Gachi beginners set up containers on Kubernetes? Until···

Participated in the "Java Küche" event!

An article that looks back on the event "Kubernetes Hackathon ~ Two days to immerse yourself in Docker and Kubernetes! ~" Held on August 23, 2019.

Teacher Microsoft Advocate: Kao Terada

Thank you very much. m (_ _) m

flow

This time, we will create a total of three resources in Azure, Ubuntu as an environment for stepping stones, the push destination of Dockerfile, and the environment for running Kubernetes.

As for the content, Create Docker image on Ubuntu. Push to Azure Container Registry (ACR). Start the container with Azure Kubernetes Service (AKS). Introduce up to.

Mr. Terada has put together the necessary files and information very neatly. GitHub link: https://github.com/yoshioterada/k8s-Azure-Container-Service-AKS--on-Azure

Alright! Let's do it!

Outlook account creation

Link: https://signup.live.com/signup

Create an Azure account and register with a credit card

Azure login page: https://portal.azure.com/#home

Create Ubuntu resources

Click "Create a resource" on the Azure console screen. Make Ubuntu 18.04 LTS version Create a new Resource grop! The virtual machine name is the same. The region is "Eastern Japan" SSH public key "password" ssh allow

Access the created Ubuntu environment with ssh.

Install Docker

Reference article: https://qiita.com/myyasuda/items/cb8e076f4dba5c41afbc

sudo apt-get update

sudo apt-get install apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable test edge"

sudo apt-get update

sudo apt-get install docker-ce

docker --version

Azure CLI installation

After this, I would like to cooperate with ACR and AKS. So I'll install the Azure CLI! Reference article: http://aka.ms/az-cli-install-jp curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash

// The difference between creating a Dockerfile and a Docker image ...

Git Clone Dockerfile

Move cd FrontService

Take a look at the Dockerfile cat 0-Dockerfile-for-Maven

docker build -t maven-include-localrepo:1.1 . -f 0-Dockerfile-for-Maven

Check if you were able to build it earlier. docker images

Creating an Azure Container Registry

// Kubernetes is an image that fetches Docker images via ACR. I think that. // Private version of docker hub Isn't it nice?

I want to push the created image to the Azure Continer Registry I mentioned earlier, so create it first.

Reference article: https://github.com/yoshioterada/DEIS-k8s-ACS/blob/master/CreateAzureContainerRegistry.md Create resource in browser Determine the registry name appropriately. The resource group is new and decided appropriately. The admin user has enabled it.

Then log in to ACR

Docker image creation and push preparation

// I have authenticated to ACR. (with docker login.)

Mr. Terada has put together a Docker image creation and push to ACR in a .sh file (2-build-create.sh). So, it seems that you should start sh with a command. However, specify the image to push and edit the two places of the repository to push with vi!

Push to ACR

This time, let's edit the source a little and create an image as v2!

vi src/main/java/com/yoshio3/frontspring/FrontController.java Let's change the return string, which is the best of all!

Alright, let's create it based on the changed source ./2-build-create.sh 2.0

Operation check

Launch image docker run -p 8080: 8080 -it [REPOSITORY name]: [x.x (TAG number)]

Let's open it in another tab and access it with curl to check it! curl http://localhost:8080/sample/hello

Next goal: I want to set up a container with AKS. First, go get the image in ACR!

On the Azure page, create a Create Kubernetes cluster.

Also, the resource group is new! Is the cluster name the same? Region is eastern Japan Set to Node count 1. Virtual node enabled

HTTP application ・ ・ ・ Yes

Install Kubectl command

az aks install-cli

Let's az-login

az login

Obtaining credentials for AKS connection

az aks get-credentials --resource-group [xxxx] --name [xxxx]

Do you want to check if the command can be used as a trial?

kubectl cluster-info And kubectl get node

I want to bring the image in ACR to Kubernetes

Kubernetes will not be able to access the ACR as it is. So, edit 3-create-secret4reg.sh with vi.

kubectl create secret docker-registry docker-reg-credential --docker-server=〇〇〇〇.azurecr.io --docker-username=〇〇 --docker-password="〇〇〇〇" [email protected]

Alright, I think I can go get the image with this!

