diff --git a/Istio/NetworkPolicies/README.md b/Istio/NetworkPolicies/README.md
new file mode 100644
index 0000000..bdf2713
--- /dev/null
+++ b/Istio/NetworkPolicies/README.md
@@ -0,0 +1 @@
+https://istio.io/latest/blog/2017/0.1-using-network-policy/#examples
\ No newline at end of file
diff --git a/Istio/bookshelf/README.md b/Istio/bookshelf/README.md
new file mode 100644
index 0000000..e3c033b
--- /dev/null
+++ b/Istio/bookshelf/README.md
@@ -0,0 +1 @@
+# Example from istio, using it for testing purposes
\ No newline at end of file
diff --git a/Istio/bookshelf/bookinfo-gateway.yaml b/Istio/bookshelf/bookinfo-gateway.yaml
new file mode 100644
index 0000000..57fb37b
--- /dev/null
+++ b/Istio/bookshelf/bookinfo-gateway.yaml
@@ -0,0 +1,52 @@
+
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+ name: bookinfo-gateway
+spec:
+ selector:
+ istio: ingressgateway # use istio default controller
+ servers:
+ - port:
+ number: 80
+ name: http
+ protocol: HTTP
+ hosts:
+ - "*"
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+ name: bookinfo
+spec:
+ hosts:
+ - "*"
+ gateways:
+ - bookinfo-gateway
+ http:
+ - match:
+ - uri:
+ exact: /productpage
+ - uri:
+ prefix: /static
+ - uri:
+ exact: /login
+ - uri:
+ exact: /logout
+ - uri:
+ prefix: /api/v1/products
+ route:
+ - destination:
+ host: productpage
+ port:
+ number: 9080
+ - match:
+ - uri:
+ exact: /helloworld
+ route:
+ - destination:
+ host: productpage
+ port:
+ number: 9080
+ rewrite:
+ uri: "/productpage"
diff --git a/Istio/bookshelf/bookinfo.yaml b/Istio/bookshelf/bookinfo.yaml
new file mode 100644
index 0000000..4de3a21
--- /dev/null
+++ b/Istio/bookshelf/bookinfo.yaml
@@ -0,0 +1,343 @@
+# Copyright Istio Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+##################################################################################################
+# This file defines the services, service accounts, and deployments for the Bookinfo sample.
+#
+# To apply all 4 Bookinfo services, their corresponding service accounts, and deployments:
+#
+# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
+#
+# Alternatively, you can deploy any resource separately:
+#
+# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l service=reviews # reviews Service
+# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l account=reviews # reviews ServiceAccount
+# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l app=reviews,version=v3 # reviews-v3 Deployment
+##################################################################################################
+
+##################################################################################################
+# Details service
+##################################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: details
+ labels:
+ app: details
+ service: details
+spec:
+ ports:
+ - port: 9080
+ name: http
+ selector:
+ app: details
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: bookinfo-details
+ labels:
+ account: details
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: details-v1
+ labels:
+ app: details
+ version: v1
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: details
+ version: v1
+ template:
+ metadata:
+ labels:
+ app: details
+ version: v1
+ spec:
+ serviceAccountName: bookinfo-details
+ containers:
+ - name: details
+ image: docker.io/istio/examples-bookinfo-details-v1:1.17.0
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 9080
+ securityContext:
+ runAsUser: 1000
+---
+##################################################################################################
+# Ratings service
+##################################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: ratings
+ labels:
+ app: ratings
+ service: ratings
+spec:
+ ports:
+ - port: 9080
+ name: http
+ selector:
+ app: ratings
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: bookinfo-ratings
+ labels:
+ account: ratings
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: ratings-v1
+ labels:
+ app: ratings
+ version: v1
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: ratings
+ version: v1
+ template:
+ metadata:
+ labels:
+ app: ratings
+ version: v1
+ spec:
+ serviceAccountName: bookinfo-ratings
+ containers:
+ - name: ratings
+ image: docker.io/istio/examples-bookinfo-ratings-v1:1.17.0
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 9080
+ securityContext:
+ runAsUser: 1000
+---
+##################################################################################################
+# Reviews service
+##################################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: reviews
+ labels:
+ app: reviews
+ service: reviews
+spec:
+ ports:
+ - port: 9080
+ name: http
+ selector:
+ app: reviews
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: bookinfo-reviews
+ labels:
+ account: reviews
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: reviews-v1
+ labels:
+ app: reviews
+ version: v1
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: reviews
+ version: v1
+ template:
+ metadata:
+ labels:
+ app: reviews
+ version: v1
+ spec:
+ serviceAccountName: bookinfo-reviews
+ containers:
+ - name: reviews
+ image: docker.io/istio/examples-bookinfo-reviews-v1:1.17.0
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: LOG_DIR
+ value: "/tmp/logs"
+ ports:
+ - containerPort: 9080
+ volumeMounts:
+ - name: tmp
+ mountPath: /tmp
+ - name: wlp-output
+ mountPath: /opt/ibm/wlp/output
+ securityContext:
+ runAsUser: 1000
+ volumes:
+ - name: wlp-output
+ emptyDir: {}
+ - name: tmp
+ emptyDir: {}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: reviews-v2
+ labels:
+ app: reviews
+ version: v2
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: reviews
+ version: v2
+ template:
+ metadata:
+ labels:
+ app: reviews
+ version: v2
+ spec:
+ serviceAccountName: bookinfo-reviews
+ containers:
+ - name: reviews
+ image: docker.io/istio/examples-bookinfo-reviews-v2:1.17.0
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: LOG_DIR
+ value: "/tmp/logs"
+ ports:
+ - containerPort: 9080
+ volumeMounts:
+ - name: tmp
+ mountPath: /tmp
+ - name: wlp-output
+ mountPath: /opt/ibm/wlp/output
+ securityContext:
+ runAsUser: 1000
+ volumes:
+ - name: wlp-output
+ emptyDir: {}
+ - name: tmp
+ emptyDir: {}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: reviews-v3
+ labels:
+ app: reviews
+ version: v3
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: reviews
+ version: v3
+ template:
+ metadata:
+ labels:
+ app: reviews
+ version: v3
+ spec:
+ serviceAccountName: bookinfo-reviews
+ containers:
+ - name: reviews
+ image: docker.io/istio/examples-bookinfo-reviews-v3:1.17.0
