Kubernetes

KUBERNETES

Kubernetes Components

  • Node
  • Pod
  • Service
  • ingress
  • Volumes
  • Replicaset
  • Secret
  • Configmap
  • Deployment for stateless apps
  • Statefulset for stateful apps

DB are ofter hosted outside of k8s cluster

Kubernetes Processes
Master processes

  • Api Server: cluster gateway, act as authentication gate
  • Scheduler: decides on which Node new Pod should be scheduled
  • Controller manager: detects cluster state changes
  • Etcd: the cluster brain, Cluster changes get stored in the key value store
    Node processes
  • Container runtime: like docker
  • Kubelet: interacts with the container and node
  • Kube proxy: forwards the requests
    Minikube
  • Creates Virtual Box on your laptop
  • Node runs in that Virtual Box
  • 1 Node K8s cluster
  • For testing purposes

Kubernetes Operation
在mac上安装minikube
brew update
brew install hyperkit
brew install minikube

运行minikube
minikube start —vm-driver=hyperkit —cni= flannel
minikube status

Setup the docker mirror repository inside minikube
minikube ssh
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-‘EOF’
{
“registry-mirrors”: [“xxx”]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

kubectl的一些操作
kubectl version 查看版本
Kubectl cluster-info
kubectl get nodes 查看当前node
Kubectl get service
Kubectl get deployment
Kubectl get replicaset
Kubectl get pod

Layer of abstraction

  • Deployment manages a replicaset
  • Replicaset manages all the replicaset of a pod
  • Pod is a abstraction of a container
    Everything below deployment is handled by kubernates.

Kubectl create deployment [depl-name] –image=[iamge name] 创建pod
Kubectl edit deployment [depl name]
Kubectl delete deployment [depl name]

Kubectl apply -f [file name] 用于创建service和deployment
Kubectl delete -f [file name]
Kubectl get pod -o wide

Kubectl exec -it [pod name] – bin/bash
Kubectl logs [pod name]
Kubectl describe pod [pod name]
Kubectl describe service [service name]

Kubectl get deployment -o yaml
Kubectl get deployment -o yaml > nginx-deployment-result.yaml

Echo -n ‘username’ | base64

Kubectl get secret
Kubectl get all | grep mongodb
Kubectl get pod

minikube service mongodb-express-service

Namespace

  • Kubernetes-dashboard only with minikube
  • Kube-system system processes
  • Kube-public publicely accessible data, a congifmap, which contains cluster information #Kubectl cluster-info
  • Kube-node-lease heartbeats of nodes, each node has associated lease object in namespace, determines the availability of a node
  • Default resources you create are located here
  • Create a Namespace #kubectl create namespace my-namespace

User cases when to use Namespace:

  1. Structure your components
  2. Avoid conflicts between teams
  3. Share services between different environments
  4. Access and Resource Limits on Namespaces Level
    characteristics of Namespace:
  5. You can’t access most resources from another Namespace, each NS must define own ConfigMap,Secrets and service
  6. Components, which can’t be created within a Namespace, like volumes… # kubectl api-resources —namespaced=false# kubectl api-resources —namespaced=true

kubectl create namespace my-namespace
Kubectl get ns
kubectl get configmap -n my-namespece
kubectl apply -f mongo-configmap.yaml –namespace=my-namespace
kubectl delete configmap -n my-namespace mongodb-configmap

Change the active namespace with kubernetes ??
Brew install kubectx
Kubens my-namespace
Kubens

INGRESS
Minikube addons enable ingress
Debug:

  • Kubectl get pod -A
  • Kubectl describe pod /ingress-nginx-controller-xxxxxx —namespace=kube-system
  • Minikube ssh
  • Docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.33.0
    将本地的image放到minikube里面
  • docker save pollyduan/ingress-nginx-controller:v0.42.0 | (eval $(minikube docker-env) && docker load)
    Kubectl get pod -n kube-system

us.gcr.io/k8s-artifacts-prod/ingress-nginx/controller:v0.40.2
us.gcr.io/.. 这样的iamge在国内是访问不到的,可以通过docker hub下载到镜像后,在本地使用tag给image改名来让k8s或者docker识别使用:

  • docker tag 2da us.gcr.io/k8s-artifacts-prod/ingress-nginx/controller:v0.40.2

kubectl get ingress -n kubernetes-dashboard –watch

HELM

  1. Helm是一个k8s包管理器
    Brew install helm
    helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
    Helm repo update
    helm install -n default ingress ingress-nginx/ingress-nginx

Helm Charts 用来安装常用的一些软件,例如:
Database Apps: MongoDB, MySQL, Elasticsearch
Monitoring Apps: Promotheus
Helm search
2. Templating Engine
3. Redeployment Same Applications Across Different Environments
Helm Chart Structure:
Mychart/ —Top level mychart folder
Chart.yaml — meta innfo about chart, like chart name version..
values.yaml — values for the template files
charts/ — chart depencies
templates/ — the actual template files

可以指定其他value.yaml来覆盖chart中的默认value:
Helm install chartname —values=my-values.yaml
可以在命令行中使用–set指定value来覆盖chart中的默认value
Helm install chartname —set version=2.0.0

Helm3 removed the server of Tiller from K8s cluster

Volumes
Persistent volumes are NOT namespaced