Hi everyone,
This article will provide you with an overview of what Kubernetes is and how to start working with Kubernetes
Before learning Kubernetes, You need to know about Docker. Kubernetes is nothing but an Open-Source container Orchestration Technology
Docker:Docker is an open-source platform that helps automate application deployments, scaling, and management.
Before docker developers used to face problems like “It worked on my system but not on production”. Docker helped to resolve this kind of problem by making your application and all its dependencies as a package. You can run this package anywhere in any system without any issues. However, the application worked on your system. It works the same way in other systems too
Docker Image:As I explained above docker will create a package of your application with everything it needs like dependencies, env files, config files, etc. You can upload this docker image to any docker repo like DockerHub, or ECR. From the repo, you can pull the image into your system and run it in a container
Container: A container is an isolated environment where your docker image runs. Each container will be isolated from one another. But they share the same host OS Kernal making them lightweight and efficient when compared to virtual machines
Creating a docker image:
For creating a docker image of your application, create a Dockerfile in your application folder
A Sample Dockerfile looks like this with possible commands
# 1. Specify the base image
# This defines the OS and pre-installed packages the Docker container will be built on.
FROM ubuntu:20.04
# 2. Set environment variables
# ENV sets environment variables that can be used by applications inside the container.
ENV APP_HOME=/usr/src/app
ENV LANG=C.UTF-8
# 3. Install dependencies
# RUN executes commands inside the container to install software packages.
RUN apt-get update && apt-get install -y \
python3 \
python3-pip \
curl \
&& rm -rf /var/lib/apt/lists/*
# 4. Create a directory in the container file system
# WORKDIR sets the working directory for any subsequent RUN, CMD, ENTRYPOINT, or COPY commands.
WORKDIR $APP_HOME
# 5. Copy files from host to the container
# COPY copies files from your local machine (host) to the container's file system.
COPY . .
# 6. Install Python dependencies
# RUN can also be used to install specific project dependencies.
RUN pip3 install --no-cache-dir -r requirements.txt
# 7. Expose a port
# EXPOSE documents which ports the container listens on during runtime.
EXPOSE 5000
# 8. Define the default command to run the application
# CMD specifies the default command that gets executed when running a container from the image.
# It can be overridden when running the container.
CMD ["python3", "app.py"]
# 9. Set up an entry point
# ENTRYPOINT defines a command that will always run when the container starts.
# Unlike CMD, ENTRYPOINT cannot be easily overridden.
ENTRYPOINT ["python3", "app.py"]
# 10. Add a health check
# HEALTHCHECK defines how Docker should check the health of the container.
HEALTHCHECK --interval=30s --timeout=5s CMD curl -f http://localhost:5000/health || exit 1
# 11. Volume to persist data
# VOLUME allows sharing of a directory between the host and the container, ensuring persistent data.
VOLUME ["/data"]
# 12. Labels
# LABEL adds metadata to your image, such as version, description, or maintainer information.
LABEL version="1.0" description="Sample Python Flask App" maintainer="you@example.com"
- A simple Example Dockerfile
FROM python:3.9-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
EXPOSE 8000
CMD ["python", "app.py"]
Let’s understand what the file says:
The base image of the docker container is Python 3.9
WORKDIRwill set the working directory as /app in the container
COPYwill copy the requirements.txt file to the dot which means the current directory
RUNwill run the command specified here to install the requirements.xml file
COPY . . this will copy everything from the current directory to the working directory
EXPOSE will expose port 8000
The final CMDwill run the command python app.pyto start script execution
Commands for creating a docker image and running it in a container
docker build -t <image-name>:<tag> <path-to-dockerfile>
docker run -d -p <host-port>:<container-port> --name <container-name> <image-name>:<tag>
- For storing and versioning your Docker images you can use Docker Hub or AWS ECR
Here comes Kubernetesalso known as K8s
Kubernetes:
Kubernetes is an open-source platform that helps automate deployment and scaling of your containerized applications. Kubernetes manages the lifecycles of containers across multiple machines, ensuring they are running as expected
Key Concepts in Kubernetes:
Pods: A pod is the simplest and smallest Kubernetes object. It represents a single instance of a running process in the cluster and contains one or more tightly coupled containers
Node: A Node is a working machine in Kubernetes where pods are deployed
Master Node: A master node will manage all cluster operations, such as pod deployment, scaling, etc.
