├── .devcontainer ├── Dockerfile └── devcontainer.json ├── .gitignore ├── LICENSE ├── README.md ├── SECURITY.md ├── _config.yml ├── app-experimental ├── auth-api │ ├── .gitignore │ ├── Dockerfile │ ├── README.md │ ├── app.js │ ├── bin │ │ └── www │ ├── config │ │ ├── db-mongo.js │ │ └── options.js │ ├── package-lock.json │ ├── package.json │ ├── public │ │ └── stylesheets │ │ │ └── style.css │ ├── routes │ │ └── auth.js │ └── views │ │ ├── error.hbs │ │ ├── index.hbs │ │ └── layout.hbs ├── br-load │ ├── Dockerfile │ ├── data-api-load.yaml │ ├── package-lock.json │ └── package.json ├── cache-api-old │ ├── .gitignore │ ├── Dockerfile │ ├── README.md │ └── src │ │ ├── .env_examples │ │ ├── package-lock.json │ │ ├── package.json │ │ └── server.js ├── cache-api │ ├── .gitignore │ ├── Dockerfile │ ├── app.js │ ├── bin │ │ └── www │ ├── favicon.ico │ ├── models │ │ ├── express │ │ │ └── jsonResponse.js │ │ └── util │ │ │ ├── site.js │ │ │ └── status.js │ ├── package-lock.json │ ├── package.json │ └── routes │ │ └── api.js ├── data-api │ ├── Dockerfile │ ├── README.md │ └── src │ │ ├── .env_examples │ │ ├── .gitignore │ │ ├── Gemfile │ │ ├── Gemfile.lock │ │ └── server.rb ├── flights-api │ ├── .gitignore │ ├── Dockerfile │ ├── README.md │ └── src │ │ ├── .env_examples │ │ ├── package-lock.json │ │ ├── package.json │ │ └── server.js ├── geojson-subscriber │ ├── README.md │ └── src │ │ ├── app.js │ │ ├── package-lock.json │ │ └── package.json ├── kube-api │ ├── Dockerfile │ ├── app.js │ ├── bin │ │ └── www │ ├── deploy-web.yaml │ ├── deploy.yaml │ ├── package-lock.json │ ├── package.json │ ├── public │ │ └── stylesheets │ │ │ └── style.css │ ├── routes │ │ ├── nodes.js │ │ └── pods.js │ └── views │ │ ├── error.hbs │ │ ├── index.hbs │ │ └── layout.hbs ├── load-test-artillery │ ├── Dockerfile │ ├── data-api-load.yaml │ ├── data-refresh.yaml │ └── package.json ├── open-sky-adapter-api │ ├── Dockerfile │ ├── README.md │ ├── flask-site-nginx.conf │ ├── nginx.conf │ ├── src │ │ ├── .gitignore │ │ ├── requirements.txt │ │ └── server.py │ ├── supervisord.conf │ └── uwsgi.ini └── open-sky-cronjob │ ├── Dockerfile │ ├── README.md │ └── src │ ├── .env_examples │ ├── .gitignore │ ├── job.py │ └── requirements.txt ├── app ├── data-api │ ├── .gitignore │ ├── Dockerfile │ ├── app.js │ ├── bin │ │ └── www │ ├── models │ │ ├── express │ │ │ └── jsonResponse.js │ │ ├── mongo │ │ │ ├── flights.js │ │ │ ├── latestFlight.js │ │ │ ├── latestQuake.js │ │ │ ├── latestWeather.js │ │ │ ├── quakes.js │ │ │ └── weather.js │ │ └── util │ │ │ ├── site.js │ │ │ └── status.js │ ├── package-lock.json │ ├── package.json │ └── routes │ │ └── api.js ├── data-updater │ ├── Dockerfile │ ├── app.js │ ├── models │ │ ├── express │ │ │ └── jsonResponse.js │ │ └── mongo │ │ │ ├── flights.js │ │ │ ├── latestFlight.js │ │ │ ├── latestQuake.js │ │ │ ├── latestWeather.js │ │ │ ├── quakes.js │ │ │ └── weather.js │ ├── package-lock.json │ └── package.json ├── flights-api │ ├── .gitignore │ ├── Dockerfile │ ├── app.js │ ├── bin │ │ └── www │ ├── models │ │ ├── express │ │ │ └── jsonResponse.js │ │ └── util │ │ │ ├── site.js │ │ │ └── status.js │ ├── package-lock.json │ ├── package.json │ └── routes │ │ └── api.js ├── quakes-api │ ├── .gitignore │ ├── Dockerfile │ ├── app.js │ ├── bin │ │ └── www │ ├── models │ │ ├── express │ │ │ └── jsonResponse.js │ │ └── util │ │ │ ├── site.js │ │ │ └── status.js │ ├── package-lock.json │ ├── package.json │ └── routes │ │ └── api.js ├── sample-go │ ├── Dockerfile │ ├── README.md │ ├── app.go │ ├── css │ │ └── site.css │ ├── fonts │ │ └── segoeuil.ttf │ ├── img │ │ └── successCloudNew.svg │ └── views │ │ └── index.html ├── service-tracker-ui │ ├── .babelrc │ ├── .editorconfig │ ├── .eslintrc │ ├── .gitignore │ ├── Dockerfile │ ├── README.md │ ├── package-lock.json │ ├── package.json │ ├── public │ │ ├── favicon.ico │ │ └── index.html │ ├── src │ │ ├── App.vue │ │ ├── assets │ │ │ ├── css │ │ │ │ └── themify-icons.css │ │ │ ├── fonts │ │ │ │ ├── glyphicons-halflings-regular.448c34a.woff2 │ │ │ │ ├── glyphicons-halflings-regular.e18bbf6.ttf │ │ │ │ ├── glyphicons-halflings-regular.f4769f9.eot │ │ │ │ ├── glyphicons-halflings-regular.fa27723.woff │ │ │ │ ├── themify.eot │ │ │ │ ├── themify.svg │ │ │ │ ├── themify.ttf │ │ │ │ └── themify.woff │ │ │ ├── img │ │ │ │ ├── apple-icon.png │ │ │ │ ├── background.jpg │ │ │ │ ├── faces │ │ │ │ │ ├── face-0.jpg │ │ │ │ │ ├── face-1.jpg │ │ │ │ │ ├── face-2.jpg │ │ │ │ │ └── face-3.jpg │ │ │ │ ├── favicon.ico │ │ │ │ ├── favicon.png │ │ │ │ ├── glyphicons-halflings-regular.8988968.svg │ │ │ │ ├── k8s │ │ │ │ │ ├── pod-200-100.png │ │ │ │ │ └── pod.psd │ │ │ │ ├── msft_logo_125.png │ │ │ │ ├── msft_logo_24.png │ │ │ │ ├── msft_logo_30.png │ │ │ │ ├── msft_logo_400.png │ │ │ │ └── vue-logo.png │ │ │ └── sass │ │ │ │ ├── paper-dashboard.scss │ │ │ │ └── paper │ │ │ │ ├── _alerts.scss │ │ │ │ ├── _buttons.scss │ │ │ │ ├── _cards.scss │ │ │ │ ├── _chartist.scss │ │ │ │ ├── _checkbox-radio.scss │ │ │ │ ├── _dropdown.scss │ │ │ │ ├── _footers.scss │ │ │ │ ├── _inputs.scss │ │ │ │ ├── _misc.scss │ │ │ │ ├── _mixins.scss │ │ │ │ ├── _navbars.scss │ │ │ │ ├── _responsive.scss │ │ │ │ ├── _sidebar-and-main-panel.scss │ │ │ │ ├── _tables.scss │ │ │ │ ├── _typography.scss │ │ │ │ ├── _variables.scss │ │ │ │ └── mixins │ │ │ │ ├── _buttons.scss │ │ │ │ ├── _cards.scss │ │ │ │ ├── _chartist.scss │ │ │ │ ├── _icons.scss │ │ │ │ ├── _inputs.scss │ │ │ │ ├── _labels.scss │ │ │ │ ├── _navbars.scss │ │ │ │ ├── _sidebar.scss │ │ │ │ ├── _tabs.scss │ │ │ │ ├── _transparency.scss │ │ │ │ └── _vendor-prefixes.scss │ │ ├── components │ │ │ ├── Cards │ │ │ │ ├── Card.vue │ │ │ │ ├── ChartCard.vue │ │ │ │ ├── ObjectCard.vue │ │ │ │ ├── Pod.vue │ │ │ │ ├── PodCard.vue │ │ │ │ └── StatsCard.vue │ │ │ ├── SidebarPlugin │ │ │ │ ├── MovingArrow.vue │ │ │ │ ├── SideBar.vue │ │ │ │ ├── SidebarLink.vue │ │ │ │ └── index.js │ │ │ └── index.js │ │ ├── layout │ │ │ └── dashboard │ │ │ │ ├── Content.vue │ │ │ │ ├── ContentFooter.vue │ │ │ │ ├── DashboardLayout.vue │ │ │ │ ├── MobileMenu.vue │ │ │ │ └── TopNavbar.vue │ │ ├── main.js │ │ ├── pages │ │ │ ├── Dashboard.vue │ │ │ ├── Earthquakes.vue │ │ │ ├── Flights.vue │ │ │ ├── NotFoundPage.vue │ │ │ ├── UserProfile.vue │ │ │ ├── UserProfile │ │ │ │ ├── EditProfileForm.vue │ │ │ │ ├── MembersCard.vue │ │ │ │ └── UserCard.vue │ │ │ └── Weather.vue │ │ ├── plugins │ │ │ └── paperDashboard.js │ │ └── router │ │ │ ├── index.js │ │ │ └── routes.js │ └── vue.config.js └── weather-api │ ├── .env.local │ ├── .gitignore │ ├── Dockerfile │ ├── app.js │ ├── bin │ └── www │ ├── models │ ├── express │ │ └── jsonResponse.js │ └── util │ │ ├── site.js │ │ └── status.js │ ├── package-lock.json │ ├── package.json │ ├── resources │ ├── accuweather_regions.json │ ├── accuweather_regions_NAM.json │ ├── accuweather_top100_cities_example.json │ ├── accuweather_top_1000_cities_us.js │ ├── airports-current.js │ ├── aw_condition_response_example.js │ ├── aw_top1000_cities_pk.js │ ├── aw_top1000_geojson.txt │ ├── aw_top25_cities_pk.js │ ├── aw_top25_cities_us.js │ ├── styleExample.js │ └── weather.gov.stations.json │ └── routes │ └── api.js ├── assets └── img │ ├── app-architecture.png │ ├── diagram-source.xml │ ├── ms_azure_logo_50.png │ ├── ms_azure_logo_72.png │ ├── msft_logo_24.png │ └── msft_logo_50.png ├── azure-pipelines.yml ├── charts ├── data-api │ ├── Chart.yaml │ ├── templates │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ └── service.yaml │ └── values.yaml ├── flights-api │ ├── Chart.yaml │ ├── templates │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ └── service.yaml │ └── values.yaml ├── mongo │ ├── mongodb-client.yaml │ ├── mongodb-deployment.yaml │ ├── mongodb-pvc.yaml │ ├── mongodb-secrets.yaml │ └── mongodb-svc.yaml ├── quakes-api │ ├── Chart.yaml │ ├── templates │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ └── service.yaml │ └── values.yaml ├── service-tracker-ui │ ├── Chart.yaml │ ├── templates │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ └── service.yaml │ └── values.yaml └── weather-api │ ├── Chart.yaml │ ├── templates │ ├── _helpers.tpl │ ├── deployment.yaml │ └── service.yaml │ └── values.yaml ├── labs ├── aci │ ├── README.md │ ├── aci-data-updater.png │ ├── service-tracker-ui.yaml │ └── virtual-node.yaml ├── best-practices │ ├── README.md │ ├── appdev │ │ ├── README.md │ │ ├── cosmos-reset-password.png │ │ ├── data-api-error.yaml │ │ ├── data-api-probes.yaml │ │ ├── data-api │ │ │ ├── .gitignore │ │ │ ├── Dockerfile │ │ │ ├── app.js │ │ │ ├── bin │ │ │ │ └── www │ │ │ ├── models │ │ │ │ ├── express │ │ │ │ │ └── jsonResponse.js │ │ │ │ ├── mongo │ │ │ │ │ ├── flights.js │ │ │ │ │ ├── latestFlight.js │ │ │ │ │ ├── latestQuake.js │ │ │ │ │ ├── latestWeather.js │ │ │ │ │ ├── quakes.js │ │ │ │ │ └── weather.js │ │ │ │ └── util │ │ │ │ │ ├── site.js │ │ │ │ │ └── status.js │ │ │ ├── package-lock.json │ │ │ ├── package.json │ │ │ └── routes │ │ │ │ └── api.js │ │ ├── flights-api │ │ │ ├── .gitignore │ │ │ ├── Dockerfile │ │ │ ├── app.js │ │ │ ├── bin │ │ │ │ └── www │ │ │ ├── favicon.ico │ │ │ ├── models │ │ │ │ ├── express │ │ │ │ │ └── jsonResponse.js │ │ │ │ └── util │ │ │ │ │ ├── site.js │ │ │ │ │ └── status.js │ │ │ ├── package-lock.json │ │ │ ├── package.json │ │ │ └── routes │ │ │ │ └── api.js │ │ ├── quakes-api.yaml │ │ └── weather-api.yaml │ └── operators │ │ ├── README.md │ │ ├── pod-disruption-budget.yaml │ │ └── sa-kube-advisor.yaml ├── build-application │ ├── README.md │ ├── app-Insights.json │ ├── app-insights.png │ └── reg-acr.sh ├── cicd-automation │ ├── README.md │ ├── azure-devops │ │ ├── README.md │ │ ├── azure-do-artifact.png │ │ ├── azure-do-azurecli.png │ │ ├── azure-do-build.png │ │ ├── azure-do-cli.png │ │ ├── azure-do-helm-task.png │ │ ├── azure-do-import.png │ │ ├── azure-do-new-project.png │ │ ├── azure-do-pipeline-artifact.png │ │ ├── azure-do-publish.png │ │ ├── azure-do-release-artifact.png │ │ ├── azure-do-release.png │ │ ├── azure-do-use-classic.png │ │ └── workflow.png │ ├── brigade │ │ ├── README.md │ │ ├── brigade-rbac.yaml │ │ ├── brigade.js │ │ ├── github-clone.png │ │ ├── github-dev-settings.png │ │ ├── github-fork.png │ │ ├── github-token.png │ │ └── github-webhook.png │ └── jenkins │ │ ├── Jenkinsfile │ │ ├── README.md │ │ ├── img │ │ ├── az-creds.png │ │ ├── branch-config.png │ │ ├── branch-resource.png │ │ ├── build-history.png │ │ ├── console-log.png │ │ ├── github-clone.png │ │ ├── github-fork.png │ │ ├── jenkins-aks.png │ │ ├── jenkins-master.png │ │ └── modify_acr.png │ │ ├── jenkins-rbac.yaml │ │ ├── jenkins-values.yaml │ │ └── values.yaml ├── create-aks-cluster │ ├── README.md │ ├── azuredeploy-loganalytics.json │ ├── create-namespaces.yaml │ ├── img-cloud-shell.png │ ├── namespace-limitranges.yaml │ └── namespace-quotas.yaml ├── dev-spaces │ └── README.md ├── helm-setup-deploy │ ├── README.md │ ├── rbac-config.yaml │ └── service-tracker-ui.png ├── k8s-dash │ └── rbac-update.yaml ├── lab-style-template.md ├── monitoring-logging │ ├── README.md │ ├── azure-monitor │ │ ├── README.md │ │ ├── aks-cluster-performance.png │ │ ├── app-insights-dashboard.png │ │ ├── cluster-logs.png │ │ ├── containers-images.png │ │ ├── containers-logs.png │ │ ├── containers-tab.png │ │ ├── diagnostics-categories.png │ │ └── enable-masternode-logs.png │ ├── kubecost │ │ ├── 0_create-azure-cost-export │ │ │ └── README.md │ │ ├── 1_create-aks-cluster │ │ │ ├── README.md │ │ │ └── step1.png │ │ ├── 2_install-kubecost-on-aks │ │ │ ├── README.md │ │ │ ├── kubecost-cost-analyzer.yml │ │ │ ├── step2_1.png │ │ │ └── step2_2.png │ │ ├── 3_kubecost-api │ │ │ └── README.md │ │ ├── README.md │ │ └── fp-landing.svg │ └── prometheus-grafana │ │ ├── README.md │ │ ├── img-alertmanager-ui.png │ │ ├── img-grafana-dashboard.png │ │ ├── img-prometheus-alerts-resolved.png │ │ ├── img-prometheus-alerts.png │ │ ├── img-prometheus-dashboard.png │ │ ├── img-prometheus-operator.png │ │ ├── img-prometheus-ui.png │ │ ├── prom-graf-alert-rule.yaml │ │ ├── prom-graf-kube-dns-metrics-patch.yaml │ │ ├── prom-graf-sample-go-app.yaml │ │ ├── prom-graf-servicemonitor.yaml │ │ └── values.yaml ├── networking │ ├── F5NGINX │ │ └── Azure │ │ │ └── labs │ │ │ ├── lab0 │ │ │ └── readme.md │ │ │ ├── lab1 │ │ │ ├── dashboard-vs.yaml │ │ │ ├── jwt-nginx-plus-ingress.yaml │ │ │ ├── jwt-readme.md │ │ │ ├── loadbalancer.yaml │ │ │ ├── media │ │ │ │ ├── exit-to-exit-pod.png │ │ │ │ ├── more-command-q-quit.png │ │ │ │ └── plus-dashboard.png │ │ │ ├── nginx-plus-ingress.yaml │ │ │ └── readme.md │ │ │ ├── lab2 │ │ │ ├── cafe-secret.yaml │ │ │ ├── cafe-virtualserver.yaml │ │ │ ├── cafe.yaml │ │ │ ├── media │ │ │ │ ├── lab2_allow-insecure-chrome.png │ │ │ │ ├── lab2_cafe_diagram.png │ │ │ │ ├── lab2_cafe_secret_yaml.png │ │ │ │ ├── lab2_cafe_vs_yaml1.png │ │ │ │ ├── lab2_cafe_vs_yaml2.png │ │ │ │ ├── lab2_cafe_yaml.png │ │ │ │ ├── lab2_chrome_inspect.png │ │ │ │ ├── lab2_coffee_dashboard.png │ │ │ │ ├── lab2_http_upstream.png │ │ │ │ ├── lab2_http_zones.png │ │ │ │ ├── lab2_milk.png │ │ │ │ └── lab2_redirect.png │ │ │ └── readme.md │ │ │ ├── lab3 │ │ │ ├── cafe-virtualserver.yaml │ │ │ ├── client-secret.yaml │ │ │ ├── media │ │ │ │ ├── App_Registration.png │ │ │ │ ├── Authentication_add_platform.png │ │ │ │ ├── Fill_Secret_details.png │ │ │ │ ├── New_Secret_Creation.png │ │ │ │ ├── Post_App_Registration.png │ │ │ │ ├── Post_Secret_Creation.png │ │ │ │ ├── curl_output.png │ │ │ │ ├── endpoints.png │ │ │ │ └── redirect_url_setup.png │ │ │ ├── nginx-config.yaml │ │ │ ├── oidc-policy.yaml │ │ │ └── readme.md │ │ │ ├── lab4 │ │ │ ├── NGINX-Basic.json │ │ │ ├── NGINXPlusICDashboard.json │ │ │ ├── grafana-secret.yaml │ │ │ ├── grafana-vs.yaml │ │ │ ├── grafana-vsr.yaml │ │ │ ├── media │ │ │ │ ├── ext_grafana_login.png │ │ │ │ ├── ext_grafana_welcome.png │ │ │ │ ├── grafana-icon.png │ │ │ │ ├── grafana_add_prometheus.png │ │ │ │ ├── grafana_data_source.png │ │ │ │ ├── grafana_imports.png │ │ │ │ ├── grafana_json_load.png │ │ │ │ ├── grafana_json_load2.png │ │ │ │ ├── grafana_nginx_basic.png │ │ │ │ ├── grafana_nic_dashboard.png │ │ │ │ ├── grafana_no_data.png │ │ │ │ ├── grafana_no_data_fix.png │ │ │ │ ├── grafana_open_basic_dashboard.png │ │ │ │ ├── grafana_open_nic_dashboard.png │ │ │ │ ├── grafana_prometheus_ds.png │ │ │ │ ├── helm-icon.png │ │ │ │ ├── prometheus-icon.png │ │ │ │ ├── prometheus_graph.png │ │ │ │ └── prometheus_statistics_list.png │ │ │ ├── prometheus-vs.yaml │ │ │ └── readme.md │ │ │ ├── lab5 │ │ │ ├── nginx-fips-logging.yaml │ │ │ └── readme.md │ │ │ ├── media │ │ │ ├── alpine-icon.png │ │ │ ├── azure-aks-icon.png │ │ │ ├── kubernetes-icon.png │ │ │ ├── lab5_nginx-fips-azure.png │ │ │ ├── nginx-ingress-icon.png │ │ │ ├── nginx-plus-icon.png │ │ │ ├── nicworkshop-banner copy.png │ │ │ ├── nicworkshop-banner.png │ │ │ ├── openssl_logo.png │ │ │ ├── tls-cipher-suite.png │ │ │ └── vs-code-icon.png │ │ │ └── readme.md │ ├── README.md │ ├── calico-lab-exercise │ │ ├── README.md │ │ ├── demo │ │ │ ├── 10-security-controls │ │ │ │ ├── allow-kube-dns.yaml │ │ │ │ ├── default-allow-kube-dns.yaml │ │ │ │ ├── default-deny.yaml │ │ │ │ ├── feodo-block-policy.yaml │ │ │ │ ├── feodotracker.threatfeed.yaml │ │ │ │ └── staged.default-deny.yaml │ │ │ ├── 20-egress-access-controls │ │ │ │ ├── allow-busybox.yaml │ │ │ │ ├── allow-ip-access.yaml │ │ │ │ ├── centos-to-frontend.yaml │ │ │ │ ├── default-centos-to-frontend.yaml │ │ │ │ ├── deny-nginx.yaml │ │ │ │ ├── dns-policy.netset.yaml │ │ │ │ ├── dns-policy.yaml │ │ │ │ ├── external-ips.yaml │ │ │ │ ├── netset.external-apis.yaml │ │ │ │ └── security.dns-policy.netset.yaml │ │ │ ├── 40-compliance-reports │ │ │ │ ├── boutiqueshop-reports.yaml │ │ │ │ ├── cluster-reports.yaml │ │ │ │ └── daily-cis-results.yaml │ │ │ ├── 50-alerts │ │ │ │ ├── globalnetworkset.changed.yaml │ │ │ │ ├── unsanctioned.dns.access.yaml │ │ │ │ └── unsanctioned.lateral.access.yaml │ │ │ ├── 60-host-end-point │ │ │ │ └── frontend-nodeport-access.yaml │ │ │ ├── 80-packet-capture │ │ │ │ └── packet-capture.yaml │ │ │ ├── 90-anomaly-detection │ │ │ │ └── ad-alerts.yaml │ │ │ ├── boutiqueshop │ │ │ │ ├── boutique-app.manifests.yaml │ │ │ │ ├── policies.yaml │ │ │ │ ├── staged.default-deny.yaml │ │ │ │ └── staged.policies.yaml │ │ │ ├── dev │ │ │ │ ├── app.manifests.yaml │ │ │ │ └── policies.yaml │ │ │ ├── tiers │ │ │ │ └── tiers.yaml │ │ │ └── win-demo │ │ │ │ ├── linux-pods.yaml │ │ │ │ └── win-pods.yaml │ │ └── modules │ │ │ ├── calicocloud │ │ │ ├── anomaly-detection.md │ │ │ ├── configuring-demo-apps.md │ │ │ ├── creating-aks-cluster.md │ │ │ ├── enable-l7-visibility.md │ │ │ ├── host-end-point.md │ │ │ ├── joining-aks-to-calico-cloud.md │ │ │ ├── packet-capture.md │ │ │ ├── using-alerts.md │ │ │ ├── using-compliance-reports.md │ │ │ ├── using-dns-controls.md │ │ │ ├── using-observability-tools.md │ │ │ └── workshop-cleanup.md │ │ │ ├── calicooss │ │ │ ├── calico-for-windows.md │ │ │ ├── configuring-demo-apps.md │ │ │ ├── creating-aks-calico-policy.md │ │ │ ├── ebpf-dataplane.md │ │ │ ├── using-security-controls.md │ │ │ └── wireguard-encryption.md │ │ │ └── img │ │ │ ├── add-DNS-in-networkset.png │ │ │ ├── alerts-view.png │ │ │ ├── anomaly-detection-alert.png │ │ │ ├── anomaly-detection-config.png │ │ │ ├── calico-cloud-login.png │ │ │ ├── calico-cloud-registering.gif │ │ │ ├── calico-on-aks.png │ │ │ ├── choose-aks.png │ │ │ ├── cloudshell.png │ │ │ ├── cluster-selection.png │ │ │ ├── compliance-report.png │ │ │ ├── connect-cluster.png │ │ │ ├── create-dns-policy.png │ │ │ ├── dashboard-default-deny.png │ │ │ ├── dashboard-overall-view.png │ │ │ ├── default-centos-to-frontend.png │ │ │ ├── demo-diagram.png │ │ │ ├── dns-alert.png │ │ │ ├── dns-network-set.png │ │ │ ├── dns-policy.png │ │ │ ├── download-packet-capture.png │ │ │ ├── download.png │ │ │ ├── drop-down-menu.png │ │ │ ├── edit-policy.png │ │ │ ├── endpoints-view.png │ │ │ ├── expand-menu.png │ │ │ ├── flow-viz.png │ │ │ ├── frontend-packet-capture.png │ │ │ ├── get-start.png │ │ │ ├── global-default-deny.png │ │ │ ├── global-network-set.png │ │ │ ├── hep-policy-networkset.png │ │ │ ├── hep-policy.png │ │ │ ├── hep-service-graph.png │ │ │ ├── honeypod-threat-alert.png │ │ │ ├── initiate-pc.png │ │ │ ├── kibana-dashboard.png │ │ │ ├── kibana-flow-logs.png │ │ │ ├── managed-cluster.png │ │ │ ├── network-set-grid.png │ │ │ ├── networkset-hep-flowlog.png │ │ │ ├── networkset-hep.png │ │ │ ├── packet-capture-ui.png │ │ │ ├── policies-board-stats.png │ │ │ ├── policies-board.png │ │ │ ├── redis-pcap.png │ │ │ ├── schedule-packet-capture-job.png │ │ │ ├── schedule-packet-capture.png │ │ │ ├── script.png │ │ │ ├── select-ep.png │ │ │ ├── selecting-cluster.gif │ │ │ ├── service-graph-default.png │ │ │ ├── service-graph-l7.png │ │ │ ├── service-graph-node.png │ │ │ ├── service-graph-top-level.png │ │ │ ├── staged-default-deny.png │ │ │ ├── test-packet-capture.png │ │ │ ├── timeline-view.png │ │ │ └── windows-demo.png │ ├── ingress │ │ ├── README.md │ │ ├── app-ingress.yaml │ │ ├── certificate.yaml │ │ ├── cluster-issuer.yaml │ │ ├── configure-publicip-dns.sh │ │ ├── lets-encrypt.md.md │ │ └── service-tracker-ingress.yaml │ └── network-policy │ │ ├── README.md │ │ ├── allow-default-namespace-with-egress.yaml │ │ ├── allow-default-namespace-with-ingress.yaml │ │ ├── allow-default-namespace.yaml │ │ ├── block-access-to-data-api.yaml │ │ ├── deny-all.yaml │ │ ├── fix-access-data-api.yaml │ │ ├── fix-access-namespace.yaml │ │ ├── img-refresh-error.png │ │ ├── kube-router-rbac.yaml │ │ ├── kube-router.yaml │ │ └── old-lab.md ├── paas │ └── otomi │ │ ├── .gitignore │ │ ├── 1_create_aks_cluster │ │ ├── README.md │ │ └── img-cloud-shell.png │ │ ├── 2_install_otomi │ │ └── README.md │ │ ├── 3_create_team │ │ └── README.md │ │ ├── 4_netpols │ │ └── README.md │ │ ├── 5_activate_apps │ │ └── README.md │ │ ├── 6_knative │ │ └── README.md │ │ ├── README.md │ │ └── otomi-console.png ├── scaling │ ├── README.md │ └── hpa.yaml ├── security │ ├── README.md │ ├── create-rbacwithazuread-cluster │ │ ├── README.md │ │ ├── aksrbac-clusteradmin.yaml │ │ ├── aksrbac-viewdefault.yaml │ │ ├── img-create-azuread.png │ │ ├── img-new-azuread.png │ │ └── img-select-azuread.png │ └── secure-tiller │ │ ├── README.md │ │ ├── openssl-with-ca.cnf │ │ ├── tiller-namespace-setup.sh │ │ └── tiller-rbac-config.yaml ├── service-broker │ └── README.md ├── servicemesh │ ├── README.md │ ├── istio │ │ └── README.md │ └── linkerd │ │ ├── README.md │ │ ├── debug-emojivoto.sh │ │ ├── linkerd-dashboard.png │ │ └── service-profiles.sh ├── storage │ ├── README.md │ ├── portworx │ │ ├── README.md │ │ ├── images │ │ │ ├── appio-0.jpg │ │ │ ├── appio-1.jpg │ │ │ ├── appio-2.jpg │ │ │ ├── appio-3.jpg │ │ │ ├── grafana-0.jpg │ │ │ ├── grafana-1.jpg │ │ │ ├── pxbbq-1.jpg │ │ │ ├── pxbbq-2.jpg │ │ │ ├── pxbbq-3.jpg │ │ │ ├── pxbbq-4.jpg │ │ │ ├── pxbbq-5.jpg │ │ │ ├── pxbbq-6.jpg │ │ │ ├── pxbbq-7.jpg │ │ │ └── pxbbq-8.jpg │ │ └── yaml │ │ │ ├── autopilot-app.yaml │ │ │ ├── autopilot-postgres.yaml │ │ │ ├── autopilotrule.yaml │ │ │ ├── block-sc.yaml │ │ │ ├── busyboxpod.yaml │ │ │ ├── file-sc.yaml │ │ │ ├── grafana.yaml │ │ │ ├── group-sc.yaml │ │ │ ├── install-grafana.sh │ │ │ ├── mongo-snapshot.yaml │ │ │ ├── mysql-app.yaml │ │ │ ├── mysql-groupsnapshot.yaml │ │ │ ├── mysql-postsnap-rule.yaml │ │ │ ├── mysql-presnap-rule.yaml │ │ │ ├── mysql-restore-app.yaml │ │ │ ├── namespaces.yaml │ │ │ ├── pvc-from-snap.yaml │ │ │ ├── pxbbq-frontend-tc.yaml │ │ │ ├── pxbbq-frontend.yaml │ │ │ ├── pxbbq-mongo-restore.yaml │ │ │ ├── pxbbq-mongo-tc.yaml │ │ │ ├── pxbbq-mongo.yaml │ │ │ ├── rand-write.fio │ │ │ ├── recoverpv.yaml │ │ │ ├── sharedpvc.yaml │ │ │ ├── trash-sc.yaml │ │ │ └── wrapuplab.sh │ ├── pvcs │ │ └── README.md │ └── statefulsets │ │ ├── README.md │ │ ├── values-production.yaml │ │ └── values.yaml └── troubleshooting.md ├── notes.md ├── slides └── Kubernetes Hackfest - March 2020.pptx.zip └── test-tasks.yaml /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | # Using the azure CLI container so we dont have to install that to start 2 | FROM mcr.microsoft.com/azure-cli 3 | 4 | RUN apk update 5 | 6 | # Install tools 7 | RUN apk add nano vim tcpdump tmux 8 | 9 | RUN apk add zsh \ 10 | && sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" 11 | 12 | RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \ 13 | && install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl \ 14 | && rm kubectl 15 | 16 | RUN curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 \ 17 | && chmod 700 get_helm.sh \ 18 | && ./get_helm.sh \ 19 | && rm get_helm.sh -------------------------------------------------------------------------------- /_config.yml: -------------------------------------------------------------------------------- 1 | theme: jekyll-theme-minimal -------------------------------------------------------------------------------- /app-experimental/auth-api/.gitignore: -------------------------------------------------------------------------------- 1 | src/.env -------------------------------------------------------------------------------- /app-experimental/auth-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY src/package*.json ./ 5 | RUN npm install 6 | 7 | COPY src/ . 8 | 9 | EXPOSE 3000 10 | 11 | CMD [ "npm", "run", "dev" ] -------------------------------------------------------------------------------- /app-experimental/auth-api/config/options.js: -------------------------------------------------------------------------------- 1 | var types = Object.freeze({ 2 | LOCAL: 1, 3 | MONGODB: 2, 4 | COSMOSDB: 3 5 | }); 6 | 7 | module.exports = types; 8 | -------------------------------------------------------------------------------- /app-experimental/auth-api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "msft-gbb-k8s-auth-api", 3 | "version": "1.0.0", 4 | "description": "Azure Kubernetes Hackfest", 5 | "author": "Joey Schluchter ", 6 | "private": true, 7 | "scripts": { 8 | "local": "NODE_ENV='development' AUTH_TYPE='1' node ./bin/www ", 9 | "dev": "cross-env-shell NODE_ENV='development' AUTH_TYPE='3' node ./bin/www", 10 | "container": "NODE_ENV='development' AUTH_TYPE='3' node ./bin/www" 11 | }, 12 | "dependencies": { 13 | "bcryptjs": "^2.4.3", 14 | "bluebird": "^3.5.1", 15 | "cookie-parser": "~1.4.3", 16 | "cross-env": "^5.2.0", 17 | "debug": "~2.6.9", 18 | "dotenv": "^6.0.0", 19 | "express": "~4.16.0", 20 | "hbs": "^4.0.4", 21 | "http-errors": "~1.6.2", 22 | "jwt-simple": "^0.5.6", 23 | "moment": "^2.22.2", 24 | "mongoose": "^5.5.12", 25 | "morgan": "^1.9.1" 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /app-experimental/auth-api/public/stylesheets/style.css: -------------------------------------------------------------------------------- 1 | body { 2 | padding: 50px; 3 | font: 14px "Lucida Grande", Helvetica, Arial, sans-serif; 4 | } 5 | 6 | a { 7 | color: #00B7FF; 8 | } 9 | -------------------------------------------------------------------------------- /app-experimental/auth-api/views/error.hbs: -------------------------------------------------------------------------------- 1 |

