Académique Documents
Professionnel Documents
Culture Documents
66
Rolling
Updates &
Rollbacks
Rollout and Versioning
Revision 1
nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0
Revision 2
nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1
Recreate
Application
Down
Rolling nginx:1.7.1
nginx:1.7.0 nginx:1.7.1 nginx:1.7.0 nginx:1.7.1 nginx:1.7.0 nginx:1.7.1 nginx:1.7.0
Update nginx:1.7.0 nginx:1.7.1
deployment-definition.yml
apiVersion: apps/v1
POD POD POD POD POD POD POD POD POD POD
Deployment
POD POD POD POD POD POD POD POD POD POD
Deployment
COMMANDS
&
ARGUMENTS
docker run ubuntu
docker ps
docker ps -a
5
4
3
2
1
FROM Ubuntu
CMD sleep 5
FROM Ubuntu
docker run ubuntu-sleeper 10
10
ENTRYPOINT [“sleep”]
sleep
Command at Startup:
Command at Startup:
FROM Ubuntu docker run ubuntu-sleeper
sleep: missing operand
ENTRYPOINT [“sleep”]
sleep Try 'sleep --help' for more information.
CMD [“5”]
5
Command at Startup:
Command at Startup:
sleep2.0 ubuntu-sleeper 10
docker run --entrypoint sleep2.0 10
Command at Startup:
ubuntu-sleeper
docker run --name ubuntu-sleeper
ubuntu-sleeper ubuntu-sleeper pod-definition.yml
apiVersion: v1
[“10”]
docker run --name ubuntu-sleeper ubuntu-sleeper 10 kind: Pod
metadata:
name: ubuntu-sleeper-pod
spec:
containers:
- name:
image:
args:
ENVIRONMENT
VARIABLES
Environment Variables
app.py
import os
from flask import Flask
app = Flask(__name__)
…
…
color = "red"
@app.route("/")
def main():
print(color)
return render_template('hello.html', color=color)
if __name__ == "__main__":
app.run(host="0.0.0.0", port="8080")
python app.py
Environment
app.py
Variables
import os
from flask import Flask
app = Flask(__name__)
…
…
color = "red"
@app.route("/")
def main():
print(color)
return render_template('hello.html', color=color)
if __name__ == "__main__":
app.run(host="0.0.0.0", port="8080")
Environment Variables
app.py
import os
from flask import Flask
app = Flask(__name__)
…
…
os.environ.get('APP_COLOR')
color = "red"
@app.route("/")
def main():
print(color)
return render_template('hello.html', color=color)
if __name__ == "__main__":
app.run(host="0.0.0.0", port="8080")
app.py
import os
from flask import Flask
app = Flask(__name__)
…
…
os.environ.get('APP_COLOR')
color = "red"
@app.route("/")
def main():
print(color)
return render_template('hello.html', color=color)
if __name__ == "__main__":
app.run(host="0.0.0.0", port="8080")
pod-definition.yaml
apiVersion: v1
kind: Pod
metadata:
name: simple-webapp-color
spec:
containers:
- name: simple-webapp-color
image: simple-webapp-color
ports:
- containerPort: 8080
env:
- name: APP_COLOR
value: pink
ENV Value Types
env:
- name: APP_COLOR 1 Plain Key Value
value: pink
env:
- name: APP_COLOR
valueFrom: 2 ConfigMap
configMapKeyRef:
env:
- name: APP_COLOR
valueFrom: 3 Secrets
secretKeyRef:
Course Objectives
Core Concepts
Configuration
ConfigMaps Secrets
SecurityContexts ServiceAccounts
Resource Requirements
Multi-Container Pods
Observability
Pod Design
State Persistence
ConfigMaps
ConfigMap pod-definition.yaml
apiVersion: v1
kind: Pod
metadata:
name: simple-webapp-color
spec:
containers:
- name: simple-webapp-color
image: simple-webapp-color
ports:
- containerPort: 8080
env:
- name: APP_COLOR
value: blue
- name: APP_MODE
value: prod
ConfigMaps
ConfigMap pod-definition.yaml
APP_COLOR : blue
APP_COLOR: apiVersion: v1
APP_MODE:: prod kind: Pod
APP_MODE
metadata:
name: simple-webapp-color
spec:
containers:
- name: simple-webapp-color
image: simple-webapp-color
ports:
- containerPort: 8080
env:
envFrom:
- -configMapRef:
name:
value:
name: app-config
1 2
- name:
value:
1
Create ConfigMap
Create ConfigMaps
ConfigMap
