├── README.md
├── apps
├── demo1
│ ├── .gitkeep
│ └── bgd
│ │ ├── base
│ │ ├── bgd-deployment.yaml
│ │ ├── bgd-route.yaml
│ │ ├── bgd-svc.yaml
│ │ └── kustomization.yaml
│ │ └── overlays
│ │ ├── bgd
│ │ ├── bgd-deployment.yaml
│ │ ├── bgd-ns.yaml
│ │ ├── bgd-route.yaml
│ │ └── bgd-svc.yaml
│ │ └── bgdk
│ │ ├── bgdk-ns.yaml
│ │ └── kustomization.yaml
├── demo2
│ ├── .gitkeep
│ └── todo
│ │ ├── postgres-create-table.yaml
│ │ ├── postgres-deployment.yaml
│ │ ├── postgres-service.yaml
│ │ ├── todo-deployment.yaml
│ │ ├── todo-insert-data.yaml
│ │ ├── todo-namespace.yaml
│ │ └── todo-service.yaml
├── demo3
│ ├── .gitkeep
│ ├── dev-env
│ │ ├── apps
│ │ │ └── dev-httpbin-app
│ │ │ │ ├── httpbin-deploy.yaml
│ │ │ │ ├── httpbin-ns.yaml
│ │ │ │ ├── httpbin-sa.yaml
│ │ │ │ ├── httpbin-svc.yaml
│ │ │ │ └── kustomization.yaml
│ │ ├── baseline
│ │ │ ├── compute-quota.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── mem-limit-range.yaml
│ │ │ ├── netpol-deny-other-ns.yaml
│ │ │ ├── object-counts-quota.yaml
│ │ │ └── storage-class-quota.yaml
│ │ └── namespaces
│ │ │ ├── dev-project-001
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── rolebinding.yaml
│ │ │ └── storage-class-quota.yaml
│ │ │ ├── dev-project-002
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── netpol-allow-ingress.yaml
│ │ │ ├── netpol-allow-monitoring.yaml
│ │ │ └── rolebinding.yaml
│ │ │ └── dev-project-003
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ └── rolebinding.yaml
│ ├── prod-env
│ │ ├── apps
│ │ │ └── prod-pacman-app
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── mongo-deployment.yaml
│ │ │ │ ├── mongo-pvc.yaml
│ │ │ │ ├── mongo-service.yaml
│ │ │ │ ├── pacman-deployment.yaml
│ │ │ │ ├── pacman-ns.yaml
│ │ │ │ └── pacman-service.yaml
│ │ ├── baseline
│ │ │ ├── compute-quota.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── mem-limit-range.yaml
│ │ │ ├── netpol-deny-other-ns.yaml
│ │ │ ├── object-counts-quota.yaml
│ │ │ └── storage-class-quota.yaml
│ │ └── namespaces
│ │ │ ├── prod-project-001
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── netpol-allow-ingress.yaml
│ │ │ ├── netpol-allow-monitoring.yaml
│ │ │ └── rolebinding.yaml
│ │ │ ├── prod-project-002
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── netpol-allow-ingress.yaml
│ │ │ ├── netpol-allow-monitoring.yaml
│ │ │ └── rolebinding.yaml
│ │ │ └── prod-project-003
│ │ │ ├── kustomization.yaml
│ │ │ ├── namespace.yaml
│ │ │ ├── netpol-allow-ingress.yaml
│ │ │ ├── netpol-allow-monitoring.yaml
│ │ │ └── rolebinding.yaml
│ └── staging-env
│ │ ├── apps
│ │ └── staging-parksmap-app
│ │ │ ├── kustomization.yaml
│ │ │ ├── parksmap-deployment.yaml
│ │ │ ├── parksmap-ns.yaml
│ │ │ ├── parksmap-route.yaml
│ │ │ └── parksmap-svc.yaml
│ │ ├── baseline
│ │ ├── compute-quota.yaml
│ │ ├── kustomization.yaml
│ │ ├── mem-limit-range.yaml
│ │ ├── netpol-deny-other-ns.yaml
│ │ ├── object-counts-quota.yaml
│ │ └── storage-class-quota.yaml
│ │ └── namespaces
│ │ ├── staging-project-001
│ │ ├── kustomization.yaml
│ │ ├── namespace.yaml
│ │ ├── netpol-allow-ingress.yaml
│ │ ├── netpol-allow-monitoring.yaml
│ │ └── rolebinding.yaml
│ │ ├── staging-project-002
│ │ ├── kustomization.yaml
│ │ ├── namespace.yaml
│ │ ├── netpol-allow-ingress.yaml
│ │ ├── netpol-allow-monitoring.yaml
│ │ └── rolebinding.yaml
│ │ └── staging-project-003
│ │ ├── kustomization.yaml
│ │ ├── namespace.yaml
│ │ ├── netpol-allow-ingress.yaml
│ │ ├── netpol-allow-monitoring.yaml
│ │ └── rolebinding.yaml
├── demo4
│ ├── .gitkeep
│ └── base
│ │ ├── kustomization.yaml
│ │ ├── welcome-app-deployment.yaml
│ │ ├── welcome-app-namespace.yaml
│ │ └── welcome-app-svc.yaml
├── demo5
│ ├── .gitkeep
│ ├── dev-env
│ │ └── base
│ │ │ ├── kustomization.yaml
│ │ │ ├── welcome-app-deployment.yaml
│ │ │ ├── welcome-app-namespace.yaml
│ │ │ └── welcome-app-svc.yaml
│ ├── prod-env
│ │ ├── base
│ │ │ ├── kustomization.yaml
│ │ │ ├── welcome-app-deployment.yaml
│ │ │ ├── welcome-app-namespace.yaml
│ │ │ └── welcome-app-svc.yaml
│ │ └── overlays
│ │ │ ├── deployment.yaml
│ │ │ └── kustomization.yaml
│ └── staging-env
│ │ ├── base
│ │ ├── kustomization.yaml
│ │ ├── welcome-app-deployment.yaml
│ │ ├── welcome-app-namespace.yaml
│ │ └── welcome-app-svc.yaml
│ │ └── overlays
│ │ ├── deployment.yaml
│ │ └── kustomization.yaml
└── demo6
│ ├── base
│ ├── kustomization.yaml
│ ├── welcome-app-deployment.yaml
│ ├── welcome-app-namespace.yaml
│ └── welcome-app-svc.yaml
│ ├── envs
│ ├── dev-gpu
│ │ ├── deployment.yaml
│ │ ├── kustomization.yaml
│ │ ├── replicas.yaml
│ │ └── version.yaml
│ ├── dev-nogpu
│ │ ├── deployment.yaml
│ │ ├── kustomization.yaml
│ │ └── version.yaml
│ ├── prod-eu
│ │ ├── deployment.yaml
│ │ ├── kustomization.yaml
│ │ └── version.yaml
│ ├── prod-us
│ │ ├── deployment.yaml
│ │ ├── kustomization.yaml
│ │ └── version.yaml
│ ├── staging-eu
│ │ ├── deployment.yaml
│ │ ├── kustomization.yaml
│ │ └── version.yaml
│ └── staging-us
│ │ ├── deployment.yaml
│ │ ├── kustomization.yaml
│ │ └── version.yaml
│ └── variants
│ ├── eu
│ ├── kustomization.yaml
│ └── region.yaml
│ └── us
│ ├── kustomization.yaml
│ └── region.yaml
├── demo.sh
├── demos
├── bootstrap
│ ├── README.md
│ └── multicluster.md
├── demo1
│ ├── .gitkeep
│ ├── README.md
│ └── bgdk-app.yaml
├── demo2
│ ├── .gitkeep
│ ├── README.md
│ └── todo-application.yaml
├── demo3
│ ├── .gitkeep
│ ├── README.md
│ ├── argo-apps
│ │ ├── dev-environment.yaml
│ │ ├── kustomization.yaml
│ │ ├── prod-environment.yaml
│ │ └── staging-environment.yaml
│ ├── argo-projects
│ │ ├── dev-env-project.yaml
│ │ ├── kustomization.yaml
│ │ ├── prod-env-project.yaml
│ │ └── staging-env-project.yaml
│ └── deploy
│ │ └── kustomization.yaml
├── demo4
│ ├── .gitkeep
│ ├── README.md
│ ├── argo-apps
│ │ ├── kustomization.yaml
│ │ └── multi-cluster-app.yaml
│ ├── argo-projects
│ │ ├── apps-project.yaml
│ │ └── kustomization.yaml
│ ├── deploy
│ │ └── kustomization.yaml
│ └── docs
│ │ ├── pic1.png
│ │ └── pic2.png
├── demo5
│ ├── .gitkeep
│ ├── README.md
│ ├── argo-apps
│ │ ├── dev-env-multicluster-app.yaml
│ │ ├── kustomization.yaml
│ │ ├── prod-env-multicluster-app.yaml
│ │ └── staging-env-multicluster-app.yaml
│ ├── argo-projects
│ │ ├── apps-project.yaml
│ │ └── kustomization.yaml
│ ├── deploy
│ │ └── kustomization.yaml
│ └── docs
│ │ ├── pic1.png
│ │ └── pic2.png
└── demo6
│ └── README.md
└── docs
├── agenda.md
├── main.png
└── slides.pdf
/README.md:
--------------------------------------------------------------------------------
1 | # cdCon and GitOpsCon 2023 - Managing GitOps deployments in multi-cluster production environments
2 |
3 | Repository for the [cdCon & GitOpsCon 2023](https://events.linuxfoundation.org/cdcon-gitopscon/) about Managing GitOps deployments in multi-cluster production environments.
4 |
5 |
6 | ## Abstract
7 |
8 | During [this session](https://sched.co/1LAFy) we will demonstrate how to manage and scale productive ArgoCD deployments in a multi cluster environment easily and securely using GitOps patterns.
9 |
10 | We will present the deployment of applications across multiple Kubernetes clusters on various public and private clouds and explore the best practices for scaling and managing highly available, reliable and secure applications. We will also demonstrate how you can structure your Git repositories to share and scale within your teams and organization in order to deploy your cloud native deployments in an automatic and predictive way.
11 |
12 | After this technical session you will know more about the challenges and the benefits of using GitOps patterns to scale your productive applications in multi cluster scenarios and in a Cloud agnostic way.
13 |
14 | 
15 |
16 |
17 | ## Demos
18 |
19 | * [Demo 1 - GitOps Application with Kustomize](./demos/demo1/README.md)
20 | * [Demo 2 - Deploying GitOps Apps in Remote Clusters](./demos/demo2/README.md)
21 | * [Demo 3 - Managing GitOps Apps at scale](./demos/demo3/README.md)
22 | * [Demo 4 - GitOps Multi-Cluster Deployment Strategies](./demos/demo4/README.md)
23 | * [Demo 5 - GitOps Multi Cluster & Multi-Environment Strategies](./demos/demo5/README.md)
24 | * [Demo 6 - Promotion between GitOps environments](./demos/demo6/README.md)
25 |
26 | ## Slides
27 |
28 | * [Slides - CdCon & GitOpsCon - Managing GitOps deployments in multi-cluster production environments](./docs/slides.pdf)
29 |
30 | ## Audience
31 |
32 | For anyone interested in DevOps, SRE, application platform management, and anyone who manages complex Kubernetes environments at scale.