{{message}}

2 |

{{error.status}}

3 | 
{{error.stack}}
4 | -------------------------------------------------------------------------------- /app-experimental/auth-api/views/index.hbs: -------------------------------------------------------------------------------- 1 |

{{title}}

2 |

Welcome to {{title}}

3 | -------------------------------------------------------------------------------- /app-experimental/auth-api/views/layout.hbs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | {{title}} 5 | 6 | 7 | 8 | {{{body}}} 9 | 10 | 11 | -------------------------------------------------------------------------------- /app-experimental/br-load/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | RUN npm -g config set user root 5 | RUN npm -g install artillery 6 | ENV load_duration 1 7 | ENV load_rate 1 8 | ENV load_url google.com 9 | 10 | COPY . . 11 | ENTRYPOINT artillery quick -d ${load_duration} -r ${load_rate} http://${load_url} 12 | 13 | 14 | -------------------------------------------------------------------------------- /app-experimental/br-load/data-api-load.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | target: 'http://137.135.101.232:3003' 3 | phases: 4 | - duration: 5 5 | arrivalCount: 1 6 | defaults: 7 | headers: 8 | If-None-Match: '*' 9 | If-Modified-Since: 'Fri, 1 Jan 2021 07:28:00 GMT' 10 | scenarios: 11 | - flow: 12 | - get: 13 | url: "/latest" -------------------------------------------------------------------------------- /app-experimental/br-load/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "load-api", 3 | "version": "0.1.6", 4 | "private": true, 5 | "scripts": { 6 | "refresh": "artillery run data-api-load.yaml" 7 | }, 8 | "dependencies": { 9 | "artillery": "^1.6.0-28" 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /app-experimental/cache-api-old/.gitignore: -------------------------------------------------------------------------------- 1 | src/node_modules/ 2 | .DS_STORE 3 | .env -------------------------------------------------------------------------------- /app-experimental/cache-api-old/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY src/package*.json ./ 5 | RUN npm install 6 | 7 | COPY src/ . 8 | 9 | EXPOSE 3000 10 | 11 | CMD [ "npm", "start" ] -------------------------------------------------------------------------------- /app-experimental/cache-api-old/src/.env_examples: -------------------------------------------------------------------------------- 1 | export SERVERHOST="0.0.0.0" 2 | export SERVERPORT="3000" 3 | 4 | export REDISCACHEEXPIRATIONTIMEOUT="10" 5 | export REDISHOST="localhost" 6 | export REDISPORT="6379" -------------------------------------------------------------------------------- /app-experimental/cache-api-old/src/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "cache-api-node", 3 | "version": "1.0.0", 4 | "description": "An unintelligent api that will grab flight data from a redis cache", 5 | "main": "server.js", 6 | "scripts": { 7 | "test": "echo \"Error: no test specified\" && exit 1", 8 | "start": "node server.js" 9 | }, 10 | "author": "Ray Kao", 11 | "license": "ISC", 12 | "dependencies": { 13 | "redis": "^2.8.0", 14 | "restify": "^7.2.1" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /app-experimental/cache-api/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | node_modules/ 3 | npm-debug.log 4 | .idea/ 5 | dist/ 6 | .env 7 | .env.local 8 | .env.staging 9 | -------------------------------------------------------------------------------- /app-experimental/cache-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm ci 6 | 7 | COPY . . 8 | ENV NODE_ENV "development" 9 | EXPOSE 3003 10 | 11 | CMD [ "npm", "run", "container" ] -------------------------------------------------------------------------------- /app-experimental/cache-api/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app-experimental/cache-api/favicon.ico -------------------------------------------------------------------------------- /app-experimental/cache-api/models/express/jsonResponse.js: -------------------------------------------------------------------------------- 1 | /** 2 | * JSON Response for Express Web API's 3 | * @param {object} res - Express Response Object 4 | * @param {any} msg - Response message as property in object 5 | * @param {number} status - HTTP Status code 6 | * @param {object} payload - JSON payload object 7 | */ 8 | 9 | module.exports.json = (res, msg, status, payload) => { 10 | 11 | res.json( { message: msg, payload: payload } ).status( status ) 12 | 13 | } -------------------------------------------------------------------------------- /app-experimental/cache-api/models/util/site.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Site-related details 3 | * @prop {string} name - Site name 4 | * @prop {string} CACHE_SET_EVENT - Cache set event name 5 | * @prop {string} CACHE_GET_EVENT - Cache get event name 6 | */ 7 | 8 | module.exports.name = 'cache api' 9 | module.exports.CACHE_SET_EVENT = 'cache set event' 10 | module.exports.CACHE_GET_EVENT = 'cache get event' -------------------------------------------------------------------------------- /app-experimental/cache-api/models/util/status.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Response status codes 3 | * 200 - OK 4 | * 500 - Server Error 5 | */ 6 | 7 | module.exports.OK = { code: 200, msg: 'Ok'} 8 | module.exports.ERR = { code: 500, msg: 'Error'} -------------------------------------------------------------------------------- /app-experimental/data-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ruby 2 | 3 | WORKDIR /usr/src/app 4 | COPY src/ ./ 5 | 6 | RUN gem install bundler 7 | RUN bundle install 8 | 9 | EXPOSE 4567 10 | 11 | CMD [ "ruby", "server.rb" ] -------------------------------------------------------------------------------- /app-experimental/data-api/src/.env_examples: -------------------------------------------------------------------------------- 1 | export MONGOURI="cosmos-name.documents.azure.com:10255/temp?ssl=true" 2 | export MONGOPWD="cosmos-password-string" 3 | export MONGOUSER="cosmos-name" 4 | export MONGODB="databasename" 5 | export MONGODBSSL=true 6 | export HOSTADDRESS="0.0.0.0" 7 | export HOSTPORT="4567" 8 | export HOSTENVIRONMENT="production" 9 | export CACHESERVERPROTOCOL="http://" 10 | export CACHESERVER="localhost" 11 | export CACHESERVERPORT="3000" -------------------------------------------------------------------------------- /app-experimental/data-api/src/.gitignore: -------------------------------------------------------------------------------- 1 | .env -------------------------------------------------------------------------------- /app-experimental/data-api/src/Gemfile: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | source "https://rubygems.org" 4 | 5 | git_source(:github) {|repo_name| "https://github.com/#{repo_name}" } 6 | 7 | gem 'sinatra', '~> 2.0', '>= 2.0.3' 8 | gem 'sinatra-contrib', '~> 2.0.3' 9 | gem 'mongo', '~> 2.6' 10 | gem 'thin', '~> 1.7.2' -------------------------------------------------------------------------------- /app-experimental/flights-api/.gitignore: -------------------------------------------------------------------------------- 1 | src/.env -------------------------------------------------------------------------------- /app-experimental/flights-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY src/package*.json ./ 5 | RUN npm install 6 | 7 | COPY src/ . 8 | 9 | EXPOSE 3000 10 | 11 | CMD [ "npm", "start" ] -------------------------------------------------------------------------------- /app-experimental/flights-api/src/.env_examples: -------------------------------------------------------------------------------- 1 | export SERVERHOST="0.0.0.0" 2 | export SERVERPORT="4000" 3 | 4 | export DBAPIHOST="localhost" 5 | export DBAPIPORT="4567" 6 | 7 | export CACHEAPIHOST="localhost" 8 | export CACHEAPIPORT="3000" 9 | 10 | # Optional value to define contacting data-api and cache-api, defaults to http in code 11 | export HTTPPROTOCOL="http://" -------------------------------------------------------------------------------- /app-experimental/flights-api/src/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "flights-api", 3 | "version": "1.0.0", 4 | "description": "a microservie api to get flight data", 5 | "main": "server.js", 6 | "scripts": { 7 | "test": "echo \"Error: no test specified\" && exit 1" 8 | }, 9 | "author": "Ray Kao", 10 | "license": "ISC", 11 | "dependencies": { 12 | "node-fetch": "^2.6.1", 13 | "restify": "^7.2.1" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /app-experimental/geojson-subscriber/README.md: -------------------------------------------------------------------------------- 1 | # GeoJSON Subscriber 2 | 3 | This service subscribes to the ```'/flights/states/all'``` channel in our message queue (i.e. Redis), peforms some data transforms and then publishes the new formatted data to a new channel ```'/flights/currentflights'```. That is all. -------------------------------------------------------------------------------- /app-experimental/geojson-subscriber/src/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "geojson-subscriber", 3 | "version": "1.0.0", 4 | "description": "", 5 | "main": "app.js", 6 | "scripts": { 7 | "test": "echo \"Error: no test specified\" && exit 1" 8 | }, 9 | "author": "Ray Kao", 10 | "license": "ISC", 11 | "dependencies": { 12 | "async": "^2.6.1", 13 | "redis": "^2.8.0" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /app-experimental/kube-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:10.7.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm install 6 | 7 | COPY . . 8 | 9 | EXPOSE 3000 10 | 11 | CMD [ "npm", "run", "dev" ] 12 | -------------------------------------------------------------------------------- /app-experimental/kube-api/deploy-web.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: demo-jw 5 | spec: 6 | containers: 7 | - name: jw-web 8 | image: sonofjorel/rating-web:v1 9 | imagePullPolicy: Always 10 | ports: 11 | - containerPort: 8080 12 | -------------------------------------------------------------------------------- /app-experimental/kube-api/deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: kube-api 5 | spec: 6 | containers: 7 | - name: kube-api-cntr 8 | image: sonofjorel/kube-node-api:v1 9 | imagePullPolicy: Always 10 | ports: 11 | - containerPort: 3000 12 | -------------------------------------------------------------------------------- /app-experimental/kube-api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "kube-api", 3 | "version": "0.0.0", 4 | "private": true, 5 | "scripts": { 6 | "start": "node ./bin/www", 7 | "dev": "node ./bin/www" 8 | }, 9 | "dependencies": { 10 | "@kubernetes/client-node": "^0.9.1", 11 | "async": "^2.6.1", 12 | "cookie-parser": "~1.4.3", 13 | "debug": "~2.6.9", 14 | "express": "~4.16.0", 15 | "hbs": "^4.0.4", 16 | "http-errors": "~1.6.2", 17 | "morgan": "^1.9.1" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /app-experimental/kube-api/public/stylesheets/style.css: -------------------------------------------------------------------------------- 1 | body { 2 | padding: 50px; 3 | font: 14px "Lucida Grande", Helvetica, Arial, sans-serif; 4 | } 5 | 6 | a { 7 | color: #00B7FF; 8 | } 9 | -------------------------------------------------------------------------------- /app-experimental/kube-api/views/error.hbs: -------------------------------------------------------------------------------- 1 |

