doc/tutorial/kubernetes: test evaluation of end results
The simulation test tests whether the expected
files were generated. This could still miss cases
where the generated files were not correct.
Also the simulator did not test the manual case.
This test tests the final end result in both directories.
Change-Id: I08a33a5d084942b4e16e0878f07657d598692dc3
Reviewed-on: https://cue-review.googlesource.com/c/cue/+/2242
Reviewed-by: Marcel van Lohuizen <mpvl@google.com>
diff --git a/doc/tutorial/kubernetes/manual/services/cue.mod b/doc/tutorial/kubernetes/manual/cue.mod
similarity index 100%
rename from doc/tutorial/kubernetes/manual/services/cue.mod
rename to doc/tutorial/kubernetes/manual/cue.mod
diff --git a/doc/tutorial/kubernetes/testdata/manual.out b/doc/tutorial/kubernetes/testdata/manual.out
new file mode 100644
index 0000000..5c3ca38
--- /dev/null
+++ b/doc/tutorial/kubernetes/testdata/manual.out
@@ -0,0 +1,7380 @@
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services
+_base: {
+ name: string
+ label: {
+ component: string
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ }
+ deployments: {
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+}
+service: {
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/frontend
+_base: {
+ name: string
+ label: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ }
+ deployments: {
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+}
+service: {
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/frontend/bartender
+_base: {
+ name: string
+ label: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ bartender: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "bartender"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "bartender"
+ labels: {
+ component: "frontend"
+ app: "bartender"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ bartender: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "bartender"
+ image: "gcr.io/myproj/bartender:v0.1.34"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }]
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "bartender"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "bartender"
+ labels: {
+ component: "frontend"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ bartender: {
+ name: "bartender"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "frontend"
+ app: "bartender"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/bartender:v0.1.34"
+ expose: {
+ port: {
+ http: 7080
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ bartender: {
+ name: "bartender"
+ label: {
+ component: "frontend"
+ app: "bartender"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/frontend/breaddispatcher
+_base: {
+ name: string
+ label: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ breaddispatcher: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "breaddispatcher"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "breaddispatcher"
+ labels: {
+ component: "frontend"
+ app: "breaddispatcher"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ breaddispatcher: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "breaddispatcher"
+ image: "gcr.io/myproj/breaddispatcher:v0.3.24"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }]
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "breaddispatcher"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "breaddispatcher"
+ labels: {
+ component: "frontend"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ breaddispatcher: {
+ name: "breaddispatcher"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "frontend"
+ app: "breaddispatcher"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/breaddispatcher:v0.3.24"
+ expose: {
+ port: {
+ http: 7080
+ }
+ }
+ port: {
+ }
+ arg: {
+ etcd: "etcd:2379"
+ "event-server": "events:7788"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ breaddispatcher: {
+ name: "breaddispatcher"
+ label: {
+ component: "frontend"
+ app: "breaddispatcher"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/frontend/host
+_base: {
+ name: string
+ label: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ host: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "host"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "host"
+ labels: {
+ component: "frontend"
+ app: "host"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ host: {
+ kind: "Deployment"
+ spec: {
+ replicas: 2
+ template: {
+ spec: {
+ containers: [{
+ name: "host"
+ image: "gcr.io/myproj/host:v0.1.10"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }]
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "host"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "host"
+ labels: {
+ component: "frontend"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ host: {
+ name: "host"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "frontend"
+ app: "host"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 2
+ image: "gcr.io/myproj/host:v0.1.10"
+ expose: {
+ port: {
+ http: 7080
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ host: {
+ name: "host"
+ label: {
+ component: "frontend"
+ app: "host"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/frontend/maitred
+_base: {
+ name: string
+ label: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ maitred: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "maitred"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "maitred"
+ labels: {
+ component: "frontend"
+ app: "maitred"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ maitred: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "maitred"
+ image: "gcr.io/myproj/maitred:v0.0.4"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }]
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "maitred"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "maitred"
+ labels: {
+ component: "frontend"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ maitred: {
+ name: "maitred"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "frontend"
+ app: "maitred"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/maitred:v0.0.4"
+ expose: {
+ port: {
+ http: 7080
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ maitred: {
+ name: "maitred"
+ label: {
+ component: "frontend"
+ app: "maitred"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/frontend/valeter
+_base: {
+ name: string
+ label: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ valeter: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "valeter"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "valeter"
+ labels: {
+ component: "frontend"
+ app: "valeter"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ valeter: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "valeter"
+ image: "gcr.io/myproj/valeter:v0.0.4"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 8080
+ }]
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "valeter"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "8080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "valeter"
+ labels: {
+ component: "frontend"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ valeter: {
+ name: "valeter"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "frontend"
+ app: "valeter"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "8080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/valeter:v0.0.4"
+ expose: {
+ port: {
+ http: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ http: ":8080"
+ etcd: "etcd:2379"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ valeter: {
+ name: "valeter"
+ label: {
+ component: "frontend"
+ app: "valeter"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/frontend/waiter
+_base: {
+ name: string
+ label: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ waiter: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "waiter"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "waiter"
+ labels: {
+ component: "frontend"
+ app: "waiter"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ waiter: {
+ kind: "Deployment"
+ spec: {
+ replicas: 5
+ template: {
+ spec: {
+ containers: [{
+ name: "waiter"
+ image: "gcr.io/myproj/waiter:v0.3.0"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }]
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "waiter"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "waiter"
+ labels: {
+ component: "frontend"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ waiter: {
+ name: "waiter"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "frontend"
+ app: "waiter"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 5
+ image: "gcr.io/myproj/waiter:v0.3.0"
+ expose: {
+ port: {
+ http: 7080
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ waiter: {
+ name: "waiter"
+ label: {
+ component: "frontend"
+ app: "waiter"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/frontend/waterdispatcher
+_base: {
+ name: string
+ label: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ waterdispatcher: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "waterdispatcher"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "waterdispatcher"
+ labels: {
+ component: "frontend"
+ app: "waterdispatcher"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ waterdispatcher: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "waterdispatcher"
+ image: "gcr.io/myproj/waterdispatcher:v0.0.48"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }]
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "waterdispatcher"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "waterdispatcher"
+ labels: {
+ component: "frontend"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ waterdispatcher: {
+ name: "waterdispatcher"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "frontend"
+ app: "waterdispatcher"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/waterdispatcher:v0.0.48"
+ expose: {
+ port: {
+ http: 7080
+ }
+ }
+ port: {
+ }
+ arg: {
+ http: ":8080"
+ etcd: "etcd:2379"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ waterdispatcher: {
+ name: "waterdispatcher"
+ label: {
+ component: "frontend"
+ app: "waterdispatcher"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 7080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/infra
+_base: {
+ name: string
+ label: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ }
+ deployments: {
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+}
+service: {
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/infra/download
+_base: {
+ name: string
+ label: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ download: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "infra"
+ app: "download"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 7080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "download"
+ labels: {
+ component: "infra"
+ app: "download"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ download: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "download"
+ image: "gcr.io/myproj/download:v0.0.2"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 7080
+ }]
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "download"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "download"
+ labels: {
+ component: "infra"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ download: {
+ name: "download"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "infra"
+ app: "download"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ replicas: 1
+ image: "gcr.io/myproj/download:v0.0.2"
+ expose: {
+ port: {
+ client: 7080
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ download: {
+ name: "download"
+ label: {
+ component: "infra"
+ app: "download"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 7080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/infra/etcd
+_base: {
+ name: string
+ label: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ etcd: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "infra"
+ app: "etcd"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 2379
+ protocol: "TCP"
+ }, {
+ name: "peer"
+ port: 2380
+ protocol: "TCP"
+ }]
+ clusterIP: "None"
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "etcd"
+ labels: {
+ component: "infra"
+ app: "etcd"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ }
+ statefulSets: {
+ etcd: {
+ kind: "StatefulSet"
+ spec: {
+ replicas: 3
+ template: {
+ spec: {
+ containers: [{
+ name: "etcd"
+ env: [{
+ name: "ETCDCTL_API"
+ value: "3"
+ }, {
+ name: "ETCD_AUTO_COMPACTION_RETENTION"
+ value: "4"
+ }, {
+ name: "NAME"
+ valueFrom: {
+ fieldRef: {
+ fieldPath: "metadata.name"
+ }
+ }
+ }, {
+ name: "IP"
+ valueFrom: {
+ fieldRef: {
+ fieldPath: "status.podIP"
+ }
+ }
+ }]
+ image: "quay.io/coreos/etcd:v3.3.10"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 2379
+ }, {
+ name: "peer"
+ containerPort: 2380
+ }]
+ command: ["/usr/local/bin/etcd"]
+ volumeMounts: [{
+ name: "etcd3"
+ mountPath: "/data"
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/health"
+ port: "client"
+ }
+ initialDelaySeconds: 30
+ }
+ }]
+ affinity: {
+ podAntiAffinity: {
+ requiredDuringSchedulingIgnoredDuringExecution: [{
+ labelSelector: {
+ matchExpressions: [{
+ key: "app"
+ operator: "In"
+ values: ["etcd"]
+ }]
+ }
+ topologyKey: "kubernetes.io/hostname"
+ }]
+ }
+ }
+ terminationGracePeriodSeconds: 10
+ }
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "etcd"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "2379"
+ }
+ }
+ }
+ volumeClaimTemplates: [{
+ spec: {
+ accessModes: ["ReadWriteOnce"]
+ resources: {
+ requests: {
+ storage: "10Gi"
+ }
+ }
+ }
+ metadata: {
+ name: "etcd3"
+ annotations: {
+ "volume.alpha.kubernetes.io/storage-class": "default"
+ }
+ }
+ }]
+ serviceName: "etcd"
+ }
+ apiVersion: "apps/v1beta1"
+ metadata: {
+ name: "etcd"
+ labels: {
+ component: "infra"
+ }
+ }
+ }
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ etcd: {
+ name: "etcd"
+ kind: "stateful"
+ env: {
+ ETCDCTL_API: "3"
+ ETCD_AUTO_COMPACTION_RETENTION: "4"
+ }
+ label: {
+ component: "infra"
+ app: "etcd"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ command: ["/usr/local/bin/etcd"]
+ volumeMounts: [{
+ name: "etcd3"
+ mountPath: "/data"
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/health"
+ port: "client"
+ }
+ initialDelaySeconds: 30
+ }
+ }]
+ affinity: {
+ podAntiAffinity: {
+ requiredDuringSchedulingIgnoredDuringExecution: [{
+ labelSelector: {
+ matchExpressions: [{
+ key: "app"
+ operator: "In"
+ values: ["etcd"]
+ }]
+ }
+ topologyKey: "kubernetes.io/hostname"
+ }]
+ }
+ }
+ terminationGracePeriodSeconds: 10
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "2379"
+ }
+ }
+ }
+ volumeClaimTemplates: [{
+ spec: {
+ accessModes: ["ReadWriteOnce"]
+ resources: {
+ requests: {
+ storage: "10Gi"
+ }
+ }
+ }
+ metadata: {
+ name: "etcd3"
+ annotations: {
+ "volume.alpha.kubernetes.io/storage-class": "default"
+ }
+ }
+ }]
+ serviceName: "etcd"
+ }
+ }
+ replicas: 3
+ image: "quay.io/coreos/etcd:v3.3.10"
+ expose: {
+ port: {
+ client: 2379
+ peer: 2380
+ }
+ }
+ port: {
+ }
+ arg: {
+ name: "$(NAME)"
+ "data-dir": "/data/etcd3"
+ "initial-advertise-peer-urls": "http://$(IP):2380"
+ "listen-peer-urls": "http://$(IP):2380"
+ "listen-client-urls": "http://$(IP):2379,http://127.0.0.1:2379"
+ "advertise-client-urls": "http://$(IP):2379"
+ discovery: "https://discovery.etcd.io/xxxxxx"
+ }
+ args: []
+ envSpec: {
+ ETCDCTL_API: {
+ value: "3"
+ }
+ ETCD_AUTO_COMPACTION_RETENTION: {
+ value: "4"
+ }
+ NAME: {
+ valueFrom: {
+ fieldRef: {
+ fieldPath: "metadata.name"
+ }
+ }
+ }
+ IP: {
+ valueFrom: {
+ fieldRef: {
+ fieldPath: "status.podIP"
+ }
+ }
+ }
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ etcd: {
+ name: "etcd"
+ label: {
+ component: "infra"
+ app: "etcd"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ clusterIP: "None"
+ }
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 2379
+ protocol: "TCP"
+ }
+ peer: {
+ name: "peer"
+ port: 2380
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/infra/events
+_base: {
+ name: string
+ label: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ events: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "infra"
+ app: "events"
+ domain: "prod"
+ }
+ ports: [{
+ name: "grpc"
+ port: 7788
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "events"
+ labels: {
+ component: "infra"
+ app: "events"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ events: {
+ kind: "Deployment"
+ spec: {
+ replicas: 2
+ template: {
+ spec: {
+ containers: [{
+ name: "events"
+ image: "gcr.io/myproj/events:v0.1.31"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }, {
+ name: "grpc"
+ containerPort: 7788
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }]
+ }]
+ affinity: {
+ podAntiAffinity: {
+ requiredDuringSchedulingIgnoredDuringExecution: [{
+ labelSelector: {
+ matchExpressions: [{
+ key: "app"
+ operator: "In"
+ values: ["events"]
+ }]
+ }
+ topologyKey: "kubernetes.io/hostname"
+ }]
+ }
+ }
+ volumes: [{
+ name: "secret-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "events"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "events"
+ labels: {
+ component: "infra"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ events: {
+ name: "events"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "infra"
+ app: "events"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ affinity: {
+ podAntiAffinity: {
+ requiredDuringSchedulingIgnoredDuringExecution: [{
+ labelSelector: {
+ matchExpressions: [{
+ key: "app"
+ operator: "In"
+ values: ["events"]
+ }]
+ }
+ topologyKey: "kubernetes.io/hostname"
+ }]
+ }
+ }
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 2
+ image: "gcr.io/myproj/events:v0.1.31"
+ expose: {
+ port: {
+ grpc: 7788
+ }
+ }
+ port: {
+ http: 7080
+ }
+ arg: {
+ key: "/etc/ssl/server.key"
+ cert: "/etc/ssl/server.pem"
