-------------------------------------------------Kubernetes-------------------------------------------
----------------------------------------Node Selector ---------------------------------
This is used when we have to depoy the pod or replicas of pod in one particular node.
- kubectl label node nodename key=value -- to label a node
apiVersion: v1 kind: Pod metadata: name: node-selector spec: containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
--------------------------------------- taint -------------------------------------------------
- kubectl taint node nodename key=value:NoSchedule
The command is used to taint a node. When a node is tainted no new pods can be deployed on the particular node
- kubectl taint node nodename key=value:NoSchedule-
---------------------------------------- tolerance ---------------------------------------------
Tolerance is used when we need to run a pod on tainted node, when taint and tolerance matches pod get deployed on that particular node.
apiVersion: v1 kind: Pod metadata: name: node-selector spec: containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
tolerations:
- key: value: effect: NoSchedule operator: Equal
- containerPort: 80
tolerations:
------------------------------------------- Daemon set ---------------------------------------------------------
It is a type of workload controller that ensures that copy of pod is running on each node. when a new node is added daemon controller will automatically schedule pod on that node, if a node is removed corresponding pod is also terminated.
apiVersion: apps/v1 kind: DaemonSet metadata: name: daemon-set labels: name: test spec: selector: matchLabels: name: test template: metadata: labels: name: test spec: containers: - name: my-nginx image: nginx
--------------------------------------------------- Requests and limits ----------------------------------------
-
Request is asection in k8s where a pod can be created with maximum of given memory and cpu.
-
limits limit is something where a pod can ask for maximum memory and cpu and cannot ask beyond that limit.
apiVersion: apps/v1 kind: Deployment metadata: name: testing labels: name: test spec: selector: matchLabels: name: test template: metadata: labels: name: test spec: containers: - name: my-nginx image: nginx resources: limits: memory: 200Mi requests: cpu: 100m memory: 200Mi
----------------------------------------------- liveness probe --------------------------------------------------
- liveness probe is used to check if the container is till running correctly. if the probe fails kubernetes will automatically reatsrt conatiner to recover application. In below exmaple im using nginx image, so liveness probe sends http request to endpoint to determine pod is still running and healthy.
apiVersion: v1 kind: Pod metadata: name: nginx-pod spec: containers: - name: nginx-container image: nginx:latest ports: - containerPort: 80 livenessProbe: httpGet: path: / # The endpoint to hit for the probe port: 80 initialDelaySeconds: 15 periodSeconds: 10
----------------------------------------------- Readness probe --------------------------------------------------
- The readness probe is used to determine if conatiner is raedy to handle incoming traffic, if it fails the conatiners will be removed from the list of endpoints that receive traffic.
apiVersion: v1 kind: Pod metadata: name: nginx-pod spec: containers: - name: nginx-container image: nginx:latest ports: - containerPort: 80 readinessProbe: httpGet: path: / port: 80 initialDelaySeconds: 5 periodSeconds: 5
------------------------------------------------- startup probe -------------------------------------------
- This is used to know when a conatiner application has started.
apiVersion: v1 kind: Pod metadata: name: nginx-pod spec: containers: - name: nginx-container image: nginx:latest ports: - containerPort: 80 startupProbe: httpGet: path: / # The endpoint to hit for the probe port: 80 initialDelaySeconds: 10 periodSeconds: 5
---------------------------------------------------- secrets ---------------------------------------
- in k8s secrests is used to manage sensitive information such as API keys, passwords, certificates that shold key secrue.
- secrets.yml (withoutencoding)
apiVersino: v1 kind: Secret metadata: name: my-secret type: Opaque' stringData: username: root password: test
- secrets. (with encoding)
apiVersino: v1 kind: Secret metadata: name: my-secret type: Opaque' data: password: encoded value
- deployment.yml
apiVersion: apps/v1 kind: Deployment metadata: name: testing labels: name: test spec: selector: matchLabels: name: test template: metadata: labels: name: test spec: containers: - name: my-nginx image: nginx env: - name: MYSQL_ROOT_USER valueFrom: secretKeyRef: name: my-secret value: username - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: my-secret value: password
------------------------------------------------------Horizontal pod scaler ----------------------------------------------------
- when load increases on conatiner beyond 50 kubernetes automatically scales maxreplicas mentioned in maifest files
apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: spec: maxReplicas: 5 minReplicas: 2 scaleTragetRef: apiVersion: apps/v1 kind: Deployment name: my-dep metrics:
- type: Resource resource: name: memory target: type: Utilization averageUtilization: 50
--------------------------------------------------------- stateful set and headless service -----------------------------------
- each pod in statefulset is assigned with unique host name, it remains same even if pod is restarted or rescheduled.
when a statefulset is created, kubernetes automaically creates headless service. each pod is assigned a uinque DNS entry.
$(pod-name).$ (service-name).$(name-space).svc.cluster.local
- statefulset
apiVersion: apps/v1 kind: StatefulSet metadata: name: my-statefulset labels: run: test spec: serviceName: my-headless replicas: 3 selector: matchLabels: run: test template: metadata: labels: run: test spec: containers: - name: my-sql image: mysql:latest ports: - containerPort: 3306 2. headless service
apiVersion: v1 kind: Service metadata: name: my-headless spec: clusterIP: None selector: name: my-statefulset ports: - port: 3306 targetPort: 3306
------------------------------------------------------------- persistent volume claim ------------------------------------------------
- storage class
apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: ebs-sc provisioner: kubernetes.io/aws-ebs parameters: type: gp2 reclaimPolicy: Retain volumeBindingMode: WaitForFirstConsumer
- persistent volume claim
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: ebs-mysql-pv-claim spec: accessModes: - ReadWriteOnce storageClassName: ebs-sc resources: requests: storage: 4Gi 3. deployment
#04-mysql-deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:5.6
env:
- name: MYSQL_ROOT_PASSWORD
value: dbpassword11
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: claim-name
--------------------------------------- Ingress controller (nginx ingress controller) -------------------------------------- Ingress:
Ingress is an object that provides external access to services within cluster. it allows you to define rules for routing traffic based on hostname, path
IngressController:
This is responsible for implementing rules defined in ingress resource.
Ingress resource:
It is the place to define rules for routing external traffic to service within cluster. routes traffic based on hostname, path, routing rules.
- application deployment 1
apiVersion: apps/v1 kind: Deployment metadata: name: httpd spec: replicas: 1 selector: matchLabels: app: httpd template: metadata: labels: app: httpd spec: containers: - name: httpd image: httpd ports: - containerPort: 80 env: - name: TITLE value: "APACHE APP2"
apiVersion: v1 kind: Service metadata: name: httpd spec: type: ClusterIP ports:
- port: 80 selector: app: httpd
- application deployment 2
apiVersion: apps/v1 kind: Deployment metadata: name: nginx spec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx ports: - containerPort: 80 env: - name: TITLE value: "NGINX APP1"
apiVersion: v1 kind: Service metadata: name: nginx spec: type: ClusterIP ports:
- port: 80 selector: app: nginx
- ingress-resource
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: k8s-ingress annotations: nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/use-regex: "true" nginx.ingress.kubernetes.io/rewrite-target: /$2 spec: ingressClassName: nginx rules:
- http:
paths:
- path: /nginx(/|$)(.*) pathType: Prefix backend: service: name: nginx port: number: 80
- path: /httpd(/|$)(.*) pathType: Prefix backend: service: name: httpd port: number: 80
- path: /(.*) pathType: Prefix backend: service: name: nginx port: number: 80