{{message}}

2 |

{{error.status}}

3 | 
{{error.stack}}
4 | -------------------------------------------------------------------------------- /app-experimental/kube-api/views/index.hbs: -------------------------------------------------------------------------------- 1 |

{{title}}

2 |

Welcome to {{title}}

3 | -------------------------------------------------------------------------------- /app-experimental/kube-api/views/layout.hbs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | {{title}} 5 | 6 | 7 | 8 | {{{body}}} 9 | 10 | 11 | -------------------------------------------------------------------------------- /app-experimental/load-test-artillery/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY *.yaml ./ 5 | RUN npm -g config set user root 6 | RUN npm -g install artillery 7 | 8 | COPY . . 9 | 10 | CMD [ "artillery", "run", "data-api-load.yaml" ] -------------------------------------------------------------------------------- /app-experimental/load-test-artillery/data-api-load.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | target: 'http://localhost:3009' 3 | phases: 4 | - duration: 60 5 | arrivalCount: 10 6 | defaults: 7 | headers: 8 | If-None-Match: '*' 9 | If-Modified-Since: 'Fri, 1 Jan 2021 07:28:00 GMT' 10 | scenarios: 11 | - flow: 12 | - get: 13 | url: "/get/latest/flights" 14 | capture: 15 | json: "$.payload[0].Timestamp" 16 | as: "fstamp" 17 | - get: 18 | url: "/get/flights/{{ fstamp }}" 19 | 20 | 21 | -------------------------------------------------------------------------------- /app-experimental/load-test-artillery/data-refresh.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | target: 'http:/' 3 | phases: 4 | - duration: 5 5 | arrivalCount: 1 6 | defaults: 7 | headers: 8 | If-None-Match: '*' 9 | If-Modified-Since: 'Fri, 1 Jan 2021 07:28:00 GMT' 10 | scenarios: 11 | - flow: 12 | - get: 13 | url: "/10.1.0.55:3003/refresh" 14 | - get: 15 | url: "/10.1.0.55:3012/refresh" 16 | 17 | 18 | -------------------------------------------------------------------------------- /app-experimental/load-test-artillery/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "load-api", 3 | "version": "0.1.6", 4 | "private": true, 5 | "scripts": { 6 | "refresh": "artillery run data-refresh.yaml" 7 | }, 8 | "dependencies": { 9 | "artillery": "~1.6.0" 10 | } 11 | } -------------------------------------------------------------------------------- /app-experimental/open-sky-adapter-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine 2 | 3 | COPY src/requirements.txt /tmp/requirements.txt 4 | 5 | RUN apk add --no-cache \ 6 | python3 \ 7 | nginx \ 8 | uwsgi \ 9 | uwsgi-python3 \ 10 | supervisor && \ 11 | python3 -m ensurepip && \ 12 | rm -r /usr/lib/python*/ensurepip && \ 13 | pip3 install --upgrade pip setuptools && \ 14 | pip3 install -r /tmp/requirements.txt && \ 15 | rm /etc/nginx/conf.d/default.conf && \ 16 | rm -r /root/.cache 17 | 18 | COPY nginx.conf /etc/nginx/ 19 | 20 | COPY flask-site-nginx.conf /etc/nginx/conf.d/ 21 | 22 | COPY uwsgi.ini /etc/uwsgi/ 23 | 24 | COPY supervisord.conf /etc/supervisord.conf 25 | 26 | COPY ./src /app 27 | WORKDIR /app 28 | 29 | CMD ["/usr/bin/supervisord"] -------------------------------------------------------------------------------- /app-experimental/open-sky-adapter-api/README.md: -------------------------------------------------------------------------------- 1 | # Open Sky Adapter API Microservice 2 | 3 | This microservice will communicate with the [Open Sky](https://opensky-network.org/apidoc/) flight data service and cache the information into our local data stores for current/short term (hot path) and future/long term (cold path) data processing. This service is trigged by making an http ```GET``` request to ```/geojson```. -------------------------------------------------------------------------------- /app-experimental/open-sky-adapter-api/flask-site-nginx.conf: -------------------------------------------------------------------------------- 1 | server { 2 | location / { 3 | try_files $uri @openskyadapterapi; 4 | } 5 | location @openskyadapterapi { 6 | include uwsgi_params; 7 | uwsgi_pass unix:///tmp/uwsgi.sock; 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /app-experimental/open-sky-adapter-api/nginx.conf: -------------------------------------------------------------------------------- 1 | 2 | user nginx; 3 | worker_processes auto; 4 | 5 | pid /tmp/nginx.pid; 6 | 7 | daemon off; 8 | 9 | pcre_jit on; 10 | 11 | error_log /var/log/nginx/error.log warn; 12 | 13 | events { 14 | worker_connections 1024; 15 | } 16 | 17 | 18 | http { 19 | include /etc/nginx/mime.types; 20 | default_type text/html; 21 | server_tokens off; 22 | client_max_body_size 0; 23 | 24 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 25 | '$status $body_bytes_sent "$http_referer" ' 26 | '"$http_user_agent" "$http_x_forwarded_for"'; 27 | access_log /var/log/nginx/access.log main; 28 | 29 | sendfile on; 30 | tcp_nopush on; 31 | tcp_nodelay on; 32 | 33 | keepalive_timeout 65; 34 | 35 | include /etc/nginx/conf.d/*.conf; 36 | } 37 | -------------------------------------------------------------------------------- /app-experimental/open-sky-adapter-api/src/.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__/ 2 | -------------------------------------------------------------------------------- /app-experimental/open-sky-adapter-api/src/requirements.txt: -------------------------------------------------------------------------------- 1 | flask==1.0.2 2 | requests>=2.20.0 -------------------------------------------------------------------------------- /app-experimental/open-sky-adapter-api/supervisord.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon=true 3 | 4 | [program:uwsgi] 5 | command=/usr/sbin/uwsgi --ini /etc/uwsgi/uwsgi.ini --die-on-term 6 | stdout_logfile=/dev/stdout 7 | stdout_logfile_maxbytes=0 8 | stderr_logfile=/dev/stderr 9 | stderr_logfile_maxbytes=0 10 | 11 | [program:nginx] 12 | command=/usr/sbin/nginx 13 | stdout_logfile=/dev/stdout 14 | stdout_logfile_maxbytes=0 15 | stderr_logfile=/dev/stderr 16 | stderr_logfile_maxbytes=0 -------------------------------------------------------------------------------- /app-experimental/open-sky-adapter-api/uwsgi.ini: -------------------------------------------------------------------------------- 1 | [uwsgi] 2 | module = server 3 | callable = server 4 | plugins = /usr/lib/uwsgi/python3 5 | 6 | uid = nginx 7 | gid = nginx 8 | 9 | socket = /tmp/uwsgi.sock 10 | chown-socket = nginx:nginx 11 | chmod-socket = 664 12 | 13 | cheaper = 1 14 | processes = %(%k + 1) -------------------------------------------------------------------------------- /app-experimental/open-sky-cronjob/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine 2 | 3 | COPY src/requirements.txt /tmp/requirements.txt 4 | 5 | RUN apk add --no-cache \ 6 | python3 && \ 7 | python3 -m ensurepip && \ 8 | rm -r /usr/lib/python*/ensurepip && \ 9 | pip3 install --upgrade pip setuptools && \ 10 | pip3 install -r /tmp/requirements.txt && \ 11 | rm -r /root/.cache 12 | 13 | COPY ./src /app 14 | WORKDIR /app 15 | 16 | CMD ["python3", "job.py"] -------------------------------------------------------------------------------- /app-experimental/open-sky-cronjob/README.md: -------------------------------------------------------------------------------- 1 | # Open Sky CronJob Microservice 2 | 3 | This application will execute and shutdown. It's sole purpose is to communicate with the [Open Sky](https://opensky-network.org/apidoc/) flight data service, make the necessary data transforms, then publish to a message queue (```'/flights/states/all'```) to trigger any additional work that any other services need to perform based on updated data this service produces. -------------------------------------------------------------------------------- /app-experimental/open-sky-cronjob/src/.env_examples: -------------------------------------------------------------------------------- 1 | export REDISSERVERHOST="localhost" 2 | export REDISSERVERPORT="6379" 3 | export REDISSERVERDB="0" -------------------------------------------------------------------------------- /app-experimental/open-sky-cronjob/src/.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__/ 2 | .env -------------------------------------------------------------------------------- /app-experimental/open-sky-cronjob/src/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.20.0 2 | redis==2.10.6 -------------------------------------------------------------------------------- /app/data-api/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | node_modules/ 3 | npm-debug.log 4 | .idea/ 5 | dist/ 6 | .env 7 | .env.local 8 | .env.staging 9 | -------------------------------------------------------------------------------- /app/data-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm ci 6 | 7 | COPY . . 8 | ENV NODE_ENV "development" 9 | EXPOSE 3009 10 | 11 | CMD [ "npm", "run", "container" ] -------------------------------------------------------------------------------- /app/data-api/models/express/jsonResponse.js: -------------------------------------------------------------------------------- 1 | /** 2 | * JSON Response for Express Web API's 3 | * @param {object} res - Express Response Object 4 | * @param {any} msg - Response message as property in object 5 | * @param {number} status - HTTP Status code 6 | * @param {object} payload - JSON payload object 7 | */ 8 | 9 | module.exports.json = (res, msg, status, payload) => { 10 | 11 | res.json( { message: msg, payload: payload } ).status( status ) 12 | 13 | } -------------------------------------------------------------------------------- /app/data-api/models/mongo/flights.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var flightSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Flights', flightSchema, 'Flights'); 11 | -------------------------------------------------------------------------------- /app/data-api/models/mongo/latestFlight.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestFlight', latestSchema, 'LatestFlight'); 11 | -------------------------------------------------------------------------------- /app/data-api/models/mongo/latestQuake.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | const Schema = mongoose.Schema; 4 | 5 | const latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestQuake', latestSchema, 'LatestQuake'); 11 | -------------------------------------------------------------------------------- /app/data-api/models/mongo/latestWeather.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestWeather', latestSchema, 'LatestWeather'); 11 | -------------------------------------------------------------------------------- /app/data-api/models/mongo/quakes.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var quakeSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Quakes', quakeSchema, 'Quakes'); 11 | -------------------------------------------------------------------------------- /app/data-api/models/mongo/weather.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var weatherSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Weather', weatherSchema, 'Weather'); 11 | -------------------------------------------------------------------------------- /app/data-api/models/util/site.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Site-related details 3 | * @prop {string} name - Site name 4 | */ 5 | 6 | module.exports.name = 'data api' -------------------------------------------------------------------------------- /app/data-api/models/util/status.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Response status codes 3 | * 200 - OK 4 | * 204 - No Content 5 | * 500 - Server Error 6 | */ 7 | 8 | module.exports.OK = { code: 200, msg: 'Ok'} 9 | module.exports.EMPTY = { code: 204, msg: 'No Content'} 10 | module.exports.ERR = { code: 500, msg: 'Error'} 11 | -------------------------------------------------------------------------------- /app/data-api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "node-data-api", 3 | "version": "0.0.5", 4 | "private": true, 5 | "scripts": { 6 | "local": "NODE_ENV=local node ./bin/www", 7 | "dev": "NODE_ENV=dev node ./bin/www", 8 | "container": "NODE_ENV=contaimer node ./bin/www" 9 | }, 10 | "dependencies": { 11 | "applicationinsights": "^1.0.3", 12 | "async": "^2.6.1", 13 | "bluebird": "^3.5.2", 14 | "body-parser": "^1.18.3", 15 | "cookie-parser": "~1.4.3", 16 | "dayjs": "^1.7.5", 17 | "debug": "~2.6.9", 18 | "dotenv": "^6.0.0", 19 | "express": "~4.16.0", 20 | "hbs": "^4.0.4", 21 | "http-errors": "~1.6.2", 22 | "mongoose": "^5.7.5", 23 | "morgan": "^1.9.1", 24 | "path": "^0.12.7", 25 | "request": "^2.88.0", 26 | "request-promise": "^4.2.2" 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /app/data-updater/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:10.9.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm ci 6 | 7 | COPY . . 8 | 9 | CMD [ "node", "app.js" ] -------------------------------------------------------------------------------- /app/data-updater/models/express/jsonResponse.js: -------------------------------------------------------------------------------- 1 | /** 2 | * JSON Response for Express Web API's 3 | * @param {object} res - Express Response Object 4 | * @param {any} msg - Response message as property in object 5 | * @param {number} status - HTTP Status code 6 | * @param {object} payload - JSON payload object 7 | */ 8 | 9 | module.exports.json = (res, msg, status, payload) => { 10 | 11 | res.json( { message: msg, payload: payload } ).status( status ) 12 | 13 | } -------------------------------------------------------------------------------- /app/data-updater/models/mongo/flights.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var flightSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Flights', flightSchema, 'Flights'); 11 | -------------------------------------------------------------------------------- /app/data-updater/models/mongo/latestFlight.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestFlight', latestSchema, 'LatestFlight'); 11 | -------------------------------------------------------------------------------- /app/data-updater/models/mongo/latestQuake.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | const Schema = mongoose.Schema; 4 | 5 | const latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestQuake', latestSchema, 'LatestQuake'); 11 | -------------------------------------------------------------------------------- /app/data-updater/models/mongo/latestWeather.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestWeather', latestSchema, 'LatestWeather'); 11 | -------------------------------------------------------------------------------- /app/data-updater/models/mongo/quakes.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var quakeSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Quakes', quakeSchema, 'Quakes'); 11 | -------------------------------------------------------------------------------- /app/data-updater/models/mongo/weather.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var weatherSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Weather', weatherSchema, 'Weather'); 11 | -------------------------------------------------------------------------------- /app/data-updater/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "data-updater", 3 | "version": "1.0.0", 4 | "description": "batch program to update database", 5 | "bin": "./app.js", 6 | "repository": { 7 | "type": "git", 8 | "url": "git+https://github.com/Azure/kubernetes-hackfest.git" 9 | }, 10 | "author": "Brian Redmond", 11 | "homepage": "https://github.com/Azure/kubernetes-hackfest#readme", 12 | "dependencies": { 13 | "applicationinsights": "^1.0.4", 14 | "async": "^2.6.1", 15 | "express": "~4.16.0", 16 | "mongoose": "^5.7.5", 17 | "request": "^2.88.0", 18 | "request-promise": "^4.2.2", 19 | "dayjs": "^1.7.5" 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /app/flights-api/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | node_modules/ 3 | npm-debug.log 4 | .idea/ 5 | dist/ 6 | .env 7 | .env.local 8 | .env.staging 9 | -------------------------------------------------------------------------------- /app/flights-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm ci 6 | 7 | COPY . . 8 | ENV NODE_ENV "development" 9 | EXPOSE 3003 10 | 11 | CMD [ "npm", "run", "container" ] -------------------------------------------------------------------------------- /app/flights-api/models/express/jsonResponse.js: -------------------------------------------------------------------------------- 1 | /** 2 | * JSON Response for Express Web API's 3 | * @param {object} res - Express Response Object 4 | * @param {any} msg - Response message as property in object 5 | * @param {number} status - HTTP Status code 6 | * @param {object} payload - JSON payload object 7 | */ 8 | 9 | module.exports.json = (res, msg, status, payload) => { 10 | 11 | res.json( { message: msg, payload: payload } ).status( status ) 12 | 13 | } -------------------------------------------------------------------------------- /app/flights-api/models/util/site.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Site-related details 3 | * @prop {string} name - Site name 4 | * @prop {string} ERR_NO_DATA - NO DATA ERROR 5 | * @prop {string} CACHE_SET_FLIGHT_TIME - set cache flight time 6 | * @prop {string} CACHE_SET_FLIGHTS - set cache flights 7 | */ 8 | 9 | module.exports.name = 'flights api' 10 | module.exports.ERR_NO_DATA = 'no data' 11 | module.exports.CACHE_SET_FLIGHT_TIME = 'CACHE_SET_FLIGHT_TIME' 12 | module.exports.CACHE_SET_FLIGHTS = 'CACHE_SET_FLIGHTS' -------------------------------------------------------------------------------- /app/flights-api/models/util/status.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Response status codes 3 | * 200 - OK 4 | * 204 - No Content 5 | * 500 - Server Error 6 | */ 7 | 8 | module.exports.OK = { code: 200, msg: 'Ok'} 9 | module.exports.ERR_NO_DATA = { code: 204, msg: 'no data'} 10 | module.exports.ERR = { code: 500, msg: 'Error'} -------------------------------------------------------------------------------- /app/flights-api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "node-flights-api", 3 | "version": "0.0.5", 4 | "private": true, 5 | "scripts": { 6 | "local": "NODE_ENV=local node ./bin/www", 7 | "dev": "NODE_ENV=dev node ./bin/www", 8 | "container": "NODE_ENV=container node ./bin/www" 9 | }, 10 | "dependencies": { 11 | "applicationinsights": "^1.0.4", 12 | "async": "^2.6.1", 13 | "body-parser": "^1.18.3", 14 | "cookie-parser": "~1.4.3", 15 | "dayjs": "^1.7.5", 16 | "debug": "~2.6.9", 17 | "dotenv": "^6.0.0", 18 | "express": "~4.16.0", 19 | "hbs": "^4.0.4", 20 | "http-errors": "~1.6.2", 21 | "morgan": "^1.9.1", 22 | "path": "^0.12.7", 23 | "request": "^2.88.0", 24 | "request-promise": "^4.2.2" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /app/quakes-api/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | node_modules/ 3 | npm-debug.log 4 | .idea/ 5 | dist/ 6 | .env 7 | .env.local 8 | .env.staging 9 | -------------------------------------------------------------------------------- /app/quakes-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm ci 6 | 7 | COPY . . 8 | ENV NODE_ENV "development" 9 | EXPOSE 3012 10 | 11 | CMD [ "npm", "run", "container" ] -------------------------------------------------------------------------------- /app/quakes-api/models/express/jsonResponse.js: -------------------------------------------------------------------------------- 1 | /** 2 | * JSON Response for Express Web API's 3 | * @param {object} res - Express Response Object 4 | * @param {any} msg - Response message as property in object 5 | * @param {number} status - HTTP Status code 6 | * @param {object} payload - JSON payload object 7 | */ 8 | 9 | module.exports.json = (res, msg, status, payload) => { 10 | 11 | res.json( { message: msg, payload: payload } ).status( status ) 12 | 13 | } -------------------------------------------------------------------------------- /app/quakes-api/models/util/site.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Site-related details 3 | * @prop {string} name - Site name 4 | * @prop {string} ERR_NO_DATA - NO DATA ERROR 5 | */ 6 | 7 | module.exports.name = 'quakes api' 8 | module.exports.ERR_NO_DATA = 'no data' -------------------------------------------------------------------------------- /app/quakes-api/models/util/status.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Response status codes 3 | * 200 - OK 4 | * 204 - No Content 5 | * 500 - Server Error 6 | */ 7 | 8 | module.exports.OK = { code: 200, msg: 'Ok'} 9 | module.exports.ERR_NO_DATA = { code: 204, msg: 'no data'} 10 | module.exports.ERR = { code: 500, msg: 'Error'} -------------------------------------------------------------------------------- /app/quakes-api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "node-quakes-api", 3 | "version": "0.0.5", 4 | "private": true, 5 | "scripts": { 6 | "local": "NODE_ENV=local node ./bin/www", 7 | "dev": "NODE_ENV=dev node ./bin/www", 8 | "container": "NODE_ENV=container node ./bin/www" 9 | }, 10 | "dependencies": { 11 | "applicationinsights": "^1.0.3", 12 | "async": "^2.6.1", 13 | "body-parser": "^1.18.3", 14 | "cookie-parser": "~1.4.3", 15 | "dayjs": "^1.7.5", 16 | "debug": "~2.6.9", 17 | "dotenv": "^6.0.0", 18 | "express": "~4.16.0", 19 | "hbs": "^4.0.4", 20 | "http-errors": "~1.6.2", 21 | "morgan": "^1.9.1", 22 | "path": "^0.12.7", 23 | "request": "^2.88.0", 24 | "request-promise": "^4.2.2" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /app/sample-go/Dockerfile: -------------------------------------------------------------------------------- 1 | # build stage 2 | FROM golang:1.13.1 AS build-env 3 | WORKDIR /go/src/app 4 | ADD . . 5 | RUN go get -d -v 6 | RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o main . 7 | 8 | # final stage 9 | FROM alpine:latest 10 | RUN apk --no-cache add ca-certificates 11 | WORKDIR /app/ 12 | COPY --from=build-env /go/src/app/main . 13 | COPY --from=build-env /go/src/app/css/. ./css/ 14 | COPY --from=build-env /go/src/app/fonts/. ./fonts/ 15 | COPY --from=build-env /go/src/app/img/. ./img/ 16 | COPY --from=build-env /go/src/app/views/. ./views/ 17 | EXPOSE 8080 18 | CMD ["./main"] -------------------------------------------------------------------------------- /app/sample-go/README.md: -------------------------------------------------------------------------------- 1 | # Sample Go App 2 | 3 | This is a sample GO application that demonstrates integrating Prometheus out of the box metrics along with a custom counter metric. -------------------------------------------------------------------------------- /app/sample-go/fonts/segoeuil.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/sample-go/fonts/segoeuil.ttf -------------------------------------------------------------------------------- /app/sample-go/views/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Go Lang Application 6 | 7 | 8 | 9 | 10 |
11 |
12 | 13 |
14 |
15 |
16 |
{{.Message}}
17 |
Your {{.Language}} app is up and running on Azure.
18 |
19 |
20 |