+ grpc: ":7788"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-volume": {
+ name: "secret-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/ssl"
+ subPath: null
+ readOnly: false
+ spec: {
+ secret: {
+ secretName: "biz-secrets"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ events: {
+ name: "events"
+ label: {
+ component: "infra"
+ app: "events"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ grpc: {
+ name: "grpc"
+ port: 7788
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/infra/tasks
+_base: {
+ name: string
+ label: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ tasks: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "infra"
+ app: "tasks"
+ domain: "prod"
+ }
+ ports: [{
+ name: "https"
+ port: 443
+ protocol: "TCP"
+ targetPort: 7443
+ }]
+ type: "LoadBalancer"
+ loadBalancerIP: "1.2.3.4"
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "tasks"
+ labels: {
+ component: "infra"
+ app: "tasks"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ tasks: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "tasks"
+ image: "gcr.io/myproj/tasks:v0.2.6"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }, {
+ name: "https"
+ containerPort: 7443
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }]
+ }]
+ volumes: [{
+ name: "secret-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "tasks"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "tasks"
+ labels: {
+ component: "infra"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ tasks: {
+ name: "tasks"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "infra"
+ app: "tasks"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/tasks:v0.2.6"
+ expose: {
+ port: {
+ https: 7443
+ }
+ }
+ port: {
+ http: 7080
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-volume": {
+ name: "secret-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/ssl"
+ subPath: null
+ readOnly: false
+ spec: {
+ secret: {
+ secretName: "star-example-com-secrets"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ tasks: {
+ name: "tasks"
+ label: {
+ component: "infra"
+ app: "tasks"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ type: "LoadBalancer"
+ loadBalancerIP: "1.2.3.4"
+ }
+ }
+ port: {
+ https: {
+ name: "https"
+ port: 443
+ protocol: "TCP"
+ targetPort: 7443
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/infra/updater
+_base: {
+ name: string
+ label: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ updater: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "infra"
+ app: "updater"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "updater"
+ labels: {
+ component: "infra"
+ app: "updater"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ updater: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "updater"
+ image: "gcr.io/myproj/updater:v0.1.0"
+ args: ["-key=/etc/certs/updater.pem"]
+ ports: [{
+ name: "http"
+ containerPort: 8080
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-updater"
+ mountPath: "/etc/certs"
+ }]
+ }]
+ volumes: [{
+ name: "secret-updater"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "updater"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "updater"
+ labels: {
+ component: "infra"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ updater: {
+ name: "updater"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "infra"
+ app: "updater"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ replicas: 1
+ image: "gcr.io/myproj/updater:v0.1.0"
+ expose: {
+ port: {
+ http: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: ["-key=/etc/certs/updater.pem"]
+ envSpec: {
+ }
+ volume: {
+ "secret-updater": {
+ name: "secret-updater"
+ kubernetes: {
+ }
+ mountPath: "/etc/certs"
+ subPath: null
+ readOnly: false
+ spec: {
+ secret: {
+ secretName: "updater-secrets"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ updater: {
+ name: "updater"
+ label: {
+ component: "infra"
+ app: "updater"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/infra/watcher
+_base: {
+ name: string
+ label: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ watcher: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "infra"
+ app: "watcher"
+ domain: "prod"
+ }
+ ports: [{
+ name: "https"
+ port: 7788
+ protocol: "TCP"
+ }]
+ type: "LoadBalancer"
+ loadBalancerIP: "1.2.3.4"
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "watcher"
+ labels: {
+ component: "infra"
+ app: "watcher"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ watcher: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "watcher"
+ image: "gcr.io/myproj/watcher:v0.1.0"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 7080
+ }, {
+ name: "https"
+ containerPort: 7788
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }]
+ }]
+ volumes: [{
+ name: "secret-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "watcher"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "watcher"
+ labels: {
+ component: "infra"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ watcher: {
+ name: "watcher"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "infra"
+ app: "watcher"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ replicas: 1
+ image: "gcr.io/myproj/watcher:v0.1.0"
+ expose: {
+ port: {
+ https: 7788
+ }
+ }
+ port: {
+ http: 7080
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-volume": {
+ name: "secret-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/ssl"
+ subPath: null
+ readOnly: false
+ spec: {
+ secret: {
+ secretName: "star-example-com-secrets"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ watcher: {
+ name: "watcher"
+ label: {
+ component: "infra"
+ app: "watcher"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ type: "LoadBalancer"
+ loadBalancerIP: "1.2.3.4"
+ }
+ }
+ port: {
+ https: {
+ name: "https"
+ port: 7788
+ protocol: "TCP"
+ }
+ }
+ ports: {
+ https: {
+ port: 7788
+ targetPort: 7788
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/kitchen
+_base: {
+ name: string
+ label: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ }
+ deployments: {
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+}
+service: {
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+_kitchenDeployment: {
+ name: string
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ volume: {
+ _|_ /* incomplete */
+
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/kitchen/caller
+_base: {
+ name: string
+ label: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ caller: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "caller"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "caller"
+ labels: {
+ component: "kitchen"
+ app: "caller"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ caller: {
+ kind: "Deployment"
+ spec: {
+ replicas: 3
+ template: {
+ spec: {
+ containers: [{
+ name: "caller"
+ image: "gcr.io/myproj/caller:v0.20.14"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 8080
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "ssd-caller"
+ mountPath: "/logs"
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-ssh-key"
+ mountPath: "/sslcerts"
+ readOnly: true
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-caller"
+ mountPath: "/etc/certs"
+ readOnly: true
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ volumes: [{
+ name: "ssd-caller"
+ }, {
+ name: "secret-ssh-key"
+ }, {
+ name: "secret-caller"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "caller"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "caller"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ caller: {
+ name: "caller"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "kitchen"
+ app: "caller"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ }
+ replicas: 3
+ image: "gcr.io/myproj/caller:v0.20.14"
+ expose: {
+ port: {
+ client: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ key: "/etc/certs/client.key"
+ cert: "/etc/certs/client.pem"
+ logdir: "/logs"
+ ca: "/etc/certs/servfx.ca"
+ "ssh-tunnel-key": "/sslcerts/tunnel-private.pem"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "caller-disk": {
+ name: "ssd-caller"
+ kubernetes: {
+ }
+ mountPath: "/logs"
+ subPath: null
+ readOnly: false
+ spec: {
+ gcePersistentDisk: {
+ pdName: "ssd-caller"
+ fsType: "ext4"
+ }
+ }
+ }
+ "secret-ssh-key": {
+ name: "secret-ssh-key"
+ kubernetes: {
+ }
+ mountPath: "/sslcerts"
+ subPath: null
+ readOnly: true
+ spec: {
+ secret: {
+ secretName: "secrets"
+ }
+ }
+ }
+ "secret-caller": {
+ name: "secret-caller"
+ kubernetes: {
+ }
+ mountPath: "/etc/certs"
+ subPath: null
+ readOnly: true
+ spec: {
+ secret: {
+ secretName: "caller-secrets"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ caller: {
+ name: "caller"
+ label: {
+ component: "kitchen"
+ app: "caller"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+_kitchenDeployment: {
+ name: string
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ volume: {
+ _|_ /* incomplete */
+
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/kitchen/dishwasher
+_base: {
+ name: string
+ label: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ dishwasher: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "dishwasher"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "dishwasher"
+ labels: {
+ component: "kitchen"
+ app: "dishwasher"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ dishwasher: {
+ kind: "Deployment"
+ spec: {
+ replicas: 5
+ template: {
+ spec: {
+ containers: [{
+ name: "dishwasher"
+ image: "gcr.io/myproj/dishwasher:v0.2.13"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 8080
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-ssh-key"
+ mountPath: "/sslcerts"
+ readOnly: true
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "dishwasher-disk"
+ mountPath: "/logs"
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-dishwasher"
+ mountPath: "/etc/certs"
+ readOnly: true
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ volumes: [{
+ name: "secret-ssh-key"
+ }, {
+ name: "dishwasher-disk"
+ }, {
+ name: "secret-dishwasher"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "dishwasher"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "dishwasher"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ dishwasher: {
+ name: "dishwasher"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "kitchen"
+ app: "dishwasher"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ }
+ replicas: 5
+ image: "gcr.io/myproj/dishwasher:v0.2.13"
+ expose: {
+ port: {
+ client: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ "ssh-tunnel-key": "/etc/certs/tunnel-private.pem"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-ssh-key": {
+ name: "secret-ssh-key"
+ kubernetes: {
+ }
+ mountPath: "/sslcerts"
+ subPath: null
+ readOnly: true
+ spec: {
+ secret: {
+ secretName: "secrets"
+ }
+ }
+ }
+ "dishwasher-disk": {
+ name: "dishwasher-disk"
+ kubernetes: {
+ }
+ mountPath: "/logs"
+ subPath: null
+ readOnly: false
+ spec: {
+ gcePersistentDisk: {
+ pdName: "dishwasher-disk"
+ fsType: "ext4"
+ }
+ }
+ }
+ "secret-dishwasher": {
+ name: "secret-dishwasher"
+ kubernetes: {
+ }
+ mountPath: "/etc/certs"
+ subPath: null
+ readOnly: true
+ spec: {
+ secret: {
+ secretName: "dishwasher-secrets"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ dishwasher: {
+ name: "dishwasher"
+ label: {
+ component: "kitchen"
+ app: "dishwasher"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+_kitchenDeployment: {
+ name: string
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ volume: {
+ _|_ /* incomplete */
+
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/kitchen/expiditer
+_base: {
+ name: string
+ label: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ expiditer: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "expiditer"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "expiditer"
+ labels: {
+ component: "kitchen"
+ app: "expiditer"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ expiditer: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "expiditer"
+ image: "gcr.io/myproj/expiditer:v0.5.34"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 8080
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "expiditer-disk"
+ mountPath: "/logs"
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-expiditer"
+ mountPath: "/etc/certs"
+ readOnly: true
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ volumes: [{
+ name: "expiditer-disk"
+ }, {
+ name: "secret-expiditer"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "expiditer"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "expiditer"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ expiditer: {
+ name: "expiditer"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "kitchen"
+ app: "expiditer"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/expiditer:v0.5.34"
+ expose: {
+ port: {
+ client: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ "ssh-tunnel-key": "/etc/certs/tunnel-private.pem"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "expiditer-disk": {
+ name: "expiditer-disk"
+ kubernetes: {
+ }
+ mountPath: "/logs"
+ subPath: null
+ readOnly: false
+ spec: {
+ gcePersistentDisk: {
+ pdName: "expiditer-disk"
+ fsType: "ext4"
+ }
+ }
+ }
+ "secret-expiditer": {
+ name: "secret-expiditer"
+ kubernetes: {
+ }
+ mountPath: "/etc/certs"
+ subPath: null
+ readOnly: true
+ spec: {
+ secret: {
+ secretName: "expiditer-secrets"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ expiditer: {
+ name: "expiditer"
+ label: {
+ component: "kitchen"
+ app: "expiditer"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+_kitchenDeployment: {
+ name: string
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ volume: {
+ _|_ /* incomplete */
+
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/kitchen/headchef
+_base: {
+ name: string
+ label: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ headchef: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "headchef"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "headchef"
+ labels: {
+ component: "kitchen"
+ app: "headchef"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ headchef: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "headchef"
+ image: "gcr.io/myproj/headchef:v0.2.16"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 8080
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-headchef"
+ mountPath: "/sslcerts"
+ readOnly: true
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "headchef-disk"
+ mountPath: "/logs"
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ volumes: [{
+ name: "secret-headchef"
+ }, {
+ name: "headchef-disk"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "headchef"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "headchef"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ headchef: {
+ name: "headchef"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "kitchen"
+ app: "headchef"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/headchef:v0.2.16"
+ expose: {
+ port: {
+ client: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-headchef": {
+ name: "secret-headchef"
+ kubernetes: {
+ }
+ mountPath: "/sslcerts"
+ subPath: null
+ readOnly: true
+ spec: {
+ secret: {
+ secretName: "headchef-secrets"
+ }
+ }
+ }
+ "headchef-disk": {
+ name: "headchef-disk"
+ kubernetes: {
+ }
+ mountPath: "/logs"
+ subPath: null
+ readOnly: false
+ spec: {
+ gcePersistentDisk: {
+ pdName: "headchef-disk"
+ fsType: "ext4"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ headchef: {
+ name: "headchef"
+ label: {
+ component: "kitchen"
+ app: "headchef"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+_kitchenDeployment: {
+ name: string
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ volume: {
+ _|_ /* incomplete */
+
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/kitchen/linecook
+_base: {
+ name: string
+ label: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ linecook: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "linecook"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "linecook"
+ labels: {
+ component: "kitchen"
+ app: "linecook"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ linecook: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "linecook"
+ image: "gcr.io/myproj/linecook:v0.1.42"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 8080
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-kitchen"
+ mountPath: "/etc/certs"
+ readOnly: true
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "linecook-disk"
+ mountPath: "/logs"
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ volumes: [{
+ name: "secret-kitchen"
+ }, {
+ name: "linecook-disk"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "linecook"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "linecook"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ linecook: {
+ name: "linecook"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "kitchen"
+ app: "linecook"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/linecook:v0.1.42"
+ expose: {
+ port: {
+ client: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ name: "linecook"
+ env: "prod"
+ etcd: "etcd:2379"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ "reconnect-delay": "1h"
+ "-recovery-overlap": "100000"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-linecook": {
+ name: "secret-kitchen"
+ kubernetes: {
+ }
+ mountPath: "/etc/certs"
+ subPath: null
+ readOnly: true
+ spec: {
+ secret: {
+ secretName: "linecook-secrets"
+ }
+ }
+ }
+ "linecook-disk": {
+ name: "linecook-disk"
+ kubernetes: {
+ }
+ mountPath: "/logs"
+ subPath: null
+ readOnly: false
+ spec: {
+ gcePersistentDisk: {
+ pdName: "linecook-disk"
+ fsType: "ext4"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ linecook: {
+ name: "linecook"
+ label: {
+ component: "kitchen"
