egommerce/stack
1
0
Fork 0
Code Issues 5 Pull Requests Projects Releases Wiki Activity

Compare commits

base: egommerce:v0.1.0
Branches Tags
egommerce:main egommerce:develop egommerce:testing egommerce:bugfix/fix-go_mod-repair
egommerce:v0.1.0
...
compare: egommerce:dcd2414ea0010277df01dddb1fec603b63555fac
Branches Tags
egommerce:develop egommerce:testing egommerce:main egommerce:bugfix/fix-go_mod-repair
egommerce:v0.1.0

26 Commits
v0.1.0 ... dcd2414ea0

Author SHA1 Message Date
Piotr Biernat
dcd2414ea0 Renamed Chronos to Scheduler 2025-11-05 13:15:22 +01:00
Piotr Biernat
4f1d72ff4d Fixes in generate cert script 2025-11-05 13:15:09 +01:00
Piotr Biernat
dae298bd00 Refactor and added scheduler container in k8s config 2025-10-31 11:53:04 +01:00
Piotr Biernat
37da42027b Update README.md 2025-10-31 11:42:36 +01:00
Piotr Biernat
27b00cd822 Update README.md 2025-10-31 11:42:05 +01:00
Piotr Biernat
7a4ebf2f6f Renamed db-postgres volume name 2025-10-23 09:35:41 +02:00
Piotr Biernat
b3b7fd6b5b Added volume mount to persist redis rdb 2025-10-23 09:35:25 +02:00
Piotr Biernat
276d17e51d Updated migration 2025-10-23 08:54:59 +02:00
Piotr Biernat
a4668a74b8 Added Chronos container for executing Cron Jobs 2025-10-23 08:54:36 +02:00
Piotr Biernat
9f4f6694d2 Added Grafana Dashoabrds configs 2025-10-23 08:53:55 +02:00
Piotr Biernat
c5c10ff8fd Migration SQLs updated 2025-10-22 13:49:53 +02:00
Piotr Biernat
255d874a22 Fixed user for db-postgres in deployment 2025-10-22 13:49:10 +02:00
Piotr Biernat
fca1257d62 Added password field to identity migration file 2025-10-21 15:59:55 +02:00
Piotr Biernat
5cee3b46db Fixes in identity-svc deployment 2025-10-21 15:59:31 +02:00
Piotr Biernat
a6dbe760e2 Fixes in catalog-svc deployment 2025-10-21 15:58:59 +02:00
Piotr Biernat
df63f90152 Added domain for api-gateway in generate certs script 2025-10-21 15:58:02 +02:00
Piotr Biernat
759da872ef Fixed k8s init script 2025-10-21 15:57:33 +02:00
Piotr Biernat
65307e2e27 Added catalog-svc deployment 2025-10-21 15:57:07 +02:00
Piotr Biernat
f3dc764748 Fixed api-eventbus node port 2025-10-21 15:56:15 +02:00
Piotr Biernat
671afb470a Update README.md 2025-10-20 15:29:47 +02:00
Piotr Biernat
832d59cedc Removed useless volumes from api-gateway deploy 2025-10-20 14:30:17 +02:00
Piotr Biernat
87e0c1ad1d Update README.md 2025-10-20 13:53:58 +02:00
Piotr Biernat
0938338b99 Removed docker swarm config 
Added K8S config
With big refactor
 2025-10-20 13:51:45 +02:00
Piotr Biernat
fa62c0b817 Update 2025-03-16 14:19:29 +01:00
Piotr Biernat
6848b55101 Update & Refactor 2024-12-24 14:29:04 +01:00
Piotr Biernat
a856f24132 refactor 2024-12-24 14:19:23 +01:00
59 changed files with 24217 additions and 2272 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -1,3 +1,3 @@
.idea/
#*.local.yml
deploy/certs/

1
CREDITS.md Normal file
View File

@@ -0,0 +1 @@
# Libraries or any other code used in this project:

10
Makefile
View File

@@ -1,7 +1,13 @@
DEPLOY_DIR := ./deploy
init:
- sh ${DEPLOY_DIR}/scripts/init-k8s.sh
up:
- sh ${DEPLOY_DIR}/start-docker.sh
- sh ${DEPLOY_DIR}/scripts/start-k8s.sh
down:
- docker stack rm egommerce
- sh ${DEPLOY_DIR}/scripts/stop-k8s.sh
certs:
- bash ${DEPLOY_DIR}/scripts/gen-certs.sh

16
README.md
View File

@@ -1,9 +1,15 @@
# Egommerce docker stack
# Egommerce K8S stack
## RUNNING
### Generate Certificates by running:
```make certs```
# $ make up
### Init stack (K8S Dependencies and secrets)
```make init```
## MAINTENANCE
### Start
### If certificate doesn't work try to copy contents of the key file at the end of the cert file.
```make up```
### Shutdown
```make down```

0
deploy/.env.dist
View File

4
deploy/.env.local
View File

@@ -1,4 +0,0 @@
API_GATEWAY_PORT=48443
API_GATEWAY_UI_PORT=48444
API_REGISTRY_UI_PORT=48445
API_EVENTBUS_UI_PORT=48446

BIN
deploy/bin/register-service
View File

Binary file not shown.

57
deploy/bin/register-service.go
View File

@@ -1,57 +0,0 @@
package main
import (
"log"
"net"
"net/http"
"os"
"strings"
)
func main() {
addr, port := env("API_REGISTRY_ADDR", "api-registry"), env("API_REGISTRY_PORT", "8501")
regUrl := "https://" + addr + ":" + port + "/v1/agent/service/register?replace-existing-checks=true"
regData, err := os.ReadFile("/.app.config")
if err != nil {
log.Fatal(err)
}
ip := getIP()
strRegData := string(regData)
strRegData = strings.Replace(strRegData, "__IP__", ip, -1)
req, err := http.NewRequest(http.MethodPut, regUrl, strings.NewReader(strRegData))
if err != nil {
log.Fatal(err)
}
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Printf(err.Error())
log.Fatal(err)
}
var respBody []byte
resp.Body.Read(respBody)
log.Printf("Successfully registered")
}
func env(name, def string) string {
val := os.Getenv(name)
if len(val) == 0 {
return def
}
return val
}
func getIP() string {
host, _ := os.Hostname()
ips, _ := net.LookupIP(host)
for _, ip := range ips {
return ip.String()
}
return host
}

9
deploy/bin/update-resolv.sh
View File

@@ -1,9 +0,0 @@
#!/usr/bin/env sh
# modify /etc/resolv.conf
registryIP=$(nslookup -type=A api-registry. | awk '/^Name:/ {c=2;N=$2} !--c {print N,$2}' | awk '{printf "%s", $2}')
resolvFile=$(cat /etc/resolv.conf)
echo -e "nameserver $registryIP" >>/etc/resolv.conf
# echo "$registryIP registry.service.ego.io" >> /etc/hosts # Add consul host with static IP (consul register itself as 127.0.0.1)
# nslookup api-registry

3
deploy/build-register-service.sh
View File

@@ -1,3 +0,0 @@
#!/bin/sh
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o deploy/bin/register-service deploy/bin/register-service.go

4
deploy/certs/.gitignore vendored
View File

@@ -1,4 +0,0 @@
# Ignore everything in this directory
*
# Except this file
!.gitignore

4
deploy/db_migrations/basket-svc/0001_create_base_tables.up.sql
View File

@@ -1,7 +1,7 @@
CREATE TABLE IF NOT EXISTS basket.basket
(
id uuid NOT NULL DEFAULT gen_random_uuid(),
state character varying NOT NULL DEFAULT 'new',
"state" character varying NOT NULL DEFAULT 'new',
created_at timestamp without time zone NOT NULL DEFAULT now(),
updated_at timestamp without time zone,
PRIMARY KEY (id)
@@ -13,7 +13,7 @@ CREATE TABLE IF NOT EXISTS basket.basket_item
basket_id uuid NOT NULL,
product_id integer NOT NULL,
quantity integer NOT NULL DEFAULT 1,
price double precision NOT NULL DEFAULT 0.00;
price double precision NOT NULL DEFAULT 0.00,
created_at timestamp without time zone NOT NULL DEFAULT now(),
updated_at timestamp without time zone,
PRIMARY KEY (id)

2
deploy/db_migrations/basket-svc/0002_add_price_to_basket_item.down.sql
View File

@@ -1,2 +0,0 @@
ALTER TABLE IF EXISTS basket.basket_item
DROP COLUMN price;

2
deploy/db_migrations/basket-svc/0002_add_price_to_basket_item.up.sql
View File

@@ -1,2 +0,0 @@
ALTER TABLE IF EXISTS basket.basket_item
ADD COLUMN price double precision NOT NULL DEFAULT 0.00;

12
deploy/db_migrations/catalog-svc/0001_create_base_tables.up.sql
View File

@@ -1,16 +1,12 @@
CREATE TABLE catalog.product
(
id integer NOT NULL GENERATED ALWAYS AS IDENTITY,
pid character varying NOT NULL,
name character varying NOT NULL,
id uuid NOT NULL DEFAULT uuid_generate_v4(),
"name" character varying NOT NULL,
slug character varying NOT NULL,
price double precision NOT NULL,
created_at timestamp without time zone NOT NULL DEFAULT now(),
updated_at timestamp without time zone,
PRIMARY KEY (id)
);
ALTER TABLE IF EXISTS catalog.product
OWNER to postgres;
COMMENT ON COLUMN catalog.product.pid
IS 'Unique product ID. EAN, UPC etc...';
ALTER TABLE IF EXISTS catalog.product OWNER to egommerce;

52
deploy/db_migrations/identity-svc/0001_create_base_tables.up.sql
View File

@@ -1,12 +1,58 @@
CREATE TABLE IF NOT EXISTS identity.users
(
id uuid NOT NULL DEFAULT gen_random_uuid(),
id uuid NOT NULL DEFAULT uuid_generate_v4(),
username character varying NOT NULL,
"password" character varying NOT NULL,
email character varying NOT NULL,
created_at timestamp without time zone NOT NULL DEFAULT now(),
updated_at timestamp without time zone,
PRIMARY KEY (id),
UNIQUE (email),
UNIQUE (username)
);
CREATE TABLE IF NOT EXISTS identity.roles
(
id uuid NOT NULL DEFAULT uuid_generate_v4(),
name character varying(100) COLLATE pg_catalog."default" NOT NULL,
display_name character varying(200) COLLATE pg_catalog."default" NOT NULL,
created_at timestamp without time zone NOT NULL DEFAULT now(),
updated_at timestamp without time zone,
PRIMARY KEY (id)
);
ALTER TABLE IF EXISTS identity.users
OWNER to postgres;
CREATE TABLE IF NOT EXISTS identity.users_roles
(
id uuid NOT NULL DEFAULT uuid_generate_v4(),
user_id uuid NOT NULL,
role_id uuid NOT NULL,
PRIMARY KEY (id),
FOREIGN KEY (user_id)
REFERENCES identity.users (id) MATCH SIMPLE
ON UPDATE NO ACTION
ON DELETE NO ACTION
NOT VALID,
FOREIGN KEY (role_id)
REFERENCES identity.roles (id) MATCH SIMPLE
ON UPDATE NO ACTION
ON DELETE NO ACTION
NOT VALID
UNIQUE (user_id, role_id)
);
CREATE TABLE identity.url_access
(
id uuid NOT NULL DEFAULT uuid_generate_v4(),
roles json NOT NULL,
url character varying(255) NOT NULL,
method character varying(10) NOT NULL,
service character varying(100) NOT NULL,
PRIMARY KEY (id),
UNIQUE (url, method, service)
);
ALTER TABLE IF EXISTS identity.users OWNER to egommerce;
ALTER TABLE IF EXISTS identity.roles OWNER to egommerce;
ALTER TABLE IF EXISTS identity.users_roles OWNER to egommerce;
ALTER TABLE IF EXISTS identity.url_access OWNER to egommerce;

7
deploy/db_migrations/init/init.sql
View File

@@ -1,3 +1,10 @@
CREATE USER egommerce;
CREATE DATABASE egommerce;
GRANT ALL PRIVILEGES ON DATABASE egommerce TO egommerce;
CREATE EXTENSION IF NOT EXISTS "pgcrypto";
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
CREATE SCHEMA "identity" AUTHORIZATION egommerce;
CREATE SCHEMA catalog AUTHORIZATION egommerce;

4
deploy/db_migrations/order-svc/0001_create_base_tables.down.sql
View File

@@ -1,2 +1,2 @@
DROP TABLE IF EXISTS ordering.order_item;
DROP TABLE IF EXISTS ordering."order";
DROP TABLE IF EXISTS "ordering".order_item;
DROP TABLE IF EXISTS "ordering"."order";