21 | 22 | 23 | -------------------------------------------------------------------------------- /app/service-tracker-ui/.babelrc: -------------------------------------------------------------------------------- 1 | { 2 | "presets": [ 3 | "@vue/app" 4 | ] 5 | } -------------------------------------------------------------------------------- /app/service-tracker-ui/.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | indent_style = space 6 | indent_size = 2 7 | end_of_line = lf 8 | insert_final_newline = true 9 | trim_trailing_whitespace = true 10 | -------------------------------------------------------------------------------- /app/service-tracker-ui/.eslintrc: -------------------------------------------------------------------------------- 1 | { 2 | "root": true, 3 | "extends": [ 4 | "plugin:vue/essential", 5 | "@vue/prettier" 6 | ] 7 | } -------------------------------------------------------------------------------- /app/service-tracker-ui/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | node_modules/ 3 | npm-debug.log 4 | .idea/ 5 | dist/ 6 | .env 7 | .env.local 8 | .env.staging 9 | -------------------------------------------------------------------------------- /app/service-tracker-ui/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm ci 6 | 7 | COPY . . 8 | ENV NODE_ENV "development" 9 | EXPOSE 8080 10 | 11 | CMD [ "npm", "run", "container" ] 12 | -------------------------------------------------------------------------------- /app/service-tracker-ui/public/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/public/favicon.ico -------------------------------------------------------------------------------- /app/service-tracker-ui/public/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | Service Tracker 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 |
17 | 18 |
19 | 20 | 21 | 22 | 23 | 24 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/fonts/glyphicons-halflings-regular.448c34a.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/fonts/glyphicons-halflings-regular.448c34a.woff2 -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/fonts/glyphicons-halflings-regular.e18bbf6.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/fonts/glyphicons-halflings-regular.e18bbf6.ttf -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/fonts/glyphicons-halflings-regular.f4769f9.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/fonts/glyphicons-halflings-regular.f4769f9.eot -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/fonts/glyphicons-halflings-regular.fa27723.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/fonts/glyphicons-halflings-regular.fa27723.woff -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/fonts/themify.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/fonts/themify.eot -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/fonts/themify.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/fonts/themify.ttf -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/fonts/themify.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/fonts/themify.woff -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/apple-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/apple-icon.png -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/background.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/background.jpg -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/faces/face-0.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/faces/face-0.jpg -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/faces/face-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/faces/face-1.jpg -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/faces/face-2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/faces/face-2.jpg -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/faces/face-3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/faces/face-3.jpg -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/favicon.ico -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/favicon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/favicon.png -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/k8s/pod-200-100.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/k8s/pod-200-100.png -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/k8s/pod.psd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/k8s/pod.psd -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/msft_logo_125.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/msft_logo_125.png -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/msft_logo_24.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/msft_logo_24.png -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/msft_logo_30.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/msft_logo_30.png -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/msft_logo_400.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/msft_logo_400.png -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/img/vue-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/app/service-tracker-ui/src/assets/img/vue-logo.png -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/_footers.scss: -------------------------------------------------------------------------------- 1 | .footer { 2 | background-attachment: fixed; 3 | position: relative; 4 | line-height: 20px; 5 | nav { 6 | ul { 7 | list-style: none; 8 | margin: 0; 9 | padding: 0; 10 | font-weight: normal; 11 | li { 12 | display: inline-block; 13 | padding: 10px 15px; 14 | margin: 15px 3px; 15 | line-height: 20px; 16 | text-align: center; 17 | } 18 | a:not(.btn) { 19 | color: $font-color; 20 | display: block; 21 | margin-bottom: 3px; 22 | 23 | &:focus, 24 | &:hover { 25 | color: $default-states-color; 26 | } 27 | } 28 | } 29 | } 30 | .copyright { 31 | color: $font-color; 32 | padding: 10px 15px; 33 | font-size: 14px; 34 | white-space: nowrap; 35 | margin: 15px 3px; 36 | line-height: 20px; 37 | } 38 | .heart { 39 | color: $danger-color; 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/_mixins.scss: -------------------------------------------------------------------------------- 1 | //Utilities 2 | @import "mixins/transparency"; 3 | @import "mixins/vendor-prefixes"; 4 | //Components 5 | @import "mixins/buttons"; 6 | @import "mixins/inputs"; 7 | @import "mixins/labels"; 8 | @import "mixins/tabs"; 9 | @import "mixins/navbars"; 10 | @import "mixins/icons"; 11 | @import "mixins/cards"; 12 | @import "mixins/chartist"; 13 | @import "mixins/sidebar"; 14 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/mixins/_cards.scss: -------------------------------------------------------------------------------- 1 | @mixin filter($color) { 2 | @if $color == #FFFFFF { 3 | background-color: rgba($color, .91); 4 | } @else { 5 | background-color: rgba($color, .69); 6 | } 7 | } 8 | 9 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/mixins/_icons.scss: -------------------------------------------------------------------------------- 1 | @mixin icon-background($icon-url) { 2 | background-image: url($icon-url); 3 | 4 | } 5 | 6 | @mixin icon-shape($size, $padding, $border-radius) { 7 | height: $size; 8 | width: $size; 9 | padding: $padding; 10 | border-radius: $border-radius; 11 | display: inline-table; 12 | 13 | } 14 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/mixins/_inputs.scss: -------------------------------------------------------------------------------- 1 | @mixin input-size($padding-vertical, $padding-horizontal, $height) { 2 | padding: $padding-vertical $padding-horizontal; 3 | height: $height; 4 | } 5 | 6 | @mixin placeholder($color, $opacity) { 7 | color: $color; 8 | @include opacity(1); 9 | } 10 | 11 | @mixin light-form() { 12 | border-radius: 0; 13 | border: 0; 14 | padding: 0; 15 | background-color: transparent; 16 | 17 | } 18 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/mixins/_labels.scss: -------------------------------------------------------------------------------- 1 | @mixin label-style() { 2 | padding: $padding-label-vertical $padding-label-horizontal; 3 | border: 1px solid $default-color; 4 | border-radius: $border-radius-small; 5 | color: $default-color; 6 | font-weight: $font-weight-semi; 7 | font-size: $font-size-small; 8 | text-transform: uppercase; 9 | display: inline-block; 10 | vertical-align: middle; 11 | } 12 | 13 | @mixin label-color($color) { 14 | border-color: $color; 15 | color: $color; 16 | } 17 | 18 | @mixin label-color-fill($color) { 19 | border-color: $color; 20 | color: $white-color; 21 | background-color: $color; 22 | } 23 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/mixins/_navbars.scss: -------------------------------------------------------------------------------- 1 | @mixin navbar-color($color) { 2 | background-color: $color; 3 | } 4 | 5 | @mixin center-item() { 6 | left: 0; 7 | right: 0; 8 | margin-right: auto; 9 | margin-left: auto; 10 | position: absolute; 11 | } 12 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/mixins/_tabs.scss: -------------------------------------------------------------------------------- 1 | @mixin pill-style($color) { 2 | border: 1px solid $color; 3 | color: $color; 4 | } 5 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/assets/sass/paper/mixins/_transparency.scss: -------------------------------------------------------------------------------- 1 | // Opacity 2 | 3 | @mixin opacity($opacity) { 4 | opacity: $opacity; 5 | // IE8 filter 6 | $opacity-ie: ($opacity * 100); 7 | filter: #{alpha(opacity=$opacity-ie)}; 8 | } 9 | 10 | @mixin black-filter($opacity) { 11 | top: 0; 12 | left: 0; 13 | height: 100%; 14 | width: 100%; 15 | position: absolute; 16 | background-color: rgba(17, 17, 17, $opacity); 17 | display: block; 18 | content: ""; 19 | z-index: 1; 20 | } 21 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/components/Cards/Card.vue: -------------------------------------------------------------------------------- 1 | 22 | 31 | 33 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/components/Cards/Pod.vue: -------------------------------------------------------------------------------- 1 | 22 | 31 | 33 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/components/Cards/StatsCard.vue: -------------------------------------------------------------------------------- 1 | 20 | 30 | 32 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/components/SidebarPlugin/index.js: -------------------------------------------------------------------------------- 1 | import Sidebar from "./SideBar.vue"; 2 | import SidebarLink from "./SidebarLink"; 3 | 4 | const SidebarStore = { 5 | showSidebar: false, 6 | sidebarLinks: [], 7 | displaySidebar(value) { 8 | this.showSidebar = value; 9 | } 10 | }; 11 | 12 | const SidebarPlugin = { 13 | install(Vue) { 14 | let app = new Vue({ 15 | data: { 16 | sidebarStore: SidebarStore 17 | } 18 | }); 19 | 20 | Vue.prototype.$sidebar = app.sidebarStore; 21 | Vue.component("side-bar", Sidebar); 22 | Vue.component("sidebar-link", SidebarLink); 23 | } 24 | }; 25 | 26 | export default SidebarPlugin; 27 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/components/index.js: -------------------------------------------------------------------------------- 1 | import Card from "./Cards/Card.vue" 2 | import ObjectCard from "./Cards/ObjectCard.vue" 3 | import ChartCard from "./Cards/ChartCard.vue" 4 | import StatsCard from "./Cards/StatsCard.vue" 5 | import SidebarPlugin from "./SidebarPlugin/index" 6 | 7 | let components = { 8 | Card, 9 | ChartCard, 10 | StatsCard, 11 | ObjectCard, 12 | SidebarPlugin 13 | } 14 | 15 | export default components 16 | 17 | export { 18 | Card, 19 | ChartCard, 20 | StatsCard, 21 | ObjectCard, 22 | SidebarPlugin 23 | } 24 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/layout/dashboard/Content.vue: -------------------------------------------------------------------------------- 1 | 11 | 14 | 31 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/layout/dashboard/ContentFooter.vue: -------------------------------------------------------------------------------- 1 | 17 | 18 | 21 | 22 | 24 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/layout/dashboard/MobileMenu.vue: -------------------------------------------------------------------------------- 1 | 6 | 9 | 11 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/main.js: -------------------------------------------------------------------------------- 1 | import Vue from "vue" 2 | import App from "./App" 3 | import router from "./router/index" 4 | 5 | import PaperDashboard from "./plugins/paperDashboard" 6 | import "vue-notifyjs/themes/default.css" 7 | 8 | 9 | import VueAppInsights from 'vue-application-insights' 10 | 11 | Vue.use(VueAppInsights, { 12 | id: process.env.APPINSIGHTS_INSTRUMENTATIONKEY 13 | }) 14 | 15 | Vue.use(PaperDashboard) 16 | 17 | /* eslint-disable no-new */ 18 | new Vue({ 19 | router, 20 | render: h => h(App) 21 | }).$mount("#app") 22 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/plugins/paperDashboard.js: -------------------------------------------------------------------------------- 1 | import Notify from "vue-notifyjs"; 2 | import SideBar from "@/components/SidebarPlugin"; 3 | import "es6-promise/auto"; 4 | 5 | //css assets 6 | import "bootstrap/dist/css/bootstrap.css"; 7 | import "@/assets/sass/paper-dashboard.scss"; 8 | import "@/assets/css/themify-icons.css"; 9 | 10 | export default { 11 | install(Vue) { 12 | Vue.use(SideBar); 13 | Vue.use(Notify); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /app/service-tracker-ui/src/router/index.js: -------------------------------------------------------------------------------- 1 | import Vue from "vue"; 2 | import VueRouter from "vue-router"; 3 | import routes from "./routes"; 4 | Vue.use(VueRouter); 5 | 6 | // configure router 7 | const router = new VueRouter({ 8 | routes, // short for routes: routes 9 | linkActiveClass: "active" 10 | }); 11 | 12 | export default router; 13 | -------------------------------------------------------------------------------- /app/weather-api/.env.local: -------------------------------------------------------------------------------- 1 | DATA_SERVICE_URI=http://localhost:3009/ 2 | CACHE_SERVICE_URI=http://localhost:3006/ 3 | APPINSIGHTS_INSTRUMENTATIONKEY=1038fcc4-e588-4ea7-b271-73f262b122d7 -------------------------------------------------------------------------------- /app/weather-api/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | node_modules/ 3 | npm-debug.log 4 | .idea/ 5 | dist/ 6 | .env 7 | .env.local 8 | .env.staging 9 | -------------------------------------------------------------------------------- /app/weather-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:12.16.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm ci 6 | 7 | COPY . . 8 | ENV NODE_ENV "development" 9 | EXPOSE 3015 10 | 11 | CMD [ "npm", "run", "container" ] -------------------------------------------------------------------------------- /app/weather-api/models/express/jsonResponse.js: -------------------------------------------------------------------------------- 1 | /** 2 | * JSON Response for Express Web API's 3 | * @param {object} res - Express Response Object 4 | * @param {any} msg - Response message as property in object 5 | * @param {number} status - HTTP Status code 6 | * @param {object} payload - JSON payload object 7 | */ 8 | 9 | module.exports.json = (res, msg, status, payload) => { 10 | 11 | res.json( { message: msg, payload: payload } ).status( status ) 12 | 13 | } -------------------------------------------------------------------------------- /app/weather-api/models/util/site.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Site-related details 3 | * @prop {string} name - Site name 4 | * @prop {string} ERR_NO_DATA - NO DATA ERROR 5 | */ 6 | 7 | module.exports.name = 'weather api' 8 | module.exports.ERR_NO_DATA = 'no data' -------------------------------------------------------------------------------- /app/weather-api/models/util/status.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Response status codes 3 | * 200 - OK 4 | * 204 - No Content 5 | * 500 - Server Error 6 | */ 7 | 8 | module.exports.OK = { code: 200, msg: 'Ok'} 9 | module.exports.ERR_NO_DATA = { code: 204, msg: 'no data'} 10 | module.exports.ERR = { code: 500, msg: 'Error'} 11 | -------------------------------------------------------------------------------- /app/weather-api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "node-weather-api", 3 | "version": "0.0.5", 4 | "private": true, 5 | "scripts": { 6 | "local": "NODE_ENV=local node ./bin/www", 7 | "dev": "NODE_ENV=dev node ./bin/www", 8 | "container": "NODE_ENV=container node ./bin/www" 9 | }, 10 | "dependencies": { 11 | "applicationinsights": "^1.0.3", 12 | "async": "^2.6.1", 13 | "body-parser": "^1.18.3", 14 | "cookie-parser": "~1.4.3", 15 | "dayjs": "^1.7.5", 16 | "debug": "~2.6.9", 17 | "dotenv": "^6.0.0", 18 | "express": "~4.16.0", 19 | "hbs": "^4.0.4", 20 | "http-errors": "~1.6.2", 21 | "morgan": "^1.9.1", 22 | "path": "^0.12.7", 23 | "request": "^2.88.0", 24 | "request-promise": "^4.2.2" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /app/weather-api/resources/accuweather_regions_NAM.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ID": "BM", 4 | "LocalizedName": "Bermuda", 5 | "EnglishName": "Bermuda" 6 | }, 7 | { 8 | "ID": "CA", 9 | "LocalizedName": "Canada", 10 | "EnglishName": "Canada" 11 | }, 12 | { 13 | "ID": "MX", 14 | "LocalizedName": "Mexico", 15 | "EnglishName": "Mexico" 16 | }, 17 | { 18 | "ID": "PM", 19 | "LocalizedName": "Saint Pierre and Miquelon", 20 | "EnglishName": "Saint Pierre and Miquelon" 21 | }, 22 | { 23 | "ID": "US", 24 | "LocalizedName": "United States", 25 | "EnglishName": "United States" 26 | } 27 | ] -------------------------------------------------------------------------------- /app/weather-api/resources/aw_condition_response_example.js: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "LocalObservationDateTime": "2018-08-25T09:45:00-07:00", 4 | "EpochTime": 1535215500, 5 | "WeatherText": "Cloudy", 6 | "WeatherIcon": 7, 7 | "IsDayTime": true, 8 | "Temperature": { 9 | "Metric": { 10 | "Value": 21.1, 11 | "Unit": "C", 12 | "UnitType": 17 13 | }, 14 | "Imperial": { 15 | "Value": 70, 16 | "Unit": "F", 17 | "UnitType": 18 18 | } 19 | }, 20 | "MobileLink": "http://m.accuweather.com/en/us/los-angeles-ca/90012/current-weather/347625?lang=en-us", 21 | "Link": "http://www.accuweather.com/en/us/los-angeles-ca/90012/current-weather/347625?lang=en-us" 22 | } 23 | ] -------------------------------------------------------------------------------- /assets/img/app-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/assets/img/app-architecture.png -------------------------------------------------------------------------------- /assets/img/ms_azure_logo_50.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/assets/img/ms_azure_logo_50.png -------------------------------------------------------------------------------- /assets/img/ms_azure_logo_72.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/assets/img/ms_azure_logo_72.png -------------------------------------------------------------------------------- /assets/img/msft_logo_24.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/assets/img/msft_logo_24.png -------------------------------------------------------------------------------- /assets/img/msft_logo_50.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/assets/img/msft_logo_50.png -------------------------------------------------------------------------------- /charts/data-api/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: data-api 2 | home: https://github.com/Azure/kubernetes-hackfest/tree/master/labs/build-application 3 | version: 1.0 4 | description: api for GBB Kubernetes Hackfest 5 | maintainers: 6 | - name: chzbrgr71 7 | email: brianisrunning@gmail.com 8 | -------------------------------------------------------------------------------- /charts/data-api/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | 3 | {{/* 4 | Create a default fully qualified app name. 5 | We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 6 | */}} 7 | {{- define "fullname" -}} 8 | {{- printf "%s-%s" .Release.Name .Chart.Name | trunc 63 | trimSuffix "-" -}} 9 | {{- end -}} -------------------------------------------------------------------------------- /charts/data-api/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: data-api 5 | labels: 6 | name: data-api 7 | spec: 8 | type: "{{.Values.service.type}}" 9 | ports: 10 | - name: http 11 | port: {{.Values.service.port}} 12 | targetPort: {{.Values.service.port}} 13 | selector: 14 | app: data-api -------------------------------------------------------------------------------- /charts/data-api/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for chart 2 | 3 | service: 4 | type: ClusterIP 5 | port: 3009 6 | 7 | deploy: 8 | name: data-api 9 | replicas: 1 10 | acrServer: "youracr.azurecr.io" 11 | imageTag: "1.0" 12 | containerPort: 3009 -------------------------------------------------------------------------------- /charts/flights-api/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: flights-api 2 | home: https://github.com/Azure/kubernetes-hackfest/tree/master/labs/build-application 3 | version: 1.0 4 | description: api for GBB Kubernetes Hackfest 5 | maintainers: 6 | - name: chzbrgr71 7 | email: brianisrunning@gmail.com 8 | -------------------------------------------------------------------------------- /charts/flights-api/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | 3 | {{/* 4 | Create a default fully qualified app name. 5 | We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 6 | */}} 7 | {{- define "fullname" -}} 8 | {{- printf "%s-%s" .Release.Name .Chart.Name | trunc 63 | trimSuffix "-" -}} 9 | {{- end -}} -------------------------------------------------------------------------------- /charts/flights-api/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: flights-api 5 | labels: 6 | name: flights-api 7 | spec: 8 | type: "{{.Values.service.type}}" 9 | ports: 10 | - name: http 11 | port: {{.Values.service.port}} 12 | targetPort: {{.Values.service.port}} 13 | selector: 14 | app: flights-api -------------------------------------------------------------------------------- /charts/flights-api/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for chart 2 | 3 | service: 4 | type: ClusterIP 5 | port: 3003 6 | 7 | deploy: 8 | name: flights-api 9 | replicas: 1 10 | acrServer: "youracr.azurecr.io" 11 | imageTag: "1.0" 12 | containerPort: 3003 -------------------------------------------------------------------------------- /charts/mongo/mongodb-client.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | labels: 5 | app: mongo-client 6 | name: mongo-client 7 | namespace: hackfest 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mongo-client 13 | template: 14 | metadata: 15 | labels: 16 | app: mongo-client 17 | spec: 18 | containers: 19 | - image: mongo 20 | name: mongo-client 21 | env: 22 | - name: mongo-client_INITDB_ROOT_USERNAME 23 | value: 'dummy' 24 | - name: mongo-client_INITDB_ROOT_PASSWORD 25 | value: 'dummy' 26 | -------------------------------------------------------------------------------- /charts/mongo/mongodb-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: mongo-data 5 | namespace: hackfest 6 | spec: 7 | accessModes: 8 | - ReadWriteOnce 9 | storageClassName: managed-csi 10 | resources: 11 | requests: 12 | storage: 1Gi 13 | -------------------------------------------------------------------------------- /charts/mongo/mongodb-secrets.