Commit 7413784b authored by Daniele Santoro's avatar Daniele Santoro
Browse files

Release lab lesson 6

parent e705016f
......@@ -21,22 +21,24 @@ like:
- Others
During first exercises you will learn howto create a portable
development environment, then a standard environment will be provided
by us distributing a =Vagrantfile= and a =provisioning script=.
During first exercises you will learn howto create portable
development environments, then standard environment will be provided
by us distributing =Vagrantfiles= and =provisioning scripts=.
As a general rule, if the exercise contains only the =README.org=, you should probably read it and follow the instructions, while if the exercise contains other files other that the =README.org= then you should follow the steps from inside the exercise folder.
* Lab01-20220318
- [[file:e01/][Exercise 01 - Install required tools]]
- [[file:e02/][Exercise 02 - Start and Check your 1st Environment]]
- [[file:e03/][Exercise 03 - Customise and Share the Environment]]
- [[file:e01][Exercise 01 - Install required tools]]
- [[file:e02][Exercise 02 - Start and Check your 1st Environment]]
- [[file:e03][Exercise 03 - Customise and Share the Environment]]
* Lab02-20220408
- [[file:e04/][Exercise 04 - Generate and upload your SSH key]]
- [[file:e05/][Exercise 05 - Setup an SSH tunnel and use it as a socks proxy in a web Browser]]
- [[file:e06/][Exercise 06 - Advanced deployment: Provision with Vagrant and Configure with Ansible]]
- [[file:e07/][Exercise 07 - Deploy a webserver and access the main page via a browser]]
- [[file:e04][Exercise 04 - Generate and upload your SSH key]]
- [[file:e05][Exercise 05 - Setup an SSH tunnel and use it as a socks proxy in a web Browser]]
- [[file:e06][Exercise 06 - Advanced deployment: Provision with Vagrant and Configure with Ansible]]
- [[file:e07][Exercise 07 - Deploy a webserver and access the main page via a browser]]
* Lab03_20220412
- [[file:e08/][Exercise 8 - Create a Vagant VM for Docker]]
- [[file:e09][Exercise 9 - Install and Verify Docker]]
- [[file:e08][Exercise 08 - Create a Vagant VM for Docker]]
- [[file:e09][Exercise 09 - Install and Verify Docker]]
- [[file:e10][Exercise 10 - Hello World with Docker]]
- [[file:e11][Exercise 11 - Build a custom Docker image]]
* Lab04_20220419
......@@ -47,3 +49,10 @@ by us distributing a =Vagrantfile= and a =provisioning script=.
- [[file:e16][Exercise 16 - Run a custom Docker Service with persistency]]
* Lab05_20220422
- [[file:e17][Exercise 17 - Create an OpenStack instance based on DevStack]]
* Lab06_20220426
- [[file:e18][Exercise 18 - Prepare environment for k8s]]
- [[file:e19][Exercise 10 - Install a single-node Kubernetes cluster]]
- [[file:e20][Exercise 20 – Play with our fresh new k8s cluster]]
- [[file:e21][Exercise 21 - Start a single pod using a spec file]]
- [[file:e22][Exercise 22 – Inspect the ReplicaSet]]
- [[file:e23][Exercise 23 - Deployment rollout]]
\ No newline at end of file
......@@ -7,7 +7,6 @@
* Solutions and Instructions
** Start the custom container with a Bind Mount
#+BEGIN_SRC sh
cd e8
docker run -p 8090:80 -d --name cwsp-${USER: -3} -v `pwd`:/usr/share/nginx/html nginx
#+END_SRC
** Browse v1 or v2
......
* Exercise 17 – Create an OpenStack instance based on DevStack
- Time :: 40 minutes
- 40 minutes: /Try by yourself/
- Description :: Install OpenStack using DevStack on a dedicated virtual machine.
