├── hollowapp
├── tests
│ ├── __init__.py
│ └── tests.py
├── migrations
│ ├── README
│ ├── __pycache__
│ │ └── env.cpython-36.pyc
│ ├── versions
│ │ ├── __pycache__
│ │ │ └── 94ad24d5e159_.cpython-36.pyc
│ │ └── 94ad24d5e159_.py
│ ├── script.py.mako
│ ├── alembic.ini
│ └── env.py
├── app.db
├── static
│ └── loading.gif
├── app
│ ├── static
│ │ ├── loading.gif
│ │ ├── img
│ │ │ ├── ahead.jpg
│ │ │ ├── hollow.jpg
│ │ │ ├── hollow.png
│ │ │ └── newfile.jpg
│ │ ├── css
│ │ │ ├── hollowstyle.css
│ │ │ └── bootstrap-responsive.min.css
│ │ └── js
│ │ │ └── bootstrap.min.js
│ ├── auth
│ │ ├── __init__.py
│ │ ├── __pycache__
│ │ │ ├── email.cpython-36.pyc
│ │ │ ├── forms.cpython-36.pyc
│ │ │ ├── routes.cpython-36.pyc
│ │ │ └── __init__.cpython-36.pyc
│ │ ├── email.py
│ │ ├── forms.py
│ │ └── routes.py
│ ├── main
│ │ ├── __init__.py
│ │ ├── __pycache__
│ │ │ ├── forms.cpython-36.pyc
│ │ │ ├── routes.cpython-36.pyc
│ │ │ └── __init__.cpython-36.pyc
│ │ ├── forms.py
│ │ └── routes.py
│ ├── __pycache__
│ │ ├── cli.cpython-36.pyc
│ │ ├── email.cpython-36.pyc
│ │ ├── models.cpython-36.pyc
│ │ ├── search.cpython-36.pyc
│ │ ├── __init__.cpython-36.pyc
│ │ └── translate.cpython-36.pyc
│ ├── errors
│ │ ├── __init__.py
│ │ ├── __pycache__
│ │ │ ├── __init__.cpython-36.pyc
│ │ │ └── handlers.cpython-36.pyc
│ │ └── handlers.py
│ ├── templates
│ │ ├── errors
│ │ │ ├── 404.html
│ │ │ └── 500.html
│ │ ├── auth
│ │ │ ├── register.html
│ │ │ ├── reset_password.html
│ │ │ ├── reset_password_request.html
│ │ │ └── login.html
│ │ ├── email
│ │ │ ├── reset_password.txt
│ │ │ └── reset_password.html
│ │ ├── edit_profile.html
│ │ ├── search.html
│ │ ├── index.html
│ │ ├── tasks.html
│ │ ├── _post.html
│ │ ├── _task.html
│ │ ├── user.html
│ │ └── base.html
│ ├── email.py
│ ├── translate.py
│ ├── search.py
│ ├── cli.py
│ ├── __init__.py
│ ├── models.py
│ └── translations
│ │ └── es
│ │ └── LC_MESSAGES
│ │ └── messages.po
├── babel.cfg
├── vars
│ └── main.yml
├── .env
├── taskapp.py
├── Dockerfile
├── requirements.txt
├── config.py
└── boot.sh
├── .gitignore
├── .DS_Store
├── 22-Jobs
├── Dockerfile
├── 1-job.yml
└── 2-cronjob.yml
├── img
└── kubernetesguide.png
├── 9-Ingress
├── 1-namespace.yml
├── 2-configmap.yml
├── 6-ingress-svc.yml
├── 4-backend.yml
├── 7-app.yml
├── 3-rbac.yml
└── 5-ingress-ctrl.yml
├── 16-RBAC
├── 1-serviceaccount.yml
├── 2-role.yml
├── 3-rolebinding.yml
└── 4-config-example.yml
├── 12-Secrets
├── 2-Secret.yml
├── 1-HollowDB.yml
└── 3-HollowApp.yml
├── 13-PersistentVolumes
├── 4-secret.yml
├── 2-pvc.yml
├── 1-persistentVolume.yml
├── 3-database.yml
└── 5-hollowapp.yml
├── 11-ConfigMaps
├── 2-ConfigMap.yml
├── 3-demo-test.yml
├── 1-HollowDB.yml
└── 4-HollowApp.yml
├── 5-Endpoints
├── 3-test-container.sh
├── 2-endpoints.yml
└── 1-deployment.yml
├── 14-CloudProviders-StorageClasses
├── 5-pvc.yml
├── 3-node-join-example.conf
├── 4-storageclass.yml
├── 1-vsphere.conf
└── 2-vsphere-init.conf
├── 22-PodSecurityPolicies
├── 3-cluster-role.yml
├── 4-cluster-role-binding.yml
├── 5-deployment.yml
├── 1-deployment.yml
└── 2-psp.yml
├── 15-Statefulsets
├── 1-configmap.yml
├── 2-services.yml
└── 3-statefulset.yml
├── 8-Context
└── example.yml
├── 7-Namespaces
└── namespace.yml
├── 21-NetworkPolicies
└── 1-networkpolicy.yml
├── 20-DaemonSets
└── 1-daemonset.yml
├── 10-DNS
└── 1-nginx-example.yml
├── 6-ServicePublishing
├── 1-servicepublishing.yml
└── 2-servicepublishing.yml
├── 2-ReplicaSets
└── replicaset.yml
├── 1-Pods
└── pod.yml
├── 3-Deployments
├── Deployment1.yml
└── Deployment2.yml
├── 19-TaintsAndTolerations
├── 1-deployment.yml
└── 2-deployment.yml
├── 4-Services
└── services.yml
└── README.md
/hollowapp/tests/__init__.py:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store
2 | *.DS_Store
--------------------------------------------------------------------------------
/hollowapp/migrations/README:
--------------------------------------------------------------------------------
1 | Generic single-database configuration.
--------------------------------------------------------------------------------
/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/.DS_Store
--------------------------------------------------------------------------------
/22-Jobs/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine
2 |
3 | RUN apk update
4 | RUN apk add curl
--------------------------------------------------------------------------------
/hollowapp/app.db:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app.db
--------------------------------------------------------------------------------
/img/kubernetesguide.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/img/kubernetesguide.png
--------------------------------------------------------------------------------
/9-Ingress/1-namespace.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Namespace
4 | metadata:
5 | name: ingress
6 |
7 |
--------------------------------------------------------------------------------
/hollowapp/static/loading.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/static/loading.gif
--------------------------------------------------------------------------------
/hollowapp/app/static/loading.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/static/loading.gif
--------------------------------------------------------------------------------
/hollowapp/app/static/img/ahead.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/static/img/ahead.jpg
--------------------------------------------------------------------------------
/hollowapp/app/static/img/hollow.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/static/img/hollow.jpg
--------------------------------------------------------------------------------
/hollowapp/app/static/img/hollow.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/static/img/hollow.png
--------------------------------------------------------------------------------
/hollowapp/app/static/img/newfile.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/static/img/newfile.jpg
--------------------------------------------------------------------------------
/hollowapp/babel.cfg:
--------------------------------------------------------------------------------
1 | [python: app/**.py]
2 | [jinja2: app/templates/**.html]
3 | extensions=jinja2.ext.autoescape,jinja2.ext.with_
4 |
--------------------------------------------------------------------------------
/hollowapp/app/auth/__init__.py:
--------------------------------------------------------------------------------
1 | from flask import Blueprint
2 |
3 | bp = Blueprint('auth', __name__)
4 |
5 | from app.auth import routes
6 |
--------------------------------------------------------------------------------
/hollowapp/app/main/__init__.py:
--------------------------------------------------------------------------------
1 | from flask import Blueprint
2 |
3 | bp = Blueprint('main', __name__)
4 |
5 | from app.main import routes
6 |
--------------------------------------------------------------------------------
/16-RBAC/1-serviceaccount.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 | name: hollowteam-user
6 | namespace: hollowteam
--------------------------------------------------------------------------------
/hollowapp/app/__pycache__/cli.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/__pycache__/cli.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/__pycache__/email.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/__pycache__/email.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/__pycache__/models.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/__pycache__/models.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/__pycache__/search.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/__pycache__/search.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/errors/__init__.py:
--------------------------------------------------------------------------------
1 | from flask import Blueprint
2 |
3 | bp = Blueprint('errors', __name__)
4 |
5 | from app.errors import handlers
6 |
--------------------------------------------------------------------------------
/hollowapp/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | flask_dbpass: "Password123"
3 | flask_dbname: "taskapp"
4 | flask_dbuser: "taskapp"
5 | flask_dbhost: "10.233.4.87"
6 |
--------------------------------------------------------------------------------
/hollowapp/app/__pycache__/__init__.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/__pycache__/__init__.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/__pycache__/translate.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/__pycache__/translate.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/auth/__pycache__/email.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/auth/__pycache__/email.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/auth/__pycache__/forms.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/auth/__pycache__/forms.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/auth/__pycache__/routes.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/auth/__pycache__/routes.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/main/__pycache__/forms.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/main/__pycache__/forms.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/main/__pycache__/routes.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/main/__pycache__/routes.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/migrations/__pycache__/env.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/migrations/__pycache__/env.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/auth/__pycache__/__init__.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/auth/__pycache__/__init__.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/main/__pycache__/__init__.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/main/__pycache__/__init__.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/errors/__pycache__/__init__.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/errors/__pycache__/__init__.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/app/errors/__pycache__/handlers.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/app/errors/__pycache__/handlers.cpython-36.pyc
--------------------------------------------------------------------------------
/hollowapp/.env:
--------------------------------------------------------------------------------
1 | echo "SECRET_KEY=52cb883e323b48d78a0a36e8e951ba4a"
2 | echo "MAIL_SERVER=localhost"
3 | echo "MAIL_PORT=25"
4 | echo "ELASTICSEARCH_URI=http://localhost:9200"
5 |
6 |
--------------------------------------------------------------------------------
/hollowapp/migrations/versions/__pycache__/94ad24d5e159_.cpython-36.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/theITHollow/k8s-guide/HEAD/hollowapp/migrations/versions/__pycache__/94ad24d5e159_.cpython-36.pyc
--------------------------------------------------------------------------------
/12-Secrets/2-Secret.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Secret
3 | metadata:
4 | name: hollow-secret
5 | data:
6 | db.string: bXlzcWwrcHlteXNxbDovL2hvbGxvd2FwcDpQYXNzd29yZDEyM0Bob2xsb3dkYjozMzA2L2hvbGxvd2FwcA==
--------------------------------------------------------------------------------
/13-PersistentVolumes/4-secret.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Secret
3 | metadata:
4 | name: hollow-secret
5 | data:
6 | db.string: bXlzcWwrcHlteXNxbDovL2hvbGxvd2FwcDpQYXNzd29yZDEyM0Bob2xsb3dkYjozMzA2L2hvbGxvd2FwcA==
--------------------------------------------------------------------------------
/hollowapp/app/templates/errors/404.html:
--------------------------------------------------------------------------------
1 | {% extends "base.html" %}
2 |
3 | {% block app_content %}
4 | {{ _('Not Found') }}
5 | {{ _('Back') }}
6 | {% endblock %}
