Kubernetes on Dark Kernel https://blogs.sumit.engineer/tags/kubernetes/ Recent content in Kubernetes on Dark Kernel Hugo -- gohugo.io en-us Mon, 15 Jul 2024 00:00:00 +0000 Implementing Blue-Green Deployments in Kubernetes: Achieving Zero-Downtime Updates https://blogs.sumit.engineer/post/blue-green-k8s-deployment/ Mon, 15 Jul 2024 00:00:00 +0000 https://blogs.sumit.engineer/post/blue-green-k8s-deployment/ <p>Things we are going to learn</p> <ol> <li>Kubernetes Deployments</li> <li>Services and Ingress</li> <li>Database migrations // just as part of the process, not much ;)</li> <li>Automate with CICD</li> <li>Monitoring and health checks</li> </ol> <p> </p> <p>Let&rsquo;s get started.</p> <h2 id="blue-green-deployment-technique">Blue-Green Deployment Technique</h2> <p>You might or might not know that Blue-green deployment is a technique for releasing applications with zero downtime and easy rollback. Yes, that&rsquo;s the gist of it, at least conceptually.</p> <p>This guide will walk you through implementing blue-green deployments in a Kubernetes environment. Yep, we&rsquo;re diving into Kubernetes.</p> <h2 id="implementation-steps">Implementation Steps</h2> <h3 id="1-prepare-kubernetes-manifests">1. Prepare Kubernetes Manifests</h3> <p>Since it is a blue-green deployment, we will need two manifests one for the green version and one for the blue version.</p> <p>Create separate deployments for blue and green versions:</p> <div class="collapsable-code"> <input id="1" type="checkbox" /> <label for="1"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">blue-deployment.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: apps/v1 kind: Deployment metadata: name: myapp-blue spec: replicas: 3 selector: matchLabels: app: myapp version: blue template: metadata: labels: app: myapp version: blue spec: containers: - name: myapp image: myapp:1.0 ports: - containerPort: 8080 </code></pre> </div> <p>green-deployment.yaml (similar, but with version: green and newer image)</p> <div class="collapsable-code"> <input id="2" type="checkbox" /> <label for="2"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">green-deployment.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> # green-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: myapp-green spec: replicas: 3 selector: matchLabels: app: myapp version: green template: metadata: labels: app: myapp version: green spec: containers: - name: myapp image: myapp:1.1 ports: - containerPort: 8080 </code></pre> </div> <h3 id="2-set-up-service-and-ingress">2. Set Up Service and Ingress</h3> <p>What ingress does is it maps the service to the load balancer, exposing the service externally. The load balancer then distributes traffic between the two deployments.</p> <p>Create a service that can be switch between blue and green versions:</p> <div class="collapsable-code"> <input id="3" type="checkbox" /> <label for="3"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">service.yaml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> # service.yaml apiVersion: v1 kind: Service metadata: name: myapp-service spec: selector: app: myapp # Note: We don&#39;t specify the version (blue/green) here. ports: - protocol: TCP port: 80 targetPort: 8080 </code></pre> </div> <p>In the Ingress, we will add the service to the ingress rules. <div class="collapsable-code"> <input id="4" type="checkbox" /> <label for="4"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">ingress.yaml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: myapp-ingress annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/canary: &#34;true&#34; nginx.ingress.kubernetes.io/canary-weight: &#34;0&#34; spec: rules: - host: myapp.example.com http: paths: - path: / pathType: Prefix backend: service: name: myapp-service port: number: 80 </code></pre> </div> </p> <h3 id="3-implement-deployment-script">3. Implement Deployment Script</h3> <p><strong>Automation is the key</strong>. Here&rsquo;s a overview of the bash script to manage the deployment:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e">#!/bin/bash </span></span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Deploy new (green) version</span> </span></span><span style="display:flex;"><span>kubectl apply -f green-deployment.yaml </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Wait for green deployment to be ready</span> </span></span><span style="display:flex;"><span>kubectl rollout status deployment/myapp-green </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Run smoke tests on green deployment</span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># (implement your tests here)</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Switch the traffic to green. Here the game changes</span> </span></span><span style="display:flex;"><span>kubectl patch service myapp-service -p <span style="color:#e6db74">&#39;{&#34;spec&#34;:{&#34;selector&#34;:{&#34;version&#34;:&#34;green&#34;}}}&#39;</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># Wait