Day 34:- What are Services in K8s?

In Kubernetes (often abbreviated as K8s), services are an abstraction that defines a logical set of pods and a policy by which to access them. Pods in Kubernetes can be dynamic, meaning they can be created and destroyed based on the application's needs. Services provide a stable endpoint (IP address and port) for accessing a set of pods, regardless of the pods' individual IP addresses.

key points about Kubernetes services:

1. Pod Selection: A service selects pods based on labels. Pods that have the specified labels are part of the service.

2. Stable Network Endpoint: A service is assigned a stable IP address and port, which remains the same even if the underlying pods are added or removed. This stable endpoint allows other components within or outside the Kubernetes cluster to reliably communicate with the service.

3. Types of Services:

   • ClusterIP: The default type, which exposes the service on an internal IP in the cluster.

   • NodePort: Exposes the service on a static port on each node's IP.

   • LoadBalancer: Creates an external load balancer in cloud providers, and assigns a unique external IP to the service.

   • ExternalName: Maps the service to the contents of the externalName field, returning a CNAME record with the associated value.

4. Service Discovery: Services provide a way for pods to discover and communicate with each other within the cluster. DNS can be used to discover services, and environment variables can be injected into pods to provide information about the service endpoints.

5. Load Balancing: Services automatically distribute incoming network traffic across all pods that match the service. This ensures that the load is balanced and that applications are highly available.

6. Internal and External Communication: Services can be used for both internal communication within the cluster and external communication with the outside world.

Example of a Kubernetes service YAML definition:

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: MyApp
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8080

Task-1:

• Create a Service for your todo-app Deployment from Day-32

• Create a Service definition for your todo-app Deployment in a YAML file.

• Apply the Service definition to your K8s (minikube) cluster using the kubectl apply -f service.yml -n <namespace-name> command.

• Verify that the Service is working by accessing the todo-app using the Service's IP and Port in your Namespace.

Ans: -

Assuming you have a Deployment YAML file for your todo-app from Day-32, and it looks something like this:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: todo-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: todo
  template:
    metadata:
      labels:
        app: todo
    spec:
      containers:
      - name: todo-app
        image: your-registry/todo-app:latest
        ports:
        - containerPort: 80

Now, let's create a Service definition for your todo-app:

apiVersion: v1
kind: Service
metadata:
  name: todo-app-service
spec:
  selector:
    app: todo
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: ClusterIP

Save this Service definition in a file, for example, service.yml.

Now, apply the Service definition to your Minikube cluster using the following command:

kubectl apply -f service.yml -n todo-app

To verify that the Service is working, you can get the IP address of the service and access the todo-app. You can use the following command to get the service details:

kubectl get service todo-app-service -n todo-app

Day 35:- Mastering ConfigMaps and Secrets in Kubernetes🔒🔑🛡️

What are ConfigMaps and Secrets in k8s?

ConfigMaps and Secrets are Kubernetes resources designed to manage configuration information and sensitive data, respectively, in a declarative manner. They provide a way to decouple configuration and secrets from containerized applications, making it easier to manage, update, and share this information across different environments.

1. ConfigMaps:

   • Purpose: ConfigMaps are used to store non-sensitive configuration data in key-value pairs. This can include configuration files, command-line arguments, environment variables, or any arbitrary data needed by your applications.

   • Example Use Cases:

     • Configuration files for applications.

     • Environment variables for containers.

     • Command-line arguments for containers.

   • Creating a ConfigMap: You can create a ConfigMap using YAML or by using the kubectl create configmap command. Here's an example YAML definition:

       apiVersion: v1
       kind: ConfigMap
       metadata:
         name: my-configmap
       data:
         key1: value1
         key2: value2
     

   • Using ConfigMaps: Pods can consume ConfigMap data either as environment variables or as mounted volumes.

2. Secrets:

   • Purpose: Secrets are similar to ConfigMaps but are specifically designed for sensitive information like passwords, API keys, and other confidential data. Secrets are base64-encoded, but it's important to note that they are not secure encryption; they are just encoded to prevent accidental exposure.

   • Example Use Cases:

     • Database credentials.

     • API keys and tokens.

     • TLS certificates.

   • Creating a Secret: You can create a Secret using YAML or by using the kubectl create secret command. Here's an example YAML definition:

       apiVersion: v1
       kind: Secret
       metadata:
         name: my-secret
       type: Opaque
       data:
         username: base64-encoded-username
         password: base64-encoded-password
     

   • Using Secrets: Similar to ConfigMaps, pods can consume Secret data either as environment variables or as mounted volumes. The data in Secrets is base64-decoded by Kubernetes before being presented to the pod.

It's essential to use caution when working with Secrets and to ensure that sensitive information is handled securely. Additionally, consider using more advanced solutions like Kubernetes Key Management Service (KMS) integrations or external secret management tools for more robust security practices.

Task 2:

• Create a ConfigMap for your Deployment

• Create a ConfigMap for your Deployment using a file or the command line

• Update the deployment.yml file to include the ConfigMap

• Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>

Verify that the ConfigMap has been created by checking the status of the ConfigMaps in your Namespace.