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: LOG_DIR
+ value: "/tmp/logs"
+ ports:
+ - containerPort: 9080
+ volumeMounts:
+ - name: tmp
+ mountPath: /tmp
+ - name: wlp-output
+ mountPath: /opt/ibm/wlp/output
+ securityContext:
+ runAsUser: 1000
+ volumes:
+ - name: wlp-output
+ emptyDir: {}
+ - name: tmp
+ emptyDir: {}
+---
+##################################################################################################
+# Productpage services
+##################################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: productpage
+ labels:
+ app: productpage
+ service: productpage
+spec:
+ ports:
+ - port: 9080
+ name: http
+ selector:
+ app: productpage
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: bookinfo-productpage
+ labels:
+ account: productpage
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: productpage-v1
+ labels:
+ app: productpage
+ version: v1
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: productpage
+ version: v1
+ template:
+ metadata:
+ labels:
+ app: productpage
+ version: v1
+ spec:
+ serviceAccountName: bookinfo-productpage
+ containers:
+ - name: productpage
+ image: docker.io/istio/examples-bookinfo-productpage-v1:1.17.0
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 9080
+ volumeMounts:
+ - name: tmp
+ mountPath: /tmp
+ securityContext:
+ runAsUser: 1000
+ volumes:
+ - name: tmp
+ emptyDir: {}
+---
diff --git a/Istio/ingress.yaml b/Istio/ingress.yaml
new file mode 100644
index 0000000..bbc6e81
--- /dev/null
+++ b/Istio/ingress.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: istio-ingress
+ labels:
+ istio: ingress
+spec:
+ type: LoadBalancer
+ ports:
+ - port: 80
+ name: http
+ - port: 443
+ name: https
+ selector:
+ istio: ingress
diff --git a/Istio/simple/README.md b/Istio/simple/README.md
new file mode 100644
index 0000000..624debe
--- /dev/null
+++ b/Istio/simple/README.md
@@ -0,0 +1,6 @@
+# Simple examples
+
+
+# Traffic path
+
+## Istio Ingress Controller ---> Gateway -> Virtual Service (-> Destination Route) -> Ingress -> Deployment
\ No newline at end of file
diff --git a/Istio/simple/hello_world_1_service_1_deployment/README.md b/Istio/simple/hello_world_1_service_1_deployment/README.md
new file mode 100644
index 0000000..b76f3a2
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_1_deployment/README.md
@@ -0,0 +1,102 @@
+##### https://github.com/istio/istio/tree/master/samples/helloworld
+
+# Simple Hello World
+
+- 1 Service
+- 1 Deployment
+
+I think that by default uses `RANDOM`.
+
+https://istio.io/latest/docs/reference/config/networking/destination-rule/#TrafficPolicy-PortTrafficPolicy
+
+https://istio.io/latest/docs/reference/config/networking/destination-rule/#LoadBalancerSettings
+
+
+Relies in automatic sidecar injection.
+
+
+> Contains service account configurations, yet they are commented as not "necessary".
+
+
+## Files
+
+- deployment.yaml
+- gateway.yaml
+
+## deployment.yaml
+
+### Creates
+
+#### Service
+
+- helloworld
+
+#### Deployments
+
+- helloworld-nginx (Nginx container)
+
+## gateway.yaml
+
+### Creates
+
+#### Gateway
+
+##### helloworld-gateway
+
+###### Configuration
+
+```yml
+port: 80
+istio-ingress: ingressgateway
+hosts: "*"
+```
+
+#### VirtualService
+
+##### helloworld-vs
+
+###### Configuration
+
+```yaml
+hosts: "*"
+uri: "/helloworld"
+```
+
+# Run example
+
+## Deploy resources
+
+```shell
+$ kubectl apply -f ./
+service/helloworld created
+deployment.apps/helloworld-nginx created
+gateway.networking.istio.io/helloworld-gateway created
+virtualservice.networking.istio.io/helloworld-vs created
+```
+
+## Wait for the pods to be ready
+
+(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment)
+
+```shell
+$ kubectl get deployment helloworld-nginx -w
+NAME READY UP-TO-DATE AVAILABLE AGE
+helloworld-nginx 1/1 1 1 44s
+```
+
+## Test the service
+
+### Get LB IP
+
+```shell
+$ kubectl get svc istio-ingressgateway -n istio-system
+NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
+istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h
+```
+
+### Curl
+
+```shell
+$ curl 192.168.1.50/helloworld -s | grep ".*" ✔
+Welcome to nginx!
+```
\ No newline at end of file
diff --git a/Istio/simple/hello_world_1_service_1_deployment/deployment.yaml b/Istio/simple/hello_world_1_service_1_deployment/deployment.yaml
new file mode 100644
index 0000000..36e6b76
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_1_deployment/deployment.yaml
@@ -0,0 +1,48 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml
+apiVersion: v1
+kind: Service
+metadata:
+ name: helloworld
+ labels:
+ app: helloworld
+ service: helloworld
+spec:
+ ports:
+ - port: 80
+ name: http
+ selector:
+ app: helloworld
+---
+#apiVersion: v1
+#kind: ServiceAccount
+#metadata:
+# name: istio-helloworld
+# labels:
+# account:
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: helloworld-nginx
+ labels:
+ app: helloworld
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: helloworld
+ template:
+ metadata:
+ labels:
+ app: helloworld
+ spec:
+# serviceAccountName: istio-helloworld
+ containers:
+ - name: helloworld
+ image: nginx
+ resources:
+ requests:
+ cpu: "100m"
+ imagePullPolicy: IfNotPresent #Always
+ ports:
+ - containerPort: 80
diff --git a/Istio/simple/hello_world_1_service_1_deployment/gateway.yaml b/Istio/simple/hello_world_1_service_1_deployment/gateway.yaml
new file mode 100644
index 0000000..8ba8a20
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_1_deployment/gateway.yaml
@@ -0,0 +1,36 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+ name: helloworld-gateway
+spec:
+ selector:
+ istio: ingressgateway # use istio default controller
+ servers:
+ - port:
+ number: 80
+ name: http
+ protocol: HTTP
+ hosts:
+ - "*"
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+ name: helloworld-vs
+spec:
+ hosts:
+ - "*"
+ gateways:
+ - helloworld-gateway
+ http:
+ - match:
+ - uri:
+ exact: /helloworld
+ route:
+ - destination:
+ host: helloworld
+ port:
+ number: 80
+ rewrite:
+ uri: "/"
\ No newline at end of file
diff --git a/Istio/simple/hello_world_1_service_2_deployments_managed_version/README.md b/Istio/simple/hello_world_1_service_2_deployments_managed_version/README.md
new file mode 100644
index 0000000..f18184c
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_2_deployments_managed_version/README.md
@@ -0,0 +1,182 @@
+##### https://github.com/istio/istio/tree/master/samples/helloworld
+
+https://istio.io/latest/blog/2017/0.1-canary/
+
+
+# Simple Hello World
+
+- 1 Service
+- 2 Versions
+
+Iterates between the versions without any specific policy. (actually doesn't use the version for anything)
+
+I think that by default uses `RANDOM`.