and monitor for any issues</span> </span></span><span style="display:flex;"><span>sleep <span style="color:#ae81ff">60</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># If everything is fine, delete the old (blue) deployment</span> </span></span><span style="display:flex;"><span>kubectl delete -f blue-deployment.yaml </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># If not, you can quickly rollback by switching the service back to blue</span> </span></span><span style="display:flex;"><span>kubectl patch service myapp-service -p <span style="color:#e6db74">&#39;{&#34;spec&#34;:{&#34;selector&#34;:{&#34;version&#34;:&#34;blue&#34;}}}&#39;</span> </span></span></code></pre></div><p>These are the steps we need to implement in our deployment script.</p> <h3 id="4-database-migrations">4. Database Migrations</h3> <p>Database migrations in a blue-green deployment scenario are challenging because you need to maintain compatibility between the two versions of your application (blue and green) and the database schema. What we want is to perform these migrations without downtime and ensure both versions can operate correctly during the transition. which is damn easy :) (maybe)</p> <p>You can use any of your strategies. For database changes, you can use a migration tool that supports reversible migrations. *Run migrations before deploying the green version:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#75715e"># I will be something like this:</span> </span></span><span style="display:flex;"><span>./migrate up </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75715e"># If migration fails, you can roll back</span> </span></span><span style="display:flex;"><span>./migrate down </span></span></code></pre></div><p>It&rsquo;s not only this much, but it&rsquo;s enough for now.</p> <h3 id="5-monitoring-and-health-checks">5. Monitoring and Health Checks</h3> <p>Implement readiness and liveness probes in your deployments:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">containers</span>: </span></span><span style="display:flex;"><span> - <span style="color:#f92672">name</span>: <span style="color:#ae81ff">myapp</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">myapp:1.0</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">readinessProbe</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">httpGet</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">path</span>: <span style="color:#ae81ff">/healthz</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">port</span>: <span style="color:#ae81ff">8080</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">initialDelaySeconds</span>: <span style="color:#ae81ff">10</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">periodSeconds</span>: <span style="color:#ae81ff">5</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">livenessProbe</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">httpGet</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">path</span>: <span style="color:#ae81ff">/healthz</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">port</span>: <span style="color:#ae81ff">8080</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">initialDelaySeconds</span>: <span style="color:#ae81ff">15</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">periodSeconds</span>: <span style="color:#ae81ff">10</span> </span></span></code></pre></div><p>Once the application is up and running, possibly if you&rsquo;re lucky or an expert, you can monitor it with Prometheus and Grafana.</p> <h3 id="6-automate-with-cicd-pipeline">6. Automate with CI/CD Pipeline</h3> <p>Integrate the deployment process into your CI/CD pipeline. Personally, I use GitLab (you&rsquo;d never guess). Here&rsquo;s an example GitLab CI configuration:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">stages</span>: </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">build</span> </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">test</span> </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">deploy</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#f92672">build</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">stage</span>: <span style="color:#ae81ff">build</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">script</span>: </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">docker build -t myapp:$CI_COMMIT_SHA .