Hello Kubernetes

Dans l'exemple qui va suivre, nous allons déployer la page web “hello World” sur notre cluster kubernetes RKE.

Pré requis

Pour notre lab rke :

Un cluster kubernetes RKE (3 masters / 2 Worker)
Un équipement de load-balancing : Front des workers nodes
Un nom de domaine : “hello.oowy.fr”

Création des manifests

On créer un deployment

kind: Deployment
apiVersion: apps/v1
metadata:
  name: hello-kubernetes
spec:
  replicas: 2
  selector:
    matchLabels:
      app: hello-kubernetes
  template:
    metadata:
      labels:
        app: hello-kubernetes
    spec:
      containers:
        - name: hello-kubernetes
          image: rbouikila/hello-kubernetes:1.9

On vérifie le deployment

bastion:~/deploy$ kubectl get deployment
NAME               READY   UP-TO-DATE   AVAILABLE   AGE
hello-kubernetes   2/2     2            2           144m

On vérifier le déploiement des pods

bastion:~/deploy$ kubectl get pods
NAME                                READY   STATUS    RESTARTS   AGE
hello-kubernetes-754cbb5469-g89hg   1/1     Running   0          26m
hello-kubernetes-754cbb5469-ltn46   1/1     Running   0          26m

On créer un service

kind: Service
apiVersion: v1
metadata:
  name: hello-kubernetes
spec:
  selector:
    app: hello-kubernetes
  ports:
    - port: 8080

On créer un ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: hello-kubernetes
  annotations:
    ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: hello.oowy.fr
    http:
      paths:
        - path: /
          backend:
            serviceName: hello-kubernetes
            servicePort: 8080

Il ne nous reste plus qu'a vérifier l'accès à la page web.

Manifests après Lint

Après avoir valider le déploiement de notre page Web “hello kubernetes”, nous pouvons utiliser le binaire “kube-linter”.

Cf. correctif

kind: Deployment
apiVersion: apps/v1
metadata:
  name: hello-kubernetes
  namespace: default
spec:
  replicas: 2
  selector:
    matchLabels:
      app: hello-kubernetes
  template:
    metadata:
      labels:
        app: hello-kubernetes
    spec:
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - hello-kubernetes
            topologyKey: "kubernetes.io/hostname"
      securityContext:
        runAsUser: 1000
      containers:
        - name: hello-kubernetes
          image: rbouikila/hello-kubernetes:1.9
          securityContext:
            readOnlyRootFilesystem: true
          resources:
            requests:
              memory: "128Mi"
              cpu: "250m"
            limits:
              memory: "128Mi"
              cpu: "500m"
---
kind: Service
apiVersion: v1
metadata:
  name: hello-kubernetes
  namespace: default
spec:
  selector:
    app: hello-kubernetes
  ports:
    - port: 8080
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: hello-kubernetes
  namespace: default
  annotations:
    ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: hello.oowy.fr
    http:
      paths:
        - path: /
          backend:
            serviceName: hello-kubernetes
            servicePort: 8080