CloudOps Camp: January 2022

Thursday, January 20, 2022

Kubernetes objects with practical examples

1. Pod

Example: Suppose you have a simple web application with a single container.

Definition: A Pod could be defined as follows:


apiVersion: v1
kind: Pod
metadata:
  name: my-web-app
spec:
  containers:
    - name: web-container
      image: nginx:latest
      ports:
        - containerPort: 80

Explanation: This Pod definition runs an Nginx container, exposing port 80.

2. Service

Example: To expose the my-web-app Pod so it can be accessed from other Pods or externally.

Definition: A Service could be defined as follows:


apiVersion: v1
kind: Service
metadata:
  name: my-web-service
spec:
  selector:
    app: my-web-app
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: LoadBalancer

Explanation: This Service targets Pods with the label app: my-web-app and exposes port 80. The LoadBalancer type will provision an external IP address (if supported by the cloud provider).

3. Deployment

Example: To deploy multiple replicas of your my-web-app Pod and manage updates.

Definition: A Deployment could be defined as follows:


apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-web-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-web-app
  template:
    metadata:
      labels:
        app: my-web-app
    spec:
      containers:
        - name: web-container
          image: nginx:latest
          ports:
            - containerPort: 80

Explanation: This Deployment manages three replicas of my-web-app, ensuring high availability and managing updates seamlessly.

4. ReplicaSet

Example: The ReplicaSet is usually managed by a Deployment, but you can define it directly as follows:


apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: my-web-replicaset
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-web-app
  template:
    metadata:
      labels:
        app: my-web-app
    spec:
      containers:
        - name: web-container
          image: nginx:latest
          ports:
            - containerPort: 80

Explanation: This ReplicaSet ensures that three Pods with the label app: my-web-app are running at all times.

5. StatefulSet

Example: For a database application where each instance needs a stable identity and persistent storage.

Definition: A StatefulSet could be defined as follows:


apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: my-db-statefulset
spec:
  serviceName: "my-db-service"
  replicas: 3
  selector:
    matchLabels:
      app: my-database
  template:
    metadata:
      labels:
        app: my-database
    spec:
      containers:
        - name: db-container
          image: postgres:latest
          ports:
            - containerPort: 5432
          volumeMounts:
            - name: db-storage
              mountPath: /var/lib/postgresql/data
  volumeClaimTemplates:
    - metadata:
        name: db-storage
      spec:
        accessModes: ["ReadWriteOnce"]
        resources:
          requests:
            storage: 1Gi

Explanation: This StatefulSet manages three instances of a PostgreSQL database, each with its own persistent storage.

6. DaemonSet

Example: To ensure a logging agent runs on every node.

Definition: A DaemonSet could be defined as follows:


apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: log-collector
spec:
  selector:
    matchLabels:
      app: log-collector
  template:
    metadata:
      labels:
        app: log-collector
    spec:
      containers:
        - name: log-agent
          image: fluentd:latest
          volumeMounts:
            - name: varlog
              mountPath: /var/log
      volumes:
        - name: varlog
          hostPath:
            path: /var/log

Explanation: This DaemonSet ensures that the log-agent container runs on every node, collecting logs from /var/log.

7. Job

Example: To run a database migration task that needs to complete successfully.

Definition: A Job could be defined as follows:


apiVersion: batch/v1
kind: Job
metadata:
  name: db-migration-job
spec:
  template:
    spec:
      containers:
        - name: migration
          image: my-migration-tool:latest
          command: ["./migrate.sh"]
      restartPolicy: OnFailure

Explanation: This Job runs a migration script to completion, restarting only if it fails.

8. CronJob

Example: To schedule a task to back up a database every day at midnight.

Definition: A CronJob could be defined as follows:


apiVersion: batch/v1
kind: CronJob
metadata:
  name: daily-db-backup
spec:
  schedule: "0 0 * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
            - name: backup
              image: my-backup-tool:latest
              command: ["./backup.sh"]
          restartPolicy: OnFailure

Explanation: This CronJob schedules a backup job to run every day at midnight.

9. ConfigMap

Example: To provide configuration settings for your application.

Definition: A ConfigMap could be defined as follows:


apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  APP_MODE: "production"
  LOG_LEVEL: "info"

Explanation: This ConfigMap provides configuration data that can be consumed by Pods.

10. Secret

Example: To store sensitive information like a database password.

Definition: A Secret could be defined as follows:


apiVersion: v1
kind: Secret
metadata:
  name: db-secret
type: Opaque
data:
  db-password: c2VjcmV0cGFzc3dvcmQ=  # Base64 encoded 'secretpassword'

Explanation: This Secret stores a base64-encoded password that can be used by Pods.

11. Namespace

Example: To create an isolated environment for different teams.

