Say Bye to Kubectx !
I have been a great fan of kubectx and kubectl which has been a fast way to switch between clusters and namespaces until I came across Docker for Mac 18.02. With the newer Docker for Mac 18.02 RC build, it is just a matter of a “toggle”. Life has become too easy to switch between dev, QA & production environment.
[Updated(2-Feb-2018) : Docker for Mac 18.02.0 CE RC2 build now comes with Kubernetes v1.9.2 for the first time. I upgraded my macOS High Sierra to RC2 build today and it just works flawlessly. Check it out]
New to Kubernetes Namespace Vs Context ?
Generally, software development teams partition their development pipelines into discrete units. These units take various forms in a discrete layout –
Dev >> Testing|QA >> Staging >> Production
The resulting layouts are ideally suited to Kubernetes Namespaces. Each environment or stage in the pipeline becomes a unique namespace.
In Kubernetes terminology, Namespaces are the way to partition a single Kubernetes cluster into multiple virtual clusters. Namespaces are a logical partitioning capability that enable one Kubernetes cluster to be used by multiple users, teams of users, or a single user with multiple applications without concern for undesired interaction. Each user, team of users, or application may exist within its Namespace, isolated from every other user of the cluster and operating as if it were the sole user of the cluster.
A major benefit of applying namespaces to the development cycle is that the naming of software components (e.g. micro-services/endpoints) can be maintained without collision across the different environments. This is due to the isolation of the Kubernetes namespaces. The fact that each namespace is logically discrete allows the development teams to work within an isolated “development” namespace.
Say, you have two clusters, one for development work and one for scratch work. In the development cluster, your frontend developers work in a namespace called frontend, and your storage developers work in a namespace called storage. In your scratch cluster, developers work in the default namespace, or they create auxiliary namespaces as they see fit. Access to the development cluster requires authentication by certificate. Access to the scratch cluster requires authentication by username and password.
Shown below is an example which clearly shows a file config-demo with this content:
apiVersion: v1
kind: Config
preferences: {}
clusters:
- cluster:
name: development
- cluster:
name: scratch
users:
- name: developer
- name: experimenter
contexts:
- context:
name: dev-frontend
- context:
name: dev-storage
- context:
name: exp-scratchAs shown above, a configuration file describes clusters, users, and contexts. Your config-demo file has the framework to describe two clusters, two users, and three contexts.
Under this blog post, I will showcase how to create 3 difference contexts – Google Cloud, Docker for Desktop & Minikube first and then how easy is it to toggle between them under Docker for Mac Platform. Let’s get started –
Pre-requisite:
- Docker For Mac 18.02 RC2 build
- Enable Kubernetes under Preference Pane
Installing Minikube
sysctl -a | grep machdep.cpu.features | grep VMX
Installing Minikube via brew
Ajeets-MacBook-Air:~ ajeetraina$ brew update && brew install kubectl && brew cask install minikube
Starting Minikube
Ajeets-MacBook-Air:~ ajeetraina$ minikube start
Starting local Kubernetes v1.9.0 cluster...
Starting VM...
Downloading Minikube ISO
142.22 MB / 142.22 MB [============================================] 100.00% 0s
Getting VM IP address...
Moving files into cluster...
Downloading localkube binary
162.41 MB / 162.41 MB [============================================] 100.00% 0s
0 B / 65 B [----------------------------------------------------------] 0.00%
65 B / 65 B [======================================================] 100.00% 0sSetting up certs...
Connecting to cluster...
Setting up kubeconfig...
Starting cluster components...
Kubectl is now configured to use the cluster.
Loading cached images from config file.
Viewing Kubernetes context selection pane
By now, you should see Minikube context appear
Verifying it using CLI
Ajeets-MacBook-Air:~ ajeetraina$ kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
docker-for-desktop docker-for-desktop-cluster docker-for-desktop
gce cluster-admin
kubernetes-admin@kubernetes kubernetes kubernetes-admin
* minikube minikube minikube
Viewing Minikube Dashboard
You can just type the below command to bring up qinikube dashboard in a sec.
[simterm]
$minikube dashboard
[/simterm]
Initializing Docker Swarm
Ajeets-MacBook-Air:testenviron ajeetraina$ docker swarm init
Swarm initialized: current node (zfxiqqjpjmwbvhm1ahjwio3s7) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-4vnxn6cbq4gtsjjvaluucncc8m71aexe11dhbm40aoxfqnr7s3-bevjmv2qpklluuhm6ufrfoas2 192.168.65.3:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
Ajeets-MacBook-Air:testenviron ajeetraina$ docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
zfxiqqjpjmwbvhm1ahjwio3s7 * linuxkit-025000000001 Ready Active Leader
Ajeets-MacBook-Air:testenviron ajeetraina$ docker stack deploy -c docker-compose.yml myapp3
Creating network myapp3_default
Creating service myapp3_db1
Creating service myapp3_web1
Ajeets-MacBook-Air:testenviron ajeetraina$ docker stack ls
NAME SERVICES
myapp3 2
Switching the context from Minikube to docker-for-desktop
Ajeets-MacBook-Air:testenviron ajeetraina$ kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
docker-for-desktop docker-for-desktop-cluster docker-for-desktop
gce cluster-admin
kubernetes-admin@kubernetes kubernetes kubernetes-admin
* minikube minikube minikube
Ajeets-MacBook-Air:testenviron ajeetraina$ kubectl config use-context docker-for-desktop
Switched to context "docker-for-desktop".