33 |
34 | After this session, DevSecOps teams, SREs, Kubernetes sysadmins, will learn about the best practices and strategies to deploy complex and advanced deployments using GitOps.
35 |
36 | ## Contributors / Maintainers
37 |
38 | * [Roberto Carratalá](github.com/rcarrata)
39 |
--------------------------------------------------------------------------------
/apps/demo1/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/apps/demo1/.gitkeep
--------------------------------------------------------------------------------
/apps/demo1/bgd/base/bgd-deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | labels:
6 | app: bgd
7 | name: bgd
8 | namespace: bgd
9 | spec:
10 | replicas: 1
11 | selector:
12 | matchLabels:
13 | app: bgd
14 | strategy: {}
15 | template:
16 | metadata:
17 | creationTimestamp: null
18 | labels:
19 | app: bgd
20 | spec:
21 | containers:
22 | - image: quay.io/redhatworkshops/bgd:latest
23 | name: bgd
24 | env:
25 | - name: COLOR
26 | value: "blue"
27 | resources: {}
28 | ---
29 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/base/bgd-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: route.openshift.io/v1
2 | kind: Route
3 | metadata:
4 | labels:
5 | app: bgd
6 | name: bgd
7 | namespace: bgd
8 | spec:
9 | port:
10 | targetPort: 8080
11 | to:
12 | kind: Service
13 | name: bgd
14 | weight: 100
15 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/base/bgd-svc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | labels:
6 | app: bgd
7 | name: bgd
8 | namespace: bgd
9 | spec:
10 | ports:
11 | - port: 8080
12 | protocol: TCP
13 | targetPort: 8080
14 | selector:
15 | app: bgd
16 | ---
17 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | namespace: bgd
2 | resources:
3 | - bgd-svc.yaml
4 | - bgd-deployment.yaml
5 | #- bgd-route.yaml
6 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/overlays/bgd/bgd-deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | labels:
6 | app: bgd
7 | name: bgd
8 | namespace: bgd
9 | spec:
10 | replicas: 1
11 | selector:
12 | matchLabels:
13 | app: bgd
14 | strategy: {}
15 | template:
16 | metadata:
17 | creationTimestamp: null
18 | labels:
19 | app: bgd
20 | spec:
21 | containers:
22 | - image: quay.io/redhatworkshops/bgd:latest
23 | name: bgd
24 | env:
25 | - name: COLOR
26 | value: "blue"
27 | resources: {}
28 | ---
29 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/overlays/bgd/bgd-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: bgd
5 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/overlays/bgd/bgd-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: route.openshift.io/v1
2 | kind: Route
3 | metadata:
4 | labels:
5 | app: bgd
6 | name: bgd
7 | namespace: bgd
8 | spec:
9 | port:
10 | targetPort: 8080
11 | to:
12 | kind: Service
13 | name: bgd
14 | weight: 100
15 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/overlays/bgd/bgd-svc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | labels:
6 | app: bgd
7 | name: bgd
8 | namespace: bgd
9 | spec:
10 | ports:
11 | - port: 8080
12 | protocol: TCP
13 | targetPort: 8080
14 | selector:
15 | app: bgd
16 | ---
17 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/overlays/bgdk/bgdk-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: bgdk
5 |
--------------------------------------------------------------------------------
/apps/demo1/bgd/overlays/bgdk/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 | namespace: bgdk
4 | resources:
5 | - ../../base
6 | - bgdk-ns.yaml
7 | patchesJson6902:
8 | - target:
9 | version: v1
10 | group: apps
11 | kind: Deployment
12 | name: bgd
13 | namespace: bgdk
14 | patch: |-
15 | - op: replace
16 | path: /spec/template/spec/containers/0/env/0/value
17 | value: yellow
18 |
--------------------------------------------------------------------------------
/apps/demo2/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/apps/demo2/.gitkeep
--------------------------------------------------------------------------------
/apps/demo2/todo/postgres-create-table.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: batch/v1
2 | kind: Job
3 | metadata:
4 | name: todo-table
5 | namespace: todo
6 | annotations:
7 | argocd.argoproj.io/sync-wave: "1"
8 | spec:
9 | template:
10 | spec:
11 | containers:
12 | - name: postgresql-client
13 | image: postgres:12
14 | imagePullPolicy: Always
15 | env:
16 | - name: PGPASSWORD
17 | value: admin
18 | command: ["psql"]
19 | args:
20 | [
21 | "--host=postgresql",
22 | "--username=admin",
23 | "--no-password",
24 | "--dbname=todo",
25 | "--command=create table Todo (id bigint not null,completed boolean not null,ordering integer,title varchar(255),url varchar(255),primary key (id));create sequence hibernate_sequence start with 1 increment by 1;",
26 | ]
27 | restartPolicy: Never
28 | backoffLimit: 1
--------------------------------------------------------------------------------
/apps/demo2/todo/postgres-deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: postgresql
6 | namespace: todo
7 | annotations:
8 | argocd.argoproj.io/sync-wave: "0"
9 | spec:
10 | selector:
11 | matchLabels:
12 | app: postgresql
13 | template:
14 | metadata:
15 | labels:
16 | app: postgresql
17 | spec:
18 | containers:
19 | - name: postgresql
20 | image: quay.io/redhatdemo/openshift-pgsql12-primary:centos7
21 | imagePullPolicy: Always
22 | ports:
23 | - name: tcp
24 | containerPort: 5432
25 | env:
26 | - name: PG_USER_PASSWORD
27 | value: admin
28 | - name: PG_USER_NAME
29 | value: admin
30 | - name: PG_DATABASE
31 | value: todo
32 | - name: PG_NETWORK_MASK
33 | value: all
34 |
35 |
--------------------------------------------------------------------------------
/apps/demo2/todo/postgres-service.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | name: postgresql
6 | namespace: todo
7 | annotations:
8 | argocd.argoproj.io/sync-wave: "0"
9 | spec:
10 | selector:
11 | app: postgresql
12 | ports:
13 | - name: pgsql
14 | port: 5432
15 | targetPort: 5432
--------------------------------------------------------------------------------
/apps/demo2/todo/todo-deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: "v1"
3 | kind: "ServiceAccount"
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: "todo-gitops"
7 | app.kubernetes.io/version: "1.0.0"
8 | name: "todo-gitops"
9 | namespace: todo
10 | annotations:
11 | argocd.argoproj.io/sync-wave: "2"
12 | ---
13 | apiVersion: "apps/v1"
14 | kind: "Deployment"
15 | metadata:
16 | labels:
17 | app.kubernetes.io/name: "todo-gitops"
18 | app.kubernetes.io/version: "1.0.0"
19 | name: "todo-gitops"
20 | namespace: todo
21 | annotations:
22 | argocd.argoproj.io/sync-wave: "2"
23 | spec:
24 | replicas: 1
25 | selector:
26 | matchLabels:
27 | app.kubernetes.io/name: "todo-gitops"
28 | app.kubernetes.io/version: "1.0.0"
29 | template:
30 | metadata:
31 | labels:
32 | app.kubernetes.io/name: "todo-gitops"
33 | app.kubernetes.io/version: "1.0.0"
34 | spec:
35 | containers:
36 | - env:
37 | - name: "KUBERNETES_NAMESPACE"
38 | valueFrom:
39 | fieldRef:
40 | fieldPath: "metadata.namespace"
41 | image: "quay.io/rhdevelopers/todo-gitops:1.0.0"
42 | imagePullPolicy: "Always"
43 | name: "todo-gitops"
44 | ports:
45 | - containerPort: 8080
46 | name: "http"
47 | protocol: "TCP"
48 | serviceAccount: "todo-gitops"
--------------------------------------------------------------------------------
/apps/demo2/todo/todo-insert-data.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: batch/v1
2 | kind: Job
3 | metadata:
4 | name: todo-insert
5 | annotations:
6 | argocd.argoproj.io/hook: PostSync
7 | argocd.argoproj.io/hook-delete-policy: HookSucceeded
8 | spec:
9 | ttlSecondsAfterFinished: 100
10 | template:
11 | spec:
12 | containers:
13 | - name: httpie
14 | image: alpine/httpie:2.4.0
15 | imagePullPolicy: Always
16 | command: ["http"]
17 | args:
18 | [
19 | "POST",
20 | "todo-gitops:8080/api",
21 | "title=Finish ArgoCD tutorial",
22 | "--ignore-stdin"
23 | ]
24 | restartPolicy: Never
25 | backoffLimit: 1
26 |
--------------------------------------------------------------------------------
/apps/demo2/todo/todo-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: todo
5 | annotations:
6 | argocd.argoproj.io/sync-wave: "-1"
7 |
--------------------------------------------------------------------------------
/apps/demo2/todo/todo-service.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: "v1"
3 | kind: "Service"
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: "todo-gitops"
7 | app.kubernetes.io/version: "1.0.0"
8 | name: "todo-gitops"
9 | annotations:
10 | argocd.argoproj.io/sync-wave: "2"
11 | namespace: todo
12 | spec:
13 | ports:
14 | - name: "http"
15 | port: 8080
16 | targetPort: 8080
17 | selector:
18 | app.kubernetes.io/name: "todo-gitops"
19 | app.kubernetes.io/version: "1.0.0"
--------------------------------------------------------------------------------
/apps/demo3/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/apps/demo3/.gitkeep
--------------------------------------------------------------------------------
/apps/demo3/dev-env/apps/dev-httpbin-app/httpbin-deploy.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: httpbin
5 | spec:
6 | replicas: 1
7 | selector:
8 | matchLabels:
9 | app: httpbin
10 | version: v1
11 | template:
12 | metadata:
13 | labels:
14 | app: httpbin
15 | version: v1
16 | spec:
17 | serviceAccountName: httpbin
18 | containers:
19 | - image: docker.io/kennethreitz/httpbin
20 | imagePullPolicy: IfNotPresent
21 | name: httpbin
22 | ports:
23 | - containerPort: 80
24 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/apps/dev-httpbin-app/httpbin-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: httpbin
5 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/apps/dev-httpbin-app/httpbin-sa.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: httpbin
5 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/apps/dev-httpbin-app/httpbin-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: httpbin
5 | labels:
6 | app: httpbin
7 | service: httpbin
8 | spec:
9 | ports:
10 | - name: http
11 | port: 8000
12 | targetPort: 80
13 | selector:
14 | app: httpbin
15 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/apps/dev-httpbin-app/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: httpbin
5 |
6 | namePrefix: dev-
7 |
8 | resources:
9 | - httpbin-deploy.yaml
10 | - httpbin-sa.yaml
11 | - httpbin-svc.yaml
12 | - httpbin-ns.yaml
13 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/baseline/compute-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: compute-quota
5 | spec:
6 | hard:
7 | requests.cpu: '2'
8 | requests.memory: 2Gi
9 | limits.cpu: '2'
10 | limits.memory: 2Gi
11 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/baseline/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - compute-quota.yaml
6 | - mem-limit-range.yaml
7 | - storage-class-quota.yaml
8 | - object-counts-quota.yaml
9 | - netpol-deny-other-ns.yaml
10 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/baseline/mem-limit-range.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: LimitRange
3 | metadata:
4 | name: mem-limit-range
5 | spec:
6 | limits:
7 | - default:
8 | memory: 512Mi
9 | defaultRequest:
10 | memory: 256Mi
11 | type: Container
12 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/baseline/netpol-deny-other-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: deny-other-namespaces
5 | spec:
6 | podSelector: {}
7 | ingress:
8 | - from:
9 | - podSelector: {}
10 | policyTypes:
11 | - Ingress
--------------------------------------------------------------------------------
/apps/demo3/dev-env/baseline/object-counts-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: object-counts
5 | spec:
6 | hard:
7 | configmaps: '100'
8 | secrets: '100'
9 | services: '100'
10 | services.loadbalancers: '2'
11 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/baseline/storage-class-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: storage-class-quota
5 | spec:
6 | hard:
7 | requests.storage: 2Gi
8 | persistentvolumeclaims: '2'
9 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-001/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: dev-project-001
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | patchesStrategicMerge:
10 | - storage-class-quota.yaml
11 |
12 | resources:
13 | - namespace.yaml
14 | - rolebinding.yaml
15 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-001/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: dev-project-001
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-001/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: admin
