233 BROUGHT TO YOU IN PARTNERSHIP WITH

Getting Started With CONTENTS

Kubernetes
 What Is Kubernetes?
 Key Concepts of Kubernetes
 Kubernetes Architecture
 Getting Started With Kubernetes

UPDATED BY CHRIS JUDD  Run Your First Container

 Scale Applications
ORIGINAL BY ARUN GUPTA

WHAT IS KUBERNETES? REPLICA SETS

A replica set ensures that a specified number of pod replicas are
Kubernetes (kubernetes.io) is an open source orchestration system
running on worker nodes at any one time. It allows both up- and
for managing containerized applications across multiple hosts,
down-scaling the number of replicas. It also ensures recreation of a
providing basic mechanisms for the deployment, maintenance, and
pod when the worker node reboots or otherwise fails.
scaling of applications. Originally created by Google, in March of 2016
it was donated to the Cloud Native Computing Foundation (CNCF). NOTE: Replica Sets replaces Replication Controllers.

Kubernetes, or "k8s" or "kube" for short, allows the user to declaratively A Replica Set creating two instances of a Couchbase pod can be
specify the desired state of a cluster using high-level primitives. For defined as:
example, the user may specify that they want three instances of
the Couchbase server container running. Kubernetes’ self-healing apiVersion: extensions/v1beta1
kind: ReplicaSet
mechanisms, such as auto-restarting, re-scheduling, and replicating metadata:
containers then converge the actual state towards the desired state. name: couchbase-rs
spec:
# Two replicas of the Pod to be created
Kubernetes supports Docker and Rocket containers. An abstraction replicas: 2
around the containerization layer will allow for other container image # Identifies the label key and value on the Pod that
# this Replica Set is responsible for managing
formats and runtimes to be supported in the future. selector:
matchLabels:
app: couchbase-rs-pod
matchExpressions:
KEY CONCEPTS OF KUBERNETES - {key: tier, operator: In, values: ["backend"]}
template:
POD metadata:
A Pod is the smallest deployable unit that can be created, scheduled, labels:
# label key and value on the pod.
and managed. It’s a logical collection of containers that belong to # These must match the selector above.
an application. app: couchbase-rs-pod
tier: backend
spec:
Each resource in Kubernetes is defined using a configuration file. For containers:
- name: couchbase
example, a Couchbase pod can be defined with the following .yaml file: image: couchbase
ports:
- containerPort: 8091
apiVersion: v1
kind: Pod
# labels attached to this Pod
metadata:
name: couchbase-pod
labels:
name: couchbase-pod
spec:
containers:
- name: couchbase
# Docker image that will run in this Pod
image: couchbase
ports:
Improve Performance,
- containerPort: 8091
Minimize Cost
LABEL
A label is a key/value pair that is attached to objects, such as pods. In
Packet is a bare metal cloud built
the previous example, metadata.labels define the labels attached for developers.
to the pod.

Labels define identifying attributes for the object and is only meaningful
Get Started with $25
and relevant to the user. Multiple labels can be attached to a resource.
Labels can be used to organize and to select subsets of objects.

DZONE.COM | © DZONE, INC. VISIT DZONE.COM/REFCARDZ FOR MORE!

 Questions?
Email help@packet.net

Run Kubernetes the Way

Google Does It: On Bare Metal
Packet makes it easy for developers & enterprises alike
to leverage powerful single-tenant infrastructure.

No Multi Tenancy 8 Minute Deploys

Scalable, Hourly Pricing CloudInit & Meta Data

15 Global Locations Leading Integrations

We started Packet to bring the automation experience of the cloud to bare metal
infrastructure. Whether you’re a cloud native developer running container
workloads, an at-scale SaaS platform with massive scale, or a security obsessed
enterprise working through a digital transformation, you’ll find Packet to be
a flexible and performance-focused infrastructure partner.

