Kubernetes Lab📜
Lab Overview📜
In this lab we will interact with our kubernetes cluster by creating a namespace, and a pod. Next will use
kubectl port-forwardto create a network connection from our laptop to the pod running in the cluster.
Kubectl Basics📜
Note
sshuttle is expected to be running in a background
sshuttle -vr bastion --dns 10.10.0.0/16 --ssh-cmd 'ssh -i ~/.ssh/bb-onboarding-attendees.ssh.privatekey'
Add kubectl completion📜
Typing
kubectlgets old, everyone uses a shortcuts published in the kubernetes docsbash-completionpackage should be installed first
echo "source <(kubectl completion bash)" >> ~/.bashrc # add autocomplete permanently to your bash shell.
echo "alias k=kubectl" >> ~/.bashrc
echo "complete -F __start_kubectl k" >> ~/.bashrc
source ~/.bashrc
Now you can use
kinstead of typingkubectland after typing 3-4 letters of the command usetabkey to complete command
Test completion works:k get dep # <----- press tab, the word `deployments.apps` should fill in
Updating Bash on macOS📜
Note
Completion may fail with this error on macOS:
-bash: completion: function `__start_kubectl' not found
This happens because macOS ships with Bash 3.2, and tab completion for kubectl requires a minimum Bash version of 4.1, first released in 2009. If this happens, switch to a new version of Bash:
brew install bash
echo /usr/local/bin/bash | sudo tee -a /etc/shells
chsh -s /usr/local/bin/bash
Then either close your terminal and open a new one, or run
exec /usr/local/bin/bash -ilif you want to stay in your existing terminal.
Creating a Pod📜
-
Now that we have access to the kubernetes cluster let’s deploy something
kubectl create namespace refresher kubectl get namespaces kubectl get ns -
Quick exercise to build some background docker knowledge:
Note
docker.io is an implicit default that gets put in front of images so iahmad/ubi8-nginx-high-port:8.1 is actually docker.io/iahmad/ubi8-nginx-high-port:8.1
Try running in terminal:
docker pull docker.io/iahmad/ubi8-nginx-high-port:8.1
# Downloading...
# Then
docker pull iahmad/ubi8-nginx-high-port:8.1
# ... Image is up to date ...
# (This knowledge will be important for future Open Policy Agent Image Registry Filtering Constraints)
-
Create a folder to work in:
mkdir -p ~/day1refresher cd ~/day1refresher -
Copy and paste the contents into a file
apiVersion: v1 kind: Pod metadata: name: simple-nginx-app namespace: refresher spec: containers: - name: simple-nginx-app image: iahmad/ubi8-nginx-high-port:8.1 ports: - containerPort: 7000 # This correlates to the port in the nginx.confvi pod.yml # Press i for insert mode, then Paste # escape : qw! Enter to save cat pod.yml # Verify the file saved correctly/looks right -
Run the following command to deploy the pod into the cluster
kubectl apply -f pod.yml -
Validate the pod deployed correctly
kubectl get pods -n refresherRECORD your pod-name
-
Open another terminal and run the following command:
kubectl port-forward <your-pod-name> 8080:7000 --namespace=refresher # the 8080:7000 in the command means your laptop's # localhost:8080 --redirects to--> pod's port 7000
Tip
The above command will not return you your terminal prompt, until you ctrl+c
-
In a new terminal window: Use the
curlcommand to reach the following URL from your Laptop:curl localhost:8080
Note
kubectl port-forward will crash after ~1-3 minutes, so if you’re slow on the above command you may need to rerun the port forward
-
Once you’ve been able to hit your application delete your pod
# You can go back to the original terminal that was running the kubectl port-forward command and use Ctrl + C to break out of it. cd ~/day1refresher kubectl delete -f pod.yml
Lab Summary📜
-
You have been able to create a pod that deploys an instance of a nginx container inside your pod.
-
You also used the
kubectl port-forwardcommand, a debug tool, to open a port on your server to a port on the nginx pod in the cluster. -
You then used this tunnel to send a
curlcommand to the pod and validate your pod is up and running, and accepting traffic over this tunnel.