Skip to main content

Kubernetes

Save money as it makes apps more resilient and performant with less human resources.

  • Docker equates to shipping containers
  • AWS, Azure, Google Cloud are similar are akin to shipping providers
  • Kubernetes orchestrates containers into shipping providers

Benefits

Adoption of Kubernetes is accelerating, See CNCF Anual Survey for 2021

Multi-cloud capability

  • Prevent lockin
  • Productivity
  • Open-source
  • Battle-tested
  • Self-documenting

Development Flow

Wiring up services and pods

tip

Initial setup is a pain; but once you into the flow; it's easy

Load Balancer Service

Use to centralise communication to underlying microservices.

Install helm and then install ingress nginx

Ingress Nginx Documentation and install guide

Config Hosts

If you are unable to access the application you may have something already running on port 80, which is the default port for the ingress. You need to identify what is using this port and shut it down.

Add ingress domain name to the etc/hosts file.

tip

To get around Not Secure click on browser and type thisisunsafe then hit enter

Leveraging Skaffold

Using skaffold to streamline kubernetes deployment

Create a yaml file in the root of the project repository configure to watch the infrastructure folder where all the kubernetes config files a located. Skaffold will watch for changes and automatically deploy the changes.

warning

Sometimes changes to files don't get picked up correctly

HTTPS Load Balancer with TLS

Cert Manager

https://github.com/digitalocean/digitalocean-cloud-controller-manager/blob/master/docs/controllers/services/examples/README.md#accessing-pods-over-a-managed-load-balancer-from-inside-the-cluster

Commands

Check what is running. Make sure Docker Desktop has the correct context.

kubectl get pods

Secrets

 kubectl create secret generic jwt-secret --from-literal=JWT_KEY=areallybigsecret
 kubectl get secrets

To debug when a pod does not start, for example if an unknown secret name is used.

kubectl get pods
kubectl describe pod <pod name>

Get ingress-nginx namespace and service for Next getInitialProps server requests

kubectl get namespace
kubectl get services -n ingress-nginx

Inspect a pod, by get pods then add name of pod to expect. sh is interactive shell

 kubectl get pods
 kubectl exec -it auth-depl-5bf5c586d5-kjjsm sh
// forwardsing
 kubectl port-forward nats-depl-7b459c9dd-vlxzs 4222:4222

Access a Mongo DB

 kubectl get pods
 kubectl exec -it auth-depl-5bf5c586d5-kjjsm mongo

Using Secrets

kubectl create secret generic jwt-secret --from-literal=JWT_KEY=areallybigsecret
kubectl get secrets

Schema