loading...

Kubernetes : how to deploy as a beginner and by yourself

skylerdevops profile image Skyler ・4 min read

Kubernetes is one of those things that is very easy if simplified correctly but can be a tad hard once you start looking at the details. Do not worry about details right now, try to get something going.

Let's get to it.

Kubernetes is one of those things that is very easy if simplified correctly but can be a tad hard once you start looking at the details. Do not worry about details right now, try to get something going, and believe me, with time and experience, everything will make sense. :)

A couple of basics "reminders" first. I will not bore you with the definition, I assume you know what it is.
Kubernetes stands on multiple "core" resources. You can add others (as StatefulSets, LimitRange, …) but with those, you will have something working :

  • Services. It is basically what defines access to pods,
  • Deployments: you declare the pods and the replicas you want (how many pods you want),
  • Ingress: manage how to access your services in a cluster,
  • Ingress Controller: I highly recommend Ingress Nginx Controller,
  • Namespaces: Environments.

On top of that, you would add DNS names (route53 …) and certificates.

To deploy, you would follow those "general" steps:

  1. Create the cluster,
  2. Create the Ingress controller and load balancer, link the DNS/certificates,
  3. Write the resources needed (deployments, ingress, …), those "needs" to be cut by environments and applications.

In this series, we will be focusing on EKS.

Create the cluster:

You can create a cluster in various ways, with the console, CloudFormation and Terraform. I have tried those 3 different ways. I started with the Cloudformation, then went on manual then Terraform. I am someone that needs to understand how something works, therefore the need to do manually before going to TF.

I followed the guide of AWS https://docs.aws.amazon.com/eks/latest/userguide/getting-started-console.html and can only recommend it. I do know I struggled at the beginning, here are a few things I remembered:

  • You need to install everything in the same VPC.
  • At the time, totally private clusters were not possible. I think they are working on this, but something will always be open. I reckon it was because the instances need to register they are Kubernetes. But that was in v1.10. The situation might have changed.
  • If something does not work, try the "let me open too many ports, check it works, then restrict gradually".

The best thing I can recommend is to try to do it a couple of times. If you struggle, twitter has a big kubernetes community. Feel free to contact me as well (@SkylerDevops or in the comments here).

Create the Ingress Controller and Load balancer

To be honest, this guide (https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-with-cert-manager-on-digitalocean-kubernetes [you don't need the cert-manager]) is really straight forward and easy to follow.

An Ingress Controller basically gets the request someone places and send it to the correct services/deployment. I would suggest creating the nginx ingress controller, then the load balancer. The LB can take some time to appear in AWS.
Here is the NLB version:

kind: Service
apiVersion: v1
metadata:
  name: ingress-nginx
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-type: nlb
    service.beta.kubernetes.io/aws-load-balancer-internal: "true"
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: #{Certificate}
    service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https"
    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "ssl"
spec:
  externalTrafficPolicy: Cluster
  type: LoadBalancer
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
  ports:
    - name: http
      port: 80
      targetPort: http
    - name: https
      port: 443
      targetPort: https

Write the resources needed

I will give you the template I am currently using. Feel free to tweak it.
With time, you might look into moving the environment variables to a ConfigMap. Envs are not the "safest" way to do, but they do the job good enough.
You don't need to use the same ports than me. However, you will need to expose those ports in your Dockerfile.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: #{Name}
  namespace: #{Namespace}
spec:
  replicas: 2
  selector:
    matchLabels:
      app: #{Name}
  template:
    metadata:
      labels:
        app: #{Name}
    spec:
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: app
                  operator: In
                  values:
                  - #{Name}
      containers:
        - name: #{Name}
          image: #{AWSAccount}.dkr.ecr.#{Region}.amazonaws.com/#{Name}:#{Number}
          env:
            - name: "something"
              value: "something"
          ports:
            - containerPort: 80
              name: #{ContainerPort}


---
apiVersion: v1
kind: Service
metadata:
  name: #{Name}-svc
  namespace: #{Namespace}
spec:
  ports:
    - port: 8080
      targetPort: 80
  selector:
    app: #{Name}
  type: NodePort

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: #{Name}
  namespace: #{Namespace}
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
  rules:
    - host: #{Host}
      http:
        paths:
          - path: #{Path}(/|$)(.*)
            backend:
              serviceName: #{Name}-svc
              servicePort: 8080

And that's basically it for a beginner-friendly EKS cluster!

I would as well suggest installing the UI dashboard (https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html).

Have fun!

Discussion

pic
Editor guide