Bootcamp Facilitator and LCA @Andela • DevOps and Linux Fan Boy • General Weird Guy with some humour • Incapable of understanding when to use upper case and Lower Case • People call me Bakman, so there’s also that! @ T i e m m a B a k a r e 2
to code to use Kubernetes Also, ask questions if you don’t get anything, I don’t bite. Also, forget the pho-ne. I’m an Ijebu Yoruba man. @ T i e m m a B a k a r e 3
CLUSTERS PODS Run your application in a POD. Just like a container but this time, it’s in a VM. Create a cluster which is just running a number of VM’s in parallel, all running the same or different pods @ T i e m m a B a k a r e 8
a sandbox or honeypot for those who’re into security. Multiple instances of the same process can be running and not see each other. Examples are LXC and libcontainer Lagos @ T i e m m a B a k a r e 17
server containing one or more Kubernetes nodes. A common Kubernetes cluster for local development is minikube. It just houses the Kubernetes node. @ T i e m m a B a k a r e 33
of your containerized application in Kubernetes. Deployments are not accessible outside the Kubernetes VM that they’re run in. A service is therefore the entry point that defines what ports are accessible and how the port mapping should be set up on the host. @ T i e m m a B a k a r e 39
selector: matchLabels: run: random-deployment replicas: 4 strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 1 type: RollingUpdate Name of the deployment Namespace where we want to put this. Namespaces are basically sandboxes. The labels our service uses to filter and find this deployment Rolling Updates help with making sure we can make changes and set the number of replicas we want to keep available We’d get here soon API version the deployment kind can be found This is a deployment cluster type @ T i e m m a B a k a r e 47
an apiVersion field. When Kubernetes has a release that updates what is available for you to use —”changes something in its API”— a new apiVersion is created. @ T i e m m a B a k a r e 49
selector: matchLabels: run: random-deployment replicas: 4 strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 1 type: RollingUpdate Name of the deployment Namespace where we want to deploy this. Namespaces are basically sandboxes. The labels our service uses to filter and find this deployment Rolling Updates help with making sure we can make changes and set the number of replicas we want to keep available We’d get here soon API version the deployment kind can be found This is a deployment cluster type @ T i e m m a B a k a r e 53
selector: matchLabels: run: random-deployment replicas: 4 strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 1 type: RollingUpdate Let’s cover what this is now! @ T i e m m a B a k a r e 55
a B a k a r e Replicas are just PODs started with the same container. In Kubernetes, we call them REPLICA SETS and they are just a group of REPLICAS. 1 Hence, we can run multiple versions of our application knowing that if we ever have downtime, we can easily start another instance(REPLICA) to cater for that one that went down. 2 61
image: node-demo imagePullPolicy: IfNotPresent This is where the label is defined The name we give our container The image we want to use in our deployment We only pull the image if we don’t have it @ T i e m m a B a k a r e 62
periodSeconds: 15 This is what Kubernetes uses to check if our container is ready. It uses status headers to check. Anything between 200 – 400 is fine. Anything after 400 is unsuccessful. If this fails, our application will not be available @ T i e m m a B a k a r e 63
This is the same as that of the readiness probe but this checks if the entire application is running and not just a service. The TCP thing just checks if my entire application’s port is still accessible. @ T i e m m a B a k a r e 64
resources: requests: cpu: 100m memory: 100Mi ports: - name: liveness-port containerPort: 3000 This is how we pass environment variable to our application. I’d explain what the config map ref is in the coming slides. We can allocate resources to our application as well. How much CPU and RAM the entire application can use 100m = 0.1CPU Because it’s node: 3000 is the port I’m using in my app @ T i e m m a B a k a r e 65
wise thing to bake configurable options into your applications container, especially if you’re running it in production. Keep your properties, env or whatever it’s called outside your app. Make it configurable and call it either using an API or otherwise with ConfigMap as seen here. @ T i e m m a B a k a r e 70
selector: run: random-deployment ports: - protocol: TCP port: 80 targetPort: 3000 name: http type: LoadBalancer @ T i e m m a B a k a r e 73 Service types are defined in the v1 API This is a Service cluster type These are details about the service name and where it is Since our deployment enforced we use this label, this is how we bind it to this service. We want to take our node app from port 3000 and expose it on port 80 Finally, this should load balance and spread traffic across multiple pods. This requires an ingress or load balancer setup
it sits in front of multiple services and acts as a “smart router” or entrypoint into your cluster. This routes to different services depending on the domain you plan to expose your service on. They are smart Layer 7 load balancers. Normal load balancers work on Layer 4. @ T i e m m a B a k a r e 75
nginx.ingress.kubernetes.io/rewrite-target: / spec: backend: serviceName: default-http-backend servicePort: 80 @ T i e m m a B a k a r e 82 This allows us to direct traffic from the same URL to another service making it easier to manage different deployments. It’s particularly very effective if you’re running microservices.
my service on http: paths: - path: / backend: serviceName: random-service servicePort: 80 - path: /socket.io backend: serviceName: random-service # another-random-service servicePort: 80 @ T i e m m a B a k a r e 83