Kubectl: create pod

Let’s try creating a pod.

  1. create a pod.ymlwith your favourite image:

Then:

kubectl create -f pod.yml

returns

pod/hello-pod created

but we need to check what’s going on behind the scenes with:

kubectl get pods

“kubectl get pods” warnings

kubectl get pods
NAME READY STATUS RESTARTS AGE
hello-pod 0/1 ContainerCreating 0 1m

kubectl describe pods

This:

Reason: ContainerCreating

is because it’s still creating the container.

kubectl get pods
NAME READY STATUS RESTARTS AGE
hello-pod 0/1 ImagePullBackOff 0 10m

Again:

kubectl describe pods

Reason: ImagePullBackOff

means there’s a problem with the image.

Check with:

docker inspect --type=image <name of image>:latest

I was getting:

Error: No such image:

So, let’s try another image. i.e. in pod.ymllet’s use:

image: hello-world:latest

Now create hits:

 

Let’s try deleting this pod with:

https://kubernetes.io/docs/tasks/run-application/force-delete-stateful-set-pod/

 

Let’s try --all as mentioned:

Solution is:

https://kubernetes.io/docs/tasks/run-application/force-delete-stateful-set-pod/

 

Let’s try create again:

What is a CrashLoopBackOff? How to alert, debug / troubleshoot, and fix Kubernetes CrashLoopBackOff events.

 

 

Other errors

Unable to connect to the server

Unable to connect to the server: dial tcp 192.168.64.5:8443: i/o timeout

  • check minikube is started

kubectl describe pods

 

 

 

Docker Networking: 3 major areas – CNM, Libnetwork, Drivers

CNM

aka Container Network Model. This is the Docker Networking Model.

Note: there is an alternative – CNI (aka Container Network Interface) from CoreOS which is more suited to Kubernetes. More here: https://kubernetes.io/blog/2016/01/why-kubernetes-doesnt-use-libnetwork/

The CNM has 3 main components:

  • Sandbox: contains configuration of container’s network stack (aka namespace in Linux)
  • Endpoint: joins Sandbox to a Network (aka network interface. e.g. eth0)
  • Network: group of Endpoints that can communicate directly

See also: https://github.com/docker/libnetwork/blob/master/docs/design.md

and

Libnetwork

aka Control & Management plane

https://github.com/docker/libnetwork

Cross platform and pluggable.

Real-world implementation of CNM by Docker.

Drivers

Data plane

Network-specific detail

  • Overlay
  • MACVLAN
  • IPVLAN
  • Bridge

 

 

Kubernetes: update a deployed application and rollback

To update a deployed application use set image.

E.g. successful

kubectl set image deployments/kubernetes-bootcamp kubernetes-bootcamp=jocatalin/kubernetes-bootcamp:v2

Check with:

kubectl get deployments

should show DESIRED, CURRENT, UP-TO-DATE in sync.

 

However, here’s an example of a failure

kubectl set image deployments/kubernetes-bootcamp kubernetes-bootcamp=gcr.io/google-samples/kubernetes-bootcamp:v10

Now:

kubectl get deployments

shows DESIRED, CURRENT, UP-TO-DATE  are out of sync.

E.g. kubectl get pods

shows 2 with a Status of ImagePullBackOff

and kubectl describe pods

shows in Events:

To undo the deployment, use:

kubectl rollout undo deployments/kubernetes-bootcamp

This reverts to the previous known state. i.e. v2and

kubectl get deployments shows the pods in sync.

 

From this great tutorial: https://kubernetes.io/docs/tutorials/kubernetes-basics/update/update-interactive/

Kubernetes: kubectl

kubectl lets you control the Kubernetes Cluster Manager.

https://kubernetes.io/docs/reference/kubectl/kubectl/

See also this great tutorial: https://kubernetes.io/docs/tutorials/kubernetes-basics/explore/explore-interactive/

 

If you run kubectl without any arguments you’ll get some information about it. E.g. some commands:

 

Following examples assume we’ve got the name of the Pod in $POD_NAME, e.g. using:

export POD_NAME=$(kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')

(for more on Go templates see Go: templates

 

delete

Deletes resources.

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#delete

Note that deleting a service does not stop an app running inside a container.

describe

Shows details of a resource.

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#describe

exec

Run commands on the container.

