├── testfile ├── kustomize-bluegreen ├── blue │ ├── index.html │ ├── bluecm.yaml │ ├── kustomization.yaml │ ├── blue-svc.yaml │ ├── patch.yaml │ ├── myapp-ing.yaml │ └── deployment.yaml └── green │ ├── kustomization.yaml │ ├── greencm.yaml │ ├── green-svc.yaml │ ├── patch.yaml │ ├── myapp-ing.yaml │ └── deployment.yaml ├── dockerfiledemo ├── README.txt └── Dockerfile ├── Setup.docx ├── Setup.pdf ├── kustomize-envs ├── base │ ├── kustomization.yaml │ └── deployment.yaml └── envs │ └── qa │ ├── kustomization.yaml │ └── patch.yaml ├── README.md ├── demotask-run.yaml ├── kustomize-demo ├── kustomization.yaml ├── service.yaml └── deployment.yaml ├── awx-demo.yaml ├── crd-backup.yaml ├── trigger-binding.yaml ├── countdown ├── pvc.yaml ├── ingress-patch.yaml ├── nwp.yaml ├── demo-pipeline-run.yaml ├── lesson14 ├── prod-pvc.yaml ├── preprod-pvc.yaml ├── prod-pv.yaml ├── preprod-pv.yaml ├── pvc-patch.yaml ├── gittools.yaml ├── gitops-prod-operator.yaml └── gitops-preprod-operator.yaml ├── gitops-prod-pvc.yaml ├── gitops-preprod-pvc.yaml ├── pv.yaml ├── flux-patch.yaml ├── gitops-prod-pv.yaml ├── gitops-preprod-pv.yaml ├── pv-nfs.yaml ├── event-listener.yaml ├── kustomize-microservice ├── kustomization.yaml ├── default-storageclass.yaml ├── mysql-deployment.yaml └── wordpress-deployment.yaml ├── secondtask.yaml ├── install_and_start_httpt.yaml ├── gitopstools └── Dockerfile ├── demotask.yaml ├── patch ├── patch.yaml └── deployment.yaml ├── demo-pipeline.yaml ├── pv-pod.yaml ├── gitops-pv-pod-prod.yaml ├── main.tf ├── gitops-pv-pod-preprod.yaml ├── kustomization.yaml ├── jenkinspipe ├── trigger-template.yaml ├── add-tekton-repo.sh ├── new-ing.yaml ├── gitops-operator.yaml ├── kubeci.sh ├── crd-object.yaml ├── canary.yaml ├── rbac.yaml ├── exposenginx.yaml ├── minikube-docker-setup-old.sh ├── kubernetes.tf ├── minikube-docker-setup.sh └── gitops_pipeline.txt /testfile: -------------------------------------------------------------------------------- 1 | some text 2 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/index.html: -------------------------------------------------------------------------------- 1 | blue 2 | -------------------------------------------------------------------------------- /dockerfiledemo/README.txt: -------------------------------------------------------------------------------- 1 | thanks for reading me 2 | -------------------------------------------------------------------------------- /Setup.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sandervanvugt/gitops/HEAD/Setup.docx -------------------------------------------------------------------------------- /Setup.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sandervanvugt/gitops/HEAD/Setup.pdf -------------------------------------------------------------------------------- /kustomize-envs/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - deployment.yaml 3 | 4 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | supporting files for my Managing Automation with GitOps in Kubernetes course 2 | -------------------------------------------------------------------------------- /demotask-run.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tekton.dev/v1beta1 2 | kind: TaskRun 3 | metadata: 4 | name: demotask-run 5 | spec: 6 | taskRef: 7 | name: demotask 8 | -------------------------------------------------------------------------------- /kustomize-demo/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - deployment.yaml 3 | - service.yaml 4 | namePrefix: test- 5 | commonLabels: 6 | environment: testing 7 | -------------------------------------------------------------------------------- /awx-demo.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: awx.ansible.com/v1beta1 3 | kind: AWX 4 | metadata: 5 | name: awx-demo 6 | spec: 7 | service_type: nodeport 8 | nodeport_port: 30080 9 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - greencm.yaml 3 | - green-svc.yaml 4 | - deployment.yaml 5 | 6 | patchesStrategicMerge: 7 | - patch.yaml 8 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/bluecm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | index.html: | 4 | blue 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: blue 9 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/greencm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | index.html: | 4 | green 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: green 9 | -------------------------------------------------------------------------------- /crd-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: "stable.example.com/v1" 2 | kind: BackUp 3 | metadata: 4 | name: mybackup 5 | spec: 6 | backupType: full 7 | image: linux-backup-image 8 | replicas: 5 9 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bluecm.yaml 3 | - blue-svc.yaml 4 | - deployment.yaml 5 | - myapp-ing.yaml 6 | 7 | patchesStrategicMerge: 8 | - patch.yaml 9 | -------------------------------------------------------------------------------- /kustomize-envs/envs/qa/kustomization.yaml: -------------------------------------------------------------------------------- 1 | bases: 2 | - ../../base 3 | 4 | patchesStrategicMerge: 5 | - patch.yaml 6 | 7 | images: 8 | - name: nginx 9 | newTag: "1.18" 10 | -------------------------------------------------------------------------------- /trigger-binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: triggers.tekton.dev/v1beta1 2 | kind: TriggerBinding 3 | metadata: 4 | name: demo-binding 5 | spec: 6 | params: 7 | - name: username 8 | value: $(body.username) 9 | -------------------------------------------------------------------------------- /countdown: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | COUNTER=$1 4 | COUNTER=$(( COUNTER * 60 )) 5 | 6 | while true 7 | do 8 | echo $COUNTER seconds remaining in break 9 | COUNTER=$(( COUNTER - 1 )) 10 | sleep 1 11 | done 12 | -------------------------------------------------------------------------------- /pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: pv-claim 5 | spec: 6 | accessModes: 7 | - ReadWriteOnce 8 | resources: 9 | requests: 10 | storage: 1Gi 11 | -------------------------------------------------------------------------------- /ingress-patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: ingress-nginx-controller 5 | namespace: ingress-nginx 6 | data: 7 | allow-backend-server-header: "true" 8 | use-forward-headers: "true" 9 | -------------------------------------------------------------------------------- /nwp.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | namespace: prod 5 | name: noaccess 6 | spec: 7 | podSelector: {} 8 | ingress: 9 | - from: 10 | - podSelector: {} 11 | -------------------------------------------------------------------------------- /demo-pipeline-run.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tekton.dev/v1beta1 2 | kind: PipelineRun 3 | metadata: 4 | name: demopipe-run 5 | spec: 6 | pipelineRef: 7 | name: demopipe 8 | params: 9 | - name: username 10 | value: "lisa" 11 | -------------------------------------------------------------------------------- /lesson14/prod-pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: prod-pvc 5 | spec: 6 | storageClassName: prod 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 1Gi 12 | -------------------------------------------------------------------------------- /gitops-prod-pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: pvc-prod 5 | spec: 6 | storageClassName: production 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 1Gi 12 | -------------------------------------------------------------------------------- /gitops-preprod-pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: pvc-preprod 5 | spec: 6 | storageClassName: preproduction 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 2Gi 12 | -------------------------------------------------------------------------------- /pv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: pv-volume 5 | labels: 6 | type: local 7 | spec: 8 | capacity: 9 | storage: 2Gi 10 | accessModes: 11 | - ReadWriteOnce 12 | hostPath: 13 | path: "/mydata" 14 | -------------------------------------------------------------------------------- /dockerfiledemo/Dockerfile: -------------------------------------------------------------------------------- 1 | from alpine 2 | MAINTAINER Sander 3 | 4 | # Add repo file 5 | ADD ./README.txt /README.txt 6 | 7 | # Install cool software 8 | RUN apk add bash nmap 9 | 10 | ENTRYPOINT ["/usr/bin/nmap"] 11 | CMD ["-sn", "172.17.0.0/24"] 12 | 13 | -------------------------------------------------------------------------------- /lesson14/preprod-pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: preprod-pvc 5 | namespace: preprod 6 | spec: 7 | storageClassName: preprod 8 | accessModes: 9 | - ReadWriteOnce 10 | resources: 11 | requests: 12 | storage: 1Gi 13 | -------------------------------------------------------------------------------- /kustomize-envs/envs/qa/patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: demo-app 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: nginx 10 | env: 11 | - name: STATUS 12 | value: "kustomized" 13 | -------------------------------------------------------------------------------- /lesson14/prod-pv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: pv-prod 5 | labels: 6 | type: local 7 | spec: 8 | storageClassName: prod 9 | capacity: 10 | storage: 2Gi 11 | accessModes: 12 | - ReadWriteOnce 13 | hostPath: 14 | path: /prod 15 | -------------------------------------------------------------------------------- /flux-patch.yaml: -------------------------------------------------------------------------------- 1 | patches: 2 | - patch: |- 3 | apiVersion: autoscaling/v2beta2 4 | kind: HorizontalPodAutoscaler 5 | metadata: 6 | name: kube-app 7 | spec: 8 | minReplicas: 3 9 | target: 10 | name: kube-app 11 | kind: HorizontalPodAutoscaler 12 | -------------------------------------------------------------------------------- /gitops-prod-pv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: pvprod 5 | labels: 6 | type: local 7 | spec: 8 | storageClassName: production 9 | capacity: 10 | storage: 2Gi 11 | accessModes: 12 | - ReadWriteOnce 13 | hostPath: 14 | path: /production 15 | -------------------------------------------------------------------------------- /gitops-preprod-pv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: pvpreprod 5 | labels: 6 | type: local 7 | spec: 8 | storageClassName: preproduction 9 | capacity: 10 | storage: 2Gi 11 | accessModes: 12 | - ReadWriteOnce 13 | hostPath: 14 | path: /preprod 15 | -------------------------------------------------------------------------------- /lesson14/preprod-pv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: pv-preprod 5 | labels: 6 | type: local 7 | spec: 8 | storageClassName: preprod 9 | capacity: 10 | storage: 2Gi 11 | accessModes: 12 | - ReadWriteOnce 13 | hostPath: 14 | path: /preprod 15 | -------------------------------------------------------------------------------- /pv-nfs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: pv-nfs 5 | spec: 6 | capacity: 7 | storage: 1Gi 8 | accessModes: 9 | - ReadWritemany 10 | persistentVolumeReclaimPolicy: Retain 11 | nfs: 12 | path: /data 13 | server: myserver 14 | readOnly: false 15 | -------------------------------------------------------------------------------- /event-listener.