Docker, Kubernetes

Docker

• Containerize the application
• Each service with its own dependencies
• Container share the kernel
• docker container run -d -p 8888:8080  vdesu/dashboard
• http://localhost:8888/dashboard/  
  

 

 Advantages:

• Docker Image with all dependencies. NO Ops involvement

 

Challenges

• How to scale up and scale down
• automaticaly deploy & manage containers

 

 

 

Kubernetes

• It is Container Orchestration technology
• To orchestrate deployment and management of hundreds and thousands of containers in a clustered env
  
• Declarative object configuration files
• Container
• It is isolated environment
• run each component in  separate container with its own libraries & dependencies
• Orchestration
• Orchestrate connectivity between containers 
• #users increase and scale up /down based on load

Basic concepts

• Node 
• machine physical or virtual on which kubernetes is intalled
• It is a worker machine where kubernetes launches containers
• Cluster
• Set of nodes grouped together
• Master
• Another node where kubernetes is intalled and configured as master

Kubectl

• Tool to deploy  and manage applicaitons on kubernetes cluster
• kubectl run vdesu/dashboard   -> deploys application on cluster
  
• kubectl cluster-info
• kubectl get nodes
  
  

Kubernetes Objects:

• POD -> encapsulated container which is a kubernetes object known as POD. POD may contain other helper containers
  
• Replicas
• Deployment
• Services
  

 

• POD 
• Smallest object that you can create in Kubernetes
• Single instance of application. It encapsulates container

 

Commands to create POD

• kubectl run vddashboard --image=vdesu/dashboard
  
• kubectl get pods -o wide
  

pod-definition.yaml

• Kubernetes uses yaml files as input for creation of Objects
• Yaml structure
  

 

 kubectl create -f podwithyamldef.yaml

 

 Replicas

• Creates multiple instances of pod 
• Automatically brings up new pod when existing pod fails
• kubectl create -f repl-controller.yml
• kubectl get replicationcontroller
• 
  

Deployments

• Upgrade docker instances seamlessly when new version of applicaiton is avaialble
• rolling updates & recreate strategy to upgrade 
• kubectl create -f repl-controller.yml 
• kubectl get deployments
• kubectl get all
  

 

 

 

Services

• kubectl get svc
• minikube service myapp-service --url
  

 

 

 Namespaces

• nameses created automatically when cluster is setup
• default  -> default namespace
  
• kube-public ->
  
• kube-system  -> services & pods for kubernetes services
  
• Create namespace
• kubectl create namespace Dev
• apiVersion: v1
  kind: Namespace
  metadata:
      name: Dev
  
• kubectl get namespaces
• kubectl get ns
• kubectl get pods --namespace=kube-system 
• kubectl get pods --all-namespaces
  
• Create pod using namespace
• kubectl create -f pod_def.yaml --namespace=dev
• or add namespace: dev under metadata element in yaml 
• Move to other namespace permanently so that we don't need to specify namespace option any more
  
• kubectl config set-context $(kubectl config current-context) --namespace=dev
• kubectl get pods --all-namespaces
  

 Contexts

• Used to manage multiple clusters, environments from same management system. 

Resource Quota

• To limit resources in a namespace- create a resource quota
• apiVersion: v1
  kind: ResourceQuota
  metadata:
      name: Dev
      namespace: dev
  spec:
     hard:
         pods: "10"
         requests.cpu: "4"
         requests.memory: "5Gi"
         limits.cpu: "10"
         limits.memory: 10Gi
  

 

Label Nodes

• kubectl label nodes <node-name> <label-key>=<label-value>
• kubectl label nodes node2 size=Large
• <label-key>=<label-value>

Node Affinity

• Provides us with advanced capabilities to limit pod placement on nods
• 
  

Node Selectors

• kubectl get pods --selector name=Dev

Daemon setsThey are like replica sets

• It is to ensure one copy of pod is always placed an each available node on cluster
•  kind: DaemonSet

Logging & Monitoring

• Kubenetes doesn't have full featured builtin monitoring solution
• Open source solutions available 
• Metric server
• Prometheus
• Elastic Stack
• Data dog
• dyna trace
• Metric Server
• One per cluster
• It receives metrics from each of the pod, aggregates and stores in memory
• enable metrics on minikube
• minikube addons enable metrics-server
• kubectl top nodes
• kubectl top pod

Application Logs

• docker logs -f <container_id>   -> for docker
• kubectl logs -f <pod_name> 
• kubectl logs -f <pod_name> <container_name>
• kubectl logs -f <pod_name> | grep user5

Environment Variables

• plain key value
• use 'env' element under yaml spec element and provide values
• config maps
• Used to pass config data in form of key value pairs
• Central config maps instead of yaml
• When pod is created inject config map into the pod so that key value pairs are available as env variables for application hosted inside the container
  
• kubectl create configmap app-config  --from-literal=APP_COLOR=blue
• kubectl create configmap app-config --from-file=app_config.properties
• kubectl create -f <yaml file with kind=ConfigMap> 
• secrets
• Similar to config but in encoded format
• Imperative way of creating secrets
• kubectl create secreat generic app-secret  --from-literal=APP_COLOR=blue
• kubectl create secreat generic app-secret  --from-file=app_config.properties
• Declarative approach
•  kubectl create -f <yaml file with kind=Secret> 
• encode/decode
• echo -n 'asdf' | base64 --encode
  
• echo -n 'asdf' | base64 --decode 
• Secret in POD as volume

Multi-container pods

• Idea of decoupling large monolithic application  into sub-components called micro services enables us to develop and deploy as a set of independent, small reusable code. 
• This architecture helps us to scale up/down as well as modify each service as required instead of entier applications
•  
  

 

Docker

• Image - Package or template
• Containers - Running instances of Images that are isolated and have their own env and have set of processes
• Container Orchestration - Process of automatically deploy and manage containers is Container Orchestration.
• Docker swarm, Kubernetes, Apache Mesos
  

Node

• It is a machine(physical/Virtual) on which K8 is intalled
  

Cluster 

• Set of nodes grouped together

Master

• Another node where Kubernetes is installed.
• Configured as master

Components of K8

• Api server -> REST services for extenal interface, runs on Kubernetes Master Node
  
• etcd -> key value store to manage cluster
  
• kubelet ->  Agent that runs on each node of cluster. It is responsible for making sure containers are running as expected
  
• container runtime -> underlying software to run the containers
  
• controller -> brain behind orchestration. responsible for noticing and responding when nodes go down.
  
• scheduler -> distribute work
  

 kubectl

• tool to deploy and control applications
• kubectl run hello-kubernetes —image=k8s.gcr.io/echoserver:1.4 —port=8080
• Creates a POD and deploys instance of image docker image
• kubectl get pods
• kubectl describe pod <pod name>
• kubectl get pods -o wide    -> where the pods are running including internal ip address
• kubectl get nodes
• kubectl cluster-info

How to check virtualization is supported in linux

• grep -E --color 'vmx|svm' /proc/cpuinfo 
• output should be not empty
• 
  

Installation

• Install kubectl -> refer to kubernetes.io
  
• install minikube
  

YAML

• to represent config data
• syntax
• space after :
• - represents element of array
• # comment
•  

Create PODs with Yml file

• Kubernetes uses yml file as input for creation of objects. All of them follow similar structure with 4 top level fields
• apiVersion: v1 -> version of kubernetes api(v1,apps/v1)
  
• kind -> type of object we are trying to create(Pod, Service, ReplicaSet, Deployment)
  
• metadata -> data about object like name, labels(labels can have custom key value pairs)
  
• spec  -> containers->name, image
  
•  kubectl create -f pod-definition.yml
• kubectl get pods
• kubectl describe pod <pod name>

Deployment

 

Service Types

• Enable communication between various components within and outside of the application
• NodePort service
• Service that listens to a port on a node and forward request to port where web application is running.
• ClusterIP
• Service creates a virtual ip inside cluster to enable communication between front end service with back end service
• LoadBalancer
•  
  

 

 Minikube

• minikube start  or minikube start --vm-driver=hyperv
  
• minikube status
• kubectl get nodes
• kubectl create deployment hello-minikube --image=k8s.gcr.io/echoserver:1.4
• kubectl get deployments 
• kubectl expose deployment hello-minikube --type=NodePort --port=8181
• minkube service  hello-minikube --url
• kubectl delete services hello-minikube
•  kubectl delete deployment hello-minikube
•  

Docker 

• Tool to deploy & manage microservices
• Docker is basically a container engine which uses the Linux Kernel features like namespaces and control groups to create containers on top of an operating system and automates application deployment on the container. Docker uses Copy-on-write union file system for its backend storage

Traditional java developers - jar/war file is the final deliverable.
Image is definition of container. It is complete definition of environment.

In Docker - we run containers not jar/war file. It is complete environment which is self-contained and self-sufficient environment.

Docker Hub(similar to maven)

Dockerfile: To define content of the Image and following command creates image

docker image build -t tomcat_dockerfile .

Pushing to dockerhub

• docker login
• docker image tag d43 vdesu/dashboard  
• docker image push vdesu/dashboard

docker container run --network payables_network -d -p 9090:8080 vdesu/dashboard

Networking

•  docker network create payables_network

 Volumes and mount points

•  

Oracle DB: https://www.youtube.com/watch?v=ciYsDbBx80s

• Checkout the image on dockerhub
• docker login
• docker pull store/oracle/database-enterprise:12.2.0.1
• docker container run -v orcldata:/ORCL --network payables_network -d -p 1521:1521 --name orcldb store/oracle/database-enterprise:12.2.0.1
• docker ps -a
• docker logs -f <container id>
• docker exec -it <container> bash -c "source /home/oracle/.bashrc; sqlplus /nolog"
• connect sys as sysdba
• alter session set "_ORACLE_SCRIPT"=true;
• create user vdesu identified by vdesu1;
• grant all privileges to vdesu;
• select name from v$database;

Docker Compose

• Simple text file that contains config data of all containers (def of running architechture)
• 
  

Create Overlay Network

• docker network  create --driver overlay  payables_network

Docker Swarm

• docker swarm init  --advertise-addr  --to switch computer to swarm mode
• docker swarm join --token <token> 192.168.65.3:2377  -- to add worker
• docker swarm join-token manager   --add manager to swarm
• container inside swarm is Service
• docker service create run -d -p 8888:8080 --network <networkname> -rm <imagename>
•  docker node ls
   

DockerStack

• Stack is single application
• docker stack ls
• docker stack deploy -c <YAML filename> <slack name>
• docker service ls
• 
  

Kubernetes - Container & Orchestration system to overcome the following

• Compatibilty & dependency
• Long time setup
• Different dev/test/prod environments.
•  

With Docker, each component can be run in separate container with its own library & dependencies. Docker configuration can be done just once & all developers can use the same.

To define a docker container

• Build an image- Image is a complete environment(ie env variable, war/jar files, supporting software like jdk, tomcat)
• Maven can be used to build Image which is the unit of deployment
• Docker image is run in Container. So, container is instance of image or running image.

Container vs Virtual machine
Container

• Container is not a Full operating system. It is lighter and efficient than VM.
• Kernel - The main part of OS which handle low level services like memory mgmt, device drivers. This is the big and heavy weight component of OS.
• Container runs on top of host OS kernel. It is just a process running on linux.
• Ubutu, centos, redhat are Linux distributions. These are not Operating systems. These are sets of applications & tools.
• LXC- Linux containers is an operating system level virtualization method for running multiple isolated linux systems(containers) on a control host using a single linux kernel.

Docker Commands

• docker -v 
• docker image pull <image>
• docker container run --name MyUbuntu1 -it ubuntu bash
• docker rmi <image>
• docker container run -d -p 8888:8080 --network <networkname> -rm <imagename> -> -d to detatch or demon
• docker container ls
• docker container stop <docker id>
• docker container start <docker id>
• docker container rm <docker id>
• docker container prune -> to delete all stopped containers
• docker container logs <id>
• docker container exec -it <container> bash -> execute inside container
• docker image build -t <name> .  -> to build from Dockerfile
• docker container commit -a "Venkat Desu" <from container id> vdesuimage
• 
  

Sample docker file
FROM tomcat:8.5.16-jre8
expose 8080
add target/fleetman.war /usr/local/tomcat/webapps/ROOT.war
CMD ["catalina.sh","run"]

Alpine is a small linux distro, and it is often used as a "base" image, to keep the final image size small. Alpine doesn't contain a lot of unnecessary tools that you're never going to need.

hub.docker.com. -- similar to maven in java

Kubernetes(K8S)
Repository URL: Https://github.com/wardviaene/kubernetes-course

• Open source Orchestration system for docker containers
  
• Lets schedule containers on cluster of machines
• run multiple containers on one machine
• manage state of containers
• Setup
• minikube
• Tool that makes run kubernetes easlily on local
• works on one node machine
• minikube start  (or minikube start --vm-driver=hyperv)
  

Example Commands:

• kubectl config get-contexts
• kubectl config use-context <name>
• kubectl get nodes
•  
  
• start a server
• kubectl create deployment hello-minikube --image=k8s.gcr.io/echoserver:1.4
• expose service as NodePort
• kubectl expose deployment hello-minikube --type=NodePort --port=8181
• To know ip address and port of the service
• minikube service hello-minikube 
• kubectl get service hello-kubernetes
  
• Stop minikube VM
• minikube stop
• Delete the VM/cluster
• minikube delete
  

Minikube vs Docker Client vs Kops vs Kubeadm

• 
  

• Kubectl
• kubectl get pod
• kubectl describe pod <name>
  
• kubectl get nodes
• 
  
• kubectl describe pod <pod name>
  
• kubectl config get-contexts
• kubectl config use-context <context-name>
• kubectl run hello-kubernetes —image=k8s.gcr.io/echoserver:1.4 —port=8080
• kubectl expose deployment hello-kubernetes —type=NodePort
• kubectl get service hello-kubernetes
• kubectl expose pod nodehelloworld.example.com --type=NodePort --name dvhello-service
  
• kubectl get service
• kubectl describe service dvhello-service
• kubectl create -f deployment <yml file>
• kubectl get deployments
• kubectl get rs
• kubectl get pods
• kubectl expose deployment <deployment name> --type=NodePort
  
•  kubectl describe service <service name> --url
  
•  

Tools to install Kubernetes Cluster

• minikube & docker client for local setups
• kobs & kubeadm for production setups
• Kops install
• wget https://github.com/kubernetes/kops/releases/download/v1.4.1/kops-linux-amd64
• install kubectl

First Application

•  Setup Kubernetes cluster using Docker-desktop to create DEPLOYMENT
  
• kubectl config get-contexts
  kubectl get nodes
  Kubectl run hello-kubernetes —image=k8s.gcr.io/echoserver:1.4 —port=8080
  Kubectl expose deployment hello-kubernetes —type=NodePort
  Kubectl get service hello-kubernetes 
• Kubectl create deployment hello-kubernetes1 --image=k8s.gcr.io/echoserver:1.4
  kubectl expose deployment hello-kubernetes1 --type=NodePort --port=8181
  Kubectl get service hello-kubernetes 
• Setup Kubernetes cluster using minikube & verify the context
  
• minikube start
  
• kubectl config get-contexts
• kubectl config use-context <name>
• kubectl create deployment hello-minikube --image=k8s.gcr.io/echoserver:1.4
• kubectl expose deployment hello-minikube --type=NodePort --port=8181
• minikube service hello-minikube
•  
  
• kubectl get nodes
• POD
• A pod describes an application running on Kubernetes
• A pod can contain one or more tightly coupled containers that make up the app
• Apps can easily communicate with each other using local port numbers
• Create POD on Kubernetes cluster
• kubectl create -f <yml file>
• Expose Container outside of Cluster
•  

• kubectl create -f first-app/helloworld.yml 
• kubectl get pod
• How to test that pod is working
• port Forwarding
• kubectl port-forward dvhelloworld.example.com 8082:8080 
• curl localhost:8082
• Create Service
• kubectl expose pod dvhelloworld.example.com --type=NodePort --name=helloworldservice2 --port=8080
• kubectl get services
• localhost:port

HELM

• Best way to find, share and use software built for Kubernetes
• It is Package Manager for Kubernetes like apt,yum, homebrew
  
• Helm uses packaging format called Charts
• Bundle of yaml files
  
• Chart is a collection of files that describe set of Kubernetes resources
• A single chart can deploy app, piece of software, or a database
• Charts uses templates - typically developed by package manager
• They will generate yaml files that Kubernetes understands
• Templates can be seen as dynamic Yaml files
• helm create mychart
• chart.yaml
• values.yaml
• charts/  -> chart dependencies
  
• templates/deployment.yaml
• templates/service.yaml