit 3a630f9c authored by Nane Kratzke's avatar Nane Kratzke
Browse files

Yelb deploy

parent 4f97a543
# Lab 08 Observability
In diesem Lab nutzen wir den "legendären" [Sockshop](https://github.com/microservices-demo/microservices-demo) in einer für das Deployment minimal modifizierten Form.
Der Sockshop ist ein Online-Shop für Socken und wird gerne genutzt, um Microservice- und Cloud-native Technologien zu demonstrieren.
In diesem Lab nutzen wir [Yelb](https://github.com/microservices-demo/microservices-demo) in einer für unsere Deployment-Zwecke minimal modifizierten Form.
- Der Sockshop basiert auf [Spring Boot](http://projects.spring.io/spring-boot/), [Go kit](http://gokit.io) und [Node.js](https://nodejs.org).
- Als Datenbanken werden [MongoDB](https://www.mongodb.com) und [MySQL](https://www.mysql.com) eingesetzt.
- Als Messaging Dienst wird [RabbitMQ](https://www.rabbitmq.com) genutzt.
Yelb ist ein nicht wirklich ernst gemeinter "Healthy food recommendation"-Dienst und wird gerne genutzt, um Microservice- und Cloud-native Technologien zu demonstrieren.
Alle genannten Komponenten werden als öffentliche Container Images über Dockerhub bezogen.
Mehr über die Architekur des Sockshops finden Sie [hier](https://github.com/microservices-demo/microservices-demo/blob/master/internal-docs/design.md).
Yelb basiert auf den folgenden Komponenten:
- [NGINX](https://www.nginx.com) zum Ausliefern des webbasierten Front-Ends,
- einem REST-basierten App-Server ([Sinatra](http://sinatrarb.com)-based),
- einer [PostgreSQL](https://www.postgresql.org)-DB und
- [REDIS](https://redis.io) als In-Memory Cache.
Alle genannten Komponenten werden als öffentliche Container Images über Dockerhub bezogen. Mehr über die Architekur und Implementierung von Yelb finden Sie im [Repository](https://github.com/mreferre/yelb).
apiVersion: apps/v1
kind: Deployment
metadata:
name: carts-db
labels:
name: carts-db
spec:
selector:
matchLabels:
name: carts-db
replicas: 1
template:
metadata:
labels:
name: carts-db
spec:
containers:
- name: carts-db
image: mongo
ports:
- name: mongo
containerPort: 27017
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
name: carts-db
labels:
name: carts-db
spec:
ports:
- port: 27017
targetPort: 27017
selector:
name: carts-db
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: carts
labels:
name: carts
spec:
selector:
matchLabels:
name: carts
replicas: 1
template:
metadata:
labels:
name: carts
spec:
containers:
- name: carts
image: weaveworksdemos/carts:0.4.8
ports:
- containerPort: 80
env:
- name: ZIPKIN
value: zipkin.jaeger.svc.cluster.local
- name: JAVA_OPTS
value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
name: carts
labels:
name: carts
spec:
ports:
- port: 80
targetPort: 80
selector:
name: carts
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: catalogue-db
labels:
name: catalogue-db
spec:
selector:
matchLabels:
name: catalogue-db
replicas: 1
template:
metadata:
labels:
name: catalogue-db
spec:
containers:
- name: catalogue-db
image: weaveworksdemos/catalogue-db:0.3.0
env:
- name: MYSQL_ROOT_PASSWORD
value: fake_password
- name: MYSQL_DATABASE
value: socksdb
ports:
- name: mysql
containerPort: 3306
---
apiVersion: v1
kind: Service
metadata:
name: catalogue-db
labels:
name: catalogue-db
spec:
ports:
- port: 3306
targetPort: 3306
selector:
name: catalogue-db
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: catalogue
labels:
name: catalogue
spec:
selector:
matchLabels:
name: catalogue
replicas: 1
template:
metadata:
labels:
name: catalogue
spec:
containers:
- name: catalogue
image: weaveworksdemos/catalogue:0.3.5
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
nodeSelector:
beta.kubernetes.io/os: linux
---
apiVersion: v1
kind: Service
metadata:
name: catalogue
labels:
name: catalogue
spec:
ports:
- port: 80
targetPort: 80
selector:
name: catalogue
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: front-end
spec:
selector:
matchLabels:
name: front-end
replicas: 1
template:
metadata:
labels:
name: front-end
spec:
containers:
- name: front-end
image: weaveworksdemos/front-end:0.3.12
