From 5ded7d1fc555c8a110578b8761cf8b797b8c86b3 Mon Sep 17 00:00:00 2001
From: Irving Popovetsky <irving@honeycomb.io>
Date: Tue, 3 Mar 2020 15:06:51 -0800
Subject: [PATCH 1/2] Add old/proper hostnames so that ALB doesn't reject them,
 add an ALB and kube-level health check

Signed-off-by: Irving Popovetsky <irving@honeycomb.io>
---
 .../base/deployment.yaml                             | 12 ++++++++++++
 .../overlays/prod/ingress.yaml                       |  9 ++++++++-
 .../overlays/staging/ingress.yaml                    |  8 ++++++++
 3 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/kubernetes/operationcode_python_backend/base/deployment.yaml b/kubernetes/operationcode_python_backend/base/deployment.yaml
index a5a3424..6369fd9 100644
--- a/kubernetes/operationcode_python_backend/base/deployment.yaml
+++ b/kubernetes/operationcode_python_backend/base/deployment.yaml
@@ -28,6 +28,18 @@ spec:
           requests:
             memory: 200Mi
             cpu: 100m
+        readinessProbe:
+          httpGet:
+            path: /healthz
+            port: 8000
+          initialDelaySeconds: 5
+          periodSeconds: 10
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: 8000
+          initialDelaySeconds: 15
+          periodSeconds: 20
         env:
         - name: DB_HOST
           value: # Requires overlay
diff --git a/kubernetes/operationcode_python_backend/overlays/prod/ingress.yaml b/kubernetes/operationcode_python_backend/overlays/prod/ingress.yaml
index be6430a..bf9807e 100644
--- a/kubernetes/operationcode_python_backend/overlays/prod/ingress.yaml
+++ b/kubernetes/operationcode_python_backend/overlays/prod/ingress.yaml
@@ -5,6 +5,7 @@ metadata:
   annotations:
     kubernetes.io/ingress.class: alb
     alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:633607774026:certificate/8de9fd02-191c-485f-b952-e5ba32e90acb
+    alb.ingress.kubernetes.io/healthcheck-path: /healthz
     alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
     alb.ingress.kubernetes.io/scheme: internet-facing
     alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-2-2017-01
@@ -20,4 +21,10 @@ spec:
         backend:
           serviceName: back-end-service
           servicePort: 80
-
+  - host: api.operationcode.org
+    http:
+      paths:
+      - path: /*
+        backend:
+          serviceName: back-end-service
+          servicePort: 80
diff --git a/kubernetes/operationcode_python_backend/overlays/staging/ingress.yaml b/kubernetes/operationcode_python_backend/overlays/staging/ingress.yaml
index f94497a..e7292f9 100644
--- a/kubernetes/operationcode_python_backend/overlays/staging/ingress.yaml
+++ b/kubernetes/operationcode_python_backend/overlays/staging/ingress.yaml
@@ -5,6 +5,7 @@ metadata:
   annotations:
     kubernetes.io/ingress.class: alb
     alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:633607774026:certificate/8de9fd02-191c-485f-b952-e5ba32e90acb
+    alb.ingress.kubernetes.io/healthcheck-path: /healthz
     alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
     alb.ingress.kubernetes.io/scheme: internet-facing
     alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-2-2017-01
@@ -20,3 +21,10 @@ spec:
         backend:
           serviceName: back-end-service
           servicePort: 80
+  - host: api.staging.operationcode.org
+    http:
+      paths:
+      - path: /*
+        backend:
+          serviceName: back-end-service
+          servicePort: 80

From 18d27e36c33aa3e0ee159597cb1a0e39862a939f Mon Sep 17 00:00:00 2001
From: Irving Popovetsky <irving@honeycomb.io>
Date: Tue, 3 Mar 2020 21:39:11 -0800
Subject: [PATCH 2/2] Do the same for the resources service

Signed-off-by: Irving Popovetsky <irving@honeycomb.io>
---
 kubernetes/resources_api/overlays/prod/ingress.yaml    | 9 ++++++++-
 kubernetes/resources_api/overlays/staging/ingress.yaml | 9 ++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/kubernetes/resources_api/overlays/prod/ingress.yaml b/kubernetes/resources_api/overlays/prod/ingress.yaml
index be6c302..1399686 100644
--- a/kubernetes/resources_api/overlays/prod/ingress.yaml
+++ b/kubernetes/resources_api/overlays/prod/ingress.yaml
@@ -5,6 +5,7 @@ metadata:
   annotations:
     kubernetes.io/ingress.class: alb
     alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:633607774026:certificate/8de9fd02-191c-485f-b952-e5ba32e90acb
+    alb.ingress.kubernetes.io/healthcheck-path: /healthz
     alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
     alb.ingress.kubernetes.io/scheme: internet-facing
     alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-2-2017-01
@@ -20,4 +21,10 @@ spec:
         backend:
           serviceName: resources-api-service
           servicePort: 80
-
+  - host: resources.operationcode.org
+    http:
+      paths:
+      - path: /*
+        backend:
+          serviceName: resources-api-service
+          servicePort: 80
diff --git a/kubernetes/resources_api/overlays/staging/ingress.yaml b/kubernetes/resources_api/overlays/staging/ingress.yaml
index f73da59..78fa763 100644
--- a/kubernetes/resources_api/overlays/staging/ingress.yaml
+++ b/kubernetes/resources_api/overlays/staging/ingress.yaml
@@ -5,6 +5,7 @@ metadata:
   annotations:
     kubernetes.io/ingress.class: alb
     alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:633607774026:certificate/8de9fd02-191c-485f-b952-e5ba32e90acb
+    alb.ingress.kubernetes.io/healthcheck-path: /healthz
     alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
     alb.ingress.kubernetes.io/scheme: internet-facing
     alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-2-2017-01
@@ -20,4 +21,10 @@ spec:
         backend:
           serviceName: resources-api-service
           servicePort: 80
-
+  - host: resources.staging.operationcode.org
+    http:
+      paths:
+      - path: /*
+        backend:
+          serviceName: resources-api-service
+          servicePort: 80