7 |
--------------------------------------------------------------------------------
/9-Ingress/2-configmap.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | name: nginx-ingress-controller-conf
6 | labels:
7 | app: nginx-ingress-lb
8 | namespace: ingress
9 | data:
10 | enable-vts-status: 'true'
--------------------------------------------------------------------------------
/11-ConfigMaps/2-ConfigMap.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | name: hollow-config
5 | data:
6 | db.string: "mysql+pymysql://hollowapp:Password123@hollowdb:3306/hollowapp" #Key Value pair Value being a database connection string
--------------------------------------------------------------------------------
/5-Endpoints/3-test-container.sh:
--------------------------------------------------------------------------------
1 | kubectl create -f https://k8s.io/examples/application/shell-demo.yaml
2 |
3 | kubectl exec -it shell-demo -- /bin/bash
4 |
5 | ### Execute after accessing shell
6 | apt-get update
7 | apt-get install curl
8 | curl external-web
--------------------------------------------------------------------------------
/16-RBAC/2-role.yml:
--------------------------------------------------------------------------------
1 | ---
2 | kind: Role
3 | apiVersion: rbac.authorization.k8s.io/v1
4 | metadata:
5 | name: hollowteam-full-access
6 | namespace: hollowteam
7 | rules:
8 | - apiGroups: ["", "extensions", "apps"]
9 | resources: ["*"]
10 | verbs: ["*"]
--------------------------------------------------------------------------------
/13-PersistentVolumes/2-pvc.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: PersistentVolumeClaim
4 | metadata:
5 | name: mysqlvol
6 | spec:
7 | storageClassName: manual
8 | accessModes:
9 | - ReadWriteOnce
10 | resources:
11 | requests:
12 | storage: 10Gi
--------------------------------------------------------------------------------
/hollowapp/taskapp.py:
--------------------------------------------------------------------------------
1 | from app import create_app, db, cli
2 | from app.models import User, Post, Task
3 |
4 | app = create_app()
5 | cli.register(app)
6 |
7 |
8 | @app.shell_context_processor
9 | def make_shell_context():
10 | return {'db': db, 'User': User, 'Post': Post, 'Task' : Task}
11 |
--------------------------------------------------------------------------------
/11-ConfigMaps/3-demo-test.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: shell-demo
5 | spec:
6 | containers:
7 | - name: nginx
8 | image: nginx
9 | env:
10 | - name: DATABASE_URL
11 | valueFrom:
12 | configMapKeyRef:
13 | name: hollow-config
14 | key: db.string
--------------------------------------------------------------------------------
/14-CloudProviders-StorageClasses/5-pvc.yml:
--------------------------------------------------------------------------------
1 | kind: PersistentVolumeClaim
2 | apiVersion: v1
3 | metadata:
4 | name: test-claim
5 | annotations:
6 | volume.beta.kubernetes.io/storage-class: vsphere-disk
7 | spec:
8 | accessModes:
9 | - ReadWriteOnce
10 | resources:
11 | requests:
12 | storage: 2Gi
--------------------------------------------------------------------------------
/22-PodSecurityPolicies/3-cluster-role.yml:
--------------------------------------------------------------------------------
1 | kind: ClusterRole
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | metadata:
4 | name: default-restrictedrole
5 | rules:
6 | - apiGroups:
7 | - extensions
8 | resources:
9 | - podsecuritypolicies
10 | resourceNames:
11 | - default-restricted
12 | verbs:
13 | - use
--------------------------------------------------------------------------------
/hollowapp/app/templates/errors/500.html:
--------------------------------------------------------------------------------
1 | {% extends "base.html" %}
2 |
3 | {% block app_content %}
4 | {{ _('An unexpected error has occurred') }}
5 | {{ _('The administrator has been notified. Sorry for the inconvenience!') }}
6 | {{ _('Back') }}
7 | {% endblock %}
8 |
--------------------------------------------------------------------------------
/13-PersistentVolumes/1-persistentVolume.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolume
3 | metadata:
4 | name: mysqlvol
5 | spec:
6 | storageClassName: manual
7 | capacity:
8 | storage: 10Gi #Size of the volume
9 | accessModes:
10 | - ReadWriteOnce #type of access
11 | hostPath:
12 | path: "/mnt/data" #host location
13 |
--------------------------------------------------------------------------------
/9-Ingress/6-ingress-svc.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | name: nginx
6 | namespace: ingress
7 | spec:
8 | type: NodePort
9 | ports:
10 | - port: 80
11 | name: http
12 | nodePort: 32000
13 | - port: 18080
14 | name: http-mgmt
15 | selector:
16 | app: nginx-ingress-lb
--------------------------------------------------------------------------------
/hollowapp/app/templates/auth/register.html:
--------------------------------------------------------------------------------
1 | {% extends "base.html" %}
2 | {% import 'bootstrap/wtf.html' as wtf %}
3 |
4 | {% block app_content %}
5 | {{ _('Register') }}
6 |
7 |
8 | {{ wtf.quick_form(form) }}
9 |
10 |
{{ _('Edit Profile') }}
6 |
7 |
8 | {{ wtf.quick_form(form) }}
9 |
10 |
{{ _('Reset Your Password') }}
6 |
7 |
8 | {{ wtf.quick_form(form) }}
9 |
10 |
{{ _('Reset Password') }}
6 |
7 |
8 | {{ wtf.quick_form(form) }}
9 |
10 |
Dear {{ user.username }},
2 |
3 | To reset your password
4 |
5 | click here
6 | .
7 |
8 | Alternatively, you can paste the following link in your browser's address bar:
9 | {{ url_for('auth.reset_password', token=token, _external=True) }}
10 | If you have not requested a password reset simply ignore this message.
11 | Sincerely,
12 | The Microblog Team
13 |
--------------------------------------------------------------------------------
/5-Endpoints/2-endpoints.yml:
--------------------------------------------------------------------------------
1 | kind: "Service"
2 | apiVersion: "v1"
3 | metadata:
4 | name: "external-web"
5 | spec:
6 | ports:
7 | -
8 | name: "apache"
9 | protocol: "TCP"
10 | port: 80
11 | targetPort: 80
12 | ---
13 | kind: "Endpoints"
14 | apiVersion: "v1"
15 | metadata:
16 | name: "external-web"
17 | subsets:
18 | -
19 | addresses:
20 | -
21 | ip: "10.10.50.53" #The IP Address of the external web server
22 | ports:
23 | -
24 | port: 80
25 | name: "apache"
--------------------------------------------------------------------------------
/hollowapp/app/email.py:
--------------------------------------------------------------------------------
1 | from threading import Thread
2 | from flask import current_app
3 | from flask_mail import Message
4 | from app import mail
5 |
6 |
7 | def send_async_email(app, msg):
8 | with app.app_context():
9 | mail.send(msg)
10 |
11 |
12 | def send_email(subject, sender, recipients, text_body, html_body):
13 | msg = Message(subject, sender=sender, recipients=recipients)
14 | msg.body = text_body
15 | msg.html = html_body
16 | Thread(target=send_async_email,
17 | args=(current_app._get_current_object(), msg)).start()
18 |
--------------------------------------------------------------------------------
/20-DaemonSets/1-daemonset.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: DaemonSet
3 | metadata:
4 | name: daemonset-example
5 | labels:
6 | app: daemonset-example
7 | spec:
8 | selector:
9 | matchLabels:
10 | app: daemonset-example
11 | template:
12 | metadata:
13 | labels:
14 | app: daemonset-example
15 | spec:
16 | tolerations:
17 | - key: node-role.kubernetes.io/master
18 | effect: NoSchedule
19 | containers:
20 | - name: busybox
21 | image: busybox
22 | args:
23 | - sleep
24 | - "10000"
--------------------------------------------------------------------------------
/hollowapp/app/templates/auth/login.html:
--------------------------------------------------------------------------------
1 | {% extends 'base.html' %}
2 | {% import 'bootstrap/wtf.html' as wtf %}
3 |
4 | {% block app_content %}
5 | {{ _('Sign In') }}
6 |
7 |
8 | {{ wtf.quick_form(form) }}
9 |
10 |
12 | {{ _('New User?') }} {{ _('Click to Register!') }}
13 |
14 | {{ _('Forgot Your Password?') }}
15 | {{ _('Click to Reset It') }}
16 |
17 | {% endblock %}
18 |
--------------------------------------------------------------------------------
/hollowapp/migrations/script.py.mako:
--------------------------------------------------------------------------------
1 | """${message}
2 |
3 | Revision ID: ${up_revision}
4 | Revises: ${down_revision | comma,n}
5 | Create Date: ${create_date}
6 |
7 | """
8 | from alembic import op
9 | import sqlalchemy as sa
10 | ${imports if imports else ""}
11 |
12 | # revision identifiers, used by Alembic.
13 | revision = ${repr(up_revision)}
14 | down_revision = ${repr(down_revision)}
15 | branch_labels = ${repr(branch_labels)}
16 | depends_on = ${repr(depends_on)}
17 |
18 |
19 | def upgrade():
20 | ${upgrades if upgrades else "pass"}
21 |
22 |
23 | def downgrade():
24 | ${downgrades if downgrades else "pass"}
25 |
--------------------------------------------------------------------------------
/15-Statefulsets/2-services.yml:
--------------------------------------------------------------------------------
1 | # Headless service for stable DNS entries of StatefulSet members.
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | name: mysql
6 | labels:
7 | app: mysql
8 | spec:
9 | ports:
10 | - name: mysql
11 | port: 3306
12 | clusterIP: None
13 | selector:
14 | app: mysql
15 | ---
16 | # Client service for connecting to any MySQL instance for reads.
17 | # For writes, you must instead connect to the master: mysql-0.mysql.
18 | apiVersion: v1
19 | kind: Service
20 | metadata:
21 | name: mysql-read
22 | labels:
23 | app: mysql
24 | spec:
25 | ports:
26 | - name: mysql
27 | port: 3306
28 | selector:
29 | app: mysql
--------------------------------------------------------------------------------
/hollowapp/app/auth/email.py:
--------------------------------------------------------------------------------
1 | from flask import render_template, current_app
2 | from flask_babel import _
3 | from app.email import send_email
4 |
5 |
6 | def send_password_reset_email(user):
7 | token = user.get_reset_password_token()
8 | send_email(_('[Microblog] Reset Your Password'),
9 | sender=current_app.config['ADMINS'][0],
10 | recipients=[user.email],
11 | text_body=render_template('email/reset_password.txt',
12 | user=user, token=token),
13 | html_body=render_template('email/reset_password.html',
14 | user=user, token=token))
15 |
--------------------------------------------------------------------------------
/hollowapp/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.6-alpine
2 |
3 | RUN adduser -D ubuntu && \
4 | mkdir -p /home/ubuntu
5 |
6 | WORKDIR /home/ubuntu
7 | COPY ./ ./
8 | RUN apk add --update \
9 | && apk add --no-cache --virtual .build-deps \
10 | mariadb-dev \
11 | gcc \
12 | musl-dev \
13 | && apk del .build-deps && \
14 | apk add --no-cache mysql-client && \
15 | python -m venv venv && \
16 | venv/bin/pip install --upgrade setuptools && \
17 | venv/bin/pip install -r requirements.txt && \
18 | venv/bin/pip install gunicorn PyMySQL==0.8.1 && \
19 | chmod +x boot.sh && \
20 | chown -R ubuntu:ubuntu /home/ubuntu/
21 |
22 | ENV FLASK_APP taskapp.py
23 | USER ubuntu
24 | EXPOSE 5000
25 | ENTRYPOINT ["./boot.sh"]
--------------------------------------------------------------------------------
/22-PodSecurityPolicies/2-psp.yml:
--------------------------------------------------------------------------------
1 | apiVersion: policy/v1beta1
2 | kind: PodSecurityPolicy
3 | metadata:
4 | name: default-restricted
5 | spec:
6 | privileged: false
7 | hostNetwork: false
8 | allowPrivilegeEscalation: false #This is the main setting we're looking at in this blog post.