+ app: "linecook"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+_kitchenDeployment: {
+ name: string
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ volume: {
+ _|_ /* incomplete */
+
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/kitchen/pastrychef
+_base: {
+ name: string
+ label: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ pastrychef: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "pastrychef"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "pastrychef"
+ labels: {
+ component: "kitchen"
+ app: "pastrychef"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ pastrychef: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "pastrychef"
+ image: "gcr.io/myproj/pastrychef:v0.1.15"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 8080
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-ssh-key"
+ mountPath: "/etc/certs"
+ readOnly: true
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "pastrychef-disk"
+ mountPath: "/logs"
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ volumes: [{
+ name: "secret-ssh-key"
+ }, {
+ name: "pastrychef-disk"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "pastrychef"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "pastrychef"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ pastrychef: {
+ name: "pastrychef"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "kitchen"
+ app: "pastrychef"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/pastrychef:v0.1.15"
+ expose: {
+ port: {
+ client: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ env: "prod"
+ etcd: "etcd:2379"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ "ssh-tunnel-key": "/etc/certs/tunnel-private.pem"
+ "reconnect-delay": "1m"
+ "recovery-overlap": "10000"
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-pastrychef": {
+ name: "secret-ssh-key"
+ kubernetes: {
+ }
+ mountPath: "/etc/certs"
+ subPath: null
+ readOnly: true
+ spec: {
+ secret: {
+ secretName: "secrets"
+ }
+ }
+ }
+ "pastrychef-disk": {
+ name: "pastrychef-disk"
+ kubernetes: {
+ }
+ mountPath: "/logs"
+ subPath: null
+ readOnly: false
+ spec: {
+ gcePersistentDisk: {
+ pdName: "pastrychef-disk"
+ fsType: "ext4"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ pastrychef: {
+ name: "pastrychef"
+ label: {
+ component: "kitchen"
+ app: "pastrychef"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+_kitchenDeployment: {
+ name: string
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ volume: {
+ _|_ /* incomplete */
+
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/kitchen/souschef
+_base: {
+ name: string
+ label: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ souschef: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "souschef"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "souschef"
+ labels: {
+ component: "kitchen"
+ app: "souschef"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ souschef: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "souschef"
+ image: "gcr.io/myproj/souschef:v0.5.3"
+ args: []
+ ports: [{
+ name: "client"
+ containerPort: 8080
+ }]
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "souschef"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "souschef"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ souschef: {
+ name: "souschef"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "kitchen"
+ app: "souschef"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ livenessProbe: {
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ }
+ }]
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "gcr.io/myproj/souschef:v0.5.3"
+ expose: {
+ port: {
+ client: 8080
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ }
+ }
+}
+service: {
+ souschef: {
+ name: "souschef"
+ label: {
+ component: "kitchen"
+ app: "souschef"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 8080
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+_kitchenDeployment: {
+ name: string
+ arg: {
+ env: "prod"
+ "event-server": "events:7788"
+ logdir: "/logs"
+ }
+ volume: {
+ _|_ /* incomplete */
+
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/mon
+_base: {
+ name: string
+ label: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ }
+ deployments: {
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+}
+service: {
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/mon/alertmanager
+_base: {
+ name: string
+ label: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ alertmanager: {
+ kind: "Service"
+ spec: {
+ selector: {
+ name: "alertmanager"
+ component: "mon"
+ app: "alertmanager"
+ domain: "prod"
+ }
+ ports: [{
+ name: "main"
+ port: 9093
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "alertmanager"
+ labels: {
+ name: "alertmanager"
+ component: "mon"
+ app: "alertmanager"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io/scrape": "true"
+ "prometheus.io/path": "/metrics"
+ }
+ }
+ }
+ }
+ deployments: {
+ alertmanager: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ selector: {
+ matchLabels: {
+ app: "alertmanager"
+ }
+ }
+ template: {
+ spec: {
+ containers: [{
+ name: "alertmanager"
+ image: "prom/alertmanager:v0.15.2"
+ args: ["--config.file=/etc/alertmanager/alerts.yaml", "--storage.path=/alertmanager", "--web.external-url=https://alertmanager.example.com"]
+ ports: [{
+ name: "alertmanager"
+ containerPort: 9093
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "alertmanager"
+ mountPath: "/alertmanager"
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "config-volume"
+ mountPath: "/etc/alertmanager"
+ }]
+ }]
+ volumes: [{
+ name: "alertmanager"
+ }, {
+ name: "config-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "mon"
+ app: "alertmanager"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "alertmanager"
+ labels: {
+ component: "mon"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ alertmanager: {
+ kind: "ConfigMap"
+ apiVersion: "v1"
+ metadata: {
+ name: "alertmanager"
+ labels: {
+ component: "mon"
+ }
+ }
+ data: {
+ "alerts.yaml": """
+ receivers:
+ - name: pager
+ slack_configs:
+ - channel: '#cloudmon'
+ send_resolved: true
+ text: |-
+ {{ range .Alerts }}{{ .Annotations.description }}
+ {{ end }}
+ route:
+ group_by:
+ - alertname
+ - cluster
+ receiver: pager
+
+ """
+ }
+ }
+ }
+}
+deployment: {
+ alertmanager: {
+ name: "alertmanager"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "mon"
+ app: "alertmanager"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ selector: {
+ matchLabels: {
+ app: "alertmanager"
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "prom/alertmanager:v0.15.2"
+ expose: {
+ port: {
+ alertmanager: 9093
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: ["--config.file=/etc/alertmanager/alerts.yaml", "--storage.path=/alertmanager", "--web.external-url=https://alertmanager.example.com"]
+ envSpec: {
+ }
+ volume: {
+ alertmanager: {
+ name: "alertmanager"
+ kubernetes: {
+ }
+ mountPath: "/alertmanager"
+ subPath: null
+ readOnly: false
+ spec: {
+ emptyDir: {
+ }
+ }
+ }
+ "config-volume": {
+ name: "config-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/alertmanager"
+ subPath: null
+ readOnly: false
+ spec: {
+ configMap: {
+ name: "alertmanager"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ alertmanager: {
+ name: "alertmanager"
+ label: {
+ name: "alertmanager"
+ component: "mon"
+ app: "alertmanager"
+ domain: "prod"
+ }
+ kubernetes: {
+ metadata: {
+ annotations: {
+ "prometheus.io/scrape": "true"
+ "prometheus.io/path": "/metrics"
+ }
+ }
+ }
+ port: {
+ alertmanager: {
+ name: "main"
+ port: 9093
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+ alertmanager: {
+ "alerts.yaml": """
+ receivers:
+ - name: pager
+ slack_configs:
+ - channel: '#cloudmon'
+ send_resolved: true
+ text: |-
+ {{ range .Alerts }}{{ .Annotations.description }}
+ {{ end }}
+ route:
+ group_by:
+ - alertname
+ - cluster
+ receiver: pager
+
+ """
+ }
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/mon/grafana
+_base: {
+ name: string
+ label: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ grafana: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "mon"
+ app: "grafana"
+ domain: "prod"
+ }
+ ports: [{
+ name: "grafana"
+ port: 3000
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "grafana"
+ labels: {
+ component: "mon"
+ app: "grafana"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ grafana: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "grafana"
+ env: [{
+ name: "GF_AUTH_BASIC_ENABLED"
+ value: "false"
+ }, {
+ name: "GF_AUTH_ANONYMOUS_ENABLED"
+ value: "true"
+ }, {
+ name: "GF_AUTH_ANONYMOUS_ORG_ROLE"
+ value: "admin"
+ }]
+ image: "grafana/grafana:4.5.2"
+ args: []
+ ports: [{
+ name: "grafana"
+ containerPort: 3000
+ }, {
+ name: "web"
+ containerPort: 8080
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "grafana-volume"
+ mountPath: "/var/lib/grafana"
+ }]
+ resources: {
+ requests: {
+ cpu: "100m"
+ memory: "100Mi"
+ }
+ limits: {
+ cpu: "100m"
+ memory: "100Mi"
+ }
+ }
+ }]
+ volumes: [{
+ name: "grafana-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "mon"
+ app: "grafana"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "grafana"
+ labels: {
+ component: "mon"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ grafana: {
+ name: "grafana"
+ kind: "deployment"
+ env: {
+ GF_AUTH_BASIC_ENABLED: "false"
+ GF_AUTH_ANONYMOUS_ENABLED: "true"
+ GF_AUTH_ANONYMOUS_ORG_ROLE: "admin"
+ }
+ label: {
+ component: "mon"
+ app: "grafana"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ resources: {
+ requests: {
+ cpu: "100m"
+ memory: "100Mi"
+ }
+ limits: {
+ cpu: "100m"
+ memory: "100Mi"
+ }
+ }
+ }]
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "grafana/grafana:4.5.2"
+ expose: {
+ port: {
+ grafana: 3000
+ }
+ }
+ port: {
+ web: 8080
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ GF_AUTH_BASIC_ENABLED: {
+ value: "false"
+ }
+ GF_AUTH_ANONYMOUS_ENABLED: {
+ value: "true"
+ }
+ GF_AUTH_ANONYMOUS_ORG_ROLE: {
+ value: "admin"
+ }
+ }
+ volume: {
+ "grafana-volume": {
+ name: "grafana-volume"
+ kubernetes: {
+ }
+ mountPath: "/var/lib/grafana"
+ subPath: null
+ readOnly: false
+ spec: {
+ gcePersistentDisk: {
+ pdName: "grafana-volume"
+ fsType: "ext4"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ grafana: {
+ name: "grafana"
+ label: {
+ component: "mon"
+ app: "grafana"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ grafana: {
+ name: "grafana"
+ port: 3000
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/mon/nodeexporter
+_base: {
+ name: string
+ label: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ "node-exporter": {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "mon"
+ app: "node-exporter"
+ domain: "prod"
+ }
+ ports: [{
+ name: "metrics"
+ port: 9100
+ protocol: "TCP"
+ }]
+ clusterIP: "None"
+ type: "ClusterIP"
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "node-exporter"
+ labels: {
+ component: "mon"
+ app: "node-exporter"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io/scrape": "true"
+ }
+ }
+ }
+ }
+ deployments: {
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ "node-exporter": {
+ kind: "DaemonSet"
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ name: "node-exporter"
+ image: "quay.io/prometheus/node-exporter:v0.16.0"
+ args: ["--path.procfs=/host/proc", "--path.sysfs=/host/sys"]
+ ports: [{
+ name: "scrape"
+ containerPort: 9100
+ hostPort: 9100
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "proc"
+ mountPath: "/host/proc"
+ readOnly: true
+ }, {
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "sys"
+ mountPath: "/host/sys"
+ readOnly: true
+ }]
+ resources: {
+ requests: {
+ cpu: "100m"
+ memory: "30Mi"
+ }
+ limits: {
+ cpu: "200m"
+ memory: "50Mi"
+ }
+ }
+ }]
+ hostNetwork: true
+ hostPID: true
+ volumes: [{
+ name: "proc"
+ }, {
+ name: "sys"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "mon"
+ app: "node-exporter"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "node-exporter"
+ labels: {
+ component: "mon"
+ }
+ }
+ }
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ "node-exporter": {
+ name: "node-exporter"
+ kind: "daemon"
+ env: {
+ }
+ label: {
+ component: "mon"
+ app: "node-exporter"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ containers: [{
+ ports: [{
+ hostPort: 9100
+ }]
+ resources: {
+ requests: {
+ cpu: "100m"
+ memory: "30Mi"
+ }
+ limits: {
+ cpu: "200m"
+ memory: "50Mi"
+ }
+ }
+ }]
+ hostNetwork: true
+ hostPID: true
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "quay.io/prometheus/node-exporter:v0.16.0"
+ expose: {
+ port: {
+ scrape: 9100
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: ["--path.procfs=/host/proc", "--path.sysfs=/host/sys"]
+ envSpec: {
+ }
+ volume: {
+ proc: {
+ name: "proc"
+ kubernetes: {
+ }
+ mountPath: "/host/proc"
+ subPath: null
+ readOnly: true
+ spec: {
+ hostPath: {
+ path: "/proc"
+ }
+ }
+ }
+ sys: {
+ name: "sys"
+ kubernetes: {
+ }
+ mountPath: "/host/sys"
+ subPath: null
+ readOnly: true
+ spec: {
+ hostPath: {
+ path: "/sys"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ "node-exporter": {
+ name: "node-exporter"
+ label: {
+ component: "mon"
+ app: "node-exporter"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ clusterIP: "None"
+ type: "ClusterIP"
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io/scrape": "true"
+ }
+ }
+ }
+ port: {
+ scrape: {
+ name: "metrics"
+ port: 9100
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/mon/prometheus
+_base: {
+ name: string
+ label: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ prometheus: {
+ kind: "Service"
+ spec: {
+ selector: {
+ name: "prometheus"
+ component: "mon"
+ app: "prometheus"
+ domain: "prod"
+ }
+ ports: [{
+ name: "main"
+ port: 9090
+ protocol: "TCP"
+ nodePort: 30900
+ }]
+ type: "NodePort"
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "prometheus"
+ labels: {
+ name: "prometheus"
+ component: "mon"
+ app: "prometheus"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io/scrape": "true"
+ }
+ }
+ }
+ }
+ deployments: {
+ prometheus: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ selector: {
+ matchLabels: {
+ app: "prometheus"
+ }
+ }
+ template: {
+ spec: {
+ containers: [{
+ name: "prometheus"
+ image: "prom/prometheus:v2.4.3"
+ args: ["--config.file=/etc/prometheus/prometheus.yml", "--web.external-url=https://prometheus.example.com"]
+ ports: [{
+ name: "web"
+ containerPort: 9090
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "config-volume"
+ mountPath: "/etc/prometheus"
+ }]
+ }]
+ volumes: [{
+ name: "config-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "mon"
+ app: "prometheus"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ strategy: {
+ type: "RollingUpdate"
+ rollingUpdate: {
+ maxSurge: 0
+ maxUnavailable: 1
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "prometheus"
+ labels: {
+ component: "mon"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ prometheus: {
+ kind: "ConfigMap"
+ apiVersion: "v1"
+ metadata: {
+ name: "prometheus"
+ labels: {
+ component: "mon"
+ }
+ }
+ data: {
+ "alert.rules": """
+ groups:
+ - name: rules.yaml
+ rules:
+ - alert: InstanceDown
+ annotations:
+ description: '{{$labels.app}} of job {{ $labels.job }} has been down for more
+ than 30 seconds.'
+ summary: Instance {{$labels.app}} down
+ expr: up == 0
+ for: 30s
+ labels:
+ severity: page
+ - alert: InsufficientPeers
+ annotations:
+ description: If one more etcd peer goes down the cluster will be unavailable
+ summary: etcd cluster small
+ expr: count(up{job=\"etcd\"} == 0) > (count(up{job=\"etcd\"}) / 2 - 1)
+ for: 3m
+ labels:
+ severity: page
+ - alert: EtcdNoMaster
+ annotations:
+ summary: No ETCD master elected.
+ expr: sum(etcd_server_has_leader{app=\"etcd\"}) == 0
+ for: 1s
+ labels:
+ severity: page
+ - alert: PodRestart
+ annotations:
+ description: '{{$labels.app}} {{ $labels.container }} resturted {{ $value }}
+ times in 5m.'
+ summary: Pod for {{$labels.container}} restarts too often
+ expr: (max_over_time(pod_container_status_restarts_total[5m]) - min_over_time(pod_container_status_restarts_total[5m]))
+ > 2
+ for: 1m
+ labels:
+ severity: page
+
+ """
+ "prometheus.yml": """
+ alerting:
+ alertmanagers:
+ - scheme: http
+ static_configs:
+ - targets:
+ - alertmanager:9093
+ global:
+ scrape_interval: 15s
+ rule_files:
+ - /etc/prometheus/alert.rules
+ scrape_configs:
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-apiservers
+ kubernetes_sd_configs:
+ - role: endpoints
+ relabel_configs:
+ - action: keep
+ regex: default;kubernetes;https
+ source_labels:
+ - __meta_kubernetes_namespace
+ - __meta_kubernetes_service_name
+ - __meta_kubernetes_endpoint_port_name
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-nodes
+ kubernetes_sd_configs:
+ - role: node
+ relabel_configs:
+ - action: labelmap
+ regex: __meta_kubernetes_node_label_(.+)
+ - replacement: kubernetes.default.svc:443
+ target_label: __address__
+ - regex: (.+)
+ replacement: /api/v1/nodes/${1}/proxy/metrics
+ source_labels:
+ - __meta_kubernetes_node_name
+ target_label: __metrics_path__
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-cadvisor
+ kubernetes_sd_configs:
+ - role: node
+ relabel_configs:
+ - action: labelmap
+ regex: __meta_kubernetes_node_label_(.+)
+ - replacement: kubernetes.default.svc:443
+ target_label: __address__
+ - regex: (.+)
+ replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
+ source_labels:
+ - __meta_kubernetes_node_name
+ target_label: __metrics_path__
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - job_name: kubernetes-service-endpoints
+ kubernetes_sd_configs:
+ - role: endpoints
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_scrape
+ - action: replace
+ regex: (https?)
