Module Checklist

Container Orchestration
with Kubernetes

By Techworld with Nana

Video Overview
★ Introduction to Kubernetes
★ Basic Concepts and Main K8s Components
★ Kubernetes Architecture
★ Minikube and kubectl - Local Setup
★ Kubernetes CLI - Main kubectl commands
★ Introduction to YAML Configuration File
★ Demo project: Deploying MongoDB and Mongo Express
★ Organizing components with Namespaces
★ Kubernetes Services
★ Kubernetes Ingress
★ Persisting Data with Volumes
★ ConfigMap & Secret Volume Types
★ Deploying stateful Apps with StatefulSet
★ Introduction to Managed Kubernetes Services
★ Helm - Package Manager of Kubernetes
★ Helm Demo: Install a Stateful Application on Kubernetes using Helm
★ Demo: Deploy App from Private Docker Registry
★ Extending the K8s API with Operators
★ Prometheus Operator Demo with Helm: Setup Prometheus Monitoring in
K8s
★ Secure your cluster - Authorization with RBAC

★ Microservices in Kubernetes

★ Demo project: Deploy Microservices Application

★ Production & Security Best Practices

★ Demo project: Create Helm Chart for Microservices

★ Demo project: Deploy Microservices with Helmfile

 Video Overview

Demo Projects

Kubernetes Demo https://gitlab.com/nanuchi/bootcamp-kubernetes

Demo Project for Private https://gitlab.com/nanuchi/developing-with-docker

Docker Registry

Online Shop Microservices

https://github.com/nanuchi/microservices-demo

Configuration Files & Helm

Chart for Microservices https://gitlab.com/nanuchi/online-shop-microservices
Application -deployment
 Check your progress... 1/11

Introduction to Kubernetes

❏ Watched video

Basic Concepts and Main K8s Components

❏ Watched videos

Useful Links:

● Managing K8s Secrets: https://blog.aquasec.com/managing-kubernetes-secrets

Kubernetes Architecture
❏ Watched videos

Minikube and Kubectl - Local Setup

❏ Watched videos
❏ Demo executed:
❏ Installed and setup Minikube
❏ Installed Kubectl

Useful Links:

● Installation guide for Minikube (Mac, Linux and Windows):

https://minikube.sigs.k8s.io/docs/start/
● Installation guide for Kubectl:
https://kubernetes.io/docs/tasks/tools/install-kubectl/
 Check your progress... 2/11

Kubernetes CLI - Main kubectl commands

❏ Watched video
❏ Demo executed:
❏ Created nginx Deployment
❏ Edited Deployment
❏ Created mongodb Deployment
❏ Inspected logs of a Pod
❏ Got shell of a running container - kubectl exec
❏ Deleted deployment
❏ Applied configuration file

Useful Links:

● Example commands repo:

https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/basic-kubectl-c
ommands

YAML Configuration File

❏ Watched videos

Useful Links:

● Configuration File:
https://kubernetes.io/docs/tasks/manage-kubernetes-objects/declarative-config
/
● Example files repo:
https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/kubernetes-con
figuration-file-explained

Best practices:

● Store Configuration Files with your application code or own Git Repository just
for the configuration files
 Check your progress... 3/11

Demo project: Deploying MongoDB and Mongo Express

❏ Watched videos
❏ Prerequisite:
❏ Minikube cluster running
❏ Demo executed - Deploying MongoDB and MongoExpress:
❏ Created MongoDB Deployment
❏ Created Secret for Mongo Credentials
❏ Created MongoDB Internal Service
❏ Created MongoExpress Deployment
❏ Created ConfigMap for DB Server URL
❏ Created Mongo Express External Service

Useful Links:

● MongoDB Docker Image: https://hub.docker.com/_/mongo

● Mongo Express Docker Image: https://hub.docker.com/_/mongo-express
● Project Repo:
https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/demo-kubernetes-
components

Organizing components with Namespaces

❏ Watched videos

Useful Links:

● Kubectx: https://github.com/ahmetb/kubectx#installation
 Check your progress... 4/11

Kubernetes Services
❏ Watched video

Useful Links:

● Service: https://kubernetes.io/docs/concepts/services-networking/service/

Best Practice:

● Do NOT use NodePort Service Type for external connections. Use Ingress or Load
Balancer instead.