+
+https://istio.io/latest/docs/reference/config/networking/destination-rule/#TrafficPolicy-PortTrafficPolicy
+
+https://istio.io/latest/docs/reference/config/networking/destination-rule/#LoadBalancerSettings
+
+
+Relies in automatic sidecar injection.
+
+
+> Contains service account configurations, yet they are commented as not "necessary".
+
+## Quick note
+
+On this version I have "started" to use the full service name instead of the shorten version, aka:
+
+```yaml
+ route:
+ - destination:
+ host: helloworld
+```
+
+Will be:
+
+```yaml
+ route:
+ - destination:
+ host: helloworld.default.svc.cluster.local
+```
+
+It's overall a good practice to have, so not much of a reason to not do it.
+
+https://istio.io/latest/docs/reference/config/networking/destination-rule/#DestinationRule
+
+
+## Files
+
+- deployment.yaml
+- gateway.yaml
+
+## deployment.yaml
+
+### Creates
+
+#### Service
+
+- helloworld
+
+#### Deployments
+
+- helloworld-v1 (Nginx)
+- helloworld-v2 (Apache)
+
+## gateway.yaml
+
+### Creates
+
+#### Gateway
+
+##### helloworld-gateway
+
+###### Configuration
+
+```yml
+port: 80
+istio-ingress: ingressgateway
+hosts: "*"
+```
+
+#### VirtualService
+
+##### helloworld-vs
+
+###### Configuration
+
+```yaml
+hosts: "*"
+uri: "/helloworld"
+versions:
+ v1:
+ weight: "25%"
+ v2:
+ weight: "75%"
+```
+
+#### Destination Rule
+
+###### Configuration
+
+```yaml
+
+```
+
+
+# Run example
+
+## Deploy resources
+
+```shell
+$ kubectl apply -f ./
+service/helloworld created
+deployment.apps/helloworld-v1 created
+deployment.apps/helloworld-v2 created
+gateway.networking.istio.io/helloworld-gateway created
+virtualservice.networking.istio.io/helloworld-vs created
+destinationrule.networking.istio.io/helloworld-destinationrule created
+```
+
+## Wait for the pods to be ready
+
+(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment)
+
+```shell
+$ kubectl get deployment helloworld-v{1..2} -w ✔ kubernetes-admin@kubernetes ⎈
+NAME READY UP-TO-DATE AVAILABLE AGE
+helloworld-v1 1/1 1 1 4m1s
+helloworld-v2 1/1 1 1 4m1s
+```
+
+## Test the service
+
+### Get LB IP
+
+```shell
+$ kubectl get svc istio-ingressgateway -n istio-system
+NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
+istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h
+```
+
+### Curl
+
+Iterates between Nginx and Apache. Somwhat close to the ratio configured.
+
+> Nginx instances (v1): 2 \
+> Apache instances (v2): 9
+
+```shell
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+Welcome to nginx!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
"
+Welcome to nginx!
+```
diff --git a/Istio/simple/hello_world_1_service_2_deployments_managed_version/deployment.yaml b/Istio/simple/hello_world_1_service_2_deployments_managed_version/deployment.yaml
new file mode 100644
index 0000000..0745bb1
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_2_deployments_managed_version/deployment.yaml
@@ -0,0 +1,82 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml
+apiVersion: v1
+kind: Service
+metadata:
+ name: helloworld
+ labels:
+ app: helloworld
+ service: helloworld
+spec:
+ ports:
+ - port: 80
+ name: http
+ selector:
+ app: helloworld
+---
+#apiVersion: v1
+#kind: ServiceAccount
+#metadata:
+# name: istio-helloworld
+# labels:
+# account:
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: helloworld-v1
+ labels:
+ app: helloworld
+ version: v1
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: helloworld
+ version: v1
+ template:
+ metadata:
+ labels:
+ app: helloworld
+ version: v1
+ spec:
+# serviceAccountName: istio-helloworld
+ containers:
+ - name: helloworld
+ image: nginx
+ resources:
+ requests:
+ cpu: "100m"
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 80
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: helloworld-v2
+ labels:
+ app: helloworld
+ version: v2
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: helloworld
+ version: v2
+ template:
+ metadata:
+ labels:
+ app: helloworld
+ version: v2
+ spec:
+# serviceAccountName: istio-helloworld
+ containers:
+ - name: helloworld
+ image: httpd
+ resources:
+ requests:
+ cpu: "100m"
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 80
+---
\ No newline at end of file
diff --git a/Istio/simple/hello_world_1_service_2_deployments_managed_version/gateway.yaml b/Istio/simple/hello_world_1_service_2_deployments_managed_version/gateway.yaml
new file mode 100644
index 0000000..fbdc82d
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_2_deployments_managed_version/gateway.yaml
@@ -0,0 +1,61 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+ name: helloworld-gateway
+spec:
+ selector:
+ istio: ingressgateway # use istio default controller
+ servers:
+ - port:
+ number: 80
+ name: http
+ protocol: HTTP
+ hosts:
+ - "*"
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+ name: helloworld-vs
+spec:
+ hosts:
+ - "*"
+ gateways:
+ - helloworld-gateway
+ http:
+ - match:
+ - uri:
+ exact: /helloworld
+ route:
+ - destination:
+ host: helloworld.default.svc.cluster.local
+# host: helloworld
+ port:
+ number: 80
+ subset: v1
+ weight: 20
+ - destination:
+# host: helloworld
+ host: helloworld.default.svc.cluster.local
+ port:
+ number: 80
+ subset: v2
+ weight: 80
+ rewrite:
+ uri: "/"
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: DestinationRule
+metadata:
+ name: helloworld
+spec:
+# host: helloworld # destination service
+ host: helloworld.default.svc.cluster.local # Full destination service, lil better for consistency
+ subsets:
+ - name: v1
+ labels:
+ version: v1
+ - name: v2
+ labels:
+ version: v2
diff --git a/Istio/simple/hello_world_1_service_2_deployments_unmanaged/README.md b/Istio/simple/hello_world_1_service_2_deployments_unmanaged/README.md
new file mode 100644
index 0000000..e38829c
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_2_deployments_unmanaged/README.md
@@ -0,0 +1,139 @@
+##### https://github.com/istio/istio/tree/master/samples/helloworld
+
+# Simple Hello World
+
+- 1 Service
+- 2 Versions
+
+Iterates between the versions without any specific policy. (actually doesn't use the version for anything)
+
+I think that by default uses `RANDOM`.