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_scheme
+ target_label: __scheme__
+ - action: replace
+ regex: (.+)
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_path
+ target_label: __metrics_path__
+ - action: replace
+ regex: ([^:]+)(?::\\d+)?;(\\d+)
+ replacement: $1:$2
+ source_labels:
+ - __address__
+ - __meta_kubernetes_service_annotation_prometheus_io_port
+ target_label: __address__
+ - action: labelmap
+ regex: __meta_kubernetes_service_label_(.+)
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_service_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-services
+ kubernetes_sd_configs:
+ - role: service
+ metrics_path: /probe
+ params:
+ module:
+ - http_2xx
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_probe
+ - source_labels:
+ - __address__
+ target_label: __param_target
+ - replacement: blackbox-exporter.example.com:9115
+ target_label: __address__
+ - source_labels:
+ - __param_target
+ target_label: app
+ - action: labelmap
+ regex: __meta_kubernetes_service_label_(.+)
+ - source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - source_labels:
+ - __meta_kubernetes_service_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-ingresses
+ kubernetes_sd_configs:
+ - role: ingress
+ metrics_path: /probe
+ params:
+ module:
+ - http_2xx
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_ingress_annotation_prometheus_io_probe
+ - regex: (.+);(.+);(.+)
+ replacement: ${1}://${2}${3}
+ source_labels:
+ - __meta_kubernetes_ingress_scheme
+ - __address__
+ - __meta_kubernetes_ingress_path
+ target_label: __param_target
+ - replacement: blackbox-exporter.example.com:9115
+ target_label: __address__
+ - source_labels:
+ - __param_target
+ target_label: app
+ - action: labelmap
+ regex: __meta_kubernetes_ingress_label_(.+)
+ - source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - source_labels:
+ - __meta_kubernetes_ingress_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-pods
+ kubernetes_sd_configs:
+ - role: pod
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_pod_annotation_prometheus_io_scrape
+ - action: replace
+ regex: (.+)
+ source_labels:
+ - __meta_kubernetes_pod_annotation_prometheus_io_path
+ target_label: __metrics_path__
+ - action: replace
+ regex: ([^:]+)(?::\\d+)?;(\\d+)
+ replacement: $1:$2
+ source_labels:
+ - __address__
+ - __meta_kubernetes_pod_annotation_prometheus_io_port
+ target_label: __address__
+ - action: labelmap
+ regex: __meta_kubernetes_pod_label_(.+)
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_pod_name
+ target_label: kubernetes_pod_name
+
+ """
+ }
+ }
+ }
+}
+deployment: {
+ prometheus: {
+ name: "prometheus"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "mon"
+ app: "prometheus"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ selector: {
+ matchLabels: {
+ app: "prometheus"
+ }
+ }
+ template: {
+ metadata: {
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ }
+ strategy: {
+ type: "RollingUpdate"
+ rollingUpdate: {
+ maxSurge: 0
+ maxUnavailable: 1
+ }
+ }
+ }
+ }
+ replicas: 1
+ image: "prom/prometheus:v2.4.3"
+ expose: {
+ port: {
+ web: 9090
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: ["--config.file=/etc/prometheus/prometheus.yml", "--web.external-url=https://prometheus.example.com"]
+ envSpec: {
+ }
+ volume: {
+ "config-volume": {
+ name: "config-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/prometheus"
+ subPath: null
+ readOnly: false
+ spec: {
+ configMap: {
+ name: "prometheus"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ prometheus: {
+ name: "prometheus"
+ label: {
+ name: "prometheus"
+ component: "mon"
+ app: "prometheus"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ type: "NodePort"
+ }
+ metadata: {
+ annotations: {
+ "prometheus.io/scrape": "true"
+ }
+ }
+ }
+ port: {
+ web: {
+ name: "main"
+ port: 9090
+ protocol: "TCP"
+ nodePort: 30900
+ }
+ }
+ }
+}
+configMap: {
+ prometheus: {
+ "alert.rules": """
+ groups:
+ - name: rules.yaml
+ rules:
+ - alert: InstanceDown
+ annotations:
+ description: '{{$labels.app}} of job {{ $labels.job }} has been down for more
+ than 30 seconds.'
+ summary: Instance {{$labels.app}} down
+ expr: up == 0
+ for: 30s
+ labels:
+ severity: page
+ - alert: InsufficientPeers
+ annotations:
+ description: If one more etcd peer goes down the cluster will be unavailable
+ summary: etcd cluster small
+ expr: count(up{job=\"etcd\"} == 0) > (count(up{job=\"etcd\"}) / 2 - 1)
+ for: 3m
+ labels:
+ severity: page
+ - alert: EtcdNoMaster
+ annotations:
+ summary: No ETCD master elected.
+ expr: sum(etcd_server_has_leader{app=\"etcd\"}) == 0
+ for: 1s
+ labels:
+ severity: page
+ - alert: PodRestart
+ annotations:
+ description: '{{$labels.app}} {{ $labels.container }} resturted {{ $value }}
+ times in 5m.'
+ summary: Pod for {{$labels.container}} restarts too often
+ expr: (max_over_time(pod_container_status_restarts_total[5m]) - min_over_time(pod_container_status_restarts_total[5m]))
+ > 2
+ for: 1m
+ labels:
+ severity: page
+
+ """
+ "prometheus.yml": """
+ alerting:
+ alertmanagers:
+ - scheme: http
+ static_configs:
+ - targets:
+ - alertmanager:9093
+ global:
+ scrape_interval: 15s
+ rule_files:
+ - /etc/prometheus/alert.rules
+ scrape_configs:
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-apiservers
+ kubernetes_sd_configs:
+ - role: endpoints
+ relabel_configs:
+ - action: keep
+ regex: default;kubernetes;https
+ source_labels:
+ - __meta_kubernetes_namespace
+ - __meta_kubernetes_service_name
+ - __meta_kubernetes_endpoint_port_name
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-nodes
+ kubernetes_sd_configs:
+ - role: node
+ relabel_configs:
+ - action: labelmap
+ regex: __meta_kubernetes_node_label_(.+)
+ - replacement: kubernetes.default.svc:443
+ target_label: __address__
+ - regex: (.+)
+ replacement: /api/v1/nodes/${1}/proxy/metrics
+ source_labels:
+ - __meta_kubernetes_node_name
+ target_label: __metrics_path__
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-cadvisor
+ kubernetes_sd_configs:
+ - role: node
+ relabel_configs:
+ - action: labelmap
+ regex: __meta_kubernetes_node_label_(.+)
+ - replacement: kubernetes.default.svc:443
+ target_label: __address__
+ - regex: (.+)
+ replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
+ source_labels:
+ - __meta_kubernetes_node_name
+ target_label: __metrics_path__
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - job_name: kubernetes-service-endpoints
+ kubernetes_sd_configs:
+ - role: endpoints
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_scrape
+ - action: replace
+ regex: (https?)
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_scheme
+ target_label: __scheme__
+ - action: replace
+ regex: (.+)
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_path
+ target_label: __metrics_path__
+ - action: replace
+ regex: ([^:]+)(?::\\d+)?;(\\d+)
+ replacement: $1:$2
+ source_labels:
+ - __address__
+ - __meta_kubernetes_service_annotation_prometheus_io_port
+ target_label: __address__
+ - action: labelmap
+ regex: __meta_kubernetes_service_label_(.+)
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_service_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-services
+ kubernetes_sd_configs:
+ - role: service
+ metrics_path: /probe
+ params:
+ module:
+ - http_2xx
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_probe
+ - source_labels:
+ - __address__
+ target_label: __param_target
+ - replacement: blackbox-exporter.example.com:9115
+ target_label: __address__
+ - source_labels:
+ - __param_target
+ target_label: app
+ - action: labelmap
+ regex: __meta_kubernetes_service_label_(.+)
+ - source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - source_labels:
+ - __meta_kubernetes_service_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-ingresses
+ kubernetes_sd_configs:
+ - role: ingress
+ metrics_path: /probe
+ params:
+ module:
+ - http_2xx
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_ingress_annotation_prometheus_io_probe
+ - regex: (.+);(.+);(.+)
+ replacement: ${1}://${2}${3}
+ source_labels:
+ - __meta_kubernetes_ingress_scheme
+ - __address__
+ - __meta_kubernetes_ingress_path
+ target_label: __param_target
+ - replacement: blackbox-exporter.example.com:9115
+ target_label: __address__
+ - source_labels:
+ - __param_target
+ target_label: app
+ - action: labelmap
+ regex: __meta_kubernetes_ingress_label_(.+)
+ - source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - source_labels:
+ - __meta_kubernetes_ingress_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-pods
+ kubernetes_sd_configs:
+ - role: pod
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_pod_annotation_prometheus_io_scrape
+ - action: replace
+ regex: (.+)
+ source_labels:
+ - __meta_kubernetes_pod_annotation_prometheus_io_path
+ target_label: __metrics_path__
+ - action: replace
+ regex: ([^:]+)(?::\\d+)?;(\\d+)
+ replacement: $1:$2
+ source_labels:
+ - __address__
+ - __meta_kubernetes_pod_annotation_prometheus_io_port
+ target_label: __address__
+ - action: labelmap
+ regex: __meta_kubernetes_pod_label_(.+)
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_pod_name
+ target_label: kubernetes_pod_name
+
+ """
+ }
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/proxy
+_base: {
+ name: string
+ label: {
+ component: "proxy"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ }
+ deployments: {
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+}
+service: {
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/proxy/authproxy
+_base: {
+ name: string
+ label: {
+ component: "proxy"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ authproxy: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "proxy"
+ app: "authproxy"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ port: 4180
+ protocol: "TCP"
+ }]
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "authproxy"
+ labels: {
+ component: "proxy"
+ app: "authproxy"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ authproxy: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "authproxy"
+ image: "skippy/oauth2_proxy:2.0.1"
+ args: ["--config=/etc/authproxy/authproxy.cfg"]
+ ports: [{
+ name: "client"
+ containerPort: 4180
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "config-volume"
+ mountPath: "/etc/authproxy"
+ }]
+ }]
+ volumes: [{
+ name: "config-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: "authproxy"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "authproxy"
+ labels: {
+ component: "proxy"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ authproxy: {
+ kind: "ConfigMap"
+ apiVersion: "v1"
+ metadata: {
+ name: "authproxy"
+ labels: {
+ component: "proxy"
+ }
+ }
+ data: {
+ "authproxy.cfg": """
+ # Google Auth Proxy Config File
+ ## https://github.com/bitly/google_auth_proxy
+
+ ## <addr>:<port> to listen on for HTTP clients
+ http_address = \"0.0.0.0:4180\"
+
+ ## the OAuth Redirect URL.
+ redirect_url = \"https://auth.example.com/oauth2/callback\"
+
+ ## the http url(s) of the upstream endpoint. If multiple, routing is based on path
+ upstreams = [
+ # frontend
+ \"http://frontend-waiter:7080/dpr/\",
+ \"http://frontend-maitred:7080/ui/\",
+ \"http://frontend-maitred:7080/ui\",
+ \"http://frontend-maitred:7080/report/\",
+ \"http://frontend-maitred:7080/report\",
+ \"http://frontend-maitred:7080/static/\",
+ # kitchen
+ \"http://kitchen-chef:8080/visit\",
+ # infrastructure
+ \"http://download:7080/file/\",
+ \"http://download:7080/archive\",
+ \"http://tasks:7080/tasks\",
+ \"http://tasks:7080/tasks/\",
+ ]
+
+ ## pass HTTP Basic Auth, X-Forwarded-User and X-Forwarded-Email information to upstream
+ pass_basic_auth = true
+ request_logging = true
+
+ ## Google Apps Domains to allow authentication for
+ google_apps_domains = [
+ \"example.com\",
+ ]
+
+ email_domains = [
+ \"example.com\",
+ ]
+
+ ## The Google OAuth Client ID, Secret
+ client_id = \"---\"
+ client_secret = \"---\"
+
+ ## Cookie Settings
+ ## Secret - the seed string for secure cookies
+ ## Domain - optional cookie domain to force cookies to (ie: .yourcompany.com)
+ ## Expire - expire timeframe for cookie
+ cookie_secret = \"won't tell you\"
+ cookie_domain = \".example.com\"
+ cookie_https_only = true
+ """
+ }
+ }
+ }
+}
+deployment: {
+ authproxy: {
+ name: "authproxy"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "proxy"
+ app: "authproxy"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ replicas: 1
+ image: "skippy/oauth2_proxy:2.0.1"
+ expose: {
+ port: {
+ client: 4180
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: ["--config=/etc/authproxy/authproxy.cfg"]
+ envSpec: {
+ }
+ volume: {
+ "config-volume": {
+ name: "config-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/authproxy"
+ subPath: null
+ readOnly: false
+ spec: {
+ configMap: {
+ name: "authproxy"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ authproxy: {
+ name: "authproxy"
+ label: {
+ component: "proxy"
+ app: "authproxy"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ port: {
+ client: {
+ name: "client"
+ port: 4180
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+ authproxy: {
+ "authproxy.cfg": """
+ # Google Auth Proxy Config File
+ ## https://github.com/bitly/google_auth_proxy
+
+ ## <addr>:<port> to listen on for HTTP clients
+ http_address = \"0.0.0.0:4180\"
+
+ ## the OAuth Redirect URL.
