Ca sert à quoi ?

Les concepts de base

Le cluster

Le pod

Pourquoi ce besoin ?

Le replication controller

Le deployment

Le deployment

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: django
  labels:
    app: django
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: django
    spec:
      containers:
        - name: django-app
          # Replace  with your project ID or use `make template`
          image: gcr.io/test-kubernetes-255309/django
          # This setting makes nodes pull the docker image every time before
          # starting the pod. This is useful when debugging, but should be turned
          # off in production.
          imagePullPolicy: Always
          ports:
            - containerPort: 8000
          env:
            - name: DATABASE_URL
              valueFrom:
                secretKeyRef:
                  name: db-secret
                  key: DATABASE_URL
            - name: DJANGO_SETTINGS_MODULE
              valueFrom:
                configMapKeyRef:
                  name: django-config
                  key: DJANGO_SETTINGS_MODULE
            - name: SECRET_KEY
              valueFrom:
                configMapKeyRef:
                  name: django-config
                  key: SECRET_KEY
            - name: APP_ENV
              valueFrom:
                configMapKeyRef:
                  name: django-config
                  key: APP_ENV
            - name: LOG_PATH
              valueFrom:
                configMapKeyRef:
                  name: django-config
                  key: LOG_PATH
          readinessProbe:
            httpGet:
              port: 8000
              path: /api/health
        - image: gcr.io/cloudsql-docker/gce-proxy:1.16
          name: cloudsql-proxy
          command: [
              "/cloud_sql_proxy",
              "-instances=test-kubernetes-255309:europe-west2:django-psql=tcp:5432", # Change Me ! | format: project:region:db-name
              "-credential_file=/secrets/cloudsql/credentials.json",
            ]
          volumeMounts:
            - name: cloudsql-oauth-credentials
              mountPath: /secrets/cloudsql
              readOnly: true
      volumes:
        - name: cloudsql-oauth-credentials
          secret:
            secretName: cloudsql-oauth-credentials
        - name: cloudsql
          emptyDir:

Le service

Le service

Le service

Le service

  • ClusterIP (defaut)
  • NodePort
  • LoadBalancer

Le service

apiVersion: v1
kind: Service
metadata:
  name: django-service
  labels:
    app: django
spec:
  type: NodePort
  ports:
    - port: 8000
      targetPort: 8000
  selector:
    app: django

Les configMaps et secret

apiVersion: v1
kind: ConfigMap
metadata:
  name: django-config
  namespace: production
data:
  DJANGO_SETTINGS_MODULE: kube_django.settings.prod
  SECRET_KEY: toto
  APP_ENV: prod
  LOG_PATH: ./logs
apiVersion: v1
kind: Secret
metadata:
  name: db-secret
data:
  DATABASE_URL: cG9zdGdyZXM6Ly9wb3N0Z3JlczphZG1pbkAxMjcuMC4wLjE6NTQzMi9rdWJlLXBvc3RncmVz

db_secret.yaml

django_configmap.yaml

Les volumes

L'Ingress

L'Ingress

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: django-app-ingress
spec:
  rules:
    - http:
        paths:
          - path: /django-static/*
            backend:
              serviceName: statics-service
              servicePort: 80
          - path: /api/*
            backend:
              serviceName: django-service
              servicePort: 8000
          - path: /*
            backend:
              serviceName: react-service
              servicePort: 80

Merci !

Formation Kube

By Léo Anesi

Formation Kube

  • 230