---
apiVersion: v1
kind: Namespace
metadata:
name: sockshop
labels:
name: sockshop
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: carts-db
labels:
name: carts-db
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: carts-db
template:
metadata:
labels:
name: carts-db
spec:
containers:
- name: carts-db
image: public.ecr.aws/hoseok/sockshop/mongo
ports:
- name: mongo
containerPort: 27017
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
nodeSelector:
kubernetes.io/os: linux
---
apiVersion: v1
kind: Service
metadata:
name: carts-db
labels:
name: carts-db
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 27017
targetPort: 27017
selector:
name: carts-db
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: carts
labels:
name: carts
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: carts
template:
metadata:
labels:
name: carts
spec:
containers:
- name: carts
image: public.ecr.aws/hoseok/sockshop/carts:0.4.8
ports:
- containerPort: 80
env:
- name: ZIPKIN
value: zipkin.jaeger.svc.cluster.local
- name: JAVA_OPTS
value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- carts
- carts-db
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: carts
labels:
name: carts
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 80
targetPort: 80
selector:
name: carts
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: catalogue-db
labels:
name: catalogue-db
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: catalogue-db
template:
metadata:
labels:
name: catalogue-db
spec:
containers:
- name: catalogue-db
image: public.ecr.aws/hoseok/sockshop/catalogue-db:0.3.0
env:
- name: MYSQL_ROOT_PASSWORD
value: fake_password
- name: MYSQL_DATABASE
value: socksdb
ports:
- name: mysql
containerPort: 3306
nodeSelector:
kubernetes.io/os: linux
---
apiVersion: v1
kind: Service
metadata:
name: catalogue-db
labels:
name: catalogue-db
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 3306
targetPort: 3306
selector:
name: catalogue-db
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: catalogue
labels:
name: catalogue
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: catalogue
template:
metadata:
labels:
name: catalogue
spec:
containers:
- name: catalogue
image: public.ecr.aws/hoseok/sockshop/catalogue:0.3.5
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- catalogue
- catalogue-db
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: catalogue
labels:
name: catalogue
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 80
targetPort: 80
selector:
name: catalogue
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: front-end
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: front-end
template:
metadata:
labels:
name: front-end
spec:
containers:
- name: front-end
image: public.ecr.aws/hoseok/sockshop/front-end:0.3.12
resources:
requests:
cpu: 100m
memory: 100Mi
ports:
- containerPort: 8079
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
readOnlyRootFilesystem: true
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- front-end
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: front-end
labels:
name: front-end
namespace: sockshop
spec:
type: NodePort
ports:
- port: 80
targetPort: 8079
nodePort: 30001
selector:
name: front-end
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: orders-db
labels:
name: orders-db
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: orders-db
template:
metadata:
labels:
name: orders-db
spec:
containers:
- name: orders-db
image: public.ecr.aws/hoseok/sockshop/mongo
ports:
- name: mongo
containerPort: 27017
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
nodeSelector:
kubernetes.io/os: linux
---
apiVersion: v1
kind: Service
metadata:
name: orders-db
labels:
name: orders-db
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 27017
targetPort: 27017
selector:
name: orders-db
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: orders
labels:
name: orders
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: orders
template:
metadata:
labels:
name: orders
spec:
containers:
- name: orders
image: public.ecr.aws/hoseok/sockshop/orders:0.4.7
env:
- name: ZIPKIN
value: zipkin.jaeger.svc.cluster.local
- name: JAVA_OPTS
value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- orders
- orders-db
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: orders
labels:
name: orders
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 80
targetPort: 80
selector:
name: orders
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: payment
labels:
name: payment
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: payment
template:
metadata:
labels:
name: payment
spec:
containers:
- name: payment
image: public.ecr.aws/hoseok/sockshop/payment:0.4.3
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- payment
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: payment
labels:
name: payment
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 80
targetPort: 80
selector:
name: payment
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: queue-master
labels:
name: queue-master
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: queue-master
template:
metadata:
labels:
name: queue-master
spec:
containers:
- name: queue-master
image: public.ecr.aws/hoseok/sockshop/queue-master:0.3.1
ports:
- containerPort: 80
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- queue-master
- shipping
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: queue-master
labels:
name: queue-master
annotations:
prometheus.io/path: "/prometheus"
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 80
targetPort: 80
selector:
name: queue-master
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rabbitmq
labels:
name: rabbitmq
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: rabbitmq
template:
metadata:
labels:
name: rabbitmq
spec:
containers:
- name: rabbitmq
image: public.ecr.aws/hoseok/sockshop/rabbitmq:3.6.8-management
ports:
- containerPort: 5672
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
- DAC_OVERRIDE
readOnlyRootFilesystem: true
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- rabbitmq
- shipping
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: rabbitmq
labels:
name: rabbitmq
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 5672
targetPort: 5672
selector:
name: rabbitmq
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: shipping
labels:
name: shipping
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: shipping
template:
metadata:
labels:
name: shipping
spec:
containers:
- name: shipping
image: public.ecr.aws/hoseok/sockshop/shipping:0.4.8
env:
- name: ZIPKIN
value: zipkin.jaeger.svc.cluster.local
- name: JAVA_OPTS
value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- shipping
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: shipping
labels:
name: shipping
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 80
targetPort: 80
selector:
name: shipping
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: user-db
labels:
name: user-db
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: user-db
template:
metadata:
labels:
name: user-db
spec:
containers:
- name: user-db
image: public.ecr.aws/hoseok/sockshop/user-db:0.4.0
ports:
- name: mongo
containerPort: 27017
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp-volume
volumes:
- name: tmp-volume
emptyDir:
medium: Memory
nodeSelector:
kubernetes.io/os: linux
---
apiVersion: v1
kind: Service
metadata:
name: user-db
labels:
name: user-db
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 27017
targetPort: 27017
selector:
name: user-db
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: user
labels:
name: user
namespace: sockshop
spec:
replicas: 3
selector:
matchLabels:
name: user
template:
metadata:
labels:
name: user
spec:
containers:
- name: user
image: public.ecr.aws/hoseok/sockshop/user:0.4.7
ports:
- containerPort: 80
env:
- name: MONGO_HOST
value: user-db:27017
securityContext:
runAsNonRoot: true
runAsUser: 10001
capabilities:
drop:
- all
add:
- NET_BIND_SERVICE
readOnlyRootFilesystem: true
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- user
- user-db
topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
name: user
labels:
name: user
namespace: sockshop
spec:
ports:
# the port that this service should serve on
- port: 80
targetPort: 80
selector:
name: user