+ redirect_url = \"https://auth.example.com/oauth2/callback\"
+
+ ## the http url(s) of the upstream endpoint. If multiple, routing is based on path
+ upstreams = [
+ # frontend
+ \"http://frontend-waiter:7080/dpr/\",
+ \"http://frontend-maitred:7080/ui/\",
+ \"http://frontend-maitred:7080/ui\",
+ \"http://frontend-maitred:7080/report/\",
+ \"http://frontend-maitred:7080/report\",
+ \"http://frontend-maitred:7080/static/\",
+ # kitchen
+ \"http://kitchen-chef:8080/visit\",
+ # infrastructure
+ \"http://download:7080/file/\",
+ \"http://download:7080/archive\",
+ \"http://tasks:7080/tasks\",
+ \"http://tasks:7080/tasks/\",
+ ]
+
+ ## pass HTTP Basic Auth, X-Forwarded-User and X-Forwarded-Email information to upstream
+ pass_basic_auth = true
+ request_logging = true
+
+ ## Google Apps Domains to allow authentication for
+ google_apps_domains = [
+ \"example.com\",
+ ]
+
+ email_domains = [
+ \"example.com\",
+ ]
+
+ ## The Google OAuth Client ID, Secret
+ client_id = \"---\"
+ client_secret = \"---\"
+
+ ## Cookie Settings
+ ## Secret - the seed string for secure cookies
+ ## Domain - optional cookie domain to force cookies to (ie: .yourcompany.com)
+ ## Expire - expire timeframe for cookie
+ cookie_secret = \"won't tell you\"
+ cookie_domain = \".example.com\"
+ cookie_https_only = true
+ """
+ }
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/proxy/goget
+_base: {
+ name: string
+ label: {
+ component: "proxy"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ goget: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "proxy"
+ app: "goget"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 443
+ protocol: "TCP"
+ }, {
+ name: "https"
+ port: 7443
+ protocol: "TCP"
+ }]
+ type: "LoadBalancer"
+ loadBalancerIP: "1.3.5.7"
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "goget"
+ labels: {
+ component: "proxy"
+ app: "goget"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ goget: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "goget"
+ image: "gcr.io/myproj/goget:v0.5.1"
+ args: []
+ ports: [{
+ name: "https"
+ containerPort: 7443
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }]
+ }]
+ volumes: [{
+ name: "secret-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: "goget"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "goget"
+ labels: {
+ component: "proxy"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ }
+}
+deployment: {
+ goget: {
+ name: "goget"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "proxy"
+ app: "goget"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ replicas: 1
+ image: "gcr.io/myproj/goget:v0.5.1"
+ expose: {
+ port: {
+ https: 7443
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-volume": {
+ name: "secret-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/ssl"
+ subPath: null
+ readOnly: false
+ spec: {
+ secret: {
+ secretName: "goget-secrets"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ goget: {
+ name: "goget"
+ label: {
+ component: "proxy"
+ app: "goget"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ type: "LoadBalancer"
+ loadBalancerIP: "1.3.5.7"
+ }
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 443
+ protocol: "TCP"
+ }
+ https: {
+ name: "https"
+ port: 7443
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/manual/services/proxy/nginx
+_base: {
+ name: string
+ label: {
+ component: "proxy"
+ app: string
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+}
+kubernetes: {
+ services: {
+ nginx: {
+ kind: "Service"
+ spec: {
+ selector: {
+ component: "proxy"
+ app: "nginx"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ port: 80
+ protocol: "TCP"
+ }, {
+ name: "https"
+ port: 443
+ protocol: "TCP"
+ }]
+ type: "LoadBalancer"
+ loadBalancerIP: "1.3.4.5"
+ }
+ apiVersion: "v1"
+ metadata: {
+ name: "nginx"
+ labels: {
+ component: "proxy"
+ app: "nginx"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ deployments: {
+ nginx: {
+ kind: "Deployment"
+ spec: {
+ replicas: 1
+ template: {
+ spec: {
+ containers: [{
+ name: "nginx"
+ image: "nginx:1.11.10-alpine"
+ args: []
+ ports: [{
+ name: "http"
+ containerPort: 80
+ }, {
+ name: "https"
+ containerPort: 443
+ }]
+ volumeMounts: [{
+ _|_ /* more than one element remaining (false and true) */
+
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }, {
+ name: "config-volume"
+ mountPath: "/etc/nginx/nginx.conf"
+ subPath: "nginx.conf"
+ }]
+ }]
+ volumes: [{
+ name: "secret-volume"
+ }, {
+ name: "config-volume"
+ }]
+ }
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: "nginx"
+ domain: "prod"
+ }
+ }
+ }
+ }
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "nginx"
+ labels: {
+ component: "proxy"
+ }
+ }
+ }
+ }
+ statefulSets: {
+ }
+ daemonSets: {
+ }
+ configMaps: {
+ nginx: {
+ kind: "ConfigMap"
+ apiVersion: "v1"
+ metadata: {
+ name: "nginx"
+ labels: {
+ component: "proxy"
+ }
+ }
+ data: {
+ "nginx.conf": """
+ events {
+ worker_connections 768;
+ }
+ http {
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ # needs to be high for some download jobs.
+ keepalive_timeout 400;
+ # proxy_connect_timeout 300;
+ proxy_send_timeout 300;
+ proxy_read_timeout 300;
+ send_timeout 300;
+
+ types_hash_max_size 2048;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ access_log /dev/stdout;
+ error_log /dev/stdout;
+
+ # Disable POST body size constraints. We often deal with large
+ # files. Especially docker containers may be large.
+ client_max_body_size 0;
+
+ upstream goget {
+ server localhost:7070;
+ }
+
+ # Redirect incoming Google Cloud Storage notifications:
+ server {
+ listen 443 ssl;
+ server_name notify.example.com notify2.example.com;
+
+ ssl_certificate /etc/ssl/server.crt;
+ ssl_certificate_key /etc/ssl/server.key;
+
+ # Security enhancements to deal with poodles and the like.
+ # See https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+ # ssl_ciphers 'AES256+EECDH:AES256+EDH';
+ ssl_ciphers \"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4\";
+
+ # We don't like poodles.
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ # Enable Forward secrecy.
+ ssl_dhparam /etc/ssl/dhparam.pem;
+ ssl_prefer_server_ciphers on;
+
+ # Enable HTST.
+ add_header Strict-Transport-Security max-age=1209600;
+
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
+ chunked_transfer_encoding on;
+
+ location / {
+ proxy_pass http://tasks:7080;
+ proxy_connect_timeout 1;
+ }
+ }
+
+ server {
+ listen 80;
+ listen 443 ssl;
+ server_name x.example.com example.io;
+
+ location ~ \"(/[^/]+)(/.*)?\" {
+ set $myhost $host;
+ if ($arg_go-get = \"1\") {
+ set $myhost \"goget\";
+ }
+ proxy_pass http://$myhost$1;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+
+ location / {
+ set $myhost $host;
+ if ($arg_go-get = \"1\") {
+ set $myhost \"goget\";
+ }
+ proxy_pass http://$myhost;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+ }
+
+ server {
+ listen 80;
+ server_name www.example.com w.example.com;
+
+ resolver 8.8.8.8;
+
+ location / {
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-Server $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_pass http://$host.default.example.appspot.com/$request_uri;
+ proxy_redirect http://$host.default.example.appspot.com/ /;
+ }
+ }
+
+ # Kubernetes URI space. Maps URIs paths to specific servers using the
+ # proxy.
+ server {
+ listen 80;
+ listen 443 ssl;
+ server_name proxy.example.com;
+
+ ssl_certificate /etc/ssl/server.crt;
+ ssl_certificate_key /etc/ssl/server.key;
+
+ # Security enhancements to deal with poodles and the like.
+ # See https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+ # ssl_ciphers 'AES256+EECDH:AES256+EDH';
+ ssl_ciphers \"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4\";
+
+ # We don't like poodles.
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ # Enable Forward secrecy.
+ ssl_dhparam /etc/ssl/dhparam.pem;
+ ssl_prefer_server_ciphers on;
+
+ # Enable HTST.
+ add_header Strict-Transport-Security max-age=1209600;
+
+ if ($ssl_protocol = \"\") {
+ rewrite ^ https://$host$request_uri? permanent;
+ }
+
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
+ chunked_transfer_encoding on;
+
+ location / {
+ proxy_pass http://kubeproxy:4180;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+ }
+
+ server {
+ # We could add the following line and the connection would still be SSL,
+ # but it doesn't appear to be necessary. Seems saver this way.
+ listen 80;
+ listen 443 default ssl;
+ server_name ~^(?<sub>.*)\\.example\\.com$;
+
+ ssl_certificate /etc/ssl/server.crt;
+ ssl_certificate_key /etc/ssl/server.key;
+
+ # Security enhancements to deal with poodles and the like.
+ # See https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+ # ssl_ciphers 'AES256+EECDH:AES256+EDH';
+ ssl_ciphers \"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4\";
+
+ # We don't like poodles.
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ # Enable Forward secrecy.
+ ssl_dhparam /etc/ssl/dhparam.pem;
+ ssl_prefer_server_ciphers on;
+
+ # Enable HTST.
+ add_header Strict-Transport-Security max-age=1209600;
+
+ if ($ssl_protocol = \"\") {
+ rewrite ^ https://$host$request_uri? permanent;
+ }
+
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
+ chunked_transfer_encoding on;
+
+ location / {
+ proxy_pass http://authproxy:4180;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+ }
+ }
+ """
+ }
+ }
+ }
+}
+deployment: {
+ nginx: {
+ name: "nginx"
+ kind: "deployment"
+ env: {
+ }
+ label: {
+ component: "proxy"
+ app: "nginx"
+ domain: "prod"
+ }
+ kubernetes: {
+ }
+ replicas: 1
+ image: "nginx:1.11.10-alpine"
+ expose: {
+ port: {
+ http: 80
+ https: 443
+ }
+ }
+ port: {
+ }
+ arg: {
+ }
+ args: []
+ envSpec: {
+ }
+ volume: {
+ "secret-volume": {
+ name: "secret-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/ssl"
+ subPath: null
+ readOnly: false
+ spec: {
+ secret: {
+ secretName: "proxy-secrets"
+ }
+ }
+ }
+ "config-volume": {
+ name: "config-volume"
+ kubernetes: {
+ }
+ mountPath: "/etc/nginx/nginx.conf"
+ subPath: "nginx.conf"
+ readOnly: false
+ spec: {
+ configMap: {
+ name: "nginx"
+ }
+ }
+ }
+ }
+ }
+}
+service: {
+ nginx: {
+ name: "nginx"
+ label: {
+ component: "proxy"
+ app: "nginx"
+ domain: "prod"
+ }
+ kubernetes: {
+ spec: {
+ type: "LoadBalancer"
+ loadBalancerIP: "1.3.4.5"
+ }
+ }
+ port: {
+ http: {
+ name: "http"
+ port: 80
+ protocol: "TCP"
+ }
+ https: {
+ name: "https"
+ port: 443
+ protocol: "TCP"
+ }
+ }
+ }
+}
+configMap: {
+ nginx: {
+ "nginx.conf": """
+ events {
+ worker_connections 768;
+ }
+ http {
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ # needs to be high for some download jobs.
+ keepalive_timeout 400;
+ # proxy_connect_timeout 300;
+ proxy_send_timeout 300;
+ proxy_read_timeout 300;
+ send_timeout 300;
+
+ types_hash_max_size 2048;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ access_log /dev/stdout;
+ error_log /dev/stdout;
+
+ # Disable POST body size constraints. We often deal with large
+ # files. Especially docker containers may be large.
+ client_max_body_size 0;
+
+ upstream goget {
+ server localhost:7070;
+ }
+
+ # Redirect incoming Google Cloud Storage notifications:
+ server {
+ listen 443 ssl;
+ server_name notify.example.com notify2.example.com;
+
+ ssl_certificate /etc/ssl/server.crt;
+ ssl_certificate_key /etc/ssl/server.key;
+
+ # Security enhancements to deal with poodles and the like.
+ # See https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+ # ssl_ciphers 'AES256+EECDH:AES256+EDH';
+ ssl_ciphers \"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4\";
+
+ # We don't like poodles.
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ # Enable Forward secrecy.
+ ssl_dhparam /etc/ssl/dhparam.pem;
+ ssl_prefer_server_ciphers on;
+
+ # Enable HTST.
+ add_header Strict-Transport-Security max-age=1209600;
+
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
+ chunked_transfer_encoding on;
+
+ location / {
+ proxy_pass http://tasks:7080;
+ proxy_connect_timeout 1;
+ }
+ }
+
+ server {
+ listen 80;
+ listen 443 ssl;
+ server_name x.example.com example.io;
+
+ location ~ \"(/[^/]+)(/.*)?\" {
+ set $myhost $host;
+ if ($arg_go-get = \"1\") {
+ set $myhost \"goget\";
+ }
+ proxy_pass http://$myhost$1;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+
+ location / {
+ set $myhost $host;
+ if ($arg_go-get = \"1\") {
+ set $myhost \"goget\";
+ }
+ proxy_pass http://$myhost;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+ }
+
+ server {
+ listen 80;
+ server_name www.example.com w.example.com;
+
+ resolver 8.8.8.8;
+
+ location / {
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-Server $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_pass http://$host.default.example.appspot.com/$request_uri;
+ proxy_redirect http://$host.default.example.appspot.com/ /;
+ }
+ }
+
+ # Kubernetes URI space. Maps URIs paths to specific servers using the
+ # proxy.
+ server {
+ listen 80;
+ listen 443 ssl;
+ server_name proxy.example.com;
+
+ ssl_certificate /etc/ssl/server.crt;
+ ssl_certificate_key /etc/ssl/server.key;
+
+ # Security enhancements to deal with poodles and the like.
+ # See https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+ # ssl_ciphers 'AES256+EECDH:AES256+EDH';
+ ssl_ciphers \"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4\";
+
+ # We don't like poodles.
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ # Enable Forward secrecy.
+ ssl_dhparam /etc/ssl/dhparam.pem;
+ ssl_prefer_server_ciphers on;
+
+ # Enable HTST.
+ add_header Strict-Transport-Security max-age=1209600;
+
+ if ($ssl_protocol = \"\") {
+ rewrite ^ https://$host$request_uri? permanent;
+ }
+
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
+ chunked_transfer_encoding on;
+
+ location / {
+ proxy_pass http://kubeproxy:4180;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+ }
+
+ server {
+ # We could add the following line and the connection would still be SSL,
+ # but it doesn't appear to be necessary. Seems saver this way.
+ listen 80;
+ listen 443 default ssl;
+ server_name ~^(?<sub>.*)\\.example\\.com$;
+
+ ssl_certificate /etc/ssl/server.crt;
+ ssl_certificate_key /etc/ssl/server.key;
+
+ # Security enhancements to deal with poodles and the like.
+ # See https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+ # ssl_ciphers 'AES256+EECDH:AES256+EDH';
+ ssl_ciphers \"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4\";
+
+ # We don't like poodles.
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ # Enable Forward secrecy.
+ ssl_dhparam /etc/ssl/dhparam.pem;
+ ssl_prefer_server_ciphers on;
+
+ # Enable HTST.