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-001/storage-class-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: storage-class-quota
5 | spec:
6 | hard:
7 | requests.storage: 20Gi
8 | persistentvolumeclaims: '15'
9 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-002/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: dev-project-002
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | resources:
10 | - namespace.yaml
11 | - netpol-allow-ingress.yaml
12 | - netpol-allow-monitoring.yaml
13 | - rolebinding.yaml
14 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-002/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: dev-project-002
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-002/netpol-allow-ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-ingress
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: ingress
14 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-002/netpol-allow-monitoring.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-monitoring
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: monitoring
14 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-002/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: view
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
13 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-003/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: dev-project-003
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | resources:
10 | - namespace.yaml
11 | - rolebinding.yaml
12 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-003/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: dev-project-003
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/dev-env/namespaces/dev-project-003/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: edit
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
13 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/apps/prod-pacman-app/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - pacman-service.yaml
6 | - pacman-deployment.yaml
7 | - pacman-ns.yaml
8 | - mongo-service.yaml
9 | - mongo-pvc.yaml
10 | - mongo-deployment.yaml
11 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/apps/prod-pacman-app/mongo-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | name: mongo
6 | app.kubernetes.io/name: pacman
7 | name: mongo
8 | namespace: pacman-app
9 | spec:
10 | replicas: 1
11 | selector:
12 | matchLabels:
13 | name: mongo
14 | app.kubernetes.io/name: pacman
15 | template:
16 | metadata:
17 | labels:
18 | name: mongo
19 | app.kubernetes.io/name: pacman
20 | spec:
21 | containers:
22 | - image: bitnami/mongodb:latest
23 | name: mongo
24 | ports:
25 | - name: mongo
26 | containerPort: 27017
27 | volumeMounts:
28 | - name: mongo-db
29 | mountPath: /data/db
30 | volumes:
31 | - name: mongo-db
32 | persistentVolumeClaim:
33 | claimName: mongo-storage
34 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/apps/prod-pacman-app/mongo-pvc.yaml:
--------------------------------------------------------------------------------
1 | kind: PersistentVolumeClaim
2 | apiVersion: v1
3 | metadata:
4 | name: mongo-storage
5 | namespace: pacman-app
6 | labels:
7 | app.kubernetes.io/name: pacman
8 | spec:
9 | accessModes:
10 | - ReadWriteOnce
11 | resources:
12 | requests:
13 | storage: 8Gi
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/apps/prod-pacman-app/mongo-service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | name: mongo
6 | app.kubernetes.io/name: pacman
7 | name: mongo
8 | namespace: pacman-app
9 | spec:
10 | type: ClusterIP
11 | ports:
12 | - port: 27017
13 | targetPort: 27017
14 | selector:
15 | name: mongo
16 | app.kubernetes.io/name: pacman
17 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/apps/prod-pacman-app/pacman-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | name: pacman
6 | app.kubernetes.io/name: pacman
7 | name: pacman
8 | namespace: pacman-app
9 | spec:
10 | replicas: 1
11 | selector:
12 | matchLabels:
13 | name: pacman
14 | app.kubernetes.io/name: pacman
15 | template:
16 | metadata:
17 | labels:
18 | name: pacman
19 | app.kubernetes.io/name: pacman
20 | spec:
21 | containers:
22 | - image: quay.io/jpacker/nodejs-pacman-app:latest
23 | name: pacman
24 | ports:
25 | - containerPort: 8080
26 | name: http-server
27 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/apps/prod-pacman-app/pacman-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: pacman-app
5 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/apps/prod-pacman-app/pacman-service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: pacman
5 | namespace: pacman-app
6 | labels:
7 | name: pacman
8 | app.kubernetes.io/name: pacman
9 | spec:
10 | type: ClusterIP
11 | ports:
12 | - port: 80
13 | targetPort: 8080
14 | protocol: TCP
15 | selector:
16 | name: pacman
17 | app.kubernetes.io/name: pacman
18 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/baseline/compute-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: compute-quota
5 | spec:
6 | hard:
7 | requests.cpu: '2'
8 | requests.memory: 2Gi
9 | limits.cpu: '2'
10 | limits.memory: 2Gi
11 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/baseline/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - compute-quota.yaml
6 | - mem-limit-range.yaml
7 | - storage-class-quota.yaml
8 | - object-counts-quota.yaml
9 | - netpol-deny-other-ns.yaml
10 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/baseline/mem-limit-range.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: LimitRange
3 | metadata:
4 | name: mem-limit-range
5 | spec:
6 | limits:
7 | - default:
8 | memory: 512Mi
9 | defaultRequest:
10 | memory: 256Mi
11 | type: Container
12 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/baseline/netpol-deny-other-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: deny-other-namespaces
5 | spec:
6 | podSelector: {}
7 | ingress:
8 | - from:
9 | - podSelector: {}
10 | policyTypes:
11 | - Ingress
--------------------------------------------------------------------------------
/apps/demo3/prod-env/baseline/object-counts-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: object-counts
5 | spec:
6 | hard:
7 | configmaps: '100'
8 | secrets: '100'
9 | services: '100'
10 | services.loadbalancers: '2'
11 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/baseline/storage-class-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: storage-class-quota
5 | spec:
6 | hard:
7 | requests.storage: 2Gi
8 | persistentvolumeclaims: '2'
9 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-001/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: prod-project-001
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | resources:
10 | - namespace.yaml
11 | - netpol-allow-ingress.yaml
12 | - netpol-allow-monitoring.yaml
13 | - rolebinding.yaml
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-001/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: prod-project-001
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-001/netpol-allow-ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-ingress
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: ingress
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-001/netpol-allow-monitoring.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-monitoring
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: monitoring
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-001/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: view
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-002/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: prod-project-002
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | resources:
10 | - namespace.yaml
11 | - netpol-allow-ingress.yaml
12 | - netpol-allow-monitoring.yaml
13 | - rolebinding.yaml
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-002/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: prod-project-002
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-002/netpol-allow-ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-ingress
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: ingress
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-002/netpol-allow-monitoring.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-monitoring
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: monitoring
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-002/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: view
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-003/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: prod-project-003
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | resources:
10 | - namespace.yaml
11 | - netpol-allow-ingress.yaml
12 | - netpol-allow-monitoring.yaml
13 | - rolebinding.yaml
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-003/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: prod-project-003
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-003/netpol-allow-ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-ingress
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: ingress
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-003/netpol-allow-monitoring.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-monitoring
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: monitoring
14 |
--------------------------------------------------------------------------------
/apps/demo3/prod-env/namespaces/prod-project-003/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: view
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
--------------------------------------------------------------------------------
/apps/demo3/staging-env/apps/staging-parksmap-app/kustomization.yaml:
--------------------------------------------------------------------------------
1 | namespace: parksmap
2 | resources:
3 | - parksmap-svc.yaml
4 | - parksmap-deployment.yaml
5 | #- parksmap-route.yaml
6 | - parksmap-ns.yaml
7 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/apps/staging-parksmap-app/parksmap-deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | labels:
6 | app: parksmap
7 | name: parksmap
8 | namespace: parksmap
9 | spec:
10 | replicas: 1
11 | selector:
12 | matchLabels:
13 | app: parksmap
14 | strategy: {}
15 | template:
16 | metadata:
17 | creationTimestamp: null
18 | labels:
19 | app: parksmap
20 | spec:
21 | containers:
22 | - image: quay.io/openshiftroadshow/parksmap:latest
23 | name: parksmap
24 | env:
25 | - name: COLOR
26 | value: "blue"
27 | resources: {}
28 | ---
29 |
30 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/apps/staging-parksmap-app/parksmap-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: parksmap
5 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/apps/staging-parksmap-app/parksmap-route.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: route.openshift.io/v1
2 | kind: Route
3 | metadata:
4 | labels:
5 | app: parksmap
6 | name: parksmap
7 | namespace: parksmap
8 | spec:
9 | port:
10 | targetPort: 8080
11 | to:
12 | kind: Service
13 | name: parksmap
14 | weight: 100
15 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/apps/staging-parksmap-app/parksmap-svc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | labels:
6 | app: parksmap
7 | name: parksmap
8 | namespace: parksmap
9 | spec:
10 | ports:
11 | - port: 8080
12 | protocol: TCP
13 | targetPort: 8080
14 | selector:
15 | app: parksmap
16 | ---
17 |
18 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/baseline/compute-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: compute-quota
5 | spec:
6 | hard:
7 | requests.cpu: '2'
8 | requests.memory: 2Gi
9 | limits.cpu: '2'
10 | limits.memory: 2Gi
11 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/baseline/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - compute-quota.yaml
6 | - mem-limit-range.yaml
7 | - storage-class-quota.yaml
8 | - object-counts-quota.yaml
9 | - netpol-deny-other-ns.yaml
10 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/baseline/mem-limit-range.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: LimitRange
3 | metadata:
4 | name: mem-limit-range
5 | spec:
6 | limits:
7 | - default:
8 | memory: 512Mi
9 | defaultRequest:
10 | memory: 256Mi
11 | type: Container
12 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/baseline/netpol-deny-other-ns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: deny-other-namespaces
5 | spec:
6 | podSelector: {}
7 | ingress:
8 | - from:
9 | - podSelector: {}
10 | policyTypes:
11 | - Ingress
--------------------------------------------------------------------------------