10
deploy/db_migrations/order-svc/0001_create_base_tables.up.sql
View File

@@ -1,25 +1,25 @@
CREATE TABLE IF NOT EXISTS ordering."order"
CREATE TABLE IF NOT EXISTS "ordering"."order"
(
id uuid NOT NULL DEFAULT gen_random_uuid(),
state character varying NOT NULL DEFAULT 'new',
"state" character varying NOT NULL DEFAULT 'new',
created_at timestamp without time zone NOT NULL DEFAULT now(),
updated_at timestamp without time zone,
PRIMARY KEY (id)
);
CREATE TABLE IF NOT EXISTS ordering.order_item
CREATE TABLE IF NOT EXISTS "ordering".order_item
(
id uuid NOT NULL DEFAULT gen_random_uuid(),
order_id uuid NOT NULL,
product_id integer NOT NULL,
quantity integer NOT NULL DEFAULT 1,
price double precision NOT NULL DEFAULT 0.00;
price double precision NOT NULL DEFAULT 0.00,
created_at timestamp without time zone NOT NULL DEFAULT now(),
updated_at timestamp without time zone,
PRIMARY KEY (id)
);
ALTER TABLE IF EXISTS ordering.order_item
ALTER TABLE IF EXISTS "ordering".order_item
ADD CONSTRAINT order_item_order_fkey FOREIGN KEY (order_id)
REFERENCES "ordering"."order" (id) MATCH SIMPLE
ON UPDATE NO ACTION

179
deploy/docker/stack.dev.local.yml
View File

@@ -1,179 +0,0 @@
version: "3.9"
services:
api-registry:
env_file: ../.env.local
environment:
- CONSUL_HTTP_TOKEN=784746ec-0d5d-fb12-1a79-95f912dcaabd
- VAULT_TOKEN=hvs.cJE9Qr4PIafDGy0wdx2GoxOb # ROOT TOKEN
# - VAULT_TOKEN=hvs.CAESICxuTO_JieCbpMoZ4_qOPIohxSKim_4V8t11JLg93RtKGh4KHGh2cy5VUUFqUm5CdTQ3V3hMQ3BHSDB4dThNZHE
volumes:
- ../certs/api-registry/registry.local.crt:/etc/certs/registry.local.crt:ro
# - ../certs/ca/vault-root.pem:/usr/local/share/ca-certificates/vaultCA.pem:ro
api-gateway:
env_file: ../.env.local
environment:
- CONSUL_HTTP_TOKEN=784746ec-0d5d-fb12-1a79-95f912dcaabd
- VAULT_TOKEN=hvs.cJE9Qr4PIafDGy0wdx2GoxOb # ROOT TOKEN
# - VAULT_TOKEN=hvs.CAESICxuTO_JieCbpMoZ4_qOPIohxSKim_4V8t11JLg93RtKGh4KHGh2cy5VUUFqUm5CdTQ3V3hMQ3BHSDB4dThNZHE
volumes:
- ../certs/api-gateway/gateway.local.crt:/etc/certs/gateway.local.crt:ro
# - ../certs/ca/vault-root.pem:/usr/local/share/ca-certificates/vaultCA.pem:ro
api-vault:
env_file: ../.env.local
# command: ["vault", "server", "-dev", "-dev-tls", "-dev-listen-address=0.0.0.0:8200", "-dev-root-token-id=dev-vault-token"]
environment:
- CONSUL_HTTP_TOKEN=784746ec-0d5d-fb12-1a79-95f912dcaabd
- VAULT_TOKEN=hvs.G7oo532tREW4MTdWTgq03GtA # ROOT TOKEN
# - VAULT_TOKEN=hvs.CAESICxuTO_JieCbpMoZ4_qOPIohxSKim_4V8t11JLg93RtKGh4KHGh2cy5VUUFqUm5CdTQ3V3hMQ3BHSDB4dThNZHE
volumes:
- ../certs/api-vault/vault.local.crt:/etc/certs/vault.crt:ro
# - ../certs/ca/vault-root.pem:/usr/local/share/ca-certificates/vaultCA.pem:ro
ports:
- 48250:8200
api-eventbus:
env_file: ../.env.local
volumes:
- ../certs/api-eventbus/eventbus.local.crt:/etc/certs/eventbus.local.crt:ro
# - ../certs/api-eventbus/eventbus.key:/etc/certs/eventbus.local.key:ro
labels:
- traefik.tcp.routers.eventbus.rule=HostSNI(`esb.service.ego.io`)
ports:
- 48200:15672
- 48201:5672
api-cache:
env_file: ../.env.local
command: ["redis-server", "/etc/redis.conf", "--requirepass", "12345678"]
ports:
- 48300:6379
api-logger:
env_file: ../.env.local
ports:
- 48400:24224
# api-prometheus:
# ports:
# - 9090:9090
# api-grafana:
# ports:
# - 3000:3000
db-postgres:
env_file: ../.env.local
ports:
- 48500:5432
# db-mongo:
# env_file: ../.env.local
# environment:
# - APP_DOMAIN=mongodb.egommerce.local # FIXME
# ports:
# - 48600:27017
identity-svc:
deploy:
mode: replicated
replicas: 0
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
# - EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 48780:443
catalog-svc:
deploy:
mode: replicated
replicas: 1
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 48781:443
basket-svc:
deploy:
mode: replicated
replicas: 0
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 48782:443
order-svc:
deploy:
mode: replicated
replicas: 0
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 48783:443
pricing-svc:
deploy:
mode: replicated
replicas: 0
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 48784:443
# Workers (EventBus)
basket-worker:
deploy:
mode: replicated
replicas: 0
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
catalog-worker:
deploy:
mode: replicated
replicas: 0
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
pricing-worker:
deploy:
mode: replicated
replicas: 0
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
order-worker:
deploy:
mode: replicated
replicas: 0
env_file: ../.env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672

129
deploy/docker/stack.dev.yml
View File

@@ -1,129 +0,0 @@
version: "3.9"
services:
api-registry:
image: git.pbiernat.io/egommerce/api-registry:dev
environment:
- APP_DOMAIN=registry.service.ego.io
- VAULT_ADDR=https://api-vault:8200
- VAULT_API_ADDR=https://api-vault:8200
# - ENVOY_VERSION_STRING=1.26.3
ports:
- 48100:8501
api-gateway:
image: git.pbiernat.io/egommerce/api-registry:dev
environment:
- APP_DOMAIN=gw.service.ego.io
# - VAULT_ADDR=https://api-vault:8200
# - VAULT_API_ADDR=https://api-vault:8200
# - ENVOY_VERSION_STRING=1.26.3
ports:
- 48101:8501
- 48443:8443 # consul & envoy api gateway port
api-vault:
image: git.pbiernat.io/egommerce/api-vault:dev
environment:
- APP_DOMAIN=vault.service.ego.io
- CONSUL_HTTP_ADDR=https://api-registry:8501
api-eventbus:
image: git.pbiernat.io/egommerce/api-eventbus:dev
environment:
- APP_DOMAIN=esb.service.ego.io
# - RABBITMQ_NODENAME=api-eventbus
# - RABBITMQ_USE_LONGNAME=true
# - RABBITMQ_DEFAULT_USER = admin
# - RABBITMQ_DEFAULT_PASS = passw123
api-cache:
image: git.pbiernat.io/egommerce/api-cache:dev
environment:
- APP_DOMAIN=cache.service.ego.io
- PASSWORD=12345678
api-logger:
image: git.pbiernat.io/egommerce/api-logger:dev
environment:
- APP_DOMAIN=logger.service.ego.io
# api-prometheus:
# image: prom/prometheus:latest # FIXME: create private image(prod/dev)...
# environment:
# - APP_DOMAIN=prometheus.service.ego.io
# api-grafana:
# image: grafana/grafana-oss:latest # FIXME: create private image(prod/dev)...
# environment:
# - APP_DOMAIN=grafana.service.ego.io
db-postgres:
image: git.pbiernat.io/egommerce/db-postgres:dev
environment:
- APP_DOMAIN=postgresdb.service.ego.io
- POSTGRESQL_PASSWORD=12345678
# db-mongo:
# environment:
# - MONGO_INITDB_ROOT_PASSWORD=12345678
# API micro-services
identity-svc:
image: git.pbiernat.io/egommerce/identity-svc:dev
environment:
# - SERVER_ADDR=basket.service.ego.io
- APP_DOMAIN=identity.service.ego.io
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
catalog-svc:
image: git.pbiernat.io/egommerce/catalog-svc:dev
environment:
# - REGISTRY_USE_DOMAIN_OVER_IP=false
- APP_DOMAIN=catalog.service.ego.io
- AUTH_HANDLER_URL=https://identity.service.ego.io/api/v1/traefik
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
basket-svc:
image: git.pbiernat.io/egommerce/basket-svc:dev
environment:
- APP_DOMAIN=basket.service.ego.io
- AUTH_HANDLER_URL=https://identity.service.ego.io/api/v1/traefik
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
order-svc:
image: git.pbiernat.io/egommerce/order-svc:dev
environment:
- APP_DOMAIN=order.service.ego.io
- AUTH_HANDLER_URL=https://identity.service.ego.io/api/v1/traefik
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
# volumes:
# - ../etc/resolv.conf:/etc/resolv.conf
pricing-svc:
image: git.pbiernat.io/egommerce/pricing-svc:dev
environment:
- APP_DOMAIN=pricing.service.ego.io
- AUTH_HANDLER_URL=https://identity.service.ego.io/api/v1/traefik
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
# Workers (Eventbus)
basket-worker:
image: git.pbiernat.io/egommerce/basket-worker:dev
environment:
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
catalog-worker:
image: git.pbiernat.io/egommerce/catalog-worker:dev
environment:
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
pricing-worker:
image: git.pbiernat.io/egommerce/pricing-worker:dev
environment:
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
order-worker:
image: git.pbiernat.io/egommerce/order-worker:dev
environment:
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017

142
deploy/docker/stack.prod.yml
View File

@@ -1,142 +0,0 @@
version: "3.9"
services:
api-registry:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/api-registry:prod
environment:
- APP_DOMAIN=registry.service.ego.io
api-gateway:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/api-registry:prod
environment:
- APP_DOMAIN=gw.service.ego.io
api-vault:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/api-vault:prod
command: ["vault", "server", "-config=/vault/config/server.hcl"]
environment:
- APP_DOMAIN=vault.service.ego.io
- VAULT_API_ADDR=https://localhost:8200
- VAULT_ADDR=https://localhost:8200
api-eventbus:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/api-eventbus:prod
environment:
- APP_DOMAIN=esb.service.ego.io
api-cache:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/api-cache:prod
environment:
- APP_DOMAIN=cache.service.ego.io
api-logger:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/api-logger:prod
environment:
- APP_DOMAIN=logger.service.ego.io
# api-prometheus:
# image: prom/prometheus:prod # FIXME: create private image(prod/dev)...
# user: root
# environment:
# - APP_NAME=api-prometheus
# api-grafana:
# image: grafana/grafana-oss:prod # FIXME: create private image(prod/dev)...
# environment:
# - APP_NAME=api-grafana
db-postgres:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/db-postgres:prod
environment:
- APP_DOMAIN=postgresdb.service.ego.io
- POSTGRESQL_USERNAME=egommerce
- POSTGRESQL_DATABASE=egommerce
# db-mongo:
# env_file: ../.env.prod
# environment:
# - APP_NAME=db-mongo
# - APP_DOMAIN=mongo-db.service.ego.io
# - MONGO_INITDB_ROOT_USERNAME=mongodb
# API micro-services
identity-svc:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/identity-svc:prod
environment:
- APP_DOMAIN=identity.service.ego.io
- APP_PATH_PREFIX=/identity
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
catalog-svc:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/catalog-svc:prod
environment:
- APP_DOMAIN=catalog.service.ego.io
- APP_PATH_PREFIX=/catalog
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
basket-svc:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/basket-svc:prod
environment:
- APP_DOMAIN=basket.service.ego.io
- APP_PATH_PREFIX=/basket
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
pricing-svc:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/pricing-svc:prod
environment:
- APP_DOMAIN=pricing.service.ego.io
- APP_PATH_PREFIX=/pricing
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
order-svc:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/order-svc:prod
environment:
- APP_DOMAIN=order.service.ego.io
- APP_PATH_PREFIX=/order
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
# Workers (Eventbus)
basket-worker:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/basket-worker:prod
environment:
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
catalog-worker:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/catalog-worker:prod
environment:
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
pricing-worker:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/pricing-worker:prod
environment:
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672
order-worker:
env_file: ../.env.prod
image: git.pbiernat.io/egommerce/order-worker:prod
environment:
- DATABASE_URL=postgres://postgres:12345678@postgresdb.service.ego.io:5432/egommerce
- EVENTBUS_URL=amqp://guest:guest@esb.service.ego.io:5672

