An exercise in docker and kubernetes
The point of this workshop is to familiarize yourself with docker and kubernetes
This repository includes a small golang chat server, with an embedded frontend.
Your goal is to get this server to run in a cloud environment.
If you feel lost or confused, don't hesitate to ask or look for solutions online.
- docker
brew install docker - kubectl
brew install kubernetes-cli - aws
brew install aws-cli
Fork this repository, and work from there
The chat server relies on a connection to a redis server in order to send messages.
We can use the public docker image for redis to test out the server locally: https://hub.docker.com/_/redis
TASK: Start a redis server locally and expose it's port, so you can try out the chat server
you can start the chat server with go run main.go
Our next order of business is to get our go server to run in a docker container.
For that we will need to build a docker image, so that we have something to base our container on.
TASK: Write a dockerfile, that builds the go server
You can build a docker image from a Dockerfile with docker build .
A solution for orchestration when running docker containers locally is docker compose
We can use docker compose to define and run multiple containers in a single file rather
than having to run complicated docker run commands all the time.
TASK: Write a docker-compose.yml file and run the chat and redis servers with
docker compose upBONUS: What do the following terms mean in docker: image, container, repository, tag and registry
Kubernetes is a great solution for orchestration in the cloud.
Similarly to docker compose, it allows us to define a set of containers we want to run.
The difference is that we don't have to manually tell kubernetes to start the containers.
We simply give kubernetes our manifest, and kubernetes will continuously try to make sure that the containers are running somewhere on some maching.
Kubernetes does not operate directly on containers, though. Instead it manages what it calls Pods.
Pods are a collection of containers along with some metadata attached to them.
replace TEAMNAME with your team names in the commands below
$ lpass show Shared-WISEflow-Development/ahoy/TEAMNAME.csv --notes | aws configure import --csv file:///dev/stdin
Successfully imported 1 profile(s)
$ aws eks update-kubeconfig --name ahoy --alias ahoy --profile TEAMNAME --region eu-west-1You can verify that you have access by running
$ kubectl get namespacesA simple manifest with a pod could look like this:
# manifest.yaml
apiVersion: v1
kind: Pod
metadata:
name: my-pod
namespace: my-namespace
spec:
containers:
- name: alpine
image: alpine:3.16
command:
- echo
- "hello, mom"In order to give it to kubernetes we can use kubectl like so
$ kubectl apply -f manifest.yaml
pod/my-pod createdAnd kubernetes will then schedule a pod on a machine in the cluster.
We can get the status of our pod with
$ kubectl get pod --namespace my-namespace
NAME READY STATUS RESTARTS AGE
my-pod 0/1 CrashLoopBackOff 1 (8s ago) 11sNotice that the pod has the CrashLoopBackOff status. This happens when kubernetes continuously restarts the containers in the pod, but they keep crashing.
The reason the container crashes is of course the entrypoint of the container finishes immediately, so the container dies.
We can get the logs of the pod with
$ kubectl logs my-pod --namespace my-namespace
hello, momWhere we can see that the container indeed did as we asked.
TASK: Write a pod manifest containing a redis and a chat server, and apply it to kubernetes and see that the pod is running
Tip: You can test the application by port-forwarding to the pod with kubectl port-forward [POD] -n [NAMESPACE] localport:containerport
You'll have to push your docker image to a docker registry. You can use ttl.sh simply with
docker build . -t ttl.sh/my-image-with-some-id:2h
docker push ttl.sh/my-image-with-some-id:2hand now that image will be available to other clients to pull with
docker pull ttl.sh/my-image-with-some-id:2hNote that you only have write access to the namespace of your teams name
When we apply a pod directly to kubernetes. It will be scheduled to a node, and it cannot be updated or moved to a different node after that.
So let's say that the node in our cluster fails for some reason. Kubernetes can't reschedule the pod, and the server will not be run.
For that we will need another resource that can schedule new pods. One of these resources is called a Deployment.
An example deployment can look like this
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
namespace: my-namespace
spec:
replicas: 2
selector:
matchLabels:
app: my-deployment
template:
metadata:
labels:
app: my-deployment
spec:
containers:
- name: alpine
image: alpine:3.16
command:
- echo
- ${GREETING}
resources:
limits:
memory: "128Mi"
cpu: "500m"
env:
- name: GREETING
value: "Hello, dad"Kubernetes will take that deployment and try to maintain 2 replicas of the pod specification defined in it's template. We can also update the pod spec, now and kubernetes will roll out the new version.
TASK: Run your pods as a deployment
The problem with including redis in every pod is that the servers cannot share their data source.
TASK: Run redis and the chat-server as seperate deployments, and connect the chat-server to redis through a kubernetes service
BONUS: Run multiple chat-servers on the same redis
TASK: Expose to the internet with an ingress
Nginx ingress controller, cert-manager and external-dns are available in the cluster. external-dns has access to ahoy.wiseflow.io and all it's subdomains