Publish your first Production grade Kubernetes app on Google Cloud
We are going to deploy our first Production grade app using Kubernetes on Google Cloud using KOPS.
The Process is similar for other Cloud Service providers but we are targeting gcloud in this post.
Kubernetes deployment on Gcloud can be done in Multiple ways:
- Using Google Managed Kubernetes Engine.
- Using Kops (Kubernetes Operations).
- Using Kubeadm
and may be more…
Each of approaches has their own Advantages and Dis. We are going with KOPS because it offers larger control over things and we do have a great community support.
Prerequisites:
* Google Cloud SDK.
* Registered domain with Admin Access.
* Google Cloud Account with Owner Access.
Lets get started by installing few utilities:
1. Configure CLI
a) Installing Kubectl
First and foremost requirements is Kubectl.
Kubectl is required to interact with cluster. Activities like create, delete, update cluster resources will be managed by Kubectl.
Install it from here
Verify it on local cli:
$ kubectl version
b) Installing KOPS
We will be using KOPS for managing our cluster on cloud.
Kops is a cluster manager that helps in creating, deleting, maintaining and upgrading highly available Production grade clusters.
Install it from here
Verify it on local cli:
$ kops version
2. Configure Google Cloud
For Next Steps, Google Cloud account with Owner privileges is required.
a) Create a new Project
Choose any project name
$ export PROJECT_ID="hey-world-12345"
$ gcloud config set project hey-world-12345PS: Get Project ID by: $ gcloud projects list
b) Service Account
Create a Service account in ourhey-world project with roleOwnerand export the json key.
$ export GOOGLE_APPLICATION_CREDENTIALS="/home/path-to-key/hey-world-1234-abcd69.json"c) Create a Bucket
Bucket is needed to store state information of cluster. We need to create it manually and pass it during cluster creation.
Create a Bucket and export it in cli locally
$ export KOPS_STATE_STORE="gs://my-very-attractive-bucket/"d) Create DNS Zone
Create new DNS zone and add DNS settings carefully in your registered Domain.
Verify it by:
$ host -t NS subdomain.domain.com$ dig -t NS subdomain.domain.com
In above commands output, you should see your embedded DNS settings.
PS: You can select anything Domain or Sub Domain, Just a matter of choice. :)
3. Pushing Kubernetes on Cloud
Now as we are managing Kubernetes deployments, we need to create cluster up on the gcloud. KOPS does this Job, pretty efficiently
Creating a Cluster
$ kops create cluster \
--name=my-stylish-cluster \
--state=$KOPS_STATE_STORE \
--zones us-central1-a \
--dns-zone=subdomain.domain.com \
--kubernetes-version=1.17.5 \
--yesname: can be any of your choice (prefer subdomain.domain.com)
state: a bucket name we created in 2 c).
zones: Zone where we want our cluster deployments, It can be multiple separated by , . Choose the nearest valid zone.
dns-zone: dns zone we created in 2 d) .
yes: It is used to create actual resources over cloud, without it, its just a dry run.
This should be completed in ~10 Minutes.
Validate Cluster
After Successful completion of all steps it is important to verify whether our all resources are properly created or not.
$ kops validate clusterAfter Completion of above tasks Successfully our Infrastructure on cloud should be ready.
We should have 1 Master Node and 2 sub Nodes.
We should have 3 VM’s rolling, 1 master and 2 Nodes. Check that here https://console.cloud.google.com/compute/instances
Kops will automatically configure our local kubectl to interact with Cloud resources.
CONGRATULATIONS for making this FAAAR .. :)
4. Deploying First App
In this section, we will deploy a simple “Hello World” web app
$ kubectl create -f https://raw.githubusercontent.com/paulbouwer/hello-kubernetes/master/yaml/hello-kubernetes.yamlThis will create a Deployment and a Service
Heading over to EXTERNAL-IP in browser:
5. Joining Domain and web server (Optional)
EXTERNAL-IP exposed in previous step is of LoadBalancer attached to your Nodes where your Service is Deployed.
Check all Instances(nodes) covered by our LoadBalancer here.
Head over to our Domain Registrar, Peek into DNS settings
Add new “A” Record with Loadbalancer IP.
And VOILAAAA!
We are done setting up our first Production grade cluster.
Clearing out (Optional)
If you are deploying for Testing Purposes or Just playing around, prefer deleting all gcloud resources to avoid extra costs.
$ kops get cluster
$ kops delete cluster --name=name_of_my_clusterThis will delete all cluster resources created by Kops. Additionally you can delete entire project by:
$ gcloud projects delete $PROJECT_IDTroubleshooting (Optional):
1. Cluster Not found
error doing DNS lookup for NS records for "subdomain.domain.com": lookup subdomain.domain.com on 127.0.0.1:53: read udp 127.0.0.1:58657->127.0.0.1:53: i/o timeoutQuick Fix: Update/etc/resolve.conf
nameserver 8.8.8.8
2. Error in Creating cluster
If you missed anything in command, like setting gcloud default Project before, or even missed passing out certain params in kops create command, then
$ kops delete cluster --name=subdomain.domain.comDelete the cluster, do any command changes, then recreate.
If you are still facing issues, head over to bucket we created earlier and clear its contents.
3. Unable to access service
By Default gcloud has active firewall rule which blocks external access to instances.
Kubernetes exposes Services in IP range from 30000 - 32767
Add a new Firewall rule in gcloud to allow all traffic in this range
$ gcloud compute firewall-rules create my_custom_rule \
--allow tcp:30000-32767 \
--source-tags=nodes-123f,nodes-awes \
--source-ranges=0.0.0.0/0 \
--description="Manually Exposing Kubernetes Ports to Internet.where ‘source-tags’ are Tags used in Nodes.
We never expose Master node to Internet.
What next..?
Play around. Try various ‘kubectl’ commands.
- Create, Update, Destroy resources via kubectl.
- Try out Port-forwarding to your localhost.
- Create Dashboard for Interactive UI visualization.
- Try mixing different cloud Providers, like deploy a Node on AWS and other on gcloud.
- Try out things on AWS or AZURE.
Possibilities are limitless, So are Learnings.
Catch me on LinkedIn.