Kick the Tires with $25 in Credit

Packet is a proud member of the Cloud Native Computing Foundation (the home of the Kubernetes project) and
donates the CNCF Community Infrastructure Lab to accelerate adoption through scale and performance testing.
 3 KUBERNETES

SERVICE
---
Each Pod is assigned a unique IP address. If the Pod inside a apiVersion: extensions/v1beta1
Replication Set dies, when it the pod is recreated it may be given a kind: ReplicaSet
metadata:
different IP address. This makes it difficult for an application server, name: wildfly-rs
such as WildFly, to access a database, such as Couchbase, using spec:
replicas: 1
its IP address. selector:
matchLabels:
A Service defines a logical set of Pods and a policy by which to access app: wildfly-rs-pod
matchExpressions:
them. The IP address assigned to a Service does not change over time, - {key: tier, operator: In, values: ["frontend"]}
and thus can be relied upon by other Pods. In addition, pods can find template:
metadata:
the services using service discovery either via environment variables labels:
or DNS. app: wildfly-rs-pod
tier: frontend
spec:
NOTE: You can combine a Service and Replica Set in the same yaml containers:
- name: wildfly
file by separating them with ---. image: arungupta/wildfly-couchbase-javaee7
env:
For example, the following creates a comprehensive Couchbase - name: COUCHBASE_URI
value: couchbase-svc
Service and an application Service running in Wildfly exposed via port ports:
30080 that discovers the Couchbase Service using the COUCHBASE_ - containerPort: 8080
URI environment variable and the couchbase-svc DNS value:
VOLUMES
apiVersion: v1
A Volume is a directory on disk or in another container. A volume outlives
kind: Service
metadata: any containers that run within the Pod, and the data is preserved across
name: couchbase-svc
Container restarts. The directory, the medium that backs it, and the
spec:
selector: contents within it are determined by the particular volume type used.
app: couchbase-rs-pod
ports:
- name: admin Multiple types of volumes are supported. Some of the commonly used
port: 8091 volume types are shown below:
- name: views
port: 8092
- name: query VOLUME TYPE MOUNTS INTO YOUR POD
port: 8093
- name: memcached A file or directory from the host node’s
hostPath
port: 11210 filesystem
---
apiVersion: extensions/v1beta1 nfs Existing Network File System share
kind: ReplicaSet
metadata: awsElasticBlockStore An Amazon Web Service EBS Volume
name: couchbase-rs
gcePersistentDisk A Google Compute Engine Persistent Disk
spec:
replicas: 1
selector: A Volume is specified in the Pod configuration file as shown:
matchLabels:
app: couchbase-rs-pod
matchExpressions: apiVersion: extensions/v1beta1
- {key: tier, operator: In, values: ["backend"]} kind: ReplicaSet
template: metadata:
metadata: name: couchbase-rs
labels: spec:
app: couchbase-rs-pod replicas: 1
tier: backend selector:
spec: matchLabels:
containers: app: couchbase-rs-pod
- name: couchbase matchExpressions:
image: arungupta/couchbase:travel - {key: tier, operator: In, values: ["backend"]}
ports: template:
- containerPort: 8091 metadata:
- containerPort: 8092 labels:
- containerPort: 8093 app: couchbase-rs-pod
- containerPort: 11210 tier: backend
--- spec:
apiVersion: v1 containers:
kind: Service - name: couchbase
metadata: image: couchbase
name: wildfly-svc ports:
spec: - containerPort: 8091
type: NodePort volumeMounts:
selector: - mountPath: /var/couchbase/lib
app: wildfly-rs-pod name: couchbase-data
ports: volumes:
- name: http - name: couchbase-data
port: 8080 hostPath:
nodePort: 30080 path: /tmp/couchbase

DZONE.COM | © DZONE, INC. BROUGHT TO YOU IN PARTNERSHIP WITH

 4 KUBERNETES

NOTE: hostPath is a fine option for testing, but it is not suitable for interacting with the cluster. For instructions to install Minikube and its
production use. dependencies, visit kubernetes.io/docs/tasks/tools/install-minikube.

KUBERNETES ARCHITECTURE Once Minikube is installed, you can use the minikube command-line
to start a cluster by running the following command:
A Kubernetes architecture with some key components is shown here:

minikube start

To stop the cluster, you can run:

minikube stop

To determine the IP address of the cluster use:

minikube ip

A Kubernetes cluster is a set of physical or virtual machines and other

If you are having problems, you can view the logs or ssh into the host
infrastructure resources that are used to run your applications. The
to help debug the issue by using:
machines that manage the cluster are called Master Nodes and the
machines that run the containers are called Worker Nodes.
minikube logs
minikube ssh
NODE
A Node is a physical or virtual machine. It has the necessary services
Most interestingly, you can open a dashboard view in the browser to
to run application containers.
see and change what is going on in the cluster.
A Master Node is the central control point that provides a unified
minikube dashboard
view of the cluster. Multiple masters can be setup to create a highly-
available cluster.
KUBECTL CLI
A Worker Node runs tasks as delegated by the master. Each Worker kubectl is a command-line utility that controls the Kubernetes
Node can run multiple pods. cluster. This utility can be used in the following format:

KUBELET kubectl [command] [type] [name] [flags]

Kubelet is a service running on each Node that manages containers
and is managed by the master. This service reads container manifests • [command] specifies the operation that needs to be performed
as YAML or JSON files that describe each Pod. A typical way to on the resource. For example, create, get, describe, delete,
provide this manifest is using the configuration file as shown in the or scale.
previous sections. Kubelet ensures that the containers defined in the • [type] specifies the Kubernetes resource type. For example,
Pods are started and continue running. pod (po), service (svc), replicaset (rs), or node (no). Resource
types are case-sensitive, and you can specify the singular, plural,
Kubelet is a Kubernetes-internal concept and generally does not
or abbreviated forms.
require direct manipulation
• [name] Specifies the name of the resource. Names are case-
sensitive. If the name is omitted, details for all resources will be
GETTING STARTED WITH KUBERNETES
displayed (for example, kubectl get pods).
SETTING UP KUBERNETES
Some examples of kubectl commands and their purpose:
There are a variety of ways to setup, configure, and run Kubernetes. It
can be run in the cloud using providers such as Amazon Web Services
COMMAND PURPOSE
(AWS), Google Compute Engine, Azure, Packet, and others. It can be
kubectl create -f
also run on-premise by building a cluster from scratch on physical Create a Couchbase pod
couchbase-pod.yml
hardware or via virtual machines. You can find out which solution is
kubectl create -f
correct for you, as well as step-by-step instructions at kubernetes. Create a Couchbase Replica Set
couchbase-rs.yml
io/docs/setup/. You can find a helpful quick-start guide to setting
kubectl delete -f
up Kubernetes on bare metal at blog.alexellis.io/kubernetes-in-10- Deletes/Removes the Couchbase pod
couchbase-pod.yml
minutes/. The recommended way to get started and run a single-
node cluster for development and testing is to use Minikube. kubectl get pods List all the pods
kubectl describe pod
Describe the Couchbase pod
couchbase-pod
MINIKUBE
Minikube uses virtualization software like VirutalBox, VMware, Shows the complete list of available
kubectl --help
commands
kvm, or xhyve to run the cluster. It also depends on the kubectl for

DZONE.COM | © DZONE, INC. BROUGHT TO YOU IN PARTNERSHIP WITH

 5 KUBERNETES

RUN YOUR FIRST CONTAINER If for some reason an instance crashes or gets shut down, Kubernetes
will immediately spin up another one. To destroy the whole thing, you
A Container can be started on a Kubernetes cluster using the kubectl must delete it at the deployment level.
script. The easiest way to do this is to specify the Docker image name
to the run command:
APPLICATION USING MULTIPLE CONTAINERS
kubectl run couchbase --image=arungupta/couchbase Typical applications consist of a "frontend" and a "backend." The
deployment "couchbase" created
"frontend" would typically be an application server, and the "backend"
would typically be a database. For this example, we’ll use WildFly for
This command will start a pre-configured Couchbase container in a
our application server and Couchbase for our database.
Pod wrapped inside a Replica Set wrapped inside a Deployment. The
status of the Deployment can be seen:

kubectl get deploy

NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
couchbase 1 1 1 1 1m

The status of this RS can be seen by using:

kubectl get rs
NAME DESIRED CURRENT READY AGE
couchbase-3179999270 1 1 1 39s

The status of the Pod can be seen by using:

kubectl get po The steps involved are:

NAME READY STATUS RESTART AGE
couchbase-3179999270-8r1xs 1/1 Running 0 2m • Start the “backend” Replica set: The Couchbase Replica Set
should contain the spec for a Couchbase Pod. The template
Alternatively, the Container can also be started by using the should include metadata that will be used by the Service.
configuration file:
• Start the "backend" Service: The Couchbase Service uses the
kubectl create -f couchbase-pod.yaml selector to select the previously started Pods.