* Solutions and Instructions
......@@ -57,7 +56,6 @@ This step could last ~40 minutes
cd devstack
./stack.sh
#+end_src
At the end of the process you should get a message like this:
#+begin_example
=========================
......@@ -88,4 +86,4 @@ The default users are: admin and demo
The password: password
#+end_example
Setup you SSH-based socks proxy and access and access with a browser to =http://10.0.2.15/dashboardg=
Setup you SSH-based socks proxy and access and access with a browser to =http://10.0.2.15/dashboard=
* Exercise 18 - Prepare environment for k8s
- Time :: 15 minutes
- 7 minutes: /Try by yourself/
- 8 minutes: /Check, Verify, Ask/
- Description :: Prepare your environment to host a Kubernetes cluster based on Kind. Requirements are:
- Install Kind
- Download and setup kubectl
- Install kubectl completion
* Solutions and Instructions
/Note: The vagrant VM already installs everything automatically/
** Install Kind
*Please note:* If you are in a group, commands marked with =*= *must* be done by one member only
Move into your $HOME (*)
#+BEGIN_SRC sh
cd
#+END_SRC
Download =kind= binary (*)
#+BEGIN_SRC sh
wget https://github.com/kubernetes-sigs/kind/releases/download/v0.12.0/kind-linux-amd64
#+END_SRC
Move the =kind= binary into your $PATH and make it available on your server (*)
#+BEGIN_SRC sh
sudo mv kind-linux-amd64 /usr/local/bin/kind
#+END_SRC
Add permission for execution of =kind= binary (*)
#+BEGIN_SRC sh
sudo chmod a+x /usr/local/bin/kind
#+END_SRC
Check that =kind= is working on your server
#+BEGIN_SRC sh
kind --help
#+END_SRC
** Downlaod and setup kubectl
*Please note:* If you are in a group, command with =*= *must* be done by one member only
Download the =kubectl= binary (*)
#+BEGIN_SRC sh
KC_REL=v1.23.0
curl -LO https://storage.googleapis.com/kubernetes-release/release/$KC_REL/bin/linux/amd64/kubectl
## To download the latest version:
# curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
#+END_SRC
Make the kubectl binary executable (*)
#+BEGIN_SRC sh
chmod +x ./kubectl
#+END_SRC
Move the binary in to your PATH (*)
#+BEGIN_SRC sh
sudo mv ./kubectl /usr/local/bin/kubectl
#+END_SRC
Test to ensure the version you installed is working fine
#+BEGIN_SRC sh
kubectl version
#+END_SRC
** Install kubectl completion
*Please note:* If you are in a group, command with =*= *must* be done by one member only
Get the =kubectl= completion code and make it persistent
#+BEGIN_SRC sh
kubectl completion bash >> ~/.bashrc
source $HOME/.bashrc
#+END_SRC
* Exercise 19 - Install a single-node Kubernetes cluster
- Time :: 15 minutes
- 5 minutes: /Try by yourself/
- 10 minutes: /Check, Verify, Ask/
- Description :: Create a single-node Kubernetes cluster and perform some interaction with the fresh new cluster.
* Solutions and Instructions
** Install a single node Kuberntes cluster
Using =kind= is as simple as...
