Becoming KCNA Certified by Dmitry Galkin

Becoming KCNA Certified by Dmitry Galkin

Author:Dmitry Galkin
Language: eng
Format: epub
Publisher: Packt
Published: 2023-11-15T00:00:00+00:00


Figure 6.2 – Service abstraction in Kubernetes

Figure 6.2 demonstrates how a Service selects all pods that have an app: nginx label assigned. Those can be pods created by a Deployment as well as any other pods that have the selected label assigned. You can list the labels of objects by adding the --show-labels parameter to kubectl get commands, for example:

NAME READY STATUS RESTARTS AGE LABELS nginx-deployment-with-volume-6775557df5-f6ll7 1/1 Running 0 23h app=nginx,pod-template-hash=6775557df5 nginx-statefulset-0 1/1 Running 0 46m app=nginx,controller-revision-hash=nginx-statefulset-6fbdf55d78,statefulset.kubernetes.io/pod-name=nginx-statefulset-0 nginx-statefulset-1 1/1 Running 0 46m app=nginx,controller-revision-hash=nginx-statefulset-6fbdf55d78,statefulset.kubernetes.io/pod-name=nginx-statefulset-1 nginx-statefulset-2 1/1 Running 0 46m app=nginx,controller-revision-hash=nginx-statefulset-6fbdf55d78,statefulset .kubernetes.io/pod-name=nginx-statefulset-2

See, our nginx deployment pod as well as pods from the nginx-statefulset all have the same app=nginx label because both the Deployment and StatefulSet have it defined in their spec templates:

template: metadata: labels: app: nginx

Now, let’s create a Service that will target all pods with this label. The following is what a simple spec targeting port 80 of selected pods might look like:

apiVersion: v1 kind: Service metadata: name: nginx spec: selector: app: nginx ports: - protocol: TCP port: 80 targetPort: 80

Go on and create the Service:

$ minikube kubectl -- create -f nginx-service.yaml -n kcna service/nginx created $ minikube kubectl -- get service -n kcna NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx ClusterIP 10.105.246.191 <none> 80/TCP 36s

After creation, you should be able to see the endpoints behind the Service that are, in fact, the IPs of running pods with an app=nginx label. Listing endpoints can be done with the kubectl get endpoints command, as follows:

$ minikube kubectl -- get endpoints -n kcna NAME ENDPOINTS AGE nginx 172.17.0.2:80,172.17.0.6:80,172.17.0.7:80 + 1 more... 4m

If we’re now execute inside to one of the Pods again and run curl nginx (the name of the service we created) we should get a reply. Run it a few times (5-10 times) after installing curl into the container:

$ minikube kubectl -- -n kcna exec -it nginx-statefulset-0 -- bash root@nginx-statefulset-0:/# apt update && apt -y install curl … LONG OUTPUT OMITTED … root@nginx-statefulset-0:/# curl nginx Kubernetes Rocks! root@nginx-statefulset-0:/# curl nginx Kubernetes Rocks! root@nginx-statefulset-0:/# curl nginx <html> <head><title>403 Forbidden</title></head> <body bgcolor="white"> <center><h1>403 Forbidden</h1></center> <hr><center>nginx/1.14.2</center> </body> </html>

And we get different replies! One of the four pods that we’re currently running has a custom index.html file that we created earlier in this chapter, while the three others don’t.

What happens is the service we created load balances the requests between all available nginx pod IPs. The Service will also automatically update the list of endpoints if we scale out the number of replicas or if we do the opposite.

Now, let’s see which Service types exist and what they allow you to accomplish:

ClusterIP: This type exposes an application on an internal cluster IP. Only Pods running in the same cluster can reach such a service. This is the default type that gets created unless overridden in the spec.

NodePort: This type exposes the application on the same static port of each node in the cluster. Users will be able to reach the application from outside the cluster by requesting the IP of any node and configured port.



Download



Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Popular ebooks
Kubernetes in Production Best Practices by Aly Saleh & Murat Karslioglu(7328)
Optimizing Microsoft Azure Workloads by Rithin Skaria(6861)
Kubernetes in Production Best Practices by Aly Saleh and Murat Karslioglu(6595)
Cloud Computing Demystified for Aspiring Professionals by David Santana(5720)
Zed Attack Proxy Cookbook by Ryan Soper & Nestor N Torres & Ahmed Almoailu(5165)
Google Cloud for Developers: Write, migrate, and extend your code by leveraging Google Cloud by Hector Parra Martinez(3870)
AWS Observability Handbook by Phani Kumar Lingamallu & Fabio Braga de Oliveira(3491)
Mastering Cyber Intelligence by Jean Nestor M. Dahj;(3317)
The Road to Azure Cost Governance by Paola E. Annis Giuliano Caglio(2835)
Microsoft 365 Fundamentals Guide by Gustavo Moraes and Douglas Romão(2280)
Cloud Identity Patterns and Strategies: Design enterprise cloud identity models with OAuth 2.0 and Azure Active Directory by Giuseppe Di Federico Fabrizio Barcaroli(2075)
Agile Security Operations: Engineering for Agility in Cyber Defense, Detection, and Response by Hinne Hettema(2067)
Bootstrapping Service Mesh Implementations with Istio by Anand Rai(1966)
The Road to Azure Cost Governance: Techniques to tame your monthly Azure bill with a continuous optimization journey for your apps by Paola E. Annis Giuliano Caglio(1294)
Zed Attack Proxy Cookbook: Hacking tactics, techniques, and procedures for testing web applications and APIs by Ryan Soper Nestor N Torres Ahmed Almoailu(1231)
Agile Security Operations: Engineering for agility in cyber defense, detection, and response by Hinne Hettema(1227)
Linux Administration Best Practices: Practical Solutions to Approaching the Design and Management of Linux Systems by Scott Alan Miller(1163)
DevSecOps in Practice with VMware Tanzu: Build, run, and manage secure multi-cloud apps at scale on Kubernetes with the Tanzu portfolio by Parth Pandit Robert Hardt(1112)
Terraform for Google Cloud Essential Guide by Bernd Nordhausen(923)
Becoming KCNA Certified by Dmitry Galkin(916)