Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. This training helps you understand key concepts within 3 hours.

1. training@container-solutions.com
www.container-solutions.com
Kubernetes Fundamentals
in 3 hours
7.02.2019

2. Introduction
● very hands-on workshop
● fundamental concepts and features of Kubernetes
Over the course of multiple exercises we walk you through taking a
sample application from a simple first deployment to improving it step by
step, implementing best practices.

3. Our Journey
1. Review of Kubernetes Architecture
2. Deploy hello-world app
3. Play with pod
4. Services - How to expose the app
5. Zero Downtime Deployment
6. Information used by the containers
7. Useful tools & Commons Problems

4. Who's Who
Who are we? Who are you?

5. Container Solutions
We are a Cloud Native consultancy based in Amsterdam, Berlin, London,
Montreal, Zurich and Warsaw.
Kubernetes Certified Service Provider (KCSP) and experts in Cloud Native
strategy and technology.
https://container-solutions.com/
We are hiring!

6. Who am I?
Piotr Perzyna

7. Who are you? What brings your here today?
1. Developer? Ops? Architect?
2. Where do you work?
3. Experience with Containers? Kubernetes?
Who are you?

8. ● Pair-up with your neighbour and support each other
● If you do get stuck, please let us know
Collaboration is Key

9. 16:00 - 16:20 Introduction
16:20 - 17:40 Theory in practice on core components
17:40 - 17:50 Break
17:50 - 19:00 Managing Resources
19:00 - 19:10 Break
19:10 - 19:50 Lifecycles and Troubleshooting
19:50 - 20:00 Q&A
Agenda

10. Your Own Environment
● Up and a running Kubernetes cluster via minikube
$ minikube status
● Installed kubectl

11. A Little History
Kubernetes’ Backstory

12. ● Automation
● Scheduling
● Resilience
● Scalability
● Secrets
Plus many more ...
Key Features

13. ● Open-source container orchestrator
● Based on Google’s experience with Borg and now Omega
● Maintained by the Cloud Native Computing Foundation
● Most cloud providers now offer managed Kubernetes
○ Google Kubernetes Engine
○ Amazon Elastic Container Service for Kubernetes
○ Azure Kubernetes Service
Background

14. Adoption 2018

15. Architecture
Kubernetes client-server architecture

16. Architecture
● Nodes
○ Master
○ Worker
● Pods
● Containers

17. Master
● API Server
● etcd
● Control Manager
● Scheduler

18. Worker
● kubelet
● kube-proxy
● Container Runtime
○ e.g. Docker
● Pods

19. Container > Pod > Node > Cluster
POD
NODE

20. Interaction
Working with the cluster

21. kubectl get <resources>
List all resources in the current namespace
kubectl describe <resource> <resource-name>
Verbose output of a particular resource
kubectl apply -f <filename>
Create or update a resource from a file
Useful verbs and commands

22. Step #1
Run a simple “hello world” application
$ kubectl run hello-world
--image=containersol/k8s-in-3h:v1 --port=8080
What just happened?!

23. View the resources created
$ kubectl get pods
$ kubectl get pods -o wide
$ kubectl get deployments
$ kubectl get replicasets
$ kubectl get all
Step #2

24. Deployment
● Encapsulates ReplicaSet
● Controlled change from current
state to desired state
● Can rollback to a previous state
due to a deployment error

25. ReplicaSet
● Ensures a specified number of
pod replicas are running at any
given time
● Automatically created in
Deployment (usually)

26. Step #3
View more detail about a resource
$ kubectl describe pod <pod_name>
$ kubectl describe deployment <deployment_name>
$ kubectl describe replicaset <replicaset_name>

27. Step #4
Can i login into the pod? Yes, you can!
$ kubectl exec -it <pod_name> /bin/sh

28. Step #5
Scale the pods
$ kubectl scale deployment hello-world --replicas=4
Verify
$ kubectl get pod
$ kubectl get rs

29. Services
Stable endpoints

30. ● Forward traffic to pod or a group of pods that work together
○ Grouped by a Label Selector
● Stable end-point that can be addressed by name
● Different types:
○ ClusterIP
○ NodePort
○ LoadBalancer
What’s a Service?

