Building Scalable Architecture with Kubernetes Deployments A Deep Dive into Pod Creation,Service Discovery,Secret Manag.&Ingress Routing
Successfully Deploying Reddit Clone On Kubernetes Cluster
Before diving into Kubernetes deployments, it's important to ensure that your cluster is properly set up. If you haven't already configured your master and worker nodes, you can check out my blog post on cluster setup for a step-by-step guide. Once your cluster is up and running, you're ready to start deploying your microservices with Kubernetes
First create a dedicated namespace for your application to run in. Namespaces provide a way to organize and isolate resources within a Kubernetes cluster, and they're especially useful when running multiple applications or environments in the same cluster.
kubectl create namespace reddit-clone-ns
If you don't specify a namespace for your Kubernetes objects, they will be created in the default namespace by default.
Create YAML file for Pod
A Pod is the smallest and simplest unit in the Kubernetes object model. It represents a single instance of a running process in the cluster and can contain one or more containers that share the same network namespace and storage volumes
vim pod.yml
it will open pod.yml file in vim editor.
apiVersion: v1
kind: Pod
metadata:
name: reddit-clone
namespace: reddit-clone-ns #namespace.
spec:
containers:
- name: reddit-clone
image: sushrutnet/reddit-clone:latest #Docker image with the latest tag
ports:
- containerPort: 3000
To create this Pod run the following command
kubectl apply -f pod.yml
This will create the Pod and start the reddit-clone container with the specified image and port . You can check the Pod using following command.
kubectl get pods -n=reddit-clone-ns
When you create a Pod, the Kubernetes scheduler assigns it to a worker node in the cluster. The Pod's container run on that node, along with any other containers or Pods that are scheduled to run there.
Create YAML file for Deployment
Deployment is a high-level Kubernetes object that provides declarative updates to Pods and ReplicaSets. A deployment defines a desired state for a Pod template replica set and can perform continuous updates . Deployments are created and managed by users and used to manage the lifecycle of application updates and rollbacks.
vim deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: reddit-clone-deployment
namespace: reddit-clone-ns
labels:
app: reddit-clone
spec:
replicas: 3
selector:
matchLabels:
app: reddit-clone
template:
metadata:
labels:
To create this Pod run the following command
kubectl apply -f deployment.yml
You can check the Pod using following command.
kubectl get deployment -n=reddit-clone-ns
You can see 3 replicas where created you can modify them according to your need.
Create YAML file for Service
A service.yaml file is a configuration file used in Kubernetes to define a service. A service in Kubernetes is an abstraction layer that provides a stable IP address and DNS name for a set of pods in a deployment
vim service.yml
apiVersion: v1
kind: Service
metadata:
name: reddit-clone
namespace: reddit-clone-ns
spec:
type: NodePort
selector:
app: reddit-clone
ports:
# By default and for convenience, the `targetPort` is set to the same value as the `port` field.
- port: 3000
targetPort: 3000
# Optional field
# By default and for convenience, the Kubernetes control plane will allocate a port from a range (default: 30000-32767)
nodePort: 30007
The ports section specifies there ports to expose on the service.here the service exposes port 3000 and forwards traffic to targetPort: 3000 on the pods. Additionally, the nodePort field specifies the external port that will be used to access the service from outside the Kubernetes cluster. In this case, the service will be accessible externally at port 30007.
To access the application from outside of the Kubernetes cluster, you will need to ensure that your Kubernetes cluster is running in a cloud environment that allows inbound traffic on the NodePort 30007
http://<worker_node_public_ip>:30007
kubectl apply -f service.yml
Our Reddit clone Application running on the desired port🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩🤩
Secrete In Kubernetes
In Kubernetes, secrets are a way to securely store and manage sensitive information such as passwords, API keys, and other credentials that your applications need to access. Secrets can be used by pods to access external resources or by Kubernetes components to authenticate with each other.
IMP : Secrets in Kubernetes are stored as objects in the Kubernetes API server, and are stored as base64-encoded strings in etcd, the key-value store used by Kubernetes
YAML File With Secrets
apiVersion: v1
kind: Secret
metadata:
name: mysql-secrets
type: Opaque
data:
mysql-root-password: <base64-encoded-root-password>
mysql-user: <base64-encoded-user>
mysql-password: <base64-encoded-password>
Then use the secret in your MySQL deployment YAML file.
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
spec:
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:latest
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secrets
key: mysql-root-password
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: mysql-secrets
key: mysql-user
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secrets
key: mysql-password
INGRESS
Ingress is an API object that provides a way to expose HTTP and HTTPS routes from outside the cluster to services within the cluster. It allows external users to access your application through a single IP address and provides a way to route traffic to different services based on the URL path or domain name.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: reddit-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- host: your-domain.com
http:
paths:
- path: /api/?(.*)
pathType: Prefix
backend:
service:
name: reddit-api
port:
name: http
- path: /?(.*)
pathType: Prefix
backend:
service:
name: reddit-web
port:
name: http
Basically here you have to define path and services.
