Sunday, February 9, 2020

MicroK8s - deploy sample app

MicroK8s quick start guide 



Get nodes

[dave@localhost ~]$ microk8s.kubectl get nodes

NAME                    STATUS   ROLES    AGE   VERSION

localhost.localdomain   Ready    <none>   24h   v1.17.2

 


Get services

[dave@localhost ~]$ microk8s.kubectl get services

NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE

kubernetes   ClusterIP   10.152.183.1   <none>        443/TCP   24h

 


[dave@localhost ~]$ microk8s.kubectl create deployment kubernetes-bootcamp --image=gcr.io/google-samples/kubernetes-bootcamp:v1

deployment.apps/kubernetes-bootcamp created

 

[dave@localhost ~]$ microk8s.kubectl get pods

NAME                                   READY   STATUS    RESTARTS   AGE

kubernetes-bootcamp-69fbc6f4cf-f2vvk   1/1     Running   0          41s

 

Get deployments

[dave@localhost ~]$ kubectl get deployments

NAME                  READY   UP-TO-DATE   AVAILABLE   AGE

kubernetes-bootcamp   1/1     1            1           7m12s

 


Get pod name

[dave@localhost ~]$ export POD_NAME=$(kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')

[dave@localhost ~]$ echo Name of the Pod: $POD_NAME

Name of the Pod: kubernetes-bootcamp-69fbc6f4cf-f2vvk

 


Describe pods
[dave@localhost ~]$ kubectl describe pods

Name:         kubernetes-bootcamp-69fbc6f4cf-f2vvk

Namespace:    default

Priority:     0

Node:         localhost.localdomain/192.168.0.116

Start Time:   Sun, 09 Feb 2020 08:53:15 +0100

Labels:       app=kubernetes-bootcamp

              pod-template-hash=69fbc6f4cf

Annotations:  <none>

Status:       Running

IP:           10.1.30.34

IPs:

  IP:           10.1.30.34

Controlled By:  ReplicaSet/kubernetes-bootcamp-69fbc6f4cf

Containers:

  kubernetes-bootcamp:

    Container ID:   containerd://e1c171143d299f88fb686f83e2fa2aae1cbe59e14cff53f4f332c2ccc2fb3f2e

    Image:          gcr.io/google-samples/kubernetes-bootcamp:v1

    Image ID:       gcr.io/google-samples/kubernetes-bootcamp@sha256:0d6b8ee63bb57c5f5b6156f446b3bc3b3c143d233037f3a2f00e279c8fcc64af

    Port:           <none>

    Host Port:      <none>

    State:          Running

      Started:      Sun, 09 Feb 2020 08:53:26 +0100

    Ready:          True

    Restart Count:  0

    Environment:    <none>

    Mounts:

      /var/run/secrets/kubernetes.io/serviceaccount from default-token-msp2q (ro)

Conditions:

  Type              Status

  Initialized       True 

  Ready             True 

  ContainersReady   True 

  PodScheduled      True 

Volumes:

  default-token-msp2q:

    Type:        Secret (a volume populated by a Secret)

    SecretName:  default-token-msp2q

    Optional:    false

QoS Class:       BestEffort

Node-Selectors:  <none>

Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s

                 node.kubernetes.io/unreachable:NoExecute for 300s

Events:

  Type    Reason     Age   From                            Message

  ----    ------     ----  ----                            -------

  Normal  Scheduled  11m   default-scheduler               Successfully assigned default/kubernetes-bootcamp-69fbc6f4cf-f2vvk to localhost.localdomain

  Normal  Pulling    11m   kubelet, localhost.localdomain  Pulling image "gcr.io/google-samples/kubernetes-bootcamp:v1"

  Normal  Pulled     11m   kubelet, localhost.localdomain  Successfully pulled image "gcr.io/google-samples/kubernetes-bootcamp:v1"

  Normal  Created    11m   kubelet, localhost.localdomain  Created container kubernetes-bootcamp

  Normal  Started    11m   kubelet, localhost.localdomain  Started container kubernetes-bootcamp

 


Explore introduction https://kubernetes.io/docs/tutorials/kubernetes-basics/explore/explore-intro/

