Skip to content

Commit

Permalink
[tests] Add manifests for a test cluster
Browse files Browse the repository at this point in the history 
This is just a first pass at testing karch's deployments and upgrades,
soon will come a little program (written in bash or golang, most
likely) that will both:
 - run our test cluster and make sure that eventually, the "pong" app
   is reachable
 - if asked, move this cluster from its original kubernetes version A
   to a provided version B, roll upgrade the entire cluster while
   making sure that:
    * at the end, the pong app still is reachable
    * that it remains reachable all along the rolling upgrade process
  • Loading branch information
@elafarge
elafarge committed Dec 12, 2017
1 parent 6ca78b3 commit 0168c46
Show file tree
Hide file tree
Showing 11 changed files with 1,380 additions and 0 deletions.
82 changes: 82 additions & 0 deletions aws/test/k8s/backend/pong.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
# Just an example service to confirm that requests are routed to pods
# accordingly
apiVersion: v1
kind: Service
metadata:
name: pong
labels:
app: pong
spec:
selector:
app: pong
ports:
- protocol: TCP
port: 80
targetPort: 8000
name: http
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: pong
annotations:
kubernetes.io/tls-acme: "true"
spec:
tls:
- secretName: tls-pong
hosts:
- pong.${domain}
rules:
- host: pong.${domain}
http:
paths:
- path: /
backend:
serviceName: pong
servicePort: http
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: pong
labels:
app: pong
spec:
replicas: 1
revisionHistoryLimit: 1
selector:
matchLabels:
app: pong
template:
metadata:
labels:
app: pong
spec:
nodeSelector:
duty: webserver
containers:
- image: elafarge/http-logger
name: http-logger
imagePullPolicy: Always
resources:
limits:
cpu: 10m
memory: 10Mi
requests:
cpu: 10m
memory: 10Mi
livenessProbe:
httpGet:
scheme: HTTP
port: 8000
readinessProbe:
httpGet:
scheme: HTTP
port: 8000
args:
- -listen
- ":8000"
ports:
- name: http
containerPort: 8000
protocol: TCP
101 changes: 101 additions & 0 deletions aws/test/k8s/ingress/default-backend.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
kind: Service
apiVersion: v1
metadata:
name: default-backend
namespace: ingress
labels:
k8s-app: default-http-backend
k8s-addon: ingress-nginx.addons.k8s.io
app: default-backend
spec:
ports:
- port: 80
targetPort: http
selector:
app: default-backend
---
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: default-backend
namespace: ingress
spec:
minAvailable: 1
selector:
matchLabels:
app: default-backend
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: default-backend
namespace: ingress
spec:
scaleTargetRef:
apiVersion: extensions/v1beta1
kind: Deployment
name: default-backend
minReplicas: 2
maxReplicas: 5
targetCPUUtilizationPercentage: 70
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: default-backend
namespace: ingress
labels:
k8s-app: default-http-backend
k8s-addon: ingress-nginx.addons.k8s.io
app: default-backend
spec:
revisionHistoryLimit: 10
template:
metadata:
labels:
app: default-backend
spec:
nodeSelector:
duty: intake
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
image: gcr.io/google_containers/defaultbackend:1.4
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
ports:
- name: http
containerPort: 8080
protocol: TCP
restartPolicy: Always
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values: ["default-backend"]
topologyKey: kubernetes.io/hostname
- weight: 50
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values: ["default-backend"]
topologyKey: failure-domain.beta.kubernetes.io/zone
99 changes: 99 additions & 0 deletions aws/test/k8s/ingress/kube-lego.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
# Note: kube-lego fetches certificates from Let's Encrypt for you ingress
# domains automatically... however, we wouldn't recommend using it for
# production-critical workloads, unless you really don't want to pay for a
# wildcard certificate...
# ---

# ServiceAccount and Roles
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-lego
namespace: ingress
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: kube-lego
rules:
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- create
- update
- delete
- patch
- list
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- create
- update
- apiGroups:
- ""
resources:
- services
verbs:
- create
- get
- delete
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kube-lego
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kube-lego
subjects:
- kind: ServiceAccount
name: kube-lego
namespace: ingress
---

# The actual lego deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kube-lego
namespace: ingress
spec:
template:
metadata:
labels:
app: kube-lego
spec:
serviceAccountName: kube-lego
nodeSelector:
duty: intake
containers:
- name: kube-lego
image: jetstack/kube-lego:canary
imagePullPolicy: Always
ports:
- containerPort: 8080
env:
- name: LEGO_EMAIL
value: "[email protected]"
- name: LEGO_URL
value: "https://acme-v01.api.letsencrypt.org/directory"
- name: LEGO_NAMESPACE
value: ingress
- name: LEGO_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
readinessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 1
Loading

0 comments on commit 0168c46

Please sign in to comment.