+
+https://istio.io/latest/docs/reference/config/networking/destination-rule/#TrafficPolicy-PortTrafficPolicy
+
+https://istio.io/latest/docs/reference/config/networking/destination-rule/#LoadBalancerSettings
+
+
+Relies in automatic sidecar injection.
+
+
+> Contains service account configurations, yet they are commented as not "necessary".
+
+
+## Files
+
+- deployment.yaml
+- gateway.yaml
+
+## deployment.yaml
+
+### Creates
+
+#### Service
+
+- helloworld
+
+#### Deployments
+
+- helloworld-v1 (Nginx)
+- helloworld-v2 (Apache)
+
+## gateway.yaml
+
+### Creates
+
+#### Gateway
+
+##### helloworld-gateway
+
+###### Configuration
+
+```yml
+port: 80
+istio-ingress: ingressgateway
+hosts: "*"
+```
+
+#### VirtualService
+
+##### helloworld-vs
+
+###### Configuration
+
+```yaml
+hosts: "*"
+uri: "/helloworld"
+```
+
+
+
+
+
+
+# Run example
+
+## Deploy resources
+
+```shell
+$ kubectl apply -f ./
+service/helloworld created
+deployment.apps/helloworld-v1 created
+deployment.apps/helloworld-v2 created
+deployment.apps/helloworld-v2 unchanged
+gateway.networking.istio.io/helloworld-gateway created
+virtualservice.networking.istio.io/helloworld-vs created
+```
+
+## Wait for the pods to be ready
+
+(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment)
+
+```shell
+$ kubectl get deployment helloworld-v{1..2} -w ✔ kubernetes-admin@kubernetes ⎈
+NAME READY UP-TO-DATE AVAILABLE AGE
+helloworld-v1 1/1 1 1 4m1s
+helloworld-v2 1/1 1 1 4m1s
+```
+
+## Test the service
+
+### Get LB IP
+
+```shell
+$ kubectl get svc istio-ingressgateway -n istio-system
+NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
+istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h
+```
+
+### Curl
+
+Iterates randomly between Nginx and Apache
+
+```shell
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+Welcome to nginx!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+Welcome to nginx!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+Welcome to nginx!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+Welcome to nginx!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+Welcome to nginx!
+
+$ curl 192.168.1.50/helloworld -s | grep ".*
" ✔
+It works!
+```
diff --git a/Istio/simple/hello_world_1_service_2_deployments_unmanaged/deployment.yaml b/Istio/simple/hello_world_1_service_2_deployments_unmanaged/deployment.yaml
new file mode 100644
index 0000000..761def5
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_2_deployments_unmanaged/deployment.yaml
@@ -0,0 +1,76 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml
+apiVersion: v1
+kind: Service
+metadata:
+ name: helloworld
+ labels:
+ app: helloworld
+ service: helloworld
+spec:
+ ports:
+ - port: 80
+ name: http
+ selector:
+ app: helloworld
+---
+#apiVersion: v1
+#kind: ServiceAccount
+#metadata:
+# name: istio-helloworld
+# labels:
+# account:
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: helloworld-v1
+ labels:
+ app: helloworld
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: helloworld
+ template:
+ metadata:
+ labels:
+ app: helloworld
+ spec:
+# serviceAccountName: istio-helloworld
+ containers:
+ - name: helloworld
+ image: nginx
+ resources:
+ requests:
+ cpu: "100m"
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 80
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: helloworld-v2
+ labels:
+ app: helloworld
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: helloworld
+ template:
+ metadata:
+ labels:
+ app: helloworld
+ spec:
+# serviceAccountName: istio-helloworld
+ containers:
+ - name: helloworld
+ image: httpd
+ resources:
+ requests:
+ cpu: "100m"
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 80
+---
\ No newline at end of file
diff --git a/Istio/simple/hello_world_1_service_2_deployments_unmanaged/gateway.yaml b/Istio/simple/hello_world_1_service_2_deployments_unmanaged/gateway.yaml
new file mode 100644
index 0000000..8ba8a20
--- /dev/null
+++ b/Istio/simple/hello_world_1_service_2_deployments_unmanaged/gateway.yaml
@@ -0,0 +1,36 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+ name: helloworld-gateway
+spec:
+ selector:
+ istio: ingressgateway # use istio default controller
+ servers:
+ - port:
+ number: 80
+ name: http
+ protocol: HTTP
+ hosts:
+ - "*"
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+ name: helloworld-vs
+spec:
+ hosts:
+ - "*"
+ gateways:
+ - helloworld-gateway
+ http:
+ - match:
+ - uri:
+ exact: /helloworld
+ route:
+ - destination:
+ host: helloworld
+ port:
+ number: 80
+ rewrite:
+ uri: "/"
\ No newline at end of file
diff --git a/Istio/tmp/ingress.yaml b/Istio/tmp/ingress.yaml
new file mode 100644
index 0000000..8743294
--- /dev/null
+++ b/Istio/tmp/ingress.yaml
@@ -0,0 +1,63 @@
+## https://istio.io/latest/docs/setup/additional-setup/gateway/#deploying-a-gateway
+#apiVersion: v1
+#kind: Service
+#metadata:
+# name: istio-ingressgateway2
+# namespace: istio-ingress
+#spec:
+# type: LoadBalancer
+# selector:
+# istio: ingressgateway
+# ports:
+# - port: 80
+# name: http
+# - port: 443
+# name: https
+#---
+#apiVersion: apps/v1
+#kind: Deployment
+#metadata:
+# name: istio-ingressgateway2
+# namespace: istio-ingress
+#spec:
+# selector:
+# matchLabels:
+# istio: ingressgateway
+# template:
+# metadata:
+# annotations:
+# # Select the gateway injection template (rather than the default sidecar template)
+# inject.istio.io/templates: gateway
+# labels:
+# # Set a unique label for the gateway. This is required to ensure Gateways can select this workload
+# istio: ingressgateway
+# # Enable gateway injection. If connecting to a revisioned control plane, replace with "istio.io/rev: revision-name"
+# sidecar.istio.io/inject: "true"
+# spec:
+# containers:
+# - name: istio-proxy
+# image: auto # The image will automatically update each time the pod starts.