Definition: A Namespace could be defined as follows:


apiVersion: v1
kind: Namespace
metadata:
  name: dev-environment

Explanation: This Namespace isolates resources for a development environment.

12. PersistentVolume (PV) and PersistentVolumeClaim (PVC)

Example: To manage persistent storage for your application.

PersistentVolume Definition:


apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-example
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: /mnt/data

PersistentVolumeClaim Definition:


apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-example
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi

Explanation: The PV provides storage, and the PVC requests that storage. When bound, Pods can use the PVC to access the PV.

13. Ingress

Example: To route traffic to different services based on the URL.

Definition: An Ingress could be defined as follows:


apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
    - host: myapp.example.com
      http:
        paths:
          - path: /api
            pathType: Prefix
            backend:
              service:
                name: api-service
                port:
                  number: 80
          - path: /
            pathType: Prefix
            backend:
              service:
                name: web-service
                port:
                  number: 80

Explanation: This Ingress routes requests to different services based on the path (/api to api-service, and / to web-service).

Each of these objects helps in managing different aspects of a Kubernetes deployment, making it easier to handle complex containerized applications and services.

Thursday, January 13, 2022

Kubernetes objects - Roles

Kubernetes is a powerful container orchestration platform that helps manage and automate the deployment, scaling, and operation of application containers. It uses several key objects to achieve this, each serving a specific purpose. Here’s a rundown of some of the most important Kubernetes objects and their roles:

1. Pod

Definition: The smallest and simplest Kubernetes object. A Pod represents a single instance of a running process in your cluster.
Details: A Pod can contain one or more containers that share the same network namespace and storage volumes. Containers within a Pod can communicate with each other using localhost.

2. Service

Definition: A Service is an abstraction that defines a logical set of Pods and a policy by which to access them.
Details: Services enable communication between different parts of your application or with external applications. They provide load balancing and service discovery by assigning a stable IP address and DNS name to the set of Pods.

3. Deployment

Definition: A Deployment is a higher-level abstraction that manages a ReplicaSet and provides declarative updates to Pods and ReplicaSets.
Details: Deployments ensure that a specified number of Pods are running at any given time. They manage rolling updates, rollbacks, and scaling.

4. ReplicaSet

Definition: A ReplicaSet ensures that a specified number of Pod replicas are running at any given time.
Details: ReplicaSets are often used by Deployments to manage scaling and self-healing of Pods. If a Pod fails, the ReplicaSet will create a new Pod to replace it.

5. StatefulSet

Definition: StatefulSets are used for applications that require stable, unique network identifiers and stable storage.
Details: StatefulSets are ideal for applications like databases where each instance needs to maintain its own identity and state. They provide unique, stable network identities and persistent storage.

6. DaemonSet

Definition: A DaemonSet ensures that a copy of a Pod runs on all (or some) nodes in the cluster.
Details: DaemonSets are typically used for system-level or node-level applications such as log collection or monitoring agents.

7. Job

Definition: A Job creates one or more Pods and ensures that a specified number of them successfully terminate.
Details: Jobs are used for batch processing or short-lived tasks that need to complete successfully. Once the Job completes its task, the Pods it created are terminated.

8. CronJob

Definition: A CronJob creates Jobs on a scheduled time-based pattern, similar to cron jobs in Unix-like systems.
Details: CronJobs are useful for running tasks periodically, like backups or data processing, on a schedule.

9. ConfigMap

Definition: A ConfigMap provides a way to inject configuration data into Pods.
Details: ConfigMaps allow you to separate configuration from application code and manage it independently. Configuration data can be injected into Pods as environment variables, command-line arguments, or configuration files.

10. Secret

Definition: Secrets are used to store sensitive data such as passwords, OAuth tokens, or SSH keys.
Details: Secrets help keep sensitive information secure by encoding it in base64 and managing it through Kubernetes' API. They can be used in Pods similarly to ConfigMaps but with additional security.

11. Namespace

Definition: A Namespace is a virtual cluster within a Kubernetes cluster that provides a scope for names.
Details: Namespaces are useful for dividing resources between multiple users or teams, providing isolation and resource management.

12. PersistentVolume (PV) and PersistentVolumeClaim (PVC)

Definition: PVs and PVCs are used to manage storage in Kubernetes.
Details:
- PersistentVolume (PV): Represents a piece of storage in the cluster.
- PersistentVolumeClaim (PVC): Represents a request for storage by a user. PVCs are bound to PVs that meet their requirements.

13. Ingress

Definition: An Ingress provides HTTP and HTTPS routing to services within the cluster.
Details: It manages access to services based on URL paths or hostnames and is often used for load balancing and SSL termination.

