# Module 2: Pod Management  
## Exercise 1:  Managing Pods and Services 


**Objectives**

This exercise focuses on enabling you to do the following:
- Deploy a pod to the Kubernetes cluster
- Create a test namespace
- Create a single-container pod
- Create a multicontainer pod
- Create a service for the multicontainer pod
- Use imperative commands to create a pod and a service
- Use labels and selectors

**Exercise Equipment**

In this exercise, you use the following systems.

| System                  | Host Name   | IP Addresses   | User Name (case sensitive) | Password  |
|-------------------------|-------------|----------------|----------------------------|-----------|
| Linux Mint 20           | jumphost    | 192.168.0.5    | user                       | Netapp1!  |


##### Task 1: Deploy a Pod to the Kubernetes Cluster
This activity demonstrates how to deploy a preconfigured pod within the Kubernetes cluster and how to delete the pod

Display a list of the Kubernetes cluster's namespaces, which administratively divide cluster
resources so that multiple teams, projects, and users can share those resources:


In [None]:
kubectl get namespaces


---

Pods that do not have a namespace deploy and run in the user’s default namespace.

Use`kubectl config view` to determine your default namespace.


In [None]:
kubectl config view

---


You can run the `kubectl` command in your integrated development environment
(IDE) terminal or on any node within your Kubernetes cluster.  

You can also get the same information visually from the Kubernetes extension within your IDE.   
The steps in this task use the `kubectl` command, but how you run the command is up to you.

---



List the namespaces for all the pods that run on the cluster:


In [None]:
kubectl get pods --all-namespaces


Most of the listed pods are associated with the *kube-system* namespace.  
These pods represent the services that Kubernetes creates to support its own operation.  

---


In your IDE, navigate to the Exercise 2 folder.

Inspect the *exercise2task1.yaml* file and review the following attributes:  
  - **namespace**: This entry indicates that this configuration is for the pod's default namespace.

  - **containers**: This section specifies that this pod only runs a single container.
  
  - **image**: This entry indicates that the container uses the *alpine3:2* image. Alpine is a lightweight, security-optimized Linux distribution that you can use as a foundational container image to help you create other containers.
  
  - **command**: This section indicates the command that the container executes when it starts, which, in this case, is to sleep for 60 minutes.
  
  - **restartPolicy**: This entry is set to Always. This setting means that Kubernetes should automatically restart the container if something happens to the container (for example, if the process inside the container crashes).

  <details>
  <summary>
  exercise2task1.yaml
  </summary>

  [exercise2task1.yaml](./exercise2task1.yaml)

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: alpine
  namespace: default
spec:
  containers:
  - image: alpine:3.19.1
    imagePullPolicy: IfNotPresent
    command:
      - /bin/sh
      - "-c"
      - "sleep 60m"  
    name: alpine
  restartPolicy: Always
```
---  


---

When this exercise guide refers to a specific entry in a YAML file, the guide uses the
“.” character to distinguish the block (that is, indentation) levels in the YAML output.


For example, in the YAML file that you examined in this step, 

“metadata.name” refers 

to the “name” property inside the “metadata” block.

```yaml
metadata:
  name:
```

<table>

<tr>

<td>

For example,

</td>

<td>

would be written as, in a more compact Properties format:

</td>

</tr>

<tr>
     
<td>

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: example-pod
spec:
  containers:
    - name: example-container
      image: nginx
      ports:
        - containerPort: 80
        - containerPort: 443
      env:
        - name: ENV_VAR_1
          value: value1
        - name: ENV_VAR_2
          value: value2
      volumeMounts:
        - name: volume1
          mountPath: /path1
        - name: volume2
          mountPath: /path2

```

</td>

<td>


```
apiVersion=v1
kind=Pod
metadata.name=example-pod
spec.containers.1.name=example-container
spec.containers.1.image=nginx
spec.containers.1.ports.1.containerPort=80
spec.containers.1.ports.2.containerPort=443
spec.containers.1.env.1.name=ENV_VAR_1
spec.containers.1.env.1.value=value1
spec.containers.1.env.2.name=ENV_VAR_2
spec.containers.1.env.2.value=value2
spec.containers.1.volumeMounts.1.name=volume1
spec.containers.1.volumeMounts.1.mountPath=/path1
spec.containers.1.volumeMounts.2.name=volume2
spec.containers.1.volumeMounts.2.mountPath=/path2
```
</td>

</tr>

</table>

---

Open the file [exercise2task1.yaml](./exercise2task1.yaml) by clicking on the hyperlink.  

Position your cursor over the wavy lines under the container key. 

The IDE reports a potential problem with your YAML: 

One or more containers do not have resource limits - this could starve other processes.