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: mongo-creds 5 | namespace: hackfest 6 | data: 7 | password: cGFzc3dvcmQxMjM= #password123 8 | username: YWRtaW51c2Vy #adminuser 9 | -------------------------------------------------------------------------------- /charts/mongo/mongodb-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: mongo 6 | name: mongo-svc 7 | namespace: hackfest 8 | spec: 9 | ports: 10 | - port: 27017 11 | protocol: TCP 12 | targetPort: 27017 13 | selector: 14 | app: mongo 15 | type: ClusterIP 16 | 17 | -------------------------------------------------------------------------------- /charts/quakes-api/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: quakes-api 2 | home: https://github.com/Azure/kubernetes-hackfest/tree/master/labs/build-application 3 | version: 1.0 4 | description: api for GBB Kubernetes Hackfest 5 | maintainers: 6 | - name: chzbrgr71 7 | email: brianisrunning@gmail.com 8 | -------------------------------------------------------------------------------- /charts/quakes-api/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | 3 | {{/* 4 | Create a default fully qualified app name. 5 | We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 6 | */}} 7 | {{- define "fullname" -}} 8 | {{- printf "%s-%s" .Release.Name .Chart.Name | trunc 63 | trimSuffix "-" -}} 9 | {{- end -}} -------------------------------------------------------------------------------- /charts/quakes-api/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: quakes-api 5 | labels: 6 | name: quakes-api 7 | spec: 8 | type: "{{.Values.service.type}}" 9 | ports: 10 | - name: http 11 | port: {{.Values.service.port}} 12 | targetPort: {{.Values.service.port}} 13 | selector: 14 | app: quakes-api -------------------------------------------------------------------------------- /charts/quakes-api/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for chart 2 | 3 | service: 4 | type: ClusterIP 5 | port: 3012 6 | 7 | deploy: 8 | name: quakes-api 9 | replicas: 1 10 | acrServer: "youracr.azurecr.io" 11 | imageTag: "1.0" 12 | containerPort: 3012 -------------------------------------------------------------------------------- /charts/service-tracker-ui/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: web-ui 2 | home: https://github.com/Azure/kubernetes-hackfest/tree/master/labs/build-application 3 | version: 1.0 4 | description: web app for GBB Kubernetes Hackfest 5 | maintainers: 6 | - name: chzbrgr71 7 | email: brianisrunning@gmail.com 8 | -------------------------------------------------------------------------------- /charts/service-tracker-ui/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | 3 | {{/* 4 | Create a default fully qualified app name. 5 | We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 6 | */}} 7 | {{- define "fullname" -}} 8 | {{- printf "%s-%s" .Release.Name .Chart.Name | trunc 63 | trimSuffix "-" -}} 9 | {{- end -}} -------------------------------------------------------------------------------- /charts/service-tracker-ui/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: service-tracker-ui 5 | labels: 6 | name: service-tracker-ui 7 | spec: 8 | type: "{{.Values.service.type}}" 9 | ports: 10 | - name: http 11 | port: {{.Values.service.port}} 12 | targetPort: {{.Values.service.port}} 13 | selector: 14 | app: service-tracker-ui -------------------------------------------------------------------------------- /charts/service-tracker-ui/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for chart 2 | 3 | service: 4 | type: LoadBalancer 5 | port: 8080 6 | 7 | deploy: 8 | name: service-tracker-ui 9 | acrServer: "youracr.azurecr.io" 10 | imageTag: "1.0" 11 | containerPort: 8080 12 | -------------------------------------------------------------------------------- /charts/weather-api/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: weather-api 2 | home: https://github.com/Azure/kubernetes-hackfest/tree/master/labs/build-application 3 | version: 1.0 4 | description: api for GBB Kubernetes Hackfest 5 | maintainers: 6 | - name: chzbrgr71 7 | email: brianisrunning@gmail.com 8 | -------------------------------------------------------------------------------- /charts/weather-api/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | 3 | {{/* 4 | Create a default fully qualified app name. 5 | We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 6 | */}} 7 | {{- define "fullname" -}} 8 | {{- printf "%s-%s" .Release.Name .Chart.Name | trunc 63 | trimSuffix "-" -}} 9 | {{- end -}} -------------------------------------------------------------------------------- /charts/weather-api/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: weather-api 5 | labels: 6 | name: weather-api 7 | spec: 8 | type: "{{.Values.service.type}}" 9 | ports: 10 | - name: http 11 | port: {{.Values.service.port}} 12 | targetPort: {{.Values.service.port}} 13 | selector: 14 | app: weather-api -------------------------------------------------------------------------------- /charts/weather-api/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for chart 2 | 3 | service: 4 | type: ClusterIP 5 | port: 3015 6 | 7 | deploy: 8 | name: weather-api 9 | replicas: 1 10 | acrServer: "youracr.azurecr.io" 11 | imageTag: "1.0" 12 | containerPort: 3015 -------------------------------------------------------------------------------- /labs/aci/aci-data-updater.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/aci/aci-data-updater.png -------------------------------------------------------------------------------- /labs/aci/virtual-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: aci-helloworld 5 | spec: 6 | replicas: 1 7 | selector: 8 | matchLabels: 9 | app: aci-helloworld 10 | template: 11 | metadata: 12 | labels: 13 | app: aci-helloworld 14 | spec: 15 | containers: 16 | - name: aci-helloworld 17 | image: microsoft/aci-helloworld 18 | ports: 19 | - containerPort: 80 20 | nodeSelector: 21 | kubernetes.io/role: agent 22 | beta.kubernetes.io/os: linux 23 | type: virtual-kubelet 24 | tolerations: 25 | - key: virtual-kubelet.io/provider 26 | operator: Exists 27 | - key: azure.com/aci 28 | effect: NoSchedule -------------------------------------------------------------------------------- /labs/best-practices/README.md: -------------------------------------------------------------------------------- 1 | # Lab: Best Practices 2 | 3 | Best practices exercises for Azure Kubernetes Service. 4 | 5 | ## Prerequisites 6 | 7 | * Complete previous labs: 8 | * [Azure Kubernetes Service](../create-aks-cluster/README.md) 9 | * [Build Application Components in Azure Container Registry](../build-application/README.md) 10 | * [Helm Setup and Deploy Application](../helm-setup-deploy/README.md) 11 | 12 | ## Options 13 | 14 | 1. [Best Practices for App Developers](appdev/README.md) 15 | 2. [Best Practices for Cluster Operators](operators/README.md) 16 | 17 | 18 | ## Troubleshooting / Debugging 19 | 20 | 21 | ## Docs / References 22 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/cosmos-reset-password.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/best-practices/appdev/cosmos-reset-password.png -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | node_modules/ 3 | npm-debug.log 4 | .idea/ 5 | dist/ 6 | .env 7 | .env.local 8 | .env.staging 9 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:10.9.0-alpine 2 | 3 | WORKDIR /usr/src/app 4 | COPY package*.json ./ 5 | RUN npm ci 6 | 7 | COPY . . 8 | ENV NODE_ENV "development" 9 | EXPOSE 3009 10 | 11 | CMD [ "npm", "run", "container" ] -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/express/jsonResponse.js: -------------------------------------------------------------------------------- 1 | /** 2 | * JSON Response for Express Web API's 3 | * @param {object} res - Express Response Object 4 | * @param {any} msg - Response message as property in object 5 | * @param {number} status - HTTP Status code 6 | * @param {object} payload - JSON payload object 7 | */ 8 | 9 | module.exports.json = (res, msg, status, payload) => { 10 | 11 | res.json( { message: msg, payload: payload } ).status( status ) 12 | 13 | } -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/mongo/flights.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var flightSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Flights', flightSchema, 'Flights'); 11 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/mongo/latestFlight.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestFlight', latestSchema, 'LatestFlight'); 11 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/mongo/latestQuake.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | const Schema = mongoose.Schema; 4 | 5 | const latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestQuake', latestSchema, 'LatestQuake'); 11 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/mongo/latestWeather.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var latestSchema = new Schema({ 6 | Timestamp: String, 7 | Created: { type: Date, default: Date.now } 8 | }); 9 | 10 | mongoose.model('LatestWeather', latestSchema, 'LatestWeather'); 11 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/mongo/quakes.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var quakeSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Quakes', quakeSchema, 'Quakes'); 11 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/mongo/weather.js: -------------------------------------------------------------------------------- 1 | const mongoose = require('mongoose'); 2 | 3 | var Schema = mongoose.Schema; 4 | 5 | var weatherSchema = new Schema({ 6 | Timestamp: String, 7 | FeatureCollection: mongoose.Schema.Types.Mixed 8 | }); 9 | 10 | mongoose.model('Weather', weatherSchema, 'Weather'); 11 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/util/site.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Site-related details 3 | * @prop {string} name - Site name 4 | */ 5 | 6 | module.exports.name = 'data api' -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/models/util/status.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Response status codes 3 | * 200 - OK 4 | * 204 - No Content 5 | * 500 - Server Error 6 | */ 7 | 8 | module.exports.OK = { code: 200, msg: 'Ok'} 9 | module.exports.EMPTY = { code: 204, msg: 'No Content'} 10 | module.exports.ERR = { code: 500, msg: 'Error'} 11 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/data-api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "node-data-api", 3 | "version": "0.0.5", 4 | "private": true, 5 | "scripts": { 6 | "local": "NODE_ENV=local node ./bin/www", 7 | "dev": "NODE_ENV=dev node ./bin/www", 8 | "container": "NODE_ENV=contaimer node ./bin/www" 9 | }, 10 | "dependencies": { 11 | "applicationinsights": "^1.0.8", 12 | "async": "^2.6.1", 13 | "bluebird": "^3.5.2", 14 | "body-parser": "^1.18.3", 15 | "cookie-parser": "~1.4.3", 16 | "dayjs": "^1.7.5", 17 | "debug": "~2.6.9", 18 | "dotenv": "^6.0.0", 19 | "express": "~4.16.0", 20 | "hbs": "~4.0.1", 21 | "http-errors": "~1.6.2", 22 | "mongoose": "^5.2.13", 23 | "morgan": "^1.9.1", 24 | "path": "^0.12.7", 25 | "request": "^2.88.0", 26 | "request-promise": "^4.2.2" 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/flights-api/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | node_modules/ 3 | npm-debug.log 4 | .idea/ 5 | dist/ 6 | .env 7 | .env.local 8 | .env.staging 9 | -------------------------------------------------------------------------------- /labs/best-practices/appdev/flights-api/Dockerfile: -------------------------------------------------------------------------------- 1 | # build stage (use full node image to provide tooling needed for CI) 2 | FROM node:10.9.0 as build-stage 3 | 4 | WORKDIR /usr/src/app 5 | COPY package*.json ./ 6 | RUN npm ci 7 | COPY . /usr/src/app/ 8 | 9 | # final stage (using slim) 10 | FROM node:10.9.0-slim 11 | WORKDIR /app 12 | COPY --from=build-stage /usr/src/app/ /app/ 13 | ENV NODE_ENV "development" 14 | EXPOSE 3003 15 | 16 | CMD [ "npm", "run", "container" ] -------------------------------------------------------------------------------- /labs/best-practices/appdev/flights-api/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/best-practices/appdev/flights-api/favicon.ico -------------------------------------------------------------------------------- /labs/best-practices/appdev/flights-api/models/express/jsonResponse.js: -------------------------------------------------------------------------------- 1 | /** 2 | * JSON Response for Express Web API's 3 | * @param {object} res - Express Response Object 4 | * @param {any} msg - Response message as property in object 5 | * @param {number} status - HTTP Status code 6 | * @param {object} payload - JSON payload object 7 | */ 8 | 9 | module.exports.json = (res, msg, status, payload) => { 10 | 11 | res.json( { message: msg, payload: payload } ).status( status ) 12 | 13 | } -------------------------------------------------------------------------------- /labs/best-practices/appdev/flights-api/models/util/site.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Site-related details 3 | * @prop {string} name - Site name 4 | * @prop {string} ERR_NO_DATA - NO DATA ERROR 5 | * @prop {string} CACHE_SET_FLIGHT_TIME - set cache flight time 6 | * @prop {string} CACHE_SET_FLIGHTS - set cache flights 7 | */ 8 | 9 | module.exports.name = 'flights api' 10 | module.exports.ERR_NO_DATA = 'no data' 11 | module.exports.CACHE_SET_FLIGHT_TIME = 'CACHE_SET_FLIGHT_TIME' 12 | module.exports.CACHE_SET_FLIGHTS = 'CACHE_SET_FLIGHTS' -------------------------------------------------------------------------------- /labs/best-practices/appdev/flights-api/models/util/status.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Response status codes 3 | * 200 - OK 4 | * 204 - No Content 5 | * 500 - Server Error 6 | */ 7 | 8 | module.exports.OK = { code: 200, msg: 'Ok'} 9 | module.exports.ERR_NO_DATA = { code: 204, msg: 'no data'} 10 | module.exports.ERR = { code: 500, msg: 'Error'} -------------------------------------------------------------------------------- /labs/best-practices/appdev/flights-api/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "node-flights-api", 3 | "version": "0.0.5", 4 | "private": true, 5 | "scripts": { 6 | "local": "NODE_ENV=local node ./bin/www", 7 | "dev": "NODE_ENV=dev node ./bin/www", 8 | "container": "NODE_ENV=container node ./bin/www" 9 | }, 10 | "dependencies": { 11 | "applicationinsights": "^1.0.4", 12 | "async": "^2.6.1", 13 | "body-parser": "^1.18.3", 14 | "cookie-parser": "~1.4.3", 15 | "dayjs": "^1.7.5", 16 | "debug": "~2.6.9", 17 | "dotenv": "^6.0.0", 18 | "express": "~4.16.0", 19 | "hbs": "~4.0.1", 20 | "http-errors": "~1.6.2", 21 | "morgan": "~1.9.0", 22 | "path": "^0.12.7", 23 | "request": "^2.88.0", 24 | "request-promise": "^4.2.2" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /labs/best-practices/operators/pod-disruption-budget.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: service-tracker-pdb 5 | spec: 6 | minAvailable: 2 7 | selector: 8 | matchLabels: 9 | app: service-tracker-ui -------------------------------------------------------------------------------- /labs/best-practices/operators/sa-kube-advisor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: kube-advisor 5 | namespace: default 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: kube-advisor 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: cluster-admin 15 | subjects: 16 | - kind: ServiceAccount 17 | name: kube-advisor 18 | namespace: default -------------------------------------------------------------------------------- /labs/build-application/app-Insights.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "parameters": { 5 | "name": { 6 | "type": "string" 7 | }, 8 | "type": { 9 | "type": "string" 10 | }, 11 | "regionId": { 12 | "type": "string" 13 | } 14 | }, 15 | "resources": [ 16 | { 17 | "name": "[parameters('name')]", 18 | "type": "microsoft.insights/components", 19 | "location": "[parameters('regionId')]", 20 | "apiVersion": "2014-08-01", 21 | "properties": { 22 | "ApplicationId": "[parameters('name')]", 23 | "Application_Type": "[parameters('type')]" 24 | } 25 | } 26 | ] 27 | } -------------------------------------------------------------------------------- /labs/build-application/app-insights.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/build-application/app-insights.png -------------------------------------------------------------------------------- /labs/build-application/reg-acr.sh: -------------------------------------------------------------------------------- 1 | AKS_RESOURCE_GROUP=$1 2 | AKS_CLUSTER_NAME=$2 3 | ACR_NAME=$3 4 | 5 | 6 | # Get the id of the service principal configured for AKS 7 | CLIENT_ID=$(az aks show --resource-group $AKS_RESOURCE_GROUP --name $AKS_CLUSTER_NAME --query "servicePrincipalProfile.clientId" --output tsv) 8 | 9 | # Get the ACR registry resource id 10 | ACR_ID=$(az acr show --name $ACR_NAME --resource-group $AKS_RESOURCE_GROUP --query "id" --output tsv) 11 | 12 | # Create role assignment 13 | az role assignment create --assignee $CLIENT_ID --role Contributor --scope $ACR_ID 14 | -------------------------------------------------------------------------------- /labs/cicd-automation/README.md: -------------------------------------------------------------------------------- 1 | # Lab: CI / CD Automation 2 | 3 | In this lab you will setup pipelines for automating application creation and deployment. In the lab, you will be able to choose the platform you want to use for pipeline automation: 4 | 5 | * Jenkins 6 | * Azure DevOps 7 | * Brigade 8 | 9 | ## Prerequisites 10 | 11 | * Clone this repo in Azure Cloud Shell. 12 | * Complete previous labs: 13 | * [Azure Kubernetes Service](../create-aks-cluster/README.md) 14 | * [Build Application Components in Azure Container Registry](../build-application/README.md) 15 | * [Helm Setup and Deploy Application](../helm-setup-deploy/README.md) 16 | 17 | ## Options 18 | 19 | 1. [Jenkins](jenkins/README.md) 20 | 2. [Azure DevOps](azure-devops/README.md) 21 | 3. [Brigade](brigade/README.md) 22 | 23 | ## Troubleshooting / Debugging 24 | 25 | * N/A 26 | 27 | ## Docs / References 28 | 29 | * Article, "What is CI/CD?" https://dzone.com/articles/what-is-cicd 30 | 31 | #### Next Lab: [Networking](../networking/README.md) -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-artifact.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-artifact.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-azurecli.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-azurecli.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-build.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-build.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-cli.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-cli.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-helm-task.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-helm-task.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-import.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-import.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-new-project.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-new-project.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-pipeline-artifact.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-pipeline-artifact.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-publish.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-publish.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-release-artifact.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-release-artifact.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-release.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-release.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/azure-do-use-classic.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/azure-do-use-classic.png -------------------------------------------------------------------------------- /labs/cicd-automation/azure-devops/workflow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/azure-devops/workflow.png -------------------------------------------------------------------------------- /labs/cicd-automation/brigade/brigade-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: brigade-worker 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: brigade-worker 12 | namespace: brigade 13 | -------------------------------------------------------------------------------- /labs/cicd-automation/brigade/github-clone.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/brigade/github-clone.png -------------------------------------------------------------------------------- /labs/cicd-automation/brigade/github-dev-settings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/brigade/github-dev-settings.png -------------------------------------------------------------------------------- /labs/cicd-automation/brigade/github-fork.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/brigade/github-fork.png -------------------------------------------------------------------------------- /labs/cicd-automation/brigade/github-token.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/brigade/github-token.png -------------------------------------------------------------------------------- /labs/cicd-automation/brigade/github-webhook.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/brigade/github-webhook.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/az-creds.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/az-creds.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/branch-config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/branch-config.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/branch-resource.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/branch-resource.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/build-history.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/build-history.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/console-log.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/console-log.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/github-clone.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/github-clone.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/github-fork.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/github-fork.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/jenkins-aks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/jenkins-aks.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/jenkins-master.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/jenkins-master.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/img/modify_acr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/cicd-automation/jenkins/img/modify_acr.png -------------------------------------------------------------------------------- /labs/cicd-automation/jenkins/jenkins-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: jenkins 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: jenkins 12 | namespace: default 13 | -------------------------------------------------------------------------------- /labs/create-aks-cluster/create-namespaces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: dev 5 | --- 6 | apiVersion: v1 7 | kind: Namespace 8 | metadata: 9 | name: uat 10 | --- 11 | apiVersion: v1 12 | kind: Namespace 13 | metadata: 14 | name: prod -------------------------------------------------------------------------------- /labs/create-aks-cluster/img-cloud-shell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/create-aks-cluster/img-cloud-shell.png -------------------------------------------------------------------------------- /labs/create-aks-cluster/namespace-quotas.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ResourceQuota 3 | metadata: 4 | name: mem-cpu-demo 5 | namespace: dev 6 | spec: 7 | hard: 8 | requests.cpu: "1" 9 | requests.memory: 1Gi 10 | limits.cpu: "2" 11 | limits.memory: 2Gi 12 | persistentvolumeclaims: "5" 13 | requests.storage: "10Gi" 14 | --- 15 | apiVersion: v1 16 | kind: ResourceQuota 17 | metadata: 18 | name: mem-cpu-demo 19 | namespace: uat 20 | spec: 21 | hard: 22 | requests.cpu: "2" 23 | requests.memory: 2Gi 24 | limits.cpu: "4" 25 | limits.memory: 4Gi 26 | persistentvolumeclaims: "5" 27 | requests.storage: "25Gi" 28 | --- 29 | apiVersion: v1 30 | kind: ResourceQuota 31 | metadata: 32 | name: mem-cpu-demo 33 | namespace: prod 34 | spec: 35 | hard: 36 | requests.cpu: "4" 37 | requests.memory: 4Gi 38 | limits.cpu: "8" 39 | limits.memory: 8Gi 40 | persistentvolumeclaims: "10" 41 | requests.storage: "100Gi" -------------------------------------------------------------------------------- /labs/helm-setup-deploy/rbac-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: tiller 5 | namespace: kube-system 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1beta1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: tiller 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: cluster-admin 15 | subjects: 16 | - kind: ServiceAccount 17 | name: tiller 18 | namespace: kube-system -------------------------------------------------------------------------------- /labs/helm-setup-deploy/service-tracker-ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/helm-setup-deploy/service-tracker-ui.png -------------------------------------------------------------------------------- /labs/k8s-dash/rbac-update.