479
deploy/docker/stack.yml
View File

@@ -1,479 +0,0 @@
version: "3.9"
services:
api-registry:
image: git.pbiernat.io/egommerce/api-registry:latest
command: [
"consul",
"agent",
"-config-file=/consul/config/server.hcl",
# "-config-dir=/consul/config",
"-node=registry",
"-bootstrap-expect=1"
]
environment:
- APP_DOMAIN
- APP_NAME=api-registry
- CONSUL_HTTP_ADDR=127.0.0.1:8501
- CONSUL_HTTP_SSL=true
- CONSUL_CACERT=/usr/share/pki/ca-trust-source/anchors/internalCA.crt
- CONSUL_CLIENT_CERT=/etc/certs/registry.crt
- CONSUL_CLIENT_KEY=/etc/certs/registry.key
volumes:
- registry_data:/consul/data
- ../certs/api-registry/registry.internal.crt:/etc/certs/registry.crt:ro
- ../certs/api-registry/registry.key:/etc/certs/registry.key:ro
- ../certs/ca/internalCA.crt:/usr/share/pki/ca-trust-source/anchors/internalCA.crt:ro
# - ../bin/register-service:/bin/register-service
# - ../bin/update-resolv.sh:/bin/update-resolv
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
api-gateway: # consul client running as api-gateway
image: git.pbiernat.io/egommerce/api-registry:latest
command: [
"consul",
"agent",
"-config-file=/consul/config/gateway.hcl",
# "-config-file=/consul/config/gateway-config.hcl",
# "-config-file=/consul/config/gateway-routes.hcl",
# "-config-dir=/consul/config",
"-node=gateway",
"-retry-join=api-registry"
]
environment:
- APP_DOMAIN
- APP_NAME=api-gateway
- CONSUL_HTTP_ADDR=127.0.0.1:8501
- CONSUL_HTTP_SSL=true
- CONSUL_CACERT=/usr/share/pki/ca-trust-source/anchors/internalCA.crt
- CONSUL_CLIENT_CERT=/etc/certs/gateway.crt
- CONSUL_CLIENT_KEY=/etc/certs/gateway.key
volumes:
- gateway_data:/consul/data
- ../certs/api-gateway/gateway.internal.crt:/etc/certs/gateway.crt:ro
- ../certs/api-gateway/gateway.key:/etc/certs/gateway.key:ro
- ../certs/catalog-svc/catalog-svc.crt:/etc/certs/catalog.crt:ro
- ../certs/catalog-svc/catalog-svc.key:/etc/certs/catalog.key:ro
- ../certs/ca/internalCA.crt:/usr/share/pki/ca-trust-source/anchors/internalCA.crt:ro
# - ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
api-vault:
image: git.pbiernat.io/egommerce/api-vault:latest
command: ["vault", "server", "-config=/vault/config/server.hcl"]
environment:
- APP_DOMAIN
- APP_NAME=api-vault
- API_REGISTRY_ADDR=api-registry
volumes:
- vault_data:/vault/data
- ../certs/api-vault/vault.internal.crt:/etc/certs/vault.crt:ro
- ../certs/api-vault/vault.key:/etc/certs/vault.key:ro
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
cap_add:
- IPC_LOCK
networks:
- egommerce-network
# cap_add:
# - IPC_LOCK
api-eventbus:
image: git.pbiernat.io/egommerce/api-eventbus:latest
environment:
# - RABBITMQ_NODENAME=api-eventbus
- RABBITMQ_ERLANG_COOKIE=rabbitmq
- APP_DOMAIN
- APP_NAME=api-eventbus
- API_REGISTRY_ADDR=api-registry
volumes:
- eventbus_data:/var/lib/rabbitmq
- eventbus_logs:/var/log/rabbitmq
- ../certs/api-eventbus/eventbus.internal.crt:/etc/certs/eventbus.crt:ro
- ../certs/api-eventbus/eventbus.key:/etc/certs/eventbus.key:ro
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
api-cache:
image: git.pbiernat.io/egommerce/api-cache:latest
environment:
- APP_DOMAIN
- APP_NAME=api-cache
- API_REGISTRY_ADDR=api-registry
volumes:
# - ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
api-logger:
image: git.pbiernat.io/egommerce/api-logger:latest
environment:
- APP_DOMAIN
- APP_NAME=api-logger
- API_REGISTRY_ADDR=api-registry
volumes:
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
# api-prometheus:
# image: prom/prometheus:latest # FIXME: create private image(prod/dev)...
# user: root
# environment:
# - APP_DOMAIN
# - APP_NAME=api-prometheus
# - API_REGISTRY_ADDR=api-registry
# volumes:
# - ../etc/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
# - ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
# - ../bin/register-service:/bin/register-service
# - ../bin/update-resolv.sh:/bin/update-resolv
# - /var/run/docker.sock:/var/run/docker.sock
# depends_on:
# - api-registry
# networks:
# - egommerce-network
# api-grafana:
# image: grafana/grafana-oss:latest # FIXME: create private image(prod/dev)...
# environment:
# - APP_DOMAIN
# - APP_NAME=api-grafana
# - API_REGISTRY_ADDR=api-registry
# volumes:
# - grafana-db:/var/lib/grafana
# - ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
# - ../bin/update-resolv.sh:/bin/update-resolv
# - ../bin/register-service:/bin/register-service
# depends_on:
# - api-registry
# networks:
# - egommerce-network
db-postgres:
image: git.pbiernat.io/egommerce/db-postgres:latest
environment:
- APP_DOMAIN
- APP_NAME=db-postgres
- API_REGISTRY_ADDR=api-registry
- POSTGRESQL_USERNAME=postgres
- POSTGRESQL_DATABASE=postgres
- POSTGRESQL_PASSWORD=H5Gd7^37*Hka*a72
volumes:
- postgres_data:/var/lib/postgresql/data
# - ./db_migrations/init/:/docker-entrypoint-initdb.d/
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
# db-mongo:
# image: mongo:5.0.14
# environment:
# - APP_DOMAIN
# - APP_NAME=mongo-db
# - API_REGISTRY_ADDR=api-registry
# - MONGO_INITDB_ROOT_USERNAME=mongodb
# - MONGO_INITDB_ROOT_PASSWORD
# volumes:
# - mongodb_data:/data/db
# - ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
# - ../bin/register-service:/bin/register-service
# - ../bin/update-resolv.sh:/bin/update-resolv
# depends_on:
# - api-registry
# deploy:
# mode: replicated
# replicas: 1
# extra_hosts:
# - "host.docker.internal:host-gateway"
# networks:
# - egommerce-network
# API micro-services
identity-svc:
image: git.pbiernat.io/egommerce/identity-svc:latest
environment:
- APP_NAME=identity-svc
- APP_PATH_PREFIX=/identity
- API_REGISTRY_ADDR=api-gateway
- APP_DOMAIN
- APP_KV_NAMESPACE
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/identity-svc/identity-svc.crt:/certs/client.crt:ro
- ../certs/identity-svc/identity-svc.key:/certs/client.key:ro
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../db_migrations/identity-svc:/migrations
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
catalog-svc:
image: git.pbiernat.io/egommerce/catalog-svc:latest
environment:
- APP_NAME=catalog-svc
- APP_PATH_PREFIX=/catalog
- API_REGISTRY_ADDR=api-gateway
- APP_DOMAIN
- APP_KV_NAMESPACE
- AUTH_HANDLER_URL
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/catalog-svc/catalog-svc.crt:/certs/client.crt:ro
- ../certs/catalog-svc/catalog-svc.key:/certs/client.key:ro
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../db_migrations/catalog-svc:/migrations
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
basket-svc:
image: git.pbiernat.io/egommerce/basket-svc:latest
environment:
- APP_NAME=basket-svc
- APP_PATH_PREFIX=/basket
- API_REGISTRY_ADDR=api-gateway
- APP_DOMAIN
- APP_KV_NAMESPACE
- AUTH_HANDLER_URL
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/basket-svc/basket-svc.crt:/certs/client.crt:ro
- ../certs/basket-svc/basket-svc.key:/certs/client.key:ro
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../db_migrations/basket-svc:/migrations
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
order-svc:
image: git.pbiernat.io/egommerce/order-svc:latest
environment:
- APP_NAME=order-svc
- APP_PATH_PREFIX=/order
- API_REGISTRY_ADDR=api-gateway
- APP_DOMAIN
- APP_KV_NAMESPACE
- AUTH_HANDLER_URL
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/order-svc/order-svc.crt:/certs/client.crt:ro
- ../certs/order-svc/order-svc.key:/certs/client.key:ro
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../db_migrations/order-svc:/migrations
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
pricing-svc:
image: git.pbiernat.io/egommerce/pricing-svc:latest
environment:
- APP_NAME=pricing-svc
- APP_PATH_PREFIX=/pricing
- API_REGISTRY_ADDR=api-gateway
- APP_DOMAIN
- APP_KV_NAMESPACE
- AUTH_HANDLER_URL
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/pricing-svc/pricing-svc.crt:/certs/client.crt:ro
- ../certs/pricing-svc/pricing-svc.key:/certs/client.key:ro
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../db_migrations/pricing-svc:/migrations
- ../bin/register-service:/bin/register-service
- ../bin/update-resolv.sh:/bin/update-resolv
depends_on:
- api-registry
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
# Workers (Eventbus)
basket-worker:
image: git.pbiernat.io/egommerce/basket-worker:latest
environment:
- APP_NAME=basket-worker
- APP_KV_NAMESPACE
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/update-resolv.sh:/bin/update-resolv
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
catalog-worker:
image: git.pbiernat.io/egommerce/catalog-worker:latest
environment:
- APP_NAME=catalog-worker
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/update-resolv.sh:/bin/update-resolv
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
pricing-worker:
image: git.pbiernat.io/egommerce/pricing-worker:latest
environment:
- APP_NAME=pricing-worker
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/update-resolv.sh:/bin/update-resolv
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
order-worker:
image: git.pbiernat.io/egommerce/order-worker:latest
environment:
- APP_NAME=order-worker
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ../certs/ca/internalCA.crt:/usr/local/share/ca-certificates/internalCA.crt:ro
- ../bin/update-resolv.sh:/bin/update-resolv
deploy:
mode: replicated
replicas: 1
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
- egommerce-network
volumes:
postgres_data: ~
mongodb_data: ~
registry_data: ~
gateway_data: ~
vault_data: ~
eventbus_data: ~
eventbus_logs: ~
# grafana-db: ~
networks:
# Infrastructure networks
egommerce-network:
driver: overlay

151
deploy/egommerce-stack.dev.local.yml
View File

@@ -1,151 +0,0 @@
version: "3.9"
services:
api-gateway:
env_file: .env.local
environment:
- APP_DOMAIN=egommerce.local
# - APP_PORT=48443
ports:
- 48443:443
- 48444:8080
# - 5672:5672
api-registry:
command: ["-ui-content-path=/registry"]
env_file: .env.local
environment:
- APP_DOMAIN=registry.egommerce.local
# - APP_PORT=48445
ports:
- 48445:8500
- 8600:8600/udp
api-eventbus:
env_file: .env.local
environment:
- APP_DOMAIN=eventbus.egommerce.local
# - APP_PORT=48446
ports:
- 48446:8084
- 15672:15672
api-cache:
env_file: .env.local
environment:
- APP_DOMAIN=redis.egommerce.local
command: ["redis-server", "/etc/redis.conf", "--requirepass", "12345678"]
ports:
- 6379:6379
api-logger:
env_file: .env.local
environment:
- APP_DOMAIN=logger.egommerce.local
ports:
- 24224:24224
# api-prometheus:
# environment:
# - APP_DOMAIN=prometheus.egommerce.local
# ports:
# - 9090:9090
# api-grafana:
# environment:
# - APP_DOMAIN=grafana.egommerce.local
# ports:
# - 3000:3000
postgres-db:
env_file: .env.local
environment:
- APP_DOMAIN=postgres.egommerce.local
ports:
- 5432:5432
mongo-db:
env_file: .env.local
environment:
- APP_DOMAIN=mongo.egommerce.local
ports:
- 27017:27017
identity-svc:
env_file: .env.local
environment:
- APP_DOMAIN=identity.api.egommerce.local
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 8080:80
basket-svc:
env_file: .env.local
environment:
- APP_DOMAIN=basket.api.egommerce.local
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 8001:80
catalog-svc:
env_file: .env.local
environment:
- APP_DOMAIN=catalog.api.egommerce.local
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 8002:80
order-svc:
env_file: .env.local
environment:
- APP_DOMAIN=order.api.egommerce.local
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 8003:80
pricing-svc:
env_file: .env.local
environment:
- APP_DOMAIN=pricing.api.egommerce.local
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
ports:
- 8004:80
# Workers (EventBus)
basket-worker:
env_file: .env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
catalog-worker:
env_file: .env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
pricing-worker:
env_file: .env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
order-worker:
env_file: .env.local
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672