9 | defaultAllowPrivilegeEscalation: false
10 | hostPID: false
11 | hostIPC: false
12 | runAsUser:
13 | rule: RunAsAny
14 | fsGroup:
15 | rule: RunAsAny
16 | seLinux:
17 | rule: RunAsAny
18 | supplementalGroups:
19 | rule: RunAsAny
20 | volumes:
21 | - 'configMap'
22 | - 'downwardAPI'
23 | - 'emptyDir'
24 | - 'persistentVolumeClaim'
25 | - 'secret'
26 | - 'projected'
27 | allowedCapabilities:
28 | - '*'
--------------------------------------------------------------------------------
/10-DNS/1-nginx-example.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: nginx-deployment
5 | labels:
6 | app: nginx
7 | spec:
8 | replicas: 2
9 | selector:
10 | matchLabels:
11 | app: nginx
12 | template:
13 | metadata:
14 | labels:
15 | app: nginx
16 | spec:
17 | containers:
18 | - name: nginx-container
19 | image: nginx
20 | ports:
21 | - containerPort: 80
22 | ---
23 | apiVersion: v1
24 | kind: Service
25 | metadata:
26 | name: nginxsvc
27 | spec:
28 | type: NodePort
29 | ports:
30 | - name: http
31 | port: 80
32 | targetPort: 80
33 | nodePort: 30001
34 | protocol: TCP
35 | selector:
36 | app: nginx
--------------------------------------------------------------------------------
/6-ServicePublishing/1-servicepublishing.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: nginx-deployment
5 | labels:
6 | app: nginx
7 | spec:
8 | replicas: 2
9 | selector:
10 | matchLabels:
11 | app: nginx
12 | template:
13 | metadata:
14 | labels:
15 | app: nginx
16 | spec:
17 | containers:
18 | - name: nginx-container
19 | image: nginx
20 | ports:
21 | - containerPort: 80
22 | ---
23 | apiVersion: v1
24 | kind: Service
25 | metadata:
26 | name: ingress-nginx
27 | spec:
28 | type: ClusterIP
29 | ports:
30 | - name: http
31 | port: 80
32 | targetPort: 80
33 | protocol: TCP
34 | selector:
35 | app: nginx
--------------------------------------------------------------------------------
/12-Secrets/1-HollowDB.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: hollowdb
5 | labels:
6 | app: hollowdb
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: hollowdb
12 | template:
13 | metadata:
14 | labels:
15 | app: hollowdb
16 | spec:
17 | containers:
18 | - name: mysql
19 | image: theithollow/hollowapp-blog:dbv1
20 | imagePullPolicy: Always
21 | ports:
22 | - containerPort: 3306
23 | ---
24 | apiVersion: v1
25 | kind: Service
26 | metadata:
27 | name: hollowdb
28 | spec:
29 | ports:
30 | - name: mysql
31 | port: 3306
32 | targetPort: 3306
33 | protocol: TCP
34 | selector:
35 | app: hollowdb
--------------------------------------------------------------------------------
/6-ServicePublishing/2-servicepublishing.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: nginx-deployment
5 | labels:
6 | app: nginx
7 | spec:
8 | replicas: 2
9 | selector:
10 | matchLabels:
11 | app: nginx
12 | template:
13 | metadata:
14 | labels:
15 | app: nginx
16 | spec:
17 | containers:
18 | - name: nginx-container
19 | image: nginx
20 | ports:
21 | - containerPort: 80
22 | ---
23 | apiVersion: v1
24 | kind: Service
25 | metadata:
26 | name: ingress-nginx
27 | spec:
28 | type: NodePort
29 | ports:
30 | - name: http
31 | port: 80
32 | targetPort: 80
33 | nodePort: 30001
34 | protocol: TCP
35 | selector:
36 | app: nginx
--------------------------------------------------------------------------------
/11-ConfigMaps/1-HollowDB.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: hollowdb
5 | labels:
6 | app: hollowdb
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: hollowdb
12 | template:
13 | metadata:
14 | labels:
15 | app: hollowdb
16 | spec:
17 | containers:
18 | - name: mysql
19 | image: theithollow/hollowapp-blog:dbv1
20 | imagePullPolicy: Always
21 | ports:
22 | - containerPort: 3306
23 | ---
24 | apiVersion: v1
25 | kind: Service
26 | metadata:
27 | name: hollowdb
28 | spec:
29 | ports:
30 | - name: mysql
31 | port: 3306
32 | targetPort: 3306
33 | protocol: TCP
34 | selector:
35 | app: hollowdb
--------------------------------------------------------------------------------
/hollowapp/requirements.txt:
--------------------------------------------------------------------------------
1 | alembic==0.9.6
2 | Babel==2.5.1
3 | blinker==1.4
4 | certifi==2017.7.27.1
5 | chardet==3.0.4
6 | click==6.7
7 | dominate==2.3.1
8 | elasticsearch==6.0.0
9 | Flask==1.0
10 | Flask-Babel==0.11.2
11 | Flask-Bootstrap==3.3.7.1
12 | Flask-Login==0.4.0
13 | Flask-Mail==0.9.1
14 | Flask-Migrate==2.1.1
15 | Flask-Moment==0.5.2
16 | Flask-SQLAlchemy==2.3.2
17 | Flask-WTF==0.14.2
18 | guess-language-spirit==0.5.3
19 | idna==2.6
20 | itsdangerous==0.24
21 | Jinja2==2.10
22 | Mako==1.0.7
23 | MarkupSafe==1.0
24 | PyJWT==1.5.3
25 | python-dateutil==2.6.1
26 | python-dotenv==0.7.1
27 | python-editor==1.0.3
28 | pytz==2017.2
29 | requests==2.20.0
30 | six==1.11.0
31 | SQLAlchemy==1.1.14
32 | urllib3==1.24.2
33 | visitor==0.1.3
34 | Werkzeug==0.15.3
35 | WTForms==2.1
36 | gunicorn
37 | pathlib
38 | unittest-xml-reporting
39 | coverage
--------------------------------------------------------------------------------
/hollowapp/app/templates/search.html:
--------------------------------------------------------------------------------
1 | {% extends "base.html" %}
2 |
3 | {% block app_content %}
4 | {{ _('Search Results') }}
5 | {% for post in posts %}
6 | {% include '_post.html' %}
7 | {% endfor %}
8 |
22 | {% endblock %}
23 |
--------------------------------------------------------------------------------
/hollowapp/app/translate.py:
--------------------------------------------------------------------------------
1 | import json
2 | import requests
3 | from flask import current_app
4 | from flask_babel import _
5 |
6 |
7 | def translate(text, source_language, dest_language):
8 | if 'MS_TRANSLATOR_KEY' not in current_app.config or \
9 | not current_app.config['MS_TRANSLATOR_KEY']:
10 | return _('Error: the translation service is not configured.')
11 | auth = {
12 | 'Ocp-Apim-Subscription-Key': current_app.config['MS_TRANSLATOR_KEY']}
13 | r = requests.get('https://api.microsofttranslator.com/v2/Ajax.svc'
14 | '/Translate?text={}&from={}&to={}'.format(
15 | text, source_language, dest_language),
16 | headers=auth)
17 | if r.status_code != 200:
18 | return _('Error: the translation service failed.')
19 | return json.loads(r.content.decode('utf-8-sig'))
20 |
--------------------------------------------------------------------------------
/2-ReplicaSets/replicaset.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 #version of the API to use
2 | kind: ReplicaSet #What kind of object we're deploying
3 | metadata: #information about our object we're deploying
4 | name: nginx-replicaset
5 | spec: #specifications for our object
6 | replicas: 2 #The number of pods that should always be running
7 | selector: #which pods the replica set should be responsible for
8 | matchLabels:
9 | app: nginx #any pods with labels matching this I'm responsible for.
10 | template: #The pod template that gets deployed
11 | metadata:
12 | labels: #A tag on the pods created
13 | app: nginx
14 | spec:
15 | containers:
16 | - name: nginx-container #the name of the container within the pod
17 | image: nginx #which container image should be pulled
18 | ports:
19 | - containerPort: 80 #the port of the container within the pod
--------------------------------------------------------------------------------
/1-Pods/pod.yml:
--------------------------------------------------------------------------------
1 |
2 | apiVersion: v1 #version of the API to use
3 | kind: Pod #What kind of object we're deploying
4 | metadata: #information about our object we're deploying
5 | name: nginx-pod
6 | spec: #specifications for our object
7 | containers:
8 | - name: nginx-container #the name of the container within the pod
9 | image: nginx #which container image should be pulled
10 | ports:
11 | - containerPort: 80 #the port of the container within the pod
12 | apiVersion: v1 #version of the API to use
13 | kind: Pod #What kind of object we're deploying
14 | metadata: #information about our object we're deploying
15 | name: nginx-pod
16 | spec: #specifications for our object
17 | containers:
18 | - name: nginx-container #the name of the container within the pod
19 | image: nginx #which container image should be pulled
20 | ports:
21 | - containerPort: 80 #the port of the container within the pod
--------------------------------------------------------------------------------
/hollowapp/config.py:
--------------------------------------------------------------------------------
1 | import os
2 | from dotenv import load_dotenv
3 |
4 | basedir = os.path.abspath(os.path.dirname(__file__))
5 | load_dotenv(os.path.join(basedir, '.env'))
6 |
7 |
8 | class Config(object):
9 | SECRET_KEY = os.environ.get('SECRET_KEY') or 'you-will-never-guess'
10 | SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or \
11 | 'sqlite:///' + os.path.join(basedir, 'app.db')
12 | SQLALCHEMY_TRACK_MODIFICATIONS = False
13 | MAIL_SERVER = 'smtp.googlemail.com'
14 | MAIL_PORT = int(os.environ.get('MAIL_PORT') or 587)
15 | MAIL_USE_TLS = 1
16 | MAIL_USERNAME = os.environ.get('MAIL_USERNAME')
17 | MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD')
18 | ADMINS = ['user@domain.com']
19 | LANGUAGES = ['en', 'es']
20 | MS_TRANSLATOR_KEY = os.environ.get('MS_TRANSLATOR_KEY')
21 | ELASTICSEARCH_URI = os.environ.get('ELASTICSEARCH_URI')
22 | POSTS_PER_PAGE = 25
23 |
--------------------------------------------------------------------------------
/hollowapp/migrations/alembic.ini:
--------------------------------------------------------------------------------
1 | # A generic, single database configuration.
