feature(Controller): Add first examples

Author: rhuss

advanced/Controller/README.adoc

@@ -0,0 +1,23 @@
+## Controller
+
+
+```
+# Start minikube and enable the ingress addon
+minikube start
+minikube addons enable ingress
+
+# Create a configmap holding the controller shell script:
+kubectl create configmap expose-controller-script --from-file=./expose-controller.sh
+
+# Create the controller object:
+kubectl create -f expose-controller.yml
+
+# Create a sample web application with an 'expose' annotation:
+kubectl create -f web-app.yml
+
+# Check that an ingress has been created
+kubectl get ingress web-app -o yaml
+
+# Open Ingress route
+open http://$(minikube ip)/mdn
+```

advanced/Controller/curl-jq/Dockerfile

@@ -0,0 +1,6 @@
+FROM alpine
+RUN apk add --update \
+    curl \
+    jq \
+ && rm -rf /var/cache/apk/*
+ENTRYPOINT ["curl"]

advanced/Controller/expose-controller.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+
+# Call it with the namespace to monitor
+namespace=${1:-default}
+
+# API URL setup. Requires an ambassador API proxy running side-by-side
+base=http://localhost:8001
+ns=namespaces/$namespace
+k8s_service_url=$base/api/v1/$ns/services
+k8s_ingress_url=$base/apis/extensions/v1beta1/$ns/ingresses
+
+# Watch the K8s API on events on service objects
+echo "::: Starting to wait for events"
+curl -N -s -k $k8s_service_url?watch=true | while read event
+do
+  # Event type
+  type=$(echo $event | jq -r '.type')
+  # Annotation "expose" on service
+  expose=$(echo $event | jq -r '.object.metadata.annotations.expose?')
+  # Firt service port
+  port=$(echo $event | jq -r '.object.spec.ports[0]?.port')
+  # Service
+  service=$(echo $event | jq -r .object.metadata.name)
+
+  echo "::: $type -- $service [$port] expose = $expose"
+
+  # If a new service has been added and when its labeled with "expose", then
+  # create an ingress objecgt for it
+  if [ $type = "ADDED" ] && [ $expose != 'null' ]; then
+    # Check for Ingress with the same name
+    http_code=$(curl -s -o /dev/null -w "%{http_code}" $k8s_ingress_url/$service)
+    if [ $http_code != 200 ]; then
+      echo "::: Creating Ingress backend for service '$service'"
+      cat - << EOT | curl -s -H "Content-Type: application/json" -X "POST" -d @- $k8s_ingress_url
+{
+    "apiVersion": "extensions/v1beta1",
+    "kind": "Ingress",
+    "metadata": {
+        "name": "$service",
+        "namespace": "$namespace"
+    },
+    "spec": {
+        "rules": [{
+            "http": {
+                "paths": [{
+                    "backend": {
+                        "serviceName": "$service",
+                        "servicePort": $port
+                    },
+                    "path": "$expose"
+                }]
+            }
+        }]
+    }
+}
+EOT
+      echo
+    else
+      echo "::: Ingress '$service' already exists. Skipping ..."
+    fi
+  fi
+done

advanced/Controller/expose-controller.yml

@@ -0,0 +1,33 @@
+# Example Deployment using a config map as input for a template
+# which is processed from an init-container
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  labels:
+    project: k8spatterns
+    pattern: Controller
+  name: expose-controller
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        project: k8spatterns
+        pattern: Controller
+    spec:
+      containers:
+      - name: kubeapi-proxy
+        image: rhuss/kubeapi-proxy
+      - name: expose-controller
+        image: rhuss/curl-jq
+        command:
+        - "sh"
+        - "/expose-script/expose-controller.sh"
+        volumeMounts:
+        - mountPath: "/expose-script"
+          name: expose-controller-script
+      volumes:
+      - name: expose-controller-script
+        configMap:
+          name: expose-controller-script

advanced/Controller/kubeapi-proxy/Dockerfile

@@ -0,0 +1,19 @@
+FROM alpine
+ENV KUBECTL_VERSION=v1.8.0
+RUN apk update \
+ && apk add curl \
+ && curl -L -O https://dl.k8s.io/${KUBECTL_VERSION}/kubernetes-client-linux-amd64.tar.gz \
+ && tar zvxf kubernetes-client-linux-amd64.tar.gz kubernetes/client/bin/kubectl \
+ && mv kubernetes/client/bin/kubectl / \
+ && apk del curl \
+ && rm -rf kubernetes \
+ && rm -f kubernetes-client-linux-amd64.tar.gz \
+ && rm -rf /var/cache/apk/*
+ENTRYPOINT [ \
+  "/bin/ash", "-c", \
+  "/kubectl proxy \
+     --server https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT \
+     --certificate-authority=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
+     --token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) \
+     --accept-paths='^.*' \
+  "]

advanced/Controller/web-app.yml

@@ -0,0 +1,63 @@
+# Example for a HTTP server with a git pulling sidecar
+---
+apiVersion: v1
+kind: List
+items:
+- apiVersion: v1
+  kind: Pod
+  metadata:
+    name: web-app
+    labels:
+      project: k8spatterns
+      pattern: Controller
+      app: web-app
+  spec:
+    containers:
+    # Main container is a stock httpd serving from /var/www/html
+    - name: app
+      image: centos/httpd
+      ports:
+        - containerPort: 80
+      volumeMounts:
+      - mountPath: /var/www/html/mdn
+        name: git
+    # Sidecar poll every 10 minutes a given repository with git
+    - name: poll
+      image: axeclbr/git
+      volumeMounts:
+      - mountPath: /var/lib/data
+        name: git
+      env:
+        - name: GIT_REPO
+          value: https://github.com/mdn/beginner-html-site-scripted
+      command:
+      - "sh"
+      - "-c"
+      - "git clone $(GIT_REPO) . && watch -n 600 git pull"
+      workingDir: /var/lib/data
+    volumes:
+    # The shared directory for holding the files
+    - emptyDir: {}
+      name: git
+# A service which opens a NodePort is added for your convenience
+# but is not necessarily required for this example:
+- apiVersion: v1
+  kind: Service
+  metadata:
+    labels:
+      project: k8spatterns
+      pattern: Controller
+      app: web-app
+    annotations:
+      # Annotation indicating that this path should be reachable as
+      # ingress route and will be picked up by the ingress controller:
+      expose: "/mdn"
+    name: web-app
+  spec:
+    ports:
+    - name: http
+      port: 8080
+      protocol: TCP
+      targetPort: 80
+    selector:
+      app: web-app