140
deploy/egommerce-stack.dev.yml
View File

@@ -1,140 +0,0 @@
version: "3.9"
services:
api-gateway:
image: git.ego.cloudns.be/egommerce/api-gateway:dev
environment:
- APP_DOMAIN=api-gateway
volumes:
- ./certs/api-gateway:/etc/traefik/certs
api-registry:
image: git.ego.cloudns.be/egommerce/api-registry:dev
environment:
- APP_DOMAIN=api-registry
- CONSUL_HTTP_TOKEN=devop
volumes:
- ./certs/api-registry:/consul/data/certs
api-eventbus:
image: git.ego.cloudns.be/egommerce/api-eventbus:dev
environment:
- APP_DOMAIN=api-eventbus
# - RABBITMQ_NODENAME=api-eventbus
# - RABBITMQ_USE_LONGNAME=true
# - RABBITMQ_DEFAULT_USER = admin
# - RABBITMQ_DEFAULT_PASS = passw123
api-cache:
image: git.ego.cloudns.be/egommerce/api-cache:dev
environment:
- PASSWORD=12345678
api-logger:
image: git.ego.cloudns.be/egommerce/api-logger:dev
environment:
- APP_DOMAIN=api-logger
#api-prometheus:
# image: prom/prometheus:latest # FIXME: create private image(prod/dev)...
# environment:
# - APP_DOMAIN=prometheus.keshop.bieda.it
#api-grafana:
# image: grafana/grafana-oss:latest # FIXME: create private image(prod/dev)...
# environment:
# - APP_DOMAIN=grafana.keshop.bieda.it
postgres-db:
environment:
- APP_DOMAIN=postgres-db
- POSTGRES_PASSWORD=12345678
mongo-db:
environment:
- APP_DOMAIN=mongo-db
- MONGO_INITDB_ROOT_PASSWORD=12345678
# API micro-services
identity-svc:
image: git.ego.cloudns.be/egommerce/identity-svc:dev
environment:
- APP_DOMAIN=identity-svc
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
volumes:
- ./certs/api-gateway:/certs
basket-svc:
image: git.ego.cloudns.be/egommerce/basket-svc:dev
environment:
- APP_DOMAIN=basket-svc
- AUTH_HANDLER_URL=http://identity-svc/api/v1/traefik
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
volumes:
- ./certs/api-gateway:/certs
catalog-svc:
image: git.ego.cloudns.be/egommerce/catalog-svc:dev
environment:
- APP_DOMAIN=catalog-svc
- AUTH_HANDLER_URL=http://identity-svc/api/v1/traefik
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
volumes:
- ./certs/api-gateway:/certs
pricing-svc:
image: git.ego.cloudns.be/egommerce/pricing-svc:dev
environment:
- APP_DOMAIN=pricing-svc
- AUTH_HANDLER_URL=http://identity-svc/api/v1/traefik
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
volumes:
- ./certs/api-gateway:/certs
order-svc:
image: git.ego.cloudns.be/egommerce/order-svc:dev
environment:
- APP_DOMAIN=order-svc
- AUTH_HANDLER_URL=http://identity-svc/api/v1/traefik
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
volumes:
- ./certs/api-gateway:/certs
# Workers (Eventbus)
basket-worker:
image: git.ego.cloudns.be/egommerce/basket-worker:dev
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
catalog-worker:
image: git.ego.cloudns.be/egommerce/catalog-worker:dev
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
pricing-worker:
image: git.ego.cloudns.be/egommerce/pricing-worker:dev
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672
order-worker:
image: git.ego.cloudns.be/egommerce/order-worker:dev
environment:
- DATABASE_URL=postgres://postgres:12345678@postgres-db:5432/egommerce
- MONGODB_URL=mongodb://mongodb:12345678@mongo-db:27017
- EVENTBUS_URL=amqp://guest:guest@api-eventbus:5672

392
deploy/egommerce-stack.yml
View File

@@ -1,392 +0,0 @@
version: "3.9"
services:
api-gateway:
image: git.ego.cloudns.be/egommerce/api-gateway:latest
# command:
# - '--providers.consulcatalog.refreshinterval=5s'
# FIXME ^^ only on config option: static/env/cli must be selected
environment:
- APP_NAME=api-gateway
- APP_DOMAIN
- API_REGISTRY_REFRESH_INTERVAL=5s
volumes:
- ./certs/api-gateway:/etc/traefik/certs
- /var/run/docker.sock:/var/run/docker.sock
networks:
- api-gateway-network
- api-registry-network
- api-logger-network
api-registry:
image: git.ego.cloudns.be/egommerce/api-registry:latest
environment:
- APP_NAME=api-registry
- APP_DOMAIN
- CONSUL_HTTP_TOKEN=VeryS3cr3tTok3N
volumes:
- registry_data:/consul/data
- ./certs/api-registry:/consul/data/certs
networks:
- api-registry-network
- api-logger-network
api-eventbus:
image: git.ego.cloudns.be/egommerce/api-eventbus:latest
environment:
# - RABBITMQ_NODENAME=api-eventbus
- RABBITMQ_ERLANG_COOKIE=rabbitmq
- APP_NAME=api-eventbus
- APP_DOMAIN
volumes:
- eventbus_data:/var/lib/rabbitmq
- eventbus_logs:/var/log/rabbitmq
networks:
- api-gateway-network
- api-eventbus-network
- api-registry-network
- api-logger-network
api-cache:
image: git.ego.cloudns.be/egommerce/api-cache:latest
environment:
- APP_NAME=api-cache
networks:
- api-cache-network
- api-logger-network
api-logger:
image: git.ego.cloudns.be/egommerce/api-logger:latest
environment:
- APP_NAME=api-logger
- APP_DOMAIN
networks:
- api-logger-network
#api-prometheus:
# image: prom/prometheus:latest # FIXME: create private image(prod/dev)...
# user: root
# environment:
# - APP_NAME=api-prometheus
# - APP_DOMAIN
# volumes:
# - ./etc/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
# - /var/run/docker.sock:/var/run/docker.sock
# networks:
# - api-prometheus-network
#- api-grafana-network
# - api-gateway-network
# - api-registry-network
# - api-eventbus-network
# - api-cache-network
# - api-logger-network
# - basket-svc-network
# - basket-worker-network
# - catalog-svc-network
# - catalog-worker-network
# - identity-svc-network
# - order-svc-network
# - order-worker-network
# - pricing-svc-network
# - pricing-worker-network
#api-grafana:
# image: grafana/grafana-oss:latest # FIXME: create private image(prod/dev)...
# environment:
# - APP_NAME=api-grafana
# - APP_DOMAIN
# volumes:
# - grafana-db:/var/lib/grafana
# networks:
# - api-grafana-network
postgres-db:
image: postgres:14.1-alpine
environment:
- APP_NAME=postgres-db
- APP_DOMAIN
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD
volumes:
- postgres_data:/var/lib/postgresql/data
- ./db_migrations/init/:/docker-entrypoint-initdb.d/
networks:
- postgres-db-network
- api-logger-network
mongo-db:
image: mongo:5.0.14
environment:
- APP_NAME=mongo-db
- APP_DOMAIN
- MONGO_INITDB_ROOT_USERNAME=mongodb
- MONGO_INITDB_ROOT_PASSWORD
volumes:
- mongodb_data:/data/db
networks:
- mongodb-db-network
- api-logger-network
# API micro-services
identity-svc:
image: git.ego.cloudns.be/egommerce/identity-svc:latest
environment:
- APP_NAME=identity-svc
- APP_PATH_PREFIX=/identity
- APP_DOMAIN
- APP_KV_NAMESPACE
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ./db_migrations/identity-svc:/migrations
networks:
- identity-svc-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
basket-svc:
image: git.ego.cloudns.be/egommerce/basket-svc:latest
environment:
- APP_NAME=basket-svc
- APP_PATH_PREFIX=/basket
- APP_DOMAIN
- APP_KV_NAMESPACE
- AUTH_HANDLER_URL
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ./db_migrations/basket-svc:/migrations
networks:
- basket-svc-network
# - order-svc-network
# - pricing-svc-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
catalog-svc:
image: git.ego.cloudns.be/egommerce/catalog-svc:latest
environment:
- APP_NAME=catalog-svc
- APP_PATH_PREFIX=/catalog
- APP_DOMAIN
- APP_KV_NAMESPACE
- AUTH_HANDLER_URL
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ./db_migrations/catalog-svc:/migrations
networks:
- catalog-svc-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
pricing-svc:
image: git.ego.cloudns.be/egommerce/pricing-svc:latest
environment:
- APP_NAME=pricing-svc
- APP_PATH_PREFIX=/pricing
- APP_DOMAIN
- APP_KV_NAMESPACE
- AUTH_HANDLER_URL
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ./db_migrations/pricing-svc:/migrations
networks:
- pricing-svc-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
order-svc:
image: git.ego.cloudns.be/egommerce/order-svc:latest
environment:
- APP_NAME=order-svc
- APP_PATH_PREFIX=/order
- APP_DOMAIN
- APP_KV_NAMESPACE
- AUTH_HANDLER_URL
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
volumes:
- ./db_migrations/order-svc:/migrations
networks:
- order-svc-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
# Workers (Eventbus)
basket-worker:
image: git.ego.cloudns.be/egommerce/basket-worker:latest
environment:
- APP_NAME=basket-worker
- APP_KV_NAMESPACE
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
networks:
- basket-worker-network
- pricing-svc-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
catalog-worker:
image: git.ego.cloudns.be/egommerce/catalog-worker:latest
environment:
- APP_NAME=catalog-worker
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
networks:
- catalog-worker-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
pricing-worker:
image: git.ego.cloudns.be/egommerce/pricing-worker:latest
environment:
- APP_NAME=pricing-worker
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
networks:
- pricing-worker-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
order-worker:
image: git.ego.cloudns.be/egommerce/order-worker:latest
environment:
- APP_NAME=order-worker
- DATABASE_URL
- MONGODB_URL
- EVENTBUS_URL
networks:
- order-worker-network
- basket-svc-network
- api-gateway-network
- api-registry-network
- api-eventbus-network
- api-logger-network
- postgres-db-network
- mongodb-db-network
volumes:
postgres_data: ~
mongodb_data: ~
registry_data: ~
eventbus_data: ~
eventbus_logs: ~
#grafana-db: ~
networks:
# Infrastructure networks
api-gateway-network:
driver: overlay
#internal: true
api-registry-network:
driver: overlay
#internal: true
api-eventbus-network:
driver: overlay
#internal: true
api-cache-network:
driver: overlay
#internal: true
api-logger-network:
driver: overlay
#internal: true
api-prometheus-network:
driver: overlay
#internal: true
#api-grafana-network:
# driver: overlay
# internal: true
postgres-db-network:
driver: overlay
#internal: true
mongodb-db-network:
driver: overlay
#internal: true
# Micro-services networks
identity-svc-network:
driver: overlay
#internal: true
basket-svc-network:
driver: overlay
#internal: true
catalog-svc-network:
driver: overlay
#internal: true
pricing-svc-network:
driver: overlay
#internal: true
order-svc-network:
driver: overlay
#internal: true
# Workers networks
basket-worker-network:
driver: overlay
#internal: true
catalog-worker-network:
driver: overlay
#internal: true
pricing-worker-network:
driver: overlay
#internal: true
order-worker-network:
driver: overlay
#internal: true

82
deploy/etc/prometheus/prometheus.yml
View File

@@ -1,82 +0,0 @@
global:
scrape_interval: 10s
evaluation_interval: 10s
# rule_files:
# - "first.rules"
# - "second.rules"
scrape_configs:
- job_name: prometheus
static_configs:
- targets: ['localhost:9090']
- job_name: docker
dockerswarm_sd_configs:
- host: unix:///var/run/docker.sock
role: tasks
relabel_configs:
- source_labels: [__meta_dockerswarm_service_name, __address__]
regex: egommerce_(api-eventbus|api-gateway);(.*):(.*)
action: replace
replacement: '$2:8084'
target_label: __address__
# - source_labels: [__meta_dockerswarm_service_name, __address__]
# regex: egommerce_api-gateway;(.*):(.*)
# action: replace
# replacement: '$1:8084'
# target_label: __address__
# Only keep containers that should be running.
- source_labels: [__meta_dockerswarm_service_label_com_docker_stack_namespace]
regex: egommerce
action: keep
- source_labels: [__meta_dockerswarm_task_desired_state]
regex: running
action: keep
# - source_labels: [__meta_dockerswarm_network_name]
# regex: ingress
# action: keep
- source_labels: [__meta_dockerswarm_service_name]
action: replace
replacement: '$1'
target_label: instance
# - source_labels: [__meta_dockerswarm_task_desired_state]
# regex: running
# action: keep
# - job_name: consul
# consul_sd_configs:
# - server: api-registry:8500
# services:
# - consul
# - basket-server
# - catalog-server
# - identity-svc
# - order-svc
# - pricing-svc
# - consul
# - job_name: rabbitmq
# consul_sd_configs:
# - server: api-registry:8500
# services:
# - api-eventbus
# relabel_configs:
# - source_labels: ['__meta_consul_service_address']
# replacement: '$1:8084'
# target_label: __address__
# - source_labels: ['__meta_consul_service_port']
# replacement: '8084'
# target_label: __meta_consul_service_port
# - job_name: 'api-gateway'
# static_configs:
# - targets: ['api-gateway:8084']
# - job_name: 'api-eventbus'
# static_configs:
# - targets: ['api-eventbus:8084']
# - job_name: 'catalog-svc'
# static_configs:
# - targets: ['catalog-svc:8084']

