DEV Community

loading...
Cover image for Deep dive into Kubernetes (part - II) :

Deep dive into Kubernetes (part - II) :

rahulku48837211 profile image Rahul Kumar ・4 min read

Setup k8s in our local environment :

We are going to install minikube for this purpose because that runs a single node Kubernetes cluster on your computer .

Install :

$ curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube_latest_amd64.deb

$ sudo dpkg -i minikube_latest_amd64.deb

  • When we install minikube it also install kubectl . No need to install separately .

  • Initiate minikube cluster

$ minikube start

You can now use kubectl commands :

$ kubectl get pods

etc .....

Kubernetes services :

What is Kubernetes service :

  • Services provides a abstraction layer over the Kubernetes cluster so that our application is not exposed directly .
  • Using services we can make sure that our application is secure and it can be accessible through defined service .
  • We can use a static ip address using services .

Sample k8s service

Types of service such as :

  • ClusterIP Service :
    This is default service type . Exposes the service on a cluster internal IP. And the incoming request comes from the browser through the ingress which make sure that the service is only reachable within the cluster.

  • NodePort Service :
    Exposes the cluster IP of each node at a static port . We can able to contact to the nodeport service from outside .

  • LoadBalancer Service :
    Load balancer can route your incoming request to the clusters .

  • Headless Service :
    Specifically designed for stateful application . Suppose there is a MongoDB database running and obviously running on master slave architecture where write happens on master and slave have to sync with master .

  • But how your k8s service knows which cluster to route the request ?
    The answer is through the selectors it knows about the forwarding request .

Hand's on :

  • A sample Nginx deployment file :
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 2 # tells deployment to run 2 pods matching the template
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.14.2
        ports:
        - containerPort: 80
Enter fullscreen mode Exit fullscreen mode

Then use the kubectl apply command with your respective file name .

$ kubectl apply -f nginx-depl.yaml

$ kubectl get pods

Hands on :

so the request comes from the browser which then goes to the external service of the mongo express application which then forward the request to the internal service of MongoDB the it forwarded it to the MongoDB pod which then authenticate it using the credentials .

  • Make sure you have the Minikube cluster running .

$minikube start

  • create a deployment file of mongo-express .

$ touch mongo-depl.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mongodb-dep
  labels:
    app: mongodb
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mongodb
  template:
    metadata:
      labels:
        app: mongodb
    spec:
      containers:
      - name: mongodb
        image: mongo
Enter fullscreen mode Exit fullscreen mode
  • Now check for the Mongo image on DockerHub(public repository for storing container images . similar to GitHub) for the configuratio ,port , environment variables .

Mongo Docker Hub

  • We need to add these environment variables and port to our deployment file after image on deployment file .
ports :
        - containerport : 27017
        env:
        - name: MONGO_INITDB_ROOT_USERNAME
          value :
        - name : MONGO_INITDB_ROOT_PASSWORD
          value :
Enter fullscreen mode Exit fullscreen mode
  • create a secret where our root user name and password will lie .

$ touch mongo-secret.yml

apiVersion: v1
kind: Secret
metadata:
  name: mongodb-secret
type: Opaque
data:
    mongo-root-username: dXNlcm5hbWU=
    mongo-root-password: cGFzcw==
Enter fullscreen mode Exit fullscreen mode

The username and password must be base64 encoded :

$ echo -n 'admin' | base64

$ echo -n 'password' | base64

And now we gonna reference it in our deployment file

$ kubectl apply -f mongo-secret.yml

  • Now we have the root user name and password then we can referred from secret .
env:
        - name : MONGO_INITDB_ROOT_USERNAME
          valueFrom:
            secretKeyRef:
              name: mongo-secret
              key : mongo-root-username 
        - name : MONGO_INITDB_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mongo-secret
              key : mongo-root-password
Enter fullscreen mode Exit fullscreen mode

$ kubectl apply -f mongo-depl.yaml

$ kubectl gel pod

  • Now we have to create a internal service so that other pods or containers can talk to MongoDB .
---
apiVersion : v1
kind: Service
metadata:
  name: mongodb-service
spec:
  selector:
    app: mongodb
  ports:
  - protocol: TCP
    port: 27017
    targetPort: 27017 
Enter fullscreen mode Exit fullscreen mode

selector -- connect to the pod through label
port -- service port
target port -- container port

$ kubectl apply -f mongo-depl.yaml

$ kubectl get service

$ kubectl describe service (service name)

$ kubectl get pod -o wide

  • Now we have to create a Mongo-express deployment and service and a config map .

Alt Text

  • We need to configure following :
  • MongoDB URL
  • admin name
  • password
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mongo-express
  labels:
    app: mongo-express
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mongo-express
  template:
    metadata:
      labels:
        app: mongo-express
    spec:
      containers:
      - name: mongo-express
        image: mongo-express
        ports:
        - containerPort: 8081
        env:
        - name : ME_CONFIG_MONGODB_ADMINUSERNAME
          valueFrom:
            secretKeyRef:
              name: mongodb-secret
              key : mongo-root-username 
        - name: ME_CONFIG_MONGODB_ADMINPASSWORD
          valueFrom:
            secretKeyRef:
              name: mongodb-secret
              key : mongo-root-password
        - name: ME_CONFIG_MONGODB_SERVER 
          valueFrom:
            configMapKeyRef:
              name: mongodb-configmap
              key : database_url
Enter fullscreen mode Exit fullscreen mode

configmap :

  • external configuration
  • centralized
  • other components can use it
apiVersion: v1
kind : ConfigMap
metadata:
  name: mongodb-configmap
data:
  database_url: mongodb-service
Enter fullscreen mode Exit fullscreen mode

key-value pair and the database URL

The order of creation matters

$ kubectl apply -f mongo-config.yaml

$ kubectl apply -f mongo-express.yaml

$ kubectl get pod

$ kubectl logs mongo-express-(some number)

you can see 
server is running
Enter fullscreen mode Exit fullscreen mode

FINALLY :

  • create a mongo-express service and it is a loadbalacer type(external load balancer)

  • nodePort port where the external ip address is open and it has actually a range 30000 - 32767

  • mongo-express service (The external service also got some externa IP)

apiVersion : v1  
kind : Service
metadata:
  name: mongo-express-service
spec:
  selector :
    app: mongo-express
  type : LoadBalancer 
  ports:
  - protocol: TCP
    port: 8081
    targetport: 8081
    nodePort : 30000
Enter fullscreen mode Exit fullscreen mode

$ kubectl get service

$ minikube service mongo-express-service

Now you can see the application dashboard :

Thanks for your patience reading 🔥🔥🔥

Discussion

pic
Editor guide