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: triggers.tekton.dev/v1beta1 2 | kind: EventListener 3 | metadata: 4 | name: demo-listener 5 | spec: 6 | serviceAccountName: tekton-robot 7 | triggers: 8 | - name: demo-trigger 9 | bindings: 10 | - ref: demo-binding 11 | template: 12 | ref: demo-template 13 | -------------------------------------------------------------------------------- /kustomize-microservice/kustomization.yaml: -------------------------------------------------------------------------------- 1 | secretGenerator: 2 | - name: mysql-pass 3 | literals: 4 | - password=password 5 | configMapGenerator: 6 | - name: wp-db-host 7 | literals: 8 | - hostname=wordpress-mysql 9 | resources: 10 | - mysql-deployment.yaml 11 | - wordpress-deployment.yaml 12 | -------------------------------------------------------------------------------- /secondtask.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tekton.dev/v1beta1 2 | kind: Task 3 | metadata: 4 | name: secondtask 5 | spec: 6 | params: 7 | - name: username 8 | type: string 9 | steps: 10 | - name: goodbye 11 | image: alpine 12 | script: | 13 | #!/bin/sh 14 | echo "goodbye $(params.username)!" 15 | -------------------------------------------------------------------------------- /install_and_start_httpt.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install start and enable httpd 3 | hosts: all 4 | tasks: 5 | - name: install package 6 | yum: 7 | name: httpd 8 | state: latest 9 | - name: start and enable service 10 | service: 11 | name: httpd 12 | state: started 13 | enabled: yes 14 | -------------------------------------------------------------------------------- /gitopstools/Dockerfile: -------------------------------------------------------------------------------- 1 | from alpine 2 | MAINTAINER Sander 3 | 4 | # Install cool software 5 | RUN apk add curl git && \ 6 | curl -LO https://dl.k8s.io/release/v1.26.0/bin/linux/amd64/kubectl && \ 7 | cp kubectl /usr/local/bin/kubectl && \ 8 | chmod +x /usr/local/bin/kubectl 9 | 10 | -------------------------------------------------------------------------------- /demotask.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tekton.dev/v1beta1 2 | kind: Task 3 | metadata: 4 | name: demotask 5 | spec: 6 | steps: 7 | - name: stepone 8 | image: alpine 9 | script: | 10 | #!/bin/sh 11 | echo "hello step one" 12 | - name: steptwo 13 | image: alpine 14 | script: | 15 | #!/bin/sh 16 | echo "hello step two" 17 | -------------------------------------------------------------------------------- /kustomize-demo/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | k8s-app: nginx-friday20 7 | name: nginx-friday20 8 | spec: 9 | ports: 10 | - port: 80 11 | protocol: TCP 12 | targetPort: 80 13 | selector: 14 | k8s-app: nginx-friday20 15 | status: 16 | loadBalancer: {} 17 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/blue-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: blue-deploy 7 | name: blue-svc 8 | spec: 9 | ports: 10 | - port: 80 11 | protocol: TCP 12 | targetPort: 80 13 | selector: 14 | app: blue-deploy 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/green-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: green-deploy 7 | name: green-svc 8 | spec: 9 | ports: 10 | - port: 80 11 | protocol: TCP 12 | targetPort: 80 13 | selector: 14 | app: green-deploy 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /patch/patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: the-deploy 5 | spec: 6 | template: 7 | spec: 8 | volumes: 9 | - name: configfile 10 | configMap: 11 | name: the 12 | containers: 13 | - name: nginx 14 | volumeMounts: 15 | - name: configfile 16 | mountPath: /usr/share/nginx/html/ 17 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: blue-deploy 5 | spec: 6 | template: 7 | spec: 8 | volumes: 9 | - name: configfile 10 | configMap: 11 | name: blue 12 | containers: 13 | - name: nginx 14 | volumeMounts: 15 | - name: configfile 16 | mountPath: /usr/share/nginx/html/ 17 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: green-deploy 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: nginx 10 | volumeMounts: 11 | - name: configfile 12 | mountPath: /usr/share/nginx/html/ 13 | volumes: 14 | - name: configfile 15 | configMap: 16 | name: green 17 | 18 | -------------------------------------------------------------------------------- /lesson14/pvc-patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: preprod 5 | spec: 6 | template: 7 | spec: 8 | volumes: 9 | - name: storage 10 | persistentVolumeClaim: 11 | claimName: preprod-pvc 12 | containers: 13 | - name: nginx 14 | volumeMounts: 15 | - name: storage 16 | mountPath: /usr/share/nginx/html/ 17 | 18 | -------------------------------------------------------------------------------- /demo-pipeline.