#+BEGIN_SRC sh
kind create cluster
#+END_SRC
Your cluster will be called =kind= as default
Note: In the case of a multi-user setup (multiple users ont he same host) use
#+BEGIN_SRC sh
kind create cluster --name $USER
#+END_SRC
In this case the name for your cluster will be =$USER=
** Use your kubectl CLI (client) with or without contexts
Connect the =kubectl= to your new cluster using =contexts= if you have multiple clusters
#+BEGIN_SRC sh
kubectl cluster-info --context kind-$USER
#+END_SRC
or without =contexts= if you have just one cluster
#+begin_src sh
kubectl cluster-info
#+end_src
** Understand how kubectl can connect to a cluster
To access a cluster we use a =kubeconfig= file [[[https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/][ref]]]. Lets have a look at our file
#+BEGIN_SRC sh
cat ~/.kube/config \
| sed "s/client-key-data:.*/client-key-data: XXX/g" \
| sed "s/certificate-authority-data:.*/certificate-authority-data: XXX/g" \
| sed "s/client-certificate-data:.*/client-certificate-data: XXX/g" \
| yq e -PC | cat -n
#+END_SRC
** First interaction with the cluster
Ensure cluster is up and running
#+BEGIN_SRC sh
kubectl cluster-info --context kind-$USER
#+END_SRC
Quick look at the nodes
#+BEGIN_SRC sh
kubectl get nodes --context kind-$USER
#+END_SRC
Quick look at the workload
#+BEGIN_SRC sh
kubectl get pod --context kind-$USER
#+END_SRC
Start some workload using =jpetazzo/clock= or =nginx=
#+BEGIN_SRC sh
kubectl run --image=jpetazzo/clock clock-test --context kind-$USER
kubectl create deploy --image=nginx webserver-test --context kind-$USER
#+END_SRC
Quick look at the workload now
#+BEGIN_SRC sh
kubectl get pod
#+END_SRC
* Exercise 20 - Play with our fresh new k8s cluster
- Time :: 10 minutes
- 3 minutes: /Try by yourself/
- 7 minutes: /Check, Verify, Ask/
- Description :: Play with the fresh new Kubernetes cluster and try to answer the questions. We use =kubectl= CLI to operate on the cluster. See the =kubectl= CLI overview here: [[https://kubernetes.io/docs/reference/kubectl/overview/][https://kubernetes.io/docs/reference/kubectl/overview/]]
1) Practice with =kubectl=
2) List the k8s cluster nodes
3) List the Resources
4) List the Objects
5) List the Workload
6) Start some workload
7) Scale the workload
8) Access the Pod interactively
9) Show environments variables
10) Kill the Pod
11) What is happening? Why we cannot delete those 5 Pods?
* Solutions and Instructions
** Ensure to point your client to your cluster
Each user point by default to its own =~/.kube/config= file, for multiple cluster we will use =contexts=
You can choose to use another =kubeconfig= file by setting the =KUBECONFIG= environment variable, and this should be done each time you open a new terminal. *Only if you do not want to use the default configuration*
#+BEGIN_SRC sh
export KUBECONFIG="$HOME/.kube/config-$USER"
#+END_SRC
** Play with kubeconfig file
Show current context
#+BEGIN_SRC sh
kubectl config current-context
#+END_SRC
Show available clusters
#+BEGIN_SRC sh
kubectl config get-clusters
#+END_SRC
Show =kubeconfig= file (/without manually hide private info.../)
#+BEGIN_SRC sh
kubectl config view
#+END_SRC
** Play with your cluster
1) Practice with =kubectl=
#+BEGIN_SRC sh
kubectl help
kubectl get --help
#+END_SRC
2) List the k8s cluster nodes
#+BEGIN_SRC sh
kubectl get nodes
#+END_SRC
3) List the Resources
#+BEGIN_SRC sh
kubectl api-resources
#+END_SRC
4) List the Objects
#+BEGIN_SRC sh
kubectl get all
#+END_SRC
5) List the Workload
#+BEGIN_SRC sh
kubectl get pod
#+END_SRC
6) Start some workload
#+BEGIN_SRC sh
kubectl run --image=jpetazzo/clock myclock-pod
kubectl create deployment --image=jpetazzo/clock myclock-dep
#+END_SRC
7) Scale the workload
#+BEGIN_SRC sh
kubectl scale deployment myclock-dep --replicas=5
#+END_SRC
8) Access one of those Pod interactively
/Replace =POD_NAME= accordinlgy/
#+BEGIN_SRC sh
kubectl exec –it POD_NAME -- /bin/sh
#+END_SRC
9) Show environments variables
#+BEGIN_SRC sh
env
#+END_SRC
10) Kill the Pod =myclock-pod=
#+BEGIN_SRC sh
kubectl delete pod myclock-pod --wait=false
#+END_SRC
11) Kill the Pod =myclock-dep-*=
#+BEGIN_SRC sh
kubectl delete pod POD_NAME --wait=false
#+END_SRC
12) Questions
1) What is happening? Why we cannot delete those 5 Pods?
