⚠️ DISCLAIMER!
Ft_services is a demanding and resource intensive project, minikube and its dependencies/components can be run on Windows, but Linux/Mac OS is recommended.
It is also recommended to have at least 8GB of RAM on your system.
Ft_services consists of setting up an infrastructure of different services using Kubernetes. All the containers of these services should be built using Alpine Linux for performance reasons. The entire project should build itself with a setup.sh file.
⚠️ It is forbidden to use prebuilt images or use services like DockerHub.
Kubernetes (κυβερνήτης, Greek for “Helmsman” or “pilot”) is an automatization/orchestration tool to deploy and manage containerized workloads and services. That might sound and look daunting, since it's not like anything we are used to dealing with.
But it's actually very doable and quite easy once you've gotten the hang of it.
Cluster
Collective term for the entirety of our running kubernetes setup (all machines/nodes).
Nodes
How kubernetes refers to physical/virtual machines that our cluster is running on.
Deployment
You can view this as a group of one or more pods, based on its settings it will create one or more pods and manage their state (recreation in case of fail etc).
Pods
A Pod is a group of one or more containers.
Container
Information and details of the container we'll be running.
The image we'll be running on the container, that's refered to by the tag you've given it.
By default the imagePullPolicy is set to Always, since normally you would pull images from a repository, we'll need to override this and set it to Never.
There are many optional settings we can supply aswell, for example:
- You can mount things to the container, such as persistentvolumes or configmaps.
- You can add environment variables to the container.
- You can run probes on the container to check the health or other state related things.
Secret
Secrets let you store sensitive information, such as user credentials and passwords.
It can be referenced to create an environment variable from the secret.
Service
A reliable way to expose an application as a network service using an external IP adress or a clusterIP (virtual IP used to communicate between pods).
It is possible to communicate between pods without a service, but you would be required to have the clusterIP of the pod in question.
By making a service and setting up the matchLabel selector we can now connect to the clusterIP of the service by using the service name as that will resolve to the clusterIP. (and that will in turn connect us through to the pod thats connected to the service)
Subtypes include:
| Type | Description |
|---|---|
| LoadBalancer | Connect to the internal loadbalancer (metallb in our case) to request an external IP address for the service. |
| ClusterIP | Default service, only used to communicate from pod to pod. |
| NodePort | Bind the service to a port on the node's external IP (something we're not allowed to use). |
Configmap
Dedicated object used to store configuration settings, both for internal processes (metalLB), and also configurations of our docker hosted applications (nginx, phpmyadmin, wordpress etc).
Role
Permissions, that's all they are. Permissions relating to the kubernetes API.
Rolebind
Connecting the subject (an account, serviceaccount etc..) to the permissions (the role).
Serviceaccount
User that's associated with pods, by default there exists one service account named 'default' that is automatically associated with every pod that gets created, if nothing else is specified.
PersistentVolume
Storage that will persist between pod crashes, as its lifetime is independent of the pod.
PersistentVolumeClaim
Used to bind a PersistentVolume with a pod.
Minikube is a way to host a kubernetes cluster, this variant will only have 1 node, as opposed to kubeadm which is used to host a cluster consisting of multiple nodes.
When starting the minikube cluster we can supply a bunch of arguments, some relating to resource usage which you can sort of tune to your liking.
What we're most interested in are the addons that minikube has to offer, all of these could be installed through different steps as well, but we're going to take advantage of the fact that we're running minikube and enable them from the start.
| Type | Description |
|---|---|
| MetalLB | the LoadBalancer we'll be using to create external IP addresses for us. |
| Dashboard | the kubernetes dashboard. (that we can open up with minikube dashboard ). |
| Metrics-Server | this will make sure metrics are collected about our cluster and can be accessed through the kubernetes API. |
--extra-config=kubelet.authentication-token-webhook=true
This allows us to authenticate our request to the kubernetes API with the service account's bearer token that's placed into every container by default.
The main commands we'll be using to interact with our cluster are:
Connects us to the docker environment running in the cluster (so that when we build an image, it can actually be found by the deployment).
Shows us logs of the specified object.
We'll mainly use this with the deployment object, as it will refer to the pod running under the deployment.
Lists all objects of that specific type and shows their general status.
Gives us detailed information about the specified object.
Create an object of the specified type.
Default use of this command would create an object of this type, with the options we give it,
however it is recommended to use yml files for the configurations instead. Luckily this same command can be used to do just that!
You can use --help pretty much anywhere with the kubectl create to give you more information on what the type of object requires.
kubectl create deployment --help for example
By specifying --dry-run=client and -o yaml we make sure it doesnt actually create an object (as we might want to change some of the settings later)
and instead we'll output the objects details in yml format instead.
delete the object of the specified type. for example kubectl delete svc wordpress.
You can also use --all instead of OBJECT_NAME.
⚠️ Using--allis not recommended withsvcasOBJECTas this will destroy your kubernetes service, which results in the demise of your cluster. You will have tominikube deleteand rerunsetup.sh.
- Create a dockerfile, add the base image with the
FROMtag and build it withdocker build -t IMAGENAME. - Google how to install the desired application on Alpine Linux and try to run it using
docker run -it IMAGENAME. - Look up what configuration you would need for your application to run as desired.
- Work.
- Implement the installation and configuration of the application into your Dockerfile.
- Create a deployment and a service (using
kubectl create). - Create any other objects you might need.