The file couchbase-pod.yaml contains the Pod definition, as • Start the "frontend" Replica Set: The WildFly Replica Set should
explained earlier. contain the spec for the WildFly pod. The Pod should include
the application predeployed. This is typically done by extending
SCALE APPLICATIONS WildFly’s Docker image, copying the WAR file in the /opt/jboss/
wildfly/standalone/deployments directory, and creating a new
Pods in a Replica Set can be scaled up and down:
Docker image. The application can connect to the database by
kubectl scale --replicas=3 deploy/couchbase discovering "backend" services using Environment Variables or DNS.
deployment "couchbase" scaled

NOTE: The Service example above does this all in one file.
Then the updated number of deployments can be seen:

kubectl get deploy NAMESPACE, RESOURCE QUOTAS, AND LIMITS

NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
couchbase 3 3 3 3 3m By default, all user resources in the Kubernetes cluster are created in
a namespace called default. Objects created by Kubernetes are in
Note, the updated number of replicas here is 3. The image, the kube-system namespace.
arungupta/couchbase in this case, will need to ensure that the
cluster can be formed using three individual instances. You can By default, a pod runs with unbounded CPU and memory requests/limits.
display the instances by running:
A resource can be created in a different namespace and assigned
kubectl get po different memory requests/limits to meet the application’s needs.
NAME READY STATUS RESTARTS AGE
couchbase-3179999270-54qvb 1/1 Running 0 14s
Resources created by the user can be partitioned into multiple
couchbase-3179999270-5h5jb 1/1 Running 0 14s
couchbase-3179999270-z9hl6 1/1 Running 0 3m namespaces. Resources created in one namespace are hidden from a
different namespace. This allows for a logical grouping of resources.

DELETE APPLICATIONS Each namespace provides:

Once you are done using the application, you can destroy it with the
• A unique scope for resources to avoid name collisions
delete command.
• Policies to ensure appropriate authority to trusted users
kubectl delete deployment couchbase
• The ability to specify constraints for resource consumption

DZONE.COM | © DZONE, INC. BROUGHT TO YOU IN PARTNERSHIP WITH

 6 KUBERNETES

A new namespace can be created using the following configuration file:

apiVersion: v1
kind: ResourceQuota
apiVersion: v1 metadata:
kind: Namespace name: quota
metadata: spec:
name: development hard:
labels: cpu: "20"
name: development memory: 1Gi
pods: "10"
A Replica Set in the default namespace can be created: resourcequotas: "1"
services: "5"
kubectl create -f couchbase-rs.yml
replicaset "couchbase" created
Now a pod can be created specifying limits:

And a Replica Set in the new namespace can be created: apiVersion: v1

kind: Pod
metadata:
kubectl --namespace=development create -f couchbase-rs.yml name: couchbase-pod
replicaset "couchbase" created spec:
containers:
- name: couchbase
A list of replication controllers in all namespaces can be obtained: image: couchbase
ports:
- containerPort: 8091
kubectl get rs --all-namespaces resources:
NAMESPACE NAME DESIRED CURRENT READY AGE limits:
default couchbase-rs 2 2 2 1m cpu: "1"
development couchbase-rs 2 2 2 46s memory: 512Mi
kube-system kube-dns-1301475494 1 1 1 56d

Namespace, resource quota, and limits allow a Kubernetes cluster to

Specifying a quota allows you to restrict how much of a cluster’s share the resources of multiple groups and provide different levels of
resources can be consumed across all pods in a namespace. QoS for each group.

Resource quotas can be specified using a configuration file:

A B O U T T H E AU T H O R

CHRISTOPHER M. JUDD is the CTO and a partner at Manifest Solutions (manifestcorp.com), an international speaker,
an open source evangelist, the Central Ohio Java Users Group (www.cojug.org) and Columbus iPhone Developer User Group
leader, and the co-author of Beginning Groovy and Grails (Apress, 2008), Enterprise Java Development on a Budget (Apress,
2003), and Pro Eclipse JST (Apress, 2005), as well as the author of the children’s book "Bearable Moments." He has spent 20
years architecting and developing software for Fortune 500 companies in various industries, including insurance, health care,
retail, government, manufacturing, service, and transportation. His currentfocus is on consulting, mentoring, and training with
Java, Java EE,Groovy, Grails, Cloud Computing, and mobile platforms like iPhone, Android, Java ME, and mobile web.

BROUGHT TO YOU IN PARTNERSHIP WITH

DZone communities deliver over 6 million pages each month to more than 3.3 million
software developers, architects and decision makers. DZone offers something for
everyone, including news, tutorials, cheat sheets, research guides, feature articles,
source code and more.
DZONE, INC. REFCARDZ FEEDBACK
"DZone is a developer's dream," says PC Magazine. 150 PRESTON EXECUTIVE DR. WELCOME
refcardz@dzone.com
CARY, NC 27513
SPONSORSHIP
Copyright © 2017 DZone, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval
888.678.0399 OPPORTUNITIES
system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior
919.678.0300 sales@dzone.com
written permission of the publisher.