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1beta1 2 | kind: ClusterRole 3 | metadata: 4 | name: kube-dashboard 5 | rules: 6 | - apiGroups: ["*"] 7 | resources: ["*"] 8 | verbs: ["*"] 9 | --- 10 | apiVersion: rbac.authorization.k8s.io/v1beta1 11 | kind: ClusterRoleBinding 12 | metadata: 13 | name: rook-operator 14 | namespace: rook-system 15 | roleRef: 16 | apiGroup: rbac.authorization.k8s.io 17 | kind: ClusterRole 18 | name: kube-dashboard 19 | subjects: 20 | - kind: ServiceAccount 21 | name: kubernetes-dashboard 22 | namespace: kube-system 23 | -------------------------------------------------------------------------------- /labs/lab-style-template.md: -------------------------------------------------------------------------------- 1 | # Lab: Name of Lab 2 | This is the info about the lab. More info here. Blah blah blah. 3 | 4 | ## Prerequisites 5 | 6 | 7 | ## Instructions 8 | 9 | 1. Blah 10 | * blah 1 11 | 1. info here 12 | * blah 2 13 | 2. blah 14 | 3. more blah 15 | 16 | 17 | 18 | ## Troubleshooting / Debugging 19 | 20 | ## Docs / References 21 | 22 | -------------------------------------------------------------------------------- /labs/monitoring-logging/azure-monitor/aks-cluster-performance.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/azure-monitor/aks-cluster-performance.png -------------------------------------------------------------------------------- /labs/monitoring-logging/azure-monitor/app-insights-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/azure-monitor/app-insights-dashboard.png -------------------------------------------------------------------------------- /labs/monitoring-logging/azure-monitor/cluster-logs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/azure-monitor/cluster-logs.png -------------------------------------------------------------------------------- /labs/monitoring-logging/azure-monitor/containers-images.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/azure-monitor/containers-images.png -------------------------------------------------------------------------------- /labs/monitoring-logging/azure-monitor/containers-logs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/azure-monitor/containers-logs.png -------------------------------------------------------------------------------- /labs/monitoring-logging/azure-monitor/containers-tab.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/azure-monitor/containers-tab.png -------------------------------------------------------------------------------- /labs/monitoring-logging/azure-monitor/diagnostics-categories.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/azure-monitor/diagnostics-categories.png -------------------------------------------------------------------------------- /labs/monitoring-logging/azure-monitor/enable-masternode-logs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/azure-monitor/enable-masternode-logs.png -------------------------------------------------------------------------------- /labs/monitoring-logging/kubecost/1_create-aks-cluster/step1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/kubecost/1_create-aks-cluster/step1.png -------------------------------------------------------------------------------- /labs/monitoring-logging/kubecost/2_install-kubecost-on-aks/kubecost-cost-analyzer.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: public-svc 5 | spec: 6 | type: LoadBalancer 7 | ports: 8 | - port: 9090 9 | selector: 10 | app: cost-analyzer 11 | -------------------------------------------------------------------------------- /labs/monitoring-logging/kubecost/2_install-kubecost-on-aks/step2_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/kubecost/2_install-kubecost-on-aks/step2_1.png -------------------------------------------------------------------------------- /labs/monitoring-logging/kubecost/2_install-kubecost-on-aks/step2_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/kubecost/2_install-kubecost-on-aks/step2_2.png -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/img-alertmanager-ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/prometheus-grafana/img-alertmanager-ui.png -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/img-grafana-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/prometheus-grafana/img-grafana-dashboard.png -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/img-prometheus-alerts-resolved.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/prometheus-grafana/img-prometheus-alerts-resolved.png -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/img-prometheus-alerts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/prometheus-grafana/img-prometheus-alerts.png -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/img-prometheus-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/prometheus-grafana/img-prometheus-dashboard.png -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/img-prometheus-operator.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/prometheus-grafana/img-prometheus-operator.png -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/img-prometheus-ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/monitoring-logging/prometheus-grafana/img-prometheus-ui.png -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/prom-graf-alert-rule.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: monitoring.coreos.com/v1 2 | kind: PrometheusRule 3 | metadata: 4 | labels: 5 | app: prometheus-operator 6 | release: prometheus-operator 7 | name: example-sample-go-app-rules 8 | spec: 9 | groups: 10 | - name: ./examplesamplegoapp.rules 11 | rules: 12 | - alert: ExampleSampleGoAppDeploymentLowReplicaCount 13 | annotations: 14 | summary: "App Not Fully Functional" 15 | message: "The Sample GO App is running with less than 3 replicas." 16 | expr: kube_deployment_status_replicas{deployment="sample-go",namespace="sample-app"} < 3 17 | for: 30s 18 | labels: 19 | severity: critical 20 | -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/prom-graf-kube-dns-metrics-patch.yaml: -------------------------------------------------------------------------------- 1 | spec: 2 | template: 3 | spec: 4 | containers: 5 | - name: kubedns 6 | env: 7 | - name: PROMETHEUS_PORT 8 | value: "10055" 9 | - name: sidecar 10 | image: k8s.gcr.io/k8s-dns-sidecar-amd64:1.14.10 11 | livenessProbe: 12 | httpGet: 13 | path: /metrics 14 | port: 10054 15 | scheme: HTTP 16 | initialDelaySeconds: 60 17 | timeoutSeconds: 5 18 | successThreshold: 1 19 | failureThreshold: 5 20 | args: 21 | - --v=2 22 | - --logtostderr 23 | - --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.cluster.local 24 | - --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.cluster.local 25 | ports: 26 | - containerPort: 10054 27 | name: metrics 28 | protocol: TCP 29 | resources: 30 | requests: 31 | memory: 20Mi 32 | cpu: 10m -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/prom-graf-sample-go-app.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: sample-go 5 | spec: 6 | replicas: 2 7 | selector: 8 | matchLabels: 9 | app: sample-go 10 | template: 11 | metadata: 12 | labels: 13 | app: sample-go 14 | prometheus: kube-prometheus 15 | spec: 16 | containers: 17 | - name: sample-go 18 | image: chzbrgr71/sample-go:v1 19 | ports: 20 | - name: web 21 | containerPort: 8080 22 | resources: 23 | limits: 24 | cpu: "250m" 25 | memory: "256Mi" 26 | requests: 27 | cpu: "50m" 28 | memory: "128Mi" 29 | imagePullSecrets: 30 | - name: acr-secret 31 | --- 32 | kind: Service 33 | apiVersion: v1 34 | metadata: 35 | name: sample-go 36 | labels: 37 | app: sample-go 38 | spec: 39 | selector: 40 | app: sample-go 41 | type: LoadBalancer 42 | ports: 43 | - name: web 44 | port: 8080 45 | -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/prom-graf-servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: monitoring.coreos.com/v1 2 | kind: ServiceMonitor 3 | metadata: 4 | name: sample-go 5 | namespace: monitoring 6 | labels: 7 | app: sample-go 8 | release: prometheus-operator 9 | spec: 10 | selector: 11 | matchLabels: 12 | app: sample-go 13 | jobLabel: app 14 | namespaceSelector: 15 | matchNames: 16 | - sample-app 17 | endpoints: 18 | - port: web -------------------------------------------------------------------------------- /labs/monitoring-logging/prometheus-grafana/values.yaml: -------------------------------------------------------------------------------- 1 | # Forcing Kubelet metrics scraping on http 2 | kubelet: 3 | enabled: true 4 | serviceMonitor: 5 | https: false 6 | # Disabling scraping of Master Nodes Components 7 | kubeControllerManager: 8 | enabled: false 9 | kubeScheduler: 10 | enabled: false 11 | kubeEtcd: 12 | enabled: false 13 | kubeProxy: 14 | enabled: false 15 | grafana: 16 | plugins: 17 | - grafana-piechart-panel 18 | prometheusOperator: 19 | admissionWebhooks: 20 | enabled: false -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab1/dashboard-vs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: dashboard-svc 5 | namespace: nginx-ingress 6 | spec: 7 | ports: 8 | - port: 9000 9 | targetPort: 9000 10 | protocol: TCP 11 | name: dashboard 12 | selector: 13 | app: nginx-ingress 14 | --- 15 | apiVersion: k8s.nginx.org/v1 16 | kind: VirtualServer 17 | metadata: 18 | name: dashboard-vs 19 | namespace: nginx-ingress 20 | spec: 21 | host: dashboard.example.com 22 | upstreams: 23 | - name: dashboard 24 | service: dashboard-svc 25 | port: 9000 26 | routes: 27 | - path: /dashboard.html 28 | action: 29 | pass: dashboard 30 | - path: /api 31 | action: 32 | pass: dashboard -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab1/loadbalancer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: nginx-ingress 5 | namespace: nginx-ingress 6 | spec: 7 | externalTrafficPolicy: Local 8 | type: LoadBalancer 9 | ports: 10 | - port: 80 11 | targetPort: 80 12 | protocol: TCP 13 | name: http 14 | - port: 443 15 | targetPort: 443 16 | protocol: TCP 17 | name: https 18 | selector: 19 | app: nginx-ingress 20 | -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab1/media/exit-to-exit-pod.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab1/media/exit-to-exit-pod.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab1/media/more-command-q-quit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab1/media/more-command-q-quit.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab1/media/plus-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab1/media/plus-dashboard.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_allow-insecure-chrome.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_allow-insecure-chrome.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_diagram.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_secret_yaml.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_secret_yaml.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_vs_yaml1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_vs_yaml1.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_vs_yaml2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_vs_yaml2.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_yaml.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_cafe_yaml.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_chrome_inspect.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_chrome_inspect.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_coffee_dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_coffee_dashboard.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_http_upstream.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_http_upstream.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_http_zones.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_http_zones.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_milk.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_milk.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_redirect.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab2/media/lab2_redirect.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/cafe-virtualserver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.nginx.org/v1 2 | kind: VirtualServer 3 | metadata: 4 | name: cafe-vs 5 | spec: 6 | host: cafe.example.com 7 | tls: 8 | secret: cafe-secret 9 | redirect: 10 | enable: true #Redirect from http > https 11 | code: 301 12 | upstreams: 13 | - name: coffee 14 | service: coffee-svc 15 | port: 80 16 | - name: tea 17 | service: tea-svc 18 | port: 80 19 | routes: 20 | - path: / 21 | action: 22 | redirect: 23 | url: https://cafe.example.com/coffee 24 | code: 302 25 | - path: /tea 26 | policies: 27 | - name: oidc-policy # This enables Azure AD authentication for /tea path 28 | action: 29 | pass: tea 30 | - path: /coffee 31 | action: 32 | pass: coffee 33 | - path: /milk 34 | action: 35 | return: 36 | code: 200 37 | type: text/html 38 | body: "Welcome to AKS Hackfest & NGINX Plus NIC Workshop!!" 39 | 40 | -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/client-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: oidc-secret 5 | type: nginx.org/oidc 6 | data: 7 | client-secret: -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/App_Registration.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/App_Registration.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/Authentication_add_platform.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/Authentication_add_platform.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/Fill_Secret_details.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/Fill_Secret_details.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/New_Secret_Creation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/New_Secret_Creation.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/Post_App_Registration.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/Post_App_Registration.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/Post_Secret_Creation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/Post_Secret_Creation.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/curl_output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/curl_output.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/endpoints.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/endpoints.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/media/redirect_url_setup.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab3/media/redirect_url_setup.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/nginx-config.yaml: -------------------------------------------------------------------------------- 1 | kind: ConfigMap 2 | apiVersion: v1 3 | metadata: 4 | name: nginx-config 5 | namespace: nginx-ingress 6 | data: 7 | resolver-addresses: # add your kube-dns service CLUSTER-IP here. 8 | resolver-valid: 5s 9 | -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab3/oidc-policy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.nginx.org/v1 2 | kind: Policy 3 | metadata: 4 | name: oidc-policy 5 | spec: 6 | oidc: 7 | clientID: 8 | clientSecret: oidc-secret # Name of the kubernetes secret that you created 9 | authEndpoint: 10 | tokenEndpoint: 11 | jwksURI: 12 | scope: openid+profile+email 13 | accessTokenEnable: true -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/grafana-vs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.nginx.org/v1 2 | kind: VirtualServer 3 | metadata: 4 | name: grafana-vs 5 | namespace: monitoring 6 | spec: 7 | host: grafana.example.com 8 | tls: 9 | secret: grafana-secret 10 | routes: 11 | - path: / 12 | route: monitoring/grafana-dashboard 13 | -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/grafana-vsr.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.nginx.org/v1 2 | kind: VirtualServerRoute 3 | metadata: 4 | name: grafana-dashboard 5 | namespace: monitoring 6 | spec: 7 | host: grafana.example.com 8 | upstreams: 9 | - name: grafana 10 | service: nginx-grafana 11 | port: 80 12 | subroutes: 13 | - path: / 14 | action: 15 | pass: grafana 16 | -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/ext_grafana_login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/ext_grafana_login.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/ext_grafana_welcome.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/ext_grafana_welcome.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana-icon.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_add_prometheus.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_add_prometheus.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_data_source.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_data_source.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_imports.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_imports.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_json_load.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_json_load.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_json_load2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_json_load2.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_nginx_basic.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_nginx_basic.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_nic_dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_nic_dashboard.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_no_data.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_no_data.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_no_data_fix.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_no_data_fix.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_open_basic_dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_open_basic_dashboard.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_open_nic_dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_open_nic_dashboard.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_prometheus_ds.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/grafana_prometheus_ds.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/helm-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/helm-icon.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/prometheus-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/prometheus-icon.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/prometheus_graph.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/prometheus_graph.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/media/prometheus_statistics_list.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/lab4/media/prometheus_statistics_list.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab4/prometheus-vs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.nginx.org/v1 2 | kind: VirtualServer 3 | metadata: 4 | name: prometheus-vs 5 | namespace: monitoring 6 | spec: 7 | host: prometheus.example.com 8 | upstreams: 9 | - name: prometheus 10 | service: nginx-prometheus-server 11 | port: 80 12 | routes: 13 | - path: / 14 | action: 15 | pass: prometheus 16 | -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/lab5/nginx-fips-logging.yaml: -------------------------------------------------------------------------------- 1 | # Nginx FIPS Logging for NIC 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: nginx-config 6 | namespace: nginx-ingress 7 | data: 8 | log-format: '$remote_addr [$time_local] "$request" $status $body_bytes_sent rn="$resource_name" "$resource_namespace" svc="$service" ua=“$upstream_addr” sslid="$ssl_session_id" sslpr="$ssl_protocol" sslci="$ssl_cipher"' 9 | -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/alpine-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/alpine-icon.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/azure-aks-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/azure-aks-icon.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/kubernetes-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/kubernetes-icon.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/lab5_nginx-fips-azure.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/lab5_nginx-fips-azure.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/nginx-ingress-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/nginx-ingress-icon.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/nginx-plus-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/nginx-plus-icon.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/nicworkshop-banner copy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/nicworkshop-banner copy.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/nicworkshop-banner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/nicworkshop-banner.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/openssl_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/openssl_logo.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/tls-cipher-suite.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/tls-cipher-suite.png -------------------------------------------------------------------------------- /labs/networking/F5NGINX/Azure/labs/media/vs-code-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/F5NGINX/Azure/labs/media/vs-code-icon.png -------------------------------------------------------------------------------- /labs/networking/README.md: -------------------------------------------------------------------------------- 1 | # Lab: Networking 2 | 3 | This section contains a number of labs related to Networking decisions that are made when doing Production deployments of Kubernetes. They are each self-contained labs meaning you do not have to do one before another. 4 | 5 | ## Prerequisites 6 | 7 | * Complete previous labs: 8 | * [Azure Kubernetes Service](../create-aks-cluster/README.md) 9 | * [Build Application Components in Azure Container Registry](../build-application/README.md) 10 | * [Helm Setup and Deploy Application](../helm-setup-deploy/README.md) 11 | 12 | ## Labs 13 | 14 | 1. [Configure Ingress Controller](ingress/README.md) 15 | 2. [AKS Network Policies](network-policy/README.md) 16 | 3. [Calico lab exercise](calico-lab-exercise/README.md) 17 | 18 | ## Troubleshooting / Debugging 19 | 20 | 21 | ## Docs / References 22 | 23 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/10-security-controls/allow-kube-dns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkPolicy 3 | metadata: 4 | name: platform.allow-kube-dns 5 | spec: 6 | # requires platform tier to exist 7 | tier: platform 8 | order: 2000 9 | selector: all() 10 | types: 11 | - Egress 12 | egress: 13 | - action: Allow 14 | protocol: UDP 15 | source: {} 16 | destination: 17 | selector: "k8s-app == 'kube-dns'" 18 | ports: 19 | - '53' 20 | - action: Pass 21 | source: {} 22 | destination: {} 23 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/10-security-controls/default-allow-kube-dns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkPolicy 3 | metadata: 4 | name: allow-kube-dns 5 | spec: 6 | order: 0 7 | types: 8 | - Egress 9 | egress: 10 | - action: Allow 11 | protocol: UDP 12 | source: {} 13 | destination: 14 | selector: "k8s-app == 'kube-dns'" 15 | ports: 16 | - '53' 17 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/10-security-controls/default-deny.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkPolicy 3 | metadata: 4 | name: default-deny 5 | spec: 6 | selector: "projectcalico.org/namespace in {'dev','default'}" 7 | types: 8 | - Ingress 9 | - Egress 10 | egress: 11 | # allow all namespaces to communicate to DNS pods 12 | - action: Allow 13 | protocol: UDP 14 | destination: 15 | selector: 'k8s-app == "kube-dns"' 16 | ports: 17 | - 53 18 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/10-security-controls/feodo-block-policy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: projectcalico.org/v3 3 | kind: GlobalNetworkPolicy 4 | metadata: 5 | name: security.block-feodo 6 | spec: 7 | tier: security 8 | order: 210 9 | selector: all() 10 | types: 11 | - Egress 12 | egress: 13 | - action: Deny 14 | destination: 15 | selector: threatfeed == 'feodo' 16 | - action: Pass 17 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/10-security-controls/feodotracker.threatfeed.