우연치 않게, kubernetes에 대해 다른 분들께 소개할 기회가 생겼다. 이때 시연용으로 사용한 예시 코드들은 다음과 같다.
Workload
Pod
- Create Pod with YAML
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80Use this file to create Pod.
kubectl apply -f nginx-pod.yaml- Basic Commands
# Search Pod
kubectl get pods
# Search detail
kubectl describe pod {pod_name}
# Delete Pod
kubectl delete pod {pod_name}
# Search Log of Pod
kubectl logs {pod_name}
# Execute Pod
kubectl exec -it {pod_name} -- /bin/bashDeployment
- Create Deployment(YAML)
sample.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80Use this file to create deployment
kubectl apply -f nginx-deployment.yaml- Basic Commands
# Search Deployment
kubectl get deployments
# Show details
kubectl describe deployment {deploy_name}
# Scaling
kubectl scale deployment {deploy_name} --replicas=N
# Rollout check
kubectl rollout status deployment/{deploy_name}
# Rollout restart (kill and restart pods)
kubectl rollout restart deployment/{deploy_name}
# 새 이미지에 문제가 있다면, 이전 이미지로 rollback
kubectl rollout undo deployment/{deploy_name}
# Delete Deployment
kubectl delete deployment {deploy_name}Node
Drain
Taint, Toleration
Service
Use service through kubectl
kubectl expose
# 1. Pod를 ClusterIP로 노출하기
kubectl expose pod {pod_name} --port={port_num} --target-port={target_port}
# 2. Deployment를 NodePort로 노출하기
kubectl expose deploy {deploy_name} --type=NodePort --port={port_num}
# 3. ReplicaSet을 LoadBalancer로 노출하기
kubectl expose rs {rs_name} --type=LoadBalancer --name={service_name} --port={port_num} --target-port={target_port} --protocol=TCPOther Basic Commands
# 서비스 조회
kubectl get services
# 상세 정보 조회
kubectl describe services {service_name}
# Delete Service
kubectl delete services {service_name}
# Port-forwarding
kubectl port-forward pod/{pod_name} {external_port}:{internal_port}
ClusterIP
clusterip.yaml
apiVersion: v1
kind: Service
metadata:
name: my-clusterip-service
spec:
type: ClusterIP
selector:
app: myapp
ports:
- protocol: TCP
port: 80
targetPort: 9376NodePort
apiVersion: v1
kind: Service
metadata:
name: my-nodeport-service
spec:
type: NodePort
selector:
app: myapp
ports:
- protocol: TCP
port: 80
targetPort: 9376
nodePort: 30007Ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
spec:
rules:
- host: www.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: myapp-service
port:
number: 80Gateway API
apiVersion: networking.x-k8s.io/v1alpha1
kind: Gateway
metadata:
name: my-gateway
spec:
gatewayClassName: my-gateway-class
listeners:
- protocol: HTTP
port: 80
routes:
kind: HTTPRoute
---
apiVersion: networking.x-k8s.io/v1alpha1
kind: HTTPRoute
metadata:
name: http-route
spec:
gateways:
allow: All
hostnames:
- "www.example.com"
rules:
- matches:
- path:
type: Prefix
value: "/"
forwardTo:
- serviceName: myapp-service
port: 80Storage
Volume(emptyDir, HostPath, nfs)
emptyDir
apiVersion: v1
kind: Pod
metadata:
name: pod-using-emptydir
spec:
containers:
- name: mycontainer
image: nginx
volumeMounts:
- name: cache-volume
mountPath: /cache
volumes:
- name: cache-volume
emptyDir: {}HostPath
apiVersion: v1
kind: Pod
metadata:
name: pod-using-hostpath
spec:
containers:
- name: mycontainer
image: nginx
volumeMounts:
- name: host-volume
mountPath: /data
volumes:
- name: host-volume
hostPath:
path: /data
type: Directorynfs
apiVersion: v1
kind: Pod
metadata:
name: pod-using-nfs
spec:
containers:
- name: mycontainer
image: nginx
volumeMounts:
- name: nfs-volume
mountPath: /data
volumes:
- name: nfs-volume
nfs:
server: nfs-server.local
path: /path/to/dataConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: myconfig
data:
mykey: myvalue
---
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: myfrontend
image: nginx
env:
- name: MYKEY
valueFrom:
configMapKeyRef:
name: myconfig
key: mykeySecret
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
password: cGFzc3dvcmQ= # base64 encoded value
---
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: myfrontend
image: nginx
env:
- name: PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: passwordPV
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mypvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: deployment-using-pvc
spec:
selector:
matchLabels:
app: myapp
replicas: 2
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: mycontainer
image: nginx
volumeMounts:
- name: pvc-volume
mountPath: /data
volumes:
- name: pvc-volume
persistentVolumeClaim:
claimName: mypvcPVC
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mypvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10GiObjects in K8s
Labels
apiVersion: v1
kind: Pod
metadata:
name: labeled-pod
labels:
app: myapp
env: production
spec:
containers:
- name: nginx
image: nginx
위 yaml을 apply하고 k get po -l env=k8s-seminar를 실행해준다.
# 라벨 추가 또는 업데이트
kubectl label pods labeled-pod newlabel=awesome
# 라벨 삭제
kubectl label pods labeled-pod newlabel-Selector
Namespaces
III. Kubernetes 활용법
- 쿠버네티스를 썼을때 할 수 있는 것
- 개발자들이 쿠버네티스를 사용하는 시나리오
IV. More about K8s - Helm
- Istio & gateway
유연한 사고의 데이터 엔지니어입니다