106
deploy/k8s/api-cache.yml Normal file
View File

@@ -0,0 +1,106 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: api-cache-pv
namespace: egommerce
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteOnce
storageClassName: api-cache-pv
hostPath:
path: "/home/keedosn/.egommerce/redis" # Ensure this path exists on the node
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: api-cache-pvc
namespace: egommerce
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: api-cache-pv
---
apiVersion: v1
kind: Service
metadata:
name: api-cache
namespace: egommerce
labels:
app: api-cache
spec:
type: NodePort
selector:
app: api-cache
ports:
- port: 6379
nodePort: 31300
# ---
# apiVersion: v1
# kind: Service
# metadata:
# name: api-cache-metrics
# namespace: egommerce
# labels:
# app: api-cache
# spec:
# type: NodePort
# selector:
# app: api-cache
# ports:
# - port: 9121
# nodePort: 31301
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-cache
namespace: egommerce
spec:
replicas: 1
selector:
matchLabels:
app: api-cache
template:
metadata:
labels:
app: api-cache
spec:
containers:
- name: api-cache
image: git.ego.freeddns.org/egommerce/api-cache:dev
imagePullPolicy: Always
command: [
"redis-server"
]
args: [
"/etc/redis.conf"
]
env:
- name: APP_NAME
value: api-cache
- name: REDIS_PASSWORD
value: "12345678"
resources:
limits:
cpu: "1"
memory: 512M
ports:
- containerPort: 6379
volumeMounts:
- name: api-cache-data
mountPath: /data
- name: api-cache-metrics
image: oliver006/redis_exporter:latest
args:
- --redis.addr=redis://api-cache:6379
ports:
- containerPort: 9121
volumes:
- name: api-cache-data
persistentVolumeClaim:
claimName: api-cache-pvc

70
deploy/k8s/api-eventbus.yml Normal file
View File

@@ -0,0 +1,70 @@
apiVersion: v1
kind: Service
metadata:
name: api-eventbus
namespace: egommerce
labels:
app: api-eventbus
spec:
type: NodePort
selector:
app: api-eventbus
ports:
- name: api-eventbus
protocol: TCP
port: 5672
nodePort: 31200
- name: api-eventbus-mngmnt
protocol: TCP
port: 15672
nodePort: 31299
# - name: api-eventbus-metrics
# protocol: TCP
# port: 15692
# nodePort: 31201
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-eventbus
namespace: egommerce
spec:
replicas: 1
selector:
matchLabels:
app: api-eventbus
template:
metadata:
labels:
app: api-eventbus
spec:
containers:
- name: api-eventbus
image: git.ego.freeddns.org/egommerce/api-eventbus:dev
imagePullPolicy: Always
command: [
"rabbitmq-server"
]
env:
- name: APP_NAME
value: api-eventbus
- name: RABBITMQ_ERLANG_COOKIE
value: rabbitmq
volumeMounts:
- name: eventbus-data
mountPath: /var/lib/rabbitmq
- name: eventbus-logs
mountPath: /var/log/rabbitmq
resources:
limits:
cpu: "1"
memory: 1G
ports:
- containerPort: 5672
- containerPort: 15672
- containerPort: 15692
volumes:
- name: eventbus-data
emptyDir:
- name: eventbus-logs
emptyDir:

122
deploy/k8s/api-gateway.yml Normal file
View File

@@ -0,0 +1,122 @@
apiVersion: v1
kind: Service
metadata:
name: api-gateway
namespace: egommerce
spec:
type: NodePort
ports:
- name: api-gateway-https
port: 8443
nodePort: 31800
- name: api-gateway-stats
port: 1024
nodePort: 31899
selector:
app: api-gateway
---
kind: IngressClass
apiVersion: networking.k8s.io/v1
metadata:
name: haproxy
namespace: egommerce
spec:
controller: haproxy.org/ingress-controller/haproxy
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: api-gateway
namespace: egommerce
annotations:
haproxy.org/server-ssl: "true"
haproxy.org/server-ca: "egommerce/ca-root"
haproxy.org/path-rewrite: |
/api/identity/(.*) /\1
/api/catalog/(.*) /\1
spec:
ingressClassName: haproxy
tls:
- secretName: api-gateway-cert
hosts:
- egommerce.io # CHANGE TO PROD DOMAIN
rules:
- host: egommerce.io # CHANGE TO PROD DOMAIN
http:
paths:
- path: /api/identity
pathType: Prefix
backend:
service:
name: identity-svc
port:
number: 443
- path: /api/catalog
pathType: Prefix
backend:
service:
name: catalog-svc
port:
number: 443
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-gateway
namespace: egommerce
spec:
replicas: 1
selector:
matchLabels:
app: api-gateway
template:
metadata:
labels:
app: api-gateway
spec:
restartPolicy: Always
containers:
- name: api-gateway
image: git.ego.freeddns.org/egommerce/api-gateway:dev
imagePullPolicy: Always
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 50m
memory: 256Mi
ports:
- containerPort: 8443
args:
- --publish-service=egommerce/api-gateway
- --ingress.class=haproxy
- --https-bind-port=8443
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
securityContext:
capabilities:
add:
- NET_BIND_SERVICE
drop:
- ALL
# runAsUser: 1000
# runAsGroup: 1000
# runAsNonRoot: true
# allowPrivilegeEscalation: false
# seccompProfile:
# type: RuntimeDefault

432
deploy/k8s/api-logger.yml Normal file
View File

@@ -0,0 +1,432 @@
apiVersion: v1
kind: Service
metadata:
name: api-logger-loki
namespace: egommerce
labels:
app: api-logger-loki
spec:
type: NodePort
selector:
app: api-logger-loki
ports:
- protocol: TCP
port: 3100
nodePort: 31401
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-logger-loki
namespace: egommerce
labels:
app: api-logger-loki
spec:
replicas: 1
selector:
matchLabels:
app: api-logger-loki
template:
metadata:
labels:
app: api-logger-loki
spec:
containers:
- name: api-logger-loki
image: git.ego.freeddns.org/egommerce/api-logger-loki:dev
imagePullPolicy: Always
args:
- "-config.file=/etc/loki/loki.yaml"
ports:
- containerPort: 3100
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: api-logger-promtail-ac
namespace: egommerce
labels:
app: api-logger-promtail-ac
annotations: {}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: api-logger-promtail
namespace: egommerce
labels:
app: api-logger-promtail
spec:
revisionHistoryLimit: 1
selector:
matchLabels:
app: api-logger-promtail
# updateStrategy:
# type: RollingUpdate
template:
metadata:
labels:
app: api-logger-promtail
annotations:
prometheus.io/port: http-metrics
prometheus.io/scrape: "true"
spec:
serviceAccountName: api-logger-promtail-ac
automountServiceAccountToken: true
containers:
- name: api-logger-promtail
image: git.ego.freeddns.org/egommerce/api-logger-promtail:dev
imagePullPolicy: Always
env:
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: '1'
resource: limits.cpu
- name: GOMEMLIMIT
valueFrom:
resourceFieldRef:
divisor: '1'
resource: limits.memory
ports:
- name: promtail-http
containerPort: 3101
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 50m
memory: 128Mi
livenessProbe:
httpGet:
path: /ready
port: promtail-http
initialDelaySeconds: 45
readinessProbe:
httpGet:
path: /ready
port: promtail-http
initialDelaySeconds: 45
volumeMounts:
# - name: api-logger-promtail-config
# mountPath: /etc/promtail
- name: api-logger-promtail-run
mountPath: /run/promtail
- name: api-logger-promtail-varlog
mountPath: /var/log
readOnly: true
- name: api-logger-promtail-docker
mountPath: /var/lib/docker/containers
readOnly: true
- name: api-logger-promtail-tmp
mountPath: /tmp
subPath: tmp
readOnly: false
securityContext:
privileged: true
readOnlyRootFilesystem: true
runAsUser: 0
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
terminationGracePeriodSeconds: 60
volumes:
- name: api-logger-promtail-run
hostPath:
path: /run/promtail
- name: api-logger-promtail-varlog
hostPath:
path: /var/log
- name: api-logger-promtail-docker
hostPath:
path: /var/lib/docker/containers
- name: api-logger-promtail-tmp
emptyDir:
sizeLimit: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: api-logger-prometheus-pv
namespace: egommerce
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteOnce
storageClassName: api-logger-prometheus-pv
hostPath:
path: "/home/keedosn/.egommerce/prometheus" # Ensure this path exists on the node
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: api-logger-prometheus-pvc
namespace: egommerce
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: api-logger-prometheus-pv
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: api-logger-prometheus
namespace: egommerce
labels:
name: api-logger-prometheus
annotations: {}
---
apiVersion: v1
kind: Service
metadata:
name: api-logger-prometheus
namespace: egommerce
labels:
app: api-logger-prometheus
spec:
type: NodePort
selector:
app: api-logger-prometheus
ports:
- name: api-logger-prometheus
protocol: TCP
port: 9090
nodePort: 31402
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-logger-prometheus
namespace: egommerce
labels:
app: api-logger-prometheus
spec:
# revisionHistoryLimit: 1
# replicas: 1
selector:
matchLabels:
app: api-logger-prometheus
template:
metadata:
labels:
app: api-logger-prometheus
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: prometheus-http
spec:
serviceAccountName: api-logger-prometheus
automountServiceAccountToken: true
securityContext:
runAsGroup: 10001
runAsUser: 10001
runAsNonRoot: true
containers:
- name: api-logger-prometheus
image: git.ego.freeddns.org/egommerce/api-logger-prometheus:dev
imagePullPolicy: Always
env:
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: '1'
resource: limits.cpu
- name: GOMEMLIMIT
valueFrom:
resourceFieldRef:
divisor: '1'
resource: limits.memory
args:
# - '--storage.tsdb.retention.time=15d'
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus/data/'
# - '--web.console.libraries=/etc/prometheus/console_libraries'
# - '--web.console.templates=/etc/prometheus/consoles'
# - '--enable-feature=concurrent-rule-eval,promql-experimental-functions,exemplar-storage,promql-per-step-stats,native-histograms'
# - '--web.enable-remote-write-receiver'
# - '--web.enable-otlp-receiver'
# - '--web.enable-lifecycle'
- '--log.level=info'
# - '--log.format=json'
ports:
- name: prometheus-http
containerPort: 9090
# livenessProbe:
# httpGet:
# path: /-/healthy
# port: prometheus-http
# readinessProbe:
# httpGet:
# path: /-/ready
# port: prometheus-http
resources:
limits:
cpu: 150m
memory: 894Mi
requests:
cpu: 100m
memory: 512Mi
volumeMounts:
# - name: config-volume
# mountPath: /etc/prometheus
# - name: config-volume
# mountPath: /etc/config/alerting_rules.yml
# subPath: alerting_rules.yml
- name: api-logger-prometheus-storage
mountPath: /prometheus/data
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: false #true DEFAULT !!!
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
volumes:
- name: api-logger-prometheus-storage
persistentVolumeClaim:
claimName: api-logger-prometheus-pvc
---
apiVersion: v1
kind: Service
metadata:
name: api-logger-grafana
namespace: egommerce
labels:
app: api-logger-grafana
spec:
type: NodePort
selector:
app: api-logger-grafana
ports:
- name: api-logger-grafana-api
protocol: TCP
port: 3000
nodePort: 31400
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: api-logger-grafana-pv
namespace: egommerce
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteOnce
storageClassName: api-logger-grafana-pv
hostPath:
path: "/home/keedosn/.egommerce/grafana" # Ensure this path exists on the node
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: api-logger-grafana-pvc
namespace: egommerce
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: api-logger-grafana-pv
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-logger-grafana
namespace: egommerce
labels:
app: api-logger-grafana
spec:
revisionHistoryLimit: 1
replicas: 1
selector:
matchLabels:
app: api-logger-grafana
template:
metadata:
labels:
app: api-logger-grafana
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "3000"
filter.by.port.name: "true"
spec:
automountServiceAccountToken: false
securityContext:
runAsNonRoot: true
runAsGroup: 65534
runAsUser: 65534
initContainers:
- name: curl
image: curlimages/curl:latest
imagePullPolicy: IfNotPresent
command:
- /bin/sh
args:
- -c
- |
which curl
volumeMounts:
- name: api-logger-grafana-storage
mountPath: /var/lib/grafana
subPath: grafana
containers:
- name: api-logger-grafana
image: git.ego.freeddns.org/egommerce/api-logger-grafana:dev
imagePullPolicy: Always
env:
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: '1'
resource: limits.cpu
- name: GOMEMLIMIT
valueFrom:
resourceFieldRef:
divisor: '1'
resource: limits.memory
ports:
- containerPort: 3000
resources:
limits:
cpu: 100m
memory: 768Mi
requests:
cpu: 50m
memory: 512Mi
volumeMounts:
- name: api-logger-grafana-storage
mountPath: /var/lib/grafana
subPath: grafana
- name: api-logger-grafana-storage
mountPath: /var/lib/grafana/dashboards
subPath: dashboards
- name: api-logger-grafana-storage
mountPath: /tmp
subPath: tmp
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: true
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
volumes:
- name: api-logger-grafana-storage
persistentVolumeClaim:
claimName: api-logger-grafana-pvc