/apps/demo3/staging-env/baseline/object-counts-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: object-counts
5 | spec:
6 | hard:
7 | configmaps: '100'
8 | secrets: '100'
9 | services: '100'
10 | services.loadbalancers: '2'
11 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/baseline/storage-class-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: storage-class-quota
5 | spec:
6 | hard:
7 | requests.storage: 2Gi
8 | persistentvolumeclaims: '2'
9 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-001/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: staging-project-001
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | resources:
10 | - namespace.yaml
11 | - netpol-allow-ingress.yaml
12 | - netpol-allow-monitoring.yaml
13 | - rolebinding.yaml
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-001/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: staging-project-001
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-001/netpol-allow-ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-ingress
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: ingress
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-001/netpol-allow-monitoring.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-monitoring
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: monitoring
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-001/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: view
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-002/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: staging-project-002
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | resources:
10 | - namespace.yaml
11 | - netpol-allow-ingress.yaml
12 | - netpol-allow-monitoring.yaml
13 | - rolebinding.yaml
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-002/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: staging-project-002
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-002/netpol-allow-ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-ingress
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: ingress
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-002/netpol-allow-monitoring.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-monitoring
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: monitoring
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-002/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: view
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-003/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: staging-project-003
5 |
6 | bases:
7 | - ../../baseline
8 |
9 | resources:
10 | - namespace.yaml
11 | - netpol-allow-ingress.yaml
12 | - netpol-allow-monitoring.yaml
13 | - rolebinding.yaml
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-003/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: staging-project-003
5 | spec: {}
6 | status: {}
7 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-003/netpol-allow-ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-ingress
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: ingress
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-003/netpol-allow-monitoring.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.k8s.io/v1
2 | kind: NetworkPolicy
3 | metadata:
4 | name: allow-from-openshift-monitoring
5 | spec:
6 | policyTypes:
7 | - Ingress
8 | podSelector: {}
9 | ingress:
10 | - from:
11 | - namespaceSelector:
12 | matchLabels:
13 | network.openshift.io/policy-group: monitoring
14 |
--------------------------------------------------------------------------------
/apps/demo3/staging-env/namespaces/staging-project-003/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | name: admin
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: view
9 | subjects:
10 | - apiGroup: rbac.authorization.k8s.io
11 | kind: User
12 | name: user001
--------------------------------------------------------------------------------
/apps/demo4/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/apps/demo4/.gitkeep
--------------------------------------------------------------------------------
/apps/demo4/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - welcome-app-deployment.yaml
3 | - welcome-app-namespace.yaml
4 | - welcome-app-svc.yaml
5 |
--------------------------------------------------------------------------------
/apps/demo4/base/welcome-app-deployment.yaml:
--------------------------------------------------------------------------------
1 | kind: Deployment
2 | apiVersion: apps/v1
3 | metadata:
4 | name: welcome-app
5 | namespace: welcome-app
6 | labels:
7 | app: welcome-app
8 | app.kubernetes.io/component: welcome-app
9 | app.kubernetes.io/instance: welcome-app
10 | app.kubernetes.io/name: welcome-app
11 | app.kubernetes.io/part-of: welcome-app-app
12 | spec:
13 | replicas: 1
14 | selector:
15 | matchLabels:
16 | app: welcome-app
17 | template:
18 | metadata:
19 | creationTimestamp: null
20 | labels:
21 | app: welcome-app
22 | deployment: welcome-app
23 | spec:
24 | containers:
25 | - name: welcome-app
26 | image: quay.io/redhatworkshops/welcome-app:latest
27 | ports:
28 | - containerPort: 8080
29 | protocol: TCP
30 | - containerPort: 8443
31 | protocol: TCP
32 | resources: {}
33 | terminationMessagePath: /dev/termination-log
34 | terminationMessagePolicy: File
35 | imagePullPolicy: Always
36 | env: []
37 | restartPolicy: Always
38 | terminationGracePeriodSeconds: 30
39 | dnsPolicy: ClusterFirst
40 | securityContext: {}
41 | schedulerName: default-scheduler
42 | imagePullSecrets: []
43 | strategy:
44 | type: RollingUpdate
45 | rollingUpdate:
46 | maxSurge: 25%
47 | maxUnavailable: 25%
48 | revisionHistoryLimit: 10
49 | progressDeadlineSeconds: 600
50 | paused: false
51 |
--------------------------------------------------------------------------------
/apps/demo4/base/welcome-app-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: welcome-app
5 |
--------------------------------------------------------------------------------
/apps/demo4/base/welcome-app-svc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | creationTimestamp: null
6 | labels:
7 | app: welcome-app
8 | app.kubernetes.io/component: welcome-app
9 | app.kubernetes.io/instance: welcome-app
10 | app.kubernetes.io/name: welcome-app
11 | app.kubernetes.io/part-of: welcome-app-app
12 | app.openshift.io/runtime-version: latest
13 | name: welcome-app
14 | namespace: welcome-app
15 | spec:
16 | ports:
17 | - name: 8080-tcp
18 | protocol: TCP
19 | port: 8080
20 | targetPort: 8080
21 | - name: 8443-tcp
22 | protocol: TCP
23 | port: 8443
24 | targetPort: 8443
25 | selector:
26 | app: welcome-app
27 | deployment: welcome-app
28 |
--------------------------------------------------------------------------------
/apps/demo5/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/apps/demo5/.gitkeep
--------------------------------------------------------------------------------
/apps/demo5/dev-env/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: dev
5 | namePrefix: dev-
6 |
7 | resources:
8 | - welcome-app-deployment.yaml
9 | - welcome-app-namespace.yaml
10 | - welcome-app-svc.yaml
11 |
--------------------------------------------------------------------------------
/apps/demo5/dev-env/base/welcome-app-deployment.yaml:
--------------------------------------------------------------------------------
1 | kind: Deployment
2 | apiVersion: apps/v1
3 | metadata:
4 | name: welcome-app
5 | labels:
6 | app: welcome-app
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: welcome-app
12 | template:
13 | metadata:
14 | creationTimestamp: null
15 | labels:
16 | app: welcome-app
17 | deployment: welcome-app
18 | spec:
19 | containers:
20 | - name: welcome-app
21 | image: quay.io/redhatworkshops/welcome-app:latest
22 | ports:
23 | - containerPort: 8080
24 | protocol: TCP
25 | - containerPort: 8443
26 | protocol: TCP
27 | resources: {}
28 | terminationMessagePath: /dev/termination-log
29 | terminationMessagePolicy: File
30 | imagePullPolicy: Always
31 | env: []
32 | restartPolicy: Always
33 | terminationGracePeriodSeconds: 30
34 | dnsPolicy: ClusterFirst
35 | securityContext: {}
36 | schedulerName: default-scheduler
37 | imagePullSecrets: []
38 | strategy:
39 | type: RollingUpdate
40 | rollingUpdate:
41 | maxSurge: 25%
42 | maxUnavailable: 25%
43 | revisionHistoryLimit: 10
44 | progressDeadlineSeconds: 600
45 | paused: false
46 |
--------------------------------------------------------------------------------
/apps/demo5/dev-env/base/welcome-app-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: welcome-app
5 |
--------------------------------------------------------------------------------
/apps/demo5/dev-env/base/welcome-app-svc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | creationTimestamp: null
6 | labels:
7 | app: welcome-app
8 | name: welcome-app
9 | spec:
10 | ports:
11 | - name: 8080-tcp
12 | protocol: TCP
13 | port: 8080
14 | targetPort: 8080
15 | - name: 8443-tcp
16 | protocol: TCP
17 | port: 8443
18 | targetPort: 8443
19 | selector:
20 | app: welcome-app
21 | deployment: welcome-app
22 |
--------------------------------------------------------------------------------
/apps/demo5/prod-env/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - welcome-app-deployment.yaml
6 | - welcome-app-namespace.yaml
7 | - welcome-app-svc.yaml
8 |
--------------------------------------------------------------------------------
/apps/demo5/prod-env/base/welcome-app-deployment.yaml:
--------------------------------------------------------------------------------
1 | kind: Deployment
2 | apiVersion: apps/v1
3 | metadata:
4 | name: welcome-app
5 | labels:
6 | app: welcome-app
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: welcome-app
12 | template:
13 | metadata:
14 | creationTimestamp: null
15 | labels:
16 | app: welcome-app
17 | deployment: welcome-app
18 | spec:
19 | containers:
20 | - name: welcome-app
21 | image: quay.io/redhatworkshops/welcome-app:latest
22 | ports:
23 | - containerPort: 8080
24 | protocol: TCP
25 | - containerPort: 8443
26 | protocol: TCP
27 | resources: {}
28 | terminationMessagePath: /dev/termination-log
29 | terminationMessagePolicy: File
30 | imagePullPolicy: Always
31 | env: []
32 | restartPolicy: Always
33 | terminationGracePeriodSeconds: 30
34 | dnsPolicy: ClusterFirst
35 | securityContext: {}
36 | schedulerName: default-scheduler
37 | imagePullSecrets: []
38 | strategy:
39 | type: RollingUpdate
40 | rollingUpdate:
41 | maxSurge: 25%
42 | maxUnavailable: 25%
43 | revisionHistoryLimit: 10
44 | progressDeadlineSeconds: 600
45 | paused: false
46 |
--------------------------------------------------------------------------------
/apps/demo5/prod-env/base/welcome-app-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: welcome-app
5 |
--------------------------------------------------------------------------------
/apps/demo5/prod-env/base/welcome-app-svc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | creationTimestamp: null
6 | labels:
7 | app: welcome-app
8 | name: welcome-app
9 | spec:
10 | ports:
11 | - name: 8080-tcp
12 | protocol: TCP
13 | port: 8080
14 | targetPort: 8080
15 | - name: 8443-tcp
16 | protocol: TCP
17 | port: 8443
18 | targetPort: 8443
19 | selector:
20 | app: welcome-app
21 | deployment: welcome-app
22 |
--------------------------------------------------------------------------------
/apps/demo5/prod-env/overlays/deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: welcome-app
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: welcome-app
11 | env:
12 | - name: ENV
13 | value: "prod-gpu"
14 | - name: GPU_ENABLED
15 | value: "0"
16 | - name: REGION
17 | value: "eu"
18 |
--------------------------------------------------------------------------------
/apps/demo5/prod-env/overlays/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: prod
5 | namePrefix: prod-
6 |
7 | resources:
8 | - ../base
9 |
10 | patchesStrategicMerge:
11 | - deployment.yaml
12 |
--------------------------------------------------------------------------------
/apps/demo5/staging-env/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - welcome-app-deployment.yaml
6 | - welcome-app-namespace.yaml
7 | - welcome-app-svc.yaml
8 |
--------------------------------------------------------------------------------
/apps/demo5/staging-env/base/welcome-app-deployment.yaml:
--------------------------------------------------------------------------------
1 | kind: Deployment
2 | apiVersion: apps/v1
3 | metadata:
4 | name: welcome-app
5 | labels:
6 | app: welcome-app
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: welcome-app
12 | template:
13 | metadata:
14 | creationTimestamp: null
15 | labels:
16 | app: welcome-app
17 | deployment: welcome-app
18 | spec:
19 | containers:
20 | - name: welcome-app
21 | image: quay.io/redhatworkshops/welcome-app:latest
22 | ports:
23 | - containerPort: 8080
24 | protocol: TCP
25 | - containerPort: 8443
26 | protocol: TCP
27 | resources: {}
28 | terminationMessagePath: /dev/termination-log
29 | terminationMessagePolicy: File
30 | imagePullPolicy: Always
31 | env: []
32 | restartPolicy: Always
33 | terminationGracePeriodSeconds: 30
34 | dnsPolicy: ClusterFirst
35 | securityContext: {}
36 | schedulerName: default-scheduler
37 | imagePullSecrets: []
38 | strategy:
39 | type: RollingUpdate
40 | rollingUpdate:
41 | maxSurge: 25%
42 | maxUnavailable: 25%
43 | revisionHistoryLimit: 10
44 | progressDeadlineSeconds: 600
45 | paused: false
46 |
--------------------------------------------------------------------------------
/apps/demo5/staging-env/base/welcome-app-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: welcome-app
5 |
--------------------------------------------------------------------------------
/apps/demo5/staging-env/base/welcome-app-svc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | creationTimestamp: null
6 | labels:
7 | app: welcome-app
8 | name: welcome-app
9 | spec:
10 | ports:
11 | - name: 8080-tcp
12 | protocol: TCP
13 | port: 8080
14 | targetPort: 8080
15 | - name: 8443-tcp
16 | protocol: TCP
17 | port: 8443
18 | targetPort: 8443
19 | selector:
20 | app: welcome-app
21 | deployment: welcome-app
22 |
--------------------------------------------------------------------------------
/apps/demo5/staging-env/overlays/deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: welcome-app
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: welcome-app
11 | env:
12 | - name: ENV
13 | value: "staging-nogpu"
14 | - name: GPU_ENABLED
15 | value: "0"
16 | - name: REGION
17 | value: "eu"
--------------------------------------------------------------------------------
/apps/demo5/staging-env/overlays/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: kustomize.config.k8s.io/v1beta1
3 | kind: Kustomization
4 |
5 | namespace: staging
6 | namePrefix: staging-
7 |
8 | resources:
9 | - ../base
10 |
11 | patchesStrategicMerge:
12 | - deployment.yaml
13 |
--------------------------------------------------------------------------------
/apps/demo6/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - welcome-app-deployment.yaml
6 | # - welcome-app-namespace.yaml
7 | - welcome-app-svc.yaml
8 |
--------------------------------------------------------------------------------
/apps/demo6/base/welcome-app-deployment.yaml:
--------------------------------------------------------------------------------
1 | kind: Deployment
2 | apiVersion: apps/v1
3 | metadata:
4 | name: welcome-app
5 | labels:
6 | app: welcome-app
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: welcome-app
12 | template:
13 | metadata:
14 | creationTimestamp: null
15 | labels:
16 | app: welcome-app
17 | deployment: welcome-app
18 | spec:
19 | containers:
20 | - name: welcome-app
21 | image: quay.io/redhatworkshops/welcome-app:latest
22 | ports:
23 | - containerPort: 8080
24 | protocol: TCP
25 | - containerPort: 8443
26 | protocol: TCP
27 | resources: {}
28 | terminationMessagePath: /dev/termination-log
29 | terminationMessagePolicy: File
30 | imagePullPolicy: Always
31 | env: []
32 | restartPolicy: Always
33 | terminationGracePeriodSeconds: 30
34 | dnsPolicy: ClusterFirst
35 | securityContext: {}
36 | schedulerName: default-scheduler
37 | imagePullSecrets: []
38 | strategy:
39 | type: RollingUpdate
40 | rollingUpdate:
41 | maxSurge: 25%
42 | maxUnavailable: 25%
43 | revisionHistoryLimit: 10
44 | progressDeadlineSeconds: 600
45 | paused: false
46 |
--------------------------------------------------------------------------------
/apps/demo6/base/welcome-app-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: welcome-app
5 |
--------------------------------------------------------------------------------
/apps/demo6/base/welcome-app-svc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | creationTimestamp: null
6 | labels:
7 | app: welcome-app
8 | name: welcome-app
9 | spec:
10 | ports:
11 | - name: 8080-tcp
12 | protocol: TCP
13 | port: 8080
14 | targetPort: 8080
15 | - name: 8443-tcp
16 | protocol: TCP
17 | port: 8443
18 | targetPort: 8443
19 | selector:
20 | app: welcome-app
21 | deployment: welcome-app
22 |
--------------------------------------------------------------------------------
/apps/demo6/envs/dev-gpu/deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: welcome-app
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: welcome-app
10 | env:
11 | - name: ENV
12 | value: "load-gpu"
13 | - name: GPU_ENABLED
14 | value: "1"
15 |
--------------------------------------------------------------------------------
/apps/demo6/envs/dev-gpu/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: dev
5 | namePrefix: dev-gpu-
6 |
7 | resources:
8 | - ../../base
9 |
10 | patchesStrategicMerge:
11 | - deployment.yaml
12 | - replicas.yaml
13 | - version.yaml
14 |
--------------------------------------------------------------------------------
/apps/demo6/envs/dev-gpu/replicas.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: welcome-app
5 | spec:
6 | replicas: 4
7 |
--------------------------------------------------------------------------------
/apps/demo6/envs/dev-gpu/version.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: welcome-app
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: welcome-app
10 | image: quay.io/rcarrata/welcome-app:2.0
11 |
--------------------------------------------------------------------------------
/apps/demo6/envs/dev-nogpu/deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: welcome-app
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: welcome-app
11 | env:
12 | - name: ENV
13 | value: "dev-nogpu"
14 | - name: GPU_ENABLED
15 | value: "0"
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/dev-nogpu/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: dev
5 | namePrefix: dev-nogpu-
6 |
7 | resources:
8 | - ../../base
9 |
10 | patchesStrategicMerge:
11 | - deployment.yaml
12 | - version.yaml
13 |
--------------------------------------------------------------------------------
/apps/demo6/envs/dev-nogpu/version.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: welcome-app
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: welcome-app
10 | image: quay.io/rcarrata/welcome-app:2.0
11 |
--------------------------------------------------------------------------------
/apps/demo6/envs/prod-eu/deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: welcome-app
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: welcome-app
11 | env:
12 | - name: ENV
13 | value: "prod-nogpu"
14 | - name: GPU_ENABLED
15 | value: "0"
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/prod-eu/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: prod
5 | namePrefix: prod-eu-
6 |
7 | resources:
8 | - ../../base
9 |
10 | components:
11 | - ../../variants/eu
12 |
13 | patchesStrategicMerge:
14 | - deployment.yaml
15 | - version.yaml
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/prod-eu/version.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: welcome-app
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: welcome-app
10 | image: quay.io/rcarrata/welcome-app:1.0
11 |
--------------------------------------------------------------------------------
/apps/demo6/envs/prod-us/deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: welcome-app
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: welcome-app
11 | env:
12 | - name: ENV
13 | value: "prod-nogpu"
14 | - name: GPU_ENABLED
15 | value: "0"
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/prod-us/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: integration
5 | namePrefix: integration-gpu-
6 |
7 | resources:
8 | - ../../base
9 |
10 | components:
11 | - ../../variants/us
12 |
13 | patchesStrategicMerge:
14 | - deployment.yaml
15 | - version.yaml
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/prod-us/version.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: welcome-app
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: welcome-app
10 | image: quay.io/rcarrata/welcome-app:1.0
11 |
--------------------------------------------------------------------------------
/apps/demo6/envs/staging-eu/deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: welcome-app
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: welcome-app
11 | env:
12 | - name: ENV
13 | value: "staging-nogpu"
14 | - name: GPU_ENABLED
15 | value: "0"
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/staging-eu/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: staging
5 | namePrefix: staging-eu-
6 |
7 | resources:
8 | - ../../base
9 |
10 | components:
11 | - ../../variants/eu
12 |
13 | patchesStrategicMerge:
14 | - deployment.yaml
15 | - version.yaml
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/staging-eu/version.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: welcome-app
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: welcome-app
10 | image: quay.io/rcarrata/welcome-app:1.0
11 |
--------------------------------------------------------------------------------
/apps/demo6/envs/staging-us/deployment.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: welcome-app
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: welcome-app
11 | env:
12 | - name: ENV
13 | value: "staging-nogpu"
14 | - name: GPU_ENABLED
15 | value: "0"
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/staging-us/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: integration
5 | namePrefix: integration-gpu-
6 |
7 | resources:
8 | - ../../base
9 |
10 | components:
11 | - ../../variants/us
12 |
13 | patchesStrategicMerge:
14 | - deployment.yaml
15 | - version.yaml
16 |
--------------------------------------------------------------------------------
/apps/demo6/envs/staging-us/version.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: welcome-app
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: welcome-app
10 | image: quay.io/rcarrata/welcome-app:1.0
11 |
--------------------------------------------------------------------------------
/apps/demo6/variants/eu/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1alpha1
2 | kind: Component
3 |
4 | patchesStrategicMerge:
5 | - region.yaml
6 |
--------------------------------------------------------------------------------
/apps/demo6/variants/eu/region.yaml:
--------------------------------------------------------------------------------
1 | kind: Deployment
2 | metadata:
3 | name: welcome-app
4 | spec:
5 | template:
6 | spec:
7 | containers:
8 | - name: welcome-app
9 | env:
10 | - name: REGION
11 | value: "eu"
12 |
--------------------------------------------------------------------------------
/apps/demo6/variants/us/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1alpha1
2 | kind: Component
3 |
4 | patchesStrategicMerge:
5 | - region.yaml
6 |
--------------------------------------------------------------------------------
/apps/demo6/variants/us/region.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: welcome-app
6 | spec:
7 | template:
8 | spec:
9 | containers:
10 | - name: welcome-app
11 | env:
12 | - name: REGION
13 | value: "us"
14 |
--------------------------------------------------------------------------------
/demo.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | ## USAGE
4 | function usage() {
5 | echo
6 | echo "Usage:"
7 | echo " $0 [command] [options]"
8 | echo " $0 --help"
9 | echo
10 | echo "Example:"
11 | echo " $0 demo1"
12 | echo
13 | echo "COMMANDS:"
14 | echo " demo1 Demo 1 - GitOps Application with Kustomize"
15 | echo " demo2 Demo 2 - Deploying GitOps Apps in Remote Clusters"
16 | echo " demo3 Demo 3 - Managing GitOps Apps at scale"
17 | echo " demo4 Demo 4 - GitOps Multi-Cluster Deployment Strategies"
18 | echo " demo5 Demo 5 - Promotion between GitOps environments"
19 | echo " demoX-delete Delete DemoX cluster - specify num of demo"
20 | echo
21 | }
22 |
23 | while :; do
24 | case $1 in
25 | demo1)
26 | ARG_COMMAND=demo1
27 | ;;
28 | demo2)
29 | ARG_COMMAND=demo2
30 | ;;
31 | demo3)
32 | ARG_COMMAND=demo3
33 | ;;
34 | demo4)
35 | ARG_COMMAND=demo4
36 | ;;
37 | demo5)
38 | ARG_COMMAND=demo5
39 | ;;
40 | demo6)
41 | ARG_COMMAND=demo6
42 | ;;
43 | -h|--help)
44 | usage
45 | exit 0
46 | ;;
47 | *) # Default case: If no more options then break out of the loop.