+#---
+## Set up roles to allow reading credentials for TLS
+#apiVersion: rbac.authorization.k8s.io/v1
+#kind: Role
+#metadata:
+# name: istio-ingressgateway2-sds
+# namespace: istio-ingress
+#rules:
+# - apiGroups: [""]
+# resources: ["secrets"]
+# verbs: ["get", "watch", "list"]
+#---
+#apiVersion: rbac.authorization.k8s.io/v1
+#kind: RoleBinding
+#metadata:
+# name: istio-ingressgateway2-sds
+# namespace: istio-ingress
+#roleRef:
+# apiGroup: rbac.authorization.k8s.io
+# kind: Role
+# name: istio-ingressgateway2-sds
+#subjects:
+# - kind: ServiceAccount
+# name: default
\ No newline at end of file
diff --git a/Istio/tmp/tmp.txt b/Istio/tmp/tmp.txt
new file mode 100644
index 0000000..bc35189
--- /dev/null
+++ b/Istio/tmp/tmp.txt
@@ -0,0 +1,29 @@
+https://medium.com/@dinup24/expose-apps-on-private-network-through-istio-ingress-gateway-7dcb8a16d5bc
+
+
+cat << EOF > istio-operator.yaml
+apiVersion: install.istio.io/v1alpha1
+kind: IstioOperator
+metadata:
+ namespace: istio-system
+ name: istio-operator
+spec:
+ profile: default
+ components:
+ ingressGateways:
+ - name: istio-ingressgateway
+ enabled: true
+ - namespace: istio-system
+ name: istio-ingressgateway-private
+ enabled: true
+ k8s:
+ serviceAnnotations:
+ service.kubernetes.io/ibm-load-balancer-cloud-provider-ip-type: "private"
+ values:
+ gateways:
+ istio-ingressgateway:
+ sds:
+ enabled: true
+EOF
+
+istioctl manifest apply -f istio-operator.yaml
\ No newline at end of file
diff --git a/LB/lb.yaml b/LB/lb.yaml
index 0536b24..ca32151 100644
--- a/LB/lb.yaml
+++ b/LB/lb.yaml
@@ -1,38 +1,98 @@
-#
-#---
-#apiVersion: apps/v1
-#kind: Deployment
-#metadata:
-# name: nginx-deployment
-#spec:
-# selector:
-# matchLabels:
-# app: nginx-backend
-# replicas: 2 # tells deployment to run 2 pods matching the template
-# template:
-# metadata:
-# labels:
-# app: nginx
-# spec:
-# containers:
-# - name: nginx
-# image: nginx:1.14.2
-# ports:
-# - containerPort: 80
-#---
+# Example of a Ingress "LB" that itterates between 3 instances
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginxo-deploayment
+ labels:
+ environment: testin-lb1s
+spec:
+ selector:
+ matchLabels:
+ applicasao: webpaggo
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ applicasao: webpaggo
+ spec:
+ containers:
+ - name: nginxo
+ image: nginx
+ ports:
+ - containerPort: 80
+ name: http
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: whoami-traefik
+ labels:
+ environment: testin-lb1
+spec:
+ selector:
+ matchLabels:
+ applicasao: webpaggo
+ replicas: 2
+ template:
+ metadata:
+ labels:
+ applicasao: webpaggo
+ spec:
+ containers:
+ - name: whoami
+ image: traefik/whoami
+ ports:
+ - containerPort: 80
+ name: http
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: httpago-deployment
+ labels:
+ environment: testin-lb1
+spec:
+ selector:
+ matchLabels:
+ applicasao: webpaggo
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ applicasao: webpaggo
+ spec:
+ containers:
+ - name: apache
+ image: httpd
+ ports:
+ - containerPort: 80
+ name: http
+---
apiVersion: v1
kind: Service
metadata:
- name: nginx-lb
+ name: ingressito
+ labels:
+ environment: testin-lb1
spec:
selector:
- app: whoami-service
+ applicasao: webpaggo
ports:
- - port: 80 # Published port
- targetPort: 80 # Container port
-# - port: 443 # Published port
-# targetPort: 443 # Container port
+ - port: 80
+ targetPort: http
externalTrafficPolicy: Local
type: LoadBalancer
-#---
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..2af018d
--- /dev/null
+++ b/README.md
@@ -0,0 +1,3 @@
+# Surely only the following folders work / have any meaningful information
+
+- [Istio](/Istio)
\ No newline at end of file
diff --git a/dashboard/README.md b/dashboard/README.md
new file mode 100644
index 0000000..9305ed9
--- /dev/null
+++ b/dashboard/README.md
@@ -0,0 +1,7 @@
+https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
+
+
+
+```