134
deploy/k8s/catalog-svc.yml Normal file
View File

@@ -0,0 +1,134 @@
apiVersion: v1
kind: Service
metadata:
name: catalog-svc
namespace: egommerce
annotations:
haproxy.org/check: "true"
# haproxy.org/server-ca: "egommerce/ca-root"
labels:
app: catalog-svc
spec:
type: NodePort
selector:
app: catalog-svc
ports:
- name: catalog-svc
port: 443
nodePort: 31820
# - name: catalog-svc-metrics
# port: 9090
# nodePort: 31811
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: catalog-svc
namespace: egommerce
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1 # Number of extra pods that can be created during update
maxUnavailable: 1 # Max number of pods that can be unavailable during update
selector:
matchLabels:
app: catalog-svc
template:
metadata:
labels:
app: catalog-svc
spec:
# initContainers:
# - name: catalog-svc-init
# image: busybox:1.28
# command: [
# 'sh',
# '-c',
# '/bin/migrate'
# ]
containers:
- name: catalog-svc
image: git.ego.freeddns.org/egommerce/catalog-svc:dev
imagePullPolicy: Always
env:
- name: APP_NAME
value: catalog-svc
- name: APP_DOMAIN
value: catalog-svc.egommerce.local
- name: APP_PATH_PREFIX
value: /catalog
- name: API_EVENTBUS_URL
value: amqp://guest:guest@api-eventbus:5672
- name: API_MONGODB_URL
value: mongodb://mongodb:12345678@mongo-db:27017
readinessProbe:
httpGet:
scheme: HTTPS
port: catalog-svc
path: /health
initialDelaySeconds: 5
periodSeconds: 5
failureThreshold: 1
livenessProbe:
httpGet:
scheme: HTTPS
port: catalog-svc
path: /health
initialDelaySeconds: 5
periodSeconds: 5
failureThreshold: 1
volumeMounts:
- name: catalog-cert
mountPath: /certs/catalog-svc.crt
readOnly: true
- name: catalog-key
mountPath: /certs/catalog-svc.key
readOnly: true
- name: catalog-migrations
mountPath: /migrations
readOnly: true
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 50m
memory: 256Mi
ports:
- name: catalog-svc
containerPort: 443
# - name: catalog-svc-metrics
# image: prom/prometheus-exporter:latest
# ports:
# - containerPort: 9090
# args:
# - --web.listen-address=:9090
# - --web.telemetry-path=/metrics
- name: identity-scheduler # Scheduler Container
image: git.ego.freeddns.org/egommerce/identity-svc:dev
imagePullPolicy: Always
command: [
"/usr/local/bin/scheduler"
]
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 50m
memory: 256Mi
volumes:
- name: catalog-cert
hostPath:
path: /egommerce/stack/deploy/certs/catalog-svc/catalog-svc.crt
type: File
- name: catalog-key
hostPath:
path: /egommerce/stack/deploy/certs/catalog-svc/catalog-svc.key
type: File
- name: catalog-migrations
hostPath:
path: /egommerce/stack/deploy/db_migrations/catalog-svc
type: Directory

119
deploy/k8s/db-postgres.yml Normal file
View File

@@ -0,0 +1,119 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: db-postgres-pv
namespace: egommerce
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteOnce
storageClassName: db-postgres-pv
hostPath:
path: "/home/keedosn/.egommerce/postgres" # Ensure this path exists on the node
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: db-postgres-pvc
namespace: egommerce
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: db-postgres-pv
---
apiVersion: v1
kind: Service
metadata:
name: db-postgres
namespace: egommerce
labels:
app: db-postgres
spec:
type: NodePort
selector:
app: db-postgres
ports:
- name: db-postgres
protocol: TCP
port: 5432
nodePort: 31500
# ---
# apiVersion: v1
# kind: Service
# metadata:
# name: db-postgres-metrics
# namespace: egommerce
# labels:
# app: db-postgres
# spec:
# type: NodePort
# selector:
# app: db-postgres
# ports:
# - name: db-postgres
# protocol: TCP
# port: 9187
# nodePort: 31501
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: db-postgres
namespace: egommerce
spec:
replicas: 1
selector:
matchLabels:
app: db-postgres
template:
metadata:
labels:
app: db-postgres
spec:
securityContext:
runAsUser: 70 # postgres user
fsGroup: 70 # postgres user
# remember to change perms and owner of ~/.egommerce/postgres directory
containers:
- name: db-postgres
image: git.ego.freeddns.org/egommerce/db-postgres:dev
imagePullPolicy: Always
env:
- name: APP_NAME
value: db-postgres
- name: APP_DOMAIN
value: db-postgres.egommerce.local
- name: POSTGRES_USER
value: egommerce
- name: POSTGRES_DB
value: egommerce
- name: POSTGRES_PASSWORD
# value: H5Gd7^37*Hka*a72
value: "12345678"
- name: PGDATA
value: /var/lib/postgresql/data
resources:
limits:
cpu: "1"
memory: 512M
ports:
- containerPort: 5432
volumeMounts:
- name: db-postgres-data
mountPath: /var/lib/postgresql/data
# subPath: data
- name: db-postgres-metrics
image: prometheuscommunity/postgres-exporter:latest
ports:
- containerPort: 9187
env:
- name: DATA_SOURCE_NAME
value: "postgresql://postgres:12345678@db-postgres:5432/egommerce" #?sslmode=disable
volumes:
- name: db-postgres-data
persistentVolumeClaim:
claimName: db-postgres-pvc

134
deploy/k8s/identity-svc.yml Normal file
View File

@@ -0,0 +1,134 @@
apiVersion: v1
kind: Service
metadata:
name: identity-svc
namespace: egommerce
annotations:
haproxy.org/check: "true"
# haproxy.org/server-ca: "egommerce/ca-root"
labels:
app: identity-svc
spec:
type: NodePort
selector:
app: identity-svc
ports:
- name: identity-svc
port: 443
nodePort: 31810
# - name: identity-svc-metrics
# port: 9090
# nodePort: 31811
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: identity-svc
namespace: egommerce
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1 # Number of extra pods that can be created during update
maxUnavailable: 1 # Max number of pods that can be unavailable during update
selector:
matchLabels:
app: identity-svc
template:
metadata:
labels:
app: identity-svc
spec:
# initContainers:
# - name: identity-svc-init
# image: busybox:1.28
# command: [
# 'sh',
# '-c',
# '/bin/migrate'
# ]
containers:
- name: identity-svc
image: git.ego.freeddns.org/egommerce/identity-svc:dev
imagePullPolicy: Always
env:
- name: APP_NAME
value: identity-svc
- name: APP_DOMAIN
value: identity-svc.egommerce.local
- name: APP_PATH_PREFIX
value: /identity
- name: API_EVENTBUS_URL
value: amqp://guest:guest@api-eventbus:5672
- name: API_MONGODB_URL
value: mongodb://mongodb:12345678@mongo-db:27017
readinessProbe:
httpGet:
scheme: HTTPS
port: identity-svc
path: /health
initialDelaySeconds: 5
periodSeconds: 5
failureThreshold: 1
livenessProbe:
httpGet:
scheme: HTTPS
port: identity-svc
path: /health
initialDelaySeconds: 5
periodSeconds: 5
failureThreshold: 1
volumeMounts:
- name: identity-cert
mountPath: /certs/identity-svc.crt
readOnly: true
- name: identity-key
mountPath: /certs/identity-svc.key
readOnly: true
- name: identity-migrations
mountPath: /migrations
readOnly: true
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 50m
memory: 256Mi
ports:
- name: identity-svc
containerPort: 443
# - name: identity-svc-metrics
# image: prom/prometheus-exporter:latest
# ports:
# - containerPort: 9090
# args:
# - --web.listen-address=:9090
# - --web.telemetry-path=/metrics
- name: identity-chronos # Scheduler Container
image: git.ego.freeddns.org/egommerce/identity-svc:dev
imagePullPolicy: Always
command: [
"/usr/local/bin/chronos"
]
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 50m
memory: 256Mi
volumes:
- name: identity-cert
hostPath:
path: /egommerce/stack/deploy/certs/identity-svc/identity-svc.crt
type: File
- name: identity-key
hostPath:
path: /egommerce/stack/deploy/certs/identity-svc/identity-svc.key
type: File
- name: identity-migrations
hostPath:
path: /egommerce/stack/deploy/db_migrations/identity-svc
type: Directory

6
deploy/k8s/namespace.yml Normal file
View File

@@ -0,0 +1,6 @@
kind: Namespace
apiVersion: v1
metadata:
name: egommerce
labels:
name: egommerce

8
deploy/k8s/secret.yml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: regcred
namespace: egommerce
data:
.dockerconfigjson: ewoJImF1dGhzIjogewoJCSJnaXQuZWdvLmNsb3VkbnMuYmUiOiB7CgkJCSJhdXRoIjogImEyVmxaRzl6YmpwWGIyeHVaVFZQY0hKdlozSmhiVzkzWVc1cFpVQT0iCgkJfSwKCQkiaHR0cHM6Ly9pbmRleC5kb2NrZXIuaW8vdjEvIjogewoJCQkiYXV0aCI6ICJhMlZsWkc5emJqcGtiMk5yWlhKdmQyVTFiMkp5WVhwNSIKCQl9Cgl9Cn0=
type: kubernetes.io/dockerconfigjson

0
deploy/k8s/stack.dev.local.yml
View File

48
deploy/k8s/stack.dev.yml
View File

@@ -1,48 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: api-registry
labels:
app.kubernetes.io/name: api-registry
spec:
containers:
- name: api-registry
image: git.pbiernat.io/egommerce/api-registry:dev
resources:
limits:
cpu: "1"
memory: 512M
ports:
- containerPort: 8501
name: api-registry-ui
---
apiVersion: v1
kind: Service
metadata:
name: api-registry
spec:
selector:
app.kubernetes.io/name: api-registry
ports:
- name: api-registry-ui
protocol: TCP
port: 8501
targetPort: api-registry-ui
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-registry
spec:
replicas: 1
selector:
matchLabels:
app: api-registry
template:
metadata:
labels:
app: api-registry
spec:
containers:
- name: api-registry
image: git.pbiernat.io/egommerce/api-registry:dev

28
deploy/k8s/stack.prod.yml
View File

@@ -1,28 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: api-registry
labels:
app.kubernetes.io/name: api-registry
spec:
containers:
- name: api-registry
image: git.pbiernat.io/egommerce/api-registry:prod
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-registry
spec:
replicas: 1
selector:
matchLabels:
app: api-registry
template:
metadata:
labels:
app: api-registry
spec:
containers:
- name: api-registry
image: git.pbiernat.io/egommerce/api-registry:prod

78
deploy/k8s/stack.yml
View File

@@ -1,78 +0,0 @@
# kind: Namespace
# apiVersion: v1
# metadata:
# name: egommerce
# labels:
# name: egommerce
# ---
apiVersion: v1
kind: Secret
metadata:
name: docker-credentials
data:
.dockerconfigjson: ewoJImF1dGhzIjogewoJCSJnaXQucGJpZXJuYXQuaW8iOiB7CgkJCSJhdXRoIjogImEyVmxaRzl6YmpwWGIyeHVaVFZQY0hKdlozSmhiVzkzWVc1cFpVQT0iCgkJfSwKCQkiaHR0cHM6Ly9pbmRleC5kb2NrZXIuaW8vdjEvIjogewoJCQkiYXV0aCI6ICJhMlZsWkc5emJqcGtiMk5yWlhKdmQyVTFiMkp5WVhwNSIKCQl9Cgl9Cn0=
type: kubernetes.io/dockerconfigjson
---
# apiVersion: v1
# kind: Pod
# metadata:
# name: api-registry
# labels:
# app.kubernetes.io/name: api-registry
# spec:
# hostNetwork: true
# containers:
# - name: api-registry
# image: git.pbiernat.dev/egommerce/api-registry:dev
# resources:
# limits:
# cpu: "1"
# memory: 512M
# ports:
# - containerPort: 8501
# name: api-registry-ui
# ---
apiVersion: v1
kind: Service
metadata:
name: api-registry
spec:
selector:
app.kubernetes.io/name: api-registry
ports:
- name: api-registry-ui
protocol: TCP
port: 8501
targetPort: api-registry-ui
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-registry
spec:
replicas: 1
selector:
matchLabels:
app: api-registry
template:
metadata:
labels:
app: api-registry
spec:
hostNetwork: true
hostAliases:
- ip: "127.0.0.1"
hostnames:
- "git.pbiernat.io"
dnsPolicy: ClusterFirstWithHostNet
restartPolicy: Always
containers:
- name: api-registry
image: git.pbiernat.dev/egommerce/api-registry:dev
resources:
limits:
cpu: "1"
memory: 512M
ports:
- containerPort: 53
- containerPort: 8501

60
deploy/make-cert.sh
View File

@@ -1,60 +0,0 @@
# #!/bin/sh
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./cert/identity-svc-server.key -out ./cert/identity-svc-server.cert \
-addext "subjectAltName = DNS:identity-svc"
# ^^ GENERATE CERT FOR BACKEND SERVICE (on client side - in traefik - we dont need DNS domain... for now...)
# if [ -z "$SERVICE" ]; then echo "set SERVICE var"; exit 1; fi
# if [ -z "$CA_ROOT" ]; then echo "set CA_ROOT var"; exit 1; fi
# if [ -z "$DOMAIN" ]; then echo "set DOMAIN var"; exit 1; fi
# PASSWORD=V3ryS3cr3tP4ssw0rd
# # sample for registry server (with api-gateway-svc as a client) but using FDN...
# # keytool -genkey -alias api-registry-svc -dname cn=$DOMAIN -validity 365 -keystore tmp/api-registry-svc.p12 -keyalg RSA -keysize 2048 -storepass $PASSWORD -ext "SAN:c=DNS:registry.egommerce.local,IP:127.0.0.1"
# # keytool -genkey -alias myClientCertificate -dname cn=$DOMAIN -validity 365 -keystore tmp/myClientCertificate.p12 -keyalg RSA -keysize 2048 -storepass $PASSWORD -ext "SAN:c=DNS:registry.egommerce.local,IP:127.0.0.1"
# # keytool -export -alias myClientCertificate -file tmp/myClientCertificate.crt -keystore tmp/myClientCertificate.p12 -storepass $PASSWORD
# # keytool -export -alias api-registry-svc -file tmp/api-registry-svc.crt -keystore tmp/api-registry-svc.p12 -storepass $PASSWORD
# # keytool -import -alias myClientCertificate -file tmp/myClientCertificate.crt -keystore tmp/api-registry-svc.p12 -storepass $PASSWORD # aka myCertificate.p12
# # echo "Done."
# # exit 0
# if [ -d "$SERVICE" ]; then
# echo "$SERVICE directory exists... Quitting."
# exit 1;
# fi
# if [ ! -f "$SERVICE" ]; then
# mkdir -p $SERVICE
# fi
# echo "===================================================================="
# echo "Fake third-party chain generated. Now generating keystore.p12 ..."
# echo "===================================================================="
# # generate private keys (for server)
# keytool -genkeypair -alias $SERVICE -dname cn=$DOMAIN -validity 365 -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore "$SERVICE/keystore.p12" -keypass $PASSWORD -storepass $PASSWORD
# # generate a certificate for server signed by ca (root -> ca -> server)
# keytool -storetype PKCS12 -keystore "$SERVICE/keystore.p12" -storepass $PASSWORD -certreq -alias $SERVICE \
# | keytool -storetype PKCS12 -keystore "$CA_ROOT/ca.p12" -storepass $PASSWORD -gencert -alias ca -ext ku:c=dig,keyEnc -ext "SAN:c=DNS:$DOMAIN,IP:127.0.0.1" -ext eku=sa,ca -rfc > "$SERVICE/$SERVICE.pem"
# # import server cert chain into ${SERVICE}.p12
# keytool -storetype PKCS12 -keystore "$SERVICE/keystore.p12" -storepass $PASSWORD -importcert -trustcacerts -noprompt -alias root -file "$CA_ROOT/root.pem"
# keytool -storetype PKCS12 -keystore "$SERVICE/keystore.p12" -storepass $PASSWORD -importcert -alias ca -file "$CA_ROOT/ca.pem"
# keytool -storetype PKCS12 -keystore "$SERVICE/keystore.p12" -storepass $PASSWORD -importcert -alias $SERVICE -file "$SERVICE/$SERVICE.pem"
# # DEPRECATED - duplicated above section...
# # echo "================================================="
# # echo "Keystore generated. Now generating truststore ..."
# # echo "================================================="
# # import server cert chain into my-truststore.p12
# # keytool -storetype PKCS12 -keystore "$SERVICE/keystore.p12" -storepass $PASSWORD -importcert -trustcacerts -noprompt -alias root -file "$CA_ROOT/root.pem"
# # keytool -storetype PKCS12 -keystore "$SERVICE/keystore.p12" -storepass $PASSWORD -importcert -alias ca -file "$CA_ROOT/ca.pem"
# # keytool -storetype PKCS12 -keystore "$SERVICE/keystore.p12" -storepass $PASSWORD -importcert -alias $SERVICE -file "$SERVICE/$SERVICE.pem"

120
deploy/nginx-vhost.dev.conf
View File

@@ -1,120 +0,0 @@
upstream egommerce-api-gw {
server 127.0.0.1:48443;
}
upstream egommerce-api-gw-dashboard {
server 127.0.0.1:48444;
}
upstream egommerce-api-registry-ui {
server 127.0.0.1:48445;
}
upstream egommerce-api-eventbus-mngmt {
server 127.0.0.1:48446;
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/admin.egommerce.pbiernat.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/admin.egommerce.pbiernat.dev/privkey.pem;
server_name admin.egommerce.pbiernat.dev;
# Traefik redirects
location /dashboard {
if ($http_referer ~ (/gateway)) {
proxy_pass http://egommerce-api-gw-dashboard;
}
}
location /api {
if ($http_referer ~ (/gateway)) {
proxy_pass http://egommerce-api-gw-dashboard;
}
}
location /gateway/ {
proxy_pass http://egommerce-api-gw-dashboard/dashboard/;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
# Consul redirects
location /ui {
if ($http_referer ~ (/registry)) {
proxy_pass http://egommerce-api-registry-ui;
}
}
location /v1 {
if ($http_referer ~ (/registry)) {
proxy_pass http://egommerce-api-registry-ui;
}
}
location /registry {
proxy_pass http://egommerce-api-registry-ui;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
# RabbitMQ Mngmt redirects
location /eventbus {
return 302 /eventbus/;
}
location ~* /eventbus/api/(.*?)/(.*) {
proxy_pass http://egommerce-api-eventbus-mngmt/api/$1/%2F/$2?$query_string;
proxy_buffering off;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~* /eventbus/(.*) {
rewrite ^/eventbus/(.*)$ /$1 break;
proxy_pass http://egommerce-api-eventbus-mngmt;
proxy_buffering off;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_log /var/log/nginx/admin-egommerce.pbiernat.dev-error.log;
access_log /var/log/nginx/admin-egommerce.pbiernat.dev-access.log combined;
}
#server {
# listen 443 ssl;
# ssl_certificate /etc/letsencrypt/live/egommerce.pbiernat.dev/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/egommerce.pbiernat.dev/privkey.pem;
#
# server_name egommerce.pbiernat.dev;
#
# # Pass all requests to the API Gateway
# location / {
# proxy_pass https://egommerce-api-gw;
# proxy_http_version 1.1;
# proxy_pass_header Server;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# client_max_body_size 0;
# }
#
# error_log /var/log/nginx/egommerce.pbiernat.dev-error.log;
# access_log /var/log/nginx/egommerce.pbiernat.dev-access.log combined;
#}

109
deploy/nginx-vhost.local.conf
View File

@@ -1,109 +0,0 @@
upstream egommerce-api-gw {
server 127.0.0.1:48443;
}
upstream egommerce-api-gw-dashboard {
server 127.0.0.1:48444;
}
upstream egommerce-api-registry-ui {
server 127.0.0.1:48445;
}
upstream egommerce-api-eventbus-mngmt {
server 127.0.0.1:48446;
}
server {
listen 443 ssl;
ssl_certificate /home/keedosn/workspace/golang/src/git.ego.cloudns.be/egommerce/stack/deploy/certs/api-gateway/localhost.cert;
ssl_certificate_key /home/keedosn/workspace/golang/src/git.ego.cloudns.be/egommerce/stack/deploy/certs/api-gateway/localhost.key;
server_name egommerce.local;
# Traefik redirects
location /dashboard {
if ($http_referer ~ (/gateway)) {
proxy_pass http://egommerce-api-gw-dashboard;
}
}
location /api {
if ($http_referer ~ (/gateway)) {
proxy_pass http://egommerce-api-gw-dashboard;
}
}
location /gateway/ {
proxy_pass http://egommerce-api-gw-dashboard/dashboard/;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
# Consul redirects
location /ui {
if ($http_referer ~ (/registry)) {
proxy_pass http://egommerce-api-registry-ui;
}
}
location /v1 {
if ($http_referer ~ (/registry)) {
proxy_pass http://egommerce-api-registry-ui;
}
}
location /registry {
proxy_pass http://egommerce-api-registry-ui;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
# RabbitMQ Mngmt redirects
location /eventbus {
return 302 /eventbus/;
}
location ~* /eventbus/api/(.*?)/(.*) {
proxy_pass http://egommerce-api-eventbus-mngmt/api/$1/%2F/$2?$query_string;
proxy_buffering off;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~* /eventbus/(.*) {
rewrite ^/eventbus/(.*)$ /$1 break;
proxy_pass http://egommerce-api-eventbus-mngmt;
proxy_buffering off;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Pass all requests to the API Gateway
location / {
proxy_pass https://egommerce-api-gw;
proxy_http_version 1.1;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
error_log /var/log/nginx/egommerce.local-error.log;
access_log /var/log/nginx/egommerce.local-access.log combined;
}

3
deploy/remove_dangling_images.sh
View File

@@ -1,3 +0,0 @@
#!/bin/sh
docker rmi $(docker images --filter "dangling=true" -q --no-trunc)

187
deploy/scripts/gen-certs.sh Executable file
View File

@@ -0,0 +1,187 @@
#!/bin/bash
export DEPLOY_DIR="./deploy"
export CERTS_DIR="${DEPLOY_DIR}/certs/"
export GATEWAY_CN="egommerce.io,gateway.egommerce.local,api-gatway"
export GATEWAY_SAN="DNS:egommerce.io,DNS:gateway.egommerce.local,DNS:api-gateway,IP:127.0.0.1"
export EVENTBUS_CN="esb.egommerce.local,api-eventbus"
export EVENTBUS_SAN="DNS:esb.egommerce.local,DNS:api-eventbus,IP:127.0.0.1"
export CACHE_CN="cache.egommerce.local,api-cache"
export CACHE_SAN="DNS:cache.egommerce.local,DNS:api-cache,IP:127.0.0.1"
export LOGGER_CN="logger.egommerce.local,api-logger"
export LOGGER_SAN="DNS:logger.egommerce.local,DNS:api-logger,IP:127.0.0.1"
# export PROMETHEUS_CN="prometheus.egommerce.local,api-prometheus"
# export PROMETHEUS_SAN="DNS:prometheus.egommerce.local,DNS:api-prometheus,IP:127.0.0.1"
# export GRAFANA_CN="grafana.egommerce.local,api-grafana"
# export GRAFANA_SAN="DNS:grafana.egommerce.local,DNS:api-grafana,IP:127.0.0.1"
export POSTGRES_CN="db-postgres.egommerce.local,db-postgres"
export POSTGRES_SAN="DNS:db-postgres.egommerce.local,DNS:db-postgres,IP:127.0.0.1"
# export MONGO_CN="mongo.db.egommerce.local,db-mongo"
# export MONGO_SAN="DNS:mongo.db.egommerce.local,DNS:db-mongo,IP:127.0.0.1"
export IDENTITY_CN="identity-svc.egommerce.local"
export IDENTITY_SAN="DNS:identity-svc.egommerce.local,IP:127.0.0.1"
export CATALOG_CN="catalog-svc.egommerce.local,catalog-svc"
export CATALOG_SAN="DNS:catalog-svc.egommerce.local,DNS:catalog-svc,IP:127.0.0.1"
export BASKET_CN="basket-svc.egommerce.local,basket-svc"
export BASKET_SAN="DNS:basket-svc.egommerce.local,DNS:basket-svc,IP:127.0.0.1"
export ORDER_CN="order-svc.egommerce.local,order-svc"
export ORDER_SAN="DNS:order-svc.egommerce.local,DNS:order-svc,IP:127.0.0.1"
export PRICING_CN="DNS:pricing-svc.egommerce.local,DNS:pricing-svc"
export PRICING_SAN="DNS:pricing-svc.egommerce.local,DNS:pricing-svc,IP:127.0.0.1"
# Create required directories
mkdir -p \
${CERTS_DIR} \
${CERTS_DIR}ca-root \
${CERTS_DIR}api-gateway \
${CERTS_DIR}api-eventbus \
${CERTS_DIR}api-cache \
${CERTS_DIR}api-logger \
${CERTS_DIR}db-postgres \
${CERTS_DIR}identity-svc \
${CERTS_DIR}basket-svc \
${CERTS_DIR}catalog-svc \
${CERTS_DIR}order-svc \
${CERTS_DIR}pricing-svc
# Generate Root CA cert
openssl req -newkey rsa:2048 -nodes -x509 -days 1024 \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/OU=DevOps Team/CN=Egommerce CA" \
-keyout ${CERTS_DIR}ca-root/ca-root.key -out ${CERTS_DIR}ca-root/ca-root.crt >/dev/null
# Create fullchain pem file
cat ${CERTS_DIR}ca-root/ca-root.key ${CERTS_DIR}ca-root/ca-root.crt > ${CERTS_DIR}ca-root/ca-root.pem
# Generate Gateway cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$GATEWAY_CN" \
-keyout ${CERTS_DIR}api-gateway/api-gateway.key \
-out ${CERTS_DIR}api-gateway/api-gateway.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}api-gateway/api-gateway.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${GATEWAY_SAN}")) \
-out ${CERTS_DIR}api-gateway/api-gateway.crt >/dev/null
# Create fullchain pem file
cat ${CERTS_DIR}api-gateway/api-gateway.key ${CERTS_DIR}api-gateway/api-gateway.crt > ${CERTS_DIR}api-gateway/api-gateway.pem
# Generate Eventbus cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$EVENTBUS_CN" \
-keyout ${CERTS_DIR}api-eventbus/api-eventbus.key \
-out ${CERTS_DIR}api-eventbus/api-eventbus.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}api-eventbus/api-eventbus.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${EVENTBUS_SAN}")) \
-out ${CERTS_DIR}api-eventbus/api-eventbus.crt >/dev/null
# Generate Cache cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$CACHE_CN" \
-keyout ${CERTS_DIR}api-cache/api-cache.key \
-out ${CERTS_DIR}api-cache/api-cache.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}api-cache/api-cache.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${CACHE_SAN}")) \
-out ${CERTS_DIR}api-cache/api-cache.crt >/dev/null
# Generate Logger cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$LOGGER_CN" \
-keyout ${CERTS_DIR}api-logger/api-logger.key \
-out ${CERTS_DIR}api-logger/api-logger.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}api-logger/api-logger.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${LOGGER_SAN}")) \
-out ${CERTS_DIR}api-logger/api-logger.crt >/dev/null
# Generate Postgres cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$POSTGRES_CN" \
-keyout ${CERTS_DIR}db-postgres/db-postgres.key \
-out ${CERTS_DIR}db-postgres/db-postgres.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}db-postgres/db-postgres.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${POSTGRES_SAN}")) \
-out ${CERTS_DIR}db-postgres/db-postgres.crt >/dev/null
# Generate Identity cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$IDENTITY_CN" \
-keyout ${CERTS_DIR}identity-svc/identity-svc.key \
-out ${CERTS_DIR}identity-svc/identity-svc.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}identity-svc/identity-svc.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${IDENTITY_SAN}")) \
-out ${CERTS_DIR}identity-svc/identity-svc.crt >/dev/null
# Generate Basket cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$BASKET_CN" \
-keyout ${CERTS_DIR}basket-svc/basket-svc.key \
-out ${CERTS_DIR}basket-svc/basket-svc.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}basket-svc/basket-svc.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${BASKET_SAN}")) \
-out ${CERTS_DIR}basket-svc/basket-svc.crt >/dev/null
# Generate Catalog cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$CATALOG_CN" \
-keyout ${CERTS_DIR}catalog-svc/catalog-svc.key \
-out ${CERTS_DIR}catalog-svc/catalog-svc.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}catalog-svc/catalog-svc.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${CATALOG_SAN}")) \
-out ${CERTS_DIR}catalog-svc/catalog-svc.crt >/dev/null
# Generate Order cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$ORDER_CN" \
-keyout ${CERTS_DIR}order-svc/order-svc.key \
-out ${CERTS_DIR}order-svc/order-svc.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}order-svc/order-svc.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${ORDER_SAN}")) \
-out ${CERTS_DIR}order-svc/order-svc.crt >/dev/null
# Generate Pricing cert
openssl req -newkey rsa:2048 -nodes \
-subj "/C=PL/ST=Silesia/L=Gliwice/O=Egommerce.dev/CN=$PRICING_CN" \
-keyout ${CERTS_DIR}pricing-svc/pricing-svc.key \
-out ${CERTS_DIR}pricing-svc/pricing-svc.csr >/dev/null
openssl x509 -req -days 365 \
-in ${CERTS_DIR}pricing-svc/pricing-svc.csr -CA ${CERTS_DIR}ca-root/ca-root.crt \
-CAkey ${CERTS_DIR}ca-root/ca-root.key -set_serial 01 \
-extensions SAN -extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=${PRICING_SAN}")) \
-out ${CERTS_DIR}pricing-svc/pricing-svc.crt >/dev/null