48 | break
49 | esac
50 |
51 | shift
52 | done
53 |
54 | # Deploy DemoX functions
55 | function demo1() {
56 | kubectl apply -f demos/demo1/bgdk-app.yaml
57 | kubectl patch app bgdk-app -n argocd \
58 | -p '{"metadata": {"finalizers": ["resources-finalizer.argocd.argoproj.io"]}}' --type merge
59 | }
60 |
61 | function demo2() {
62 | kubectl apply -f demos/demo2/todo-application.yaml
63 | kubectl patch app todo-app -n argocd \
64 | -p '{"metadata": {"finalizers": ["resources-finalizer.argocd.argoproj.io"]}}' --type merge
65 | }
66 |
67 | function demo3() {
68 | kubectl apply -k demos/demo3/deploy/
69 | }
70 |
71 | function demo4() {
72 | kubectl apply -k demos/demo4/deploy/
73 | }
74 |
75 | function demo5() {
76 | kubectl apply -k demos/demo5/deploy/
77 | }
78 |
79 |
80 | ## Delete Functions
81 | function demo1-delete() {
82 | kubectl delete -f demos/demo1/bgdk-app.yaml
83 | }
84 |
85 | function demo2-delete() {
86 | kubectl delete -f demos/demo2/todo-application.yaml
87 | }
88 |
89 | function demo3-delete() {
90 | kubectl delete -k demos/demo3/deploy/
91 | }
92 |
93 | function demo4-delete() {
94 | kubectl delete -k demos/demo4/deploy/
95 | }
96 |
97 |
98 | function demo5-delete() {
99 | kubectl delete -k demos/demo5/deploy/
100 | }
101 |
102 | ## MAIN
103 | case "$ARG_COMMAND" in
104 | demo1)
105 | echo "Deploying Demo1 - GitOps Application with Kustomize"
106 | demo1
107 | echo
108 | echo "Completed successfully!"
109 | ;;
110 |
111 | demo2)
112 | echo "Deploying Demo2 - Deploying GitOps Apps in Remote Clusters"
113 | demo2
114 | echo
115 | echo "Completed successfully!"
116 | ;;
117 |
118 | demo3)
119 | echo "Deploying Demo3 - Managing GitOps Apps at scale"
120 | demo3
121 | echo
122 | echo "Completed successfully!"
123 | ;;
124 |
125 | demo4)
126 | echo "Deploying Demo4 - GitOps Multi-Cluster Deployment Strategies"
127 | demo4
128 | echo
129 | echo "Completed successfully!"
130 | ;;
131 |
132 | demo5)
133 | echo "Deploying Demo5 - Promotion between GitOps environments"
134 | demo5
135 | echo
136 | echo "Completed successfully!"
137 | ;;
138 |
139 | demo1-delete)
140 | echo "Deleting Demo1"
141 | demo1-delete
142 | echo
143 | echo "Completed successfully!"
144 | ;;
145 |
146 | demo2-delete)
147 | echo "Deleting Demo2"
148 | demo2-delete
149 | echo
150 | echo "Completed successfully!"
151 | ;;
152 |
153 | demo3-delete)
154 | echo "Deleting Demo3"
155 | demo3-delete
156 | echo
157 | echo "Completed successfully!"
158 | ;;
159 |
160 | demo4-delete)
161 | echo "Deleting Demo4"
162 | demo4-delete
163 | echo
164 | echo "Completed successfully!"
165 | ;;
166 |
167 | demo5-delete)
168 | echo "Deleting Demo5"
169 | demo5-delete
170 | echo
171 | echo "Completed successfully!"
172 | ;;
173 |
174 | *)
175 | echo "Invalid command specified: '$ARG_COMMAND'"
176 | usage
177 | ;;
178 | esac
--------------------------------------------------------------------------------
/demos/bootstrap/README.md:
--------------------------------------------------------------------------------
1 | ### Bootstrap GitOps Demo Environment
2 |
3 | * Create Kind Cluster for GitOps Demo:
4 |
5 | ```sh
6 | CLUSTER_NAME="gitops"
7 | cat < oc_bash_completion
22 | sudo cp oc_bash_completion /etc/bash_completion.d/
23 | ````
24 |
25 | * Create the kubeconfig:
26 |
27 | ```sh
28 | touch /var/tmp/lab-kubeconfig
29 | export KUBECONFIG=/var/tmp/lab-kubeconfig
30 | kubectl login --username xxx --password xxx --server=xxx
31 | kubectl config rename-context $(oc config current-context) cluster1
32 | kubectl config use-context cluster1
33 | ```
34 |
35 | * Add the k8s cluster credentials into ArgoCD server:
36 |
37 | ```sh
38 | argocd cluster add cluster1
39 | ```
40 |
41 | * Check the list of clusters in ArgoCD:
42 |
43 | ```sh
44 | argocd cluster list
45 | ```
46 |
47 | ## Adding ROSA into ArgoCD
48 |
49 | * Create ROSA cluster
50 |
51 | ```sh
52 | export VERSION=4.11.31 \
53 | ROSA_CLUSTER_NAME=rosagitops \
54 | AWS_ACCOUNT_ID=`aws sts get-caller-identity --query Account --output text` \
55 | REGION=us-east-2 \
56 | AWS_PAGER=""
57 |
58 | rosa create cluster -y --cluster-name ${ROSA_CLUSTER_NAME} \
59 | --region ${REGION} --version ${VERSION} \
60 | --machine-cidr $CIDR \
61 | --sts
62 | rosa create operator-roles --cluster rosagitops --mode auto --yes
63 | rosa create oidc-provider --cluster rosagitops
64 | ```
65 |
66 | * Add cluster-admin user to the ROSA cluster:
67 |
68 | ```sh
69 | rosa create admin --cluster=$ROSA_CLUSTER_NAME
70 | ```
71 |
72 | * Create the kubeconfig:
73 |
74 | ```sh
75 | touch /var/tmp/lab-kubeconfig
76 | export KUBECONFIG=/var/tmp/lab-kubeconfig
77 | kubectl login --username cluster-admin --password xxx --server=xxx
78 | kubectl config rename-context $(oc config current-context) cluster2
79 | kubectl config use-context cluster2
80 | ```
81 |
82 | * Add the k8s cluster credentials into ArgoCD server:
83 |
84 | ```sh
85 | argocd cluster add cluster2
86 | ```
87 |
88 | * Check the list of clusters in ArgoCD:
89 |
90 | ```sh
91 | argocd cluster list
92 | ```
93 |
94 | ## Adding AKS into ArgoCD
95 |
96 | * Add the Kubeconfig AKS credentials:
97 |
98 | ```sh
99 | export KUBECONFIG=/var/tmp/lab-kubeconfig
100 | az aks get-credentials --resource-group rcs-rg --name rcs-test
101 | kubectl config rename-context $(oc config current-context) cluster3
102 | kubectl config use-context cluster3
103 | kubectl get nodes
104 | ```
105 |
106 | * Add the k8s cluster credentials into ArgoCD server:
107 |
108 | ```sh
109 | argocd cluster add cluster3
110 | ```
111 |
112 | * Check the list of clusters in ArgoCD:
113 |
114 | ```sh
115 | argocd cluster list
116 | ```
117 |
118 | ## Adding ARO into ArgoCD
119 |
120 | * Create the kubeconfig:
121 |
122 | ```sh
123 | touch /var/tmp/lab-kubeconfig
124 | export KUBECONFIG=/var/tmp/lab-kubeconfig
125 | kubectl login --username cluster-admin --password xxx --server=xxx
126 | kubectl config rename-context $(oc config current-context) cluster4
127 | kubectl config use-context cluster4
128 | ```
129 |
130 | * Add the k8s cluster credentials into ArgoCD server:
131 |
132 | ```sh
133 | argocd cluster add cluster4
134 | ```
135 |
136 | * Check the list of clusters in ArgoCD:
137 |
138 | ```sh
139 | argocd cluster list
140 | ```
--------------------------------------------------------------------------------
/demos/demo1/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo1/.gitkeep
--------------------------------------------------------------------------------
/demos/demo1/README.md:
--------------------------------------------------------------------------------
1 | # Demo 1 - GitOps Application with Kustomize
2 |
3 | * Deploy a Kustomized Application using ArgoCD Application:
4 |
5 | ```
6 | cd ~/CdCon23-GitOpsMultiCluster/demos/demo1/
7 | kubectl apply -f bgdk-app.yaml
8 | ```
9 |
10 | ## Delete BGD and BGDK apps (in cascade)
11 |
12 | * To delete all the objects generated in the bgd application use:
13 |
14 | ```
15 | kubectl patch app bgdk-app -n argocd -p '{"metadata": {"finalizers": ["resources-finalizer.argocd.argoproj.io"]}}' --type merge
16 |
17 | kubectl delete -f bgdk-app.yaml
18 | ```
19 |
20 | ## Kustomize Documentation
21 |
22 | * [Kustomization](https://kubectl.docs.kubernetes.io/guides/introduction/kustomize/)
23 |
24 | * [Examples Kustomize](https://github.com/kubernetes-sigs/kustomize/tree/master/examples)
25 |
26 | * [PatchesJSON6902](https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesjson6902/)
27 |
28 | * [Examples Inline Patches](https://github.com/kubernetes-sigs/kustomize/blob/master/examples/inlinePatch.md#inline-patch-for-patchesjson6902)
29 |
30 | * [Documentation Patches](https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/patchesstrategicmerge/)
--------------------------------------------------------------------------------
/demos/demo1/bgdk-app.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: Application
3 | metadata:
4 | name: bgdk-app
5 | namespace: argocd
6 | spec:
7 | destination:
8 | namespace: bgdk
9 | server: https://kubernetes.default.svc
10 | project: default
11 | source:
12 | path: apps/demo1/bgd/overlays/bgdk
13 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
14 | targetRevision: main
15 | syncPolicy:
16 | automated:
17 | prune: true
18 | selfHeal: true
19 | syncOptions:
20 | - CreateNamespace=true
21 |
--------------------------------------------------------------------------------
/demos/demo2/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo2/.gitkeep
--------------------------------------------------------------------------------
/demos/demo2/README.md:
--------------------------------------------------------------------------------
1 | # Demo 2 - Deploying GitOps Apps in Remote Clusters
2 |
3 | This demo will deploy the TODO app in a remote cluster (cluster1), showing how you can use ArgoCD to deploy remote Apps.
4 |
5 | ## Add new Managed clusters into ArgoCD
6 |
7 | * Follow the [Managed Clusters into ArgoCD guide](../bootstrap/multicluster.md)
8 |
9 | ## Deploy TODO app
10 |
11 | ```
12 | cd ~/CdCon23-GitOpsMultiCluster/demos/demo2/
13 | kubectl apply -f todo-application.yaml
14 | ```
15 |
16 | NOTE: the app it's exposed in the /todo.html
17 |
18 | ## Delete TODO app (in cascade)
19 |
20 | * To delete all the objects generated patch first the ArgoCD app:
21 |
22 | ```
23 | kubectl patch app todo-app -n argocd -p '{"metadata": {"finalizers": ["resources-finalizer.argocd.argoproj.io"]}}' --type merge
24 | ```
25 |
26 | * Delete the ArgoCD app:
27 |
28 | ```
29 | kubectl delete app todo-app -n argocd
30 | ```
31 |
32 | * [Delete in cascade](https://argoproj.github.io/argo-cd/user-guide/app_deletion/#about-the-deletion-finalizer)
33 |
34 | ## SyncWaves
35 |
36 | A Syncwave is a way to order how Argo CD applies the manifests that are stored in git. All manifests have a wave of zero by default, but you can set these by using the argocd.argoproj.io/sync-wave annotation.
