Added K8s YAMLs and README

k8s-tutorial/README.md

@@ -0,0 +1,23 @@
+# Kubernetes Workshop
+
+This is a Workshop of some of the main concepts in kubernetes, it will be followed by a Helm Workshop. It covers the following functionality:
+
+1. Multiple namespaces (and example of communicating across them)
+1. A C# REST service
+1. A MySQL Database
+1. Secrets
+1. Load balancer services
+1. Ingress (to reach it via a url like `draftkingsk8s.com`)
+
+It can be run locally on your laptop _(we use minikube for the Workshop and have install instructions)_.
+
+## Workshop
+
+The actual workshop steps are located at [the DraftKings Blog](https://medium.com/draftkings-engineering)
+
+## Source Code
+
+This contains the source code for the Workshop in two parts:
+
+1. `/SampleRest` holds the C# application and Dockerfile that we'll use in the Workshop
+1. `/kubernetes-yamls` holds all the yamls we create in the Workshop

k8s-tutorial/kubernetes-yamls/app-db-credentials.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: db-credentials
+  # Because we define this here, it cannot be used in other namespaces
+  namespace: app-layer
+type: Opaque
+data:
+  # These are base-64 encoded values, which is not great if we want to 
+  # store this in git. There’s no k8s-native way around this, but there 
+  # are a number of solutions (such as SealedSecret). But we’ll see how in 
+  # Helm we can handle this by putting fake secrets in and then passing 
+  # them in at the command line.
+  #
+  # These are: root, dbpassword1
+  db-username: cm9vdA==
+  db-password: ZGJwYXNzd29yZDE=

k8s-tutorial/kubernetes-yamls/app-layer-namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: app-layer

k8s-tutorial/kubernetes-yamls/app-rest-deployment.yaml

@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: app-rest
+  namespace: app-layer
+  labels:
+    app: app-rest
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: app-rest
+  template:
+    metadata:
+      labels:
+        app: app-rest
+    spec:
+      containers:
+        - name: app-rest
+          image: samplerest:latest
+          imagePullPolicy: Never
+          ports:
+            - containerPort: 5000
+          env:
+            - name: MYSQL_ROOT_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: db-username
+            - name: MYSQL_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: db-credentials
+                  key: db-password
+            - name: MYSQL_URL
+              value: db-service

k8s-tutorial/kubernetes-yamls/app-rest-ingress.yaml

@@ -0,0 +1,26 @@
+# Yes, this version is correct
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: rest-ingress
+  namespace: app-layer
+
+  # Annotations are how we can pass specific configuration to
+  # components. In this case Nginx's controller allows passing
+  # specific behavior properties to Nginx via annotations. 
+  #  
+  # https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/
+  annotations:
+    # In some scenarios the exposed URL in the backend service differs from the 
+    # specified path in the Ingress rule. Without a rewrite any request will 
+    # return 404. We are asking Nginx to rewrite this to the path the service expects.
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+spec:
+  rules:
+    - host: draftkingsk8s.com
+      http:
+        paths:
+          - path: /
+            backend:
+              serviceName: app-rest
+              servicePort: 5000

k8s-tutorial/kubernetes-yamls/app-rest-service.yaml

@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: app-rest
+  namespace: app-layer
+  labels:
+    app: app-rest
+# This specification will create a Service which targets 
+# the TCP port 5000 on any Pod with the "app: app-rest" label,
+# and expose it on the abstracted Service port
+spec:
+  selector:
+    app: app-rest
+  # This is the default, so we didn't need to specify
+  # it, but do so for clarity
+  type: ClusterIP
+  ports:
+   - protocol: TCP
+     # The port exposed by this service
+     port: 5000
+     # The port to target on the pod this service is abstracting.
+     # It can be ommitted and then the "port" above will be used
+     targetPort: 5000

k8s-tutorial/kubernetes-yamls/data-layer-namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: data-layer

k8s-tutorial/kubernetes-yamls/db-credentials.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: db-credentials
+  # Because we define this here, it cannot be used in other namespaces
+  namespace: data-layer
+type: Opaque
+data:
+  # These are base-64 encoded values, which is not great if we want to 
+  # store this in git. There’s no k8s-native way around this, but there 
+  # are a number of solutions (such as SealedSecret). But we’ll see how in 
+  # Helm we can handle this by putting fake secrets in and then passing 
+  # them in at the command line.
+  #
+  # These are: root, dbpassword1
+  db-username: cm9vdA==
+  db-password: ZGJwYXNzd29yZDE=

k8s-tutorial/kubernetes-yamls/db-deployment.yaml

@@ -0,0 +1,27 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: db-service
+  namespace: data-layer
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: db-service
+  template:
+    metadata:
+      labels:
+        app: db-service
+    spec:
+      containers:
+        - image: mysql:5.6
+          name: mysql
+          env:
+            - name: MYSQL_ROOT_PASSWORD
+              valueFrom: 
+                secretKeyRef:
+                  name: db-credentials
+                  key: db-password
+          ports:
+            - containerPort: 3306
+              name: mysql

k8s-tutorial/kubernetes-yamls/db-external-name.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: db-service
+  namespace: app-layer
+spec:
+  type: ExternalName
+  externalName: db-service.data-layer.svc.cluster.local
+  ports:
+    - port: 3306

k8s-tutorial/kubernetes-yamls/db-service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: db-service
+  namespace: data-layer
+spec:
+  selector:
+    app: db-service
+  ports:
+   - port: 3306
+  # This creates a "headless" service where we don't need
+  # load balancing, since we're only going to have 1
+  # replica
+  # https://kubernetes.io/docs/concepts/services-networking/service/#headless-services
+  clusterIP: None