Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • brucef-master-patch-88163
2 results
Bruce Flynn's avatar
Update README
Bruce Flynn authored
ddaeb745
History
Bruce Flynn's avatar ddaeb745
History
Name Last commit Last update
chart
test
Dockerfile
README.md
app.py
cron.py
requirements.txt
README.md

SSEC Brownbag: Kubernetes Q&A Example Code

Presented on 04 Nov, 2019 (Slides here)

NOTE: This is not intended as an example of best-practices for anything involved here, it's simply an dumping ground what I could think of off the top of my head to provide an example of as many K8S moving parts as I could.

Overview

This demo was developed using minikube v1.5.2 running kubernetes 1.16. It also makes use of Helm v2.

This is a demo of used various types of components provided by Kubernetes. The demo is deployed as a Helm chart and consists of a Python web application to which you can submit a string. Upon submission the App will create a Kubernetes Batch Job that will simply print out a message. There is also a Kubernetes Cron Job that will collect results and status from the Job and enter the data in a PostgreSQL database, the results of which will be availble to view in the App.

It makes use of the following Kubernetes resources

Requirements

MacOS Setup using Docker Desktop

If you have a Mac (or potententially Windows?) rather than use minikube you can use the Docker Desktop app to provide a Kubernetes cluster.

Instructions courtesy of RayG

helm can be had through macports (homebrew probably as well)

sudo port install helm-2.14
sudo port select --set helm helm2.14
helm init --history=max 200

ingress is also pretty quick to set up (note, can open ports to outside world!)

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud-generic.yaml

those are from the instructions at https://kubernetes.github.io/ingress-nginx/deploy/

Build our docker image

docker build -t say-hello .

Minikube setup

Start Minikube with the required plugins

minikube start
minikube addons enable helm-tiller
minikube addons enable ingress

Build our docker image

eval $(minikube docker-env)
docker build -t say-hello .

Install PostgreSQL

$he Helm PostgreSQL chart is configured using by overriding the default chart values with values from chart/pg-values.yaml.

The database password is set in a secret named in the values that must be created before deploying the app.

Replace <MYPASSWORD> with whatever you want the password to be.

kubectl create secret generic myapp --from-literal=postgresql-password=<MYPASSWORD>
helm install --name myappdb -f chart/pg-values.yaml stable/postgresql

NOTE: If you change the name here you will also have to set dburl when you deploy the myapp chart as the name will be part of the automatically provided cluster DNS name.

Install the App

The app is an unpackaged chart in ./chart/myapp and can be installed by giving helm the direct path to the chart.

helm install --name myapp ./chart/myapp

The app contains an initContainer configured to ensure the required DB table is created before the app starts.

As part of the app a CronJob will start a Job that will start a Pod to sync job status with the database.

Eventually, as the jobs complete the CronJobs should update the job status in the database and be available in the table in the app.

You can check the status of the app after it's installed by using either kubectl or the helm command:

kubectl get all -l app.kubernetes.io/name=myapp
helm status myapp

The app will be available via its Ingress and Service which will proxy conections into the cluster to one of the 3 replicas available at the cluster address IP address. Using minikube it will be http://$(minikube ip)/say-hello, or using Docker Desktop it will simply be http://localhost/say-hello

If you navigate to the above URL you should see a simple form where you can enter in some text. There should also be a table listing all the jobs currently in the database.

If you enter text and hit Submit the webapp will create and submit a K8S Batch Job from a template yaml file stored in a ConfigMap that will simply echo your text.

NOTE: Special permissions are required to submit jobs to the cluster from inside the cluster. A ServiceAccount is created as part of the Helm Chart with associated RBAC resources to provide the appropriate perms.

The submitted job can viewed like so:

kubectl get jobs <name>

Where <name> is the value from the table on the web page. The Pods created for the Job can be views like so:

kubectl get pods -ljob-name=<name>

Removing/Uninstalling

You can delete all components created as part of this particular Helm realse by doing the following:

helm delete --purge myapp

PostgreSQL is not part of the App and therefore will not be removed.

The --purge flag removes all trace of the release in Helm. You would probalby not use the --purge flag in production.