</span> </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">docker push myapp:$CI_COMMIT_SHA</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#f92672">test</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">stage</span>: <span style="color:#ae81ff">test</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">script</span>: </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">run_unit_tests.sh</span> </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">run_integration_tests.sh</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#f92672">deploy</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">stage</span>: <span style="color:#ae81ff">deploy</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">script</span>: </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">update_kubernetes_manifests.sh $CI_COMMIT_SHA</span> </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">./blue_green_deploy.sh</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">only</span>: </span></span><span style="display:flex;"><span> - <span style="color:#ae81ff">main</span> </span></span></code></pre></div><p>And if you are wondering what those scripts contain, Then check <a href="https://gist.github.com/Dark-Kernel/7a1289d56f1e1a38e9551911d5b5fa68">this out</a></p> <h2 id="best-practices">Best Practices</h2> <ol> <li><strong>Automate everything</strong>: From builds to deployments to rollbacks.</li> <li><strong>Implement robust monitoring</strong>: Quickly detect any issues post-deployment.</li> <li><strong>Gradual rollout</strong>: Consider canary releases before full blue-green switch.</li> </ol> <h2 id="conclusion">Conclusion</h2> <p>In the conlcusion, Kubernetes&rsquo;s blue-green deployments aren&rsquo;t just a fancy color scheme—they&rsquo;re your ticket to stress-free updates. It provide a powerful way to achieve zero-downtime updates. By combining infrastructure management, automation, and *careful testing, we can significantly reduce some of the risks of deployment and improve availability.</p> <p> </p> <p>And, that&rsquo;s it.</p> Kubernetes Voyage: Advanced Ship Steering https://blogs.sumit.engineer/post/kubernetes-adv/ Sun, 10 Sep 2023 00:00:00 +0000 https://blogs.sumit.engineer/post/kubernetes-adv/ <p>We will learn</p> <ul> <li>pods vs container</li> <li>Deployments</li> <li>Services</li> <li>Auto-healing concept</li> <li>config maps &amp; secrets</li> <li>persistent volume</li> </ul> <p> </p> <p>Let&rsquo;s get started.</p> <h3 id="pods-vs-containers">Pods vs Containers</h3> <table> <thead> <tr> <th>Pods</th> <th>Container</th> </tr> </thead> <tbody> <tr> <td>Unit of conainers</td> <td>Single container by containerization tool.</td> </tr> <tr> <td>Contains one or more Conainers</td> <td>Only single container</td> </tr> <tr> <td>Crashed free</td> <td>Can be crashed if some error occurs</td> </tr> <tr> <td>Can be Scheduled</td> <td>Can&rsquo;t be scheduled</td> </tr> </tbody> </table> <p> </p> <hr> <h3 id="configuration-file">Configuration file</h3> <p>To create pods we have to use a configuration file in <code>YAML</code>, which is also called <code>manifest</code> in k8s</p> <p>We need manifest file for almost everything in kubernetes.</p> <ul> <li> <p>Kind:</p> <p>To create maifest file for a paritcular service we have to define a <code>kind</code> keyword. <code>kind</code> defines what type of manifest file is, like for Pods, Service or Deployment, etc.</p> <p>Example:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#f92672">apiVersion</span>: <span style="color:#ae81ff">v1</span> </span></span><span style="display:flex;"><span><span style="color:#f92672">kind</span>: <span style="color:#ae81ff">Pod</span> </span></span><span style="display:flex;"><span><span style="color:#f92672">metadata</span>: <span style="color:#75715e"># Extra data. # object</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">name</span>: <span style="color:#ae81ff">nginx </span> <span style="color:#75715e"># Any name can be used.</span> </span></span><span style="display:flex;"><span><span style="color:#f92672">spec</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">containers</span>: </span></span><span style="display:flex;"><span> - <span style="color:#f92672">name</span>: <span style="color:#ae81ff">nginx</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">image</span>: <span style="color:#ae81ff">nginx:1.14.2</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">ports</span>: </span></span><span style="display:flex;"><span> - <span style="color:#f92672">containerPort</span>: <span style="color:#ae81ff">80</span> </span></span></code></pre></div></li> <li> <p>Namespace:</p> <p>logical entity allow you to isolate your resources, like pods, volumne, deploymnets, etc. You can create multiple namaspcae for different resources, it is a type of group.</p> <blockquote> <p>Default name space is already present, and everything is created under it until you specify any other namespace in manifest.</p> </blockquote> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl create namespace nginx </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get namespace </span></span></code></pre></div><p>Example:</p> <div class="collapsable-code"> <input id="1" type="checkbox" /> <label for="1"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">Pod.