groovemonkey/project-based-kubernetes groovemonkey/project-based-kubernetes

  • Stars
    star
    306
  • Rank 136,456 (Top 3 %)
  • Language
  • Created almost 6 years ago
  • Updated about 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
groovemonkey/project-based-kubernetes
github

groovemonkey

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A project-based course that teaches Kubernetes in a hands-on way.

Dave's instructions (working)

Intro video:

In this mini-course, we're going to take a thorough look at the basics of Kubernetes. You're going to:

  • set up a load-balanced web application that mixes stateful and stateless containers
  • Learn the primitives that you'll use to configure your application on Kubernetes: Containers, Pods, Services, Deployments, ReplicaSets, DaemonSets
  • leverage DigitalOcean's kubernetes service so you can save time and get right to defining and rolling out an application
  • learn about Kubernetes' architecture (which will give you the context to understand how all of this works)
  • avoid common problems and misunderstandings that can make using Kubernetes painful
  • a bunch more stuff

What is Kubernetes? TODO BLERGHHHHHHHH

Kubernetes is a lego set that lets you build an infrastructure platform for your application or distributed services. You will never assign services to specific nodes again. The main conceptual thing it does is SCHEDULE WORK on your 'datacenter computer.'

It's about getting away from managing individual, physical servers, and moving towards defining your application in a way that lets it feed on shared resources (CPU time, RAM, persistent storage, cloud infrastructure abstractions like load balancers) in a datacenter somewhere far away.

What does kubernetes DO?

  • It orchestrates and manages the containers that your application is made of
  • It takes you from "some sofware packaged into containers" to "a complex real-life application, highly available, properly abstracted into separately scalable components, and straightforward to operate."

Kubernetes Thinking

  1. Pods manage containers
  2. ReplicaSets manage Pods
  3. Services expose pod processes to the outside world
  4. ConfigMaps and Secrets configure Pods
  5. Labels are the plumbing that ties everything together
  6. Deployments manage the change from one set of containers to another (e.g. for a software release)

Additional Concepts

  1. DaemonSets and Jobs give you alternate ways to think about running processes (e.g. sidecar containers and one-offs)
  2. Provider-specific concepts like LoadBalancers let kubernetes tie into cloud-specific services and abstractions

Things I'm not covering

  • Dynamic Volume Provisioning and StorageClass objects
  • Datastore Replication using StatefulSets

Requirements:

  • a basic understanding of linux containers and why you might use them
  • a DO account (link in description). You can get away without this but you'll have to adapt some of the things we do to whatever kubernetes setup you're using.

What applications does kubernetes work best with?

A containerized microservice architecture. Separately scalable components. Stateful components decoupled from stateless components.

Getting your application architecture to that point is 90% of the battle. Defining, running, tooling, and maintaining it on Kubernetes is the other 90%. Yay job security!

Practical Project

  1. see 01-kubectl-setup.md
  2. see 02-digitalocean-setup.md

TODO Video 3: kubectl

Kubernetes is, like so many other things, a CRUD app. You can

  • Create resources (kubectl apply)
  • Read resources (kubectl get)
  • Update resources (kubectl edit/apply)
  • Delete resources (kubectl delete)

Get help with

kubectl help

kubectl basics: get

kubectl get nodes (you've already seen this) kubectl get componentstatuses (what the kubernetes master is made of)

More detail: describe

kubectl describe nodes node-1 kubectl describe

output

Default output is shortened.

  • use -o wide to get full output (like -v for other CLI applications)
  • use -o json or -o yaml to get full output in machine-parsable formats
  • if you're piping output into other Unix tools, use --no-headers to avoid having to trash the first line
  • you can also use jsonpath output and pass in a template, but I prefer working with the 'jq' tool on the command line

REMOVED FROM HERE: 04-kubernetes-objects

TODO (bunchastuff?): Labels

Lots of stuff (load balancing) is done with labels. Add labels to objects like this:

Add a label to a pod object, overwrite that label value, then delete the label completely:

kubectl label pods davespod color=red
kubectl label --overwrite pods davespod color=blue
kubectl label pods davespod color-

REMOVED FROM HERE: 04-kubernetes-objects

More advanced kubectl

kubectl get deployments --namespace=kube-system kube-dns kubectl get deployments --namespace=kube-system kubernetes-dashboard (dashboard) kubectl get services --namespace=kube-system kubernetes-dashboard (dashboard LB service)

REMOVED FROM HERE: pods

REMOVED FROM HERE: 07-persistent-data-volumes.md

TODO Labels and Annotations

Labels

Labels are simple key-value pairs. 63-char alphanumeric strings. Can contain a slash, before which there must be a domain. e.g.

tutorialinux.com/foobar

Annotations are 'hints' that can be used by other tools.

kubectl get pods --selector="ver=2"
kubectl get pods --selector="app=bandicoot,ver=2"
kubectl get pods --selector="app in (alpaca,bandicoot)"

Is 'canary' set to anything? kubectl get deployments --selector="canary"

Available logic

=, !=, in, notin, foobar, !foobar

Selectors

Selectors are used in manifests:

--selector="app=alpaca,ver=1"

becomes:

selector:
  app: alpaca
  ver: 1

Annotations TODO minimal coverage -- look into this if you want

Additional metadata. Same format as label keys. More focus on the 'namespace' part (domain before the slash). e.g. kubernetes.io/change-cause

Usually higher-level semantic stuff, used for integration with tools, 3rd-party libraries, tracking reasons for doing things, adding other information that you don't want to filter by.

If you want to use it to filter, use a label instead.

