Orchestrating the Cloud with Kubernetes
π link
Overview
Goal
Provision a complete Kubernetes cluster using Kubernetes Engine
Deploy and manage Docker containers using
kubectl
Break an application into microservices using Kubernetesβ Deployments and Services
Example Application -> github
kelseyhightower/monolith - Monolith includes auth and hello services.
kelseyhightower/auth - Auth microservice. Generates JWT tokens for authenticated users.
kelseyhightower/hello - Hello microservice. Greets authenticated users.
nginx - Frontend to the auth and hello services.
Kubernetes can run on many different environments, from laptops to high-availability multi-node clusters, from public clouds to on-premise deployments, from virtual machine to bare metal.
Setup and requirements
βοΈ Set the zone
βοΈ Start up a cluster
Task 1. Get the sample code
βοΈ Clone the GitHub repository from the Cloud Shell command line
βοΈ Change into the directory needed for this lab
βοΈ List the files to see what youβre working with
Task 2. Quick Kubernetes Demo
βοΈ Launch a single instace of the nginx container
βοΈ View the running nginx container
βοΈ Expose nginx container outside of Kubernetes
βοΈ List our services
βοΈ Add the External IP to this command to hit the Nginx container remotely
Task 3. Pods
What is Pods?
The smallest deployable units of computing that you can create and manage in Kubernetes.
Group of one or more containers with shared storage and network resources, and a specification for how to run the containers.
What is Volumnes?
Data disk that live as long as the pods live, and can be used by the containers in that pod.
What is Namespace ?
Provides a mechanism for isolating groups of resources within a single cluster.
Task 4. Creating pods
βοΈ Pod configuration file
Pod is made up of one container (ths monolith).
Youβre passing a few arguments to our container.
Youβre opening up port 80 for http traffic.
βοΈ Create the monolith
βοΈ Examine your pods. (Use the kubectl get pods command to list all pods running in the default namespace)
βοΈ Get more information about the monolith pod
Task 5. Interacting with pods
By default, pods allocated a private IP address and cannot be reached outside of the cluster. Map a local port to a port inside the monolith pod
βΎοΈ 2nd terminal
βοΈ Set up port-forwarding
βΎοΈ 1nd terminal
βοΈ Start talking to your pod
βοΈ See what heppens when you hit a secure endpoint
βοΈ Logging in to get an auth token back from the monolith
βοΈ Create an environment variable for the token (Since Cloud Shell does not handle copying long strings well, create an environment variable for the token.)
βοΈ Use the token to hit secure endpoint
βοΈ View the logs for the monolith Pod
βΎοΈ 3rd terminal
βοΈ View the logs for the monolith Pod
Get a stream of the logs happening in real-time
βοΈ In the 1st teminal to interact with the monolith, you can see the logs updating(in the 3rd terminal):
βοΈ Run an interactive shell inside the Monolith Pod. (This can come in handy when you want to troubleshoot from within a container)
βοΈ Once you have a shell into the monolith container you can test external connectivity
Log out when done youβre done with interactive shell
Kubectl make it easy to interacting with pods. If you need to hit a container remotely.
Task 6. Services
What is Services?
An abstract way to expose an application running on a set of Pods as a network service.
Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them.
Cluster IP (internal)
The default type means that this Service is only visible inside of the cluster
NodePort
NodePort gives each node in the cluster an externally accessible IP and
LoadBalancer
Adds a load balancer from the cloud provider which forwards traffic from the service to Nodes within it.
Ref
Task 7. Creating a service
Create a secure pod that can handle https traffic.
βοΈ If youβve changed directories, make sure you return to the ~/orchestrate-with-kubernetes/kubernetes
directory
βοΈ Explore the monolith service configuration file
βοΈ Creat the secure-monolith pods and their configuration data
βοΈ Expose the secure-monolith Pod externally.
To do that, create a Kubernetes service.
βοΈ Create the monolith service rom the monolith service configuration file
βοΈ Allow traffic to the monolith service on the exposed nodeport
βοΈ Get an external IP address for one of the nodes
βοΈ Hitting the secure-monolith services using curl
Uh oh! that timed out.
Task 8. Adding labels to pods
βοΈ See that you have quite a few pods running with the monolith label.
βοΈ But what about βapp=monolithβ and βsecure-enabledβ?
βοΈ Add the missing secure=enavled label to the secure-monolith Pod.
Now that pods are correctly labeled.
βοΈ View the list of endpoints on the monolith service
βοΈ Test this out by hitting one of our nodes again
Task 9. Deploying applications with Kubernetes
What is Deployments ?
Declarative way to ensure that the number of Pods running is equal to the desired number of Pods, specified by the user.
What is Replica Sets ?
Maintain stable set of replica Pods running at any given time.
It often used to guarantee the avaliability of a specified number of identical Pods.
Task 10. Creating a deployments
Monolith App with three separate pieces
auth : Generates JWT tokens for authenticated users.
hello : Greet authenticated users.
frontend : Routes trafic to the auth and hello services
βοΈ Deployment configuration file
βοΈ Create deployment object
βοΈ Create a service for your auth deployment
βοΈ Create and Expose deployment
hello deployment
frontend deployment
βοΈ Interact with the frontend by grabbing its External IP and then curling to it
Summary
Provision a complete Kubernetes cluster using Kubernetes Engine
Deploy and manage Docker containers using
kubectl
Break an application into microservices using Kubernetesβ Deployments and a Services
Last updated