An article that looks back on the event "Kubernetes Hackathon ~ Two days to immerse yourself in Docker and Kubernetes! ~" Held on August 23, 2019.
Teacher Microsoft Advocate: Kao Terada
Thank you very much. m (_ _) m
This time, we will create a total of three resources in Azure, Ubuntu as an environment for stepping stones, the push destination of Dockerfile, and the environment for running Kubernetes.
As for the content, Create Docker image on Ubuntu. Push to Azure Container Registry (ACR). Start the container with Azure Kubernetes Service (AKS). Introduce up to.
Mr. Terada has put together the necessary files and information very neatly. GitHub link: https://github.com/yoshioterada/k8s-Azure-Container-Service-AKS--on-Azure
Alright! Let's do it!
Link: https://signup.live.com/signup
Azure login page: https://portal.azure.com/#home
Click "Create a resource" on the Azure console screen. Make Ubuntu 18.04 LTS version Create a new Resource grop! The virtual machine name is the same. The region is "Eastern Japan" SSH public key "password" ssh allow
ssh userName @ ipAdress
Reference article: https://qiita.com/myyasuda/items/cb8e076f4dba5c41afbc
sudo apt-get update
sudo apt-get install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable test edge"
sudo apt-get update
sudo apt-get install docker-ce
docker --version
After this, I would like to cooperate with ACR and AKS. So I'll install the Azure CLI!
Reference article: http://aka.ms/az-cli-install-jp
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
// The difference between creating a Dockerfile and a Docker image ...
Move
cd FrontService
Take a look at the Dockerfile
cat 0-Dockerfile-for-Maven
docker build -t maven-include-localrepo:1.1 . -f 0-Dockerfile-for-Maven
Check if you were able to build it earlier.
docker images
// Kubernetes is an image that fetches Docker images via ACR. I think that. // Private version of docker hub Isn't it nice?
I want to push the created image to the Azure Continer Registry I mentioned earlier, so create it first.
Reference article: https://github.com/yoshioterada/DEIS-k8s-ACS/blob/master/CreateAzureContainerRegistry.md Create resource in browser Determine the registry name appropriately. The resource group is new and decided appropriately. The admin user has enabled it.
Log in to docker. Give the username and ACR domain as command arguments. docker login -u [user name] [xxx.azurecr.io] Enter the password after
Required information can be confirmed with the access key on the details screen.
Information obtained on the details screen { user : 〇〇 login-server: 〇〇〇〇.azurecr.io pass: 〇〇〇〇〇〇〇〇 }
// I have authenticated to ACR. (with docker login.)
Mr. Terada has put together a Docker image creation and push to ACR in a .sh file (2-build-create.sh). So, it seems that you should start sh with a command. However, specify the image to push and edit the two places of the repository to push with vi!
vi 2-build-create.sh
DOCKER_IMAGE=〇〇〇〇/front-spring-service DOCKER_REPOSITORY=〇〇〇〇.azurecr.io
When you type a command, you can receive the version specification as an argument ... If it's the second time, set it to 2.0!
./2-build-create.sh [x.x]
Check if it is pushed with your browser!
vi src/main/java/com/yoshio3/frontspring/FrontController.java
Let's change the return string, which is the best of all!
Alright, let's create it based on the changed source
./2-build-create.sh 2.0
Launch image
docker run -p 8080: 8080 -it [REPOSITORY name]: [x.x (TAG number)]
Let's open it in another tab and access it with curl to check it!
curl http://localhost:8080/sample/hello
Next goal: I want to set up a container with AKS. First, go get the image in ACR!
Also, the resource group is new! Is the cluster name the same? Region is eastern Japan Set to Node count 1. Virtual node enabled
HTTP application ・ ・ ・ Yes
az aks install-cli
az login
az aks get-credentials --resource-group [xxxx] --name [xxxx]
kubectl cluster-info
And
kubectl get node
Kubernetes will not be able to access the ACR as it is. So, edit 3-create-secret4reg.sh with vi.
kubectl create secret docker-registry docker-reg-credential --docker-server=〇〇〇〇.azurecr.io --docker-username=〇〇 --docker-password="〇〇〇〇" [email protected]
kubectl get secret
!Alright, I think I can go get the image with this!