Ingress
❏ Watched video

Useful Links:

- Project repo:
https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/kubernetes-ingress
- List of Ingress Controllers you can choose from:
https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/
- Ingress Controller Bare Metal:
https://kubernetes.github.io/ingress-nginx/deploy/baremetal/

Persisting Data with Volumes

❏ Watched video

Useful Links:

● Volume Types:
https://kubernetes.io/docs/concepts/storage/volumes/#volume-types
● Project demo:
https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/kubernetes-volume
s
 Check your progress... 5/11

ConfigMap & Secret Volume Types

❏ Watched video
❏ Demo executed:
❏ Created Mosquitto Deployment without any volumes
❏ Created ConfigMap component to overwrite mosquitto.conf file
❏ Created Secret component to add passwords file
❏ Adjusted Mosquitto Deployment to include volumes

Useful Links:

● Project demo:
https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/configmap-and-sec
ret-volumes
● ConfigMap Volume Type:
https://kubernetes.io/docs/concepts/storage/volumes/#configmap
● Secret Volume Type: https://kubernetes.io/docs/concepts/storage/volumes/#secret
● Mosquitto Public Docker Image: https://hub.docker.com/_/eclipse-mosquitto

Deploying Stateful Apps with StatefulSet

❏ Watched videos

Introduction to Managed Kubernetes Services

❏ Watched videos

Helm - Package Manager of Kubernetes

❏ Watched videos

Useful Links:

- Install Helm: https://helm.sh/docs/intro/install/

- Helm Hub: https://artifacthub.io/
 Check your progress... 6/11

Helm Demo: Install a Stateful Application on K8s using

Helm
❏ Watched video
❏ Demo executed:
❏ Created K8s cluster on Linode Kubernetes Engine
❏ Deployed replicated MongoDB (StatefulSet using Helm Chart) and
configured Data Persistence with Linode Block Storage
❏ Deployed MongoExpress (Deployment and Service)
❏ Deployed NGINX Ingress Controller as Loadbalancer (using Helm Chart)
❏ Configured Ingress rule

Useful Links:

● Project Repo:
https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/linode-kubernete
s-engine-demo
● Create a Linode account ($100 - 60day credit with this link:
https://bit.ly/31p4GW2)
● Mongo Express Docker Image: https://hub.docker.com/_/mongo-express
 Check your progress... 7/11

Demo: Deploy App from Private Docker Registry

❏ Watched videos
❏ Demo executed:
❏ Logged in to AWS Container Repository | docker login and create docker
config.json file
❏ Created Secret component
❏ Configured Deployment for demo app
❏ Pre-Requisites:
❏ Setup a Private Docker Repository (e.g. AWS Elastic Container Registry)
❏ Have a demo application (see provided one)

Useful Links:

● K8s Project Repo:

https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/pull-images-from
-private-reporsitory-in-k8s
● Sample NodeJs application Repo:
https://gitlab.com/nanuchi/developing-with-docker

Extending the K8s API with Operators

❏ Watched videos

Useful Links:

● Find Operators: https://operatorhub.io/

 Check your progress... 8/11

Prometheus Operator Demo with Helm: Setup Prometheus

Monitoring on Kubernetes
❏ Watched videos
❏ Demo executed:
❏ Installed Prometheus Operator Helm Chart
❏ Accessed Grafana UI (configured port-forward)
❏ Accessed Prometheus UI (configured port-forward)

Useful Links:

● Prometheus Monitoring - What it is and how it works:

https://youtu.be/h4Sl21AKiDg
● Project Repo:
https://gitlab.com/nanuchi/bootcamp-kubernetes/-/tree/master/setup-prometheu
s-operator