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: v1 kind: Pod metadata: # Extra data. # object name: nginx # Any name can be used. namespace: nginx spec: containers: - name: nginx image: nginx:latest ports: # If you don&#39;t specify then also it will assume. - containerPort: 80 </code></pre> </div> </li> <li> <p>To apply the manifest file to your cluster command:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f pod.yml </span></span></code></pre></div><p>This will send request to api server, then it will to scheduler (resposnisble fo managing pods) and then it send back to api server and then configuration will be stored.</p> </li> <li> <p>To fetch the pods information from master we can use the below command:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get pods -n nginx </span></span></code></pre></div><p><code>-n</code>: namespace, by default it only looks for resources in to default namespace.</p> </li> </ul> <p> </p> <hr> <h3 id="deployment">Deployment</h3> <p>Deployment is a desired state. It is also written in manifest file and <code>kind</code> will be set to <code>Deployment</code>. It is used to create replicaset of templates, It is a configuration of pods. It is a desired(required) state of your pods. You can also provide some data in pods while deployment using this manifest.</p> <p>Example:</p> <div class="collapsable-code"> <input id="184529367" type="checkbox" /> <label for="184529367"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">deployment.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment labels: app: nginx spec: replicas: 3 selector: matchLabels: # select all nginx labels app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80 </code></pre> </div> <ul> <li><code>replicas</code>: Number of pods clone / replications</li> <li><code>labels</code>: Configuration is for, name of the replica.</li> </ul> <p>Actions:</p> <ol> <li> <p>Apply the deployment:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f deployment.yml </span></span></code></pre></div></li> <li> <p>Get the nodes with more wider output.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get nodes -n nginx -o wide </span></span></code></pre></div><pre tabindex="0"><code class="language-output" data-lang="output">NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME ip-172-31-55-54 Ready &lt;none&gt; 4d23h v1.20.0 172.31.55.54 &lt;none&gt; Ubuntu 22.04.3 LTS 6.2.0-1011-aws docker://24.0.5 ip-172-31-57-166 Ready control-plane,master 5d v1.20.0 172.31.57.166 &lt;none&gt; Ubuntu 22.04.3 LTS 6.2.0-1011-aws docker://24.0.5 </code></pre></li> <li> <p>Get your deployment status.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get deployment -n nginx </span></span></code></pre></div><pre tabindex="0"><code class="language-output" data-lang="output">NAME READY UP-TO-DATE AVAILABLE AGE │ nginx-deployment 3/3 3 3 23m </code></pre></li> <li> <p>Get detail information about your deployment.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl describe deployment </span></span></code></pre></div></li> <li> <p>Apply Rolling update to deployment like scaling: # No need to edit the file.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl scale deployment nginx-deployment --replicas<span style="color:#f92672">=</span><span style="color:#ae81ff">2</span> -n nginx </span></span></code></pre></div><pre tabindex="0"><code class="language-output" data-lang="output">deployment.apps/nginx-deployment scaled </code></pre></li> <li> <p>You can even Rollback if you made any mistake.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl rollout undo deployment/nginx-deployment </span></span></code></pre></div></li> </ol> <p> </p> <hr> <h3 id="services">Services</h3> <p>It is method used to allow outside world to access application instance running in pods deployment, some sort of proxy.</p> <p>In our example, nginx is running but not accessible because we haven&rsquo;t applied any service yet.</p> <p>Example:</p> <div class="collapsable-code"> <input id="653427198" type="checkbox" /> <label for="653427198"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">service.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: v1 kind: Service metadata: name: my-service spec: selector: app.kubernetes.io/name: MyApp ports: - protocol: TCP port: 80 # containers port targetPort: 9376 # service&#39;s port to map with. </code></pre> </div> <h5 id="services-are-of-3-types">Services are of 3 types:</h5> <ol> <li> <p><strong>NodePort</strong>:</p> <p>It act as a node machine, this maps the deployment&rsquo;s port to serivce&rsquo;s port.</p> <p>We have to provide 3 ports:</p> <ul> <li><code>port</code>: Port of application running in pods, (80 incase of nginx).</li> <li><code>targetPort</code>: Service port, to map pods port with Service port. (incoming)</li> <li><code>nodePort</code>: Outgoing port, which is actual accessible port. ( ranges [30000 - 32627])</li> </ul> <p>Example:</p> <p>This service file will provide the access to users for our application which is nginx in this case.</p> <div class="collapsable-code"> <input id="341925876" type="checkbox" /> <label for="341925876"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">service.