Change to the created ACR server name and container image name.
vi 4-create-deployment-svc.yaml
Corrected part 30th line. The content to enter is a long one in docker images. After /, write ver. `` image: 〇〇〇〇.azurecr.io/〇〇/front-spring-service:1.0 `
Correct a little below. Changed cpu 0.6 to 100m. 2 places
If you want to get 1.0, go above
template: metadata: labels: app: spring-front-service version: [Leave this as "v1"]
Alright! I was able to specify the image to go for authentication and acquisition.
kubectl apply -f 4-create-deployment-svc.yaml
kubectl get po -w
kubectl port-forward [spring-front-service-〇〇〇〇] 8080:8080
docker stop
to stop it.In another tab ...
curl localhost:8080/sample/hello
#Results are displayed
Duplicate 4-create-deployment-svc.yaml to get 4-create-deployment-svc-v2.yaml.
Edit with vi 4-create-deployment-svc-v2.yaml
-Add "-v2" to the end of name: spring-front-service on the 4th line.
・ Play with images. If you set it to: 2.0, you will see the image of v2.
-Set version to v2.
kubectl apply -f 4-create-deployment-svc-v2.yaml
kubectl get po
// Second, it may be good to check by port-forward.
Now we have successfully set up two containers with k8s! Hooray! !!
kubectl get po --selector app=[],version=[v1]
-> In other words, you can write a selector to control which pod to access! !! !!
Next, let's start a v2 container with Kubernetes and update v1 to v2.
Let's create a service and start it. Feeling that service mediates access to the pod? ??
When you run pod, ip is generated fixedly. How do you manage it? Manual is hard. Actually, there are other ways to access pods besides ip. It's not good that ip changes frequently, isn't it?
Deployment liver => As long as you create a service and remember this unique IP address, you can change the pod with the service selector. Let's check 11-Service.yaml!
kubectl apply -f 11-Service.yaml
kubectl get svc
You can move to new pods while keeping the pods that are working normally. You can return it immediately! This is the great thing about kubernetes! !! !! !! It's hard to do it yourself. Just edit yaml.
Normally, service is type: ClusterIP! !! Well, if you really want to expose it to the outside even for a moment, set type: Load Balancer. But not good. Danger. Please be careful.
-> When there are multiple services, you can branch the service to be called according to the URL by grouping them in Ingress and setting the path in the Ingress settings.
Separate URLs with Ingress! Branch the pod with service. The image is service routing. Receptionist! !!
A convenient function for operating microservices.
vi 12-Ingress.yaml
Modification: -host: front-service. [〇〇〇〇.aksapp.io]
The content of this fix is pasted from the browser's resource "HTTP application routing domain"
kubectl apply -f 12-Ingress.yaml
kubectl get ing
http://[front-service.〇〇〇〇.japaneast.aksapp.io]/sample/hello
For the time being, the content of the event ends here.
Kubernetes shouldn't be touched unless you have the mindset to make things on the premise that it will break. drop down. Reduce the range of influence. It is better to think on the premise of falling rather than trying to prevent it from falling. Consider the flow of reconstruction when it falls. How far will the Design of Fair go through? It will definitely fall.
Thank you very much, Mr. Terada! To be honest, Docker had been touching it for 30 minutes, so I somehow understood it, but Kubernetes was ignorant. Fortunately I was a mob pro, and I managed to finish it! !!
(´∀`)
Later, the three of us did the same thing with an acquaintance. This article was created based on a successful example at that time.
It's important to repeat.
Kubernetes ... I'm glad I felt a little microservices. I want to do it again! (^ ・ ^)
Recommended Posts