21
deploy/scripts/init-k8s.sh Normal file
View File

@@ -0,0 +1,21 @@
#!/bin/sh
alias kubectl="microk8s kubectl" # MicroK8S fix
# Install plugins
microk8s enable dns
# microk8s enable ingress
# microk8s enable storage
# microk8s enable helm3
# microk8s enable metallb:10.64.0.100-10.64.0.200
# API Gateway CRDs
# kubectl apply --server-side -f https://github.com/kubernetes-sigs/gateway-api/releases/latest/download/standard-install.yaml
# kubectl apply --server-side -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/webhook-install.yaml
# Create ca root tls secret
kubectl create secret tls ca-root --cert=deploy/certs/ca-root/ca-root.crt --key=deploy/certs/ca-root/ca-root.key -n egommerce
# kubectl annotate secret ca-root haproxy.org/server-ca="egommerce/ca-root" -n egommerce
# Create api-gateway tls secret
kubectl create secret tls api-gateway-cert --cert=deploy/certs/api-gateway/api-gateway.crt --key=deploy/certs/api-gateway/api-gateway.key -n egommerce

21
deploy/scripts/start-k8s.sh Normal file
View File

@@ -0,0 +1,21 @@
#!/bin/sh
# RUN IT FORM THE REPO ROOT DIR
alias kubectl="microk8s kubectl" # MicroK8S fix
echo "Starting egommerce k8s stack..."
kubectl apply -f deploy/k8s/namespace.yml
kubectl apply -f deploy/k8s/secret.yml
kubectl apply -f deploy/k8s/api-gateway.yml
kubectl apply -f deploy/k8s/api-eventbus.yml
kubectl apply -f deploy/k8s/api-cache.yml
kubectl apply -f deploy/k8s/api-logger.yml
kubectl apply -f deploy/k8s/db-postgres.yml
# kubectl apply -f deploy/k8s/db-mongo.yml
kubectl apply -f deploy/k8s/identity-svc.yml
kubectl apply -f deploy/k8s/catalog-svc.yml
echo "Done."

21
deploy/scripts/stop-k8s.sh Normal file
View File

@@ -0,0 +1,21 @@
#!/bin/sh
# RUN IT FORM THE REPO ROOT DIR
alias kubectl="microk8s kubectl" # MicroK8S fix
echo "Stopping egommerce k8s stack..."
kubectl delete -f deploy/k8s/identity-svc.yml
kubectl delete -f deploy/k8s/catalog-svc.yml
# kubectl delete -f deploy/k8s/db-mongo.yml
kubectl delete -f deploy/k8s/db-postgres.yml
kubectl delete -f deploy/k8s/api-logger.yml
kubectl delete -f deploy/k8s/api-cache.yml
kubectl delete -f deploy/k8s/api-eventbus.yml
kubectl delete -f deploy/k8s/api-gateway.yml
kubectl delete -f deploy/k8s/secret.yml
# kubectl delete -f deploy/k8s/namespace.yml
echo "Done."

11
deploy/start-docker.sh
View File

@@ -1,11 +0,0 @@
#!/bin/sh
# RUN IT FORM THE REPO ROOT DIR
echo "Starting egommerce docker stack..."
docker stack deploy --with-registry-auth --detach=false \
--compose-file deploy/docker/stack.yml \
--compose-file deploy/docker/stack.dev.yml \
--compose-file deploy/docker/stack.dev.local.yml \
egommerce
echo "Done."

12
deploy/start-k8s.sh
View File

@@ -1,12 +0,0 @@
#!/bin/sh
# RUN IT FORM THE REPO ROOT DIR
echo "Starting egommerce k8s stack..."
kubectl apply -f deploy/k8s/stack.yml
# kubectl apply -f deploy/k8s/stack.prod.yml
# kubectl apply -f deploy/k8s/stack.dev.yml
# kubectl apply -f deploy/k8s/stack.dev.local.yml
echo "Done."

0
deploy/volumes-restart.sh
View File

140
grafana-dashboards/api-cache-logs.json Normal file
View File

@@ -0,0 +1,140 @@
{
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 2267340490403840,
"links": [],
"panels": [
{
"datasource": {
"type": "loki",
"uid": "P8E80F9AEF21F6940"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"type": "auto"
},
"footer": {
"reducers": []
},
"hideFrom": {
"viz": false
},
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "Time"
},
"properties": [
{
"id": "custom.width",
"value": 153
}
]
},
{
"matcher": {
"id": "byName",
"options": "Line"
},
"properties": [
{
"id": "custom.width",
"value": 986
}
]
}
]
},
"gridPos": {
"h": 16,
"w": 24,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"cellHeight": "sm",
"showHeader": true,
"sortBy": [
{
"desc": false,
"displayName": "tsNs"
}
]
},
"pluginVersion": "12.2.0",
"targets": [
{
"datasource": {
"type": "loki",
"uid": "P8E80F9AEF21F6940"
},
"direction": "backward",
"editorMode": "builder",
"expr": "{app=\"api-cache\"} |= ``",
"queryType": "range",
"refId": "A"
}
],
"title": "API Cache Logs",
"type": "table"
}
],
"preload": false,
"refresh": "5s",
"schemaVersion": 42,
"tags": [],
"templating": {
"list": []
},
"time": {
"from": "now-5m",
"to": "now"
},
"timepicker": {},
"timezone": "browser",
"title": "API Cache Logs",
"uid": "ad7sctw",
"version": 3
}

1083
grafana-dashboards/api-cache-monitoring.json Normal file
View File

File diff suppressed because it is too large Load Diff

152
grafana-dashboards/api-eventbus-logs.json Normal file
View File

@@ -0,0 +1,152 @@
{
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 2231809731538944,
"links": [],
"panels": [
{
"datasource": {
"type": "loki",
"uid": "P8E80F9AEF21F6940"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"type": "auto"
},
"footer": {
"reducers": []
},
"hideFrom": {
"viz": false
},
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "Time"
},
"properties": [
{
"id": "custom.width",
"value": 188
}
]
},
{
"matcher": {
"id": "byName",
"options": "labels"
},
"properties": [
{
"id": "custom.width",
"value": 50
}
]
},
{
"matcher": {
"id": "byName",
"options": "Line"
},
"properties": [
{
"id": "custom.width",
"value": 1045
}
]
}
]
},
"gridPos": {
"h": 9,
"w": 24,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"cellHeight": "sm",
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "Time"
}
]
},
"pluginVersion": "12.2.0",
"targets": [
{
"datasource": {
"type": "loki",
"uid": "P8E80F9AEF21F6940"
},
"direction": "backward",
"editorMode": "builder",
"expr": "{app=\"api-eventbus\"} |= ``",
"queryType": "range",
"refId": "A"
}
],
"title": "API Eventbus Logs",
"type": "table"
}
],
"preload": false,
"refresh": "5s",
"schemaVersion": 42,
"tags": [],
"templating": {
"list": []
},
"time": {
"from": "now-5m",
"to": "now"
},
"timepicker": {},
"timezone": "browser",
"title": "API Eventbus Logs",
"uid": "addld9d",
"version": 2
}

8423
grafana-dashboards/api-eventbus-monitoring.json Normal file
View File

File diff suppressed because it is too large Load Diff

140
grafana-dashboards/api-gateway-logs.json Normal file
View File

@@ -0,0 +1,140 @@
{
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 2292411350208512,
"links": [],
"panels": [
{
"datasource": {
"type": "loki",
"uid": "P8E80F9AEF21F6940"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"type": "auto"
},
"footer": {
"reducers": []
},
"hideFrom": {
"viz": false
},
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "Time"
},
"properties": [
{
"id": "custom.width",
"value": 155
}
]
},
{
"matcher": {
"id": "byName",
"options": "Line"
},
"properties": [
{
"id": "custom.width",
"value": 990
}
]
}
]
},
"gridPos": {
"h": 15,
"w": 24,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"cellHeight": "sm",
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "Time"
}
]
},
"pluginVersion": "12.2.0",
"targets": [
{
"datasource": {
"type": "loki",
"uid": "P8E80F9AEF21F6940"
},
"direction": "backward",
"editorMode": "builder",
"expr": "{app=\"api-gateway\"} |= ``",
"queryType": "range",
"refId": "A"
}
],
"title": "API Gateway Logs",
"type": "table"
}
],
"preload": false,
"refresh": "5s",
"schemaVersion": 42,
"tags": [],
"templating": {
"list": []
},
"time": {
"from": "now-5m",
"to": "now"
},
"timepicker": {},
"timezone": "browser",
"title": "API Gateway Logs",
"uid": "adct2hs",
"version": 4
}

1120
grafana-dashboards/go-processes-monitoring.json Normal file
View File

File diff suppressed because it is too large Load Diff

11548
grafana-dashboards/haproxy-monitoring.json Normal file
View File

File diff suppressed because it is too large Load Diff

140
grafana-dashboards/identity-svc-logs.json Normal file
View File

@@ -0,0 +1,140 @@
{
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 2293973304823808,
"links": [],
"panels": [
{
"datasource": {
"type": "loki",
"uid": "P8E80F9AEF21F6940"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"cellOptions": {
"type": "auto"
},
"footer": {
"reducers": []
},
"hideFrom": {
"viz": false
},
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": 0
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "Time"
},
"properties": [
{
"id": "custom.width",
"value": 151
}
]
},
{
"matcher": {
"id": "byName",
"options": "Line"
},
"properties": [
{
"id": "custom.width",
"value": 992
}
]
}
]
},
"gridPos": {
"h": 15,
"w": 24,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"cellHeight": "sm",
"showHeader": true,
"sortBy": [
{
"desc": true,
"displayName": "Time"
}
]
},
"pluginVersion": "12.2.0",
"targets": [
{
"datasource": {
"type": "loki",
"uid": "P8E80F9AEF21F6940"
},
"direction": "backward",
"editorMode": "builder",
"expr": "{app=\"identity-svc\"} |= ``",
"queryType": "range",
"refId": "A"
}
],
"title": "Identity SVC Logs",
"type": "table"
}
],
"preload": false,
"refresh": "5s",
"schemaVersion": 42,
"tags": [],
"templating": {
"list": []
},
"time": {
"from": "now-5m",
"to": "now"
},
"timepicker": {},
"timezone": "browser",
"title": "Identity SVC Logs",
"uid": "adck5c7",
"version": 3
}