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalThreatFeed 3 | metadata: 4 | name: feodo-tracker 5 | spec: 6 | pull: 7 | http: 8 | url: https://feodotracker.abuse.ch/downloads/ipblocklist.txt 9 | globalNetworkSet: 10 | labels: 11 | threatfeed: feodo -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/10-security-controls/staged.default-deny.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: StagedGlobalNetworkPolicy 3 | metadata: 4 | name: default-deny 5 | spec: 6 | order: 2000 7 | selector: "projectcalico.org/namespace in {'dev','default'}" 8 | types: 9 | - Ingress 10 | - Egress 11 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/allow-busybox.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: NetworkPolicy 3 | metadata: 4 | name: allow-busybox 5 | namespace: calico-demo 6 | spec: 7 | selector: app == 'porter' 8 | types: 9 | - Ingress 10 | ingress: 11 | - action: Allow 12 | protocol: TCP 13 | source: 14 | selector: app == 'busybox' 15 | - action: Allow 16 | protocol: TCP 17 | source: 18 | selector: app == 'pwsh' -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/allow-ip-access.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkPolicy 3 | metadata: 4 | name: allow-ip-access 5 | spec: 6 | selector: (app == "netshoot" && projectcalico.org/namespace == "dev") 7 | order: 0 8 | types: 9 | - Egress 10 | egress: 11 | - action: Allow 12 | destination: 13 | selector: ip-allow-list == 'true' 14 | 15 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/centos-to-frontend.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: projectcalico.org/v3 3 | kind: NetworkPolicy 4 | metadata: 5 | name: platform.centos-to-frontend 6 | namespace: dev 7 | spec: 8 | tier: platform 9 | order: 100 10 | selector: app == "centos" 11 | types: 12 | - Egress 13 | egress: 14 | - action: Allow 15 | protocol: UDP 16 | destination: 17 | selector: k8s-app == "kube-dns" 18 | namespaceSelector: projectcalico.org/name == "kube-system" 19 | ports: 20 | - 53 21 | - action: Allow 22 | protocol: TCP 23 | source: {} 24 | destination: 25 | selector: app == "frontend" 26 | namespaceSelector: projectcalico.org/name == "default" 27 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/default-centos-to-frontend.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: projectcalico.org/v3 3 | kind: NetworkPolicy 4 | metadata: 5 | name: centos-to-frontend 6 | namespace: dev 7 | spec: 8 | order: 90 9 | selector: app == "centos" 10 | types: 11 | - Egress 12 | egress: 13 | - action: Allow 14 | protocol: TCP 15 | source: {} 16 | destination: 17 | selector: app == "frontend" 18 | namespaceSelector: projectcalico.org/name == "default" 19 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/deny-nginx.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: NetworkPolicy 3 | metadata: 4 | name: deny-nginx 5 | namespace: calico-demo 6 | spec: 7 | selector: app == 'nginx' 8 | types: 9 | - Ingress 10 | ingress: 11 | - action: Deny 12 | protocol: TCP 13 | source: 14 | selector: app == 'pwsh' 15 | - action: Allow 16 | protocol: TCP 17 | source: 18 | selector: app == 'busybox' -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/dns-policy.netset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkPolicy 3 | metadata: 4 | name: security.allow-ms-access 5 | spec: 6 | tier: security 7 | selector: (app == "centos" && projectcalico.org/namespace == "dev") 8 | order: 200 9 | types: 10 | - Egress 11 | egress: 12 | - action: Allow 13 | protocol: UDP 14 | source: {} 15 | destination: 16 | ports: 17 | - '53' 18 | - action: Allow 19 | source: 20 | selector: app == 'centos' 21 | destination: 22 | selector: type == "external-apis" 23 | - action: Pass 24 | source: {} 25 | destination: {} -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/dns-policy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkPolicy 3 | metadata: 4 | name: security.allow-twilio-access 5 | spec: 6 | # requires security tier 7 | tier: security 8 | selector: (app == "centos" && projectcalico.org/namespace == "dev") 9 | order: 200 10 | types: 11 | - Egress 12 | egress: 13 | - action: Allow 14 | protocol: UDP 15 | source: {} 16 | destination: 17 | ports: 18 | - '53' 19 | - action: Allow 20 | source: 21 | selector: app == 'centos' 22 | destination: 23 | domains: 24 | - '*.twilio.com' 25 | - action: Pass 26 | source: {} 27 | destination: {} 28 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/external-ips.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkSet 3 | metadata: 4 | name: external-ips 5 | labels: 6 | ip-allow-list: true 7 | spec: 8 | nets: 9 | - 8.8.8.8/32 10 | - 4.4.4.4/32 11 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/netset.external-apis.yaml: -------------------------------------------------------------------------------- 1 | kind: GlobalNetworkSet 2 | apiVersion: projectcalico.org/v3 3 | metadata: 4 | name: external-apis 5 | labels: 6 | type: external-apis 7 | spec: 8 | allowedEgressDomains: 9 | - '*.microsoft.com' 10 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/20-egress-access-controls/security.dns-policy.netset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkPolicy 3 | metadata: 4 | name: security.allow-azure-access 5 | spec: 6 | # requires security tier 7 | tier: security 8 | selector: (app == "centos" && projectcalico.org/namespace == "dev") 9 | order: 200 10 | types: 11 | - Egress 12 | egress: 13 | - action: Allow 14 | protocol: UDP 15 | source: {} 16 | destination: 17 | ports: 18 | - '53' 19 | - action: Allow 20 | destination: 21 | selector: type == "external-apis" 22 | - action: Pass 23 | source: {} 24 | destination: {} 25 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/40-compliance-reports/boutiqueshop-reports.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: projectcalico.org/v3 3 | kind: GlobalReport 4 | metadata: 5 | name: boutiqueshop-inventory 6 | labels: 7 | deployment: production 8 | spec: 9 | reportType: inventory 10 | endpoints: 11 | namespaces: 12 | names: ["default"] 13 | schedule: '*/15 * * * *' 14 | 15 | --- 16 | apiVersion: projectcalico.org/v3 17 | kind: GlobalReport 18 | metadata: 19 | name: boutiqueshop-network-access 20 | labels: 21 | deployment: production 22 | spec: 23 | reportType: network-access 24 | endpoints: 25 | namespaces: 26 | names: ["default"] 27 | schedule: '*/15 * * * *' 28 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/40-compliance-reports/cluster-reports.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: projectcalico.org/v3 3 | kind: GlobalReport 4 | metadata: 5 | name: cluster-inventory 6 | spec: 7 | reportType: inventory 8 | schedule: '*/15 * * * *' 9 | 10 | --- 11 | apiVersion: projectcalico.org/v3 12 | kind: GlobalReport 13 | metadata: 14 | name: cluster-network-access 15 | spec: 16 | reportType: network-access 17 | schedule: '*/15 * * * *' 18 | 19 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/40-compliance-reports/daily-cis-results.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalReport 3 | metadata: 4 | name: daily-cis-results 5 | labels: 6 | deployment: production 7 | spec: 8 | reportType: cis-benchmark 9 | schedule: '*/15 * * * *' 10 | ## schedule: '0 0 * * *' 11 | ##This is not daily report but every 15 mins for demo purpose 12 | cis: 13 | highThreshold: 100 14 | medThreshold: 50 15 | includeUnscoredTests: true 16 | numFailedTests: 5 -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/60-host-end-point/frontend-nodeport-access.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalNetworkPolicy 3 | metadata: 4 | name: security.frontend-nodeport-access 5 | spec: 6 | tier: security 7 | order: 100 8 | selector: host-end-point == "test" 9 | # Allow all traffic to localhost. 10 | ingress: 11 | - action: Allow 12 | destination: 13 | nets: 14 | - 127.0.0.1/32 15 | # Deny node port access only from specific CIDR. 16 | - action: Deny 17 | protocol: TCP 18 | source: 19 | nets: 20 | - ${PRV_IP} 21 | destination: 22 | ports: 23 | - 30080 24 | doNotTrack: false 25 | applyOnForward: true 26 | preDNAT: true 27 | types: 28 | - Ingress 29 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/80-packet-capture/packet-capture.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: PacketCapture 3 | metadata: 4 | name: packet-capture-frontend 5 | namespace: default 6 | spec: 7 | selector: app == "frontend" 8 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/90-anomaly-detection/ad-alerts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: GlobalAlert 3 | metadata: 4 | name: tigera.io.detector.port-scan 5 | spec: 6 | description: Port Scan detection 7 | summary: "Looks for pods in your cluster that are sending packets to one destination on multiple ports." 8 | detector: 9 | name: port_scan 10 | period: 5m0s 11 | lookback: 5m0s 12 | severity: 100 13 | type: AnomalyDetection 14 | --- -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/boutiqueshop/staged.default-deny.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: projectcalico.org/v3 2 | kind: StagedNetworkPolicy 3 | metadata: 4 | name: default-deny 5 | spec: 6 | order: 2000 7 | selector: "projectcalico.org/namespace == 'default'" 8 | types: 9 | - Ingress 10 | - Egress 11 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/dev/policies.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.k8s.io/v1 3 | kind: NetworkPolicy 4 | metadata: 5 | name: nginx 6 | namespace: dev 7 | spec: 8 | podSelector: 9 | matchLabels: 10 | app: nginx 11 | ingress: 12 | - from: 13 | - namespaceSelector: 14 | matchLabels: 15 | compliance: open 16 | policyTypes: 17 | - Ingress 18 | 19 | --- 20 | apiVersion: networking.k8s.io/v1 21 | kind: NetworkPolicy 22 | metadata: 23 | name: centos 24 | namespace: dev 25 | spec: 26 | podSelector: 27 | matchLabels: 28 | app: centos 29 | egress: 30 | - to: 31 | - podSelector: 32 | matchLabels: 33 | app: nginx 34 | policyTypes: 35 | - Egress 36 | 37 | --- 38 | 39 | apiVersion: networking.k8s.io/v1 40 | kind: NetworkPolicy 41 | metadata: 42 | name: netshoot 43 | namespace: dev 44 | spec: 45 | podSelector: 46 | matchLabels: 47 | app: netshoot 48 | egress: 49 | - {} 50 | policyTypes: 51 | - Egress -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/tiers/tiers.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: projectcalico.org/v3 3 | kind: Tier 4 | metadata: 5 | name: security 6 | spec: 7 | order: 400 8 | 9 | --- 10 | apiVersion: projectcalico.org/v3 11 | kind: Tier 12 | metadata: 13 | name: platform 14 | spec: 15 | order: 500 16 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/win-demo/linux-pods.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: calico-demo 6 | 7 | --- 8 | 9 | apiVersion: v1 10 | kind: Pod 11 | metadata: 12 | labels: 13 | app: busybox 14 | name: busybox 15 | namespace: calico-demo 16 | spec: 17 | containers: 18 | - args: 19 | - /bin/sh 20 | - -c 21 | - sleep 360000 22 | image: busybox:1.28 23 | imagePullPolicy: Always 24 | name: busybox 25 | nodeSelector: 26 | kubernetes.io/os: linux 27 | 28 | --- 29 | 30 | apiVersion: v1 31 | kind: Pod 32 | metadata: 33 | labels: 34 | app: nginx 35 | name: nginx 36 | namespace: calico-demo 37 | spec: 38 | containers: 39 | - name: nginx 40 | image: nginx:1.8 41 | ports: 42 | - containerPort: 80 43 | nodeSelector: 44 | kubernetes.io/os: linux -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/demo/win-demo/win-pods.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: pwsh 5 | namespace: calico-demo 6 | labels: 7 | app: pwsh 8 | spec: 9 | containers: 10 | - name: pwsh 11 | image: mcr.microsoft.com/windows/servercore:1809 12 | args: 13 | - powershell.exe 14 | - -Command 15 | - "Start-Sleep 360000" 16 | imagePullPolicy: IfNotPresent 17 | nodeSelector: 18 | kubernetes.io/os: windows 19 | 20 | --- 21 | 22 | 23 | apiVersion: v1 24 | kind: Pod 25 | metadata: 26 | name: porter 27 | namespace: calico-demo 28 | labels: 29 | app: porter 30 | spec: 31 | containers: 32 | - name: porter 33 | image: calico/porter:1809 34 | ports: 35 | - containerPort: 80 36 | env: 37 | - name: SERVE_PORT_80 38 | value: This is a Calico for Windows demo. 39 | imagePullPolicy: IfNotPresent 40 | nodeSelector: 41 | kubernetes.io/os: windows 42 | 43 | -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/add-DNS-in-networkset.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/add-DNS-in-networkset.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/alerts-view.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/alerts-view.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/anomaly-detection-alert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/anomaly-detection-alert.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/anomaly-detection-config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/anomaly-detection-config.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/calico-cloud-login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/calico-cloud-login.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/calico-cloud-registering.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/calico-cloud-registering.gif -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/calico-on-aks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/calico-on-aks.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/choose-aks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/choose-aks.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/cloudshell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/cloudshell.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/cluster-selection.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/cluster-selection.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/compliance-report.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/compliance-report.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/connect-cluster.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/connect-cluster.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/create-dns-policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/create-dns-policy.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/dashboard-default-deny.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/dashboard-default-deny.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/dashboard-overall-view.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/dashboard-overall-view.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/default-centos-to-frontend.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/default-centos-to-frontend.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/demo-diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/demo-diagram.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/dns-alert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/dns-alert.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/dns-network-set.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/dns-network-set.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/dns-policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/dns-policy.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/download-packet-capture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/download-packet-capture.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/download.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/download.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/drop-down-menu.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/drop-down-menu.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/edit-policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/edit-policy.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/endpoints-view.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/endpoints-view.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/expand-menu.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/expand-menu.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/flow-viz.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/flow-viz.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/frontend-packet-capture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/frontend-packet-capture.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/get-start.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/get-start.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/global-default-deny.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/global-default-deny.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/global-network-set.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/global-network-set.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/hep-policy-networkset.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/hep-policy-networkset.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/hep-policy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/hep-policy.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/hep-service-graph.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/hep-service-graph.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/honeypod-threat-alert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/honeypod-threat-alert.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/initiate-pc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/initiate-pc.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/kibana-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/kibana-dashboard.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/kibana-flow-logs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/kibana-flow-logs.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/managed-cluster.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/managed-cluster.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/network-set-grid.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/network-set-grid.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/networkset-hep-flowlog.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/networkset-hep-flowlog.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/networkset-hep.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/networkset-hep.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/packet-capture-ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/packet-capture-ui.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/policies-board-stats.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/policies-board-stats.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/policies-board.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/policies-board.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/redis-pcap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/redis-pcap.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/schedule-packet-capture-job.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/schedule-packet-capture-job.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/schedule-packet-capture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/schedule-packet-capture.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/script.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/script.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/select-ep.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/select-ep.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/selecting-cluster.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/selecting-cluster.gif -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/service-graph-default.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/service-graph-default.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/service-graph-l7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/service-graph-l7.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/service-graph-node.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/service-graph-node.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/service-graph-top-level.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/service-graph-top-level.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/staged-default-deny.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/staged-default-deny.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/test-packet-capture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/test-packet-capture.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/timeline-view.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/timeline-view.png -------------------------------------------------------------------------------- /labs/networking/calico-lab-exercise/modules/img/windows-demo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/calico-lab-exercise/modules/img/windows-demo.png -------------------------------------------------------------------------------- /labs/networking/ingress/app-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: hello-world-ingress 5 | annotations: 6 | kubernetes.io/ingress.class: nginx 7 | certmanager.k8s.io/cluster-issuer: letsencrypt-aks 8 | nginx.ingress.kubernetes.io/rewrite-target: / 9 | spec: 10 | tls: 11 | - hosts: 12 | - .eastus.cloudapp.azure.com 13 | secretName: tls-secret 14 | rules: 15 | - host: .eastus.cloudapp.azure.com 16 | http: 17 | paths: 18 | - path: / 19 | backend: 20 | serviceName: service-tracker-ui 21 | servicePort: 8080 -------------------------------------------------------------------------------- /labs/networking/ingress/certificate.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: Certificate 3 | metadata: 4 | name: tls-secret 5 | spec: 6 | secretName: tls-secret 7 | dnsNames: 8 | - .eastus.cloudapp.azure.com 9 | acme: 10 | config: 11 | - http01: 12 | ingressClass: nginx 13 | domains: 14 | - .eastus.cloudapp.azure.com 15 | issuerRef: 16 | name: letsencrypt-aks 17 | kind: ClusterIssuer -------------------------------------------------------------------------------- /labs/networking/ingress/cluster-issuer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: ClusterIssuer 3 | metadata: 4 | name: letsencrypt-aks 5 | spec: 6 | acme: 7 | server: https://acme-v02.api.letsencrypt.org/directory 8 | email: user@contoso.com 9 | privateKeySecretRef: 10 | name: letsencrypt-aks 11 | http01: {} -------------------------------------------------------------------------------- /labs/networking/ingress/configure-publicip-dns.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Public IP address 4 | IP="40.121.18.237" 5 | 6 | # Name to associate with public IP address 7 | DNSNAME=$UNIQUE_SUFFIX 8 | 9 | # Get the resource-id of the public ip 10 | PUBLICIPID=$(az network public-ip list --query "[?ipAddress!=null]|[?contains(ipAddress, '$IP')].