2 |
3 | [alembic]
4 | # template used to generate migration files
5 | # file_template = %%(rev)s_%%(slug)s
6 |
7 | # set to 'true' to run the environment during
8 | # the 'revision' command, regardless of autogenerate
9 | # revision_environment = false
10 |
11 |
12 | # Logging configuration
13 | [loggers]
14 | keys = root,sqlalchemy,alembic
15 |
16 | [handlers]
17 | keys = console
18 |
19 | [formatters]
20 | keys = generic
21 |
22 | [logger_root]
23 | level = WARN
24 | handlers = console
25 | qualname =
26 |
27 | [logger_sqlalchemy]
28 | level = WARN
29 | handlers =
30 | qualname = sqlalchemy.engine
31 |
32 | [logger_alembic]
33 | level = INFO
34 | handlers =
35 | qualname = alembic
36 |
37 | [handler_console]
38 | class = StreamHandler
39 | args = (sys.stderr,)
40 | level = NOTSET
41 | formatter = generic
42 |
43 | [formatter_generic]
44 | format = %(levelname)-5.5s [%(name)s] %(message)s
45 | datefmt = %H:%M:%S
46 |
--------------------------------------------------------------------------------
/3-Deployments/Deployment1.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 #version of the API to use
2 | kind: Deployment #What kind of object we're deploying
3 | metadata: #information about our object we're deploying
4 | name: nginx-deployment #Name of the deployment
5 | labels: #A tag on the deployments created
6 | app: nginx
7 | spec: #specifications for our object
8 | replicas: 2 #The number of pods that should always be running
9 | selector: #which pods the replica set should be responsible for
10 | matchLabels:
11 | app: nginx #any pods with labels matching this I'm responsible for.
12 | template: #The pod template that gets deployed
13 | metadata:
14 | labels: #A tag on the replica sets created
15 | app: nginx
16 | spec:
17 | containers:
18 | - name: nginx-container #the name of the container within the pod
19 | image: nginx #which container image should be pulled
20 | ports:
21 | - containerPort: 80 #the port of the container within the pod
--------------------------------------------------------------------------------
/13-PersistentVolumes/3-database.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: hollowdb
5 | labels:
6 | app: hollowdb
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: hollowdb
12 | strategy:
13 | type: Recreate
14 | template:
15 | metadata:
16 | labels:
17 | app: hollowdb
18 | spec:
19 | containers:
20 | - name: mysql
21 | image: theithollow/hollowapp-blog:dbv1
22 | imagePullPolicy: Always
23 | ports:
24 | - containerPort: 3306
25 | volumeMounts:
26 | - name: mysqlstorage
27 | mountPath: /var/lib/mysql
28 | volumes:
29 | - name: mysqlstorage
30 | persistentVolumeClaim:
31 | claimName: mysqlvol
32 | ---
33 | apiVersion: v1
34 | kind: Service
35 | metadata:
36 | name: hollowdb
37 | spec:
38 | ports:
39 | - name: mysql
40 | port: 3306
41 | targetPort: 3306
42 | protocol: TCP
43 | selector:
44 | app: hollowdb
--------------------------------------------------------------------------------
/hollowapp/app/templates/index.html:
--------------------------------------------------------------------------------
1 | {% extends "base.html" %}
2 | {% import 'bootstrap/wtf.html' as wtf %}
3 |
4 | {% block app_content %}
5 | {{ _('Hi, %(username)s!', username=current_user.username) }}
6 | {% if form %}
7 | {{ wtf.quick_form(form) }}
8 |
9 | {% endif %}
10 | {% for post in posts %}
11 | {% include '_post.html' %}
12 | {% endfor %}
13 |
27 | {% endblock %}
28 |
--------------------------------------------------------------------------------
/hollowapp/app/templates/tasks.html:
--------------------------------------------------------------------------------
1 | {% extends "base.html" %}
2 | {% import 'bootstrap/wtf.html' as wtf %}
3 |
4 | {% block app_content %}
5 | {{ _('Hi, %(username)s!', username=current_user.username) }}
6 | {% if form %}
7 | {{ wtf.quick_form(form) }}
8 |
9 | {% endif %}
10 | {% for task in tasks %}
11 | {% include '_task.html' %}
12 | {% endfor %}
13 |
27 | {% endblock %}
28 |
--------------------------------------------------------------------------------
/hollowapp/app/search.py:
--------------------------------------------------------------------------------
1 | from flask import current_app
2 |
3 |
4 | def add_to_index(index, model):
5 | if not current_app.elasticsearch:
6 | return
7 | payload = {}
8 | for field in model.__searchable__:
9 | payload[field] = getattr(model, field)
10 | current_app.elasticsearch.index(index=index, doc_type=index, id=model.id,
11 | body=payload)
12 |
13 |
14 | def remove_from_index(index, model):
15 | if not current_app.elasticsearch:
16 | return
17 | current_app.elasticsearch.delete(index=index, doc_type=index, id=model.id)
18 |
19 |
20 | def query_index(index, query, page, per_page):
21 | if not current_app.elasticsearch:
22 | return [], 0
23 | search = current_app.elasticsearch.search(
24 | index=index, doc_type=index,
25 | body={'query': {'multi_match': {'query': query, 'fields': ['*']}},
26 | 'from': (page - 1) * per_page, 'size': per_page})
27 | ids = [int(hit['_id']) for hit in search['hits']['hits']]
28 | return ids, search['hits']['total']
29 |
--------------------------------------------------------------------------------
/9-Ingress/4-backend.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: default-backend
6 | namespace: ingress
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: default-backend
12 | template:
13 | metadata:
14 | labels:
15 | app: default-backend
16 | spec:
17 | terminationGracePeriodSeconds: 60
18 | containers:
19 | - name: default-backend
20 | image: gcr.io/google_containers/defaultbackend:1.0
21 | livenessProbe:
22 | httpGet:
23 | path: /healthz
24 | port: 8080
25 | scheme: HTTP
26 | initialDelaySeconds: 30
27 | timeoutSeconds: 5
28 | ports:
29 | - containerPort: 8080
30 | resources:
31 | limits:
32 | cpu: 10m
33 | memory: 20Mi
34 | requests:
35 | cpu: 10m
36 | memory: 20Mi
37 | ---
38 | apiVersion: v1
39 | kind: Service
40 | metadata:
41 | name: default-backend
42 | namespace: ingress
43 | spec:
44 | ports:
45 | - port: 80
46 | protocol: TCP
47 | targetPort: 8080
48 | selector:
49 | app: default-backend
--------------------------------------------------------------------------------
/14-CloudProviders-StorageClasses/2-vsphere-init.conf:
--------------------------------------------------------------------------------
1 | apiVersion: kubeadm.k8s.io/v1beta1
2 | kind: InitConfiguration
3 | bootstrapTokens:
4 | - groups:
5 | - system:bootstrappers:kubeadm:default-node-token
6 | token: cba33r.3f565pcpa8vbxdpu #generate your own token here prior or use an autogenerated token
7 | ttl: 0s
8 | usages:
9 | - signing
10 | - authentication
11 | nodeRegistration:
12 | kubeletExtraArgs:
13 | cloud-provider: "vsphere"
14 | cloud-config: "/etc/kubernetes/vsphere.conf"
15 | ---
16 | apiVersion: kubeadm.k8s.io/v1beta1
17 | kind: ClusterConfiguration
18 | kubernetesVersion: v1.16.2
19 | apiServer:
20 | extraArgs:
21 | cloud-provider: "vsphere"
22 | cloud-config: "/etc/kubernetes/vsphere.conf"
23 | extraVolumes:
24 | - name: cloud
25 | hostPath: "/etc/kubernetes/vsphere.conf"
26 | mountPath: "/etc/kubernetes/vsphere.conf"
27 | controllerManager:
28 | extraArgs:
29 | cloud-provider: "vsphere"
30 | cloud-config: "/etc/kubernetes/vsphere.conf"
31 | extraVolumes:
32 | - name: cloud
33 | hostPath: "/etc/kubernetes/vsphere.conf"
34 | mountPath: "/etc/kubernetes/vsphere.conf"
35 | networking:
36 | podSubnet: "10.244.0.0/16"
--------------------------------------------------------------------------------
/3-Deployments/Deployment2.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 #version of the API to use
2 | kind: Deployment #What kind of object we're deploying
3 | metadata: #information about our object we're deploying
4 | name: nginx-deployment #Name of the deployment
5 | labels: #A tag on the deployments created
6 | app: nginx
7 | spec: #specifications for our object
8 | strategy:
9 | type: RollingUpdate
10 | rollingUpdate: #Update Pods a certain number at a time
11 | maxUnavailable: 1 #Total number of pods that can be unavailable at once
12 | maxSurge: 1 #Maximum number of pods that can be deployed above desired state
13 | replicas: 6 #The number of pods that should always be running
14 | selector: #which pods the replica set should be responsible for
15 | matchLabels:
16 | app: nginx #any pods with labels matching this I'm responsible for.
17 | template: #The pod template that gets deployed
18 | metadata:
19 | labels: #A tag on the replica sets created
20 | app: nginx
21 | spec:
22 | containers:
23 | - name: nginx-container #the name of the container within the pod
24 | image: nginx:1.7.9 #which container image should be pulled
25 | ports:
26 | - containerPort: 80 #the port of the container within the pod
27 |
--------------------------------------------------------------------------------
/19-TaintsAndTolerations/1-deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 #version of the API to use
2 | kind: Deployment #What kind of object we're deploying
3 | metadata: #information about our object we're deploying
4 | name: nginx-deployment #Name of the deployment
5 | labels: #A tag on the deployments created
6 | app: nginx
7 | spec: #specifications for our object
8 | strategy:
9 | type: RollingUpdate
10 | rollingUpdate: #Update Pods a certain number at a time
11 | maxUnavailable: 1 #Total number of pods that can be unavailable at once
12 | maxSurge: 1 #Maximum number of pods that can be deployed above desired state
13 | replicas: 3 #The number of pods that should always be running
14 | selector: #which pods the replica set should be responsible for
15 | matchLabels:
16 | app: nginx #any pods with labels matching this I'm responsible for.
17 | template: #The pod template that gets deployed
18 | metadata:
19 | labels: #A tag on the replica sets created
20 | app: nginx
21 | spec:
22 | containers:
23 | - name: nginx-container #the name of the container within the pod
24 | image: nginx:1.7.9 #which container image should be pulled
25 | ports:
26 | - containerPort: 80 #the port of the container within the pod
--------------------------------------------------------------------------------
/19-TaintsAndTolerations/2-deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 #version of the API to use
2 | kind: Deployment #What kind of object we're deploying
3 | metadata: #information about our object we're deploying
4 | name: nginx-deployment #Name of the deployment
5 | labels: #A tag on the deployments created
6 | app: nginx
7 | spec: #specifications for our object
8 | strategy:
9 | type: RollingUpdate
10 | rollingUpdate: #Update Pods a certain number at a time
11 | maxUnavailable: 1 #Total number of pods that can be unavailable at once
12 | maxSurge: 1 #Maximum number of pods that can be deployed above desired state
13 | replicas: 3 #The number of pods that should always be running
14 | selector: #which pods the replica set should be responsible for
15 | matchLabels:
16 | app: nginx #any pods with labels matching this I'm responsible for.