Worker Node: This is where the pod runs. You can consider this also a machine that is capable of running docker containers
Deployment: Consider this as a YAML file where you will define how the deployment should happen like how many replicas you need, how the container should be, and what image you need to use in the container. You will declare all this in a YAML file. Based on these instructions deployments will happen. A sample YAML deployment file
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app-deployment
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app-container
image: my-app-image:v1.0
ports:
- containerPort: 8080
Service: Usually services will provide endpoints to access the set pods. It will expose types of endpoints like cluster IP, Node Port, Load Balancer, etc, A sample Service YAML file
apiVersion: v1
kind: Service
metadata:
name: my-app-service
spec:
selector:
app: my-app
ports:
- protocol: TCP
port: 80
targetPort: 8080
type: ClusterIP
NameSpaces: By using namespaces you can divide your cluster into different parts and run different workloads in each of them like one for dev, one for staging, and one for production.
Let’s get inside the nodes.
Master Node: also known as Control Plane. These are the major components in the control plane
API Server:It is the gateway to the Kubernetes. It exposes the APIs by which we can interact with the control plane
etcd: This is a key-value-based storage that holds all the data about the cluster what application are running in the cluster and where they are running etc...
Scheduler: It will decide in which node pods need to be deployed. Based on the resources availability of nodes, it assigns the workloads
Controller Manager: It makes sure everything is under control if you specified I need 3 instances to maintain the application availability it will make sure to maintain all 3 instances. If one goes down it will spawn a new one.
Worker Node: where the actual work happens
Kubelet: It will take instructions from the control plane and make sure pods are running as instructed by the control plane
Container Runtime: This is the software responsible for running the containers. It will pull the images and run them
Kube-Proxy: It maintains the network operation in the cluster, allowing communication between the pods in the cluster and directing requests to correct pods
I hope you have a basic understanding of Kubernetes now and how it works
How to interact with Kubernetes cluster:
Kubectl: It’s a tool you can install in your system to interact with the Kubernetes cluster control plane. It’s available for all operating systems. You can download this tool using this link Install Tools | Kubernetes
AWS EKS(Elastic Kubernetes Service):
AWS offers a managed Kubernetes service called EKS, allowing you to easily create Kubernetes clusters with minimal input and deploy your containerized applications.
When you create a cluster in EKS, you are actually creating a control plane. Once the cluster is ready you can create nodes based on your need or you can use AWS Fargate for the serverless option
You will be charged $0.10 per hour for every cluster you create. On top of that whatever computing resources you create in the cluster, it will be charged based on that like EC2 pricing, storage, etc.
You can deploy multiple applications in a single cluster by taking advantage of NameSpacesin the Kubernetes.
Creating and deploying an application in the EKS cluster:
Search for EKS in the AWS Console search bar and visit the EKS home page
Click on Create a Cluster
Give a name to the cluster and create an IAMrole that allows the cluster to perform the operations it needs.