Get logs from pod

[dave@localhost ~]$ kubectl logs $POD_NAME

Kubernetes Bootcamp App Started At: 2020-02-09T07:53:26.300Z | Running On:  kubernetes-bootcamp-69fbc6f4cf-f2vvk 

 
 


Exec commands on pod

[dave@localhost ~]$ kubectl exec $POD_NAME env

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

HOSTNAME=kubernetes-bootcamp-69fbc6f4cf-f2vvk

NPM_CONFIG_LOGLEVEL=info

NODE_VERSION=6.3.1

KUBERNETES_PORT=tcp://10.152.183.1:443

KUBERNETES_PORT_443_TCP=tcp://10.152.183.1:443

KUBERNETES_PORT_443_TCP_PROTO=tcp

KUBERNETES_PORT_443_TCP_PORT=443

KUBERNETES_PORT_443_TCP_ADDR=10.152.183.1

KUBERNETES_SERVICE_HOST=10.152.183.1

KUBERNETES_SERVICE_PORT=443

KUBERNETES_SERVICE_PORT_HTTPS=443

HOME=/root

 


Run bash in pod
[dave@localhost ~]$ kubectl exec -ti $POD_NAME bash

root@kubernetes-bootcamp-69fbc6f4cf-f2vvk:/# cat server.js

var http = require('http');

var requests=0;

var podname= process.env.HOSTNAME;

var startTime;

var host;

var handleRequest = function(request, response) {

  response.setHeader('Content-Type', 'text/plain');

  response.writeHead(200);

  response.write("Hello Kubernetes bootcamp! | Running on: ");

  response.write(host);

  response.end(" | v=1\n");

  console.log("Running On:" ,host, "| Total Requests:", ++requests,"| App Uptime:", (new Date() - startTime)/1000 , "seconds", "| Log Time:",new Date());

}

var www = http.createServer(handleRequest);

www.listen(8080,function () {

    startTime = new Date();;

    host = process.env.HOSTNAME;

    console.log ("Kubernetes Bootcamp App Started At:",startTime, "| Running On: " ,host, "\n" );

});

root@kubernetes-bootcamp-69fbc6f4cf-f2vvk:/# curl localhost:8080

Hello Kubernetes bootcamp! | Running on: kubernetes-bootcamp-69fbc6f4cf-f2vvk | v=1

 





Saturday, February 8, 2020

Install microk8s on Fedora

HOWTO

https://microk8s.io/#get-started


Install snap

https://snapcraft.io/docs/installing-snapd

https://www.cyberciti.biz/faq/install-snapd-on-fedora-linux-system-dnf-command/

[dave@localhost ~]$ sudo dnf install snapd

Fedora Modular 31 - x86_64 - Updates                                                                         40 kB/s |  23 kB     00:00    

Fedora 31 - x86_64 - Updates                                                                                 27 kB/s |  24 kB     00:00    

Fedora 31 - x86_64 - Updates                                                                                416 kB/s | 421 kB     00:01    

Dependencies resolved.

============================================================================================================================================

 Package                             Architecture                 Version                               Repository                     Size

============================================================================================================================================

Installing:

 snapd                               x86_64                       2.42.2-1.fc31                         updates                        16 M

Installing dependencies:

 snap-confine                        x86_64                       2.42.2-1.fc31                         updates                       2.4 M

 snapd-selinux                       noarch                       2.42.2-1.fc31                         updates                       220 k

 
Transaction Summary

============================================================================================================================================

Install  3 Packages

 
Total download size: 18 M

Installed size: 70 M

Is this ok [y/N]: y

Downloading Packages:

(1/3): snapd-selinux-2.42.2-1.fc31.noarch.rpm                                                               912 kB/s | 220 kB     00:00    

(2/3): snap-confine-2.42.2-1.fc31.x86_64.rpm                                                                2.9 MB/s | 2.4 MB     00:00    

(3/3): snapd-2.42.2-1.fc31.x86_64.rpm                                                                       7.9 MB/s |  16 MB     00:02    

--------------------------------------------------------------------------------------------------------------------------------------------

Total                                                                                                       7.3 MB/s |  18 MB     00:02     

Running transaction check

Transaction check succeeded.