/Pods are restart by someone... Who is restarting our Pods?/
2) Can you inspect what is happening on the =ReplicaSet= object with something like =kubectl describe rs ...=?
* Exercise 21 - Start a single pod using a spec file
- Time :: 10 minutes
- 3 minutes: /Try by yourself/
- 7 minutes: /Check, Verify, Ask/
- Description :: Analyze the manifest file describing the Pod resource. Use it to create an object on your Kubernetes cluster. Try to scale object just created and manage objects that are running in your cluster.
* Solutions and Instructions
** Look at the Pod resource
You can look at the Pod resource [[file:clock-pod.yaml][here]]
Or you can look at the file on your VM
#+BEGIN_SRC sh
cat clock-pod.yaml | yq e -PC | cat -n
#+END_SRC
** Start the Pod on your cluster
#+BEGIN_SRC sh
kubectl create -f clock-pod.yaml
#+END_SRC
Alternatively, use an HTTP URL
#+BEGIN_SRC sh
kubectl create -f https://gitlab.fbk.eu/dsantoro/fcc-lab-2022/-/raw/master/e21/clock-pod.yaml
#+END_SRC
** Try to scale the Pod
Pod cannot be scaled...
** Understanding the kubectl commands
Try to guess differences between:
- =kubectl create|apply=
- =kubect run=
The help may come in hand
#+BEGIN_SRC sh
kubectl run --help | head
kubectl create --help | head
kubectl apply --help | head
#+END_SRC
** Manage the resources in your cluster
Look at all resources
#+BEGIN_SRC sh
kubectl get all
#+END_SRC
Delete some of them and see what happen
#+BEGIN_SRC sh
kubectl delete pod clock-test --wait=false
kubectl delete deploy myclock-dep
kubectl get all
kubectl delete deploy webserver-test
#+END_SRC
kind: Pod
apiVersion: v1
metadata:
name: clock
namespace: default
spec:
containers:
- name: clock
image: jpetazzo/clock
\ No newline at end of file
* Exercise 22 - Inspect the ReplicaSet
- Time :: 10 minutes
- 5 minutes: /Try by yourself/
- 5 minutes: /Check, Verify, Ask/
- Description :: Inspect resources of your cluster, try to find relations. Learn how to inspect =spec= and =status= of your manifests and to filter information using =JSON= or =YAML= code processors.
* Solutions and Instructions
** Create a deployment
#+BEGIN_SRC sh
kubectl create deploy myclock --image=jpetazzo/clock --replicas=3
#+END_SRC
** Recap using jq or yq to inspect resources
Using =jq= to inspect =json=
#+BEGIN_SRC
kubectl get deploy myclock -o json | jq -C . | cat -n
#+END_SRC
Using =yq= to inspect =yaml=
#+BEGIN_SRC sh
kubectl get deploy myclock -o yaml | yq e -PC | cat -n
#+END_SRC
** Filter out some information of the resource
Using =jq= to inspect =json=
#+BEGIN_SRC
kubectl get deploy myclock -o json | jq -C .spec | cat -n
kubectl get deploy myclock -o json | jq -C .status | cat -n
#+END_SRC
Using =yq= to inspect =yaml=
#+BEGIN_SRC sh
kubectl get deploy myclock -o yaml | yq e -PC '.spec' - | cat -n
kubectl get deploy myclock -o yaml | yq e -PC '.status' - | cat -n
#+END_SRC
** Look at all Pod and filter
#+BEGIN_SRC sh
kubectl get pod -o json | jq '.items | .[] | .kind, .metadata.name, .metadata.ownerReferences'
#+END_SRC
** Filter the name of the active ReplicaSets
#+BEGIN_SRC sh
kubectl get rs -o json | jq '.items | .[] | .metadata.name'
#+END_SRC
** Compare those names with the following output
#+BEGIN_SRC sh
kubectl get pod
#+END_SRC
** Scale down to a single replica
Lets downscale to just 1 replica
#+BEGIN_SRC sh
kubectl scale deploy myclock --replicas=1
#+END_SRC
* Exercise 23 - Deployment rollout
- Time :: 15 minutes
- 6 minutes: /Try by yourself/
- 9 minutes: /Check, Verify, Ask/
- Description :: Change the image of an existing Deployment and see how the Rolling Update feature comes into play. Inspect the log of the new application version and ensure that the update has been done. finally restore the original version of your application (Deployment).