resources:
requests:
cpu: 100m
memory: 100Mi
ports:
- containerPort: 8079
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
readOnlyRootFilesystem: true
---
apiVersion: v1
kind: Service
metadata:
name: front-end
labels:
name: front-end
spec:
ports:
- port: 80
targetPort: 8079
selector:
name: front-end
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: orders-db
labels:
name: orders-db
spec:
selector:
matchLabels:
name: orders-db
replicas: 1
template:
metadata:
labels:
name: orders-db
spec:
containers:
- name: orders-db
image: mongo
ports:
- name: mongo
containerPort: 27017
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
name: orders-db
labels:
name: orders-db
spec:
ports:
- port: 27017
targetPort: 27017
selector:
name: orders-db
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: orders
labels:
name: orders
spec:
selector:
matchLabels:
name: orders
replicas: 1
template:
metadata:
labels:
name: orders
spec:
containers:
- name: orders
image: weaveworksdemos/orders:0.4.7
env:
- name: ZIPKIN
value: zipkin.jaeger.svc.cluster.local
- name: JAVA_OPTS
value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
name: orders
labels:
name: orders
spec:
ports:
- port: 80
targetPort: 80
selector:
name: orders
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: payment
labels:
name: payment
spec:
selector:
matchLabels:
name: payment
replicas: 1
template:
metadata:
labels:
name: payment
spec:
containers:
- name: payment
image: weaveworksdemos/payment:0.4.3
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
---
apiVersion: v1
kind: Service
metadata:
name: payment
labels:
name: payment
spec:
ports:
- port: 80
targetPort: 80
selector:
name: payment
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: queue-master
labels:
name: queue-master
spec:
selector:
matchLabels:
name: queue-master
replicas: 1
template:
metadata:
labels:
name: queue-master
spec:
containers:
- name: queue-master
image: weaveworksdemos/queue-master:0.3.1
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: queue-master
labels:
name: queue-master
annotations:
prometheus.io/path: "/prometheus"
spec:
ports:
- port: 80
targetPort: 80
selector:
name: queue-master
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rabbitmq
labels:
name: rabbitmq
spec:
selector:
matchLabels:
name: rabbitmq
replicas: 1
template:
metadata:
labels:
name: rabbitmq
spec:
containers:
- name: rabbitmq
image: rabbitmq:3.6.8
ports:
- containerPort: 5672
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
- DAC_OVERRIDE
readOnlyRootFilesystem: true
---
apiVersion: v1
kind: Service
metadata:
name: rabbitmq
labels:
name: rabbitmq
spec:
ports:
- port: 5672
targetPort: 5672
selector:
name: rabbitmq
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: shipping
labels:
name: shipping
spec:
selector:
matchLabels:
name: shipping
replicas: 1
template:
metadata:
labels:
name: shipping
spec:
containers:
- name: shipping
image: weaveworksdemos/shipping:0.4.8
env:
- name: ZIPKIN
value: zipkin.jaeger.svc.cluster.local
- name: JAVA_OPTS
value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
name: shipping
labels:
name: shipping
spec:
ports:
- port: 80
targetPort: 80
selector:
name: shipping
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: user-db
labels:
name: user-db
spec:
selector:
matchLabels:
name: user-db
replicas: 1
template:
metadata:
labels:
name: user-db
spec:
containers:
- name: user-db
image: weaveworksdemos/user-db:0.4.0
ports:
- name: mongo
containerPort: 27017
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
---
apiVersion: v1
kind: Service
metadata:
name: user-db
labels:
name: user-db
spec:
ports:
- port: 27017
targetPort: 27017
selector:
name: user-db
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: user
labels:
name: user
spec:
selector:
matchLabels:
name: user
replicas: 1
template:
metadata:
labels:
name: user
spec:
containers:
- name: user
image: weaveworksdemos/user:0.4.7
ports:
- containerPort: 80
env:
- name: MONGO_HOST
value: user-db:27017
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
---
apiVersion: v1
kind: Service