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: v1 kind: Service metadata: name: my-service namespace: webserverss spec: selector: app: nginx type: NodePort ports: - protocol: TCP port: 80 targetPort: 80 nodePort: 30004 </code></pre> </div> </li> <li> <p>Cluster IP:</p> <p>It Exposes the Service on a cluster-internal IP, Making the Service only reachable from within the cluster not outside, And this is used by default.</p> </li> <li> <p>Load balancer:</p> <p>It Exposes the Service externally using an external load balancer. Kubernetes does not offer a load balancing component; you have provide one, or you can integrate your cluster with a cloud provider like AWS.</p> </li> </ol> <p>We, will use NodePort which will allow us to access out nginx outside the cluster.</p> <ul> <li> <p>Apply the service</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f serivce.yml </span></span></code></pre></div></li> <li> <p>List your Services.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get services -n webserverss </span></span></code></pre></div><pre tabindex="0"><code class="language-output" data-lang="output">NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE │ my-service NodePort 10.104.86.172 &lt;none&gt; 80:30004/TCP 15s </code></pre></li> </ul> <p> </p> <hr> <h3 id="auto-healing">Auto healing.</h3> <p>Now, our pods are running and our application is also accessible by the user. But, what if we delete one of the pod or container?</p> <p>Well, let&rsquo;s do it.</p> <ol> <li> <p>First get list of your pods.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get pods -n webserverss <span style="color:#75715e"># replace with your namespace</span> </span></span></code></pre></div><pre tabindex="0"><code class="language-output" data-lang="output">NAME READY STATUS RESTARTS AGE nginx 1/1 Running 1 17m nginx-deployment-66b6c48dd5-2299p 1/1 Running 1 16m nginx-deployment-66b6c48dd5-vtqq8 1/1 Running 1 16m </code></pre></li> <li> <p>And now delete one pod.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl delete pod nginx-deployment-66b6c48dd5-2299p -n webserverss </span></span></code></pre></div><p>Now, we have deleted one pod, let&rsquo;s check the status of pods.</p> <pre tabindex="0"><code class="language-output" data-lang="output">NAME READY STATUS RESTARTS AGE nginx 1/1 Running 1 17m nginx-deployment-66b6c48dd5-tlq9v 1/1 Running 0 8s nginx-deployment-66b6c48dd5-vtqq8 1/1 Running 1 16m </code></pre><p>You saw that right? The <code>Age</code> of second pod is <code>8s</code>.</p> <p>Yes, that 2nd pod got created after we deleted one, And this is what we call <strong>Auto Healing</strong>.</p> </li> <li> <p>Anyway, If you want to delete you particular depolyment or manfiest configuration use this syntax:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl delete -f pod.yml <span style="color:#75715e"># your manifest.yml file</span> </span></span></code></pre></div></li> </ol> <p> </p> <hr> <h3 id="secrets--config-map">Secrets &amp; config map</h3> <p>In k8s, we can&rsquo;t pass environment variables through kubectl at runtime. Therefore we use secret &amp; config map file.</p> <ul> <li> <p><strong>Config map</strong>:</p> <p>It is a Special kind of manifest file, if you deployment needs particular variable then you can declare that in this manifest file. All variables are passed to all pods. In manifest set kind to <code>kind: ConfigMap</code> to create a config map. It pass data as plain texts.</p> </li> <li> <p><strong>Secrets</strong>:</p> <p>It is a type of config which contains credentials (passwords), advantage is you can pass encoded password and it will be decrypted in pods. In manifest set kind to <code>kind: secrets</code> to create secrets.</p> </li> </ul> <p>Example:</p> <ol> <li> <p>Setup servers</p> </li> <li> <p>Create deployment manifest.</p> <div class="collapsable-code"> <input id="473689215" type="checkbox" /> <label for="473689215"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">deployment.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: apps/v1 kind: Deployment metadata: name: mysql-deplyment namespace: mysql labels: app: mysql spec: replicas: 1 selector: matchLabels: app: mysql selector: matchLabels: app: nginx-2 template: metadata: labels: app: nginx-2 spec: containers: - name: mysql image: mysql ports: - containerPort: 3306 env: - name: MYSQL_DATABASE valueFrom: configMapKeyRef: name: mysql-config key: MYSQL_DATABASE name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: mysql-secret key: MYSQL_PASSWORD </code></pre> </div> </li> <li> <p>You can rectify errors using dry run, it doesn&rsquo;t apply the changes only show what will be happen if applied:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f deployment.yml --dry-run </span></span></code></pre></div></li> <li> <p>Create defined namespace:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kuebctl create namespace mysql </span></span></code></pre></div></li> </ol> <ol start="5"> <li> <p>Create configMaps manifest file</p> <div class="collapsable-code"> <input id="857369412" type="checkbox" /> <label for="857369412"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">configMaps.