Verifying through Pane UI
Open up whale icon under D4M and see if the context switched successfully.
Enabling Kubernetes
Go to whale icon > Click on Preference > Click on Kubernetes > Enable Kubernetes > Show Systems Containers
It will take few minutes to get Kubernetes up and running. Expect it to take long time if you are enabling kubernetes for the first time based on your internet speed.
Clone the Repository
$git clone https://github.com/ajeetraina/docker101
Change to the right location
$cd docker101/play-with-kubernetes/examples/stack-deploy-on-mac/
Example-1 : Demonstrating a Simple Web Application
Building the Web Application Stack
$docker stack deploy -c docker-stack1.yml myapp1
Verifying the Stack
$docker stack ls
Verifying using Kubectl
$kubectl get pods
Verifying if the web application is accessible
$curl localhost:8083
Cleaning up the Stack
$docker stack rm myapp`
Example:2 – Demonstrating ReplicaSet
Building the Web Application Stack
$docker stack deploy -c docker-stack2.yml myapp2
Verifying the Stack
$docker stack ls
Verifying using Kubectl
$kubectl get pods
Ajeets-MacBook-Air:testenviron ajeetraina$ kubectl get stacks
NAME AGE
myapp2 22m
Ajeets-MacBook-Air:testenviron ajeetraina$ kubectl get pods
NAME READY STATUS RESTARTS AGE
db1-d977d5f48-l6v9d 1/1 Running 0 22m
db1-d977d5f48-mpd25 1/1 Running 0 22m
web1-6886bb478f-s7mvz 1/1 Running 0 22m
web1-6886bb478f-wh824 1/1 Running 0 22mAdding Context for Google Cloud
Pre-requisites:
- Install google-cloud-sdk on macOS
- Enable Google Cloud Engine API
- Authenticate Your Google Cloud using
gcloud auth
Creating GKE Cluster Node
Ajeets-MacBook-Air:~ ajeetraina$ gcloud container clusters create k8s-lab1 --disk-size 10 --zone asia-east1-a --machine-type n1-standard-2 --num-nodes 3 --scopes compute-rw
WARNING: The behavior of --scopes will change in a future gcloud release: service-control and service-management scopes will no longer be added to what is specified in --scopes. To use these scopes, add them explicitly to --scopes. To use the new behavior, set container/new_scopes_behavior property (gcloud config set container/new_scopes_behavior true).
WARNING: Starting in Kubernetes v1.10, new clusters will no longer get compute-rw and storage-ro scopes added to what is specified in --scopes (though the latter will remain included in the default --scopes). To use these scopes, add them explicitly to --scopes. To use the new behavior, set container/new_scopes_behavior property (gcloud config set container/new_scopes_behavior true).
Creating cluster k8s-lab1...done.
Created [https://container.googleapis.com/v1/projects/spheric-temple-187614/zones/asia-east1-a/clusters/k8s-lab1].
To inspect the contents of your cluster, go to: https://console.cloud.google.com/kubernetes/workload_/gcloud/asia-east1-a/k8s-lab1?project=spheric-temple-187614
kubeconfig entry generated for k8s-lab1.
NAME LOCATION MASTER_VERSION MASTER_IP MACHINE_TYPE NODE_VERSION NUM_NODES STATUS
k8s-lab1 asia-east1-a 1.7.11-gke.1 35.201.215.156 n1-standard-2 1.7.11-gke.1 3 RUNNING
Verify it on Google Cloud
Cluster
Master version
1.7.11-gke.1 Upgrade available
Endpoint
35.201.215.156 Show credentials
Client certificate
Enabled
Kubernetes alpha features
Disabled
Total size
3
Master zone
...
Connecting to Your GKE Cluster
You can connect to your cluster via command-line or using a dashboard too.
Ajeets-MacBook-Air:~ ajeetraina$ gcloud container clusters get-credentials k8s-lab1 --zone asia-east1-a --project spheric-temple-187614
Fetching cluster endpoint and auth data. kubeconfig entry generated for k8s-lab1.
Listing the Nodes
Ajeets-MacBook-Air:~ ajeetraina$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
gke-k8s-lab1-default-pool-042d2598-591g Ready <none> 7m v1.7.11-gke.1
gke-k8s-lab1-default-pool-042d2598-c633 Ready <none> 7m v1.7.11-gke.1
gke-k8s-lab1-default-pool-042d2598-q603 Ready <none> 7m v1.7.11-gke.1Did you find this blog helpful? Feel free to share your experience. Get in touch @ajeetsraina.
If you are looking out for contribution/discussion, join me at Docker Community Slack Channel.
Comments are closed.