Imperative kubectl create configmap
APP_COLOR: blue <config-name> --from-literal=<key>=<value>
APP_MODE: prod
1
<config-name> --from-file=<path-to-file>
APP_COLOR: blue
APP_MODE: prod
config-map.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: app-config
data:
APP_COLOR: blue
APP_MODE: prod
Create ConfigMap
Create ConfigMaps
app-config mysql-config redis-config
APP_COLOR: blue port: 3306 port: 6379
APP_MODE: prod max_allowed_packet: 128M rdb-compression: yes
1
Create ConfigMap
View ConfigMaps
Data
====
APP_COLOR:
----
blue
APP_MODE:
----
prod
Events: <none>
ConfigMap in Pods
pod-definition.yaml config-map.yaml
apiVersion: v1 apiVersion: v1
kind: Pod kind: ConfigMap
metadata:
metadata:
name: simple-webapp-color
labels: name: app-config
name: simple-webapp-color data:
spec: APP_COLOR: blue
containers: APP_MODE: prod
- name: simple-webapp-color
image: simple-webapp-color
ports:
- containerPort: 8080
envFrom:
- configMapRef:
name: app-config
2
Inject into Pod
kubectl create –f pod-definition.yaml
ConfigMap in Pods
envFrom:
- configMapRef:
name: app-config ENV
env:
- name: APP_COLOR
valueFrom:
SINGLE ENV configMapKeyRef:
name: app-config
key: APP_COLOR
volumes:
- name: app-config-volume
configMap: VOLUME
name: app-config
107
Kubernetes
Secrets
Web-MySQL Application
app.py
import os
from flask import Flask
app = Flask(__name__)
@app.route("/")
def main():
mysql.connector.connect(host=‘mysql', database='mysql’,
user='root', password=‘paswrd')
if __name__ == "__main__":
app.run(host="0.0.0.0", port="8080")
Web-MySQL Application
app.py
import os
from flask import Flask
app = Flask(__name__)
@app.route("/")
def main():
mysql.connector.connect(host=‘mysql', database='mysql’,
user='root', password=‘paswrd')
return render_template('hello.html', color=fetchcolor())
if __name__ == "__main__":
app.run(host="0.0.0.0", port="8080")
Web-MySQL Application
app.py
import os
from flask import Flask
Environment Variable
DB_Host: mysql
DB_User: root
DB_Password: paswrd
POD
1 2
Inject into Pod
Create Secret
Create Secrets
Secret
Imperative kubectl create secret generic
DB_Host: mysql
DB_User: root
DB_Password: paswrd
1
Create Secret
Create Secrets
Secret
Imperative kubectl create secret generic
DB_Host: mysql <secret-name> --from-literal=<key>=<value>
DB_User: root
DB_Password: paswrd
1
<secret-name> --from-file=<path-to-file>
DB_Host: mysql
DB_User: root
secret-data.yaml
DB_Password: paswrd
apiVersion: v1
kind: Secret
metadata:
name: app-secret
data:
DB_Host:
DB_Host: mysql
bXlzcWw=
DB_User:
DB_User: root
cm9vdA==
DB_Password:
DB_Password: paswrd
cGFzd3Jk
1
kubectl create –f secret-data.yaml
Create Secret
Encode Secrets
Secret Declarative kubectl create –f
1
cm9vdA==
1
root
2
Inject into Pod
kubectl create –f pod-definition.yaml
Secrets in Pods
envFrom:
- secretRef:
name: app-config ENV
env:
- name: DB_Password
valueFrom:
SINGLE ENV secretKeyRef:
name: app-secret
key: DB_Password
volumes:
- name: app-secret-volume
secret: VOLUME
secretName: app-secret
Secrets in Pods as Volumes
volumes:
- name: app-secret-volume
secret: VOLUME
secretName: app-secret
ls /opt/app-secret-volumes
DB_Host DB_Password DB_User
cat /opt/app-secret-volumes/DB_Password
paswrd
Kubernetes
Multi-Container
PODs
MONOLITH
MICROSERVICES
MICROSERVICES
MICROSERVICES
MICROSERVICES
LOG Agent
WEB Server
LOG Agent
WEB Server
LOG Agent
WEB Server
Multi-Container PODs
POD POD
Multi-Container PODs
NETWORK
LIFECYCLE
POD
STORAGE
Create pod-definition.yaml
apiVersion: v1
kind: Pod
metadata:
name: simple-webapp
labels:
name: simple-webapp
spec:
containers:
- name: simple-webapp
image: simple-webapp
ports:
- containerPort: 8080
- name: log-agent
image: log-agent
POD