31. ● Default type
● Creates an internal IP
● Assigns Service to
internal ClusterIP
● Only reachable within cluster
ClusterIP

32. ● Exposes a port on all of the
nodes of the cluster
● Allocated in range of 30,000 -
32,767
● Same port on every host
NodePort

33. Step #1
Use a NodePort Service to expose the deployment
$ kubectl expose deployment hello-world
--name=hello-world-svc
--type=NodePort
--port=8080

34. Step #2
View the new Service
$ kubectl get svc
$ kubectl describe svc <svc_name>
Can we access the service on the Cluster IP?
$ kubectl get svc -o wide
$ curl <CLUSTER-IP>:<NODE-PORT>
No, we cannot

35. How about on the Node IP?
$ minikube ip
$ curl <MINIKUBE-IP>:<NODE-PORT>
Check the hostname
$ curl --silent <MINIKUBE-IP>:<NODE-PORT> | grep Hostname
<repeat a few times>
Step #3

36. You can do it via browser also!
http://<MINIKUBE-IP>:<NODE-PORT>
Check the logs:
$ kubectl logs -f <pod_name>
Step #4

37. Do you want Zero Downtime Deployment!?
Run check on different terminal
$ while true; do curl --silent <MINIKUBE-IP>:<NODE-PORT> | grep
Version; sleep 0.1; done;
Deploy!
$ kubectl set image deployment/hello-world
hello-world=containersol/k8s-in-3h:v2
Step #5

38. When deploying a new application, the switch from the old to the new
version can impact end users. This module will help you to use the right
deployment strategy depending on your use case.
● RollingUpdate
● Recreate
● Rolling Back
● Blue/Green
● Canary
● A/B
Deployment Strategies

39. RollingUpdate

40. BREAK

41. Namespace

42. Namespaces
Namespaces are intended for use in environments with many users
spread across multiple teams, or projects, such that cluster resources can
be divided over multiple users

43. Working with Namespaces
List all namespaces
$ kubectl get ns
Create a new namespace
$ kubectl create ns <namespace-name>
List all in all namespaces
$ kubectl get all --all-namespaces

44. Standard Namespaces
● default - empty, default namespace
● kube-public - readable by all users, contains CA as a ConfigMap
● kube-system - for object created by kubernetes system

45. Managing Resources
Imperative vs Declarative

46. Imperative
● Manage resources using the CLI
Declarative
● Manage resources using the prepared files
● GitOps?
Imperative vs Declarative

47. apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-world
spec:
replicas: 4
selector:
matchLabels:
run: hello-world
template:
metadata:
labels:
run: hello-world
spec:
containers:
- name: hello-world
image: pperzyna/hello-world:v2
ports:
- containerPort: 8080
Deployment
Manifest
● Deploy hello-world pods
● Starts 4 Pods
$ kubectl get deployment -o yaml

48. apiVersion: v1
kind: Service
metadata:
name: hello-world-svc
spec:
type: NodePort
ports:
- name: http
port: 8080
targetPort: 8080
selector:
run: hello-world
Service
Manifest
● Matches objects with label of
“run: hello-world”
● Exposes application listening on
port 8080
$ kubectl get svc -o yaml

49. Setup a sample application
You will find a sample application here:
https://github.com/ContainerSolutions/ws-kubernetes-essentials-app
Start by cloning the repository to your environment:
$ mkdir cs-k8sin3h
$ cd cs-k8sin3h
$ git clone https://tinyurl.com/y7jbczea .

50. Instructions
1. Create a Deployment using the “app-deployment.yaml” manifest
2. Create the Service specified in the “app-service.yaml” manifest
3. Find the IP and Port of the NodePort Service
4. Open the application in your browser
Attempt it on your own, if you get stuck refer to the next 3 slides.
You have 10 minutes...

51. Step #1
Deploy the application using the manifest file:
$ kubectl apply -f manifests/app-deployment.yaml
What happened? What was created?
$ kubectl get deploy
$ kubectl describe deploy sample-app
$ kubectl get pods

52. Expose the application using the manifest file:
$ kubectl apply -f manifests/app-service.yaml
What happened? What was created?
$ kubectl get svc sample-app-svc -o wide
$ kubectl describe svc sample-app-svc
Access the application:
$ curl <MINIKUBE-IP>:<NODE-PORT>
Step #2

53. ConfigMaps &
Secrets

54. Introduction
Any reasonable web application has information that needs to be kept
from prying eyes and decoupled from the application. This has become
more complicated with microservices. Ephemeral nature of
services/containers means we need automation.

