changed 2 years ago
Published Linked with GitHub

DevOps Training Session 13: Cloud - K8s Overview

tags: devops reliable research

Hello btb again, on this session i will talk about K8s(Kubernetest) for supplied and platform for deployment and manage container inside and it call container orchestration. Let implement >

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

Overview

On the overview everything with k8s, i want to put the declare and concept for K8s because it will cover anything inside cluster through this >

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

I just talk about some about concept of type workload inside cluster include
Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

  • Pods is the minimal thing in cluster
  • Tt will place run container inside
  • Pods can run many container
  • It will association with volume like disk, file to collect data
  • But so to managing mutiple pods we have multiple method include:
    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

Implement

  • On this session we will deploy cluster via terraform and deploy pods for building application
  • So we will construct terraform for cluster via this tree folder
    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →
  • With cluster k8s we need 3 module:
    • Networking
    • IAM
    • AKS
## IAM
## main.tf
# Assign the role for k8s
resource "azurerm_role_assignment" "k8s" {
  principal_id                     = var.principal_id
  scope                            = var.container_registry_id
  role_definition_name             = "AcrPull"
  skip_service_principal_aad_check = true
}

resource "azurerm_role_definition" "k8s-fileshare" {
  name        = "Read FileShares"
  scope       = var.resource_group_root_id
  description = "This is a custom role created via Terraform"
  permissions {
    actions     = [ "Microsoft.Storage/storageAccounts/fileServices/shares/action",
                    "Microsoft.Storage/storageAccounts/fileServices/shares/delete",
                    "Microsoft.Storage/storageAccounts/fileServices/shares/read",
                    "Microsoft.Storage/storageAccounts/fileServices/shares/lease/action",
                    "Microsoft.Storage/storageAccounts/fileServices/shares/write",
                    "Microsoft.Storage/storageAccounts/listKeys/action" ]
    not_actions = []
    data_actions = []
    not_data_actions = []
  }                
}

resource "azurerm_role_assignment" "k8s-fileshare" {
  principal_id                     = var.cluster_id
  scope                            = var.storage_account_id
  role_definition_id               = azurerm_role_definition.k8s-fileshare.role_definition_resource_id
  skip_service_principal_aad_check = true
}

## Networking
## main.tf
# Create Virtual Network
resource "azurerm_virtual_network" "main" {
  name                = "${var.environment}-network"
  address_space       = var.address_space
  location            = var.resource_group_location
  resource_group_name = var.resource_group_name
  tags = var.tags
}

resource "azurerm_subnet" "cluster" {
  name                 = "${var.environment}-subnet-cluster"
  resource_group_name  = var.resource_group_name
  virtual_network_name = azurerm_virtual_network.main.name
  address_prefixes     = var.address_prefixes
  service_endpoints    = var.service_endpoints
}

## AKS
## main.tf
resource "azurerm_kubernetes_cluster" "main" {
  name                = "${var.environment}-k8s"
  location            = var.resource_group_location
  resource_group_name = var.resource_group_name
  dns_prefix          = "${var.environment}-k8s-dns"
  tags = var.tags

  node_resource_group = "${var.resource_group_name}-k8s-infra"
  automatic_channel_upgrade = var.automatic_channel_upgrade
  http_application_routing_enabled = true
  kubernetes_version = var.kubernetes_version

  default_node_pool {
    name       = var.default_node_pool_name
    node_count = var.node_count
    vm_size    = var.vm_size
    vnet_subnet_id = var.subnet_node_pools_id
  }

  identity {
    type = "SystemAssigned"
  }
}
  • After create all thing with terraform so i will use the pipeline in the Pipeline session for doing deploy this cluster
  • After complete this pipeline you will have
  • Go to next step we will using the helm > HELM is tool using for interact with k8s through chart template. And helm can be provided by terraform so easily
  • We will create a helm-template for k8s. Notice, do the right syntax it will work if not it will break all
## Chart.yaml
apiVersion: v2
name: web-app1
description: A Helm chart for kubernetes
type: application
version: 0.1.0
appVersion: "1.16.0"

## values.yaml
# general parameters
namespace: devops
# deployments parameters
replicasCount: 1
image:
  name: app1
  repository: <name of repository>
  tag: latest
  containerPort: 80
resources:
  memory: "256Mi"
  cpu: "0.1"
env:
  valueMessage: "App 1 "
  valuePort: "80"
  secret: mysecret
# service parameters
service:
  protocol: TCP
  portExpose: 80
  portTarget: 80

serviceAccountName: service-account-1

## deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ .Chart.Name }}
  labels:
    app: {{ .Chart.Name }}
  namespace: {{ .Values.namespace }}
spec:
  replicas: {{ .Values.replicasCount }}
  selector:
    matchLabels:
      app: {{ .Chart.Name }}
  template:
    metadata:
      labels:
        app: {{ .Chart.Name }}
    spec:
      serviceAccountName: {{ .Values.serviceAccountName }}
      containers:
      - name: {{ .Values.image.name }}
        image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
        ports:
        - containerPort: {{ .Values.image.containerPort }}
        resources:
          limits: 
            memory: {{ .Values.resources.memory }}
            cpu: {{ .Values.resources.cpu }}
        env:
          - name: MESSAGE
            value: '{{ .Values.env.valueMessage }}'
          - name: PORT
            value: '{{ .Values.env.valuePort }}'
  • After using helm-release of terraform you have the application from register for wat ever you want.
## main.tf
resource "helm_release" "app1" {
    name = "app1"
    namespace = kubernetes_namespace.deployment.metadata[0].name
    chart = "${dirname(dirname(dirname(dirname(abspath(path.module)))))}/kubernetes/app1/"
    depends_on = [
      helm_release.rbac
    ]
}

Conclusion

  • This session, i talk about the wat ever you want k8s and what k8s can implement and pods inside it.
  • Sorry, if it not perfection version because i don't have much time to run and explain every line. So hopefully if i have more time i will reproduce this session

Reference

helm-doc
helm-release
k8s-concept
deployment-k8s

Select a repo