Skip to content

Commit

Permalink
service-mesh: add ingress deployment
Browse files Browse the repository at this point in the history
  • Loading branch information
3u13r committed Mar 8, 2024
1 parent 8859b00 commit 43285a8
Show file tree
Hide file tree
Showing 8 changed files with 444 additions and 1 deletion.
48 changes: 48 additions & 0 deletions deployments/emojivoto-sm-ingress/coordinator.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: coordinator
namespace: edg-default
spec:
selector:
matchLabels:
app.kubernetes.io/name: coordinator
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: coordinator
annotations:
contrast.edgeless.systems/pod-role: coordinator
spec:
runtimeClassName: kata-cc-isolation
containers:
- name: coordinator
image: "ghcr.io/edgelesssys/contrast/coordinator:latest"
ports:
- containerPort: 7777
- containerPort: 1313
env:
- name: contrast_LOG_LEVEL
value: "debug"
resources:
requests:
memory: 100Mi
limits:
memory: 100Mi
---
apiVersion: v1
kind: Service
metadata:
name: coordinator
namespace: edg-default
spec:
ports:
- name: intercom
port: 7777
protocol: TCP
- name: coordapi
port: 1313
protocol: TCP
selector:
app.kubernetes.io/name: coordinator
105 changes: 105 additions & 0 deletions deployments/emojivoto-sm-ingress/emoji.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
kind: ServiceAccount
apiVersion: v1
metadata:
name: emoji
namespace: edg-default
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: emoji
namespace: edg-default
labels:
app.kubernetes.io/name: emoji
app.kubernetes.io/part-of: emojivoto
app.kubernetes.io/version: v11
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: emoji-svc
version: v11
template:
metadata:
labels:
app.kubernetes.io/name: emoji-svc
version: v11
spec:
runtimeClassName: kata-cc-isolation
initContainers:
- name: initializer
image: "ghcr.io/edgelesssys/contrast/initializer:latest"
env:
- name: COORDINATOR_HOST
value: coordinator
volumeMounts:
- name: tls-certs
mountPath: /tls-config
resources:
requests:
memory: 50Mi
limits:
memory: 50Mi
- name: sidecar
image: "ghcr.io/edgelesssys/contrast/service-mesh-proxy:latest"
restartPolicy: Always
volumeMounts:
- name: tls-certs
mountPath: /tls-config
env:
- name: EDG_PROXY_CONFIG
value: ""
securityContext:
privileged: true
capabilities:
add:
- NET_ADMIN
- NET_RAW
serviceAccountName: emoji
containers:
- env:
- name: GRPC_PORT
value: "8080"
- name: PROM_PORT
value: "8801"
- name: EDG_CERT_PATH
value: /tls-config/certChain.pem
- name: EDG_CA_PATH
value: /tls-config/MeshCACert.pem
- name: EDG_KEY_PATH
value: /tls-config/key.pem
image: docker.l5d.io/buoyantio/emojivoto-emoji-svc:v11
name: emoji-svc
ports:
- containerPort: 8080
name: grpc
- containerPort: 8801
name: prom
resources:
requests:
cpu: 100m
memory: 50Mi
limits:
memory: 50Mi
volumeMounts:
- name: tls-certs
mountPath: /tls-config
volumes:
- name: tls-certs
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: emoji-svc
namespace: edg-default
spec:
selector:
app.kubernetes.io/name: emoji-svc
ports:
- name: grpc
port: 8080
targetPort: 8080
- name: prom
port: 8801
targetPort: 8801
4 changes: 4 additions & 0 deletions deployments/emojivoto-sm-ingress/ns.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: edg-default
59 changes: 59 additions & 0 deletions deployments/emojivoto-sm-ingress/portforwarder.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
apiVersion: v1
kind: Pod
metadata:
name: port-forwarder-coordinator
namespace: edg-default
labels:
app.kubernetes.io/name: port-forwarder-coordinator
spec:
containers:
- name: port-forwarder
image: "ghcr.io/edgelesssys/contrast/port-forwarder:latest"