17 | template: #The pod template that gets deployed
18 | metadata:
19 | labels: #A tag on the replica sets created
20 | app: nginx
21 | spec:
22 | containers:
23 | - name: nginx-container #the name of the container within the pod
24 | image: nginx:1.7.9 #which container image should be pulled
25 | ports:
26 | - containerPort: 80 #the port of the container within the pod
--------------------------------------------------------------------------------
/hollowapp/app/cli.py:
--------------------------------------------------------------------------------
1 | import os
2 | import click
3 |
4 |
5 | def register(app):
6 | @app.cli.group()
7 | def translate():
8 | """Translation and localization commands."""
9 | pass
10 |
11 | @translate.command()
12 | @click.argument('lang')
13 | def init(lang):
14 | """Initialize a new language."""
15 | if os.system('pybabel extract -F babel.cfg -k _l -o messages.pot .'):
16 | raise RuntimeError('extract command failed')
17 | if os.system(
18 | 'pybabel init -i messages.pot -d app/translations -l ' + lang):
19 | raise RuntimeError('init command failed')
20 | os.remove('messages.pot')
21 |
22 | @translate.command()
23 | def update():
24 | """Update all languages."""
25 | if os.system('pybabel extract -F babel.cfg -k _l -o messages.pot .'):
26 | raise RuntimeError('extract command failed')
27 | if os.system('pybabel update -i messages.pot -d app/translations'):
28 | raise RuntimeError('update command failed')
29 | os.remove('messages.pot')
30 |
31 | @translate.command()
32 | def compile():
33 | """Compile all languages."""
34 | if os.system('pybabel compile -d app/translations'):
35 | raise RuntimeError('compile command failed')
36 |
--------------------------------------------------------------------------------
/hollowapp/boot.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | SQLROOTPASS="Password123"
3 | STS_REMOTESERVER="mysql-0.mysql" # container where writable SQL lives
4 | POD_REMOTESERVER="hollowdb"
5 | MYSQLPASS="Password123"
6 | DATABASE="hollowapp"
7 | USER="hollowapp"
8 |
9 | #### Create Database
10 | if [ "$DATABASE_URL" = "mysql+pymysql://hollowapp:Password123@mysql-0.mysql:3306/hollowapp"]; then
11 | mysql -h $STS_REMOTESERVER -uroot -e "CREATE DATABASE IF NOT EXISTS $DATABASE;"
12 | mysql -h $STS_REMOTESERVER -uroot -e "GRANT ALL PRIVILEGES ON $DATABASE.* TO '$USER'@'%' IDENTIFIED BY '$MYSQLPASS';"
13 | mysql -h $STS_REMOTESERVER -uroot -e "FLUSH PRIVILEGES;"
14 | else
15 | mysql -h $POD_REMOTESERVER -uroot -p$SQLROOTPASS -e "CREATE DATABASE IF NOT EXISTS $DATABASE;"
16 | mysql -h $POD_REMOTESERVER -uroot -p$SQLROOTPASS -e "GRANT ALL PRIVILEGES ON $DATABASE.* TO '$USER'@'%' IDENTIFIED BY '$MYSQLPASS';"
17 | mysql -h $POD_REMOTESERVER -uroot -p$SQLROOTPASS -e "FLUSH PRIVILEGES;"
18 | fi
19 |
20 |
21 | #### Start App
22 | source venv/bin/activate
23 | while true; do
24 | flask db upgrade
25 | if [[ "$?" == "0" ]]; then
26 | break
27 | fi
28 | echo Upgrade command failed, retrying in 5 secs...
29 | sleep 5
30 | done
31 | flask translate compile
32 | exec gunicorn -b :5000 --access-logfile - --error-logfile - taskapp:app
--------------------------------------------------------------------------------
/9-Ingress/7-app.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | app: hollowapp
6 | name: hollowapp
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: hollowapp
12 | strategy:
13 | type: Recreate
14 | template:
15 | metadata:
16 | labels:
17 | app: hollowapp
18 | spec:
19 | containers:
20 | - name: hollowapp
21 | image: theithollow/hollowapp-blog:allin1-v2
22 | imagePullPolicy: Always
23 | ports:
24 | - containerPort: 5000
25 | env:
26 | - name: SECRET_KEY
27 | value: "my-secret-key"
28 | ---
29 | apiVersion: v1
30 | kind: Service
31 | metadata:
32 | name: hollowapp
33 | labels:
34 | app: hollowapp
35 | spec:
36 | type: ClusterIP
37 | ports:
38 | - port: 5000
39 | protocol: TCP
40 | targetPort: 5000
41 | selector:
42 | app: hollowapp
43 | ---
44 | apiVersion: networking.k8s.io/v1beta1
45 | kind: Ingress #ingress resource
46 | metadata:
47 | name: hollowapp
48 | labels:
49 | app: hollowapp
50 | spec:
51 | rules:
52 | - host: hollowapp.hollow.local #only match connections to hollowapp.hollow.local.
53 | http:
54 | paths:
55 | - path: / #root path
56 | backend:
57 | serviceName: hollowapp
58 | servicePort: 5000
59 |
--------------------------------------------------------------------------------
/12-Secrets/3-HollowApp.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | app: hollowapp
6 | name: hollowapp
7 | spec:
8 | replicas: 3
9 | selector:
10 | matchLabels:
11 | app: hollowapp
12 | strategy:
13 | type: Recreate
14 | template:
15 | metadata:
16 | labels:
17 | app: hollowapp
18 | spec:
19 | containers:
20 | - name: hollowapp
21 | image: theithollow/hollowapp-blog:allin1
22 | imagePullPolicy: Always
23 | ports:
24 | - containerPort: 5000
25 | env:
26 | - name: SECRET_KEY
27 | value: "my-secret-key"
28 | - name: DATABASE_URL
29 | valueFrom:
30 | secretKeyRef:
31 | name: hollow-secret
32 | key: db.string
33 | ---
34 | apiVersion: v1
35 | kind: Service
36 | metadata:
37 | name: hollowapp
38 | labels:
39 | app: hollowapp
40 | spec:
41 | type: ClusterIP
42 | ports:
43 | - port: 5000
44 | protocol: TCP
45 | targetPort: 5000
46 | selector:
47 | app: hollowapp
48 | ---
49 | apiVersion: extensions/v1beta1
50 | kind: Ingress
51 | metadata:
52 | name: hollowapp
53 | labels:
54 | app: hollowapp
55 | spec:
56 | rules:
57 | - host: hollowapp.hollow.local
58 | http:
59 | paths:
60 | - path: /
61 | backend:
62 | serviceName: hollowapp
63 | servicePort: 5000
--------------------------------------------------------------------------------
/hollowapp/app/templates/_post.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |  }})
6 |
7 | |
8 |
9 | {% set user_link %}
10 |
11 | {{ post.author.username }}
12 |
13 | {% endset %}
14 | {{ _('%(username)s said %(when)s',
15 | username=user_link, when=moment(post.timestamp).fromNow()) }}
16 |
17 | {{ post.body }}
18 | {% if post.language and post.language != g.locale %}
19 |
20 |
21 | {{ _('Translate') }}
26 |
27 | {% endif %}
28 | |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/13-PersistentVolumes/5-hollowapp.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | app: hollowapp
6 | name: hollowapp
7 | spec:
8 | replicas: 3
9 | selector:
10 | matchLabels:
11 | app: hollowapp
12 | strategy:
13 | type: Recreate
14 | template:
15 | metadata:
16 | labels:
17 | app: hollowapp
18 | spec:
19 | containers:
20 | - name: hollowapp
21 | image: theithollow/hollowapp-blog:allin1
22 | imagePullPolicy: Always
23 | ports:
24 | - containerPort: 5000
25 | env:
26 | - name: SECRET_KEY
27 | value: "my-secret-key"
28 | - name: DATABASE_URL
29 | valueFrom:
30 | secretKeyRef:
31 | name: hollow-secret
32 | key: db.string
33 | ---
34 | apiVersion: v1
35 | kind: Service
36 | metadata:
37 | name: hollowapp
38 | labels:
39 | app: hollowapp
40 | spec:
41 | type: ClusterIP
42 | ports:
43 | - port: 5000
44 | protocol: TCP
45 | targetPort: 5000
46 | selector:
47 | app: hollowapp
48 | ---
49 | apiVersion: extensions/v1beta1
50 | kind: Ingress
51 | metadata:
52 | name: hollowapp
53 | labels:
54 | app: hollowapp
55 | spec:
56 | rules:
57 | - host: hollowapp.hollow.local
58 | http:
59 | paths:
60 | - path: /
61 | backend:
62 | serviceName: hollowapp
63 | servicePort: 5000
--------------------------------------------------------------------------------
/11-ConfigMaps/4-HollowApp.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | app: hollowapp
6 | name: hollowapp
7 | spec:
8 | replicas: 3
9 | selector:
10 | matchLabels:
11 | app: hollowapp
12 | strategy:
13 | type: Recreate
14 | template:
15 | metadata:
16 | labels:
17 | app: hollowapp
18 | spec:
19 | containers:
20 | - name: hollowapp
21 | image: theithollow/hollowapp-blog:allin1
22 | imagePullPolicy: Always
23 | ports:
24 | - containerPort: 5000
25 | env:
26 | - name: SECRET_KEY
27 | value: "my-secret-key"
28 | - name: DATABASE_URL
29 | valueFrom:
30 | configMapKeyRef:
31 | name: hollow-config
32 | key: db.string
33 | ---
34 | apiVersion: v1
35 | kind: Service
36 | metadata:
37 | name: hollowapp
38 | labels:
39 | app: hollowapp
40 | spec:
41 | type: ClusterIP
42 | ports:
43 | - port: 5000
44 | protocol: TCP
45 | targetPort: 5000
46 | selector:
47 | app: hollowapp
48 | ---
49 | apiVersion: networking.k8s.io/v1beta1
50 | kind: Ingress
51 | metadata:
52 | name: hollowapp
53 | labels:
54 | app: hollowapp
55 | spec:
56 | rules:
57 | - host: hollowapp.hollow.local
58 | http:
59 | paths:
60 | - path: /
61 | backend:
62 | serviceName: hollowapp
63 | servicePort: 5000
--------------------------------------------------------------------------------
/hollowapp/app/templates/_task.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |  }})
6 |
7 | |
8 |
9 | {% set user_link %}
10 |
11 | {{ task.author.username }}
12 |
13 | {% endset %}
14 | {{ _('%(username)s said %(when)s',
15 | username=user_link, when=moment(task.timestamp).fromNow()) }}
16 |
17 | {{ task.name }}
{{ task.description }}
18 | {% if task.language and task.language != g.locale %}
19 |
20 |
21 | {{ _('Translate') }}
26 |
27 | {% endif %}
28 | |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/9-Ingress/3-rbac.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 | name: nginx
6 | namespace: ingress
7 | ---
8 | kind: ClusterRole
9 | apiVersion: rbac.authorization.k8s.io/v1beta1
10 | metadata:
11 | name: nginx-role
12 | namespace: ingress
13 | rules:
14 | - apiGroups:
15 | - ""
16 | resources:
17 | - configmaps
18 | - endpoints
19 | - nodes
20 | - pods
21 | - secrets
22 | verbs:
23 | - list
24 | - watch
25 | - apiGroups:
26 | - ""
27 | resources:
28 | - nodes
29 | verbs:
30 | - get
31 | - apiGroups:
32 | - ""
33 | resources:
34 | - services
35 | verbs:
36 | - get
37 | - list
38 | - update
39 | - watch
40 | - apiGroups:
41 | - extensions
42 | resources:
43 | - ingresses
44 | verbs:
45 | - get
46 | - list
47 | - watch
48 | - apiGroups:
49 | - ""
50 | resources:
51 | - events
52 | verbs:
53 | - create
54 | - patch
55 | - apiGroups:
56 | - extensions
57 | resources:
58 | - ingresses/status
59 | verbs:
60 | - update
61 | ---
62 | kind: ClusterRoleBinding
63 | apiVersion: rbac.authorization.k8s.io/v1beta1
64 | metadata:
65 | name: nginx-role
66 | namespace: ingress
67 | roleRef:
68 | apiGroup: rbac.authorization.k8s.io
69 | kind: ClusterRole
70 | name: nginx-role
71 | subjects:
72 | - kind: ServiceAccount
73 | name: nginx
74 | namespace: ingress
--------------------------------------------------------------------------------
/4-Services/services.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 #version of the API to use
2 | kind: Deployment #What kind of object we're deploying
3 | metadata: #information about our object we're deploying
4 | name: nginx-deployment #Name of the deployment
5 | labels: #A tag on the deployments created
6 | app: nginx
7 | spec: #specifications for our object
8 | replicas: 2 #The number of pods that should always be running
9 | selector: #which pods the replica set should be responsible for
10 | matchLabels:
11 | app: nginx #any pods with labels matching this I'm responsible for.