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: v1 kind: ConfigMap metadata: name: mysql-config namespace: mysql labels: app: mysql data: MYSQL_DATABASE: &#34;cooldb&#34; </code></pre> </div> </li> <li> <p>Apply config map.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f configMap.yml </span></span></code></pre></div></li> <li> <p>Check your config map.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get configmap -n mysql </span></span></code></pre></div></li> <li> <p>Now create secrests manifest.</p> <p>But, before that encrypt your pass using below command.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>echo -n <span style="color:#e6db74">&#39;secret&#39;</span> | base64 <span style="color:#75715e"># you can pass -d to decrypt</span> </span></span></code></pre></div><p>copy output and pass in data field in secrets.yml</p> <div class="collapsable-code"> <input id="432695871" type="checkbox" /> <label for="432695871"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">secrets.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: v1 kind: Secret metadata: name: mysql-secret namespace: mysql labels: app: mysql type: Opaque data: MYSQL_PASSWORD: dkoafusfmsdjk # base64 password. </code></pre> </div> </li> <li> <p>Apply secrets manifest to deployment.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f secret.yml </span></span></code></pre></div></li> <li> <p>Now, check if secret is added successfully.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get secret -n mysql </span></span></code></pre></div></li> <li> <p>After that, finally apply your deployment.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f deployment.yml </span></span></code></pre></div><pre tabindex="0"><code class="language-output" data-lang="output">NAME READY UP-TO-DATE AVAILABLE AGE │ mysql-deplyment 1/1 1 1 40m </code></pre><p>After your deployment, you can cross verify by logging in mysql. Run commands in worker node. Make sure you are putting correct container id.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>docker ps | grep mysql </span></span><span style="display:flex;"><span>docker exec -it ef175a2293f2 /bin/mysql -u root -p </span></span></code></pre></div></li> <li> <p>You can delete your deployment if you want.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl delete -f deployment.yml </span></span></code></pre></div></li> </ol> <p> </p> <hr> <h3 id="pvc--pv-storage-classes">PVC &amp; PV, Storage classes</h3> <ul> <li> <p><strong>PV (Persistent Volume)</strong></p> <p>It creates application&rsquo;s stateful location is in your disk where data is stored as snapshot.</p> <div class="collapsable-code"> <input id="562491783" type="checkbox" /> <label for="562491783"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">persistenVolume.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: v1 kind: PersistentVolume metadata: name: mysql-pv-volume namespace: mysql labels: app: mysql spec: storageClassName: manual capacity: storage: 2Gi accessModes: - ReadWriteOnce hostPath: path: &#34;/mnt/data&#34; </code></pre> </div> <p><strong>Make sure hostPath.path directory exists in worker node.</strong></p> <p>Now apply your peristentVolume manifest</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f persistenVolume.yml </span></span></code></pre></div><p>Check if persistentVolume is created.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get pv -n mysql </span></span></code></pre></div><pre tabindex="0"><code class="language-output" data-lang="output">NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE mysql-pv-volume 2Gi RWO Retain Available manual 16s </code></pre></li> <li> <p><strong>PVC (Persistent Volume Claim):</strong></p> <p>After creating the volume you have to claim it to use, until now we have just created not used. You can claim how much you want from volume for your deployment.</p> <div class="collapsable-code"> <input id="714958362" type="checkbox" /> <label for="714958362"> <span class="collapsable-code__language">yaml</span> <span class="collapsable-code__title">persistentVolumeClaim.yml</span> <span class="collapsable-code__toggle" data-label-expand="△" data-label-collapse="▽"></span> </label> <pre class="language-yaml" ><code> apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-pv-claim namespace: mysql spec: storageClassName: manual accessModes: - ReadWriteOnce resources: requests: storage: 2Gi </code></pre> </div> <p>Then, apply it</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f persistentVolumeClaim.yml </span></span></code></pre></div><p>After that check if was successfull.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get pvc -n mysql </span></span></code></pre></div><p>Now, to use volumes add these into containers object in deployment.yml.