Skip to content

rurumimic/node-on-kube

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
backend
backend
 
 
db/mariadb
db/mariadb
 
 
docs
docs
 
 
hpa
hpa
 
 
ingress
ingress
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
short-name.md
short-name.md
 
 

Repository files navigation

Node on Kube

  1. Setup
  2. Service Mesh
    • Istio
  3. Database
    • MariaDB
    • Persistent storage
  4. Backend
    • app: node.js
    • reverse proxy: nginx
  5. Ingress
    • ingress controller
      • istio gateway
      • ingress-nginx
    • secret: certificates
    • deploy ingress
    • (option) mutual authentication
  6. Test
  7. Horizontal Pod Autoscaler
  8. Destroy k8s applications
  9. Tip

Setup

Docker Desktop

Docker Desktop for Mac Edge release notes

  • Docker 19+
  • Docker Compose 1.26+
  • Kubernetes 1.18+ (for Kubernetes Metrics Server)

Settings:

  1. Resources (for Istio)
    • CPUs: 4
    • Memory: 8GB
  2. Enable Kubernetes

/etc/hosts

127.0.0.1 example.localhost

Istio

(First time only) Add label

kubectl label namespace default istio-injection=enabled

(First time only) Install

curl -L https://istio.io/downloadIstio | sh -
cd istio-1.6.3

Export PATH

export PATH=$PWD/bin:$PATH

Install a profile

istioctl install --set profile=demo

Database

MariaDB

kubectl apply -f db/mariadb/configmap.yml;
kubectl apply -f db/mariadb/volume.yml;
kubectl apply -f db/mariadb/deploy.yml;

Insert data from dump files

kubectl exec -i $(kubectl get pod --selector=app=mariadb --template '{{range .items}}{{.metadata.name}}{{end}}') -c db \
-- sh -c 'exec mysql -umaster -pmypw' < db/mariadb/data/dump.sql

Read Setup MariaDB

Backend

Build Node.js Docker Image

docker build -t node-app backend/app

Deploy Backend Service

kubectl apply -f backend/proxy/configmap.yml;
kubectl apply -f backend/deploy.yml;

Ingress

Istio Ingress Secure Gateway

  1. Set IP and Port
  2. Create certificates
  3. Create a gateway and a virtual service:
kubectl apply -f ingress/istio/gateway.yml;

Check ingress settings:

istioctl analyze;

✔ No validation issues found when analyzing namespace: default.

NGINX Ingress Controller for Kubernetes

(First time only) Install a ingress controller

Docker for Mac
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud/deploy.yaml

Using other platforms:

  • minikube
  • Helm 2

Verify Installation

kubectl get pods -n ingress-nginx -l app.kubernetes.io/name=ingress-nginx --watch

Once the ingress controller pods are running, you can cancel the command typing Ctrl+C.

Basic Ingress: TLS

SSL Certificate

Read Ingress Secret

Create the Secret:

kubectl apply -f ingress/ingress-nginx/basic/secret.yml

Deploy Ingress

kubectl apply -f ingress/ingress-nginx/basic/ingress.yml

(Option) Auth Ingress: Client Certificate Authentication

Read Client Certificate Authentication: Mutual Authentication

Test

CURL

curl -v -HHost:example.localhost --resolve "example.localhost:443:127.0.0.1" \
--cacert ingress/istio/certs/example.localhost.crt "https://example.localhost:443"

HTTP/2 200

Open a browser

Open http://example.localhost

It is automatically redirected to HTTPS.

Init containers

Read Init Containers

  1. Open http://example.localhost/wiki/bauhaus.html.
  2. Compare with Wikipedia: Bauhaus.

Kiali

  • Username: admin
  • Password: admin
istioctl dashboard kiali
  1. Left menu: Graph
  2. Namespace: default

Horizontal Pod Autoscaler

Read Horizontal Pod Autoscaler

Destroy Kube application

Ingress

Istio Gateway

kubectl delete -n istio-system secret gateway-secret;
kubectl delete -f ingress/istio/gateway.yml;
istioctl manifest generate --set profile=demo | kubectl delete -f -

ingress-nginx

kubectl delete -f ingress/basic/ingress.yml;
kubectl delete -f ingress/basic/secret.yml;

Docker for Mac

kubectl delete -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud/deploy.yaml

Backend

kubectl delete -f backend/deploy.yml;
kubectl delete -f backend/proxy/configmap.yml;

MariaDB

kubectl delete -f db/mariadb/deploy.yml;
kubectl delete -f db/mariadb/volume.yml;
kubectl delete -f db/mariadb/configmap.yml;

Tip

Object List

kubectl get deploy # deployments, deployment
kubectl get svc    # services, service
kubectl get ep     # endpoints, 
kubectl get rs     # replicasets, replicaset
kubectl get po     # pods
kubectl get ing    # ingress

Network

curl -X GET backend-service:80;
curl -X GET backend-service.default:80;
curl -X GET backend-service.default.svc:80;
curl -X GET backend-service.default.svc.cluster.local:80;

Appendix

Ingress

Install a ingress controller with other platforms

minikube

For standard usage:

minikube addons enable ingress

For development:

# Disable the ingress addon:
minikube addons disable ingress
make dev-env
kubectl get pods -n ingress-nginx
Helm 2
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx/
helm install --name ingress-nginx ingress-nginx/ingress-nginx

About

No description or website provided.

Topics

nginx kubernetes node db istio

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Languages