Ca sert à quoi ?
Les concepts de base
Le cluster
Le pod
Pourquoi ce besoin ?
Le replication controller
Le deployment
Le deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: django
labels:
app: django
spec:
replicas: 2
template:
metadata:
labels:
app: django
spec:
containers:
- name: django-app
# Replace with your project ID or use `make template`
image: gcr.io/test-kubernetes-255309/django
# This setting makes nodes pull the docker image every time before
# starting the pod. This is useful when debugging, but should be turned
# off in production.
imagePullPolicy: Always
ports:
- containerPort: 8000
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: db-secret
key: DATABASE_URL
- name: DJANGO_SETTINGS_MODULE
valueFrom:
configMapKeyRef:
name: django-config
key: DJANGO_SETTINGS_MODULE
- name: SECRET_KEY
valueFrom:
configMapKeyRef:
name: django-config
key: SECRET_KEY
- name: APP_ENV
valueFrom:
configMapKeyRef:
name: django-config
key: APP_ENV
- name: LOG_PATH
valueFrom:
configMapKeyRef:
name: django-config
key: LOG_PATH
readinessProbe:
httpGet:
port: 8000
path: /api/health
- image: gcr.io/cloudsql-docker/gce-proxy:1.16
name: cloudsql-proxy
command: [
"/cloud_sql_proxy",
"-instances=test-kubernetes-255309:europe-west2:django-psql=tcp:5432", # Change Me ! | format: project:region:db-name
"-credential_file=/secrets/cloudsql/credentials.json",
]
volumeMounts:
- name: cloudsql-oauth-credentials
mountPath: /secrets/cloudsql
readOnly: true
volumes:
- name: cloudsql-oauth-credentials
secret:
secretName: cloudsql-oauth-credentials
- name: cloudsql
emptyDir:
Le service
Le service
Le service
Le service
- ClusterIP (defaut)
- NodePort
- LoadBalancer
Le service
apiVersion: v1
kind: Service
metadata:
name: django-service
labels:
app: django
spec:
type: NodePort
ports:
- port: 8000
targetPort: 8000
selector:
app: django
Les configMaps et secret
apiVersion: v1
kind: ConfigMap
metadata:
name: django-config
namespace: production
data:
DJANGO_SETTINGS_MODULE: kube_django.settings.prod
SECRET_KEY: toto
APP_ENV: prod
LOG_PATH: ./logs
apiVersion: v1
kind: Secret
metadata:
name: db-secret
data:
DATABASE_URL: cG9zdGdyZXM6Ly9wb3N0Z3JlczphZG1pbkAxMjcuMC4wLjE6NTQzMi9rdWJlLXBvc3RncmVz
db_secret.yaml
django_configmap.yaml
Les volumes
L'Ingress
L'Ingress
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: django-app-ingress
spec:
rules:
- http:
paths:
- path: /django-static/*
backend:
serviceName: statics-service
servicePort: 80
- path: /api/*
backend:
serviceName: django-service
servicePort: 8000
- path: /*
backend:
serviceName: react-service
servicePort: 80
Merci !
Formation Kube
By Léo Anesi
Formation Kube
- 230