Running transaction test

Transaction test succeeded.

Running transaction

  Preparing        :                                                                                                                    1/1 

  Running scriptlet: snapd-selinux-2.42.2-1.fc31.noarch                                                                                 1/3 

  Installing       : snapd-selinux-2.42.2-1.fc31.noarch                                                                                 1/3 

  Running scriptlet: snapd-selinux-2.42.2-1.fc31.noarch                                                                                 1/3 

  Installing       : snap-confine-2.42.2-1.fc31.x86_64                                                                                  2/3 

  Installing       : snapd-2.42.2-1.fc31.x86_64                                                                                         3/3 

  Running scriptlet: snapd-2.42.2-1.fc31.x86_64                                                                                         3/3 

Created symlink /etc/systemd/system/sockets.target.wants/snapd.socket → /usr/lib/systemd/system/snapd.socket.

Created symlink /etc/systemd/user/sockets.target.wants/snapd.session-agent.socket → /usr/lib/systemd/user/snapd.session-agent.socket.

 
  Running scriptlet: snapd-selinux-2.42.2-1.fc31.noarch                                                                                 3/3 

  Running scriptlet: snapd-2.42.2-1.fc31.x86_64                                                                                         3/3 

  Verifying        : snap-confine-2.42.2-1.fc31.x86_64                                                                                  1/3 

  Verifying        : snapd-2.42.2-1.fc31.x86_64                                                                                         2/3 

  Verifying        : snapd-selinux-2.42.2-1.fc31.noarch                                                                                 3/3 

 
Installed:

  snap-confine-2.42.2-1.fc31.x86_64               snapd-2.42.2-1.fc31.x86_64               snapd-selinux-2.42.2-1.fc31.noarch              

 
Complete!

[dave@localhost ~]$ sudo ln -s /var/lib/snapd/snap /snap

[dave@localhost ~]$ ls -l /snap

lrwxrwxrwx. 1 root root 19 Feb  8 07:46 /snap -> /var/lib/snapd/snap

[dave@localhost ~]$ snap version

snap    2.42.2-1.fc31

snapd   unavailable

series  -

 


Start snap service

[dave@localhost ~]$ snap search vlc

error: cannot list snaps: cannot communicate with server: Get http://localhost/v2/find?q=vlc&scope=wide: dial unix /run/snapd.socket: connect: no such file or directory

[dave@localhost ~]$ sudo systemctl start snapd.service

[dave@localhost ~]$ snap search vlc

Name            Version                 Publisher  Notes  Summary

vlc             3.0.8                   videolan✓  -      The ultimate media player

mjpg-streamer   2.0                     ogra       -      UVC webcam streaming tool

audio-recorder  3.0.5+rev1432+pkg-7b07  brlin      -      A free audio-recorder for Linux (EXTREMELY BUGGY)

dav1d           0.5.1-20-g52c7427       videolan✓  -      AV1 decoder from VideoLAN

peerflix        v0.39.0+git1.df28e20    pmagill    -      Streaming torrent client for Node.js

[dave@localhost ~]$ snap search microk8s

Name      Version  Publisher   Notes    Summary

microk8s  v1.17.2  canonical✓  classic  Kubernetes for workstations and appliances

 


Install microk8s


[dave@localhost ~]$ sudo snap install microk8s --classic

2020-02-08T07:51:58+01:00 INFO Waiting for restart...

Warning: /var/lib/snapd/snap/bin was not found in your $PATH. If you've not restarted your session

         since you installed snapd, try doing that. Please see https://forum.snapcraft.io/t/9469

         for more details.

 
microk8s v1.17.2 from Canonical✓ installed

 


List services

[dave@localhost ~]$ snap list

Name      Version    Rev   Tracking  Publisher   Notes

core      16-2.42.5  8268  stable    canonical✓  core

microk8s  v1.17.2    1173  stable    canonical✓  classic

[dave@localhost ~]$ snap services 

Service                             Startup  Current  Notes

microk8s.daemon-apiserver           enabled  active   -

microk8s.daemon-apiserver-kicker    enabled  active   -

microk8s.daemon-cluster-agent       enabled  active   -

microk8s.daemon-containerd          enabled  active   -

microk8s.daemon-controller-manager  enabled  active   -

microk8s.daemon-etcd                enabled  active   -

microk8s.daemon-flanneld            enabled  active   -

microk8s.daemon-kubelet             enabled  active   -

microk8s.daemon-proxy               enabled  active   -

microk8s.daemon-scheduler           enabled  active   -

 