37 |
38 | ```
39 | metadata:
40 | annotations:
41 | argocd.argoproj.io/sync-wave: "5"
42 | ```
43 |
44 | When Argo CD starts a sync action, the manifest get placed in the following order:
45 |
46 | * The Phase that they’re in (we’ll cover phases in the next section)
47 | * The wave the resource is annotated in (starting from the lowest value to the highest)
48 | * By kind (Namespaces first, then services, then deployments, etc …)
49 | * By name (ascending order)
50 |
51 | * [**Sync Waves Documentation**](https://argoproj.github.io/argo-cd/user-guide/sync-waves/#sync-phases-and-waves)
52 |
53 | ## Resource Hooks
54 |
55 | Controlling your sync operation can be futher redefined by using hooks. These hooks can run before, during, and after a sync operation. These hooks are:
56 |
57 | * **PreSync** - Runs before the sync operation. This can be something like a database backup before a schema change
58 | * **Sync** - Runs after PreSync has successfully ran. This will run alongside your normal manifesets.
59 | * **PostSync** - Runs after Sync has ran successfully. This can be something like a Slack message or an email notification.
60 | * **SyncFail** - Runs if the Sync operation as failed. This is also used to send notifications or do other evasive actions.
61 |
62 | ```
63 | metadata:
64 | annotations:
65 | argocd.argoproj.io/hook: PreSync
66 | ```
67 |
68 | You can also have the hooks be deleted after a successful/unsuccessful run.
69 |
70 | * **HookSucceeded** - The resouce will be deleted after it has succeeded.
71 | * **HookFailed** - The resource will be deleted if it has failed.
72 | * **BeforeHookCreation** - The resource will be deleted before a new one is created (when a new sync is triggered).
73 |
74 | ```
75 | metadata:
76 | annotations:
77 | argocd.argoproj.io/hook: PostSync
78 | argocd.argoproj.io/hook-delete-policy: HookSucceeded
79 | ```
80 |
--------------------------------------------------------------------------------
/demos/demo2/todo-application.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: Application
3 | metadata:
4 | name: todo-app
5 | namespace: argocd
6 | spec:
7 | destination:
8 | name: cluster1
9 | namespace: todo
10 | project: default
11 | source:
12 | path: apps/demo2/todo
13 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
14 | targetRevision: main
15 | syncPolicy:
16 | automated:
17 | prune: true
18 | selfHeal: true
19 | syncOptions:
20 | - CreateNamespace=true
21 |
--------------------------------------------------------------------------------
/demos/demo3/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo3/.gitkeep
--------------------------------------------------------------------------------
/demos/demo3/README.md:
--------------------------------------------------------------------------------
1 |
2 | # Demo 3 - Managing GitOps Apps at scale
3 |
4 | Deploy Dev, Staging and Prod environments using ApplicationSets in the same collocated Kubernetes cluster (where the ArgoCD instance is deployed).
5 |
6 | ## Deploy Dev + Staging + Prod Environments
7 |
8 | ```
9 | cd ~/CdCon23-GitOpsMultiCluster/demos/demo3/
10 | kubectl apply -k deploy/
11 | ```
12 |
13 | ## Application Sets
14 |
15 | Argo CD ApplicationSets are an evolution of the “App of Apps” deployment pattern. It took the idea of “App of Apps” and expanded it to be more flexible and deal with a wide range of use cases. The ArgoCD ApplicationSets runs as its own controller and supplements the functionality of the Argo CD Application CRD.
16 |
17 | ApplicationSets provide the following functionality:
18 |
19 | * Use a single manifest to target multiple Kubernetes clusters.
20 | * Use a single manifest to deploy multiple Applications from a single, or multiple, git repos.
21 | * Improve support for monolithic repository patterns (also known as a “monorepo”). This is where you have many applications and/or environments defined in a single repository.
22 | * Within multi-tenant clusters, it improves the ability of teams within a cluster to deploy applications using Argo CD (without the need for privilege escalation).
23 |
24 | ApplicationSets interact with Argo CD by creating, updating, managing, and deleting Argo CD Applications. The ApplicationSets job is to make sure that the Argo CD Application remains consistent with the declared ApplicationSet resource. ApplicationSets can be thought of as sort of an “Application factory”. It takes an ApplicationSet and outputs one or more Argo CD Applications.
25 |
26 | You can read more about ApplicationSets from the [ApplicationSets documentation site](https://argocd-applicationset.readthedocs.io/en/stable/).
27 |
28 | ## Delete ApplicationSet for Apps
29 |
30 | Just delete the application set and the ArgoCD ApplicationSet controller will do the magic!
31 |
32 | ```
33 | kubectl demo -k deploy/
34 | ```
35 |
36 | ## Links of interest
37 |
38 | * [Getting Started with Application Sets](https://cloud.redhat.com/blog/getting-started-with-applicationsets)
39 | * [GitOps Guide to the Galaxy (Ep 15): Introducing the App of Apps and ApplicationSets](https://www.youtube.com/watch?v=HqzUIJMYnfY&ab_channel=OpenShift)
40 |
--------------------------------------------------------------------------------
/demos/demo3/argo-apps/dev-environment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: ApplicationSet
3 | metadata:
4 | name: dev-env-appset
5 | namespace: argocd
6 | spec:
7 | generators:
8 | - git:
9 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
10 | revision: main
11 | directories:
12 | - path: apps/demo3/dev-env/apps/*
13 | - path: apps/demo3/dev-env/namespaces/*
14 | template:
15 | metadata:
16 | name: "{{path.basename}}"
17 | spec:
18 | project: dev-env-appset-project
19 | syncPolicy:
20 | automated:
21 | prune: true
22 | selfHeal: true
23 | source:
24 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
25 | targetRevision: main
26 | path: "{{path}}"
27 | destination:
28 | server: https://kubernetes.default.svc
29 |
--------------------------------------------------------------------------------
/demos/demo3/argo-apps/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - dev-environment.yaml
6 | - prod-environment.yaml
7 | - staging-environment.yaml
8 |
--------------------------------------------------------------------------------
/demos/demo3/argo-apps/prod-environment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: ApplicationSet
3 | metadata:
4 | name: prod-env-appset
5 | namespace: argocd
6 | spec:
7 | generators:
8 | - git:
9 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
10 | revision: main
11 | directories:
12 | - path: apps/demo3/prod-env/apps/*
13 | - path: apps/demo3/prod-env/namespaces/*
14 | template:
15 | metadata:
16 | name: "{{path.basename}}"
17 | spec:
18 | project: prod-env-appset-project
19 | syncPolicy:
20 | automated:
21 | prune: true
22 | selfHeal: true
23 | source:
24 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
25 | targetRevision: main
26 | path: "{{path}}"
27 | destination:
28 | server: https://kubernetes.default.svc
29 |
--------------------------------------------------------------------------------
/demos/demo3/argo-apps/staging-environment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: ApplicationSet
3 | metadata:
4 | name: staging-env-appset
5 | namespace: argocd
6 | spec:
7 | generators:
8 | - git:
9 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
10 | revision: main
11 | directories:
12 | - path: apps/demo3/staging-env/apps/*
13 | - path: apps/demo3/staging-env/namespaces/*
14 | template:
15 | metadata:
16 | name: "{{path.basename}}"
17 | spec:
18 | project: staging-env-appset-project
19 | syncPolicy:
20 | automated:
21 | prune: true
22 | selfHeal: true
23 | source:
24 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
25 | targetRevision: main
26 | path: "{{path}}"
27 | destination:
28 | server: https://kubernetes.default.svc
29 |
--------------------------------------------------------------------------------
/demos/demo3/argo-projects/dev-env-project.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: AppProject
3 | metadata:
4 | name: dev-env-appset-project
5 | spec:
6 | clusterResourceWhitelist:
7 | - group: "*"
8 | kind: "*"
9 | destinations:
10 | - namespace: "*"
11 | server: "*"
12 | sourceRepos:
13 | - "*"
14 |
--------------------------------------------------------------------------------
/demos/demo3/argo-projects/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - dev-env-project.yaml
6 | - staging-env-project.yaml
7 | - prod-env-project.yaml
8 |
--------------------------------------------------------------------------------
/demos/demo3/argo-projects/prod-env-project.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: AppProject
3 | metadata:
4 | name: prod-env-appset-project
5 | spec:
6 | clusterResourceWhitelist:
7 | - group: "*"
8 | kind: "*"
9 | destinations:
10 | - namespace: "*"
11 | server: "*"
12 | sourceRepos:
13 | - "*"
14 |
--------------------------------------------------------------------------------
/demos/demo3/argo-projects/staging-env-project.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: AppProject
3 | metadata:
4 | name: staging-env-appset-project
5 | spec:
6 | clusterResourceWhitelist:
7 | - group: "*"
8 | kind: "*"
9 | destinations:
10 | - namespace: "*"
11 | server: "*"
12 | sourceRepos:
13 | - "*"
14 |
--------------------------------------------------------------------------------
/demos/demo3/deploy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: argocd
5 |
6 | bases:
7 | - ../argo-apps
8 | - ../argo-projects
9 |
--------------------------------------------------------------------------------
/demos/demo4/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo4/.gitkeep
--------------------------------------------------------------------------------
/demos/demo4/README.md:
--------------------------------------------------------------------------------
1 | # Demo 4 - GitOps Cluster Deployment Strategies
2 |
3 | ## Add new Managed clusters into ArgoCD
4 |
5 | * Follow the [Managed Clusters into ArgoCD guide](../bootstrap/multicluster.md)
6 |
7 | NOTE: if you did this step in the demo2, skip the previous guide.
8 |
9 | * Check the existing ArgoCD Managed clusters available:
10 |
11 | ```
12 | argocd cluster list
13 | SERVER NAME VERSION STATUS MESSAGE
14 | https://api.cluster-35d4.35d4.xxxx.opentlc.com:6443 cluster2 1.20 Successful
15 | https://api.k8s.xxxx.com:6443 cluster1 1.21 Successful
16 | https://kubernetes.default.svc in-cluster 1.20 Successful
17 | ```
18 |
19 | 
20 |
21 | * https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters
22 |
23 | ## Deploy Applications in Multi Cluster Environment
24 |
25 | ```
26 | cd ~/CdCon23-GitOpsMultiCluster/demos/demo4/
27 | kubectl apply -k deploy
28 | ```
29 |
30 | 
31 |
32 | ## Application Sets with Multi Clustering Environments
33 |
34 | In Argo CD, managed clusters are stored within Secrets in the Argo CD namespace. The ApplicationSet
35 | controller uses those same Secrets to generate parameters to identify and target available clusters.