Secure your Cluster - Authorization with RBAC

❏ Watched videos

Useful Links:

● Site dedicated to good practices and tooling around Kubernetes RBAC:

https://rbac.dev/
● Authenticating:
https://kubernetes.io/docs/reference/access-authn-authz/authentication/
● 3 Realistic Approaches to K8s RBAC:
https://thenewstack.io/three-realistic-approaches-to-kubernetes-rbac/
 Check your progress... 9/11

Microservices in Kubernetes (Part 1)

❏ Watched videos

Useful Links:

● Learn more about Istio Service Mesh: https://youtu.be/16fgzklcF7Y

Demo Project: Deploy Microservices Application (Part 2)

❏ Watched videos
❏ Demo executed:
❏ Created YAML file with 11 Deployment and corresponding Service
manifests
❏ Note: All Services’ Components are Internal Services, except the Frontend
Service, which needs to be accessed from browser
❏ Created a K8s cluster with 3 Worker Nodes on Linode (or any other cloud
platform)
❏ Connected to the cluster
❏ Created a Namespace and deployed all the micro services into it
❏ Accessed Online Shop with Browser

Useful Links:

● Microservices Git Repo: https://github.com/nanuchi/microservices-demo

● Git Repo for Configuration Files for the Microservices App:
https://gitlab.com/nanuchi/online-shop-microservices-deployment
● Redis Docker Image: https://hub.docker.com/_/redis
● Volume Type emptyDir:
https://kubernetes.io/docs/concepts/storage/volumes/#emptydir
● Ephemeral Volumes:
https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/
 Check your progress...10/11

Production & Security Best Practices (Part 3)

❏ Watched videos
❏ Demo executed - Improved Microservices Config Files
❏ BP 1: Added version to each container image
❏ BP 2: Configured Liveness Probe for each container
❏ BP 3: Configured Readiness Probe for each container
❏ BP 4: Configured Resource Requests
❏ BP 5: Configured Resource Limits
❏ BP 6: Don’t use NodePort Service Type
❏ BP 7: Configure more than 1 Replica for each Deployment

Useful Links:

● Git Repo for Best Practices Configuration Files for the Microservices App:
https://gitlab.com/nanuchi/online-shop-microservices-deployment
● Configure Liveness, Readiness Probes:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-read
iness-startup-probes/
● Resource Requests & Limits:
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-
practices-resource-requests-and-limits
 Check your progress...11/11

Create Helm Chart for Microservices (Part 4)

❏ Watched videos
❏ Demo executed
❏ Created “microservices” Helm Chart
❏ Created values.yaml files for each microservice
❏ Created “redis” Helm Chart and values file for it

Useful Links:

● Git Repo - Helm Charts:

https://gitlab.com/nanuchi/online-shop-microservices-deployment
● Helm Chart Developer Guide: https://helm.sh/docs/chart_template_guide/
● Built-In Objects: https://helm.sh/docs/chart_template_guide/builtin_objects/
● Best practices for creating Charts: https://helm.sh/docs/chart_best_practices/

Deploy Microservices with Helmfile (Part 5)

❏ Watched videos
❏ Demo executed
❏ Deployed Microservices Application with “helm install”
❏ Created Helmfile
❏ Installed Helmfile
❏ Deployed Helm Charts with Helmfile

Useful Links:

● Git Repo - Helmfile:

https://gitlab.com/nanuchi/online-shop-microservices-deployment
● Official Helmfile Repo: https://github.com/roboll/helmfile
 More Resources...
More Resources

More Best practices

● Configuration Best Practices:
https://kubernetes.io/docs/concepts/configuration/overview/
● 9 Security Best Practices:
https://www.cncf.io/blog/2019/01/14/9-kubernetes-security-best-practices-e
veryone-must-follow/

Cheatsheet
● K8s CLI Cheat Sheet: https://kubernetes.io/docs/reference/kubectl/cheatsheet/