By Tim Keaveny
———————————————————————————————————————
INSTALLING MINIKUBE
******************************************************************************
SETTING UP VIRTUALIZATION
******************************************************************************
[+] BEFORE WE BEGIN – Check If Virtualization is Supported On Your Operating System
- Before we begin we have to check if virtualization is supported on our OS.
- Run the following command for your corresponding OS
LINUX
- Run the following command and verify the output is NOT empty:
egrep –color ‘vmx|svm’ /proc/cpuinfo
MACOS
- Run the following command and verify if “VMX” is returned in the output.
- This indicates that the “VT-x” feature is supported on your OS
sysctl -a | grep machdep.cpu.features
WINDOWS
- To check if virtualization is supported on Windows 8 and above, run the following command on your Windows terminal or command prompt.
systeminfo
- If you see the following output, virtualization is supported on Windows.
- Hyper-V Requirements: VM Monitor Mode Extensions: Yes
Virtualization Enabled In Firmware: Yes
Second Level Address Translation: Yes
Data Execution Prevention Available: Yes
- If you see the following output, your system already has a Hypervisor installed and you can skip the next step.
- Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
******************************************************************************
INSTALLING KUBECTL
******************************************************************************
[+] Installing Kubectl
- Before continuing, ensure you have “kubectl” installed on your device/system
- The instructions are a bit lengthy, so for the time being, I’ll just post the links to the documentation until I have time to update this document.
LINUX
- The link to the “kubectl” install instructions for Linux:
MACOS
- The link to the “kubectl” install instructions for macOS:
WINDOWS
- The link to the “kubectl” install instructions for Windows:
******************************************************************************
INSTALLING MINICAB
******************************************************************************
[+] Installing Minikube
LINUX
- First you MUST to install a hypervisor such as “KVM” or “Virtualbox”
***Note: Minikube also supports a –vm-driver=none option that runs the Kubernetes components on the host and not in a VM. Using this driver requires Docker and a Linux environment but not a hypervisor***
- Using Package
- There are experimental packages for Minikube available; you can find Linux (AMD64) packages from Minikube’s releases page on GitHub.
- Use your Linux’s distribution’s package tool to install a suitable package.
- Using Direct Download
- If you’re not installing via a package, you can download a stand-alone binary and use that.
curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 \
&& chmod +x minikube
- Here’s an easy way to add the Minikube executable to your path:
sudo install minikube /usr/local/bin
MACOS
- First you MUST to install a hypervisor such as “Hyperkit”, “Virtualbox”, “VMware Fusion”
- There are a few ways to install “minikube”, the easiest being via “Homebrew”
- Using Homebrew:
brew cask install minikube
- Using Binary:
curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-darwin-amd64 \
&& chmod +x minikube
- Here’s an easy way to add the Minikube executable to your path:
sudo mv minikube /usr/local/bin
WINDOWS
- First you MUST to install a hypervisor such as “Hyper-V” or “Virtualbox”
- Using Chocolatey
- The easiest way to install Minikube on Windows is using Chocolatey (run as an administrator):
choco install minikube kubernetes-cli
- After Minikube has finished installing, close the current CLI session and restart.
- Minikube should have been added to your path automatically
[+] Cleanup Local State
- If you have previously installed minikube, and run:
minikube start
- And this command returns an error:
machine does not exist
- You need to clear minikube’s local state:
minikube delete
———————————————————————————————————————
GETTING STARTED WITH KUBERNETES – PODS
******************************************************************************
PODS OVERVIEW
******************************************************************************
[+] What is a Pod?
- A “Pod” is a group of one or more containers, such as Docker containers, and have shared storage, network, and specifications for how to run the containers.
[+] Our Objective
- We want to deploy a Microservice architecture to the cloud.
- In our demo we have a series of Microservices, and possibly Web Containers, and the developers have already packaged each Microservice into a Docker image.
- Going to a cloud provider such as AWS, spinning up an EC2 instance, and installing/running a Docker container to deploy our Microservice would be too much work.
- Instead, we want to use Kubernetes to orchestrate the system so Kubernetes is responsible for managing the starting and stopping of these containers.
[+] How Does Kubernetes Defines the Architecture?
- To define the architecture, Kubernetes has a lot of concepts:
- * Replica Sets
- * Services
- * Stateful Sets
- * Pods – (the most basic concept)
- * etc……
- For every container that we plan to deploy, we’re going to create a “Pod” in Kubernetes.
- You can think of each “Pod” as being a wrapper for a container.
- So every one of these Microservices is going to become a “Pod” in its own right.
- It’s basically going to be a 1:1 relationship.
- It’s perfectly possible to have more than one container in a single “Pod”.
- Let’s say a Microservice requires some help from a second container.
- A common example could be that we want to gather logs from this Microservice.
- We want to process these logs in some way, but DON’T want the processing of the logs to happen inside of the Microservice.
- So, we’ll have a second container to perform this kind of secondary function.
- The above scenario of multiple containers to a single Pod is a rare occurrence.
- * One notable exception is “pre-configured MongoDB configuration”.
- * This MongoDB configuration makes use of Helper Containers.
- * In fact, MongoDB calls them “Side COC Containers”
- Keep in mind that this is a rare scenario.
- *****One thing for certain, is that you NEVER want to have two Microservices in a single Pod.*****
- It makes absolutely no sense.
- Think of each Pod as implementing a single service.
******************************************************************************
API OBJECT
******************************************************************************
[+] API OVERVIEW
- This is an EXTREMELY important document that teaches us how to write Pods.
- This document will be continually referred to, and will show us how to write scripts that we need for Kubernetes.
- At the time of this demo, the Kubernetes API version we’ll be using is v1.15:
[+]
[+]
******************************************************************************
WRITING A POD
******************************************************************************
[+] The Basic Structure of a Pod File – “Hello World” example
- Below, you can find the contents of an example “Hello Word” Pod file.
- These file have the YAML extension type
- The “#” denotes a comment within the file
apiVersion: v1
# the object kind we’re defining
kind: Pod
metadata:
# the desired name for the Pod (REQUIRED!)
name: pod-example
labels:
name: pod-example
# where we define the cluster’s specs…
# to include the list of containers (generally one container per Pod!)
spec:
containers:
# desired name for the container
– name: ubuntu
# the image that the container will be built from.
image: ubuntu:trusty
# we can supply desired command and args (OPTIONAL!)
# most will come with a defualt command.
# this being a web container, if no cmd/args are supplied,
# it’ll automatically run an Nginx server on port 80
command: [“echo”]
args: [“Hello World!”]
resources:
limits:
memory: “128Mi”
cpu: “500m”
ports:
– containerPort: <Port>
[+] Our First Pod File
- For the first Pod we’re going to create, all we have to do is create a simple YAML file.
- We’ll just name this Pod “first-pod.yaml”
- Some things to keep aware of when creating your Pod YAML files are:
- * syntax is “camelCase“
- * “apiVersion” is one of the most finicky parts of the file to deal with
- * Use Spaces, NOT Tabs as YAML can be fussy about it (Unless your text editor is YAML aware….you have a package for YAML and/or Pod files)
- * Within YAML files, the “–“ indicates a List and should be on the same indent level as the List header
- Create a new YAML file called “first-pod.yaml“
touch first-pod.yaml
[+] Writing the Contents of first-pod.yaml
- We’ll fill our newly created “first-pod.yaml” file with the following contents:
apiVersion: v1
kind: Pod
metadata:
name: webapp
labels:
name: webapp
spec:
containers:
– name: webapp
image: richardchesterwood/k8s-fleetman-webapp-angular:release0
resources:
limits:
memory: “128Mi”
cpu: “500m”
******************************************************************************
RUNNING A POD
******************************************************************************
[+] Running Your Pod
- The first step is to make sure that “Minikube” is running.
- We can do this by running the following command:
minikube status
- Make sure that we are in the same directory as our newly created Pod file
- Now, we need to instruct Kubernetes to Read in this file and apply it to our Kubernetes cluster
- To do this we’re going to make use of the “kubectl” CLI tool
- Using “kubectl”, let’s view what we currently have defined in our Kubernetes cluster by running the “kubectl get all” command:
kubectl get all
- At this point we have yet to add anything to our Kubernetes cluster
- However, you’ll notice that there is one entry listed from the returned output named “service/kubernetes” that should look similar to the following:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 21h
- This is actually the REST service that is exposed by our Kubernetes cluster.
- Every time we run a kubectl command, kubectl is automatically posting this command to this REST api endpoint.
- We need to tell Kubernetes that we to deploy a Pod to the cluster.
- We can do this by using the “kubectl apply” command and passing the “-f” flag to specify the “final name”:
kubectl apply -f <the-name-of-the-desired-existing-pod>
kubectl apply -f first-pod.yaml
********
NOTE:
- When trying to run the above command, you may receive an error similar to the following:
error: SchemaError(io.k8s.api.apps.v1.StatefulSetUpdateStrategy): invalid object doesn’t have additional properties
- This is because the symlink that references kubectl is incorrect and calling to the wrong version of kubectl.
- If you have Docker installed in your environment, Docker by default installs its own instance/version of kubectl.
- To remedy this we must remove the old Symlink and instruct Homebrew to create a new Symlink that references the instance/version of kubectl we installed for Kubernetes
- First, check where the current Symlink for kubectl is pointing:
ls -l $(which kubectl)
- Run the following commands to accomplish the above mentioned steps:
rm /usr/local/bin/kubectl
brew unlink kubernetes-cli && brew link kubernetes-cli
- To verify if the changes were successful, run the following command again:
ls -l $(which kubectl)
[+] View the Web Pod
- The pod we’ve just created being a Web Pod, we would assume that it is exposed via port 80.
- However, Pods are NOT visible outside of the Kubernetes cluster.
- In order to visit our Kubernetes cluster in a web browser, we need to know the IP address of the Minikube cluster itself (i.e. the VM that Minikube has started).
- We can get the Minikube IP address by running the “minikube ip” command:
minikube ip
- In this demo, the returned value for the Minikube cluster is 192.168.99.100
- However, Pods aren’t intended to accessible via the web browser, so if you tried to visit the Minikube IP address, you’ll receive an error.
[+] Getting Info on a Pod
- To get information on a specific Pod, we can run the “kubectl describe pod” command and passing it the desired Pod name (NOT the Pod filename):
kubectl describe pod <desired-pod-name-here>
kubectl describe pod webapp
[+] Executing Commands Against a Pod
- We can run commands directly against a Pod in a way similar to that of the Docker command:
kubectl exec <desired-pod-name-here> <desired-command-to-execute-here>
kubectl exec webapp ls
[+] Generating a Shell for a Pod
- You can generate a Sell window for your container by running the following command:
kubectl -it [–interactive] exec <desired-pod-name-here> sh [shell]
kubectl -it exec webapp sh
- We can run a quick test to check the functionality of the container by running the following command (this will download the file located in the path/uri provided):
wget http://localhost:80
- See if we successfully retrieved the file at the specified path:
ls
- Now “cat” the file out to check its contents:
cat index.html
- What this hole test proves is that there IS a web server inside of this container, but we CANNOT access it from outside of the Pod