REMOVED FROM HERE: 08-services.md

REMOVED FROM HERE: 09-replicasets.md

Scaling

Horizontal pod autoscaling is supported. (Vertical is coming)

  • Cluster autoscaling (actually adding nodes, i.e. compute resources, to a cluster) is supported via 3rd-party tie-ins (depending on your cloud provider).

Here's some horizontal pod autoscaling:

kubectl autoscale rs kuard --min=2 --max=5 --cpu-percent=80

DaemonSets

Let you schedule a service across a set of nodes in a cluster (or the whole cluster). This is useful for running sidecar containers, e.g.

  • log collectors/streamers
  • "one pod per node" use cases

Like everything else in Kubernetes, everything is found/matched via labels.

Use DaemonSets when ONE copy of a pod/service should run on nodes. Use ReplicaSets when it's irrelevant where the copies run.

Use spec:NodeSelectors to limit what nodes you're running on.

Jobs

One-off tasks (as opposed to eternally-running services). A job creates pods that run until they succeed (i.e. exit with 0)

  • Database Migrations

  • batch jobs

  • maintenance/cleanup tasks

  • queue workers

    kubectl run -i oneshot --image=gcr.io/kuar-demo/kuard-amd64:1 --restart=OnFailure
    -- --keygen-enable --keygen-exit-on-complete --keygen-num-to-gen 10

--restart=OnFailure tells Kubernetes to create a job. everything after '--' is a command-line arg that's passed to the container binary.

Jobs automatically create a unique label (since there are probably a lot of them, and manual naming would get hard/confusing). Using labels with them might lead to weird outcomes.

REMOVED FROM HERE: 10-secrets.md and 11-configmaps.md

DigitalOcean Features

Node Labels and Addresses

You get stuff for free! https://github.com/digitalocean/digitalocean-cloud-controller-manager/blob/master/docs/controllers/node/examples

get node k8s-worker-02 -o yaml

Load Balancers

Make a service manifest with spec.type LoadBalancer and DO creates a load balancer for this app! Woohoo!

https://github.com/digitalocean/digitalocean-cloud-controller-manager/blob/master/docs/controllers/services/examples/http-nginx.yml

REMOVED FROM HERE: 1xx-real-life-k8s-skills--debugging-commands-files.md

More Repositories

1

hands_on_linux-self_hosted_wordpress_for_linux_beginners

Code and configuration snippets for the course.
Shell
166
star
2

tutorialinux-hashistack

A hands-on learning project for consul, using Terraform
HCL
75
star
3

digitalocean-terraform

A quick terraform tutorial for setting up load balanced web servers in digitalocean.
Smarty
72
star
4

sshalert

A small python script / systemd service which sends a text message on root login
Python
62
star
5

hands-on-ansible

Code snippets and Ansible demonstration projects for my Ansible video course.
Shell
48
star
6

tutorialinux-systemd-timers

A video outline for systemd timers, specifically as a replacement for cron jobs.
32
star
7

jekyll-foundation-base

An "empty" jekyll base structure, with the foundation web framework built-in and ready to use
JavaScript
26
star
8

python-bundlescraper

A practical Python learning project: scrape humble bundles - see link for explanation.
Python
16
star
9

tutorialinux

Configuration files, scripts, and other assorted learning material from the tutorialinux YouTube channel and website.
15
star
10

tf-vault-starter-aws-wrapper

A wrapper terraform module around the official Hashicorp vault-starter and vault-enterprise-starter modules for AWS. Creates all necessary resources for a Vault test/learning environment in AWS. Takes 10 minutes to set up, most of which you will spend sipping coffee.
HCL
7
star
11

hackernews_books

A script that makes a PDF of a hackernews (ycombinator) user's comments.
Ruby
4
star
12

consul-service-killswitch

A little mechanism for turning on/off services via a value in the Consul KV store
Shell
4
star
13

daves-aws-utilities

A collection of small utilities I've hacked together for everyday Amazon Web Services tasks.
Shell
3
star
14

devops-in-a-box-automated-wordpress-hosting

Configuration and Code for the Automated WordPress Hosting Platform Video Course
Python
2
star
15

about-me

who I am, what I do, etc
2
star
16

hackergame

A little game to help me learn Clojure.
Clojure
2
star
17

onetimesecret-dockerized

A dockerized version of delano's onetimesecret (https://github.com/onetimesecret/onetimesecret)
2
star
18

go-elixir-benchmark

A little learning adventure about datastructures, also available in video form on YouTube
Elixir
2
star
19

gopsinspect

inspect linux processes
Go
1
star
20

heist

A Browser-Based Heist Game of Planning and Deception.
JavaScript
1
star
21

twiddlingbits

Just some silly bit-manipulation things I was playing around with.
Go
1
star
22

ContactMaster

A simple command-line contact management app for a friend's dad.
Ruby
1
star
23

space_adventure

A space-adventure game (Text GUI) in Ruby. The goal is to create a game that's fun to play, even when I know everything about it.
Ruby
1
star
24

Handicapper

1
star
25

topologicalsort

A small graph/topological sorting library to scratch an itch
Go
1
star
26

zombiecity

another small clojure project, trying my hand at auto-generating a game world for a text-adventure
Clojure
1
star
27

stressedout-elixir

A small CRUD web application that's designed to simulate a realistic application during performance stress-testing.
Elixir
1
star
28

stressedout-go

A small CRUD web application that's designed to simulate a realistic application during performance stress-testing.
Go
1
star
29

explorations

A small Phoenix web application that creates Google Earth VR exploration guides for different cities around the world.
Elixir
1
star