Ans:-

ConfigMap for Environment Variables:

1. Create a ConfigMap YAML file, for example, mysql-configmap.yml:

apiVersion: v1
kind: ConfigMap
metadata:
  name: mysql-config
data:
  MYSQL_DATABASE: mydatabase
  MYSQL_USER: myuser
  MYSQL_PASSWORD: "mypassword"
  MYSQL_ROOT_PASSWORD: "rootpassword"

Secret for Sensitive Information:

Create a Secret YAML file, for example, mysql-secret.yml:

apiVersion: v1
kind: Secret
metadata:
  name: mysql-secret
type: Opaque
data:
  MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk
  MYSQL_PASSWORD: bXlwYXNzd29yZA==

In this example, the values for MYSQL_ROOT_PASSWORD and MYSQL_PASSWORD are base64-encoded. You can use tools like echo -n 'your_password' | base64 to generate these values.

Udate the MySQL Deployment YAML:

1. Update your MySQL Deployment YAML file (mysql-deployment.yml) to include references to the ConfigMap and Secret:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: mysql-deployment
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: mysql
      template:
        metadata:
          labels:
            app: mysql
        spec:
          containers:
          - name: mysql-container
            image: mysql:latest
            envFrom:
            - configMapRef:
                name: mysql-config
            env:
            - name: MYSQL_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mysql-secret
                  key: MYSQL_ROOT_PASSWORD
            - name: MYSQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mysql-secret
                  key: MYSQL_PASSWORD
            ports:
            - containerPort: 3306
   

   In this example, the envFrom field is used to reference the ConfigMap, and individual environment variables are used to reference the Secret. Adjust the container image and other details as needed.

2. Apply the Resources: Apply the ConfigMap, Secret, and Deployment:

    kubectl apply -f mysql-configmap.yml -n mysql
    kubectl apply -f mysql-secret.yml -n mysql
    kubectl apply -f mysql-deployment.yml -n mysql
   

   Replace <namespace-name> with your desired namespace.

3. Verify ConfigMap and Secret: Check that the ConfigMap and Secret have been created:

    kubectl get configmaps,secrets -n mysql
   

Day36:- Managing Persistent Volumes in Your Deployment 💥

What are Persistent Volumes in k8s?

In Kubernetes, Persistent Volumes (PVs) are a way to abstract and represent physical storage resources within a cluster. They provide a mechanism for decoupling the storage implementation details from the pods, allowing for greater flexibility and ease of management. Persistent Volumes are part of the larger storage architecture in Kubernetes, which includes Persistent Volume Claims (PVCs) and Storage Classes.

Example of a Persistent Volume definition in YAML:

apiVersion: v1
kind: PersistentVolume
metadata:
  name: example-pv
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: /data

In this example, the Persistent Volume named "example-pv" has a capacity of 5 gigabytes and uses the hostPath volume type, representing storage on the host machine at the /data path.

Task 3:

Add a Persistent Volume to your Deployment todo app.

• Create a Persistent Volume using a file on your node. Template

• Create a Persistent Volume Claim that references the Persistent Volume. Template

• Update your deployment.yml file to include the Persistent Volume Claim. After Applying pv.yml pvc.yml your deployment file look like this Template

• Apply the updated deployment using the command: kubectl apply -f deployment.yml

• Verify that the Persistent Volume has been added to your Deployment by checking the status of the Pods and Persistent Volumes in your cluster. Use this commands kubectl get pods ,

kubectl get pv

1. Create a Persistent Volume (PV):

Create a file named pv.yml with the following content:

apiVersion: v1
kind: PersistentVolume
metadata:
  name: todo-app-pv
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/tmp/data" # Change this to the path on your actual node

Apply the Persistent Volume to your cluster:

kubectl apply -f pv.yml

1. Create a Persistent Volume Claim (PVC):

Create a file named pvc.yml with the following content:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: todo-app-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi

Apply the Persistent Volume Claim:

kubectl apply -f pvc.yml

1. Update your Deployment YAML (deployment.yml):

Update your deployment.yml file to include the Persistent Volume Claim. Here's a template:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: todo-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: todo
  template:
    metadata:
      labels:
        app: todo
    spec:
      containers:
      - name: todo-app
        image: sumit9730/todo-app:latest
        ports:
        - containerPort: 80
        volumeMounts:
        - name: data
          mountPath: /app
  volumes:
  - name: data
    persistentVolumeClaim:
      claimName: todo-app-pvc

Adjust the container image, volume mount path, and other details as needed.

1. Apply the updated Deployment:

Apply the updated deployment using the following command:

kubectl apply -f deployment.yml

1. Verify the Deployment and Persistent Volumes:

Check the status of the Pods:

kubectl get pods

🙌 Thank you for reading my blog! 🚀 If you found this information helpful, drop a comment and spread the knowledge! 🔍 For more Kubernetes insights and updates, feel free to follow me on:

LinkedIn: Sumit Katkar 🌐

HashNode: Sumit Katkar's Blog 📝

Happy Learning! 🎉