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span> <span style="color:#f92672">volumeMounts</span>: </span></span><span style="display:flex;"><span> - <span style="color:#f92672">name</span>: <span style="color:#ae81ff">mysql-persistent-storage</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">mountPath</span>: <span style="color:#ae81ff">/var/lib/mysql</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">volumes</span>: </span></span><span style="display:flex;"><span> - <span style="color:#f92672">name</span>: <span style="color:#ae81ff">mysql-persistent-storage</span> </span></span><span style="display:flex;"><span> <span style="color:#f92672">persistentVolumeClaim</span>: </span></span><span style="display:flex;"><span> <span style="color:#f92672">claimName</span>: <span style="color:#ae81ff">mysql-pv-claim</span> </span></span></code></pre></div></li> </ul> <p> </p> <p>So, that&rsquo;s it.</p> Kubernetes Ahoy - Start Steering Your Container Ship https://blogs.sumit.engineer/post/kubernetes-start/ Sun, 27 Aug 2023 00:00:00 +0000 https://blogs.sumit.engineer/post/kubernetes-start/ <p>We will learn,</p> <ol> <li>Kubernetes Architecture</li> <li>Deployment of first cluster.</li> </ol> <h1 id="kubernetes">Kubernetes</h1> <p>Kubernetes, also known as K8s, is an open-source container orchestration platform system for automating deployment, scaling, and management of containerized applications.</p> <p><strong>Key Features</strong>:</p> <ol> <li>Auto scaling (Scale according to traffic)</li> <li>Auto healing (Ex. Even if we kill one container, It will maintain the no. of container and will create new one.)</li> </ol> <h3 id="application-architectures">Application Architectures</h3> <ul> <li> <h6 id="monolithic">Monolithic:</h6> <p>It is Solo / single structure, Whole Application Architecture on single codebase and runtime environment.</p> <p><strong>Disadvantage</strong>: If you want to change something in a part then your whole application will be affected.</p> </li> <li> <h6 id="microservice">Microservice:</h6> <p>Single application is deployed as different microservices like, frontend, backend, DB, etc. Use different services, All services are interconnected, if you want to change in some service you can change and no need to stop whole application and neither it will affected.</p> <p><strong>Example</strong> : Kubernetes, openshift, serverless.</p> </li> </ul> <h3 id="kubernetes-architecture">Kubernetes Architecture</h3> <p>Kubernetes is consists of two nodes master &amp; worker, Nodes are the physical or virtual machines that are used to run pods.</p> <p>There can be only one master and multiple worker nodes.</p> <figure class="center" > <img src="https://blogs.sumit.engineer/kubernetes-architecture.png" alt="Kubernetes architecture" style="border-radius: 8px;" /> <figcaption class="right" style="color: black;" >Kubernetes architecture</figcaption> </figure> <ul> <li> <h5 id="master-control-plane">Master: (Control plane)</h5> <p>Master node often reffered to as control plane and responsible for managing and orchestrating the overall operations of the system, It serves as central control point of cluster. It interact with worker node to deploy pods.</p> <blockquote> <p>cluster is a group of servers. In kubernetes it refers to entire set of computing resources and components that collectively make up a Kubernetes environment, like Pods, worker node, master node, services, etc.</p> </blockquote> <p><strong>Components</strong>:</p> <ul> <li> <p>Schedhuler: schedule worker node for running pods.</p> </li> <li> <p>Controller manager: The main function is to maintain desired state of cluster. Checks what the workers are doing and they are up.</p> </li> <li> <p>API server: Directly communicated with worker from master and vice versa.</p> </li> <li> <p>etcd: Store state of kubernetes cluster in key-value data store.</p> </li> <li> <p>Kubectl: Kubectl is a command-line tool used to communicate with a Kubernetes cluster&rsquo;s control plane using the API server. Allows to run commands to deploy application, inspect and manage resources.</p> </li> <li> <p>CNI: Container network interface.</p> </li> <li> <p>Pod: This host and manage our containers that run our application.</p> </li> </ul> </li> <li> <h5 id="worker-machine-which-runs-containers-and-workloads-this-is-where-the-actual-application-is-running">Worker: Machine which runs containers and workloads. This is where the actual application is running.</h5> <p><strong>Components</strong>:</p> <ul> <li> <p>kubelet: Stay in worker node, Manage containers and ensures they&rsquo;re running as expected. It communicates with the API server to receive information about the pods that are assigned to the node.</p> </li> <li> <p>service proxy : It maintains some network rules which determines how traffic is allowed to and from the Pods. It also Allow users/clients to access application.</p> </li> </ul> </li> </ul> <p> </p> <hr> <h5 id="now-lets-run">Now, Let&rsquo;s run.</h5> <p>Required tools:</p> <ul> <li> <p>Minikube: Used to create local cluster, works in single server using virtualiztion (docker, vmware, virtualboxdocker, vmware, virtualbox).</p> </li> <li> <p>kubeadm: Used in production servers. <strong>(We will be using this)</strong></p> </li> <li> <p>CRI: Container runtime interface. (Docker, podman, etc.)</p> </li> <li> <p>Servers: 2 machines, with at least 2G of ram and 2 cpu. (you can use t2.medium if you are using AWS)</p> </li> </ul> <p> </p> <p>After creating servers execute commands according on master and worker:</p> <ol> <li> <p>Install Dependencies <em># Execute On both the nodes (master and worker)</em></p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo apt update </span></span><span style="display:flex;"><span>sudo apt-get install -y apt-transport-https ca-certificates curl </span></span><span style="display:flex;"><span>sudo apt install docker.io -y </span></span><span style="display:flex;"><span>sudo systemctl enable --now docker </span></span></code></pre></div></li> <li> <p>Install kubeadm <em># Execute On both the nodes (master and worker)</em></p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>curl -fsSL <span style="color:#e6db74">&#34;https://packages.cloud.google.com/apt/doc/apt-key.gpg&#34;</span> | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/kubernetes-archive-keyring.gpg </span></span><span style="display:flex;"><span>echo <span style="color:#e6db74">&#39;deb https://packages.cloud.google.com/apt kubernetes-xenial main&#39;</span> | sudo tee /etc/apt/sources.list.d/kubernetes.list </span></span><span style="display:flex;"><span>sudo apt update </span></span><span style="display:flex;"><span>sudo apt install kubeadm<span style="color:#f92672">=</span>1.20.0-00 kubectl<span style="color:#f92672">=</span>1.20.0-00 kubelet<span style="color:#f92672">=</span>1.20.0-00 -y </span></span></code></pre></div></li> <li> <p>Now, initialize kubeadm (kubernetes) in Master node.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo kudeadm init </span></span></code></pre></div></li> <li> <p>Setup local kubeconfig <em># Execute on master node.</em></p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>mkdir -p $HOME/.kube </span></span><span style="display:flex;"><span>sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config </span></span><span style="display:flex;"><span>sudo chown <span style="color:#66d9ef">$(</span>id -u<span style="color:#66d9ef">)</span>:<span style="color:#66d9ef">$(</span>id -g<span style="color:#66d9ef">)</span> $HOME/.kube/config </span></span></code></pre></div></li> <li> <p>Apply weave network <em># On master</em></p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml </span></span></code></pre></div></li> <li> <p>Generate token for worker node to join <em># On master</em></p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo kubeadm token create --print-join-command </span></span></code></pre></div><p>Now, copy the output and we will use it in worker node.</p> </li> <li> <p>Reset the kubeadm on worker node</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo kubeadm reset pre-flight checks </span></span></code></pre></div></li> <li> <p>Now, paste the token (output) of 6th step, also append <code>--v=5</code> at end.</p> <p>Example:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>sudo kubeadm join 172.31.61.228:6443 --token f4mesu.7rzk86ga48n3uydh --discovery-token-ca-cert-hash sha256:66c9863913ffdb50316e82b74f3703f73e42c4210d3a01ec7afcdbc01f677eec --v<span style="color:#f92672">=</span><span style="color:#ae81ff">5</span> </span></span></code></pre></div><p>After successful connection you will see output similar to this:</p> <pre tabindex="0"><code class="language-output" data-lang="output">This node has joined the cluster: * Certificate signing request was sent to apiserver and a response was received. * The kubelet was informed of the new secure connection details. </code></pre></li> <li> <p>Verify you worker node connection by running this command on Master node.</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get nodes </span></span></code></pre></div></li> <li> <p>You can now run test application on pod. <em># On master</em></p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl run hello-world-pod --image<span style="color:#f92672">=</span>busybox --restart<span style="color:#f92672">=</span>Never --command -- sh -c <span style="color:#e6db74">&#34;echo &#39;Hello, World&#39; &amp;&amp; sleep 3600&#34;</span> </span></span></code></pre></div><p>And verify using <code>docker ps -a</code> command on worker node.</p> <p>You can even run nginx image</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubetctl run nginx --image<span style="color:#f92672">=</span>nginx </span></span></code></pre></div><p>Check if pod is created in worker node:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get pod </span></span></code></pre></div></li> </ol> <p>So, that&rsquo;s it for getting started.</p>