Un Esercizio Completo
Progetto
Preparazione
Sulla macchina host:
Scaricare le immagini mongo e mongo-express e porle nel registry locale:
docker pull mongo
docker pull mongo-express
docker tag mongo localhost:5000/mongo
docker push localhost:5000/mongo
docker tag mongo-express localhost:5000/mongo-express
docker push localhost:5000/mongo-express
Avere le immagini nel registry locale velocizza le operazioni di creazione dei pod
1. Deployment del Database mongo
Editare il manifest ~/scripts/mongodb-deployment.yml
vim ~/scripts/mongodb-deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mongodb-deployment
labels:
app: mongodb
spec:
replicas: 1
selector:
matchLabels:
app: mongodb
template:
metadata:
labels:
app: mongodb
spec:
containers:
- name: mongodb
image: localhost:5000/mongo
ports:
- containerPort: 27017
env:
- name: MONGO_INITDB_ROOT_USERNAME
value: username
- name: MONGO_INITDB_ROOT_PASSWORD
value: password
Creare il deployment e verificare:
kubectl create -f ~/scripts/mongodb-deployment.yml
kubectl get pods
NAME READY STATUS RESTARTS AGE
mongodb-deployment-f974c5bdd-b7dc8 1/1 Running 0 41s
kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
mongodb-deployment 1/1 1 1 46s
Non è bello avere username e password in chiaro. Creiamo un file di Secrets
2. Secrets
Stringhe Base64 per username e password:
echo -n 'username' | base64
dXNlcm5hbWU=
echo -n 'password' | base64
cGFzc3dvcmQ=
File di specifiche ~/scripts/mongodb-secret.yml:
vim ~/scripts/mongodb-secret.yml
apiVersion: v1
kind: Secret
metadata:
name: mongodb-secret
type: Opaque
data:
mongo-root-username: dXNlcm5hbWU=
mongo-root-password: cGFzc3dvcmQ=
Creazione del secret:
kubectl apply -f ~/scripts/mongodb-secret.yml
Modifica a ~/scripts/mongodb-deployment.yml:
......
env:
- name: MONGO_INITDB_ROOT_USERNAME
valueFrom:
secretKeyRef:
name: mongodb-secret
key: mongo-root-username
- name: MONGO_INITDB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mongodb-secret
key: mongo-root-password
Applicare i cambiamenti:
kubectl delete -f ~/scripts/mongodb-deployment.yml
kubectl create -f ~/scripts/mongodb-deployment.yml
Non si può fare un apply perchè value e valueFrom non possono esistere simultaneamente
3. Servizio per mongodb
File di manifest ~/scripts/mongodb-service.yml:
vim ~/scripts/mongodb-service.yml
apiVersion: v1
kind: Service
metadata:
name: mongodb-service
spec:
selector:
app: mongodb
ports:
- protocol: TCP
port: 27017
targetPort: 27017
Creare il servizio:
kubectl create -f ~/scripts/mongodb-service.yml
Verificare:
kubectl get services
kubectl describe service mongodb-service
4. Configmap per mongo-express
File di specifiche ~/scripts/mongodb-configmap.yml:
vim ~/scripts/mongodb-configmap.yml
apiVersion: v1
kind: ConfigMap
metadata:
name: mongodb-configmap
data:
database_url: mongodb-service
Creazione del ConfigMap:
kubectl create -f ~/scripts/mongodb-configmap.yml
5. Deployment per mongo-express
File di manifest ~/scripts/mongo-express-deployment.yml:
vim ~/scripts/mongo-express-deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mongo-express-deployment
labels:
app: mongo-express
spec:
replicas: 1
selector:
matchLabels:
app: mongo-express
template:
metadata:
labels:
app: mongo-express
spec:
containers:
- name: mongo-express