[id]" --output tsv) 11 | 12 | # Update public ip address with dns name 13 | az network public-ip update --ids $PUBLICIPID --dns-name $DNSNAME 14 | -------------------------------------------------------------------------------- /labs/networking/ingress/service-tracker-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: service-tracker-ingress 5 | annotations: 6 | kubernetes.io/ingress.class: nginx 7 | nginx.ingress.kubernetes.io/rewrite-target: / 8 | spec: 9 | tls: 10 | - hosts: 11 | - brian13270.eastus.cloudapp.azure.com 12 | secretName: aks-ingress-tls 13 | rules: 14 | - host: brian13270.eastus.cloudapp.azure.com 15 | http: 16 | paths: 17 | - path: / 18 | backend: 19 | serviceName: service-tracker-ui 20 | servicePort: 8080 21 | -------------------------------------------------------------------------------- /labs/networking/network-policy/allow-default-namespace-with-egress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: np-allow-default-namespace-egress 5 | namespace: hackfest 6 | spec: 7 | podSelector: {} 8 | ingress: 9 | - from: 10 | - namespaceSelector: 11 | matchLabels: 12 | project: default 13 | egress: 14 | - {} 15 | policyTypes: 16 | - Egress -------------------------------------------------------------------------------- /labs/networking/network-policy/allow-default-namespace-with-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: np-allow-default-namespace-ingress 5 | namespace: hackfest 6 | spec: 7 | podSelector: 8 | matchLabels: 9 | app: service-tracker-ui 10 | ingress: 11 | - from: [] 12 | egress: 13 | - {} 14 | policyTypes: 15 | - Egress -------------------------------------------------------------------------------- /labs/networking/network-policy/allow-default-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: np-allow-default-namespace 5 | namespace: hackfest 6 | spec: 7 | podSelector: {} 8 | ingress: 9 | - from: 10 | - namespaceSelector: 11 | matchLabels: 12 | project: default 13 | egress: 14 | - to: 15 | - namespaceSelector: 16 | matchLabels: 17 | project: default -------------------------------------------------------------------------------- /labs/networking/network-policy/block-access-to-data-api.yaml: -------------------------------------------------------------------------------- 1 | kind: NetworkPolicy 2 | apiVersion: networking.k8s.io/v1 3 | metadata: 4 | name: data-api-policy 5 | namespace: hackfest 6 | spec: 7 | podSelector: 8 | matchLabels: 9 | app: data-api 10 | ingress: [] -------------------------------------------------------------------------------- /labs/networking/network-policy/deny-all.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: np-default-deny 5 | namespace: hackfest 6 | spec: 7 | podSelector: {} 8 | policyTypes: 9 | - Ingress 10 | - Egress -------------------------------------------------------------------------------- /labs/networking/network-policy/fix-access-data-api.yaml: -------------------------------------------------------------------------------- 1 | kind: NetworkPolicy 2 | apiVersion: networking.k8s.io/v1 3 | metadata: 4 | name: data-api-policy 5 | namespace: hackfest 6 | spec: 7 | podSelector: 8 | matchLabels: 9 | app: data-api 10 | ingress: 11 | - from: 12 | - namespaceSelector: {} 13 | podSelector: 14 | matchLabels: 15 | app: flights-api -------------------------------------------------------------------------------- /labs/networking/network-policy/fix-access-namespace.yaml: -------------------------------------------------------------------------------- 1 | kind: NetworkPolicy 2 | apiVersion: networking.k8s.io/v1 3 | metadata: 4 | name: data-api-policy 5 | namespace: hackfest 6 | spec: 7 | podSelector: 8 | matchLabels: 9 | app: data-api 10 | ingress: 11 | - from: 12 | - namespaceSelector: 13 | matchLabels: 14 | purpose: production 15 | - podSelector: 16 | matchLabels: 17 | app: flights-api 18 | - podSelector: 19 | matchLabels: 20 | app: weather-api 21 | - podSelector: 22 | matchLabels: 23 | app: quakes-api -------------------------------------------------------------------------------- /labs/networking/network-policy/img-refresh-error.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/networking/network-policy/img-refresh-error.png -------------------------------------------------------------------------------- /labs/networking/network-policy/kube-router-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: nodeclient 5 | namespace: kube-system 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1beta1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: nodeclient 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: cluster-admin 15 | subjects: 16 | - kind: User 17 | name: nodeclient 18 | namespace: kube-system 19 | -------------------------------------------------------------------------------- /labs/paas/otomi/.gitignore: -------------------------------------------------------------------------------- 1 | # Misc 2 | .history/ -------------------------------------------------------------------------------- /labs/paas/otomi/1_create_aks_cluster/img-cloud-shell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/paas/otomi/1_create_aks_cluster/img-cloud-shell.png -------------------------------------------------------------------------------- /labs/paas/otomi/otomi-console.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/paas/otomi/otomi-console.png -------------------------------------------------------------------------------- /labs/scaling/hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autoscaling/v1 2 | kind: HorizontalPodAutoscaler 3 | metadata: 4 | name: service-tracker-ui 5 | spec: 6 | scaleTargetRef: 7 | apiVersion: apps/v1 8 | kind: Deployment 9 | name: service-tracker-ui 10 | minReplicas: 5 11 | maxReplicas: 10 12 | targetCPUUtilizationPercentage: 50 -------------------------------------------------------------------------------- /labs/security/README.md: -------------------------------------------------------------------------------- 1 | # Labs: Security 2 | 3 | This section contains a number of labs related to securing the AKS cluster. 4 | 5 | ## Prerequisites 6 | 7 | * These labs are each self-contained, meaning you do not have to do one before another. 8 | 9 | * In theory, these are standalone but we recommend completing these labs prior to working on these. 10 | * [Azure Kubernetes Service](../create-aks-cluster/README.md) 11 | * [Build Application Components in Azure Container Registry](../build-application/README.md) 12 | * [Helm Setup and Deploy Application](../helm-setup-deploy/README.md) 13 | 14 | ## Options 15 | 16 | 1. [Azure AD Integration with AKS](create-rbacwithazuread-cluster/README.md) 17 | 2. [Securing Helm/Tiller](secure-tiller/README.md) 18 | 19 | ## Troubleshooting / Debugging 20 | 21 | 22 | ## Docs / References 23 | 24 | * [Docs: Integrate Azure Active Directory with Azure Kubernetes Service](https://docs.microsoft.com/en-us/azure/aks/aad-integration) 25 | -------------------------------------------------------------------------------- /labs/security/create-rbacwithazuread-cluster/aksrbac-clusteradmin.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: aksrbac-cluster-admins 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - apiGroup: rbac.authorization.k8s.io 11 | kind: User 12 | name: "aksadmin@.onmicrosoft.com" -------------------------------------------------------------------------------- /labs/security/create-rbacwithazuread-cluster/aksrbac-viewdefault.yaml: -------------------------------------------------------------------------------- 1 | kind: Role 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | metadata: 4 | namespace: default 5 | name: default-reader 6 | rules: 7 | - apiGroups: [""] 8 | resources: ["pods", "services", "endpoints", "persistentvolumeclaims", "serviceaccounts", "configmaps"] 9 | verbs: ["get", "list", "watch"] 10 | - apiGroups: ["apps"] 11 | resources: ["deployments", "replicasets", "statefulsets", "daemonsets"] 12 | verbs: ["get", "list", "watch"] 13 | --- 14 | apiVersion: rbac.authorization.k8s.io/v1 15 | kind: RoleBinding 16 | metadata: 17 | name: khaksrbac-viewdefault 18 | roleRef: 19 | apiGroup: rbac.authorization.k8s.io 20 | kind: Role 21 | name: default-reader 22 | subjects: 23 | - apiGroup: rbac.authorization.k8s.io 24 | kind: User 25 | name: "aksuser@.onmicrosoft.com" 26 | -------------------------------------------------------------------------------- /labs/security/create-rbacwithazuread-cluster/img-create-azuread.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/security/create-rbacwithazuread-cluster/img-create-azuread.png -------------------------------------------------------------------------------- /labs/security/create-rbacwithazuread-cluster/img-new-azuread.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/security/create-rbacwithazuread-cluster/img-new-azuread.png -------------------------------------------------------------------------------- /labs/security/create-rbacwithazuread-cluster/img-select-azuread.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/security/create-rbacwithazuread-cluster/img-select-azuread.png -------------------------------------------------------------------------------- /labs/security/secure-tiller/openssl-with-ca.cnf: -------------------------------------------------------------------------------- 1 | [ req ] 2 | #default_bits = 2048 3 | #default_md = sha256 4 | #default_keyfile = privkey.pem 5 | distinguished_name = req_distinguished_name 6 | attributes = req_attributes 7 | 8 | [ req_distinguished_name ] 9 | countryName = Country Name (2 letter code) 10 | countryName_min = 2 11 | countryName_max = 2 12 | stateOrProvinceName = State or Province Name (full name) 13 | localityName = Locality Name (eg, city) 14 | 0.organizationName = Organization Name (eg, company) 15 | organizationalUnitName = Organizational Unit Name (eg, section) 16 | commonName = Common Name (eg, fully qualified host name) 17 | commonName_max = 64 18 | emailAddress = Email Address 19 | emailAddress_max = 64 20 | 21 | [ req_attributes ] 22 | challengePassword = A challenge password 23 | challengePassword_min = 4 24 | challengePassword_max = 20 25 | 26 | [ v3_ca ] 27 | basicConstraints = critical,CA:TRUE 28 | subjectKeyIdentifier = hash 29 | authorityKeyIdentifier = keyid:always,issuer:always 30 | -------------------------------------------------------------------------------- /labs/security/secure-tiller/tiller-rbac-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: tiller 5 | namespace: dev 6 | --- 7 | kind: Role 8 | apiVersion: rbac.authorization.k8s.io/v1beta1 9 | metadata: 10 | name: tiller-manager 11 | namespace: dev 12 | rules: 13 | - apiGroups: ["", "extensions", "apps"] 14 | resources: ["*"] 15 | verbs: ["*"] 16 | --- 17 | apiVersion: rbac.authorization.k8s.io/v1beta1 18 | kind: RoleBinding 19 | metadata: 20 | name: tiller-binding 21 | namespace: dev 22 | roleRef: 23 | apiGroup: rbac.authorization.k8s.io 24 | kind: Role 25 | name: tiller-manager 26 | subjects: 27 | - kind: ServiceAccount 28 | name: tiller 29 | namespace: dev -------------------------------------------------------------------------------- /labs/service-broker/README.md: -------------------------------------------------------------------------------- 1 | # Lab: Working with Online Service Broker for Azure 2 | 3 | (Coming soon) 4 | 5 | This section shows how to work with Open Service Broker for Azure (OSBA) for provisioning cloud services, such as databases, in Azure. In addition we will look at a tool from Bitnami called Kube Apps to help visualize working with the Kubernetes Service Catalog. 6 | 7 | ## Prerequisites 8 | 9 | * Complete previous labs: 10 | * [Azure Kubernetes Service](../create-aks-cluster/README.md) 11 | * [Build Application Components in Azure Container Registry](../build-application/README.md) 12 | * [Helm Setup and Deploy Application](../helm-setup-deploy/README.md) 13 | 14 | ## Instructions 15 | 16 | 1. 17 | 18 | ## Troubleshooting / Debugging 19 | 20 | 21 | 22 | ## Docs / References 23 | 24 | * [OSBA Documentation](https://github.com/azure/open-service-broker-azure) 25 | 26 | -------------------------------------------------------------------------------- /labs/servicemesh/linkerd/debug-emojivoto.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Checkout the emojivoto deployments 4 | 5 | linkerd viz stat deployment -n emojivoto 6 | 7 | # Get stats for the web service 8 | 9 | linkerd viz top -n emojivoto deploy/web 10 | 11 | # Get stats for the voting service 12 | 13 | linkerd viz top -n emojivoto deploy/voting 14 | 15 | # Tap the traffic from web to voting 16 | 17 | linkerd viz tap deployment/web -n emojivoto --to deployment/voting --path / | less 18 | 19 | # Narrow down the tap results to our problematic api call 20 | 21 | linkerd viz tap deployment/web -n emojivoto --to deployment/voting --path /emojivoto.v1.VotingService/VoteDoughnut | less 22 | 23 | # Output the tap calls as json data so you can share it with the app developer 24 | 25 | linkerd viz tap deployment/web -n emojivoto --to deployment/voting --path /emojivoto.v1.VotingService/VoteDoughnut -o json | less -------------------------------------------------------------------------------- /labs/servicemesh/linkerd/linkerd-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/servicemesh/linkerd/linkerd-dashboard.png -------------------------------------------------------------------------------- /labs/storage/README.md: -------------------------------------------------------------------------------- 1 | # Lab: Storage 2 | 3 | This section contains a number of labs related to Storage decisions that are made when doing Production deployments of Kubernetes. They are each self-contained labs meaning you do not have to do one before another. 4 | 5 | ## Prerequisites 6 | 7 | * Complete previous labs: 8 | * [Azure Kubernetes Service](../create-aks-cluster/README.md) 9 | * [Build Application Components in Azure Container Registry](../build-application/README.md) 10 | * [Helm Setup and Deploy Application](../helm-setup-deploy/README.md) 11 | 12 | ## Options 13 | 14 | 1. [Stateful Sets](statefulsets/README.md) 15 | 2. [Persistent Volume Claims](pvcs/README.md) 16 | 17 | ## Troubleshooting / Debugging 18 | 19 | * N/A 20 | 21 | ## Docs / References 22 | 23 | * N/A 24 | -------------------------------------------------------------------------------- /labs/storage/portworx/images/appio-0.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/appio-0.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/appio-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/appio-1.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/appio-2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/appio-2.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/appio-3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/appio-3.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/grafana-0.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/grafana-0.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/grafana-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/grafana-1.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/pxbbq-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/pxbbq-1.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/pxbbq-2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/pxbbq-2.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/pxbbq-3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/pxbbq-3.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/pxbbq-4.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/pxbbq-4.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/pxbbq-5.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/pxbbq-5.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/pxbbq-6.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/pxbbq-6.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/pxbbq-7.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/pxbbq-7.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/images/pxbbq-8.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/labs/storage/portworx/images/pxbbq-8.jpg -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/autopilot-postgres.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: pgbench-data 5 | labels: 6 | app: postgres 7 | spec: 8 | storageClassName: block-sc 9 | accessModes: 10 | - ReadWriteOnce 11 | resources: 12 | requests: 13 | storage: 10Gi 14 | --- 15 | kind: PersistentVolumeClaim 16 | apiVersion: v1 17 | metadata: 18 | name: pgbench-state 19 | spec: 20 | storageClassName: block-sc 21 | accessModes: 22 | - ReadWriteOnce 23 | resources: 24 | requests: 25 | storage: 1Gi -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/autopilotrule.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autopilot.libopenstorage.org/v1alpha1 2 | kind: AutopilotRule 3 | metadata: 4 | name: volume-resize 5 | spec: 6 | ##### selector filters the objects affected by this rule given labels 7 | selector: 8 | matchLabels: 9 | app: postgres 10 | ##### namespaceSelector selects the namespaces of the objects affected by this rule 11 | namespaceSelector: 12 | matchLabels: 13 | type: db 14 | ##### conditions are the symptoms to evaluate. All conditions are AND'ed 15 | conditions: 16 | # volume usage should be less than 20% 17 | expressions: 18 | - key: "100 * (px_volume_usage_bytes / px_volume_capacity_bytes)" 19 | operator: Gt 20 | values: 21 | - "20" 22 | ##### action to perform when condition is true 23 | actions: 24 | - name: openstorage.io.action.volume/resize 25 | params: 26 | # resize volume by scalepercentage of current size 27 | scalepercentage: "20" 28 | # volume capacity should not exceed 50GiB 29 | maxsize: "50Gi" -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/block-sc.yaml: -------------------------------------------------------------------------------- 1 | kind: StorageClass 2 | apiVersion: storage.k8s.io/v1 3 | metadata: 4 | name: block-sc 5 | provisioner: pxd.portworx.com 6 | parameters: 7 | repl: "3" 8 | priority_io: "high" 9 | io_profile: "auto" 10 | allowVolumeExpansion: true -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/file-sc.yaml: -------------------------------------------------------------------------------- 1 | kind: StorageClass 2 | apiVersion: storage.k8s.io/v1 3 | metadata: 4 | name: file-sc 5 | provisioner: pxd.portworx.com 6 | parameters: 7 | repl: "2" 8 | priority_io: "high" 9 | sharedv4: "true" 10 | sharedv4_svc_type: "ClusterIP" 11 | sharedv4_failover_strategy: "aggressive" -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/group-sc.yaml: -------------------------------------------------------------------------------- 1 | kind: StorageClass 2 | apiVersion: storage.k8s.io/v1 3 | metadata: 4 | name: group-sc 5 | provisioner: pxd.portworx.com 6 | parameters: 7 | repl: "2" -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/mongo-snapshot.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: volumesnapshot.external-storage.k8s.io/v1 2 | kind: VolumeSnapshot 3 | metadata: 4 | name: px-mongo-snapshot 5 | namespace: pxbbq 6 | spec: 7 | persistentVolumeClaimName: mongodb-pvc -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/mysql-groupsnapshot.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: stork.libopenstorage.org/v1alpha1 2 | kind: GroupVolumeSnapshot 3 | metadata: 4 | name: mysql-group-snapshot 5 | spec: 6 | preExecRule: mysql-presnap-rule 7 | postExecRule: mysql-postsnap-rule 8 | pvcSelector: 9 | matchLabels: 10 | app: mysql -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/mysql-postsnap-rule.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: stork.libopenstorage.org/v1alpha1 2 | kind: Rule 3 | metadata: 4 | name: mysql-postsnap-rule 5 | rules: 6 | - podSelector: 7 | app: mysql 8 | actions: 9 | - type: command 10 | value: mysql --user=root --password=password -Bse 'FLUSH LOGS; UNLOCK TABLES;' -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/mysql-presnap-rule.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: stork.libopenstorage.org/v1alpha1 2 | kind: Rule 3 | metadata: 4 | name: mysql-presnap-rule 5 | rules: 6 | - podSelector: 7 | app: mysql 8 | actions: 9 | - type: command 10 | value: mysql --user=root --password=password -Bse 'FLUSH TABLES WITH READ LOCK;system ${WAIT_CMD};' -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/namespaces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: pg1 5 | labels: 6 | type: db -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/pvc-from-snap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: px-mongo-snap-clone 5 | annotations: 6 | snapshot.alpha.kubernetes.io/snapshot: px-mongo-snapshot 7 | spec: 8 | accessModes: 9 | - ReadWriteOnce 10 | storageClassName: stork-snapshot-sc 11 | resources: 12 | requests: 13 | storage: 20Gi -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/rand-write.fio: -------------------------------------------------------------------------------- 1 | ##Random Write 4k blocksize test 2 | [global] 3 | ioengine=libaio 4 | size=20GiB 5 | name=fio-rand-write 6 | direct=1 7 | iodepth=128 8 | numjobs=1 9 | group_reporting=1 10 | ##----layout file------- 11 | [4k-init-write] 12 | blocksize=4k 13 | filename=/dataset/fio.dat 14 | readwrite=randwrite 15 | end_fsync=1 16 | ##----Begin 4k tests------- 17 | [4k-rand-write] 18 | stonewall 19 | blocksize=4k 20 | filename=/dataset/fio.dat 21 | readwrite=randwrite 22 | end_fsync=1 -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/recoverpv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | annotations: 5 | pv.kubernetes.io/provisioned-by: pxd.portworx.com 6 | finalizers: 7 | - kubernetes.io/pv-protection 8 | name: pvc-restoredvol 9 | spec: 10 | capacity: 11 | storage: 5Gi 12 | claimRef: 13 | apiVersion: v1 14 | kind: PersistentVolumeClaim 15 | name: mongodb-pvc 16 | namespace: trashcan 17 | accessModes: 18 | - ReadWriteOnce 19 | storageClassName: trash-sc 20 | persistentVolumeReclaimPolicy: Retain 21 | portworxVolume: 22 | volumeID: "$TCVolId" -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/sharedpvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: px-sharedv4-pvc 5 | annotations: 6 | volume.beta.kubernetes.io/storage-class: file-sc 7 | spec: 8 | accessModes: 9 | - ReadWriteMany 10 | resources: 11 | requests: 12 | storage: 10Gi -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/trash-sc.yaml: -------------------------------------------------------------------------------- 1 | kind: StorageClass 2 | apiVersion: storage.k8s.io/v1 3 | metadata: 4 | name: trash-sc 5 | provisioner: pxd.portworx.com 6 | reclaimPolicy: Delete 7 | parameters: 8 | repl: "2" 9 | allowVolumeExpansion: true -------------------------------------------------------------------------------- /labs/storage/portworx/yaml/wrapuplab.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | kubectl exec -it $PX_POD -n portworx -- /opt/pwx/bin/pxctl cluster options update --volume-expiration-minutes 0 4 | 5 | kubectl delete -f busyboxpod.yaml -n sharedservice 6 | kubectl delete -f sharedpvc.yaml -n sharedservice 7 | kubectl delete ns sharedservice 8 | kubectl delete -f mysql-app.yaml -n mysql 9 | kubectl delete -f restoregrouppvc.yaml -n mysql 10 | kubectl delete -f mysql-groupsnapshot.yaml -n mysql 11 | kubectl delete -f mysql-restore-app.yaml -n mysql 12 | kubectl delete -f mongo-snapshot.yaml 13 | kubectl delete -f pxbbq-mongo-restore.yaml -n pxbbq 14 | kubectl delete -f pxbbq-frontend.yaml -n pxbbq 15 | kubectl delete ns pxbbq 16 | kubectl delete ns mysql 17 | 18 | kubectl delete -f autopilot-app.yaml -n pg1 19 | kubectl delete -f autopilot-postgres.yaml -n pg1 20 | kubectl delete -f autopilotrule.yaml 21 | kubectl delete -f namespaces.yaml 22 | 23 | kubectl delete -f pxbbq-frontend-tc.yaml 24 | kubectl delete -f pxbbq-mongo-tc.yaml 25 | kubectl delete ns trashcan 26 | 27 | -------------------------------------------------------------------------------- /labs/storage/pvcs/README.md: -------------------------------------------------------------------------------- 1 | # Lab: Persistent Volume Claims 2 | 3 | Coming soon. 4 | 5 | ## Prerequisites 6 | 7 | * Complete previous labs: 8 | * [Azure Kubernetes Service](../create-aks-cluster/README.md) 9 | * [Build Application Components in Azure Container Registry](../build-application/README.md) 10 | * [Helm Setup and Deploy Application](../helm-setup-deploy/README.md) 11 | 12 | ## Instructions 13 | 14 | 1. ? 15 | 16 | ## Troubleshooting / Debugging 17 | 18 | * 19 | 20 | ## Docs / References 21 | 22 | * -------------------------------------------------------------------------------- /slides/Kubernetes Hackfest - March 2020.pptx.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/kubernetes-hackfest/7cb7e06c8348f4a8db596945023fd18065afc71a/slides/Kubernetes Hackfest - March 2020.pptx.zip --------------------------------------------------------------------------------