Correct the fetched image name

Alright! I was able to specify the image to go for authentication and acquisition.

Run

Check if it is running

kubectl get po -w

Operation check

In another tab ... curl localhost:8080/sample/hello #Results are displayed

Make v2 and apply

Duplicate 4-create-deployment-svc.yaml to get 4-create-deployment-svc-v2.yaml. Edit with vi 4-create-deployment-svc-v2.yaml -Add "-v2" to the end of name: spring-front-service on the 4th line. ・ Play with images. If you set it to: 2.0, you will see the image of v2. -Set version to v2.

kubectl apply -f 4-create-deployment-svc-v2.yaml

Confirmation of v2 startup

kubectl get po

// Second, it may be good to check by port-forward.

Now we have successfully set up two containers with k8s! Hooray! !!

Let's filter!

kubectl get po --selector app=[],version=[v1] -> In other words, you can write a selector to control which pod to access! !! !!

Next, let's start a v2 container with Kubernetes and update v1 to v2.

About service

Let's create a service and start it. Feeling that service mediates access to the pod? ??

When you run pod, ip is generated fixedly. How do you manage it? Manual is hard. Actually, there are other ways to access pods besides ip. It's not good that ip changes frequently, isn't it?

Deployment liver => As long as you create a service and remember this unique IP address, you can change the pod with the service selector. Let's check 11-Service.yaml!

start service

kubectl apply -f 11-Service.yaml

Verification

kubectl get svc

merit

You can move to new pods while keeping the pods that are working normally. You can return it immediately! This is the great thing about kubernetes! !! !! !! It's hard to do it yourself. Just edit yaml.

By the way

Normally, service is type: ClusterIP! !! Well, if you really want to expose it to the outside even for a moment, set type: Load Balancer. But not good. Danger. Please be careful.

-> When there are multiple services, you can branch the service to be called according to the URL by grouping them in Ingress and setting the path in the Ingress settings.

Summary: It's a good idea to publish Ingress to the outside world.

Separate URLs with Ingress! Branch the pod with service. The image is service routing. Receptionist! !!

A convenient function for operating microservices.

Modify Ingress and try launching

vi 12-Ingress.yaml Modification: -host: front-service. [〇〇〇〇.aksapp.io] The content of this fix is pasted from the browser's resource "HTTP application routing domain"

Launch

kubectl apply -f 12-Ingress.yaml

Verification

kubectl get ing

access

http://[front-service.〇〇〇〇.japaneast.aksapp.io]/sample/hello

For the time being, the content of the event ends here.

The idea of design of fair

Kubernetes shouldn't be touched unless you have the mindset to make things on the premise that it will break. drop down. Reduce the range of influence. It is better to think on the premise of falling rather than trying to prevent it from falling. Consider the flow of reconstruction when it falls. How far will the Design of Fair go through? It will definitely fall.

Finally

Thank you very much, Mr. Terada! To be honest, Docker had been touching it for 30 minutes, so I somehow understood it, but Kubernetes was ignorant. Fortunately I was a mob pro, and I managed to finish it! !!

(´∀`)

Later, the three of us did the same thing with an acquaintance. This article was created based on a successful example at that time.

It's important to repeat.

Kubernetes ... I'm glad I felt a little microservices. I want to do it again! (^ ・ ^)

Recommended Posts

Gachi beginners set up containers on Kubernetes? Until···
Set up Gitolite on CentOS 7
Set up ansible-playbook on Ubuntu 20.04
Set up ImpressPages 5.0 with LAMP on CentOS 7.3
Set up Docker Registry locally on CentOS 7
Set up Metabase service on Windows Server 2012
Set up an SSH server on WSL2 Ubuntu 20.04
Steps to set up Postfix and Dovecot on CentOS 8.3
Steps to set up a VNC server on CentOS 8.3