--- apiVersion: appmesh.k8s.aws/v1beta2 kind: Mesh metadata: name: $NAMESPACE_NAME spec: namespaceSelector: matchLabels: mesh: $NAMESPACE_NAME --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualNode metadata: name: djapp namespace: $NAMESPACE_NAME spec: podSelector: matchLabels: app: djapp listeners: - portMapping: port: 8080 protocol: http healthCheck: protocol: http path: '/ping' healthyThreshold: 2 unhealthyThreshold: 2 timeoutMillis: 2000 intervalMillis: 5000 backends: - virtualService: virtualServiceRef: name: metal - virtualService: virtualServiceRef: name: jazz serviceDiscovery: dns: hostname: djapp.$NAMESPACE_NAME.svc.cluster.local --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualNode metadata: name: jazz namespace: $NAMESPACE_NAME spec: podSelector: matchLabels: app: jazz listeners: - portMapping: port: 8080 protocol: http healthCheck: protocol: http path: '/ping' healthyThreshold: 2 unhealthyThreshold: 2 timeoutMillis: 2000 intervalMillis: 5000 serviceDiscovery: dns: hostname: jazz.$NAMESPACE_NAME.svc.cluster.local --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualNode metadata: name: metal-v1 namespace: $NAMESPACE_NAME spec: podSelector: matchLabels: app: metal version: v1 listeners: - portMapping: port: 8080 protocol: http healthCheck: protocol: http path: '/ping' healthyThreshold: 2 unhealthyThreshold: 2 timeoutMillis: 2000 intervalMillis: 5000 serviceDiscovery: dns: hostname: metal-v1.$NAMESPACE_NAME.svc.cluster.local --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualNode metadata: name: metal-v2 namespace: $NAMESPACE_NAME spec: podSelector: matchLabels: app: metal version: v2 listeners: - portMapping: port: 8080 protocol: http healthCheck: protocol: http path: '/ping' healthyThreshold: 2 unhealthyThreshold: 2 timeoutMillis: 2000 intervalMillis: 5000 serviceDiscovery: dns: hostname: metal-v2.$NAMESPACE_NAME.svc.cluster.local --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualRouter metadata: namespace: $NAMESPACE_NAME name: metal spec: listeners: - portMapping: port: 8080 protocol: http routes: - name: route httpRoute: match: prefix: / action: weightedTargets: - virtualNodeRef: name: metal-v1 weight: 60 - virtualNodeRef: name: metal-v2 weight: 40 --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualService metadata: name: djapp namespace: $NAMESPACE_NAME spec: awsName: djapp.$NAMESPACE_NAME.svc.cluster.local provider: virtualNode: virtualNodeRef: name: djapp --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualService metadata: name: metal namespace: $NAMESPACE_NAME spec: awsName: metal.$NAMESPACE_NAME.svc.cluster.local provider: virtualRouter: virtualRouterRef: name: metal --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualService metadata: name: jazz namespace: $NAMESPACE_NAME spec: awsName: jazz.$NAMESPACE_NAME.svc.cluster.local provider: virtualNode: virtualNodeRef: name: jazz --- apiVersion: appmesh.k8s.aws/v1beta2 kind: VirtualGateway metadata: name: ingress-gw namespace: $NAMESPACE_NAME spec: namespaceSelector: matchLabels: gateway: ingress-gw podSelector: matchLabels: app: ingress-gw listeners: - portMapping: port: 8080 protocol: http --- apiVersion: appmesh.k8s.aws/v1beta2 kind: GatewayRoute metadata: name: gateway-route namespace: $NAMESPACE_NAME spec: httpRoute: match: prefix: / action: target: virtualService: virtualServiceRef: name: djapp --- apiVersion: v1 kind: Service metadata: name: djapp namespace: $NAMESPACE_NAME spec: ports: - port: 8080 name: http selector: app: djapp --- apiVersion: apps/v1 kind: Deployment metadata: name: djapp namespace: $NAMESPACE_NAME spec: replicas: 2 selector: matchLabels: app: djapp template: metadata: labels: app: djapp spec: serviceAccountName: service-pod securityContext: fsGroup: 1337 containers: - name: app image: $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$NAMESPACE_NAME/djapp ports: - containerPort: 8080 env: - name: PORT value: '8080' - name: BACKENDS value: > [ "jazz.