12 | template: #The pod template that gets deployed
13 | metadata:
14 | labels: #A tag on the replica sets created
15 | app: nginx
16 | spec:
17 | containers:
18 | - name: nginx-container #the name of the container within the pod
19 | image: nginx #which container image should be pulled
20 | ports:
21 | - containerPort: 80 #the port of the container within the pod
22 | ---
23 | apiVersion: v1 #version of the API to use
24 | kind: Service #What kind of object we're deploying
25 | metadata: #information about our object we're deploying
26 | name: ingress-nginx #Name of the service
27 | spec: #specifications for our object
28 | type: NodePort #Ignore for now discussed in a future post
29 | ports: #Ignore for now discussed in a future post
30 | - name: http
31 | port: 80
32 | targetPort: 80
33 | nodePort: 30002
34 | protocol: TCP
35 | selector: #Label selector used to identify pods
36 | app: nginx
--------------------------------------------------------------------------------
/5-Endpoints/1-deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 #version of the API to use
2 | kind: Deployment #What kind of object we're deploying
3 | metadata: #information about our object we're deploying
4 | name: nginx-deployment #Name of the deployment
5 | labels: #A tag on the deployments created
6 | app: nginx
7 | spec: #specifications for our object
8 | replicas: 2 #The number of pods that should always be running
9 | selector: #which pods the replica set should be responsible for
10 | matchLabels:
11 | app: nginx #any pods with labels matching this I'm responsible for.
12 | template: #The pod template that gets deployed
13 | metadata:
14 | labels: #A tag on the replica sets created
15 | app: nginx
16 | spec:
17 | containers:
18 | - name: nginx-container #the name of the container within the pod
19 | image: nginx #which container image should be pulled
20 | ports:
21 | - containerPort: 80 #the port of the container within the pod
22 | ---
23 | apiVersion: v1 #version of the API to use
24 | kind: Service #What kind of object we're deploying
25 | metadata: #information about our object we're deploying
26 | name: ingress-nginx #Name of the service
27 | spec: #specifications for our object
28 | type: NodePort #Ignore for now discussed in a future post
29 | ports: #Ignore for now discussed in a future post
30 | - name: http
31 | port: 80
32 | targetPort: 80
33 | nodePort: 30001
34 | protocol: TCP
35 | selector: #Label selector used to identify pods
36 | app: nginx
--------------------------------------------------------------------------------
/9-Ingress/5-ingress-ctrl.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: nginx-ingress-controller
6 | namespace: ingress
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: nginx-ingress-lb
12 | revisionHistoryLimit: 3
13 | template:
14 | metadata:
15 | labels:
16 | app: nginx-ingress-lb
17 | spec:
18 | terminationGracePeriodSeconds: 60
19 | serviceAccount: nginx
20 | containers:
21 | - name: nginx-ingress-controller
22 | image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0
23 | imagePullPolicy: Always
24 | readinessProbe:
25 | httpGet:
26 | path: /healthz
27 | port: 10254
28 | scheme: HTTP
29 | livenessProbe:
30 | httpGet:
31 | path: /healthz
32 | port: 10254
33 | scheme: HTTP
34 | initialDelaySeconds: 10
35 | timeoutSeconds: 5
36 | args:
37 | - /nginx-ingress-controller
38 | - --default-backend-service=$(POD_NAMESPACE)/default-backend
39 | - --configmap=\$(POD_NAMESPACE)/nginx-ingress-controller-conf
40 | - --v=2
41 | env:
42 | - name: POD_NAME
43 | valueFrom:
44 | fieldRef:
45 | fieldPath: metadata.name
46 | - name: POD_NAMESPACE
47 | valueFrom:
48 | fieldRef:
49 | fieldPath: metadata.namespace
50 | ports:
51 | - containerPort: 80
52 | - containerPort: 18080
53 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | ### theITHollow Kubernetes Guide
2 |
3 | This repository includes the code samples from the [Getting Started With Kubernetes ](https://theithollow.com/2019/01/26/getting-started-with-kubernetes/) blog posts from [theITHollow](theithollow.com).
4 |
5 | Each of the folders starting with a number, correspond with one of the blog posts in the list.
6 |
7 | Also included within this repo is the application used in the examples.
8 |
9 | The blog posts in the series should provide a good jump start in to using Kubernetes and the code samples will provide useful hands on with the concepts.
10 |
11 | NOTE: In order to follow the guide, you will need to have a Kubernetes cluster installed, that has integration with a cloud provider such as vSphere, AWS, GCP, etc. The examples shown require things such as Load Balancers, and elastic storage to fully follow the guide.
12 |
13 | 
14 |
15 | [1-Pods](1-Pods)
16 |
17 | [2-Replica Sets](2-ReplicaSets)
18 |
19 | [3-Deployments](3-Deployments)
20 |
21 | [4-Services](4-Services)
22 |
23 | [5-Endpoints](5-Endpoints)
24 |
25 | [6-Service Publishing](6-ServicePublishing)
26 |
27 | [7-Namespaces](7-Namespaces)
28 |
29 | [8-Context](8-Context)
30 |
31 | [9-Ingress](9-Ingress)
32 |
33 | [10-DNS](10-DNS)
34 |
35 | [11-Config Maps](11-ConfigMaps)
36 |
37 | [12-Secrets](12-Secrets)
38 |
39 | [13-Persistent Volumes](13-PersistentVolumes)
40 |
41 | [14-Cloud Providers - Storage Classes](14-CloudProviders-StorageClasses)
42 |
43 | [15-RBAC](15-RBAC)
44 |
45 | [18-Taints and Tolerations](18-TaintsAndTolerations)
46 |
47 | [19-Daemon Sets](19-DaemonSets)
48 |
49 | [20-Network Policies](20-NetworkPolicies)
50 |
51 | [21-Pod Security Policies](21-PodSecurityPolicies)
52 |
--------------------------------------------------------------------------------
/hollowapp/app/main/forms.py:
--------------------------------------------------------------------------------
1 | from flask import request
2 | from flask_wtf import FlaskForm
3 | from wtforms import StringField, SubmitField, TextAreaField
4 | from wtforms.validators import ValidationError, DataRequired, Length
5 | from flask_babel import _, lazy_gettext as _l
6 | from app.models import User
7 |
8 |
9 | class EditProfileForm(FlaskForm):
10 | username = StringField(_l('Username'), validators=[DataRequired()])
11 | about_me = TextAreaField(_l('About me'),
12 | validators=[Length(min=0, max=140)])
13 | submit = SubmitField(_l('Submit'))
14 |
15 | def __init__(self, original_username, *args, **kwargs):
16 | super(EditProfileForm, self).__init__(*args, **kwargs)
17 | self.original_username = original_username
18 |
19 | def validate_username(self, username):
20 | if username.data != self.original_username:
21 | user = User.query.filter_by(username=self.username.data).first()
22 | if user is not None:
23 | raise ValidationError(_('Please use a different username.'))
24 |
25 |
26 | class PostForm(FlaskForm):
27 | post = TextAreaField(_l('Say something'), validators=[DataRequired()])
28 | submit = SubmitField(_l('Submit'))
29 |
30 | class TaskForm(FlaskForm):
31 | name = TextAreaField(_l('Task Name'), validators=[DataRequired()])
32 | description = TextAreaField(_l('Task Description'))
33 | submit = SubmitField(_l('Submit'))
34 |
35 | class SearchForm(FlaskForm):
36 | q = StringField(_l('Search'), validators=[DataRequired()])
37 |
38 | def __init__(self, *args, **kwargs):
39 | if 'formdata' not in kwargs:
40 | kwargs['formdata'] = request.args
41 | if 'csrf_enabled' not in kwargs:
42 | kwargs['csrf_enabled'] = False
43 | super(SearchForm, self).__init__(*args, **kwargs)
44 |
--------------------------------------------------------------------------------
/hollowapp/app/templates/user.html:
--------------------------------------------------------------------------------
1 | {% extends "base.html" %}
2 |
3 | {% block app_content %}
4 |
5 |
6 |  }}) |
7 |
8 | {{ _('User') }}: {{ user.username }}
9 | {% if user.about_me %}{{ user.about_me }} {% endif %}
10 | {% if user.last_seen %}
11 | {{ _('Last seen on') }}: {{ moment(user.last_seen).format('LLL') }}
12 | {% endif %}
13 | {{ _('%(count)d followers', count=user.followers.count()) }}, {{ _('%(count)d following', count=user.followed.count()) }}
14 | {% if user == current_user %}
15 | {{ _('Edit your profile') }}
16 | {% elif not current_user.is_following(user) %}
17 | {{ _('Follow') }}
18 | {% else %}
19 | {{ _('Unfollow') }}
20 | {% endif %}
21 | |
22 |
23 |
24 | {% for post in posts %}
25 | {% include '_post.html' %}
26 | {% endfor %}
27 |
41 | {% endblock %}
42 |
--------------------------------------------------------------------------------
/hollowapp/app/auth/forms.py:
--------------------------------------------------------------------------------
1 | from flask_wtf import FlaskForm
2 | from wtforms import StringField, PasswordField, BooleanField, SubmitField
3 | from wtforms.validators import ValidationError, DataRequired, Email, EqualTo
4 | from flask_babel import _, lazy_gettext as _l
5 | from app.models import User
6 |
7 |
8 | class LoginForm(FlaskForm):
9 | username = StringField(_l('Username'), validators=[DataRequired()])
10 | password = PasswordField(_l('Password'), validators=[DataRequired()])
11 | remember_me = BooleanField(_l('Remember Me'))
12 | submit = SubmitField(_l('Sign In'))
13 |
14 |
15 | class RegistrationForm(FlaskForm):
16 | username = StringField(_l('Username'), validators=[DataRequired()])
17 | email = StringField(_l('Email'), validators=[DataRequired(), Email()])
18 | password = PasswordField(_l('Password'), validators=[DataRequired()])
19 | password2 = PasswordField(
20 | _l('Repeat Password'), validators=[DataRequired(),
21 | EqualTo('password')])
22 | submit = SubmitField(_l('Register'))
23 |
24 | def validate_username(self, username):
25 | user = User.query.filter_by(username=username.data).first()
26 | if user is not None:
27 | raise ValidationError(_('Please use a different username.'))