+eyJhbGciOiJSUzI1NiIsImtpZCI6IlZJbF9YZWlzNGVybkRTMUVjZ0hFbVJkZ0tVaEFYVTNSUjhVWXlJWWJuUkEifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjc5MDExNTUwLCJpYXQiOjE2NzkwMDc5NTAsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiZDhmOWU3YTgtYmZiMy00Zjc0LWE3Y2MtZjZjODkzMmEzOWYzIn19LCJuYmYiOjE2NzkwMDc5NTAsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.HAmpLXAz8GZpEDqvpsQNnS3HOvP13UnytbVLzmfCMEKpA_HrVtq48fqeRbWICjNit7qeT8eGEB22fTsBhFzGLoKM7REC7hisq8jiMMvKOtZ-wbCQk5SiK4njr0ovhxKfhUvumK6D7oPVdSXGX3j8LC_T6nLjfMqoU3vRMam08yUJ88WWVQLKUOKlqVbsQaLrWvjg8M8Sme0gawxRFo21DFHfk8afP6kEC7n6MnBna6bjd2He74GeJZ9QwwdllTjIX9GdVxXpjj8e1VnvkTZKDWzV9F5mLHmuuE8lgQT02kZRUv0P3vPGckIgUS-kzvBIrmBwIjvStiOK6L93zzJHTg
+```
\ No newline at end of file
diff --git a/dashboard/dashboard.yaml b/dashboard/dashboard.yaml
new file mode 100644
index 0000000..fd3253b
--- /dev/null
+++ b/dashboard/dashboard.yaml
@@ -0,0 +1,33 @@
+kind: Service
+apiVersion: v1
+metadata:
+ labels:
+ k8s-app: kubernetes-dashboard
+ name: kubernetes-dashboard-pub
+ namespace: kubernetes-dashboard
+spec:
+ ports:
+ - port: 443
+ targetPort: 8443
+ selector:
+ k8s-app: kubernetes-dashboard-pub
+ type: LoadBalancer
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: admin-user
+ namespace: kubernetes-dashboard
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: admin-user
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+ - kind: ServiceAccount
+ name: admin-user
+ namespace: kubernetes-dashboard
\ No newline at end of file
diff --git a/ingress/test.yaml b/ingress/test.yaml
new file mode 100644
index 0000000..4b2e5e5
--- /dev/null
+++ b/ingress/test.yaml
@@ -0,0 +1,80 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx-ingress-test
+ labels:
+ example: ingress
+spec:
+ selector:
+ matchLabels:
+ app: nginx-test
+ replicas: 1 # Not much meaningful to have 2 pods if the content will be the same ...
+ template:
+ metadata:
+ labels:
+ example: ingress
+ app: nginx-test
+ spec:
+ containers:
+ - name: nginx-cont
+ image: nginx
+ ports:
+ - containerPort: 80
+ name: http
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: ingress-service
+ labels:
+ example: ingress
+spec:
+ selector:
+ app: nginx-test
+ ports:
+ - port: 80
+ targetPort: http
+ externalTrafficPolicy: Local
+ type: NodePort
+
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: ingress-test
+# annotations:
+# nginx.ingress.kubernetes.io/rewrite-target: /
+ labels:
+ example: ingress
+spec:
+ ingressClassName: ingress-example
+ rules:
+ - http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: ingress-service
+ port:
+ number: 80
+#---
+#apiVersion: networking.k8s.io/v1
+#kind: Ingress
+#metadata:
+# annotations:
+# kubernetes.io/ingress.class: istio
+# name: istio-ingress
+#spec:
+# rules:
+# #- host: *
+# - http:
+# paths:
+# - path: /
+# pathType: Prefix
+# backend:
+# service:
+# name: ingress-service
+# port:
+# number: 80
+# type: LoadBalancer
\ No newline at end of file
diff --git a/istio_2/README.md b/istio_2/README.md
new file mode 100644
index 0000000..095ba2e
--- /dev/null
+++ b/istio_2/README.md
@@ -0,0 +1 @@
+https://istio.io/latest/docs/tasks/traffic-management/ingress/ingress-control/
\ No newline at end of file
diff --git a/istio_2/file.yaml b/istio_2/file.yaml
new file mode 100644
index 0000000..b46d444
--- /dev/null
+++ b/istio_2/file.yaml
@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: httpbin
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: httpbin
+ labels:
+ app: httpbin
+ service: httpbin
+spec:
+ ports:
+ - name: http
+ port: 8000
+ targetPort: 80
+ selector:
+ app: httpbin
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: httpbin
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: httpbin
+ version: v1
+ template:
+ metadata:
+ labels:
+ app: httpbin
+ version: v1
+ spec:
+ serviceAccountName: httpbin
+ containers:
+ - image: docker.io/kennethreitz/httpbin
+ imagePullPolicy: IfNotPresent
+ name: httpbin
+ ports:
+ - containerPort: 80
\ No newline at end of file
diff --git a/istio_2/file2.yaml b/istio_2/file2.yaml
new file mode 100644
index 0000000..d4ec00a
--- /dev/null
+++ b/istio_2/file2.yaml
@@ -0,0 +1,37 @@
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+ name: httpbin-gateway
+spec:
+ # The selector matches the ingress gateway pod labels.
