kubectl get pod
kubetctl get deployment
kubetctl get replicaset
kubetctl get services
kubetctl get nodes
kubectl exec -it POD_NAME -- /bin/bash # same like docker exec
kubectl apply -f DEPLOYMENT_FILE_NAME.yaml
kubectl delete -f DEPLOYMENT_FILE_NAME.yaml
kubectl create deployment DEPLOYMENT_NAME
kubectl edit deployment DEPLOYMENT_NAME
kubectl delete deployment DEPLOYMENT_NAME
kubectl get deployment nginx-deployment -o yaml
kubectl logs POD_NAME
kubetctl describe pod PODNAME
There are 3 parts in each configuration file.
- Metadata
- Specification
- Status
apiVersion: apps/v1
kind: Deployment
Contains name and labels
metadata:
name: nginx-deployment
labels: ....
Contains specification / how many resources we need to create
spec:
replicas: 2
selector: ...
template: ...
- Desired status or Actual status generated and known by K8s.
- k8s update the status continuously, Basically comparing the specification with actual state.
- ETCD holds the current status of k8s
- Deployments: Store the information of PODS and manage pods
- Labels: metadata contains labels
- Template: Has its own metadata and spec section, This configuration applies to POD and specs in here is blueprint
- Pods get the label through the template blueprint
- Selectors: is basically a Spec
- Metadata: contains key value pair
- Connecting Services to deplyments is basically done by labels inside metadata. See example#2 For connection you need to see the section of LABELS where there is a key-value pair for eg.
labels:
app: nginx
- Ports in Service and POD: FLOW: DB Service > port 80 > nginx service > target port 8080 > pod
ports:
- protocol: TCP
port: 80
targetPort: 8080
- External Service:
To make the service external you need to add two things:
- type: externalloadbalancer inside the service configuration > spec > type
- Nodeport: inside port section which is basically with in the range of 30000 - 32767
To create deployment:
kubectl apply -f nginx-deployment.yaml
Code:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
####### This label is matched by selector in example#2 and is responsible for connecting Services to Deployments
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
####### This below section applies to POD/Blue print of POD
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 8080
To create service:
kubectl apply -f nginx-service.yaml
Code:
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 8080
muhammad.shakeeb@nb-shakeeb ~/k8s k describe service nginx-service
Name: nginx-service
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"nginx-service","namespace":"default"},"spec":{"ports":[{"port":80...
Selector: app=nginx
Type: ClusterIP
IP: 10.101.142.44
Port: <unset> 80/TCP
TargetPort: 8080/TCP
Endpoints: 10.244.0.14:8080,10.244.0.15:8080
Session Affinity: None
Events: <none>
muhammad.shakeeb@nb-shakeeb ~/k8s k get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deployment-5f54fc8b8b-9npjh 1/1 Running 0 96s 10.244.0.14 minikube <none> <none>
nginx-deployment-5f54fc8b8b-cszqv 1/1 Running 0 93s 10.244.0.15 minikube <none> <none>
muhammad.shakeeb@nb-shakeeb ~/k8s
2 Deployment POD 2Services 1ConfigMAP 1Secret
Browser request flow: Browser > Mongo Express ( External Service ) > Mongo Express ( POD ) > MongoDB ( Internal Service ) > MongoDB ( POD )
Create base64 secrets for example:
muhammad.shakeeb@nb-shakeeb ~/k8s echo -n "password" | base64
cGFzc3dvcmQ=
secret.yaml file
apiVersion: v1
kind: Secret
metadata:
name: mongodb-secret
type: Opaque
data:
mongo-root-username: dXNlcm5hbWU=
mongo-root-password: cGFzc3dvcmQ=
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mongodb-deployment
labels:
app: mongodb
spec:
replicas: 1
selector:
matchLabels:
app: mongodb
template:
metadata:
labels:
app: mongodb
spec:
containers:
- name: mongodb
image: mongo
ports:
- containerPort: 27017
env:
- name: MONGO_INITDB_ROOT_USERNAME
valueFrom:
secretKeyRef:
name: mongodb-secret
key: mongo-root-username
- name: MONGO_INITDB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mongodb-secret
key: mongo-root-password
- Selector is important and responsible to connect service with Deployment, See the selector value is:
app: mongodbfrom above deployment configuration in section Matchlabels. - Port is Service PORT
- TargetPort is Container POD, Defined inside container blue print, you can take it from containerPort from deployment configuration.
apiVersion: v1
kind: Service
metadata:
name: mongodb-service
spec:
selector:
app: mongodb
ports:
- protocol: TCP
port: 27017
targetPort: 27017
muhammad.shakeeb@nb-shakeeb ~/k8s k describe service mongodb-service
Name: mongodb-service
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"mongodb-service","namespace":"default"},"spec":{"ports":[{"port":...