28 |
29 | def validate_email(self, email):
30 | user = User.query.filter_by(email=email.data).first()
31 | if user is not None:
32 | raise ValidationError(_('Please use a different email address.'))
33 |
34 |
35 | class ResetPasswordRequestForm(FlaskForm):
36 | email = StringField(_l('Email'), validators=[DataRequired(), Email()])
37 | submit = SubmitField(_l('Request Password Reset'))
38 |
39 |
40 | class ResetPasswordForm(FlaskForm):
41 | password = PasswordField(_l('Password'), validators=[DataRequired()])
42 | password2 = PasswordField(
43 | _l('Repeat Password'), validators=[DataRequired(),
44 | EqualTo('password')])
45 | submit = SubmitField(_l('Request Password Reset'))
46 |
--------------------------------------------------------------------------------
/hollowapp/app/static/css/hollowstyle.css:
--------------------------------------------------------------------------------
1 | .navbar-default {
2 | background-color: #b40937;
3 | border-color: #ffffff;
4 | }
5 |
6 | .navbar-default .navbar-brand {
7 | color: #ffffff;
8 | }
9 | .navbar-default .navbar-brand:hover,
10 | .navbar-default .navbar-brand:focus {
11 | color: #000000;
12 | }
13 | .navbar-default .navbar-text {
14 | color: #ffffff;
15 | }
16 | .navbar-default .navbar-nav > li > a {
17 | color: #ffffff;
18 | }
19 | .navbar-default .navbar-nav > li > a:hover,
20 | .navbar-default .navbar-nav > li > a:focus {
21 | color: #000000;
22 | }
23 | .navbar-default .navbar-nav > .active > a,
24 | .navbar-default .navbar-nav > .active > a:hover,
25 | .navbar-default .navbar-nav > .active > a:focus {
26 | color: #000000;
27 | background-color: #ffffff;
28 | }
29 | .navbar-default .navbar-nav > .open > a,
30 | .navbar-default .navbar-nav > .open > a:hover,
31 | .navbar-default .navbar-nav > .open > a:focus {
32 | color: #000000;
33 | background-color: #ffffff;
34 | }
35 | .navbar-default .navbar-toggle {
36 | border-color: #ffffff;
37 | }
38 | .navbar-default .navbar-toggle:hover,
39 | .navbar-default .navbar-toggle:focus {
40 | background-color: #ffffff;
41 | }
42 | .navbar-default .navbar-toggle .icon-bar {
43 | background-color: #ffffff;
44 | }
45 | .navbar-default .navbar-collapse,
46 | .navbar-default .navbar-form {
47 | border-color: #ffffff;
48 | }
49 | .navbar-default .navbar-link {
50 | color: #ffffff;
51 | }
52 | .navbar-default .navbar-link:hover {
53 | color: #000000;
54 | }
55 |
56 | @media (max-width: 767px) {
57 | .navbar-default .navbar-nav .open .dropdown-menu > li > a {
58 | color: #ffffff;
59 | }
60 | .navbar-default .navbar-nav .open .dropdown-menu > li > a:hover,
61 | .navbar-default .navbar-nav .open .dropdown-menu > li > a:focus {
62 | color: #000000;
63 | }
64 | .navbar-default .navbar-nav .open .dropdown-menu > .active > a,
65 | .navbar-default .navbar-nav .open .dropdown-menu > .active > a:hover,
66 | .navbar-default .navbar-nav .open .dropdown-menu > .active > a:focus {
67 | color: #000000;
68 | background-color: #ffffff;
69 | }
70 | }
71 |
--------------------------------------------------------------------------------
/hollowapp/migrations/versions/94ad24d5e159_.py:
--------------------------------------------------------------------------------
1 | """empty message
2 |
3 | Revision ID: 94ad24d5e159
4 | Revises:
5 | Create Date: 2018-01-11 09:39:13.349049
6 |
7 | """
8 | from alembic import op
9 | import sqlalchemy as sa
10 |
11 |
12 | # revision identifiers, used by Alembic.
13 | revision = '94ad24d5e159'
14 | down_revision = None
15 | branch_labels = None
16 | depends_on = None
17 |
18 |
19 | def upgrade():
20 | # ### commands auto generated by Alembic - please adjust! ###
21 | op.create_table('user',
22 | sa.Column('id', sa.Integer(), nullable=False),
23 | sa.Column('username', sa.String(length=64), nullable=True),
24 | sa.Column('email', sa.String(length=120), nullable=True),
25 | sa.Column('password_hash', sa.String(length=128), nullable=True),
26 | sa.Column('about_me', sa.String(length=140), nullable=True),
27 | sa.Column('last_seen', sa.DateTime(), nullable=True),
28 | sa.PrimaryKeyConstraint('id')
29 | )
30 | op.create_index(op.f('ix_user_email'), 'user', ['email'], unique=True)
31 | op.create_index(op.f('ix_user_username'), 'user', ['username'], unique=True)
32 | op.create_table('followers',
33 | sa.Column('follower_id', sa.Integer(), nullable=True),
34 | sa.Column('followed_id', sa.Integer(), nullable=True),
35 | sa.ForeignKeyConstraint(['followed_id'], ['user.id'], ),
36 | sa.ForeignKeyConstraint(['follower_id'], ['user.id'], )
37 | )
38 | op.create_table('post',
39 | sa.Column('id', sa.Integer(), nullable=False),
40 | sa.Column('body', sa.String(length=140), nullable=True),
41 | sa.Column('timestamp', sa.DateTime(), nullable=True),
42 | sa.Column('user_id', sa.Integer(), nullable=True),
43 | sa.Column('language', sa.String(length=5), nullable=True),
44 | sa.ForeignKeyConstraint(['user_id'], ['user.id'], ),
45 | sa.PrimaryKeyConstraint('id')
46 | )
47 | op.create_index(op.f('ix_post_timestamp'), 'post', ['timestamp'], unique=False)
48 | op.create_table('task',
49 | sa.Column('id', sa.Integer(), nullable=False),
50 | sa.Column('name', sa.String(length=140), nullable=True),
51 | sa.Column('description', sa.String(length=140), nullable=True),
52 | sa.Column('timestamp', sa.DateTime(), nullable=True),
53 | sa.Column('user_id', sa.Integer(), nullable=True),
54 | sa.Column('language', sa.String(length=5), nullable=True),
55 | sa.ForeignKeyConstraint(['user_id'], ['user.id'], ),
56 | sa.PrimaryKeyConstraint('id')
57 | )
58 | op.create_index(op.f('ix_task_timestamp'), 'task', ['timestamp'], unique=False)
59 | # ### end Alembic commands ###
60 |
61 |
62 | def downgrade():
63 | # ### commands auto generated by Alembic - please adjust! ###
64 | op.drop_index(op.f('ix_task_timestamp'), table_name='task')
65 | op.drop_table('task')
66 | op.drop_index(op.f('ix_post_timestamp'), table_name='post')
67 | op.drop_table('post')
68 | op.drop_table('followers')
69 | op.drop_index(op.f('ix_user_username'), table_name='user')
70 | op.drop_index(op.f('ix_user_email'), table_name='user')
71 | op.drop_table('user')
72 | # ### end Alembic commands ###
73 |
--------------------------------------------------------------------------------
/hollowapp/app/__init__.py:
--------------------------------------------------------------------------------
1 | import logging
2 | from logging.handlers import SMTPHandler, RotatingFileHandler
3 | import os
4 | from flask import Flask, request, current_app
5 | from flask_sqlalchemy import SQLAlchemy
6 | from flask_migrate import Migrate
7 | from flask_login import LoginManager
8 | from flask_mail import Mail
9 | from flask_bootstrap import Bootstrap
10 | from flask_moment import Moment
11 | from flask_babel import Babel, lazy_gettext as _l
12 | from elasticsearch import Elasticsearch
13 | from config import Config
14 |
15 | db = SQLAlchemy()
16 | migrate = Migrate()
17 | login = LoginManager()
18 | login.login_view = 'auth.login'
19 | login.login_message = _l('Please log in to access this page.')
20 | mail = Mail()
21 | bootstrap = Bootstrap()
22 | moment = Moment()
23 | babel = Babel()
24 |
25 |
26 | def create_app(config_class=Config):
27 | app = Flask(__name__)
28 | app.config.from_object(config_class)
29 |
30 | db.init_app(app)
31 | migrate.init_app(app, db)
32 | login.init_app(app)
33 | mail.init_app(app)
34 | bootstrap.init_app(app)
35 | moment.init_app(app)
36 | babel.init_app(app)
37 | app.elasticsearch = Elasticsearch([app.config['ELASTICSEARCH_URI']]) \
38 | if app.config['ELASTICSEARCH_URI'] else None
39 |
40 | from app.errors import bp as errors_bp
41 | app.register_blueprint(errors_bp)
42 |
43 | from app.auth import bp as auth_bp
44 | app.register_blueprint(auth_bp, url_prefix='/auth')
45 |
46 | from app.main import bp as main_bp
47 | app.register_blueprint(main_bp)
48 |
49 | if not app.debug and not app.testing:
50 | if app.config['MAIL_SERVER']:
51 | auth = None
52 | if app.config['MAIL_USERNAME'] or app.config['MAIL_PASSWORD']:
53 | auth = (app.config['MAIL_USERNAME'],
54 | app.config['MAIL_PASSWORD'])
55 | secure = None
56 | if app.config['MAIL_USE_TLS']:
57 | secure = ()
58 | mail_handler = SMTPHandler(
59 | mailhost=(app.config['MAIL_SERVER'], app.config['MAIL_PORT']),
60 | fromaddr='no-reply@' + app.config['MAIL_SERVER'],
61 | toaddrs=app.config['ADMINS'], subject='Microblog Failure',
62 | credentials=auth, secure=secure)
63 | mail_handler.setLevel(logging.ERROR)
64 | app.logger.addHandler(mail_handler)
65 |
66 | if not os.path.exists('logs'):
67 | os.mkdir('logs')
68 | file_handler = RotatingFileHandler('logs/microblog.log',
69 | maxBytes=10240, backupCount=10)
70 | file_handler.setFormatter(logging.Formatter(
71 | '%(asctime)s %(levelname)s: %(message)s '
72 | '[in %(pathname)s:%(lineno)d]'))
73 | file_handler.setLevel(logging.INFO)
74 | app.logger.addHandler(file_handler)
75 |
76 | app.logger.setLevel(logging.INFO)
77 | app.logger.info('Microblog startup')
78 |
79 | return app
80 |
81 |
82 | @babel.localeselector
83 | def get_locale():
84 | return request.accept_languages.best_match(current_app.config['LANGUAGES'])
85 |
86 |
87 | from app import models
88 |
--------------------------------------------------------------------------------
/hollowapp/migrations/env.py:
--------------------------------------------------------------------------------
1 | from __future__ import with_statement
2 | from alembic import context
3 | from sqlalchemy import engine_from_config, pool
4 | from logging.config import fileConfig
5 | import logging
6 |
7 | # this is the Alembic Config object, which provides
8 | # access to the values within the .ini file in use.