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: tekton.dev/v1beta1 2 | kind: Pipeline 3 | metadata: 4 | name: demopipe 5 | spec: 6 | params: 7 | - name: username 8 | type: string 9 | tasks: 10 | - name: demotask 11 | taskRef: 12 | name: demotask 13 | - name: secondtask 14 | runAfter: 15 | - demotask 16 | taskRef: 17 | name: secondtask 18 | params: 19 | - name: username 20 | value: $(params.username) 21 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/myapp-ing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | creationTimestamp: null 5 | name: myapp 6 | spec: 7 | rules: 8 | - host: myapp.local 9 | http: 10 | paths: 11 | - backend: 12 | service: 13 | name: blue-svc 14 | port: 15 | number: 80 16 | path: / 17 | pathType: Exact 18 | status: 19 | loadBalancer: {} 20 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/myapp-ing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | creationTimestamp: null 5 | name: myapp 6 | spec: 7 | rules: 8 | - host: myapp.local 9 | http: 10 | paths: 11 | - backend: 12 | service: 13 | name: green-svc 14 | port: 15 | number: 80 16 | path: / 17 | pathType: Exact 18 | status: 19 | loadBalancer: {} 20 | -------------------------------------------------------------------------------- /pv-pod.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: pv-pod 5 | spec: 6 | volumes: 7 | - name: pv-storage 8 | persistentVolumeClaim: 9 | claimName: pv-claim 10 | containers: 11 | - name: pv-container 12 | image: nginx 13 | ports: 14 | - containerPort: 80 15 | name: "http-server" 16 | volumeMounts: 17 | - mountPath: "/usr/share/nginx/html" 18 | name: pv-storage 19 | -------------------------------------------------------------------------------- /gitops-pv-pod-prod.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: gitops-pod-prod 5 | spec: 6 | volumes: 7 | - name: pv-storage 8 | persistentVolumeClaim: 9 | claimName: pvc-prod 10 | containers: 11 | - name: pv-container 12 | image: nginx 13 | ports: 14 | - containerPort: 80 15 | name: http-server 16 | volumeMounts: 17 | - mountPath: /usr/share/nginx/html 18 | name: pv-storage 19 | -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | version = "~> 4.16" 6 | } 7 | } 8 | 9 | required_version = ">= 1.2.0" 10 | } 11 | 12 | provider "aws" { 13 | region = "us-west-2" 14 | } 15 | 16 | resource "aws_instance" "app_server" { 17 | ami = "ami-0b029b1931b347543" 18 | instance_type = "t3.micro" 19 | 20 | tags = { 21 | Name = "ExampleAppServerInstance" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /gitops-pv-pod-preprod.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: gitops-pod 5 | spec: 6 | volumes: 7 | - name: pv-storage 8 | persistentVolumeClaim: 9 | claimName: pvc-preprod 10 | containers: 11 | - name: pv-container 12 | image: nginx 13 | ports: 14 | - containerPort: 80 15 | name: http-server 16 | volumeMounts: 17 | - mountPath: /usr/share/nginx/html 18 | name: pv-storage 19 | -------------------------------------------------------------------------------- /kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | # Find the latest tag here: https://github.com/ansible/awx-operator/releases 5 | - github.com/ansible/awx-operator/config/default?ref=1.1.3 6 | 7 | # Set the image tags to match the git version from above 8 | images: 9 | - name: quay.io/ansible/awx-operator 10 | newTag: 1.1.3 11 | 12 | # Specify a custom namespace in which to install AWX 13 | namespace: awx 14 | -------------------------------------------------------------------------------- /jenkinspipe: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent any 3 | 4 | stages { 5 | stage('build') { 6 | steps { 7 | git branch: 'master', 8 | url: 'https://github.com/sandervanvugt/containers' 9 | sh "docker build -t alpmap alpmap" 10 | } 11 | } 12 | stage('test') { 13 | steps { 14 | sh "docker images" 15 | } 16 | } 17 | stage('release') { 18 | steps { 19 | sh "docker run alpmap" 20 | } 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /trigger-template.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: triggers.tekton.dev/v1beta1 2 | kind: TriggerTemplate 3 | metadata: 4 | name: demo-template 5 | spec: 6 | params: 7 | - name: username 8 | default: "anna" 9 | resourcetemplates: 10 | - apiVersion: tekton.dev/v1beta1 11 | kind: PipelineRun 12 | metadata: 13 | generateName: demo-run- 14 | spec: 15 | pipelineRef: 16 | name: demopipe 17 | params: 18 | - name: username 19 | value: $(tt.params.username) 20 | -------------------------------------------------------------------------------- /add-tekton-repo.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # add tekton CLI repo on Ubuntu 4 | sudo apt update 5 | sudo apt install -y gnupg 6 | sudo mkdir -p /etc/apt/keyrings/ 7 | sudo gpg --no-default-keyring --keyring /etc/apt/keyrings/tektoncd.gpg --keyserver keyserver.ubuntu.com --recv-keys 3EFE0E0A2F2F60AA 8 | echo "deb [signed-by=/etc/apt/keyrings/tektoncd.gpg] http://ppa.launchpad.net/tektoncd/cli/ubuntu eoan main"|sudo tee /etc/apt/sources.list.d/tektoncd-ubuntu-cli.list 9 | sudo apt update && sudo apt install -y tektoncd-cli 10 | -------------------------------------------------------------------------------- /patch/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: the-deploy 7 | name: the-deploy 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: the-deploy 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: the-deploy 19 | spec: 20 | containers: 21 | - image: nginx 22 | name: nginx 23 | resources: {} 24 | status: {} 25 | -------------------------------------------------------------------------------- /kustomize-envs/base/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: demo-app 7 | name: demo-app 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: demo-app 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: demo-app 19 | spec: 20 | containers: 21 | - image: nginx 22 | name: nginx 23 | resources: {} 24 | status: {} 25 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: blue-deploy 7 | name: blue-deploy 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: blue-deploy 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: blue-deploy 19 | spec: 20 | containers: 21 | - image: nginx 22 | name: nginx 23 | resources: {} 24 | status: {} 25 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: green-deploy 7 | name: green-deploy 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: green-deploy 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: green-deploy 19 | spec: 20 | containers: 21 | - image: nginx 22 | name: nginx 23 | resources: {} 24 | status: {} 25 | -------------------------------------------------------------------------------- /new-ing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | creationTimestamp: null 5 | name: new-version 6 | annotations: 7 | nginx.ingress.kubernetes.io/canary: "true" 8 | nginx.ingress.kubernetes.io/canary-weight: "10" 9 | spec: 10 | rules: 11 | - host: theapp.info 12 | http: 13 | paths: 14 | - backend: 15 | service: 16 | name: new-version 17 | port: 18 | number: 80 19 | path: / 20 | pathType: Exact 21 | status: 22 | loadBalancer: {} 23 | -------------------------------------------------------------------------------- /gitops-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: CronJob 3 | metadata: 4 | name: gitops-operator 5 | spec: 6 | schedule: "*/2 * * * *" 7 | concurrencyPolicy: Forbid 8 | jobTemplate: 9 | spec: 10 | backoffLimit: 0 11 | template: 12 | spec: 13 | restartPolicy: Never 14 | serviceAccountName: gitops 15 | containers: 16 | - name: gitops-operator 17 | image: sandervanvugt/gitops 18 | command: [sh, -e, -c] 19 | args: 20 | - git clone https://github.com/sandervanvugt/kube-app.git /tmp/kube-app && find /tmp/kube-app -name '*.yaml' -exec kubectl apply -f {} \; 21 | 22 | -------------------------------------------------------------------------------- /kubeci.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | export GIT_VERSION=$(git rev-parse HEAD | cut -c1-8) 3 | 4 | export NEW_IMAGE="sandervanvugt/kube-app:${GIT_VERSION}" 5 | docker build -t ${NEW_IMAGE} 6 | docker push ${NEW_IMAGE} 7 | 8 | git clone https://github.com/sandervanvugt/kube-app 9 | cd kube-app 10 | 11 | kubectl patch --local -o yaml -f sampleginx-deploy.yaml \ 12 | -p "spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: sampleginx 17 | image: ${NEW_IMAGE}" \ 18 | > /tmp/newsampleginx.yaml 19 | 20 | mv /tmp/newsampleginx.yaml sampleginx.yaml 21 | 22 | git commit sampleginx.yaml -m "CI update sampleginx image to ${NEW_IMAGE}" 23 | git push 24 | 25 | 26 | -------------------------------------------------------------------------------- /crd-object.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | name: backups.stable.example.com 5 | spec: 6 | group: stable.example.com 7 | versions: 8 | - name: v1 9 | served: true 10 | storage: true 11 | schema: 12 | openAPIV3Schema: 13 | type: object 14 | properties: 15 | spec: 16 | type: object 17 | properties: 18 | backupType: 19 | type: string 20 | image: 21 | type: string 22 | replicas: 23 | type: integer 24 | scope: Namespaced 25 | names: 26 | plural: backups 27 | singular: backup 28 | shortNames: 29 | - bks 30 | kind: BackUp 31 | -------------------------------------------------------------------------------- /canary.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: old-version 7 | type: canary 8 | name: old-version 9 | spec: 10 | replicas: 3 11 | selector: 12 | matchLabels: 13 | app: old-version 14 | strategy: {} 15 | template: 16 | metadata: 17 | creationTimestamp: null 18 | labels: 19 | app: old-version 20 | type: canary 21 | spec: 22 | containers: 23 | - image: nginx:latest 24 | name: nginx 25 | resources: {} 26 | volumeMounts: 27 | - name: configfile 28 | mountPath: /usr/share/nginx/html/ 29 | volumes: 30 | - name: configfile 31 | configMap: 32 | name: old-version 33 | status: {} 34 | -------------------------------------------------------------------------------- /lesson14/gittools.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | run: gittools 7 | name: gittools 8 | spec: 9 | containers: 10 | - image: sandervanvugt/gitops 11 | name: gittools 12 | args: 13 | - sleep 14 | - infinity 15 | resources: {} 16 | volumeMounts: 17 | - mountPath: /preprod 18 | name: preprod 19 | - mountPath: /prod 20 | name: prod 21 | - mountPath: /kube-app 22 | name: kube-app 23 | volumes: 24 | - name: preprod 25 | hostPath: 26 | path: /preprod 27 | - name: prod 28 | hostPath: 29 | path: /prod 30 | - name: kube-app 31 | hostPath: 32 | path: /kube-app 33 | dnsPolicy: ClusterFirst 34 | restartPolicy: Always 35 | status: {} 36 | 37 | -------------------------------------------------------------------------------- /rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: tekton-robot 5 | --- 6 | apiVersion: rbac.authorization.k8s.io/v1 7 | kind: RoleBinding 8 | metadata: 9 | name: triggers-example-eventlistener-binding 10 | subjects: 11 | - kind: ServiceAccount 12 | name: tekton-robot 13 | roleRef: 14 | apiGroup: rbac.authorization.k8s.io 15 | kind: ClusterRole 16 | name: tekton-triggers-eventlistener-roles 17 | --- 18 | apiVersion: rbac.authorization.k8s.io/v1 