+ add_header Strict-Transport-Security max-age=1209600;
+
+ if ($ssl_protocol = \"\") {
+ rewrite ^ https://$host$request_uri? permanent;
+ }
+
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
+ chunked_transfer_encoding on;
+
+ location / {
+ proxy_pass http://authproxy:4180;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+ }
+ }
+ """
+ }
+}
+_k8sSpec: {
+ X: {
+ kubernetes: {
+ spec: {
+ template: {
+ spec: {
+ _|_ /* undefined field "volume" */
+
+ containers: [{
+ _|_ /* undefined field "volume" */
+
+ name: _|_ /* undefined field "name" */
+ image: _|_ /* undefined field "image" */
+ args: _|_ /* undefined field "args" */
+ ports: _|_ /* undefined field "expose" */
+ }]
+ }
+ metadata: {
+ labels: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ metadata: {
+ name: _|_ /* undefined field "name" */
+ labels: {
+ component: _|_ /* undefined field "label" */
+ }
+ }
+ }
+ }
+}
diff --git a/doc/tutorial/kubernetes/testdata/quick.out b/doc/tutorial/kubernetes/testdata/quick.out
new file mode 100644
index 0000000..9a55f5d
--- /dev/null
+++ b/doc/tutorial/kubernetes/testdata/quick.out
@@ -0,0 +1,3961 @@
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services
+configMap: {
+}
+service: {
+}
+deployment: {
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: string
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: string
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: string
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/frontend
+configMap: {
+}
+service: {
+}
+deployment: {
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "frontend"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/frontend/bartender
+configMap: {
+}
+service: {
+ bartender: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "bartender"
+ labels: {
+ component: "frontend"
+ app: "bartender"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "bartender"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 7080
+ targetPort: 7080
+ }]
+ }
+ }
+}
+deployment: {
+ bartender: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "bartender"
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "bartender"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "bartender"
+ image: "gcr.io/myproj/bartender:v0.1.34"
+ args: []
+ ports: [{
+ containerPort: 7080
+ _export: true
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "bartender"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "frontend"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/frontend/breaddispatcher
+configMap: {
+}
+service: {
+ breaddispatcher: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "breaddispatcher"
+ labels: {
+ component: "frontend"
+ app: "breaddispatcher"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "breaddispatcher"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 7080
+ targetPort: 7080
+ }]
+ }
+ }
+}
+deployment: {
+ breaddispatcher: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "breaddispatcher"
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "breaddispatcher"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "breaddispatcher"
+ image: "gcr.io/myproj/breaddispatcher:v0.3.24"
+ args: ["-etcd=etcd:2379", "-event-server=events:7788"]
+ ports: [{
+ containerPort: 7080
+ _export: true
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "breaddispatcher"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "frontend"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/frontend/host
+configMap: {
+}
+service: {
+ host: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "host"
+ labels: {
+ component: "frontend"
+ app: "host"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "host"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 7080
+ targetPort: 7080
+ }]
+ }
+ }
+}
+deployment: {
+ host: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "host"
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "host"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "host"
+ image: "gcr.io/myproj/host:v0.1.10"
+ args: []
+ ports: [{
+ containerPort: 7080
+ _export: true
+ }]
+ }]
+ }
+ }
+ replicas: 2
+ }
+ _name: "host"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "frontend"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/frontend/maitred
+configMap: {
+}
+service: {
+ maitred: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "maitred"
+ labels: {
+ component: "frontend"
+ app: "maitred"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "maitred"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 7080
+ targetPort: 7080
+ }]
+ }
+ }
+}
+deployment: {
+ maitred: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "maitred"
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "maitred"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "maitred"
+ image: "gcr.io/myproj/maitred:v0.0.4"
+ args: []
+ ports: [{
+ containerPort: 7080
+ _export: true
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "maitred"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "frontend"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/frontend/valeter
+configMap: {
+}
+service: {
+ valeter: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "valeter"
+ labels: {
+ component: "frontend"
+ app: "valeter"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "valeter"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ valeter: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "valeter"
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "valeter"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "8080"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "valeter"
+ image: "gcr.io/myproj/valeter:v0.0.4"
+ args: ["-http=:8080", "-etcd=etcd:2379"]
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "valeter"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "frontend"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/frontend/waiter
+configMap: {
+}
+service: {
+ waiter: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "waiter"
+ labels: {
+ component: "frontend"
+ app: "waiter"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "waiter"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 7080
+ targetPort: 7080
+ }]
+ }
+ }
+}
+deployment: {
+ waiter: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "waiter"
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "waiter"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "waiter"
+ image: "gcr.io/myproj/waiter:v0.3.0"
+ ports: [{
+ containerPort: 7080
+ _export: true
+ }]
+ }]
+ }
+ }
+ replicas: 5
+ }
+ _name: "waiter"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "frontend"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/frontend/waterdispatcher
+configMap: {
+}
+service: {
+ waterdispatcher: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "waterdispatcher"
+ labels: {
+ component: "frontend"
+ app: "waterdispatcher"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "frontend"
+ app: "waterdispatcher"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ protocol: "TCP"
+ port: 7080
+ targetPort: 7080
+ }]
+ }
+ }
+}
+deployment: {
+ waterdispatcher: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "waterdispatcher"
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: "waterdispatcher"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "waterdispatcher"
+ image: "gcr.io/myproj/waterdispatcher:v0.0.48"
+ args: ["-http=:8080", "-etcd=etcd:2379"]
+ ports: [{
+ containerPort: 7080
+ _export: true
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "waterdispatcher"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "frontend"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "frontend"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "frontend"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/infra
+configMap: {
+}
+service: {
+}
+deployment: {
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "infra"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/infra/download
+configMap: {
+}
+service: {
+ download: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "download"
+ labels: {
+ component: "infra"
+ app: "download"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "infra"
+ app: "download"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 7080
+ targetPort: 7080
+ }]
+ }
+ }
+}
+deployment: {
+ download: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "download"
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "download"
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "download"
+ image: "gcr.io/myproj/download:v0.0.2"
+ ports: [{
+ containerPort: 7080
+ _export: true
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "download"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "infra"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/infra/etcd
+configMap: {
+}
+service: {
+ etcd: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "etcd"
+ labels: {
+ component: "infra"
+ app: "etcd"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "infra"
+ app: "etcd"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 2379
+ targetPort: 2379
+ }, {
+ name: "peer"
+ protocol: "TCP"
+ port: 2380
+ targetPort: 2380
+ }]
+ clusterIP: "None"
+ }
+ }
+}
+deployment: {
+}
+daemonSet: {
+}
+statefulSet: {
+ etcd: {
+ kind: "StatefulSet"
+ apiVersion: "apps/v1beta1"
+ metadata: {
+ name: "etcd"
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "etcd"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "2379"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "etcd"
+ env: [{
+ name: "ETCDCTL_API"
+ value: "3"
+ }, {
+ name: "ETCD_AUTO_COMPACTION_RETENTION"
+ value: "4"
+ }, {
+ name: "NAME"
+ valueFrom: {
+ fieldRef: {
+ fieldPath: "metadata.name"
+ }
+ }
+ }, {
+ name: "IP"
+ valueFrom: {
+ fieldRef: {
+ fieldPath: "status.podIP"
+ }
+ }
+ }]
+ image: "quay.io/coreos/etcd:v3.3.10"
+ command: ["/usr/local/bin/etcd"]
+ args: ["-name", "$(NAME)", "-data-dir", "/data/etcd3", "-initial-advertise-peer-urls", "http://$(IP):2380", "-listen-peer-urls", "http://$(IP):2380", "-listen-client-urls", "http://$(IP):2379,http://127.0.0.1:2379", "-advertise-client-urls", "http://$(IP):2379", "-discovery", "https://discovery.etcd.io/xxxxxx"]
+ ports: [{
+ name: "client"
+ containerPort: 2379
+ _export: true
+ }, {
+ name: "peer"
+ containerPort: 2380
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "etcd3"
+ mountPath: "/data"
+ }]
+ livenessProbe: {
+ initialDelaySeconds: 30
+ httpGet: {
+ path: "/health"
+ port: "client"
+ }
+ }
+ }]
+ terminationGracePeriodSeconds: 10
+ affinity: {
+ podAntiAffinity: {
+ requiredDuringSchedulingIgnoredDuringExecution: [{
+ labelSelector: {
+ matchExpressions: [{
+ key: "app"
+ operator: "In"
+ values: ["etcd"]
+ }]
+ }
+ topologyKey: "kubernetes.io/hostname"
+ }]
+ }
+ }
+ }
+ }
+ replicas: 3
+ serviceName: "etcd"
+ volumeClaimTemplates: [{
+ metadata: {
+ name: "etcd3"
+ annotations: {
+ "volume.alpha.kubernetes.io/storage-class": "default"
+ }
+ }
+ spec: {
+ resources: {
+ requests: {
+ storage: "10Gi"
+ }
+ }
+ accessModes: ["ReadWriteOnce"]
+ }
+ }]
+ }
+ _name: "etcd"
+ }
+}
+_component: "infra"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/infra/events
+configMap: {
+}
+service: {
+ events: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "events"
+ labels: {
+ component: "infra"
+ app: "events"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "infra"
+ app: "events"
+ domain: "prod"
+ }
+ ports: [{
+ name: "grpc"
+ protocol: "TCP"
+ port: 7788
+ targetPort: 7788
+ }]
+ }
+ }
+}
+deployment: {
+ events: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "events"
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "events"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "secret-volume"
+ secret: {
+ secretName: "biz-secrets"
+ }
+ }]
+ containers: [{
+ name: "events"
+ image: "gcr.io/myproj/events:v0.1.31"
+ args: ["-cert=/etc/ssl/server.pem", "-key=/etc/ssl/server.key", "-grpc=:7788"]
+ ports: [{
+ containerPort: 7080
+ _export: false
+ }, {
+ containerPort: 7788
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }]
+ }]
+ affinity: {
+ podAntiAffinity: {
+ requiredDuringSchedulingIgnoredDuringExecution: [{
+ labelSelector: {
+ matchExpressions: [{
+ key: "app"
+ operator: "In"
+ values: ["events"]
+ }]
+ }
+ topologyKey: "kubernetes.io/hostname"
+ }]
+ }
+ }
+ }
+ }
+ replicas: 2
+ }
+ _name: "events"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "infra"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/infra/tasks
+configMap: {
+}
+service: {
+ tasks: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "tasks"
+ labels: {
+ component: "infra"
+ app: "tasks"
+ domain: "prod"
+ }
+ }
+ spec: {
+ type: "LoadBalancer"
+ selector: {
+ component: "infra"
+ app: "tasks"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ protocol: "TCP"
+ port: 443
+ targetPort: 7443
+ }]
+ loadBalancerIP: "1.2.3.4"
+ }
+ }
+}
+deployment: {
+ tasks: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "tasks"
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "tasks"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ "prometheus.io.port": "7080"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "secret-volume"
+ secret: {
+ secretName: "star-example-com-secrets"
+ }
+ }]
+ containers: [{
+ name: "tasks"
+ image: "gcr.io/myproj/tasks:v0.2.6"
+ ports: [{
+ containerPort: 7080
+ _export: false
+ }, {
+ containerPort: 7443
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "tasks"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "infra"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/infra/updater
+configMap: {
+}
+service: {
+ updater: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "updater"
+ labels: {
+ component: "infra"
+ app: "updater"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "infra"
+ app: "updater"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ updater: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "updater"
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "updater"
+ domain: "prod"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "secret-updater"
+ secret: {
+ secretName: "updater-secrets"
+ }
+ }]
+ containers: [{
+ name: "updater"
+ image: "gcr.io/myproj/updater:v0.1.0"
+ args: ["-key=/etc/certs/updater.pem"]
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "secret-updater"
+ mountPath: "/etc/certs"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "updater"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "infra"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/infra/watcher
+configMap: {
+}
+service: {
+ watcher: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "watcher"
+ labels: {
+ component: "infra"
+ app: "watcher"
+ domain: "prod"
+ }
+ }
+ spec: {
+ type: "LoadBalancer"
+ selector: {
+ component: "infra"
+ app: "watcher"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ protocol: "TCP"
+ port: 7788
+ targetPort: 7788
+ }]
+ loadBalancerIP: "1.2.3.4."
