Basics - Core Concepts

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 10

Basics and Core Concepts

Basics
Container Evolution
Container Runtime Engine
Docker Basics
Creating application images and tagging
Continuous Integration with Images

Basics

Container Evolution

Containerized App -
What’s inside? - App + Library + Bin
Image - App bundled with Dependencies
Container - Image deployed as Container
Deployment differs based on env - Dev, Staging, Prod
Envs, Configurations(Port, DB), Secrets, Resource limits, etc.

Namespaces & CGroups


Basics and Core Concepts

Namespaces

● Namespaces provide a layer of isolation for containers.


● Each aspect of a container runs in a separate namespace and its
access is limited to that namespace.
● When you run a container, Docker creates a set of namespaces for that
container.
● Namespace makes processes running inside that namespace believe
they have their own instance of that resource.
● A namespace can limit visibility to certain process trees, network
interfaces, user IDs, or filesystem mounts.
Basics and Core Concepts
CGroups

● A control group (cgroup) is a Linux kernel feature that limits an


application to a specific set of resource usage (CPU, memory, disk I/O,
network, and so on)
● Control groups allow Docker Engine to share hardware resources to
containers and optionally enforce limits and constraints.
● For example, you can limit the memory available to a specific container.

Cgroups involve resource metering and limiting:

Memory, CPU, Storage I/O, Network

Docker Lab
#Images and containers
docker pull nginx
=> Pulls latest version, see all versions - https://hub.docker.com/_/nginx?tab=tags
docker run --name nginx -dt -p 80:80 nginx
docker ps
docker stop nginx
docker ps
docker ps -a
docker start nginx
docker ps
docker exec -it nginx /bin/sh
docker rm nginx
Basics and Core Concepts
docker ps -a
docker images
docker rmi nginx
docker images

# Cleanup
## Containers
docker rm $(docker ps -qa)
## Images
docker image prune -a

vi app.js

# Copy the below content and paste it in app.js file


const http = require('http');

const hostname = '0.0.0.0';


const port = 80;

const server = http.createServer((req, res) => {


res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('Hello Docker Chief\n');
});

server.listen(port, hostname, () => {


console.log('Server running at http://%s:%s/', hostname, port);
});

process.on('SIGINT', function() {
console.log('Caught interrupt signal and will exit');
process.exit();
});
# save the file with :wq

vi Dockerfile

# Use an official Node runtime as the parent image


FROM node:6
Basics and Core Concepts
# Set the working directory in the container to /app
WORKDIR /app

# Copy the current directory contents into the container at /app


ADD . /app

# Make the container's port 80 available to the outside world


EXPOSE 80

# Run app.js using node when the container launches


CMD ["node", "app.js"]
# save the file with :wq

Docker Commands
docker build -t node-app:0.1 .
docker images
docker run -p 4000:80 --name my-app -dt node-app:0.1
curl http://localhost:4000
docker logs my-app
docker stop my-app && docker rm my-app
docker run -p 4000:80 --name my-app02 -d node-app:0.1
docker ps
docker logs [container_id]

follow the log's output as the container is running, use the -f option,
docker logs -f [container_id]

examine a container's metadata in Docker by using Docker inspect:


docker inspect [container_id]

docker exec -it my-app02 '/bin/bash'

How do we manage containers in different nodes?


Basics and Core Concepts
Basics and Core Concepts

Core Concepts
Kubernetes Architecture
Master Node initialisation
Worker Nodes initialization - Worker1 & 2
Basic commands of Kubernetes

Kubernetes Architecture
Master
API Server
Scheduler
Controller Manager
Cloud Controller Manager(CCM)
Etcd
Worker
Kubelet <-> Dockerd
Kube-proxy
Pods - Containers - App running
Operator - Access API-Server for k8s calls - Create, Update, Read, Delete resources
K8s client - UI, API, CLI - kubectl
User - App users - Access App deployed in k8s
Basics and Core Concepts

Node View - Many sizes of pods deployed

Set Hostname
Master Node:
sudo hostnamectl set-hostname master.example.com
exec bash
Worker1 Node:
sudo hostnamectl set-hostname worker-node-1.example.com
exec bash
Worker2 Node:
sudo hostnamectl set-hostname worker-node-2.example.com
exec bash

Docker Configuration - Master, Worker1, Worker2


cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
Basics and Core Concepts
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
—------------------------------------------------------------
sudo systemctl enable docker
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo swapoff -a

Do the above steps in Master, Worker1 and Worker2 nodes

Master Node initialisation


sudo kubeadm init

● Copy kubeadm join command

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
cat ~/.kube/config

Install Container Network Interface (CNI)


kubectl apply -f
https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifes
ts/calico.yaml

Verification:
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master.example.com Ready control-plane,master 64m v1.23.4

Worker Nodes initialization - Worker1 & 2


DONT COPY AND PASTE:

sudo kubeadm join <IP>:6443 --token 6v6z4m.qpbdqgshqgbzbz7y \


--discovery-token-ca-cert-hash
sha256:2f7a26f4dfc6ba079c6153ac4ef1741c3b966843177432b0ddd707f62062e70a
Basics and Core Concepts
Note: In case you need to find your unique token, run the command sudo kubeadm token
create --print-join-command

labsuser@master:~$ kubectl get nodes


NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 75m v1.23.4
worker-node-1.example.com Ready <none> 72s v1.23.4
worker-node-2.example.com Ready <none> 52s v1.23.4

Basic commands of Kubernetes


kubectl get nodes
kubectl describe node worker-1

kubectl get pods


kubectl describe pod <pod-name>

kubectl get all


kubectl get all -n kube-system

kubectl get ns
kubectl describe ns kube-system

kubectl get events

kubectl delete pod <pod-name>

kubectl api-resources
kubectl explain pod
kubectl explain pod.spec –recursive

kubectl run nginxpod --image=nginx --port 80


kubectl get pods

kubectl cluster-info
kubectl cluster-info dump > cluster-dump
kubectl get node worker01
kubectl describe node worker01 | less
# Look at Status(should be FALSE), Address, Capacity, and Events

kubectl get namespaces


Kubectl get pods -A
kubectl get pods -n kube-system
# Look into /etc/kubernetes/ - Config, manifests & pki

You might also like