19 | kind: ClusterRoleBinding 20 | metadata: 21 | name: triggers-example-eventlistener-clusterbinding 22 | subjects: 23 | - kind: ServiceAccount 24 | name: tekton-robot 25 | namespace: default 26 | roleRef: 27 | apiGroup: rbac.authorization.k8s.io 28 | kind: ClusterRole 29 | name: tekton-triggers-eventlistener-clusterroles 30 | -------------------------------------------------------------------------------- /lesson14/gitops-prod-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: CronJob 3 | metadata: 4 | name: gitops-prod-operator 5 | namespace: prod 6 | spec: 7 | schedule: "*/2 * * * *" 8 | concurrencyPolicy: Forbid 9 | jobTemplate: 10 | spec: 11 | backoffLimit: 0 12 | template: 13 | spec: 14 | restartPolicy: Never 15 | serviceAccountName: gitops 16 | containers: 17 | - name: gitops-operator 18 | image: sandervanvugt/gittools 19 | volumeMounts: 20 | - mountPath: /prod 21 | name: prod 22 | command: [sh, -e, -c] 23 | args: 24 | - git clone https://github.com/sandervanvugt/prod /prod || (cd /prod && git pull) && 25 | find /prod -name '*.yaml' -exec kubectl apply -f {} \; 26 | volumes: 27 | - name: prod 28 | hostPath: 29 | path: /prod 30 | -------------------------------------------------------------------------------- /exposenginx.yaml: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # version 0.1 - Jan. 16th 2023 3 | 4 | # check if new deployments are added and print imagename in the output 5 | kubectl get --watch --watch-only --output-watch-events deploy -o wide -o custom-columns=type:type,name:object.metadata.name,containers:object.spec.template.spec.containers[*].image --no-headers | \ 6 | while read line; do 7 | 8 | NAME=$(echo $line | cut -d' ' -f2) 9 | EVENT=$(echo $line | cut -d' ' -f1) 10 | IMAGE=$(echo $line | cut -d' ' -f3) 11 | 12 | if echo $IMAGE | grep 'nginx' 13 | then 14 | 15 | case $EVENT in 16 | ADDED) 17 | echo debug: $NAME was added 18 | kubectl expose deploy $NAME --port=80 --type=NodePort 19 | kubectl annotate service $NAME created="$(date +%m-%d-%y)" 20 | ;; 21 | MODIFIED) 22 | echo $NAME was modified 23 | echo not taking any further action 24 | ;; 25 | DELETED) 26 | echo $NAME was deleted 27 | kubectl delete svc $NAME 28 | ;; 29 | esac 30 | fi 31 | done 32 | 33 | -------------------------------------------------------------------------------- /minikube-docker-setup-old.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # last minute patch, added 20 Aug. 2021 3 | # currently only supported on Ubuntu 20.04 LTS 4 | 5 | sudo apt-get update -y 6 | sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y 7 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 8 | sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 9 | sudo apt-get update -y 10 | sudo apt-get install docker-ce docker-ce-cli containerd.io -y 11 | 12 | curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl 13 | chmod +x ./kubectl 14 | sudo mv ./kubectl /usr/local/bin/kubectl 15 | 16 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 17 | sudo install minikube-linux-amd64 /usr/local/bin/minikube 18 | #### 19 | echo the script is now ready 20 | echo manually run minikube start --vm-driver=docker to start minikube 21 | 22 | sudo usermod -aG docker $USER 23 | newgrp docker 24 | 25 | minikube start --vm-driver=docker 26 | -------------------------------------------------------------------------------- /kubernetes.tf: -------------------------------------------------------------------------------- 1 | provider "kubernetes" { 2 | config_path = "~/.kube/config" 3 | config_context = "minikube" 4 | } 5 | 6 | resource "kubernetes_namespace" "example" { 7 | metadata { 8 | name = "example" 9 | } 10 | } 11 | 12 | resource "kubernetes_deployment" "nginx" { 13 | metadata { 14 | name = "scalable-nginx-example" 15 | labels = { 16 | App = "ScalableNginxExample" 17 | } 18 | } 19 | 20 | spec { 21 | replicas = 2 22 | selector { 23 | match_labels = { 24 | App = "ScalableNginxExample" 25 | } 26 | } 27 | template { 28 | metadata { 29 | labels = { 30 | App = "ScalableNginxExample" 31 | } 32 | } 33 | spec { 34 | container { 35 | image = "nginx:1.7.8" 36 | name = "example" 37 | 38 | port { 39 | container_port = 80 40 | } 41 | 42 | resources { 43 | limits = { 44 | cpu = "0.5" 45 | memory = "512Mi" 46 | } 47 | requests = { 48 | cpu = "250m" 49 | memory = "50Mi" 50 | } 51 | } 52 | } 53 | } 54 | } 55 | } 56 | } 57 | 58 | -------------------------------------------------------------------------------- /kustomize-microservice/default-storageclass.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: mysql-demo-claim 5 | labels: 6 | app: demo 7 | spec: 8 | accessModes: 9 | - ReadWriteOnce 10 | resources: 11 | requests: 12 | storage: 20Gi 13 | --- 14 | apiVersion: apps/v1 15 | kind: Deployment 16 | metadata: 17 | name: demo-mysql 18 | labels: 19 | app: demo 20 | spec: 21 | selector: 22 | matchLabels: 23 | app: demo 24 | tier: mysql 25 | strategy: 26 | type: Recreate 27 | template: 28 | metadata: 29 | labels: 30 | app: demo 31 | tier: mysql 32 | spec: 33 | containers: 34 | - image: mysql:5.6 35 | name: mysql 36 | env: 37 | - name: MYSQL_ROOT_PASSWORD 38 | valueFrom: 39 | secretKeyRef: 40 | name: mysql-pass 41 | key: password 42 | ports: 43 | - containerPort: 3306 44 | name: mysql 45 | volumeMounts: 46 | - name: mysql-persistent-storage 47 | mountPath: /var/lib/mysql 48 | volumes: 49 | - name: mysql-persistent-storage 50 | persistentVolumeClaim: 51 | claimName: mysql-demo-claim 