9 | config = context.config
10 |
11 | # Interpret the config file for Python logging.
12 | # This line sets up loggers basically.
13 | fileConfig(config.config_file_name)
14 | logger = logging.getLogger('alembic.env')
15 |
16 | # add your model's MetaData object here
17 | # for 'autogenerate' support
18 | # from myapp import mymodel
19 | # target_metadata = mymodel.Base.metadata
20 | from flask import current_app
21 | config.set_main_option('sqlalchemy.url',
22 | current_app.config.get('SQLALCHEMY_DATABASE_URI'))
23 | target_metadata = current_app.extensions['migrate'].db.metadata
24 |
25 | # other values from the config, defined by the needs of env.py,
26 | # can be acquired:
27 | # my_important_option = config.get_main_option("my_important_option")
28 | # ... etc.
29 |
30 |
31 | def run_migrations_offline():
32 | """Run migrations in 'offline' mode.
33 |
34 | This configures the context with just a URL
35 | and not an Engine, though an Engine is acceptable
36 | here as well. By skipping the Engine creation
37 | we don't even need a DBAPI to be available.
38 |
39 | Calls to context.execute() here emit the given string to the
40 | script output.
41 |
42 | """
43 | url = config.get_main_option("sqlalchemy.url")
44 | context.configure(url=url)
45 |
46 | with context.begin_transaction():
47 | context.run_migrations()
48 |
49 |
50 | def run_migrations_online():
51 | """Run migrations in 'online' mode.
52 |
53 | In this scenario we need to create an Engine
54 | and associate a connection with the context.
55 |
56 | """
57 |
58 | # this callback is used to prevent an auto-migration from being generated
59 | # when there are no changes to the schema
60 | # reference: http://alembic.zzzcomputing.com/en/latest/cookbook.html
61 | def process_revision_directives(context, revision, directives):
62 | if getattr(config.cmd_opts, 'autogenerate', False):
63 | script = directives[0]
64 | if script.upgrade_ops.is_empty():
65 | directives[:] = []
66 | logger.info('No changes in schema detected.')
67 |
68 | engine = engine_from_config(config.get_section(config.config_ini_section),
69 | prefix='sqlalchemy.',
70 | poolclass=pool.NullPool)
71 |
72 | connection = engine.connect()
73 | context.configure(connection=connection,
74 | target_metadata=target_metadata,
75 | process_revision_directives=process_revision_directives,
76 | **current_app.extensions['migrate'].configure_args)
77 |
78 | try:
79 | with context.begin_transaction():
80 | context.run_migrations()
81 | finally:
82 | connection.close()
83 |
84 | if context.is_offline_mode():
85 | run_migrations_offline()
86 | else:
87 | run_migrations_online()
88 |
--------------------------------------------------------------------------------
/hollowapp/app/auth/routes.py:
--------------------------------------------------------------------------------
1 | from flask import render_template, redirect, url_for, flash, request
2 | from werkzeug.urls import url_parse
3 | from flask_login import login_user, logout_user, current_user
4 | from flask_babel import _
5 | from app import db
6 | from app.auth import bp
7 | from app.auth.forms import LoginForm, RegistrationForm, \
8 | ResetPasswordRequestForm, ResetPasswordForm
9 | from app.models import User
10 | from app.auth.email import send_password_reset_email
11 |
12 |
13 | @bp.route('/login', methods=['GET', 'POST'])
14 | def login():
15 | if current_user.is_authenticated:
16 | return redirect(url_for('main.index'))
17 | form = LoginForm()
18 | if form.validate_on_submit():
19 | user = User.query.filter_by(username=form.username.data).first()
20 | if user is None or not user.check_password(form.password.data):
21 | flash(_('Invalid username or password'))
22 | return redirect(url_for('auth.login'))
23 | login_user(user, remember=form.remember_me.data)
24 | next_page = request.args.get('next')
25 | if not next_page or url_parse(next_page).netloc != '':
26 | next_page = url_for('main.index')
27 | return redirect(next_page)
28 | return render_template('auth/login.html', title='Sign In', form=form)
29 |
30 |
31 | @bp.route('/logout')
32 | def logout():
33 | logout_user()
34 | return redirect(url_for('main.index'))
35 |
36 |
37 | @bp.route('/register', methods=['GET', 'POST'])
38 | def register():
39 | if current_user.is_authenticated:
40 | return redirect(url_for('main.index'))
41 | form = RegistrationForm()
42 | if form.validate_on_submit():
43 | user = User(username=form.username.data, email=form.email.data)
44 | user.set_password(form.password.data)
45 | db.session.add(user)
46 | db.session.commit()
47 | flash(_('Congratulations, you are now a registered user!'))
48 | return redirect(url_for('auth.login'))
49 | return render_template('auth/register.html', title='Register', form=form)
50 |
51 |
52 | @bp.route('/reset_password_request', methods=['GET', 'POST'])
53 | def reset_password_request():
54 | if current_user.is_authenticated:
55 | return redirect(url_for('main.index'))
56 | form = ResetPasswordRequestForm()
57 | if form.validate_on_submit():
58 | user = User.query.filter_by(email=form.email.data).first()
59 | if user:
60 | send_password_reset_email(user)
61 | flash(
62 | _('Check your email for the instructions to reset your password'))
63 | return redirect(url_for('auth.login'))
64 | return render_template('auth/reset_password_request.html',
65 | title='Reset Password', form=form)
66 |
67 |
68 | @bp.route('/reset_password/', methods=['GET', 'POST'])
69 | def reset_password(token):
70 | if current_user.is_authenticated:
71 | return redirect(url_for('main.index'))
72 | user = User.verify_reset_password_token(token)
73 | if not user:
74 | return redirect(url_for('main.index'))
75 | form = ResetPasswordForm()
76 | if form.validate_on_submit():
77 | user.set_password(form.password.data)
78 | db.session.commit()
79 | flash(_('Your password has been reset.'))
80 | return redirect(url_for('auth.login'))
81 | return render_template('auth/reset_password.html', form=form)
82 |
--------------------------------------------------------------------------------
/hollowapp/tests/tests.py:
--------------------------------------------------------------------------------
1 | from pathlib import Path
2 | import sys, unittest, xmlrunner
3 | base_directory = Path(__file__).absolute().parent.parent
4 | sys.path.insert(0, str(base_directory))
5 | from datetime import datetime, timedelta
6 | from app import create_app, db
7 | from app.models import User, Post
8 | from config import Config
9 |
10 | class TestConfig(Config):
11 | TESTING = True
12 | SQLALCHEMY_DATABASE_URI = 'sqlite://'
13 |
14 | class UserModelCase(unittest.TestCase):
15 | def setUp(self):
16 | self.app=create_app(TestConfig)
17 | self.app_context = self.app.app_context()
18 | self.app_context.push()
19 | db.create_all()
20 |
21 | def tearDown(self):
22 | db.session.remove()
23 | db.drop_all()
24 | self.app_context.pop()
25 |
26 | def test_password_hashing(self):
27 | u = User(username='susan')
28 | u.set_password('cat')
29 | self.assertFalse(u.check_password('dog'))
30 | self.assertTrue(u.check_password('cat'))
31 |
32 | def test_follow(self):
33 | u1 = User(username='john', email='john@example.com')
34 | u2 = User(username='susan', email='susan@example.com')
35 | db.session.add(u1)
36 | db.session.add(u2)
37 | db.session.commit()
38 | self.assertEqual(u1.followed.all(), [])
39 | self.assertEqual(u1.followers.all(), [])
40 |
41 | u1.follow(u2)
42 | db.session.commit()
43 | self.assertTrue(u1.is_following(u2))
44 | self.assertEqual(u1.followed.count(), 1)
45 | self.assertEqual(u1.followed.first().username, 'susan')
46 | self.assertEqual(u2.followers.count(), 1)
47 | self.assertEqual(u2.followers.first().username, 'john')
48 |
49 | u1.unfollow(u2)
50 | db.session.commit()
51 | self.assertFalse(u1.is_following(u2))
52 | self.assertEqual(u1.followed.count(), 0)
53 | self.assertEqual(u2.followers.count(), 0)
54 |
55 | def test_follow_posts(self):
56 | # create four users
57 | u1 = User(username='john', email='john@example.com')
58 | u2 = User(username='susan', email='susan@example.com')
59 | u3 = User(username='mary', email='mary@example.com')
60 | u4 = User(username='david', email='david@example.com')
61 | db.session.add_all([u1, u2, u3, u4])
62 |
63 | # create four posts
64 | now = datetime.utcnow()
65 | p1 = Post(body="post from john", author=u1,
66 | timestamp=now + timedelta(seconds=1))
67 | p2 = Post(body="post from susan", author=u2,
68 | timestamp=now + timedelta(seconds=4))
69 | p3 = Post(body="post from mary", author=u3,
70 | timestamp=now + timedelta(seconds=3))
71 | p4 = Post(body="post from david", author=u4,
72 | timestamp=now + timedelta(seconds=2))
73 | db.session.add_all([p1, p2, p3, p4])
74 | db.session.commit()
75 |
76 | # setup the followers
77 | u1.follow(u2) # john follows susan
78 | u1.follow(u4) # john follows david
79 | u2.follow(u3) # susan follows mary
80 | u3.follow(u4) # mary follows david
81 | db.session.commit()
82 |
83 | # check the followed posts of each user
84 | f1 = u1.followed_posts().all()
85 | f2 = u2.followed_posts().all()
86 | f3 = u3.followed_posts().all()
87 | f4 = u4.followed_posts().all()
88 | self.assertEqual(f1, [p2, p4, p1])
89 | self.assertEqual(f2, [p2, p3])
90 | self.assertEqual(f3, [p3, p4])
91 | self.assertEqual(f4, [p4])
92 |
93 | if __name__ == '__main__':
94 |
95 | unittest.main(
96 | testRunner=xmlrunner.XMLTestRunner(output='test-reports'),
97 | failfast=False,
98 | buffer=False,
99 | catchbreak=False,
100 | verbosity=2)
--------------------------------------------------------------------------------
/hollowapp/app/templates/base.html:
--------------------------------------------------------------------------------
1 | {% block doc -%}
2 |
3 |
4 | {%- block html %}
5 |
6 | {%- block head %}
7 |
8 | {% block title %}
9 | {% if title %}
10 | {{ title }} - HollowApp
11 | {% else %}
12 | {{ _('Welcome to HollowApp') }}
13 | {% endif %}
14 | {% endblock %}
15 |
16 |
17 | {%- block metas %}
18 |
19 | {%- endblock metas %}
20 |
21 | {%- block styles %}
22 |
23 |
24 | {%- endblock styles %}
25 | {%- endblock head %}
26 |
27 |
28 | {% block body -%}
29 | {% block navbar %}
30 |
64 | {% endblock %}
65 | {% block content %}
66 |
67 | {% with messages = get_flashed_messages() %}
68 | {% if messages %}
69 | {% for message in messages %}
70 |
{{ message }}
71 | {% endfor %}
72 | {% endif %}
73 | {% endwith %}
74 |
75 | {# application content needs to be provided in the app_content block #}
76 | {% block app_content %}{% endblock %}
77 |
86 | {%- endblock html %}
87 |