$NAMESPACE_NAME.svc.cluster.local:8080", "metal.$NAMESPACE_NAME.svc.cluster.local:8080" ] --- apiVersion: v1 kind: Service metadata: name: jazz namespace: $NAMESPACE_NAME spec: ports: - port: 8080 name: http selector: app: jazz --- apiVersion: apps/v1 kind: Deployment metadata: name: jazz namespace: $NAMESPACE_NAME spec: replicas: 2 selector: matchLabels: app: jazz template: metadata: labels: app: jazz spec: serviceAccountName: service-pod securityContext: fsGroup: 1337 containers: - name: app image: $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$NAMESPACE_NAME/djapp ports: - containerPort: 8080 env: - name: PORT value: '8080' - name: RESPONSES value: > [ "Astrud Gilberto", "Miles Davis" ] --- apiVersion: v1 kind: Service metadata: name: metal-v1 namespace: $NAMESPACE_NAME spec: ports: - port: 8080 name: http selector: app: metal version: v1 --- apiVersion: apps/v1 kind: Deployment metadata: name: metal-v1 namespace: $NAMESPACE_NAME labels: app: metal version: v1 spec: replicas: 2 selector: matchLabels: app: metal version: v1 template: metadata: labels: app: metal version: v1 spec: serviceAccountName: service-pod securityContext: fsGroup: 1337 containers: - name: app image: $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$NAMESPACE_NAME/djapp ports: - containerPort: 8080 env: - name: PORT value: '8080' - name: RESPONSES value: > [ "Megadeth", "Judas Priest" ] --- apiVersion: v1 kind: Service metadata: name: metal-v2 namespace: $NAMESPACE_NAME spec: ports: - port: 8080 name: http selector: app: metal version: v2 --- apiVersion: apps/v1 kind: Deployment metadata: name: metal-v2 namespace: $NAMESPACE_NAME spec: replicas: 2 selector: matchLabels: app: metal version: v2 template: metadata: labels: app: metal version: v2 spec: serviceAccountName: service-pod securityContext: fsGroup: 1337 containers: - name: app image: $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$NAMESPACE_NAME/djapp ports: - containerPort: 8080 env: - name: PORT value: '8080' - name: RESPONSES value: > [ "Megadeth (Los Angeles, California)", "Judas Priest (West Bromwich, England)" ] --- apiVersion: v1 kind: Service metadata: name: metal namespace: $NAMESPACE_NAME labels: app: metal spec: ports: - port: 8080 name: http selector: app: metal --- apiVersion: v1 kind: Service metadata: name: ingress-gw namespace: $NAMESPACE_NAME annotations: service.beta.kubernetes.io/aws-load-balancer-type: nlb spec: type: LoadBalancer ports: - port: 80 targetPort: 8080 name: http selector: app: ingress-gw --- apiVersion: apps/v1 kind: Deployment metadata: name: ingress-gw namespace: $NAMESPACE_NAME spec: replicas: 2 selector: matchLabels: app: ingress-gw template: metadata: labels: app: ingress-gw spec: serviceAccountName: service-pod securityContext: fsGroup: 1337 containers: - name: envoy image: $ENVOY_IMAGE ports: - containerPort: 8080 --- apiVersion: apps/v1 kind: DaemonSet metadata: name: cloudwatch-agent namespace: $NAMESPACE_NAME spec: selector: matchLabels: name: cloudwatch-agent template: metadata: labels: name: cloudwatch-agent annotations: appmesh.k8s.aws/sidecarInjectorWebhook: disabled spec: serviceAccountName: cloudwatch-agent containers: - name: cwagent image: public.ecr.aws/cloudwatch-agent/cloudwatch-agent:latest ports: - containerPort: 8125 hostPort: 8125 protocol: UDP env: - name: CW_CONFIG_CONTENT value: > { "agent": { "omit_hostname": true }, "metrics": { "namespace": "$NAMESPACE_NAME", "metrics_collected": { "statsd": {} } } }