52 | 53 | -------------------------------------------------------------------------------- /lesson14/gitops-preprod-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: CronJob 3 | metadata: 4 | name: gitops-preprod-operator 5 | namespace: preprod 6 | spec: 7 | schedule: "*/2 * * * *" 8 | concurrencyPolicy: Forbid 9 | jobTemplate: 10 | spec: 11 | backoffLimit: 0 12 | template: 13 | spec: 14 | restartPolicy: Never 15 | serviceAccountName: gitops 16 | containers: 17 | - name: gitops-operator 18 | image: sandervanvugt/gittools 19 | volumeMounts: 20 | - mountPath: /preprod 21 | name: preprod 22 | - mountPath: /prod 23 | name: prod 24 | command: [sh, -e, -c] 25 | args: 26 | - git clone https://github.com/sandervanvugt/preprod /preprod || (cd /preprod && git pull) && 27 | find /preprod -name '*.yaml' -exec kubectl apply -f {} \; && 28 | curl preprod | grep preproduction || exit 9 && 29 | find /preprod -type f -exec cp {} /prod/ \; && 30 | find /prod -type f -exec sed -i -e 's/preprod/prod/g' {} \; 31 | volumes: 32 | - name: preprod 33 | hostPath: 34 | path: /preprod 35 | - name: prod 36 | hostPath: 37 | path: /prod 38 | -------------------------------------------------------------------------------- /kustomize-demo/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | annotations: 5 | deployment.kubernetes.io/revision: "1" 6 | creationTimestamp: "2019-09-20T14:54:12Z" 7 | generation: 1 8 | labels: 9 | k8s-app: nginx-friday20 10 | name: nginx-friday20 11 | namespace: default 12 | resourceVersion: "24766" 13 | selfLink: /apis/apps/v1/namespaces/default/deployments/nginx-friday20 14 | uid: 4c4e3217-0fcf-4365-987c-10d089a09c1e 15 | spec: 16 | progressDeadlineSeconds: 600 17 | replicas: 3 18 | revisionHistoryLimit: 10 19 | selector: 20 | matchLabels: 21 | k8s-app: nginx-friday20 22 | strategy: 23 | rollingUpdate: 24 | maxSurge: 25% 25 | maxUnavailable: 25% 26 | type: RollingUpdate 27 | template: 28 | metadata: 29 | creationTimestamp: null 30 | labels: 31 | k8s-app: nginx-friday20 32 | name: nginx-friday20 33 | spec: 34 | containers: 35 | - image: nginx 36 | imagePullPolicy: Always 37 | name: nginx-friday20 38 | resources: {} 39 | securityContext: 40 | privileged: false 41 | terminationMessagePath: /dev/termination-log 42 | terminationMessagePolicy: File 43 | dnsPolicy: ClusterFirst 44 | restartPolicy: Always 45 | schedulerName: default-scheduler 46 | securityContext: {} 47 | terminationGracePeriodSeconds: 30 48 | -------------------------------------------------------------------------------- /kustomize-microservice/mysql-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: wordpress-mysql 5 | labels: 6 | app: wordpress 7 | spec: 8 | ports: 9 | - port: 3306 10 | selector: 11 | app: wordpress 12 | tier: mysql 13 | clusterIP: None 14 | --- 15 | apiVersion: v1 16 | kind: PersistentVolumeClaim 17 | metadata: 18 | name: mysql-pv-claim 19 | labels: 20 | app: wordpress 21 | spec: 22 | accessModes: 23 | - ReadWriteOnce 24 | resources: 25 | requests: 26 | storage: 2Gi 27 | --- 28 | apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2 29 | kind: Deployment 30 | metadata: 31 | name: wordpress-mysql 32 | labels: 33 | app: wordpress 34 | spec: 35 | selector: 36 | matchLabels: 37 | app: wordpress 38 | tier: mysql 39 | strategy: 40 | type: Recreate 41 | template: 42 | metadata: 43 | labels: 44 | app: wordpress 45 | tier: mysql 46 | spec: 47 | containers: 48 | - image: mysql:5.6 49 | name: mysql 50 | env: 51 | - name: MYSQL_ROOT_PASSWORD 52 | valueFrom: 53 | secretKeyRef: 54 | name: mysql-pass 55 | key: password 56 | ports: 57 | - containerPort: 3306 58 | name: mysql 59 | volumeMounts: 60 | - name: mysql-persistent-storage 61 | mountPath: /var/lib/mysql 62 | volumes: 63 | - name: mysql-persistent-storage 64 | persistentVolumeClaim: 65 | claimName: mysql-pv-claim 66 | 67 | -------------------------------------------------------------------------------- /kustomize-microservice/wordpress-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: wordpress 5 | labels: 6 | app: wordpress 7 | spec: 8 | ports: 9 | - port: 80 10 | selector: 11 | app: wordpress 12 | tier: frontend 13 | type: LoadBalancer 14 | --- 15 | apiVersion: v1 16 | kind: PersistentVolumeClaim 17 | metadata: 18 | name: wp-pv-claim 19 | labels: 20 | app: wordpress 21 | spec: 22 | accessModes: 23 | - ReadWriteOnce 24 | resources: 25 | requests: 26 | storage: 2Gi 27 | --- 28 | apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2 29 | kind: Deployment 30 | metadata: 31 | name: wordpress 32 | labels: 33 | app: wordpress 34 | spec: 35 | selector: 36 | matchLabels: 37 | app: wordpress 38 | tier: frontend 39 | strategy: 40 | type: Recreate 41 | template: 42 | metadata: 43 | labels: 44 | app: wordpress 45 | tier: frontend 46 | spec: 47 | containers: 48 | - image: wordpress:4.8-apache 49 | name: wordpress 50 | env: 51 | - name: WORDPRESS_DB_HOST 52 | valueFrom: 53 | configMapKeyRef: 54 | name: wp-db-host 55 | key: hostname 56 | - name: WORDPRESS_DB_PASSWORD 57 | valueFrom: 58 | secretKeyRef: 59 | name: mysql-pass 60 | key: password 61 | ports: 62 | - containerPort: 80 63 | name: wordpress 64 | volumeMounts: 65 | - name: wordpress-persistent-storage 66 | mountPath: /var/www/html 67 | volumes: 68 | - name: wordpress-persistent-storage 69 | persistentVolumeClaim: 70 | claimName: wp-pv-claim 71 | 72 | -------------------------------------------------------------------------------- /minikube-docker-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ARCH=$(arch) 4 | 5 | ### installing Docker 6 | sudo apt-get update -y 7 | sudo apt-get install ca-certificates curl gnupg lsb-release -y 8 | sudo mkdir -p /etc/apt/keyrings 9 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg 10 | echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 11 | sudo apt-get update -y 12 | sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y 13 | 14 | if [ $ARCH = "x86_64" ] 15 | then 16 | echo executing on $ARCH 17 | #sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y 18 | #curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 19 | #sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 20 | #sudo apt-get update -y 21 | #sudo apt-get install docker-ce docker-ce-cli containerd.io -y 22 | 23 | curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl 24 | chmod +x ./kubectl 25 | sudo mv ./kubectl /usr/local/bin/kubectl 26 | 27 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 28 | sudo install minikube-linux-amd64 /usr/local/bin/minikube 29 | fi 30 | 31 | if [ $ARCH = "aarch64" ] 32 | then 33 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-arm64 34 | sudo install minikube-linux-arm64 /usr/local/bin/minikube 35 | sudo snap install kubectl --classic 36 | fi 37 | 38 | echo the script is now ready 39 | echo manually run minikube start --vm-driver=docker --memory=6G --cni=calico to start minikube 40 | 41 | sudo usermod -aG docker $USER 42 | newgrp docker 43 | -------------------------------------------------------------------------------- /gitops_pipeline.txt: -------------------------------------------------------------------------------- 1 | GITOPS OPERATOR WORK 2 | 3 | CI PART 4 | a. create a preprod dataset in a persistent volume ( 5 | - unnamespaced: type hostPath 6 | - index.html containing text preproduction 7 | - StorageClass label "preproduction" 8 | b. create a prod dataset in a persistent volume 9 | - index.html containing text production 10 | - StorageClass label "production" 11 | 12 | kubectl apply -f gitops-preprod-pv.yaml 13 | kubectl apply -f gitops-preprod-pvc.yaml 14 | kubectl apply -f gitops-pv-pod-preprod.yaml 15 | kubectl exec -it gitops-pod-preprod -- bash 16 | echo preproduction > /usr/share/nginx/html/index.html 17 | kubectl delete -f gitops-pod-preprod 18 | kubectl apply -f gitops-prod-pv.yaml 19 | kubectl apply -f gitops-prod-pvc.yaml 20 | kubectl apply -f gitops-pv-pod-prod.yaml 21 | kubectl exec -it gitops-pod-prod -- bash 22 | echo production > /usr/share/nginx/html/index.html 23 | kubectl delete -f gitops-pod-prod 24 | 25 | 1. create a preprod environment as a namespace 26 | 27 | kubectl create ns preprod 28 | kubectl create ns prod 29 | # create gitops-preprod git repository and initialize it 30 | mkdir /gitops-preprod 31 | 32 | ## verify all of this 33 | ##assuming that gitops-preprod has been initialized as a git repo 34 | ### 35 | kubectl create deploy preprod-deploy --image=nginx --replicas=3 --dry-run=client -n preprod -o yaml > preprod-deploy.yaml 36 | ##edit to mount the storage (or use patch) 37 | ##edit to change label to environment=preproduction 38 | kubectl apply -f preprod-deploy.yaml 39 | kubectl expose deploy -n preprod preprod-deploy --label=environment=preproduction --type=NodePort --port=80 --dry-run=client -o yaml > preprod-svc.yaml 40 | kubectl apply -f preprod-svc.yaml 41 | # at this point we have deploy and svc files in git repo 42 | kubectl delete -f preprod-svc.yaml 43 | kubectl delete -f preprod-deploy.svc 44 | # copy the *pvc.yaml files to current directory 45 | git add * 46 | git commit -m "adding initial resources" 47 | git push 48 | # now we can run gitops-preprod-operator which will do a new kubectl apply every two minutes 49 | kubectl apply -f gitops-preprod-operator 50 | # now its time to run the script, test and promote to production 51 | # the script should run from a pod in the preprod namespace for smooth access to svc DNS name 52 | #!/bin/bash 53 | curl preprod | grep preproduction || exit 3 54 | cp preprod-deploy.yaml prod-deploy.yaml 55 | cp preprod-svc.yaml prod-svc.yaml 56 | sed -i -e 's/environment: preproduction/environment: production/g' prod*.yaml 57 | ## at this point the production files are ready ###VERIFY 58 | 59 | - poll the git repository for deployments periodically 60 | - deployment needs to run an nginx based deployment 61 | - comes with a PVC that uses StorageClass as a selector label in the same YAML file 62 | - uses label environment=preproduction 63 | - expose the application as a nodePort service, using environment=preproduction label 64 | - test the application: shell script that greps for preproduction after using curl to connect to the application 65 | - shell: if test succeeds 66 | - use sed to change environment=preproduction to environment=production in deployment yaml 67 | - use sed to change StorageClass name preproduction to production 68 | - shell: move this to appropriate Git branch or subdirectory (name=production) 69 | 70 | 71 | 72 | TODO: involve Git Branches 73 | 74 | CD PART 75 | 2. create a prod environment as a namespace 76 | - poll the git repository for deployments periodically and kubectl apply if there is a diff 77 | - expose the application as a nodePort service 78 | - test the application 79 | - if succeeds, continue running the operator loop 80 | 81 | --------------------------------------------------------------------------------