+ # If you installed Istio using Helm following the standard documentation, this would be "istio=ingress"
+ selector:
+ istio: ingressgateway
+ servers:
+ - port:
+ number: 80
+ name: http
+ protocol: HTTP
+ hosts:
+ - "httpbin.example.com"
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+ name: httpbin
+spec:
+ hosts:
+ - "httpbin.example.com"
+ gateways:
+ - httpbin-gateway
+ http:
+ - match:
+ - uri:
+ prefix: /status
+ - uri:
+ prefix: /delay
+ route:
+ - destination:
+ port:
+ number: 8000
+ host: httpbin
\ No newline at end of file
diff --git a/istio_2/tmp2.yaml b/istio_2/tmp2.yaml
new file mode 100644
index 0000000..5e49e02
--- /dev/null
+++ b/istio_2/tmp2.yaml
@@ -0,0 +1,35 @@
+apiVersion: gateway.networking.k8s.io/v1beta1
+kind: HTTPRoute
+metadata:
+ name: http
+ namespace: default
+spec:
+ parentRefs:
+ - name: gateway
+ namespace: istio-ingress
+ hostnames: ["httpbin.example.com"]
+ rules:
+ - matches:
+ - path:
+ type: PathPrefix
+ value: /get
+ - path:
+ type: PathPrefix
+ value: /headers
+ filters:
+ - type: URLRewrite
+ urlRewrite:
+# hostname: "*"
+ hostname: elsewhere.example
+ path:
+ type: ReplacePrefixMatch
+# replacePrefixMatch: /
+ replacePrefixMatch: /fennel
+# - type: RequestHeaderModifier
+# requestHeaderModifier:
+# add:
+# - name: my-added-header
+# value: added-value
+ backendRefs:
+ - name: httpbin
+ port: 8000
diff --git a/istio_3/README.md b/istio_3/README.md
new file mode 100644
index 0000000..6dde793
--- /dev/null
+++ b/istio_3/README.md
@@ -0,0 +1,48 @@
+## https://istio.io/latest/docs/examples/microservices-istio/setup-kubernetes-cluster/
+
+### Create namespaces
+
+```shell
+export NAMESPACE=tutorial
+kubectl create namespace $NAMESPACE
+```
+
+### Install istio demo
+
+
+```shell
+istioctl install --set profile=demo
+```
+
+
+### Install telemetry addons
+
+#### Grafana
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/addons/grafana.yaml
+```
+
+#### Prometheus
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/addons/prometheus.yaml
+```
+
+#### Kiali
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/addons/kiali.yaml
+```
+
+#### Jaeger
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/addons/jaeger.yaml
+```
+
+### Create ingress resources
+
+```shell
+kubectl apply ./gateway.yaml
+```
\ No newline at end of file
diff --git a/istio_3/ingress.yaml b/istio_3/ingress.yaml
new file mode 100644
index 0000000..e2bea4f
--- /dev/null
+++ b/istio_3/ingress.yaml
@@ -0,0 +1,49 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: istio-system
+ namespace: istio-system
+ annotations:
+ kubernetes.io/ingress.class: istio
+spec:
+ rules:
+ - host: my-istio-dashboard.io
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: grafana
+ port:
+ number: 3000
+ - host: my-istio-tracing.io
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: tracing
+ port:
+ number: 9411
+ - host: my-istio-logs-database.io
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: prometheus
+ port:
+ number: 9090
+ - host: my-kiali.io
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: kiali
+ port:
+ number: 20001
diff --git a/istio_3/read_role.yaml b/istio_3/read_role.yaml
new file mode 100644
index 0000000..6b30d66
--- /dev/null
+++ b/istio_3/read_role.yaml
@@ -0,0 +1,9 @@
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: istio-system-access
+ namespace: istio-system
+rules:
+ - apiGroups: ["", "extensions", "apps"]
+ resources: ["*"]
+ verbs: ["get", "list"]
\ No newline at end of file
diff --git a/istio_a/README.md b/istio_a/README.md
new file mode 100644
index 0000000..14dd914
--- /dev/null
+++ b/istio_a/README.md
@@ -0,0 +1,34 @@
+# https://istio.io/latest/docs/setup/getting-started/
+### https://istio.io/latest/docs/setup/additional-setup/config-profiles/
+
+
+```shell
+istioctl install --set profile=default -y
+```
+### https://istio.io/latest/docs/setup/additional-setup/sidecar-injection/
+
+
+### ?
+
+https://istio.io/latest/docs/examples/microservices-istio/istio-ingress-gateway/
+
+```sh
+NAMESPACE=istio-test
+```
+
+### Wildcard hosts
+https://istio.io/latest/docs/tasks/traffic-management/egress/wildcard-egress-hosts/
+
+
+### ingress gateway
+
+https://istio.io/latest/docs/setup/additional-setup/gateway/
+
+## Documentation
+
+https://istio.io/latest/docs/reference/config/networking/virtual-service/#VirtualService
+
+
+## Dashboard
+### Kiali
+https://istio.io/latest/docs/ops/integrations/kiali/#installation
\ No newline at end of file
diff --git a/istio_a/default.yaml b/istio_a/default.yaml
new file mode 100644
index 0000000..aff1be3
--- /dev/null
+++ b/istio_a/default.yaml
@@ -0,0 +1,45 @@
+apiVersion: networking.istio.io/v1beta1
+kind: Gateway
+metadata:
+ name: bookinfo-gateway
+spec:
+ # The selector matches the ingress gateway pod labels.