image: localhost:5000/mongo-express
ports:
- containerPort: 8081
env:
- name: ME_CONFIG_BASICAUTH_USERNAME
value: admin
- name: ME_CONFIG_BASICAUTH_PASSWORD
value: admin
- name: ME_CONFIG_MONGODB_ADMINUSERNAME
valueFrom:
secretKeyRef:
name: mongodb-secret
key: mongo-root-username
- name: ME_CONFIG_MONGODB_ADMINPASSWORD
valueFrom:
secretKeyRef:
name: mongodb-secret
key: mongo-root-password
- name: ME_CONFIG_MONGODB_SERVER
valueFrom:
configMapKeyRef:
name: mongodb-configmap
key: database_url
Mongodb-express ultima versione è dotato anche di un'autenticazione di accesso Basic, per cui occorrono configurare le due variabili d'ambiente:
- name: ME_CONFIG_BASICAUTH_USERNAME
value: admin
- name: ME_CONFIG_BASICAUTH_PASSWORD
value: admin
Creare il deployment:
kubectl create -f ~/scripts/mongo-express-deployment.yml
6. Servizio per mongo-express
File di definizione ~/scripts/mongo-express-service.yml:
vim ~/scripts/mongo-express-service.yml
apiVersion: v1
kind: Service
metadata:
name: mongo-express-service
spec:
selector:
app: mongo-express
ports:
- protocol: TCP
port: 8081
targetPort: 8081
Creare il servizio:
kubectl create -f ~/scripts/mongo-express-service.yml
Verificare:
kubectl get services
kubectl describe service mongo-express-service
7. Servizio esterno
Editare la configurazione del servizio ~/scripts/mongo-express-service.yml:
vim ~/scripts/mongo-express-service.yml
apiVersion: v1
kind: Service
metadata:
name: mongo-express-service
spec:
selector:
app: mongo-express
type: LoadBalancer
ports:
- protocol: TCP
port: 8081
targetPort: 8081
nodePort: 30000
Applicare i cambiamenti:
kubectl apply -f ~/scripts/mongo-express-service.yml
Accesso al servizio``
Vedere l’indirizzo del servizio:
kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 45m
mongo-express-service LoadBalancer 10.96.193.136 172.18.255.200 8081:30000/TCP 4s
mongodb-service ClusterIP 10.96.237.220 <none> 27017/TCP 16m
Dal browser sullo host connettersi a: 172.18.255.200:8081
Sommario
Il LoadBalancer Metallb è attivo.
Sequenza di comandi per il nostro applicativo:
kubectl create -f ~/scripts/mongodb-secret.yml
kubectl create -f ~/scripts/mongodb-deployment.yml
kubectl create -f ~/scripts/mongodb-service.yml
kubectl create -f ~/scripts/mongodb-configmap.yml
kubectl create -f ~/scripts/mongo-express-deployment.yml
kubectl create -f ~/scripts/mongo-express-service.yml
Conviene creare due procedure shell per il setup e il teardown del nostro applicativo mongo.
vim ~/scripts/mongo-setup.sh
kubectl apply -f ~/scripts/mongodb-secret.yml
kubectl apply -f ~/scripts/mongodb-deployment.yml
kubectl apply -f ~/scripts/mongodb-service.yml
kubectl apply -f ~/scripts/mongodb-configmap.yml
kubectl apply -f ~/scripts/mongo-express-deployment.yml
kubectl apply -f ~/scripts/mongo-express-service.yml
echo "App mongo created"
vim ~/scripts/mongo-teardown.sh
kubectl delete -f ~/scripts/mongo-express-service.yml
kubectl delete -f ~/scripts/mongo-express-deployment.yml
kubectl delete -f ~/scripts/mongodb-configmap.yml
kubectl delete -f ~/scripts/mongodb-service.yml
kubectl delete -f ~/scripts/mongodb-deployment.yml
kubectl delete -f ~/scripts/mongodb-secret.yml
echo "App mongo deleted"
chmod +x ~/scripts/mongo-setup.sh ~/scripts/mongo-teardown.sh