* Solutions and Instructions
** Ensure to have the correct workload running
List deployments
#+BEGIN_SRC sh
kubectl get deploy -l app=myclock
#+END_SRC
List Pods
#+BEGIN_SRC sh
kubectl get pod -l app=myclock
#+END_SRC
If nothing is present, create a Deployment
#+BEGIN_SRC sh
kubectl create deploy myclock --image=jpetazzo/clock --replicas=1
#+END_SRC
** Open two terminal sessions on your VM
Use =ssh= to access a new terminal session and ensure to use the correct context/cluster.
#+BEGIN_SRC sh
kubectl config current-context
#+END_SRC
** Start to watch the workload on first terminal
#+BEGIN_SRC sh
kubectl get pod -w
#+END_SRC
** Modify the Deployment
Move to the second terminal and modify the container image for the =myclock= Deployment. We are modifying the desired state (=spec= attribute) of the Deployment and this can be done in many ways, we propose two of them:
1) If you *do not know* how to use the =vim= editor
In this case we can get the object source from =kubectl=, use a pattern replace to modify the image and replace the object
#+BEGIN_SRC sh
kubectl get deploy myclock -o yaml | sed 's;jpetazzo/clock;jpetazzo/clock:pacific;g' | kubectl replace -f -
#+END_SRC
2) If you *know* how to use the =vim= editor
In this case we can simply use the editor to modify the image by modifying its =yaml= representation. Pay particular attention to not modify the =yaml= indentation.
#+BEGIN_SRC sh
kubectl edit deploy myclock
#+END_SRC
If you just choose 1), please [[https://vim-adventures.com/][practice]] with =vim= or install an editor of your choice on the VM.
** Look the Rolling Update in action
Look at the first terminal. What is happening to our Pods?
** Explore Deployment versions
#+BEGIN_SRC sh
kubectl rollout history deploy myclock
#+END_SRC
Explore details of a specific version
#+BEGIN_SRC sh
kubectl rollout history deploy myclock --revision=REVISION_NUM
#+END_SRC
Look at the differences across the two revisions
#+BEGIN_SRC sh
sdiff <(kubectl rollout history deploy myclock --revision=2) <(kubectl rollout history deploy myclock --revision=1)
#+END_SRC
** Look at the Replicasets
We have both replicasets still present in the cluster but only one is running and linked to the Deployment
#+BEGIN_SRC sh
kubectl get rs
#+END_SRC
Look at the images
#+BEGIN_SRC sh
kubectl get rs -o wide
#+END_SRC
** Rollback to the original version
#+BEGIN_SRC sh
kubectl rollout undo deployment myclock
#+END_SRC
Or manually by creating another revision
#+BEGIN_SRC sh
kubectl get deploy myclock -o yaml | sed s/clock:pacific/clock/g | kubectl replace -f -
#+END_SRC
---
# File: install-docker.yml
- name: Install the docker package
apt:
pkg:
- docker.io
- name: Install required packages
user:
name: vagrant
groups: "docker"
append: yes
\ No newline at end of file
......@@ -30,4 +30,8 @@
ansible.builtin.lineinfile:
path: /home/vagrant/.bashrc
line: figlet My docker-host
create: yes
\ No newline at end of file
create: yes
# - name: Include tasks for installing docker
# include_tasks:
# file: "install-docker.yml"
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment