Kubernetes ========== ## Install ### Prerequisites 1. Bash v5+ checkout [Upgrading Bash on macOS](https://itnext.io/upgrading-bash-on-macos-7138bd1066ba) 2. bash-completion@2 ### Install Docker and Kubernetes(k8s) > Installing *Docker* and *Kubernetes* on **MacOS** is eazy. Download and install `Docker for Mac` **Edge** Version. [Download Link](https://hub.docker.com/editions/community/docker-ce-desktop-mac) After installation, you get `Docker` engine with option to enable `Kubernetes` and `kubectl` cli tool on your `MacOS`. ### Install bash-completion for MacOS (Bash v5+) ```bash brew install bash-completion@2 ``` Paste this into your ~/.extra or ~/.bash_profile file: ```bash # bash-completion used with Bash v5+ export BASH_COMPLETION_COMPAT_DIR="/usr/local/etc/bash_completion.d" [[ -r "/usr/local/etc/profile.d/bash_completion.sh" ]] && . "/usr/local/etc/profile.d/bash_completion.sh" ``` ### Enable kubectl auto-completion for MacOS (Bash v5+) ```bash kubectl completion bash > $(brew --prefix)/etc/bash_completion.d/kubectl alias k=kubectl complete -F __start_kubectl k ``` ### Creating a Kubernetes cluster 1. After Docker for Mac is installed, configure it with sufficient resources. You can do that via the [Advanced menu](https://docs.docker.com/docker-for-mac/#advanced) in Docker for Mac's preferences. Set **CPUs** to at least **4** and Memory to at least **8.0 GiB**. 2. Now enable Docker for Mac's [Kubernetes capabilities](https://docs.docker.com/docker-for-mac/#kubernetes) and wait for the cluster to start up. 3. Follow instructions [here](https://github.com/kubernetes/dashboard/wiki/Installation) to setup **k8s Dashboard**. 1. `kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/alternative/kubernetes-dashboard.yaml` 2. `kubectl get pods --namespace kube-system` 3. `kubectl port-forward kubernetes-dashboard-86bcb9fc9c-nw7md 9090:9090 --namespace=kube-system` 4. Access Dashboard at http://localhost:9090 4. Follow instructions [here](https://github.com/knative/docs/blob/master/install/Knative-with-Docker-for-Mac.md) to setup **Istio** and **Knative**. --- ## Install Tools (Optional) ### Helm [helm][1] has client-side cli and server-side `tiller` components Install Helm via `brew`. More info [Here](https://collabnix.com/kubernetes-application-deployment-made-easy-using-helm-on-docker-for-mac-18-05/) ```bash # install helm cli on mac with brew brew install kubernetes-helm ``` #### To begin working with Helm install tiller into the kube-system This will install Tiller to your running Kubernetes cluster. It will also set up any necessary local configuration. ```bash helm init ``` #### Check if it is working ``` # check version helm version # show if tiller is installed kubectl get pods --namespace kube-system # upgrade helm version helm init --upgrade ``` #### Using Helm ``` # update charts repo helm repo update # install postgre chart # helm install --name nginx stable/nginx-ingress helm install --name pg --namespace default --set postgresPassword=postgres,persistence.size=1Gi stable/postgresql kubectl get pods -n default # list installed charts helm ls # delete postgre $ helm delete my-postgre # delete postgre and purge $ helm delete --purge my-postgre ``` #### You can also create your own Chart by using the scaffolding command ```bash helm create mychart ``` This will create a folder which includes all the files necessary to create your own package : ``` ├── Chart.yaml ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── deployment.yaml │ ├── ingress.yaml │ └── service.yaml └── values.yaml ``` ### kompose > cli tool to conver Docker Compose files to Kubernetes ```bash # install brew install kompose # to use kompose convert -f docker-compose.yaml ``` ### Kubefwd > [kubefwd](https://github.com/txn2/kubefwd) is a command line utility built to port forward some or all pods within a Kubernetes namespace #### Install ```bash # If you are running MacOS and use homebrew you can install kubefwd directly from the txn2 tap: brew install txn2/tap/kubefwd # To upgrade brew upgrade kubefwd ``` #### Usage ```bash # Forward all services for the namespace the-project: sudo kubefwd services -n the-project # Forward all services for the namespace the-project where labeled system: wx: sudo kubefwd services -l system=wx -n the-project ``` --- ## Usage ### kubectl Cheat Sheets > To read more on kubectl, check out the [Kubectl Cheat Sheet](https://kubernetes.io/docs/reference/kubectl/cheatsheet/). ### Kubectl commands > commonly used Kubectl commands ``` kubectl version kubectl cluster-info kubectl get storageclass kubectl get nodes kubectl get ep kube-dns --namespace=kube-system kubectl get persistentvolume kubectl get PersistentVolumeClaim --namespace default kubectl get pods --namespace kube-system kubectl get ep # Show Merged kubeconfig settings. kubectl config view kubectl config get-contexts # Display the current-context kubectl config current-context kubectl config use-context docker-desktop kubectl port-forward service/ok 8080:8080 8081:80 -n the-project ``` ### Namespaces and Context > Execute the kubectl Command for Creating Namespaces ```bash # Namespace for Developers kubectl create -f namespace-dev.json # Namespace for Testers kubectl create -f namespace-qa.json # Namespace for Production kubectl create -f namespace-prod.json ``` > Assign a Context to Each Namespace ``` # Assign dev context to development namespace kubectl config set-context dev --namespace=dev --cluster=minikube --user=minikube # Assign qa context to QA namespace kubectl config set-context qa --namespace=qa --cluster=minikube --user=minikube # Assign prod context to production namespace kubectl config set-context prod --namespace=prod --cluster=minikube --user=minikube ``` > Switch to the Appropriate Context ``` # List contexts kubectl config get-contexts # Switch to Dev context kubectl config use-context dev # Switch to QA context kubectl config use-context qa # Switch to Prod context kubectl config use-context prod kubectl config current-context ``` > see cluster-info ```bash kubectl cluster-info ``` > nested kubectl commands ```bash kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=servicegraph -o jsonpath='{.items[0].metadata.name}') 8082:8088 ``` > kubectl proxy creates proxy server between your machine and Kubernetes API server. By default it is only accessible locally (from the machine that started it). ``` kubectl proxy --port=8080 curl http://localhost:8080/api/ curl http://localhost:8080/api/v1/namespaces/default/pods ``` ### Accessing logs ```bash # get all the logs for a given pod: kubectl logs my-pod-name # keep monitoring the logs kubectl -f logs my-pod-name # Or if you have multiple containers in the same pod, you can do: kubectl -f logs my-pod-name internal-container-name # This allows users to view the diff between a locally declared object configuration and the current state of a live object. kubectl alpha diff -f mything.yml ``` ### Execute commands in running Pods ```bash kubectl exec -it my-pod-name -- /bin/sh ``` ### CI/CD > Redeploy newly build image to existing k8s deployment ``` APP_NAME=ngx-starter-kit BUILD_NUMBER:1.0.0-SNAPSHOT kubectl set image -f kubernetes/sample-app-deployment.yaml sample-app= xmlking/$APP_NAME:$BUILD_NUMBER ``` ### Rolling back deployments > Once you run `kubectl apply -f manifest.yml` ```bash # To get all the deploys of a deployment, you can do: kubectl rollout history deployment/DEPLOYMENT-NAME # Once you know which deploy you’d like to roll back to, you can run the following command (given you’d like to roll back to the 100th deploy): kubectl rollout undo deployment/DEPLOYMENT_NAME --to-revision=100 # If you’d like to roll back the last deploy, you can simply do: kubectl rollout undo deployment/DEPLOYMENT_NAME ``` ### Tips and Tricks ```bash # Show resource utilization per node: kubectl top node # Show resource utilization per pod: kubectl top pod # if you want to have a terminal show the output of these commands every 2 seconds without having to run the command over and over you can use the watch command such as watch kubectl top node # --v=8 for debuging kubectl get po --v=8 ``` #### Debug k8s For many steps here you will want to see what a `Pod` running in the k8s cluster sees. The simplest way to do this is to run an interactive busybox `Pod`: ```bash kubectl run -it --rm --restart=Never busybox --image=busybox sh ``` #### iTerm2 tips > in iTerm2 1. split screen horizontally 2. go to the bottom screen and split it vertically I was using top screen for the work with yaml files and kubectl. Left bottom screen was running: watch kubectl get pods Right bottom screen was running: watch "kubectl get events --sort-by='{.lastTimestamp}' | tail -6" With such setup it was easy to observe in real time how my pods are being created. --- ## Reference [1]: https://docs.helm.sh/using_helm/#installing-helm 1. [Debug Services](https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service/) 2. [Docker for Mac with Kubernetes — Enable Ingress and K8S Dashboard](https://medium.com/@thms.hmm/docker-for-mac-with-kubernetes-ingress-controller-with-traefik-e194919591bb) 3. [Example recipes for Kubernetes Network Policies](https://github.com/ahmetb/kubernetes-network-policy-recipes)