36 |
37 | For each cluster registered with Argo CD, the Cluster generator produces parameters based on the
38 | list of items found within the cluster secret.
39 |
40 | * [ApplicationSets documentation site](https://argocd-applicationset.readthedocs.io/en/stable/)
41 |
42 | * [Generator Cluster Documentation](https://argocd-applicationset.readthedocs.io/en/stable/Generators-Cluster/)
43 |
44 | ## Delete ApplicationSet for Apps
45 |
46 | For delete the multicluster environment:
47 |
48 | ```
49 | kubectl delete applicationset -n argo welcome-app-appset
50 | ```
51 |
52 | ## Links of interest
53 |
54 | * [Getting Started with Application Sets](https://cloud.redhat.com/blog/getting-started-with-applicationsets)
55 | * [GitOps Guide to the Galaxy (Ep 15): Introducing the App of Apps and ApplicationSets](https://www.youtube.com/watch?v=HqzUIJMYnfY&ab_channel=OpenShift)
56 |
--------------------------------------------------------------------------------
/demos/demo4/argo-apps/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - multi-cluster-app.yaml
6 |
--------------------------------------------------------------------------------
/demos/demo4/argo-apps/multi-cluster-app.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: ApplicationSet
3 | metadata:
4 | name: welcome-app-appset
5 | namespace: argocd
6 | spec:
7 | generators:
8 | - clusters: {}
9 | template:
10 | metadata:
11 | name: "{{name}}-welcome-app"
12 | spec:
13 | project: apps-project
14 | syncPolicy:
15 | automated:
16 | prune: true
17 | selfHeal: true
18 | source:
19 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
20 | targetRevision: main
21 | path: apps/demo4/base/
22 | destination:
23 | server: "{{server}}"
24 | namespace: welcome-app
25 |
--------------------------------------------------------------------------------
/demos/demo4/argo-projects/apps-project.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: AppProject
3 | metadata:
4 | name: apps-project
5 | spec:
6 | clusterResourceWhitelist:
7 | - group: '*'
8 | kind: '*'
9 | destinations:
10 | - namespace: '*'
11 | server: '*'
12 | sourceRepos:
13 | - '*'
14 |
--------------------------------------------------------------------------------
/demos/demo4/argo-projects/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - apps-project.yaml
--------------------------------------------------------------------------------
/demos/demo4/deploy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: argocd
5 |
6 | bases:
7 | - ../argo-apps
8 | - ../argo-projects
9 |
--------------------------------------------------------------------------------
/demos/demo4/docs/pic1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo4/docs/pic1.png
--------------------------------------------------------------------------------
/demos/demo4/docs/pic2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo4/docs/pic2.png
--------------------------------------------------------------------------------
/demos/demo5/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo5/.gitkeep
--------------------------------------------------------------------------------
/demos/demo5/README.md:
--------------------------------------------------------------------------------
1 | # Demo 5 - GitOps Multi Cluster & Multi-Environment Strategies
2 |
3 | ## Patch the Cluster Managed Secrets in ArgoCD
4 |
5 | * Patch the AKS cluster as dev:
6 |
7 | ```bash
8 | DEV=$(kubectl get secret -n argocd | grep azm | awk '{ print $1 }')
9 | kubectl patch secret -n argocd $DEV -p '{"metadata":{"labels":{"dev":"true"}}}'
10 | ```
11 |
12 | * Patch the On-Prem k8s/OCP cluster as staging:
13 |
14 | ```bash
15 | STAGING=$(kubectl get secret -n argocd | grep ocp4 | awk '{ print $1 }')
16 | kubectl patch secret $STAGING -n argocd -p '{"metadata":{"labels":{"staging":"true"}}}'
17 | ```
18 |
19 | * Patch the ROSA/ARO clusters as prod:
20 |
21 | ```bash
22 | PROD=$(kubectl get secret -n argocd | grep 'rosa\|aro' | awk '{ print $1 }')
23 | kubectl patch secret $PROD -n argocd -p '{"metadata":{"labels":{"prod":"true"}}}'
24 | ```
25 |
26 | ## Add new Managed clusters into ArgoCD
27 |
28 | * Follow the [Managed Clusters into ArgoCD guide](../bootstrap/multicluster.md)
29 |
30 | NOTE: if you did this step in the demo2, skip the previous guide.
31 |
32 | * Check the existing ArgoCD Managed clusters available:
33 |
34 | ```
35 | argocd cluster list
36 | SERVER NAME VERSION STATUS MESSAGE
37 | https://api.cluster-35d4.35d4.xxxx.opentlc.com:6443 cluster2 1.20 Successful
38 | https://api.k8s.xxxx.com:6443 cluster1 1.21 Successful
39 | https://kubernetes.default.svc in-cluster 1.20 Successful
40 | ```
41 |
42 | ## Deploy Applications in Multi Cluster Environment
43 |
44 | ```
45 | cd ~/CdCon23-GitOpsMultiCluster/demos/demo5/
46 | kubectl apply -k deploy
47 | ```
48 |
49 | ## Delete ApplicationSet for Apps
50 |
51 | For delete all the multicluster & multienv environment:
52 |
53 | ```
54 | kubectl delete applicationset -n argocd --all
55 | ```
56 |
--------------------------------------------------------------------------------
/demos/demo5/argo-apps/dev-env-multicluster-app.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: ApplicationSet
3 | metadata:
4 | name: dev-env-multicluster-app
5 | namespace: argocd
6 | spec:
7 | generators:
8 | - clusters:
9 | selector:
10 | matchLabels:
11 | dev: "true"
12 | template:
13 | metadata:
14 | name: "{{name}}-dev-env-awesome-app"
15 | spec:
16 | project: apps-project
17 | syncPolicy:
18 | automated:
19 | prune: true
20 | selfHeal: true
21 | source:
22 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
23 | targetRevision: main
24 | path: apps/demo5/dev-env/base
25 | destination:
26 | server: "{{server}}"
27 | namespace: welcome-app
28 |
--------------------------------------------------------------------------------
/demos/demo5/argo-apps/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - dev-env-multicluster-app.yaml
6 | - staging-env-multicluster-app.yaml
7 | - prod-env-multicluster-app.yaml
8 |
--------------------------------------------------------------------------------
/demos/demo5/argo-apps/prod-env-multicluster-app.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: ApplicationSet
3 | metadata:
4 | name: prod-env-multicluster-app
5 | namespace: argocd
6 | spec:
7 | generators:
8 | - clusters:
9 | selector:
10 | matchLabels:
11 | prod: "true"
12 | template:
13 | metadata:
14 | name: "{{name}}-prod-env-awesome-app"
15 | spec:
16 | project: apps-project
17 | syncPolicy:
18 | automated:
19 | prune: true
20 | selfHeal: true
21 | source:
22 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
23 | targetRevision: main
24 | path: apps/demo5/prod-env/overlays
25 | destination:
26 | server: "{{server}}"
27 | namespace: welcome-app
28 |
--------------------------------------------------------------------------------
/demos/demo5/argo-apps/staging-env-multicluster-app.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: ApplicationSet
3 | metadata:
4 | name: staging-env-multicluster-app
5 | namespace: argocd
6 | spec:
7 | generators:
8 | - clusters:
9 | selector:
10 | matchLabels:
11 | staging: "true"
12 | template:
13 | metadata:
14 | name: "{{name}}-staging-env-awesome-app"
15 | spec:
16 | project: apps-project
17 | syncPolicy:
18 | automated:
19 | prune: true
20 | selfHeal: true
21 | source:
22 | repoURL: https://github.com/rcarrata/CdCon23-GitOpsMultiCluster.git
23 | targetRevision: main
24 | path: apps/demo5/staging-env/overlays
25 | destination:
26 | server: "{{server}}"
27 | namespace: welcome-app
28 |
--------------------------------------------------------------------------------
/demos/demo5/argo-projects/apps-project.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: AppProject
3 | metadata:
4 | name: apps-project
5 | spec:
6 | clusterResourceWhitelist:
7 | - group: '*'
8 | kind: '*'
9 | destinations:
10 | - namespace: '*'
11 | server: '*'
12 | sourceRepos:
13 | - '*'
14 |
--------------------------------------------------------------------------------
/demos/demo5/argo-projects/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | resources:
5 | - apps-project.yaml
--------------------------------------------------------------------------------
/demos/demo5/deploy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 |
4 | namespace: argocd
5 |
6 | bases:
7 | - ../argo-apps
8 | - ../argo-projects
9 |
--------------------------------------------------------------------------------
/demos/demo5/docs/pic1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo5/docs/pic1.png
--------------------------------------------------------------------------------
/demos/demo5/docs/pic2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/demos/demo5/docs/pic2.png
--------------------------------------------------------------------------------
/demos/demo6/README.md:
--------------------------------------------------------------------------------
1 | # Demo 6 - Promotion between GitOps environments
2 |
3 | ## Folder Structure
4 |
5 | ```md
6 | $ tree -L 2 apps/pattern6
7 | apps/pattern6
8 | ├── base
9 | │ ├── kustomization.yaml
10 | │ ├── welcome-app-deployment.yaml
11 | │ ├── welcome-app-namespace.yaml
12 | │ └── welcome-app-svc.yaml
13 | ├── envs
14 | │ ├── dev-gpu
15 | │ ├── dev-nogpu
16 | │ ├── prod-eu
17 | │ ├── prod-us
18 | │ ├── staging-eu
19 | │ └── staging-us
20 | └── variants
21 | ├── eu
22 | └── us
23 | ```
24 |
25 | ## Scenario 1 - Promote application version from Dev to Staging Environment in the US:
26 |
27 | ```md
28 | cp envs/dev-gpu/version.yaml envs/staging-us/version.yaml
29 | ```
30 |
31 | ## Scenario 2 - Promote application version from Staging to Prod Environment in the US:
32 |
33 | ```md
34 | cp envs/staging-us/version.yaml envs/prod-us/version.yaml
35 | ```
--------------------------------------------------------------------------------
/docs/agenda.md:
--------------------------------------------------------------------------------
1 | ## Agenda and Demos (35 mins)
2 |
3 | 1. Intro GitOps and ArgoCD
4 | 2. Demo 1 - Kustomize to the Rescue!
5 | 3. Demo 2 - Sync Waves and Hooks to rule the world
6 | 4. Demo 3 - App of Apps - The GitOps order awakens
7 | 5. Demo 4 - ApplicationSet - The Rise of ArgoCD Applications
8 | 6. Demo 5 - MultiCluster Management - How to rule them all!
9 | 7. Demo 6 - Promotion Releases with GitOps without dying
10 | 8. Wrap Up!
--------------------------------------------------------------------------------
/docs/main.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/docs/main.png
--------------------------------------------------------------------------------
/docs/slides.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/rcarrata/CdCon23-GitOpsMultiCluster/c27a30fa5746c284e21538dbf333671a692b3c1b/docs/slides.pdf
--------------------------------------------------------------------------------