If you can’t feed a team with two pizzas, it’s too large. That limits a task force to five to seven people, depending on their appetites
Jeff Bezos
n = # of people
=> 15 links
=> 66 links
=> 1225 links
Two-pizza team (n=6)
2x two-pizza team
My company (~50 ppl)
(simple one)
"refers to an operating system feature in which the kernel allows the existence of multiple isolated user-space instances"
"Linux and Windows Server Containers are similar -- both implement similar technologies within their kernel and core operating system. The difference comes from the platform and workloads that run within the containers."
* create problem: works in my container ;)
exe
running exe
# get images
docker images
# get images with aspnet
docker images | grep aspnet
# get running containers
docker ps
# create image of name Name and tag Tag
docker build -t name:tag .
# tagging (many tags)
docker tag name newname:tag
docker tag newname:tag newname:tag2
# running container and mapping port 80 on local computer to 8080 on container
docker run --rm -it -p 8000:8080 name:tag
open http://127.0.0.1:8000/
# creates image from base image
FROM image:tag AS name
# adds labels to image
LABEL version="1.0"
# creates if no exists and sets PWD to /app folder
WORKDIR /app
# copy from local computer to image (second . is app folder, first . is our docker context)
COPY . .
# similar, but we can use url or tar file as a source (first .)
ADD . .
# executes command
RUN command
# sets env variables
ENV application=test
# informs docke that container listens on specific port
EXPOSE 8080
# default paremeters, easy to override
CMD [ "node", "index.js" ]
# default application, harder to override
ENTRYPOINT ["", ""]
Dev containers in VS Code
+
Plant UML
- Dev containers in VS Code
- PlantUML
# run plant UML server
docker run -d -p 8080:8080 \
plantuml/plantuml-server:jetty
# Run PKAD container
docker run -d -p 8080:8080 poznajkubernetes/pkad
# install local tunnel
npm install -g localtunnel
# run localtunnel
lt --port 8080 --subdomain secure
# open
open https://secure.loca.lt
# use
https://secure.loca.lt/ready
Deploy to
Azure web app
# Create resouce group
az group create \
--name $group \
-l westeurope
# Create app plan
az appservice plan create \
-n appPlan \
-g $group \
--sku B1 --is-linux
# Deploy
az webapp create --plan appPlan \
-n $app_name -g $group \
--deployment-container-image-name \
poznajkubernetes/pkad
az webapp config appsettings set \
-n $app_name -g $group \
--settings WEBSITES_PORT=8080
open https://$app_name.azurewebsites.net
ATTENTION:
DANGER! DANGER! DANGER!
apiVersion: apps/v1
kind: Deployment
metadata:
name: #{ApplicationName}#
spec:
selector:
matchLabels:
app: #{ApplicationName}#
replicas: 2
template:
metadata:
labels:
app: #{ApplicationName}#
spec:
containers:
- name: #{ApplicationName}#
image: #{image}#
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: #{ApplicationName}#
spec:
selector:
app: #{ApplicationName}#
ports:
- protocol: TCP
port: 80
targetPort: 80
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: #{ApplicationName}#
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
kubernetes.io/ingress.class: internal
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: #{ApplicationName}#
servicePort: 80
host: #{ApplicationName}#-app-#{EnvironmentName}#.internal.comapny.com
tls:
- secretName: internal.comapny.com
hosts:
- #{ApplicationName}#-app-#{EnvironmentName}#..internal.comapny.com
In cloud it is easy ;)
# create AKS
az aks create \
-g $group -n $aks_name \
--node-vm-size Standard_DS2_v2 \
--node-count 2 \
--generate-ssh-keys
- use it as any other Kubernetes cluster
# Get kubectl credentials
az aks get-credentials \
-n $aks_name \
-g $group --admin
Explanation in next slides
# apply == create or update :)
kubectl apply -f yaml/basic.yaml
# get public IP
kubectl get svc -w
Deploy PKAD
apiVersion: apps/v1
kind: Deployment
metadata:
name: pkad-dep
spec:
replicas: 1
selector:
matchLabels:
app: pkad-dep-app
template:
metadata:
labels:
app: pkad-dep-app
spec:
containers:
- name: pkad-dep
image: poznajkubernetes/pkad:blue
resources: {}
ports:
- containerPort: 8080
LoadBalancer (skip for now)
apiVersion: v1
kind: Service
metadata:
name: pkad-service
spec:
type: LoadBalancer
selector:
app: pkad-dep-app
ports:
- port: 80
targetPort: 8080
Scale to 3 replicas
# scale up
k scale deployment \
--replicas 3 pkad-dep
We already have it :)
# open website
- liveness
- readiness
# deploy
k apply -f yaml/probes.yaml
Full stuff :)
# deploy
k apply -f yaml/deployment.yaml
# watch
k get po -w
# validation
kubeval yaml/deployment-notvalid.yaml
#validation with strict
kubeval --strict yaml/deployment-notvalid.yaml
#validation with version
kubeval -v 1.10.6 --strict yaml/deployment-future.yaml
kubeval -v 1.18.0 --strict yaml/deployment-future.yaml
current=$(kubectl version --short | grep "Server" | \
awk '{split($0,a,": v"); print a[2]}')
kubeval -v $current --strict yaml/deployment-future.yaml
# prepare variables
export IMAGE=poznajkubernetes/pkad:red
# replace variables
envsubst < yaml/template.yaml > yaml/dep-ready.yaml
# validate
kubeval --strict yaml/dep-ready.yaml
# apply
kubectl apply -f yaml/dep-ready.yaml
# check rollout status
if ! kubectl rollout status deployment pkad-dep; then
# rollback
kubectl rollout undo deployment pkad-dep;
# rollback status
kubectl rollout status deployment pkad-dep;
echo "ERROR - should exit ;)"
fi