--- apiVersion: v1 kind: Namespace metadata: name: sock-shop labels: istio-injection: enabled --- apiVersion: apps/v1 kind: Deployment metadata: name: carts labels: app: carts version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: carts version: v1 template: metadata: labels: app: carts version: v1 spec: containers: - name: carts image: weaveworksdemos/carts:0.4.8 env: - name: JAVA_OPTS value: -Xms64m -Xmx128m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom -Dspring.zipkin.enabled=false resources: limits: cpu: 300m memory: 500Mi requests: cpu: 100m memory: 200Mi ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: carts annotations: prometheus.io/scrape: 'true' labels: service: carts app: carts namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 name: http selector: app: carts --- apiVersion: apps/v1 kind: Deployment metadata: name: carts-db labels: app: carts-db version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: carts-db version: v1 template: metadata: labels: app: carts-db version: v1 spec: containers: - name: carts-db image: mongo ports: - name: mongo containerPort: 27017 securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: carts-db labels: service: carts-db app: carts-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 27017 targetPort: 27017 name: tcp selector: app: carts-db --- apiVersion: apps/v1 kind: Deployment metadata: name: catalogue labels: app: catalogue version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: catalogue version: v1 template: metadata: labels: app: catalogue version: v1 spec: containers: - name: catalogue image: weaveworksdemos/catalogue:0.3.5 command: ["/app"] args: - -port=80 resources: limits: cpu: 200m memory: 200Mi requests: cpu: 100m memory: 100Mi ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true livenessProbe: httpGet: path: /health port: 80 initialDelaySeconds: 300 periodSeconds: 3 readinessProbe: httpGet: path: /health port: 80 initialDelaySeconds: 180 periodSeconds: 3 nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: catalogue annotations: prometheus.io/scrape: 'true' labels: service: catalogue app: catalogue namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 name: http selector: app: catalogue --- apiVersion: apps/v1 kind: Deployment metadata: name: catalogue-db labels: app: catalogue-db version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: catalogue-db version: v1 template: metadata: labels: app: catalogue-db version: v1 spec: containers: - name: catalogue-db image: weaveworksdemos/catalogue-db:0.3.0 env: - name: MYSQL_ROOT_PASSWORD value: fake_password - name: MYSQL_DATABASE value: socksdb ports: - name: mysql containerPort: 3306 nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: catalogue-db labels: service: catalogue-db app: catalogue-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 3306 targetPort: 3306 name: tcp selector: app: catalogue-db --- apiVersion: apps/v1 kind: Deployment metadata: name: front-end namespace: sock-shop labels: app: front-end version: v1 spec: replicas: 1 selector: matchLabels: app: front-end version: v1 template: metadata: labels: app: front-end version: v1 spec: containers: - name: front-end image: weaveworksdemos/front-end:0.3.12 resources: limits: cpu: 300m memory: 1000Mi requests: cpu: 100m memory: 300Mi ports: - containerPort: 8079 env: - name: SESSION_REDIS value: "true" securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all readOnlyRootFilesystem: true livenessProbe: httpGet: path: / port: 8079 initialDelaySeconds: 300 periodSeconds: 3 readinessProbe: httpGet: path: / port: 8079 initialDelaySeconds: 30 periodSeconds: 3 nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: front-end annotations: prometheus.io/scrape: 'true' labels: service: front-end app: front-end namespace: sock-shop spec: ports: - port: 80 targetPort: 8079 name: http selector: app: front-end --- apiVersion: apps/v1 kind: Deployment metadata: name: orders labels: app: orders version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: orders version: v1 template: metadata: labels: app: orders version: v1 spec: containers: - name: orders image: weaveworksdemos/orders:0.4.7 env: - name: JAVA_OPTS value: -Xms64m -Xmx128m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom -Dspring.zipkin.enabled=false resources: limits: cpu: 500m memory: 500Mi requests: cpu: 100m memory: 300Mi ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: orders annotations: prometheus.io/scrape: 'true' labels: service: orders app: orders namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 name: http selector: app: orders --- apiVersion: apps/v1 kind: Deployment metadata: name: orders-db labels: app: orders-db version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: orders-db version: v1 template: metadata: labels: app: orders-db version: v1 spec: containers: - name: orders-db image: mongo ports: - name: mongo containerPort: 27017 securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: orders-db labels: service: orders-db app: orders-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 27017 targetPort: 27017 name: tcp selector: app: orders-db --- apiVersion: apps/v1 kind: Deployment metadata: name: payment labels: app: payment version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: payment version: v1 template: metadata: labels: app: payment version: v1 spec: containers: - name: payment image: weaveworksdemos/payment:0.4.3 resources: limits: cpu: 200m memory: 200Mi requests: cpu: 99m memory: 100Mi ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true livenessProbe: httpGet: path: /health port: 80 initialDelaySeconds: 300 periodSeconds: 3 readinessProbe: httpGet: path: /health port: 80 initialDelaySeconds: 180 periodSeconds: 3 nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: payment annotations: prometheus.io/scrape: 'true' labels: service: payment app: payment namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 name: http selector: app: payment --- apiVersion: apps/v1 kind: Deployment metadata: name: queue-master labels: app: queue-master version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: queue-master version: v1 template: metadata: labels: app: queue-master version: v1 spec: containers: - name: queue-master image: weaveworksdemos/queue-master:0.3.1 env: - name: JAVA_OPTS value: -Xms64m -Xmx128m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom -Dspring.zipkin.enabled=false resources: limits: cpu: 300m memory: 500Mi requests: cpu: 100m memory: 300Mi ports: - containerPort: 80 nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: queue-master annotations: prometheus.io/scrape: 'true' labels: service: queue-master app: queue-master namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 name: http selector: app: queue-master --- apiVersion: apps/v1 kind: Deployment metadata: name: rabbitmq labels: app: rabbitmq version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: rabbitmq version: v1 template: metadata: labels: app: rabbitmq version: v1 annotations: prometheus.io/scrape: "false" spec: containers: - name: rabbitmq image: rabbitmq:3.6.8-management ports: - containerPort: 15672 name: management - containerPort: 5672 name: rabbitmq securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID - DAC_OVERRIDE readOnlyRootFilesystem: true - name: rabbitmq-exporter image: kbudde/rabbitmq-exporter ports: - containerPort: 9090 name: exporter nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: rabbitmq annotations: prometheus.io/scrape: 'true' prometheus.io/port: '9090' labels: service: rabbitmq app: rabbitmq namespace: sock-shop spec: ports: # the port that this service should serve on - port: 5672 name: tcp-rabbitmq targetPort: 5672 - port: 9090 name: tcp-exporter targetPort: exporter protocol: TCP selector: app: rabbitmq --- apiVersion: apps/v1 kind: Deployment metadata: name: session-db labels: app: session-db version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: session-db version: v1 template: metadata: labels: app: session-db version: v1 annotations: prometheus.io.scrape: "false" spec: containers: - name: session-db image: redis:alpine ports: - name: redis containerPort: 6379 securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID readOnlyRootFilesystem: true nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: session-db labels: service: session-db app: session-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 6379 targetPort: 6379 name: tcp selector: app: session-db --- apiVersion: apps/v1 kind: Deployment metadata: name: shipping labels: app: shipping version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: shipping version: v1 template: metadata: labels: app: shipping version: v1 spec: containers: - name: shipping image: weaveworksdemos/shipping:0.4.8 env: - name: ZIPKIN value: zipkin.jaeger.svc.cluster.local - name: JAVA_OPTS value: -Xms64m -Xmx128m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom -Dspring.zipkin.enabled=false resources: limits: cpu: 300m memory: 500Mi requests: cpu: 100m memory: 300Mi ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: shipping annotations: prometheus.io/scrape: 'true' labels: service: shipping app: shipping namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 name: http selector: app: shipping --- apiVersion: apps/v1 kind: Deployment metadata: name: user labels: app: user version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: user version: v1 template: metadata: labels: app: user version: v1 spec: containers: - name: user image: weaveworksdemos/user:0.4.7 resources: limits: cpu: 300m memory: 200Mi requests: cpu: 100m memory: 100Mi ports: - containerPort: 80 env: - name: mongo value: user-db:27017 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true livenessProbe: httpGet: path: /health port: 80 initialDelaySeconds: 300 periodSeconds: 3 readinessProbe: httpGet: path: /health port: 80 initialDelaySeconds: 180 periodSeconds: 3 nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: user annotations: prometheus.io/scrape: 'true' labels: service: user app: user namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 name: http selector: app: user --- apiVersion: apps/v1 kind: Deployment metadata: name: user-db labels: app: user-db version: v1 namespace: sock-shop spec: replicas: 1 selector: matchLabels: app: user-db version: v1 template: metadata: labels: app: user-db version: v1 spec: containers: - name: user-db image: weaveworksdemos/user-db:0.3.0 ports: - name: mongo containerPort: 27017 securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: user-db labels: service: user-db app: user-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 27017 targetPort: 27017 name: tcp selector: app: user-db