I created an IAM role named eks-testing with a policy named AmazonEKSClusterPolicy attached to it. This permission almost covers all the needs of your cluster for now. Change or create a new policy based on your needs
I took the extended support, you chose based on your need. For the cluster access, I opted for EKS API
EKS API: It will allow access to only IAM users and roles only
EKS API and ConfigMap: It will allow access to both IAM users and roles and aws-auth config map. This map is a Kubernetes resource to map IAM users and roles to Kubernetes users and roles
ConfigMap: This mode restricts the cluster to authenticate IAM principals only from the aws-auth ConfigMap. In this case, IAM users or roles must be manually mapped to Kubernetes roles in the ConfigMap before they can interact with the cluster
Leave the rest of the fields in the config cluster section as it is and click on the Next button to proceed to the network section
- Select the VPC you want the cluster to be deployed and the subnets and select Security group. Please allow the ports you need in the security group
For the cluster endpoint access, I am choosing both public and Private so that the cluster endpoint can be accessed from outside the VPC and worker nodes traffic will be within the VPC. Click on next for the next section
From the observability section, I am not enabling anything for now. If you want logs for the cluster you can enable whatever you need
I am going with the default selection here. We need core DNS, Kube-proxy, and VPC CNI for basic cluster functioning
You can leave add-on settings as it is and click on the next button to review the cluster creation
If everything is looking good, click on Create. Wait for a few minutes for the cluster to be created
Now that we have the cluster ready means we have control plane ready. Let’s create the worker nodes
- Click on the Compute tab and click on the Add Node Group button to create the worker nodes
. Give a name for the node group and select the role that has the following policies attached
These policies will allow the node group to pull images from ECR, Enable pod networking with the Amazon VPC CNI plugin, and grant worker nodes permission to interact with the control plane and cloud watch
Leave the rest of the fields as it is and proceed to compute and scaling configuration
- I am taking Amazon Linux AMI and an on-demand instance which is t3.medium and disk size of 10GB.
I am keeping the desired, minimum as 1 and a max of 2 nodes and the maximum unavailable as 1
Click on next to select the subnets
Review everything and click on the Create button. It will take a few minutes to nodes come online
Now that we have our control plane and worker nodes ready, Let’s connect to the cluster and deploy an application
Connect and deploy the application to the cluster:
For connecting to the cluster create a user in the IAM console and download the creds to your system and configure your using AWS CONFIGURE command
Click on the Access tab from the cluster and click on the Create access entry button to allow the user you created in the above step
- select the IAM user from the first input box and keep the type as standard for now. Don’t forget to click on Add Policyand then the Next Button
- From the policy, I am allowing my user to have EKS cluster admin level access and create the access
Connecting to your cluster:
-
Use this command to configure the EKS
aws eks - region update-kubeconfig - name
Replace region and cluster name with your values
-
Then run the following command whether the connection is successful or not
kubectl get nodes
It will display the node you created previously like this
Deploying the app:
-
Create a namespace demo for deploying our application using this command
kubectl create namespace demo
We will create one deployment file with nginx image running in the container with port 80 open
Then we will create a service file to create a load balancer that targets the container port 80 and exposes the port 80 to the public
Create a file name nginx-deployment.yaml file and paste the following code
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: demo # Specify the namespace if created earlier
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.21.6
ports:
- containerPort: 80
- Create a nginx-service.yaml file and paste the following code
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: demo # Specify the namespace
spec:
type: LoadBalancer
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
-
Now run the following commands to deploy and nginx and expose the 80 port
kubectl apply -f nginx-deployment.yaml
kubectl apply -f nginx-service.yaml -
It will create 3 pods in the cluster under the demo namespace. Run the following commands to see whether pods are running or not
kubectl get pods
You can see 3 pods in a running state like this
-
Run the following command to get the external IP to access the nginx server home page
kubectl get service nginx-service -n demo
Output should look something like this
Copy the external IP and make a URL like this http://externalIP hit the URL from your browser
You should see the nginx welcome page like this
That’s it. We created an EKS cluster deployed an NGINX container and verified the deployment.
In the upcoming articles, we will deep dive into Kubernetes and EKS. Till then have a good time. Thanks
Note: After done with this task please delete the node group and cluster to avoid unnecessary charges.
If you faced any issues or were blocked at any step. Please feel free to comment here. I am happy to help.
Top comments (0)