+ # If you installed Istio using Helm following the standard documentation, this would be "istio=ingress"
+ selector:
+ istio: ingressgateway # use istio default controller
+ servers:
+ - port:
+ number: 80
+ name: http
+ protocol: HTTP
+ hosts:
+ - "*"
+---
+apiVersion: networking.istio.io/v1beta1
+kind: VirtualService
+metadata:
+ name: bookinfo
+spec:
+ hosts:
+ - "*"
+ gateways:
+ - bookinfo-gateway
+ http:
+ - match:
+ - uri:
+ exact: /productpage
+ - uri:
+ prefix: /static
+ - uri:
+ exact: /login
+# - uri:
+# exact: /logout
+# - uri:
+# prefix: /api/v1/products
+ rewrite:
+ uri: /
+ route:
+ - destination:
+ host: productpage
+ port:
+ number: 80
\ No newline at end of file
diff --git a/istio_a/default2.yaml b/istio_a/default2.yaml
new file mode 100644
index 0000000..209fac9
--- /dev/null
+++ b/istio_a/default2.yaml
@@ -0,0 +1,53 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: productpage
+ labels:
+ app: productpage
+ service: productpage
+spec:
+ ports:
+ - port: 80
+ name: http
+ selector:
+ app: productpage
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: bookinfo-productpage
+ labels:
+ account: productpage
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: productpage-v1
+ labels:
+ app: productpage
+ version: v1
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: productpage
+ version: v1
+ template:
+ metadata:
+# annotations:
+# prometheus.io/scrape: "true"
+# prometheus.io/port: "9080"
+# prometheus.io/path: "/metrics"
+ labels:
+ app: productpage
+ version: v1
+ spec:
+ serviceAccountName: bookinfo-productpage
+ containers:
+ - name: nginx
+ image: nginx:1.14.2
+ ports:
+ - containerPort: 80
+ volumes:
+ - name: tmp
+ emptyDir: {}
\ No newline at end of file
diff --git a/metallib/README.md b/metallib/README.md
index e9e2e41..88b238a 100644
--- a/metallib/README.md
+++ b/metallib/README.md
@@ -1,34 +1,89 @@
+[//]: # ()
+[//]: # (# https://levelup.gitconnected.com/step-by-step-slow-guide-kubernetes-cluster-on-raspberry-pi-4b-part-3-899fc270600e)
-# https://levelup.gitconnected.com/step-by-step-slow-guide-kubernetes-cluster-on-raspberry-pi-4b-part-3-899fc270600e
+[//]: # ()
+[//]: # ()
+[//]: # (kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/namespace.yaml)
+[//]: # (kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/metallb.yaml)
-kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/namespace.yaml
-kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/metallb.yaml
-
+[//]: # ()
kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
+https://metallb.universe.tf/installation/
+
+https://metallb.universe.tf/configuration/_advanced_l2_configuration/
+
+https://mvallim.github.io/kubernetes-under-the-hood/documentation/kube-metallb.html
-cat << EOF > metalLB-config.yaml
+
+```sh
+kubectl apply -f - << EOF
apiVersion: v1
kind: ConfigMap
metadata:
-namespace: metallb-system
-name: config
+ namespace: metallb-system
+ name: config
data:
-config: |
-address-pools:
-- name: default
-protocol: layer2
-addresses:
-- 192.168.1.30-192.168.1.130
+ config: |
+ address-pools:
+ - name: default
+ protocol: layer2
+ addresses:
+ - 192.168.1.50-192.168.1.130
EOF
+```
+
+
+```sh
+kubectl delete -f - << EOF
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: metallb-system
+ name: config
+data:
+ config: |
+ address-pools:
+ - name: default
+ protocol: layer2
+ addresses:
+ - 192.168.1.50-192.168.1.130
+EOF
+```
-kubectl apply -f metalLB-config.yaml
+```sh
+kubectl apply -f - << EOF
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+ name: first-pool
+ namespace: metallb-system
+spec:
+ addresses:
+ - 192.168.1.50-192.168.1.130
+EOF
+```
+
+```sh
+kubectl delete -f - << EOF
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+ name: first-pool
+ namespace: metallb-system
+spec:
+ addresses:
+ - 192.168.1.50-192.168.1.130
+EOF
+```
+
+
# https://github.com/metallb/metallb/blob/main/design/pool-configuration.md
\ No newline at end of file
diff --git a/metallib/deployment.yaml b/metallib/deployment.yaml
new file mode 100644
index 0000000..7f97379
--- /dev/null
+++ b/metallib/deployment.yaml
@@ -0,0 +1,9 @@
+#kubectl create deployment demo --image=httpd --port=80
+#kubectl expose deployment demo
+#
+#kubectl create ingress demo-localhost --class=nginx \
+#--rule="demo.localdev.me/*=demo:80"
+#
+#
+#
+## kubectl port-forward --namespace=ingress-nginx service/ingress-nginx-controller 8080:80
diff --git a/nginx_ingress/README.md b/nginx_ingress/README.md
new file mode 100644
index 0000000..953a7f8
--- /dev/null
+++ b/nginx_ingress/README.md
@@ -0,0 +1,25 @@
+
+##### https://github.com/istio/istio/tree/master/samples
+
+```shell
+$ kubectl get ingress
+NAME CLASS HOSTS ADDRESS PORTS AGE
+demo-localhost nginx demo.localdev.me 192.168.1.31 80 21h
+$ curl 192.168.1.31
+
+404 Not Found
+
+404 Not Found
+
nginx
+
+
+$ curl 192.168.1.31 -HHOST:demo.localdev.me
+It works!
+```
+
+
+https://kubernetes.github.io/ingress-nginx/user-guide/basic-usage/
+
+ingress-nginx
+
+https://docs.nginx.com/nginx-ingress-controller/
\ No newline at end of file
diff --git a/nginx_ingress/example.yaml b/nginx_ingress/example.yaml
new file mode 100644
index 0000000..2fb62c4
--- /dev/null
+++ b/nginx_ingress/example.yaml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx-deployment
+ #namespace: nginx-ingress-testing
+ labels:
+ environment: nginx-deployment
+spec:
+ selector:
+ matchLabels:
+ name: nginx-service
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ name: nginx-service
+ spec:
+ containers:
+ - name: nginxo
+ image: nginx
+ ports:
+ - containerPort: 80
+ name: http
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: ingress-myservicea
+ #namespace: nginx-ingress-testing
+spec:
+ rules:
+ #- host: *
+ - http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: nginx-deployment
+ port:
+ number: 80
+ ingressClassName: nginx
+#---
+#apiVersion: networking.k8s.io/v1
+#kind: Ingress
+#metadata:
+# name: ingress-myserviceb
+# namespace: nginx-ingress-testing
+#spec:
+# rules:
+# - host: myserviceb.foo.org
+# http:
+# paths:
+# - path: /
+# pathType: Prefix
+# backend:
+# service:
+# name: myserviceb
+# port:
+# number: 80
+# ingressClassName: nginx
\ No newline at end of file
diff --git a/simple_nginx/ingress.yaml b/simple_nginx/ingress.yaml
index 149484b..c252270 100644
--- a/simple_nginx/ingress.yaml
+++ b/simple_nginx/ingress.yaml
@@ -11,7 +11,6 @@
# ports:
# - containerPort: 80
# name: http-web-svc
-
---
apiVersion: v1
kind: Service