Kubernetes

Prequisites

To start with Cloudboostr Kubernetes the main requirement is the kubectl (and your favourite text editor of course). Kubectl is preinstalled on jumpbox, but can be installed on virtually any machine:

https://kubernetes.io/docs/tasks/tools/install-kubectl/

Configuration

The kubernetes cluster is configured using .kubeconfig file. As described in previous paragraph, the configuration is already in place on jumpbox, but the cluster can be also manually configured.

Easy way

  1. Go to the Concourse and log in to the environment space.
  2. Open deploy_k8s pipeline and then configure_jumpbox_k8s job.
  3. Expand step configure_jumpbox and scroll down until you see section ===== TO LOG IN FROM EXTRERNAL NETWORK USE CONFIG: =====
  4. Copy and paste into the terminal the configuration script

Example:

kubectl config set-cluster cloudboostr:bosh:k8s --server=https://cloudboostr-k8s-api-[<REDACTED>].us-west-1.elb.amazonaws.com:8443 --insecure-skip-tls-verify=true
kubectl config set-credentials bosh:k8s-admin --token=[<REDACTED>]
kubectl config set-context cloudboostr:bosh:k8s --cluster=cloudboostr:bosh:k8s --user=bosh:k8s-admin
kubectl config use-context cloudboostr:bosh:k8s
  1. Type in kubectl cluster-info to verify connection is properly configured.

Harder way

It is also possible to manually change the .kubeconfig file using the values from the pipeline and following the instructions: https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/

Default installation

You can verify the state of all installed pods and services using command kubectl get all --all-namespaces.

Result example:

NAMESPACE         NAME                                        READY   STATUS    RESTARTS   AGE
kube-system       pod/coredns-5d77bdbb55-f82wj                1/1     Running   0          9d
kube-system       pod/coredns-5d77bdbb55-tblzh                1/1     Running   0          9d
kube-system       pod/coredns-5d77bdbb55-x2g7g                1/1     Running   0          9d
kube-system       pod/filebeat-6h2v4                          1/1     Running   0          9d
kube-system       pod/filebeat-8msxf                          1/1     Running   0          9d
kube-system       pod/kubernetes-dashboard-84ffbc8546-9vvmc   1/1     Running   0          9d
kube-system       pod/metrics-server-cf9d8cd8c-489cs          1/1     Running   0          9d
traefik-ingress   pod/traefik-ingress-controller-9gdbj        1/1     Running   0          9d
traefik-ingress   pod/traefik-ingress-controller-t9rrk        1/1     Running   0          9d

NAMESPACE         NAME                              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                   AGE
default           service/kubernetes                ClusterIP   10.100.200.1     <none>        443/TCP                   10d
kube-system       service/kube-dns                  ClusterIP   10.100.200.10    <none>        53/UDP,53/TCP             9d
kube-system       service/kubernetes-dashboard      NodePort    10.100.200.145   <none>        443:31798/TCP             9d
kube-system       service/metrics-server            ClusterIP   10.100.200.44    <none>        443/TCP                   9d
traefik-ingress   service/traefik-ingress-service   ClusterIP   10.100.200.187   <none>        80/TCP,443/TCP,8080/TCP   9d

NAMESPACE         NAME                                        DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
kube-system       daemonset.apps/filebeat                     2         2         2       2            2           <none>          9d
traefik-ingress   daemonset.apps/traefik-ingress-controller   2         2         2       2            2           <none>          9d

NAMESPACE     NAME                                   READY   UP-TO-DATE   AVAILABLE   AGE
kube-system   deployment.apps/coredns                3/3     3            3           9d
kube-system   deployment.apps/kubernetes-dashboard   1/1     1            1           9d
kube-system   deployment.apps/metrics-server         1/1     1            1           9d

NAMESPACE     NAME                                              DESIRED   CURRENT   READY   AGE
kube-system   replicaset.apps/coredns-5d77bdbb55                3         3         3       9d
kube-system   replicaset.apps/kubernetes-dashboard-84ffbc8546   1         1         1       9d
kube-system   replicaset.apps/metrics-server-cf9d8cd8c          1         1         1       9d

You should see at least Treafik, CoreDNS, kube-dns and metrics-server.

Predeployed resources

By default Cloudboostr comes with pre-deployed Traefik and Kubernetes Dashboard, available at following addresses:

http://traefik-ui.k8s.[configured domain]
https://console.k8s.[configured domain]

Namespaces

Namespaces are used to partition the cluster to achieve multi-tenancy or to create separate space for specific services.

To create a namespace type:

kubectl create namespace [namespace name]

You can see the result by typing:

kubectl get namespaces

More information available in the official documentation: https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/

Deploying service

To deploy an application you can create a yaml file or just use the run command:

kubectl run nginx --image=nginx

This command will deploy the default nginx installation named nginx. This can be verified using command:

kubectl get pods
kubectl get deployments
> kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
nginx-7db9fccd9b-5s5tf   1/1     Running   0          38s

> kubectl get deployments
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
nginx   1/1     1            1           3m22s

More information about deployments available here: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/

Exposing the deployment as a service

To make the service connectible you first need to create service which routes to it:

kubectl expose deployment/nginx --type=ClusterIP --port 80

You can verify the result using command:

kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.100.200.1     <none>        443/TCP   10d
nginx        ClusterIP   10.100.200.197   <none>        80/TCP    50s

More information about services available here: https://kubernetes.io/docs/concepts/services-networking/service/

Ingress configuration

To make the service available throug the Traefik ingress controller you need to create ingress configuration yaml file and then apply it:

nginx-ingress.yml file:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: nginx
  annotations:
    kubernetes.io/ingress.class: traefik
  namespace: default
spec:
  rules:
  - host: nginx.k8s.[<DOMAIN>]
    http:
      paths:
      - path: /
        backend:
          serviceName: nginx
          servicePort: 80

Remember to change the [].

Apply the config from the file:

kubectl apply -f nginx-ingress.yml

Verify the result:

kubectl get ingress
NAME    HOSTS                                          ADDRESS   PORTS   AGE
nginx   nginx.k8s.env1.aws1.test.cloudboostr.com                 80      58s

The host should be now available in the network using the address from the list.

Documentation

More information about using Kubernetes is available in the official documentation: https://kubernetes.io/docs/setup/