env:
- name: LISTEN_PORT
value: "1313"
- name: FORWARD_HOST
value: coordinator
- name: FORWARD_PORT
value: "1313"
command:
- /bin/bash
- "-c"
- echo Starting port-forward with socat; exec socat -d -d TCP-LISTEN:${LISTEN_PORT},fork TCP:${FORWARD_HOST}:${FORWARD_PORT}
ports:
- containerPort: 1313
resources:
requests:
memory: 50Mi
limits:
memory: 50Mi
---
apiVersion: v1
kind: Pod
metadata:
name: port-forwarder-emojivoto-web
namespace: edg-default
labels:
app.kubernetes.io/name: port-forwarder-emojivoto-web
spec:
containers:
- name: port-forwarder
image: "ghcr.io/edgelesssys/contrast/port-forwarder:latest"
env:
- name: LISTEN_PORT
value: "8080"
- name: FORWARD_HOST
value: web-svc
- name: FORWARD_PORT
value: "443"
command:
- /bin/bash
- "-c"
- echo Starting port-forward with socat; exec socat -d -d TCP-LISTEN:${LISTEN_PORT},fork TCP:${FORWARD_HOST}:${FORWARD_PORT}
ports:
- containerPort: 8080
resources:
requests:
memory: 50Mi
limits:
memory: 50Mi
35 changes: 35 additions & 0 deletions deployments/emojivoto-sm-ingress/vote-bot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: vote-bot
namespace: edg-default
labels:
app.kubernetes.io/name: vote-bot
app.kubernetes.io/part-of: emojivoto
app.kubernetes.io/version: v11
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: vote-bot
version: v11
template:
metadata:
labels:
app.kubernetes.io/name: vote-bot
version: v11
spec:
containers:
- command:
- emojivoto-vote-bot
env:
- name: WEB_HOST
value: web-svc:443
image: ghcr.io/3u13r/emojivoto-web:coco-1
name: vote-bot
resources:
requests:
cpu: 10m
memory: 25Mi
limits:
memory: 25Mi
105 changes: 105 additions & 0 deletions deployments/emojivoto-sm-ingress/voting.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
kind: ServiceAccount
apiVersion: v1
metadata:
name: voting
namespace: edg-default
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: voting
namespace: edg-default
labels:
app.kubernetes.io/name: voting
app.kubernetes.io/part-of: emojivoto
app.kubernetes.io/version: v11
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: voting-svc
version: v11
template:
metadata:
labels:
app.kubernetes.io/name: voting-svc
version: v11
spec:
runtimeClassName: kata-cc-isolation
initContainers:
- name: initializer
image: "ghcr.io/edgelesssys/contrast/initializer:latest"
env:
- name: COORDINATOR_HOST
value: coordinator
volumeMounts:
- name: tls-certs
mountPath: /tls-config
resources:
requests:
memory: 50Mi
limits:
memory: 50Mi
- name: sidecar
image: "ghcr.io/edgelesssys/contrast/service-mesh-proxy:latest"
restartPolicy: Always
volumeMounts:
- name: tls-certs
mountPath: /tls-config
env:
- name: EDG_PROXY_CONFIG
value: ""
securityContext:
privileged: true
capabilities:
add:
- NET_ADMIN
- NET_RAW
serviceAccountName: voting
containers:
- env:
- name: GRPC_PORT
value: "8080"
- name: PROM_PORT
value: "8801"
- name: EDG_CERT_PATH
value: /tls-config/certChain.pem
- name: EDG_CA_PATH
value: /tls-config/MeshCACert.pem
- name: EDG_KEY_PATH
value: /tls-config/key.pem
image: docker.l5d.io/buoyantio/emojivoto-voting-svc:v11
name: voting-svc
ports:
- containerPort: 8080
name: grpc
- containerPort: 8801
name: prom
resources:
requests:
cpu: 100m
memory: 50Mi
limits:
memory: 50Mi
volumeMounts:
- name: tls-certs
mountPath: /tls-config
volumes:
- name: tls-certs
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: voting-svc
namespace: edg-default
spec:
selector:
app.kubernetes.io/name: voting-svc
ports:
- name: grpc
port: 8080
targetPort: 8080
- name: prom
port: 8801
targetPort: 8801
Loading

0 comments on commit 43285a8

Please sign in to comment.