WEBVTT
have an unified view of all participant machines if in case if you're facing any
challenges it will be easy for us to troubleshoot together that's the whole
idea so that if I'm not seeing any busy hands here I will simply proceed to
the next set of topic instead of just asking everyone right it's going
to help us a lot by this way yeah you will see multiple tabs here home
desktop and training room click on this tab and then click on join
training room correct okay first of all yes it it is possible provided for
example my container already has a bash installed in it which means as part of
the image the base libraries that you have chosen you have a bash if not at
this you will have some kind of basic shell so you can get into it and yes it
is possible you can modify any files configuration files but it is not
recommended for production for production it should happen through
config map you need to first modify the config map and then restart the
part so that the restart will pick the latest configurations but for
some urgent fixed purposes you can do it but by all means in kubernetes
it's not recommended because it's completely dynamic with respect to part
anytime kubernetes can kill the part for which you just modified the
configuration and they may create a recreate it may recreate and
replacement part so the best practice is modify the config map restart your
deployment at the part then it will fix the latest configuration but then
nothing will stop you if you are going to get a shell inside and
modify it provided you have root permissions and all those stuff or the
file modification permissions for those file and all the stuff yep welcome
four more minutes to complete this activity
cube CTL config get context one main constraint with respect to
examination is the time so you will really have a limited time to to
solve all the questions that they pose so we need to be really fast when
it comes to executing the commands and so on so on so right so keep that in
mind so for that we need to have these basic commands to be part of our
muscle memory then only we can easily have the commands where to go how to
see all those problems will be kind of easy only during examination but
whether you will be able to do it within the specified time that's what
most of the student fails during the examination time constraint time
constraint so during my hands on time also I will put you in and time
constraint right so that we can do it bit faster last two minutes please to
complete this activity okay that's and good question that's what we are
going to write the part specification using an declarative eml file and
wherein you can you can put specification for more containers
imperatively it's I mean using CLA it's bit complex we are going to
achieve it with an eml file yeah we are we are going to discuss that now
discuss that now right yeah yeah yeah no problem no problem
all right you can stop here because there's already time that we allocated
for that hands on so let's continue on the part topic right part is not it
over so we are yet to discuss many things within the part so what we
did we created a part using an run command and we learned the life
cycle commands right so same if I go back to the command where I created the
part using the run command in general we will submit this is this is
posting this to the API server right kubernetes API server so the cube CTL
is generating an eml file and then it's posting it to this rest API for this
for this command and equivalent eml file is generated so you can actually
write your own eml file putting together all the specifications because
here we are specifying image maybe there are some other flags like name
you can specify there are many configurations that you can specify
but you are limited to provide some configurations via CLA but if you are
going to write an eml file you can actually configure many properties and
then once you are done with your eml file you can apply this
configuration to the cluster on your own okay so for that you can start
start writing the eml file from scratch that is one way but you don't
want to start from scratch and instead you if you have some base you can just
build on top of it yes you can do that all you need to do is to the same
command just include dry run flag I want to dry run this and client and
output me the eml file you cannot put also in JSON file that doesn't going
to make difference output is going to be the same so what it means is you
are requesting the kubectl client to generate the eml file for equivalent for
this commands and then the options that you provided basically kubectl
won't submit this request to the server this will run in the client
side and then the eml will be printed for you so you can copy this and
then put it into your file you can put additional configurations and then
you can apply it on your own for example I can write this output to an
file my first pod dot eml okay so that file already has this contents
right so you can simply open the file and you can do the
modifications whatever you want so this is the place if you want to add
more container then continuous is an array I hope you are all familiar with
the eml formatting right two spaces two spaces two spaces under the label we
have two spaces and then its specifications so same way if it is an
array it will start with I fun so this is first con first entry of the
array you can define one more one more one more one more and each entry
is going to be a specification for each and individual containers right so once
you have the eml file ready and if you want you can make some updates and
after the update you can simply apply to the cluster so in the eml file you
can see API version is the top and the kind is specified as part because
you are going to create a pod resource and some metadata information
about the pod the name the label and then the spec specification and under
the containers your specification for your own container and then some
defaults that it included okay so with this file you can apply this by using
create command and specify the name of the file my first part dot eml that's
it if I press enter this is going to create the part with that one
because this is the first time we are creating the resource we are using
create command if the resource already exists and if you are modifying some
property then you can use apply command there are some properties that
you can modify and apply that will take effect but there are many
properties that if you are modifying you need to delete and recreate that
okay so apply will also create in this case there is no part with the name my