+ }
+ }
+}
+deployment: {
+ watcher: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "watcher"
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: "watcher"
+ domain: "prod"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "secret-volume"
+ secret: {
+ secretName: "star-example-com-secrets"
+ }
+ }]
+ containers: [{
+ name: "watcher"
+ image: "gcr.io/myproj/watcher:v0.1.0"
+ ports: [{
+ containerPort: 7080
+ _export: false
+ }, {
+ containerPort: 7788
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "watcher"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "infra"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "infra"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "infra"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/kitchen
+configMap: {
+}
+service: {
+}
+deployment: {
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "kitchen"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/kitchen/caller
+configMap: {
+}
+service: {
+ caller: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "caller"
+ labels: {
+ component: "kitchen"
+ app: "caller"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "caller"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ caller: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "caller"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "caller"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "ssd-caller"
+ gcePersistentDisk: {
+ fsType: "ext4"
+ pdName: "ssd-caller"
+ }
+ }, {
+ name: "secret-caller"
+ secret: {
+ secretName: "caller-secrets"
+ }
+ }, {
+ name: "secret-ssh-key"
+ secret: {
+ secretName: "secrets"
+ }
+ }]
+ containers: [{
+ name: "caller"
+ image: "gcr.io/myproj/caller:v0.20.14"
+ args: ["-env=prod", "-key=/etc/certs/client.key", "-cert=/etc/certs/client.pem", "-ca=/etc/certs/servfx.ca", "-ssh-tunnel-key=/sslcerts/tunnel-private.pem", "-logdir=/logs", "-event-server=events:7788"]
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "ssd-caller"
+ mountPath: "/logs"
+ }, {
+ name: "secret-caller"
+ readOnly: true
+ mountPath: "/etc/certs"
+ }, {
+ name: "secret-ssh-key"
+ readOnly: true
+ mountPath: "/sslcerts"
+ }]
+ livenessProbe: {
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ }
+ }]
+ _hasDisks: true
+ }
+ }
+ replicas: 3
+ }
+ _name: "caller"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "kitchen"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/kitchen/dishwasher
+configMap: {
+}
+service: {
+ dishwasher: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "dishwasher"
+ labels: {
+ component: "kitchen"
+ app: "dishwasher"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "dishwasher"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ dishwasher: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "dishwasher"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "dishwasher"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "dishwasher-disk"
+ gcePersistentDisk: {
+ fsType: "ext4"
+ pdName: "dishwasher-disk"
+ }
+ }, {
+ name: "secret-dishwasher"
+ secret: {
+ secretName: "dishwasher-secrets"
+ }
+ }, {
+ name: "secret-ssh-key"
+ secret: {
+ secretName: "dishwasher-secrets"
+ }
+ }]
+ containers: [{
+ name: "dishwasher"
+ image: "gcr.io/myproj/dishwasher:v0.2.13"
+ args: ["-env=prod", "-ssh-tunnel-key=/etc/certs/tunnel-private.pem", "-logdir=/logs", "-event-server=events:7788"]
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "dishwasher-disk"
+ mountPath: "/logs"
+ }, {
+ name: "secret-dishwasher"
+ readOnly: true
+ mountPath: "/sslcerts"
+ }, {
+ name: "secret-ssh-key"
+ readOnly: true
+ mountPath: "/etc/certs"
+ }]
+ livenessProbe: {
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ }
+ }]
+ _hasDisks: true
+ }
+ }
+ replicas: 5
+ }
+ _name: "dishwasher"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "kitchen"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/kitchen/expiditer
+configMap: {
+}
+service: {
+ expiditer: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "expiditer"
+ labels: {
+ component: "kitchen"
+ app: "expiditer"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "expiditer"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ expiditer: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "expiditer"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "expiditer"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "expiditer-disk"
+ gcePersistentDisk: {
+ fsType: "ext4"
+ pdName: "expiditer-disk"
+ }
+ }, {
+ name: "secret-expiditer"
+ secret: {
+ secretName: "expiditer-secrets"
+ }
+ }]
+ containers: [{
+ name: "expiditer"
+ image: "gcr.io/myproj/expiditer:v0.5.34"
+ args: ["-env=prod", "-ssh-tunnel-key=/etc/certs/tunnel-private.pem", "-logdir=/logs", "-event-server=events:7788"]
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "expiditer-disk"
+ mountPath: "/logs"
+ }, {
+ name: "secret-expiditer"
+ readOnly: true
+ mountPath: "/etc/certs"
+ }]
+ livenessProbe: {
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ }
+ }]
+ _hasDisks: true
+ }
+ }
+ replicas: 1
+ }
+ _name: "expiditer"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "kitchen"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/kitchen/headchef
+configMap: {
+}
+service: {
+ headchef: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "headchef"
+ labels: {
+ component: "kitchen"
+ app: "headchef"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "headchef"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ headchef: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "headchef"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "headchef"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "headchef-disk"
+ gcePersistentDisk: {
+ fsType: "ext4"
+ pdName: "headchef-disk"
+ }
+ }, {
+ name: "secret-headchef"
+ secret: {
+ secretName: "headchef-secrets"
+ }
+ }]
+ containers: [{
+ name: "headchef"
+ image: "gcr.io/myproj/headchef:v0.2.16"
+ args: ["-env=prod", "-logdir=/logs", "-event-server=events:7788"]
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "headchef-disk"
+ mountPath: "/logs"
+ }, {
+ name: "secret-headchef"
+ readOnly: true
+ mountPath: "/sslcerts"
+ }]
+ livenessProbe: {
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ }
+ }]
+ _hasDisks: true
+ }
+ }
+ replicas: 1
+ }
+ _name: "headchef"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "kitchen"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/kitchen/linecook
+configMap: {
+}
+service: {
+ linecook: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "linecook"
+ labels: {
+ component: "kitchen"
+ app: "linecook"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "linecook"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ linecook: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "linecook"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "linecook"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "linecook-disk"
+ gcePersistentDisk: {
+ fsType: "ext4"
+ pdName: "linecook-disk"
+ }
+ }, {
+ name: "secret-kitchen"
+ secret: {
+ secretName: "secrets"
+ }
+ }]
+ containers: [{
+ name: "linecook"
+ image: "gcr.io/myproj/linecook:v0.1.42"
+ args: ["-name=linecook", "-env=prod", "-logdir=/logs", "-event-server=events:7788", "-etcd", "etcd:2379", "-reconnect-delay", "1h", "-recovery-overlap", "100000"]
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "linecook-disk"
+ mountPath: "/logs"
+ }, {
+ name: "secret-kitchen"
+ readOnly: true
+ mountPath: "/etc/certs"
+ }]
+ livenessProbe: {
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ }
+ }]
+ _hasDisks: true
+ }
+ }
+ replicas: 1
+ }
+ _name: "linecook"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "kitchen"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/kitchen/pastrychef
+configMap: {
+}
+service: {
+ pastrychef: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "pastrychef"
+ labels: {
+ component: "kitchen"
+ app: "pastrychef"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "pastrychef"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ pastrychef: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "pastrychef"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "pastrychef"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "pastrychef-disk"
+ gcePersistentDisk: {
+ fsType: "ext4"
+ pdName: "pastrychef-disk"
+ }
+ }, {
+ name: "secret-ssh-key"
+ secret: {
+ secretName: "secrets"
+ }
+ }]
+ containers: [{
+ name: "pastrychef"
+ image: "gcr.io/myproj/pastrychef:v0.1.15"
+ args: ["-env=prod", "-ssh-tunnel-key=/etc/certs/tunnel-private.pem", "-logdir=/logs", "-event-server=events:7788", "-reconnect-delay=1m", "-etcd=etcd:2379", "-recovery-overlap=10000"]
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "pastrychef-disk"
+ mountPath: "/logs"
+ }, {
+ name: "secret-ssh-key"
+ readOnly: true
+ mountPath: "/etc/certs"
+ }]
+ livenessProbe: {
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ }
+ }]
+ _hasDisks: true
+ }
+ }
+ replicas: 1
+ }
+ _name: "pastrychef"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "kitchen"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/kitchen/souschef
+configMap: {
+}
+service: {
+ souschef: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "souschef"
+ labels: {
+ component: "kitchen"
+ app: "souschef"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "kitchen"
+ app: "souschef"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 8080
+ targetPort: 8080
+ }]
+ }
+ }
+}
+deployment: {
+ souschef: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "souschef"
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: "souschef"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ spec: {
+ containers: [{
+ name: "souschef"
+ image: "gcr.io/myproj/souschef:v0.5.3"
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ livenessProbe: {
+ initialDelaySeconds: 40
+ periodSeconds: 3
+ httpGet: {
+ path: "/debug/health"
+ port: 8080
+ }
+ }
+ }]
+ _hasDisks: false
+ }
+ }
+ replicas: 1
+ }
+ _name: "souschef"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "kitchen"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "kitchen"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "kitchen"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/mon
+configMap: {
+}
+service: {
+}
+deployment: {
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "mon"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "mon"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/mon/alertmanager
+configMap: {
+ alertmanager: {
+ kind: "ConfigMap"
+ apiVersion: "v1"
+ metadata: {
+ name: "alertmanager"
+ labels: {
+ component: "mon"
+ }
+ }
+ data: {
+ "alerts.yaml": """
+ receivers:
+ - name: pager
+ slack_configs:
+ - channel: '#cloudmon'
+ send_resolved: true
+ text: |-
+ {{ range .Alerts }}{{ .Annotations.description }}
+ {{ end }}
+ route:
+ group_by:
+ - alertname
+ - cluster
+ receiver: pager
+
+ """
+ }
+ }
+}
+service: {
+ alertmanager: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "alertmanager"
+ labels: {
+ name: "alertmanager"
+ component: "mon"
+ app: "alertmanager"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io/scrape": "true"
+ "prometheus.io/path": "/metrics"
+ }
+ }
+ spec: {
+ selector: {
+ name: "alertmanager"
+ component: "mon"
+ app: "alertmanager"
+ domain: "prod"
+ }
+ ports: [{
+ name: "main"
+ protocol: "TCP"
+ port: 9093
+ targetPort: 9093
+ }]
+ }
+ }
+}
+deployment: {
+ alertmanager: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "alertmanager"
+ labels: {
+ component: "mon"
+ }
+ }
+ spec: {
+ selector: {
+ matchLabels: {
+ app: "alertmanager"
+ }
+ }
+ template: {
+ metadata: {
+ name: "alertmanager"
+ labels: {
+ component: "mon"
+ app: "alertmanager"
+ domain: "prod"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "config-volume"
+ configMap: {
+ name: "alertmanager"
+ }
+ }, {
+ name: "alertmanager"
+ emptyDir: {
+ }
+ }]
+ containers: [{
+ name: "alertmanager"
+ image: "prom/alertmanager:v0.15.2"
+ args: ["--config.file=/etc/alertmanager/alerts.yaml", "--storage.path=/alertmanager", "--web.external-url=https://alertmanager.example.com"]
+ ports: [{
+ name: "alertmanager"
+ containerPort: 9093
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "config-volume"
+ mountPath: "/etc/alertmanager"
+ }, {
+ name: "alertmanager"
+ mountPath: "/alertmanager"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "alertmanager"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "mon"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "mon"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/mon/grafana
+configMap: {
+}
+service: {
+ grafana: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "grafana"
+ labels: {
+ component: "mon"
+ app: "grafana"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "mon"
+ app: "grafana"
+ domain: "prod"
+ }
+ ports: [{
+ name: "grafana"
+ protocol: "TCP"
+ port: 3000
+ targetPort: 3000
+ }]
+ }
+ }
+}
+deployment: {
+ grafana: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "grafana"
+ labels: {
+ component: "mon"
+ app: "grafana"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "mon"
+ app: "grafana"
+ domain: "prod"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "grafana-volume"
+ gcePersistentDisk: {
+ fsType: "ext4"
+ pdName: "grafana-volume"
+ }
+ }]
+ containers: [{
+ name: "grafana"
+ env: [{
+ name: "GF_AUTH_BASIC_ENABLED"
+ value: "false"
+ }, {
+ name: "GF_AUTH_ANONYMOUS_ENABLED"
+ value: "true"
+ }, {
+ name: "GF_AUTH_ANONYMOUS_ORG_ROLE"
+ value: "admin"
+ }]
+ resources: {
+ limits: {
+ cpu: "100m"
+ memory: "100Mi"
+ }
+ requests: {
+ cpu: "100m"
+ memory: "100Mi"
+ }
+ }
+ image: "grafana/grafana:4.5.2"
+ ports: [{
+ containerPort: 8080
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "grafana-volume"
+ mountPath: "/var/lib/grafana"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "grafana"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "mon"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "mon"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/mon/nodeexporter
+configMap: {
+}
+service: {
+ "node-exporter": {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "node-exporter"
+ labels: {
+ component: "mon"
+ app: "node-exporter"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io/scrape": "true"
+ }
+ }
+ spec: {
+ type: "ClusterIP"
+ selector: {
+ component: "mon"
+ app: "node-exporter"
+ domain: "prod"
+ }
+ ports: [{
+ name: "metrics"
+ protocol: "TCP"
+ port: 9100
+ targetPort: 9100
+ }]
+ clusterIP: "None"
+ }
+ }
+}
+deployment: {
+}
+daemonSet: {
+ "node-exporter": {
+ kind: "DaemonSet"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "node-exporter"
+ labels: {
+ component: "mon"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ name: "node-exporter"
+ labels: {
+ component: "mon"
+ app: "node-exporter"
+ domain: "prod"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "proc"
+ hostPath: {
+ path: "/proc"
+ }
+ }, {
+ name: "sys"
+ hostPath: {
+ path: "/sys"
+ }
+ }]
+ containers: [{
+ name: "node-exporter"
+ resources: {
+ limits: {
+ cpu: "200m"
+ memory: "50Mi"
+ }
+ requests: {
+ cpu: "100m"
+ memory: "30Mi"
+ }
+ }
+ image: "quay.io/prometheus/node-exporter:v0.16.0"
+ args: ["--path.procfs=/host/proc", "--path.sysfs=/host/sys"]
+ ports: [{
+ name: "scrape"
+ hostPort: 9100
+ containerPort: 9100
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "proc"
+ readOnly: true
+ mountPath: "/host/proc"
+ }, {
+ name: "sys"
+ readOnly: true
+ mountPath: "/host/sys"
+ }]
+ }]
+ hostNetwork: true
+ hostPID: true
+ }
+ }
+ }
+ _name: "node-exporter"
+ }
+}
+statefulSet: {
+}
+_component: "mon"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "mon"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/mon/prometheus
+configMap: {
+ prometheus: {
+ kind: "ConfigMap"
+ apiVersion: "v1"
+ metadata: {
+ name: "prometheus"
+ labels: {
+ component: "mon"
+ }
+ }
+ data: {
+ "alert.rules": """
+ groups:
+ - name: rules.yaml
+ rules:
+ - alert: InstanceDown
+ annotations:
+ description: '{{$labels.app}} of job {{ $labels.job }} has been down for more
+ than 30 seconds.'
+ summary: Instance {{$labels.app}} down
+ expr: up == 0
+ for: 30s
+ labels:
+ severity: page
+ - alert: InsufficientPeers
+ annotations:
+ description: If one more etcd peer goes down the cluster will be unavailable
+ summary: etcd cluster small
+ expr: count(up{job=\"etcd\"} == 0) > (count(up{job=\"etcd\"}) / 2 - 1)
+ for: 3m
+ labels:
+ severity: page
+ - alert: EtcdNoMaster
+ annotations:
+ summary: No ETCD master elected.
+ expr: sum(etcd_server_has_leader{app=\"etcd\"}) == 0
+ for: 1s
+ labels:
+ severity: page
+ - alert: PodRestart
+ annotations:
+ description: '{{$labels.app}} {{ $labels.container }} resturted {{ $value }}
+ times in 5m.'
+ summary: Pod for {{$labels.container}} restarts too often
+ expr: (max_over_time(pod_container_status_restarts_total[5m]) - min_over_time(pod_container_status_restarts_total[5m]))
+ > 2
+ for: 1m
+ labels:
+ severity: page
+
+ """
+ "prometheus.yml": """
+ alerting:
+ alertmanagers:
+ - scheme: http
+ static_configs:
+ - targets:
+ - alertmanager:9093
+ global:
+ scrape_interval: 15s
+ rule_files:
+ - /etc/prometheus/alert.rules
+ scrape_configs:
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-apiservers
+ kubernetes_sd_configs:
+ - role: endpoints
+ relabel_configs:
+ - action: keep
+ regex: default;kubernetes;https
+ source_labels:
+ - __meta_kubernetes_namespace
+ - __meta_kubernetes_service_name
+ - __meta_kubernetes_endpoint_port_name
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-nodes
+ kubernetes_sd_configs:
+ - role: node
+ relabel_configs:
+ - action: labelmap
+ regex: __meta_kubernetes_node_label_(.+)
+ - replacement: kubernetes.default.svc:443
+ target_label: __address__
+ - regex: (.+)
+ replacement: /api/v1/nodes/${1}/proxy/metrics
+ source_labels:
+ - __meta_kubernetes_node_name
+ target_label: __metrics_path__
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+ job_name: kubernetes-cadvisor
+ kubernetes_sd_configs:
+ - role: node
+ relabel_configs:
+ - action: labelmap
+ regex: __meta_kubernetes_node_label_(.+)
+ - replacement: kubernetes.default.svc:443
+ target_label: __address__
+ - regex: (.+)
+ replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
+ source_labels:
+ - __meta_kubernetes_node_name
+ target_label: __metrics_path__
+ scheme: https
+ tls_config:
+ ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+ - job_name: kubernetes-service-endpoints
+ kubernetes_sd_configs:
+ - role: endpoints
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_scrape
+ - action: replace
+ regex: (https?)