Each of these objects plays a critical role in the functioning of a Kubernetes cluster, helping to manage various aspects of containerized applications and services.

Tuesday, January 4, 2022

Kubernetes object

Kubernetes is a powerful container orchestration platform that uses various objects to manage the deployment, scaling, and operation of application containers. Here’s a step-by-step guide to some of the key Kubernetes objects with examples:

1. Pod

A Pod is the smallest and simplest Kubernetes object. It represents a single instance of a running process in your cluster.

Example:

Create a file named pod-example.yaml:

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
  - name: my-container
    image: nginx:latest
    ports:
    - containerPort: 80

Commands:


kubectl apply -f pod-example.yaml
kubectl get pods
kubectl describe pod my-pod

2. Service

A Service is an abstraction that defines a logical set of Pods and a policy by which to access them. This can be used to expose your application.

Example:

Create a file named service-example.yaml:


apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: ClusterIP

Commands:


kubectl apply -f service-example.yaml
kubectl get services
kubectl describe service my-service

3. Deployment

A Deployment provides declarative updates to Pods and ReplicaSets. It manages the deployment of Pods and ensures the desired state is maintained.

Example:

Create a file named deployment-example.yaml:


apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx:latest
        ports:
        - containerPort: 80

Commands:


kubectl apply -f deployment-example.yaml
kubectl get deployments
kubectl describe deployment my-deployment

4. ReplicaSet

A ReplicaSet ensures that a specified number of pod replicas are running at any given time. Deployments manage ReplicaSets and Pods.

Example:

Create a file named replicaset-example.yaml:


apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: my-replicaset
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx:latest
        ports:
        - containerPort: 80

Commands:


kubectl apply -f replicaset-example.yaml
kubectl get replicasets
kubectl describe replicaset my-replicaset

5. StatefulSet

A StatefulSet is used for managing stateful applications. It provides guarantees about the ordering and uniqueness of Pods.

Example:

Create a file named statefulset-example.yaml:


apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: my-statefulset
spec:
  serviceName: "my-service"
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx:latest
        ports:
        - containerPort: 80

Commands:


kubectl apply -f statefulset-example.yaml
kubectl get statefulsets
kubectl describe statefulset my-statefulset

6. ConfigMap

A ConfigMap allows you to separate configuration artifacts from image content to keep containerized applications portable.

Example:

Create a file named configmap-example.yaml:


apiVersion: v1
kind: ConfigMap
metadata:
  name: my-configmap
data:
  my-key: my-value

Commands:


kubectl apply -f configmap-example.yaml
kubectl get configmaps
kubectl describe configmap my-configmap

7. Secret

A Secret is used to store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys.

Example:

Create a file named secret-example.yaml:


apiVersion: v1
kind: Secret
metadata:
  name: my-secret
type: Opaque
data:
  my-key: bXktdmFsdWU= # base64 encoded value of "my-value"

Commands:


kubectl apply -f secret-example.yaml
kubectl get secrets
kubectl describe secret my-secret

8. Namespace

A Namespace provides a mechanism for isolating groups of resources within a single cluster.

Example:

Create a file named namespace-example.yaml:


apiVersion: v1
kind: Namespace
metadata:
  name: my-namespace

Commands:


kubectl apply -f namespace-example.yaml
kubectl get namespaces
kubectl describe namespace my-namespace

9. Ingress

An Ingress manages external access to services, typically HTTP. It provides load balancing, SSL termination, and name-based virtual hosting.

Example:

Create a file named ingress-example.yaml:


apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: my-app.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              number: 80

Commands:


kubectl apply -f ingress-example.yaml
kubectl get ingress
kubectl describe ingress my-ingress

10. Job

A Job creates one or more Pods and ensures that a specified number of them successfully terminate.

Example:

Create a file named job-example.yaml:


apiVersion: batch/v1
kind: Job
metadata:
  name: my-job
spec:
  template:
    spec:
      containers:
      - name: my-container
        image: busybox
        command: ["sh", "-c", "echo Hello Kubernetes! && sleep 30"]
      restartPolicy: OnFailure

Commands:


kubectl apply -f job-example.yaml
kubectl get jobs
kubectl describe job my-job

11. CronJob

A CronJob creates Jobs on a scheduled time, similar to cron in Linux.

Example:

Create a file named cronjob-example.yaml:


apiVersion: batch/v1
kind: CronJob
metadata:
  name: my-cronjob
spec:
  schedule: "*/5 * * * *" # every 5 minutes
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: my-container
            image: busybox
            command: ["sh", "-c", "echo Hello Kubernetes! && sleep 30"]
          restartPolicy: OnFailure

Commands:


kubectl apply -f cronjob-example.yaml
kubectl get cronjobs
kubectl describe cronjob my-cronjob