Selector: app=mongodb
Type: ClusterIP
IP: 10.102.106.204
Port: <unset> 27017/TCP
TargetPort: 27017/TCP
Endpoints: 10.244.0.16:27017
Session Affinity: None
Events: <none>
muhammad.shakeeb@nb-shakeeb ~/k8s k get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
mongodb-deployment-699744c7d-hkr48 1/1 Running 0 13m 10.244.0.16 minikube <none> <none>
muhammad.shakeeb@nb-shakeeb ~/k8s
To link and use from another deployment, See here we use database_url from mongodb-service
---
apiVersion: v1
kind: ConfigMap
metadata:
name: mongodb-configmap
data:
database_url: mongodb-service
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mongo-express-deployment
labels:
app: mongo-express
spec:
replicas: 1
selector:
matchLabels:
app: mongo-express
template:
metadata:
labels:
app: mongo-express
spec:
containers:
- name: mongo-express
image: mongo-express
ports:
- containerPort: 8081
env:
- name: ME_CONFIG_MONGODB_ADMINUSERNAME
valueFrom:
secretKeyRef:
name: mongodb-secret
key: mongo-root-username
- name: ME_CONFIG_MONGODB_ADMINPASSWORD
valueFrom:
secretKeyRef:
name: mongodb-secret
key: mongo-root-password
- name: ME_CONFIG_MONGODB_SERVER
valueFrom:
configMapKeyRef:
name: mongodb-configmap
key: database_url
Two difference: TYPE: LOADBALANCER NODEPORT: 30000
---
apiVersion: v1
kind: Service
metadata:
name: mongo-express-service
spec:
selector:
app: mongo-express
type: LoadBalancer
ports:
- protocol: TCP
port: 8081
targetPort: 8081
nodePort: 30000
muhammad.shakeeb@nb-shakeeb ~/k8s k get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 8d
mongo-express-service LoadBalancer 10.104.61.84 <pending> 8081:30000/TCP 34s
mongodb-service ClusterIP 10.102.106.204 <none> 27017/TCP 35m
muhammad.shakeeb@nb-shakeeb ~/k8s ip a
zsh: command not found: ip
✘ muhammad.shakeeb@nb-shakeeb ~/k8s minikube service mongo-express-service
|-----------|-----------------------|-------------|---------------------------|
| NAMESPACE | NAME | TARGET PORT | URL |
|-----------|-----------------------|-------------|---------------------------|
| default | mongo-express-service | 8081 | http://192.168.64.2:30000 |
|-----------|-----------------------|-------------|---------------------------|
🎉 Opening service default/mongo-express-service in default browser...
namespaces provide a way to logically partition resources within a cluster. They are commonly used to organize and isolate workloads, applications, and resources. Here's what can be run or managed within different namespaces:
Pods: Pods are the smallest deployable units in Kubernetes and can be created within namespaces. Each Pod is associated with a specific namespace and runs one or more containers.
Deployments: Deployments manage the lifecycle of Pods and ReplicaSets. Deployments can be created in namespaces to manage the deployment and scaling of applications.
Services: Services provide network connectivity to Pods and can be created within namespaces. Services allow communication between Pods within the same namespace or across namespaces using DNS resolution.
ConfigMaps and Secrets: ConfigMaps and Secrets are used to store configuration data and sensitive information, respectively. They can be created within namespaces and mounted into Pods as volumes.
PersistentVolumes and PersistentVolumeClaims: PersistentVolumes represent storage volumes in the cluster, while PersistentVolumeClaims are requests for storage by Pods. They can be created within namespaces to manage storage resources.
Resource Quotas and LimitRanges: Resource Quotas and LimitRanges are used to enforce resource usage limits within namespaces. They can be defined to restrict the amount of CPU, memory, and storage that Pods and containers can consume.
Jobs and CronJobs: Jobs and CronJobs are used to run batch or scheduled tasks within the cluster. They can be created within namespaces to perform specific tasks or run periodic jobs.
Role-Based Access Control (RBAC) Policies: RBAC policies define permissions for users and service accounts within namespaces. They control who can access and manage resources within the namespace.
Network Policies: Network Policies are used to define rules for network traffic within the cluster. They can be created within namespaces to control communication between Pods and enforce security policies.
Custom Resources: Custom Resources are extensions of the Kubernetes API and can be created within namespaces. They allow you to define and manage custom types of resources specific to your application or environment.
You can watch videos which I basically followed: https://www.youtube.com/watch?v=X48VuDVv0do&t=3581s