55. Kubernetes encourages Configuration Management best practices by
offering:
● ConfigMaps
● Secrets
Configuration in Kubernetes

56. Creating ConfigMaps
ConfigMaps can be created directly from the CLI:
$ kubectl create configmap ...
Or through Manifests:
$ kubectl apply -f configmap.yaml

57. apiVersion: v1
kind: ConfigMap
metadata:
name: webapp-config
data:
timeout: 3600
loglevel: debug
Property-like
● Property-like keys represent
smaller, individual pieces of
Configuration data.
● Typically used to populate
Environment Variables for
application properties or
command line arguments.

58. ...
spec:
containers:
- name: test-container
...
env:
- name: TITLE
valueFrom:
configMapKeyRef:
name: workshop-config
key: TITLE
Environmental
Variables
The key from the ConfigMap becomes
the environment variable name in the
Pod.

59. We want to use a ConfigMap to supply details to our application.
1. Apply the ConfigMap in “manifests/app-configmap.yaml”
2. Update the “app-deployment” with ENVs from the ConfigMap
a. Look at the config map for naming
3. Apply the updated deployment
4. View the results
You have 10 minutes...
Instructions

60. Bonus
Readiness
● Do your Pods have a
readiness probe?
● Is your Pod “Ready”?
Liveness
● Do your Pods have a liveness
probe?
● Is it successful or failing?
containers:
- name: app-frontend
image: containersol/k8s-sample-app:1.0
ports:
- containerPort: 9292
readinessProbe:
httpGet:
path: /readiness
port: 9292
scheme: HTTP
initialDelaySeconds: 5
timeoutSeconds: 1
livenessProbe:
httpGet:
path: /liveness
port: 9292
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 15
timeoutSeconds: 5

61. BREAK

62. Useful Tools

63. Kubectl Autocomplete
Kubectl includes autocompletion support, which can save a lot of typing!
Follow the Instructions here:
https://kubernetes.io/docs/tasks/tools/install-kubectl/#enabling-shell-
autocompletion

64. ● Simple Web User Interface
● Decent high-level overview of the
cluster
● Can drill down into details
● Useful for debugging
Dashboard
$ minikube dashboard

65. ● Port-forwarding is a useful debugging tool
● Map a local port to a port inside a Pod
● Meant for testing services that are not exposed
$ kubectl port-forward <pod_name> 8080 &
$ curl 0.0.0.0:8080
Port-Forward

66. kubectx
github.com/ahmetb/kubectx

67. kubens
github.com/ahmetb/kubectx

68. kubetail
github.com/johanhaleby/kubetail

69. Common Issues
What could possibly go wrong?

70. Pod Status = “ImagePullBackoff”
Check the image exists on the Registry (e.g. hub.docker.com)
$ docker pull <image-name>
Check for permission issues
$ kubectl describe po <failing-pod>
Review the Pod’s “Events”
Problem Pulling Image

71. Pod Status = “Pending”
Means your Pod cannot be Sheduled onto a Node. Maybe because your
Nodes are overloaded, you only have a single node cluster or your
Deployment is asking for too much CPU or Memory.
Check your nodes with
$ kubectl get nodes
$ kubectl describe node <node-name>
Pod Cannot Be Scheduled

72. A Pod is Behaving “weirdly”
Check the Status and Events
$ kubectl describe pod <pod_name>
Check the Logs
$ kubectl logs <pod_name> <container_name>
Run a shell into the container
$ kubectl exec -it <pod_name> -- /bin/bash

73. What Selector is your Service using?
$ kubectl describe svc <svc_name> -o wide
Are any of the Pods ready?
$ kubectl get pods -l <selector_key>=<selector_value> --
show-labels
My Service Doesn’t Work

74. Check how many containers are there in a Pod:
$ kubectl get pods
Check the Containers section in the Pod description:
$ kubectl describe pod <pod_name>
Access logs of a specific Container:
$ kubectl logs <pod_name> -c <container_name>
Multiple Pods & Containers

75. Hands-on
The Final Exercise

76. Apply a badly written Deployment and Service to your cluster
$ kubectl apply -f manifests/bad-deployment.yaml
$ kubectl apply -f manifests/bad-service.yaml
Good luck!
Homework

77. Any Questions?
What else would you like to know?

78. One Last Thing
Just before you leave

79. Give us your Feedback
Your feedback is really important to us. We use it to continually improve
our training (we want it to kick-ass). We value your positive and
constructive comments.
Your feedback will be kept anonymous and used to improve our
workshops.
To help us, please spend 2 minutes completing the feedback card
provided by your trainer.

80. Thank You!
Keep calm and try Kubernetes!