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_scheme
+ target_label: __scheme__
+ - action: replace
+ regex: (.+)
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_path
+ target_label: __metrics_path__
+ - action: replace
+ regex: ([^:]+)(?::\\d+)?;(\\d+)
+ replacement: $1:$2
+ source_labels:
+ - __address__
+ - __meta_kubernetes_service_annotation_prometheus_io_port
+ target_label: __address__
+ - action: labelmap
+ regex: __meta_kubernetes_service_label_(.+)
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_service_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-services
+ kubernetes_sd_configs:
+ - role: service
+ metrics_path: /probe
+ params:
+ module:
+ - http_2xx
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_service_annotation_prometheus_io_probe
+ - source_labels:
+ - __address__
+ target_label: __param_target
+ - replacement: blackbox-exporter.example.com:9115
+ target_label: __address__
+ - source_labels:
+ - __param_target
+ target_label: app
+ - action: labelmap
+ regex: __meta_kubernetes_service_label_(.+)
+ - source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - source_labels:
+ - __meta_kubernetes_service_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-ingresses
+ kubernetes_sd_configs:
+ - role: ingress
+ metrics_path: /probe
+ params:
+ module:
+ - http_2xx
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_ingress_annotation_prometheus_io_probe
+ - regex: (.+);(.+);(.+)
+ replacement: ${1}://${2}${3}
+ source_labels:
+ - __meta_kubernetes_ingress_scheme
+ - __address__
+ - __meta_kubernetes_ingress_path
+ target_label: __param_target
+ - replacement: blackbox-exporter.example.com:9115
+ target_label: __address__
+ - source_labels:
+ - __param_target
+ target_label: app
+ - action: labelmap
+ regex: __meta_kubernetes_ingress_label_(.+)
+ - source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - source_labels:
+ - __meta_kubernetes_ingress_name
+ target_label: kubernetes_name
+ - job_name: kubernetes-pods
+ kubernetes_sd_configs:
+ - role: pod
+ relabel_configs:
+ - action: keep
+ regex: true
+ source_labels:
+ - __meta_kubernetes_pod_annotation_prometheus_io_scrape
+ - action: replace
+ regex: (.+)
+ source_labels:
+ - __meta_kubernetes_pod_annotation_prometheus_io_path
+ target_label: __metrics_path__
+ - action: replace
+ regex: ([^:]+)(?::\\d+)?;(\\d+)
+ replacement: $1:$2
+ source_labels:
+ - __address__
+ - __meta_kubernetes_pod_annotation_prometheus_io_port
+ target_label: __address__
+ - action: labelmap
+ regex: __meta_kubernetes_pod_label_(.+)
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_namespace
+ target_label: kubernetes_namespace
+ - action: replace
+ source_labels:
+ - __meta_kubernetes_pod_name
+ target_label: kubernetes_pod_name
+
+ """
+ }
+ }
+}
+service: {
+ prometheus: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "prometheus"
+ labels: {
+ name: "prometheus"
+ component: "mon"
+ app: "prometheus"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io/scrape": "true"
+ }
+ }
+ spec: {
+ type: "NodePort"
+ selector: {
+ name: "prometheus"
+ component: "mon"
+ app: "prometheus"
+ domain: "prod"
+ }
+ ports: [{
+ name: "main"
+ protocol: "TCP"
+ port: 9090
+ targetPort: 9090
+ nodePort: 30900
+ }]
+ }
+ }
+}
+deployment: {
+ prometheus: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "prometheus"
+ labels: {
+ component: "mon"
+ }
+ }
+ spec: {
+ selector: {
+ matchLabels: {
+ app: "prometheus"
+ }
+ }
+ template: {
+ metadata: {
+ name: "prometheus"
+ labels: {
+ component: "mon"
+ app: "prometheus"
+ domain: "prod"
+ }
+ annotations: {
+ "prometheus.io.scrape": "true"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "config-volume"
+ configMap: {
+ name: "prometheus"
+ }
+ }]
+ containers: [{
+ name: "prometheus"
+ image: "prom/prometheus:v2.4.3"
+ args: ["--config.file=/etc/prometheus/prometheus.yml", "--web.external-url=https://prometheus.example.com"]
+ ports: [{
+ name: "web"
+ containerPort: 9090
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "config-volume"
+ mountPath: "/etc/prometheus"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ strategy: {
+ type: "RollingUpdate"
+ rollingUpdate: {
+ maxUnavailable: 1
+ maxSurge: 0
+ }
+ }
+ }
+ _name: "prometheus"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "mon"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "mon"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "mon"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/proxy
+configMap: {
+}
+service: {
+}
+deployment: {
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "proxy"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "proxy"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/proxy/authproxy
+configMap: {
+ authproxy: {
+ kind: "ConfigMap"
+ apiVersion: "v1"
+ metadata: {
+ name: "authproxy"
+ labels: {
+ component: "proxy"
+ }
+ }
+ data: {
+ "authproxy.cfg": """
+ # Google Auth Proxy Config File
+ ## https://github.com/bitly/google_auth_proxy
+
+ ## <addr>:<port> to listen on for HTTP clients
+ http_address = \"0.0.0.0:4180\"
+
+ ## the OAuth Redirect URL.
+ redirect_url = \"https://auth.example.com/oauth2/callback\"
+
+ ## the http url(s) of the upstream endpoint. If multiple, routing is based on path
+ upstreams = [
+ # frontend
+ \"http://frontend-waiter:7080/dpr/\",
+ \"http://frontend-maitred:7080/ui/\",
+ \"http://frontend-maitred:7080/ui\",
+ \"http://frontend-maitred:7080/report/\",
+ \"http://frontend-maitred:7080/report\",
+ \"http://frontend-maitred:7080/static/\",
+ # kitchen
+ \"http://kitchen-chef:8080/visit\",
+ # infrastructure
+ \"http://download:7080/file/\",
+ \"http://download:7080/archive\",
+ \"http://tasks:7080/tasks\",
+ \"http://tasks:7080/tasks/\",
+ ]
+
+ ## pass HTTP Basic Auth, X-Forwarded-User and X-Forwarded-Email information to upstream
+ pass_basic_auth = true
+ request_logging = true
+
+ ## Google Apps Domains to allow authentication for
+ google_apps_domains = [
+ \"example.com\",
+ ]
+
+ email_domains = [
+ \"example.com\",
+ ]
+
+ ## The Google OAuth Client ID, Secret
+ client_id = \"---\"
+ client_secret = \"---\"
+
+ ## Cookie Settings
+ ## Secret - the seed string for secure cookies
+ ## Domain - optional cookie domain to force cookies to (ie: .yourcompany.com)
+ ## Expire - expire timeframe for cookie
+ cookie_secret = \"won't tell you\"
+ cookie_domain = \".example.com\"
+ cookie_https_only = true
+ """
+ }
+ }
+}
+service: {
+ authproxy: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "authproxy"
+ labels: {
+ component: "proxy"
+ app: "authproxy"
+ domain: "prod"
+ }
+ }
+ spec: {
+ selector: {
+ component: "proxy"
+ app: "authproxy"
+ domain: "prod"
+ }
+ ports: [{
+ name: "client"
+ protocol: "TCP"
+ port: 4180
+ targetPort: 4180
+ }]
+ }
+ }
+}
+deployment: {
+ authproxy: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "authproxy"
+ labels: {
+ component: "proxy"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: "authproxy"
+ domain: "prod"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "config-volume"
+ configMap: {
+ name: "authproxy"
+ }
+ }]
+ containers: [{
+ name: "authproxy"
+ image: "skippy/oauth2_proxy:2.0.1"
+ args: ["--config=/etc/authproxy/authproxy.cfg"]
+ ports: [{
+ containerPort: 4180
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "config-volume"
+ mountPath: "/etc/authproxy"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "authproxy"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "proxy"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "proxy"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/proxy/goget
+configMap: {
+}
+service: {
+ goget: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "goget"
+ labels: {
+ component: "proxy"
+ app: "goget"
+ domain: "prod"
+ }
+ }
+ spec: {
+ type: "LoadBalancer"
+ selector: {
+ component: "proxy"
+ app: "goget"
+ domain: "prod"
+ }
+ ports: [{
+ name: "https"
+ protocol: "TCP"
+ port: 443
+ targetPort: 7443
+ }]
+ loadBalancerIP: "1.3.5.7"
+ }
+ }
+}
+deployment: {
+ goget: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "goget"
+ labels: {
+ component: "proxy"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: "goget"
+ domain: "prod"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "secret-volume"
+ secret: {
+ secretName: "goget-secrets"
+ }
+ }]
+ containers: [{
+ name: "goget"
+ image: "gcr.io/myproj/goget:v0.5.1"
+ ports: [{
+ containerPort: 7443
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "goget"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "proxy"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "proxy"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
+
+// /Users/mpvl/dev/go/text/src/cuelang.org/go/doc/tutorial/kubernetes/quick/services/proxy/nginx
+configMap: {
+ nginx: {
+ kind: "ConfigMap"
+ apiVersion: "v1"
+ metadata: {
+ name: "nginx"
+ labels: {
+ component: "proxy"
+ }
+ }
+ data: {
+ "nginx.conf": """
+ events {
+ worker_connections 768;
+ }
+ http {
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ # needs to be high for some download jobs.
+ keepalive_timeout 400;
+ # proxy_connect_timeout 300;
+ proxy_send_timeout 300;
+ proxy_read_timeout 300;
+ send_timeout 300;
+
+ types_hash_max_size 2048;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ access_log /dev/stdout;
+ error_log /dev/stdout;
+
+ # Disable POST body size constraints. We often deal with large
+ # files. Especially docker containers may be large.
+ client_max_body_size 0;
+
+ upstream goget {
+ server localhost:7070;
+ }
+
+ # Redirect incoming Google Cloud Storage notifications:
+ server {
+ listen 443 ssl;
+ server_name notify.example.com notify2.example.com;
+
+ ssl_certificate /etc/ssl/server.crt;
+ ssl_certificate_key /etc/ssl/server.key;
+
+ # Security enhancements to deal with poodles and the like.
+ # See https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+ # ssl_ciphers 'AES256+EECDH:AES256+EDH';
+ ssl_ciphers \"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4\";
+
+ # We don't like poodles.
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ # Enable Forward secrecy.
+ ssl_dhparam /etc/ssl/dhparam.pem;
+ ssl_prefer_server_ciphers on;
+
+ # Enable HTST.
+ add_header Strict-Transport-Security max-age=1209600;
+
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
+ chunked_transfer_encoding on;
+
+ location / {
+ proxy_pass http://tasks:7080;
+ proxy_connect_timeout 1;
+ }
+ }
+
+ server {
+ listen 80;
+ listen 443 ssl;
+ server_name x.example.com example.io;
+
+ location ~ \"(/[^/]+)(/.*)?\" {
+ set $myhost $host;
+ if ($arg_go-get = \"1\") {
+ set $myhost \"goget\";
+ }
+ proxy_pass http://$myhost$1;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+
+ location / {
+ set $myhost $host;
+ if ($arg_go-get = \"1\") {
+ set $myhost \"goget\";
+ }
+ proxy_pass http://$myhost;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+ }
+
+ server {
+ listen 80;
+ server_name www.example.com w.example.com;
+
+ resolver 8.8.8.8;
+
+ location / {
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-Server $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_pass http://$host.default.example.appspot.com/$request_uri;
+ proxy_redirect http://$host.default.example.appspot.com/ /;
+ }
+ }
+
+ server {
+ # We could add the following line and the connection would still be SSL,
+ # but it doesn't appear to be necessary. Seems saver this way.
+ listen 80;
+ listen 443 default ssl;
+ server_name ~^(?<sub>.*)\\.example\\.com$;
+
+ ssl_certificate /etc/ssl/server.crt;
+ ssl_certificate_key /etc/ssl/server.key;
+
+ # Security enhancements to deal with poodles and the like.
+ # See https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+ # ssl_ciphers 'AES256+EECDH:AES256+EDH';
+ ssl_ciphers \"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4\";
+
+ # We don't like poodles.
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ # Enable Forward secrecy.
+ ssl_dhparam /etc/ssl/dhparam.pem;
+ ssl_prefer_server_ciphers on;
+
+ # Enable HTST.
+ add_header Strict-Transport-Security max-age=1209600;
+
+ if ($ssl_protocol = \"\") {
+ rewrite ^ https://$host$request_uri? permanent;
+ }
+
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
+ chunked_transfer_encoding on;
+
+ location / {
+ proxy_pass http://authproxy:4180;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_connect_timeout 1;
+ }
+ }
+ }
+ """
+ }
+ }
+}
+service: {
+ nginx: {
+ kind: "Service"
+ apiVersion: "v1"
+ metadata: {
+ name: "nginx"
+ labels: {
+ component: "proxy"
+ app: "nginx"
+ domain: "prod"
+ }
+ }
+ spec: {
+ type: "LoadBalancer"
+ selector: {
+ component: "proxy"
+ app: "nginx"
+ domain: "prod"
+ }
+ ports: [{
+ name: "http"
+ protocol: "TCP"
+ port: 80
+ targetPort: 80
+ }, {
+ name: "https"
+ protocol: "TCP"
+ port: 443
+ targetPort: 443
+ }]
+ loadBalancerIP: "1.3.4.5"
+ }
+ }
+}
+deployment: {
+ nginx: {
+ kind: "Deployment"
+ apiVersion: "extensions/v1beta1"
+ metadata: {
+ name: "nginx"
+ labels: {
+ component: "proxy"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: "nginx"
+ domain: "prod"
+ }
+ }
+ spec: {
+ volumes: [{
+ name: "secret-volume"
+ secret: {
+ secretName: "proxy-secrets"
+ }
+ }, {
+ name: "config-volume"
+ configMap: {
+ name: "nginx"
+ }
+ }]
+ containers: [{
+ name: "nginx"
+ image: "nginx:1.11.10-alpine"
+ ports: [{
+ containerPort: 80
+ _export: true
+ }, {
+ containerPort: 443
+ _export: true
+ }]
+ volumeMounts: [{
+ name: "secret-volume"
+ mountPath: "/etc/ssl"
+ }, {
+ name: "config-volume"
+ mountPath: "/etc/nginx/nginx.conf"
+ subPath: "nginx.conf"
+ }]
+ }]
+ }
+ }
+ replicas: 1
+ }
+ _name: "nginx"
+ }
+}
+daemonSet: {
+}
+statefulSet: {
+}
+_component: "proxy"
+_spec: {
+ metadata: {
+ name: string
+ labels: {
+ component: "proxy"
+ }
+ }
+ spec: {
+ template: {
+ metadata: {
+ labels: {
+ component: "proxy"
+ app: string
+ domain: "prod"
+ }
+ }
+ spec: {
+ containers: [{
+ name: string
+ ports: []
+ }]
+ }
+ }
+ }
+ _name: string
+}
diff --git a/doc/tutorial/kubernetes/tut_test.go b/doc/tutorial/kubernetes/tut_test.go
index 5cfcd5b..768e831 100644
--- a/doc/tutorial/kubernetes/tut_test.go
+++ b/doc/tutorial/kubernetes/tut_test.go
@@ -15,6 +15,7 @@
package kubernetes
import (
+ "bytes"
"flag"
"fmt"
"io"
@@ -244,3 +245,33 @@
// TODO:
// Test manual and quick: evaluation results in output of testdata directory.
+
+func TestEval(t *testing.T) {
+ for _, dir := range []string{"quick", "manual"} {
+ t.Run(dir, func(t *testing.T) {
+ buf := &bytes.Buffer{}
+ cuetest.Run(t, dir, "cue eval ./...", &cuetest.Config{
+ Stdout: buf,
+ })
+
+ testfile := filepath.Join("testdata", dir+".out")
+
+ if *update {
+ err := ioutil.WriteFile(testfile, buf.Bytes(), 0644)
+ if err != nil {
+ t.Fatal(err)
+ }
+ return
+ }
+
+ b, err := ioutil.ReadFile(testfile)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ if got, want := buf.String(), string(b); got != want {
+ t.Errorf("files differ:\n%s", diff.Diff(got, want))
+ }
+ })
+ }
+}
diff --git a/internal/cuetest/sim.go b/internal/cuetest/sim.go
index 9f6be14..87f0f99 100644
--- a/internal/cuetest/sim.go
+++ b/internal/cuetest/sim.go
@@ -57,8 +57,16 @@
logf(t, "Args: %q", args)
buf := &bytes.Buffer{}
+ if cfg.Golden != "" {
+ if cfg.Stdout != nil {
+ t.Fatal("cannot set Golden and Stdout")
+ }
+ cfg.Stdout = buf
+ }
cmd, err := cmd.New(args)
- cmd.SetOutput(buf)
+ if cfg.Stdout != nil {
+ cmd.SetOutput(cfg.Stdout)
+ }
if cfg.Stdin != nil {
cmd.SetInput(cfg.Stdin)
}