Add /snap/bin into secure path into sudo

[root@localhost ~]# visudo

[root@localhost ~]# grep snap  /etc/sudoers

Defaults    secure_path = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin

 


[dave@localhost ~]$ sudo microk8s.status --wait-ready

[sudo] password for dave: 

microk8s is running

addons:

cilium: disabled

dashboard: disabled

dns: disabled

fluentd: disabled

gpu: disabled

helm3: disabled

helm: disabled

ingress: disabled

istio: disabled

jaeger: disabled

juju: disabled

knative: disabled

kubeflow: disabled

linkerd: disabled

metallb: disabled

metrics-server: disabled

prometheus: disabled

rbac: disabled

registry: disabled

storage: disabled

 


Turn on standard services


[dave@localhost ~]$ sudo microk8s.enable dns dashboard registry

Enabling DNS

Applying manifest

serviceaccount/coredns created

configmap/coredns created

deployment.apps/coredns created

service/kube-dns created

clusterrole.rbac.authorization.k8s.io/coredns created

clusterrolebinding.rbac.authorization.k8s.io/coredns created

Restarting kubelet

DNS is enabled

Applying manifest

serviceaccount/kubernetes-dashboard created

service/kubernetes-dashboard created

secret/kubernetes-dashboard-certs created

secret/kubernetes-dashboard-csrf created

secret/kubernetes-dashboard-key-holder created

configmap/kubernetes-dashboard-settings created

role.rbac.authorization.k8s.io/kubernetes-dashboard created

clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created

rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created

clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created

deployment.apps/kubernetes-dashboard created

service/dashboard-metrics-scraper created

deployment.apps/dashboard-metrics-scraper created

service/monitoring-grafana created

service/monitoring-influxdb created

service/heapster created

deployment.apps/monitoring-influxdb-grafana-v4 created

serviceaccount/heapster created

clusterrolebinding.rbac.authorization.k8s.io/heapster created

configmap/heapster-config created

configmap/eventer-config created

deployment.apps/heapster-v1.5.2 created

 
If RBAC is not enabled access the dashboard using the default token retrieved with:

 
token=$(microk8s.kubectl -n kube-system get secret | grep default-token | cut -d " " -f1)

microk8s.kubectl -n kube-system describe secret $token

 
In an RBAC enabled setup (microk8s.enable RBAC) you need to create a user with restricted

permissions as shown in:

https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md

 
Enabling the private registry

Enabling default storage class

deployment.apps/hostpath-provisioner created

storageclass.storage.k8s.io/microk8s-hostpath created

serviceaccount/microk8s-hostpath created

clusterrole.rbac.authorization.k8s.io/microk8s-hostpath created

clusterrolebinding.rbac.authorization.k8s.io/microk8s-hostpath created

Storage will be available soon

Applying registry manifest

namespace/container-registry created

persistentvolumeclaim/registry-claim created

deployment.apps/registry created

service/registry created

The registry is enabled

 


List services

[dave@localhost ~]$ microk8s.enable --help

Usage: microk8s.enable ADDON...

Enable one or more ADDON included with microk8s

Example: microk8s.enable dns storage

 
Available addons:

 
  cilium

  dashboard

  dns

  fluentd

  gpu

  helm

  helm3

  ingress

  istio

  jaeger

  juju

  knative

  kubeflow

  linkerd

  metallb

  metrics-server

  prometheus

  rbac

  registry

  storage

 

Add user into microk8s group

[dave@localhost ~]$ microk8s.status --wait-ready

Insufficient permissions to access MicroK8s.

You can either try again with sudo or add the user dave to the 'microk8s' group:

 
    sudo usermod -a -G microk8s dave

 
The new group will be available on the user's next login.