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#exec

E.g. to see environment variables:

kubectl exec $POD_NAME env

Or to get a terminal:

kubectl exec -it $POD_NAME bash

 

expose

Creates and exposes a new service to traffic.

Note: --type can be:

  • ClusterIP
  • NodePort
  • LoadBalancer
  • ExternalName.

Default is ClusterIP.

E.g. kubectl expose deployment/kubernetes-bootcamp –type=”NodePort” –port 8080

Running kubectl get services shows the new service.

List the port with describe services/kubernetes-bootcamp.

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#expose

get

Gets resources. E.g. for deployments:

get deployments

Services:

get services

Or pods:

get pods

Note: for a wider format use -o wide.

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get

Note: you can specify the output as ‘template’ and provide a Go template as the value of the --template flag, to filter the attributes of the fetched resources. E.g.

kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'

For more on Go Templates see: https://golang.org/pkg/text/template/

logs

Prints logs for a container in a pod.

Anything the application sends to STDOUT becomes the logs for the container.

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#logs

proxy

Creates a proxy (note: this is blocking so need to run it in a new terminal) that forwards communications into the cluster-wide private network which we can query directly using the API. E.g.

curl http://localhost:8001/version

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#proxy

rollout

Manage the rollout of a resource. E.g.

kubectl rollout status deployments/kubernetes-bootcamp

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#rollout

run

runNAME –image=… –port=…

This:

  • searches for a node
  • schedules the application (i.e. the image) to run on that node
  • configures the cluster to the instance on a new node when needed

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#run

scale

Sets a new size. E.g. number of pods in a deployment.

Trying this on kubernetes.io I scaled beyond capacity and got:

Unable to connect to the server: net/http: TLS handshake timeout

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#scale

set

Configure application resources – e.g. to update a deployment

See also Kubernetes: update a deployed application and rollback

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#set

 

 

GKE – Google Kontainer Engine

GKE is Google’s Kubernetes service and layered on top of Google Compute Engine(aka GCE) which provides the compute instances.

Note that Container Engine (as referred to in some older documentation) was renamed as Kubernetes Engine back in November 2017.

Note: the submenus have moved as follows:

Compute > Container Engine > Container clusters -> Compute > Kubernetes Engine > Container clusters

Compute > Container Engine > Container Registry (aka Google’s hosted Docker Registry) -> Tools > Container Registry

E.g. spinning up a cluster:

  1. go to Compute > Kubernetes Engine > Container clusters and Add New
  2. select a Zone (by the way, interesting how europe-west1-a is missing. Apparently they took it down for maintenance years ago and never brought it back up! )
  3. leave Nodes at default: 3 (doesn’t include master – e.g. apiserver and scheduler)
  4. click Create (note the Equivalent REST or command line links below)
  5. to see details once created, click your cluster. It should reveal:
    1. apiserver endpoint IP address
  6. click Shell icon (top right) to get a Cloud Shell. e.g.
    1. gcloud container clusters list
  7. click Connect (to right of cluster), paste in shell => configures kubectl to connect to our new cluster. e.g.
    1. kubectl get nodes
  8. can https to our new endpoint

 

 

 

AWS Fargate

Fargate

AWS Fargate is a compute engine for Amazon ECS and EKS that allows you to run containers without having to manage servers or clusters. With AWS Fargate, you no longer have to provision, configure, and scale clusters of virtual machines to run containers.

https://aws.amazon.com/fargate/

Fargate is not currently (August 2018) available in the UK.

How does this differ from ECS (Elastic Container Service) and EKS (Elastic Container Service for Kubernetes) though?

ECS

Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS. Amazon ECS eliminates the need for you to install and operate your own container orchestration software, manage and scale a cluster of virtual machines, or schedule containers on those virtual machines.

https://aws.amazon.com/ecs/

ECS was first to market as a commercial container service between the big players and is now suffering as it’s rather out-dated. It’s basically Docker as a Service offering a Docker Registry (aka Amazon Elastic Container Registry or ECR) and support in its CLI for Docker Compose.

EKS

EKS (aka Amazon Elastic Container Service for Kubernetes) is a managed Kubernetes service.

The differences? Use:

  • ECS if you like using Docker
  • EKS if you like Kubernetes
  • Fargate if you don’t want to managing either Docker or Kubernetes

See also https://dzone.com/articles/ecs-vs-eks-vs-fargate-the-good-the-bad-the-ugly