Correct this error and save it as **exercise2task1mod.yaml**

(see Exercise 1’s [exercise1task4.yaml](../Exercise%201/exercise1task4.yaml) file for a hint).

---

Instruct Kubernetes to launch a new pod from the file and verify the status:


In [None]:

kubectl create -f exercise2task1mod.yaml


---



You can run this command through the terminal window (```CTRL+` ```) if you navigate to the [YAML
file's location](./exercise2task1mod.yaml) or provide the complete file path.

You can also run the create operation if you use 

`Ctrl-Shift-P` (`Cmd-Shift P` on a Mac),

**or** 

select **View> Command Palette**, and then enter **Kubernetes: Create**.

---



Verify that the alpine pod is running:


In [None]:

kubectl get pods -n default


If you use the Kubernetes extension in the IDE, you might need to click the refresh
button to see the running pod.

 Make sure you also change to the **default** namespace.

 ---
 


Review the detailed information about the newly created pod:


In [None]:

kubectl describe pod alpine


---

To get a **describe** output of a running pod within the Kubernetes IDE extension, right-click
the running pod and select **Describe**.

---


The **describe** command returns a substantial amount of information about the
containers in the pod.


This information includes 
  - the internal IP addresses, 
  
  - the nodes that the pod uses for execution, and 
  
  - an event log that pertains to the containers. 

If any errors occur during container instantiation, the output’s Events section also lists
the errors.

---

Destroy the pod and verify the pod’s deletion by periodically querying the pod status 

(this operation might take up to 60 seconds to finish):


In [None]:
kubectl delete pod alpine


In [None]:
kubectl get pods

sleep 20

kubectl get pods

sleep 20

kubectl get pods


---

To delete a running pod within the Kubernetes IDE extension, right-click the running pod and select **Delete** or **Delete Now**.

---

##### Task 2: Create a Test Namespace

In this task, you create and work with a namespace.


Create a namespace:


In [None]:
kubectl create namespace test


---

Verify the namespace:


In [None]:
kubectl get ns


------

Configure your current context to use the test namespace as the primary namespace:


In [None]:
kubectl config set-context --current --namespace=test



---
Verify the change:


In [None]:
kubectl config view


Instantiate a pod:

<details>
<summary>
exercise2task2.yaml
</summary>

[exercise2task2.yaml](./exercise2task2.yaml)

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: webserver
spec:
  containers:
  - name: app
    image: httpd:2.4.54
    imagePullPolicy: IfNotPresent
    ports:
    - containerPort: 80
    resources:
      requests:
        memory: "64Mi"
        cpu: "250m"
      limits:
        memory: "128Mi"
        cpu: "500m"

```

In [None]:
kubectl apply -f exercise2task2.yaml


Answer the following questions:

In which namespace was the pod created? Why?



In [None]:
echo "default namespace"
echo "================="
kubectl -n default get pods

echo " "
echo "test namespace"
echo "=============="
kubectl -n test get pods



Delete the webserver pod.



In [None]:
kubectl delete pod webserver

---
Delete the test namespace.


In [None]:
kubectl delete ns test

---

Set your context to use the default namespace as the primary namespace:


In [None]:
kubectl config set-context --current --namespace=default



---

Verify the change:


In [None]:

kubectl config view


---

##### Task 3: Create a Single-Container Pod


In this task, you familiarize yourself with the YAML syntax, create a single-container definition file, and
instantiate the pod.

---


The following steps are not completely guided; you must look for specific information
to create your own YAML files. 

You create three different YAML files during this task.


To search for a specific public container image, use the Docker hub.

--- 

Create a simple YAML file in your IDE that creates a single-container pod running a web
server:
  - Name of the file: **exercise2Task3.yaml**
  - Pod name: **nginx-pod**
  - Namespace: **default**
  - Container name: **nginx**
  - Container image: **nginx:1.25-alpine-slim**

Optionally, add resource limits.

---





After you create the YAML file, save it.

If you create this YAML file without any IDE assistance, use the **dry-run** option to parse the file for syntax errors, without applying any changes:


In [None]:

kubectl create --dry-run=client --output=json -f exercise2task3.yaml


---



To monitor the process, open another terminal on your jumphost and run
the following command:

Use Ctrl-C to exit the command.

If running watch in the Jupyter Notebook Cell, you will need to click on the stop button on the left of the cell.

In [None]:


watch kubectl get pods -n default


---

Send the file to the scheduler to create your container and pod:


In [None]:
kubectl create -f exercise2task3.yaml


--- 

After you create the pod, check the detailed output:


In [None]:
kubectl describe pod nginx-pod


--- 

Destroy the pod:


In [None]:
kubectl delete pod nginx-pod

---


##### Task 4: Create a Multicontainer Pod

Create a multicontainer pod that looks like the following illustration:

![Task4 Image](../image.png)





Create a YAML file named **exercise2task4.yaml** that creates a multicontainer pod running a webserver and a repository:
     
```yaml
     Pod name: multi
     Namespace: default
     Labels in the metadata key: app: webapp
     Volumes in the spec key:
       volumes:
        - name: html
          emptyDir: {}
     First container name: frontend
     First container image: nginx:1.25-alpine-slim
     First container volume mount:
       volumeMounts:
       - name: html
         mountPath: /usr/share/nginx/html
     Second container name: backend
     Second container image: debian:11.8-slim
     Second container volume mount:
       volumeMounts:
       - name: html
         mountPath: /html
       command: ["/bin/sh", "-c"]
       args:
       - while true; do date >> /html/index.html; sleep 60; 
         done;
```
    
(Optionally, add resource limits.)

For help in creating this pod definition file, see the Solutions subfolder.



<details>
<summary>
Solution
</summary>

[Solution](./Solutions/exercise2task4.yaml)




If you want to monitor the process, open another terminal on your jumphost ```CTRL+` ```

and run the following command 

(and pay attention to the READY column):



---

Instantiate the pod:


In [None]:
kubectl apply -f exercise2task4.yaml


---

After you create the pod, check the detailed output:


In [None]:
kubectl describe pod multi


---

Check that the backend resource is accessible:


In [None]:
kubectl exec multi -c backend -- /bin/cat /html/index.html


---

Check that the frontend resource is accessible:


In [None]:
kubectl exec multi -c frontend -- /bin/cat /usr/share/nginx/html/index.html


**Do not delete this pod because you use it in the next task.**

---

##### Task 5: Create a Service for the Multicontainer Pod

In this task, you provide access between the two pods that you already configured.


Create a YAML file called **exercise2task5.yaml** that exposes a port from the
**exercise2task4 pod** outside of Kubernetes. 

This type is called a **NodePort** service.

```yaml
   - Service name: multi-service
   - Namespace: default
   - Type: NodePort
   - Target Port: 80
   - Port: 80
   - Selector: app: webapp

```

See the Solutions subfolder if you have any problems.




<details>
<summary>
Solution
</summary>

[Solution](./Solutions/exercise2task5.yaml)



---


Send the file to the scheduler to create your container and pod:


In [None]:

kubectl create -f ./Solutions/exercise2task5.yaml


---


Check that your service is visible:


In [None]:
kubectl get services


---

Verify the NodePort configuration:


In [None]:
kubectl describe services multi2


---

Record the exposed NodePort listed in the **describe** output in the cell below.

Then, Execute the cell below to assign the value to $NodePort


In [None]:
NodePort=30800

Open a browser and try to connect to a node by using the NodePort that you received in the
previous step:


http://[any-node-ip-address-in-the-k8s-cluster]:3[xxxxx]  


Edit the cell below to replace [any-node-ip-address-in-the-k8s-cluster] with the actual ip address of one of the nodes and the NodePort number (starting with 3). You can then `CTRL Click` to open the url


In [None]:

http://[any-node-ip-address-in-the-k8s-cluster]:3[xxxxx]


In [None]:

echo http://kubwor1-1:$NodePort


Answer the following question:  

How does the service know that it needs to route the http request to the multi pod?



---

Delete your service:


In [None]:
kubectl delete -f exercise2task5.yaml


---

Verify that the deletion was successful:


In [None]:
kubectl get services


---

After your tests succeed, delete the multicontainer pod:


In [None]:
kubectl delete pod multi

---

##### Task 6: Use Imperative Commands to Create a Pod and a Service

Previously, you created pods and services by using declarative methods. 

You can also quickly create these objects by using single commands. 

In this task, try to perform all the steps in your IDE’s terminal window.


In your IDE’s terminal window, navigate to your repository’s location and then to the Exercise 2
folder. 

You can also execute the code in the Code Cells


In [None]:

cd ~/Repos/STRSW-ILT-KA/Exercise\ 2



In your IDE’s terminal window, create a pod definition by using imperative commands:


In [None]:
kubectl run redis --image=redis123 --dry-run=client -o yaml > exercise2task6.yaml


Open the pod definition in your IDE.

[exercise2task6.yaml](./exercise2task6.yaml)

---

The image **redis123** does not exist. 

Change the image from **redis123** to **redis:7.2.3**.

---

Remove the created timestamp key-value pair.


Save the updated pod definition.


---

Create the pod by using the pod definition file that you created in the previous step:


In [None]:
kubectl create -f exercise2task6.yaml


---

Verify that the pod is running.


In [None]:
kubectl get pods

---

Delete the pod.


In [None]:
kubectl delete pod redis

---

Create another pod by using an imperative command that includes **label tier=front** and
**port 80**.


In [None]:
kubectl run webapp --image=httpd:alpine3.19 --labels tier=front --port 80


---

Describe the pod and check the logs:


In [None]:
kubectl describe pod webapp


---

Create a service that exposes target port 80 by using imperative commands:


In [None]:
kubectl expose pod webapp --name webapp-service --port 80 --target-port 80 --type NodePort


---

Review the created objects (and identify the NodePort TCP port that was used):


In [None]:
kubectl describe service webapp-service


In [None]:
NodePort=30381

---

Identify the IP address of a node in the cluster:


In [None]:
kubectl get nodes -o wide


---

Access the service from an IP of a node and NodePort:


`http://<NodeIP>:<NodePort_TCP_PORT>`

Enter the Node IP address in the cell below and execute it, by clicking on the Play button, or `CTRL+ENTER`


In [None]:
NodeIP=192.168.0.62

Execute the next cell to generate the URL, then click on it to open the page in a browser

In [None]:
echo http://$NodeIP:$NodePort


If you did not receive a response from the server, you did not properly set up environment.


---


Remove all the objects:


In [None]:
kubectl delete service webapp-service
kubectl delete pod webapp


---
---


##### Task 7: Using Labels and Selectors

This activity demonstrates how to deploy preconfigured pods within the Kubernetes cluster and how to
delete a pod.

Do not worry about the object types. 

You see more object types in a later module.



---


Investigate [exercise2task7.yaml](./exercise2task7.yaml) and notice that this single file contains several definitions that are separated by “---" lines. 

Do not worry about the deployment type for now.

<details>
<summary>
exercise2task7.yaml
</summary>

[exercise2task7.yaml](./exercise2task7.yaml)

```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: app-1
  labels:
    app: app-1
spec:
  replicas: 3
  revisionHistoryLimit: 3
  selector:
    matchLabels:
      bu: finance
      app: nginx
      tier: prod
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  template:
    metadata:
      labels:
        bu: finance
        app: nginx
        tier: prod
    spec:
      containers:
      - name: nginx
        image: nginx:1.25-alpine-slim
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
        resources: 
          requests:
            memory: "64Mi"
            cpu: "250m"
          limits:
            memory: "128Mi"
            cpu: "500m"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: app-2
  labels:
    app: app-2
spec:
  replicas: 3
  revisionHistoryLimit: 3
  selector:
    matchLabels:
      bu: it
      app: nginx
      tier: dev
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  template:
    metadata:
      labels:
        bu: it
        app: nginx
        tier: dev
    spec:
      containers:
      - name: nginx
        image: nginx:1.25-alpine-slim
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
        resources: 
          requests:
            memory: "64Mi"
            cpu: "250m"
          limits:
            memory: "128Mi"
            cpu: "500m"
---
apiVersion: v1
kind: Service
metadata:
  name: app-1
  labels:
    app: app-1
spec:
  ports:
    - port: 80
      targetPort: 9876
  selector:
      bu: finance
      app: nginx
      tier: prod
---
apiVersion: v1
kind: Service
metadata:
  name: app-2
  labels:
    app: app-2
spec:
  ports:
    - port: 80
      targetPort: 9876
  selector:
      bu: it
      app: nginx
      tier: dev

```

---


Create the objects:


In [None]:
kubectl apply -f exercise2task7.yaml


---

List the labels that you created on the pods:


In [None]:
kubectl get pods --show-labels


---

Use an **app-1** and **app-2** service to investigate how the app-1 and app-2 pods are exposed.



In [None]:
kubectl describe service app-1


In [None]:
kubectl describe service app-2


---

Remove all the objects:


In [None]:
kubectl delete deployment app-1 app-2
kubectl delete service app-1 app-2


Notice that the [exercise2task7b.yaml](./exercise2task7b.yaml) file has an error.

Fix the error, and save the file as `exercise2task7bmod.yaml`
and deploy the ReplicaSet by running 

`kubectl apply -f exercise2task7bmod.yaml`.

<details>
<summary>exercise2task7b.yaml
</summary>

[exercise2task7b.yaml](./exercise2task7b.yaml)

```yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: app-3
spec:
  replicas: 2
  selector:
    matchLabels:
      tier: frontend
  template:
    metadata:
      labels:
        tier: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.25-alpine-slim
        imagePullPolicy: IfNotPresent

```

In [None]:
kubectl apply -f exercise2task7bmod.yaml

In [None]:
kubectl get rs

In [None]:
kubectl get pods

---

Clean up the resources:


In [None]:
kubectl delete rs app-3


Notice that the Kubernetes extension in your IDE does not have a **ReplicaSet** workload category, so you must delete the ReplicaSet through the CLI.


---


End of exercise


---
---