pod is running let's say then it will also do the create okay so let me
delete that part I think I have the part in the same name already no I
the name of the file and the same part that you created earlier with
imperatively okay so defining and creating an part from an from an eml
okay that is number one number two now if you go to the document cka kubernetes
working files just we are going to demonstrate couple of concept with this
with the file in this directory let me open a shell from here
come on
okay a lot better now so now for this demo sake we are going to use one
application this eml file this the eml file similar to what we just created
for our nginx application okay as you can see the kind is part and the name
of the part is card and this time it's based on one one one another
image and it has the specifications name as a card and the port inside
the container is 8080 and the protocol is TCP the name that we are getting
HTTP that doesn't matter even if you are going to keep this that's going to
work but a minimal part configuration as like how we created one for our
engine next right so if we want to apply this we know how to do this
apply the file and if you want to check whether it is created and
running to get parts and the part is running and if you want to access it
you know how to do it kubectl port forward the name of the part any port
number in the host machine and then the port within the container go to
okay yes in a simple react web application that we will use for demo
purposes right fine we deploy this application now on top of this
specification we are going to add more configurations or more specifications
okay the first one that we are going to add is related to health check
health check what it means let's say I have a container and this container is
running my application process and there are a lot of records that are
coming in and your application is processing it and it is sending some
success response back to the callers now here comes one request while
processing this request something went wrong in your application code and then
the application process exited process exited because it is the only process
that is running inside the container or the parent process that is
exited container has nothing to execute so this will also exit
container will also move to exit exist process move to exited state
container most exited state so for scenarios like this platform that is
let's say kubelet kubelet component or the kubernetes will react to it
because container status is exited kubernetes will try to restart restart
the pod or sometime it will try to create a replacement part so basically a
platform is taking an action when if the container is exited okay but the
same scenario it was it was working until a request came and this while
processing this request your application went into some kind of
stalled mode or it went into some kind of deadlock situation so which
the process is not exited because the process is not exited and running the
container status is shown as and running and kubernetes of course won't
take any action because it's already in running state but all the request
that goes after this request it's all getting some kind of error
responses to the user is a surfacing error because this service is no
longer returning any responses all the requests are getting timed out because
one of the previous requests put the application into an some kind of
stalled mode right we really want kubernetes to take an action in this
scenario but kubernetes doesn't care about this scenario because it
refers only the container status it is running the reason why it is show
is running showing running because the process is running the parent
running state but in reality the application is unhealthy it's not in a
position to serve requests so we want kubernetes to take an action if a
scenario like this happens so that's where the concept of health check
comes into picture so what we are going to do instead of relying only
on the container status we are going to take the health check close to
business code which means if this is your application that is exposing many
business endpoints let's say product endpoint search endpoint there are many
business endpoints that this application exposes correct in addition
to that you are going to write your developer will write a code to expose
a endpoint called health and calling this endpoint will simply return and
some sort of success code that's it nothing other than that if if it if
the request made to here then the response will be sent as an 200 okay
as simple as that so what Lewis will do is now while submitting the pod
yaml file Lewis will include a section called liveness probe wherein
he will specify this information here kubernetes this is the endpoint call
this endpoint every 30 seconds and expect a successful response if you are
getting an failure response for three consequent times that is a failure
threshold then consider that this application is unhealthy and consider
that the liveness probe is failed which means if a scenario like this
happens kubernetes already calling your health endpoint every 30 seconds if
a scenario like this happens then for the next 30 30 seconds kubernetes will
get an error response so threshold will meet so that time kubernetes will
understand that okay this particular container is become unhealthy so it
liveness probe fails the action that kubernetes takes is restarting the pod
assuming restart is going to be the fresh start of the application
everything should be work fine should be working fine after the restart
okay so this is the exact scenario where we want to address with the
health check and we are going to configure it as part of your pod
specification with the liveness probe and then you will specify all these
inputs once you specify it kubernetes is going to perform that probe okay so
if I open the file where we have the liveness probe configured okay I
think it will be better if I increase this font size font size okay so the
only new addition is this section compared to the previous yaml file the
new addition is this part live does probe it's for an HTTP endpoint healthy
and periods against is 10 which means every 10 seconds kubernetes is going to
call this endpoint and it will expect an success response and the failure
threshold is 3 which means for the consequent three atoms if kubernetes
receives an failure response from this endpoint then that's the time
it's going to declare or assume that this part is unhealthy okay we have
some timeouts against configurations also which means if the call to the
endpoint timeouts it takes more than one second that is also kubernetes and
failure initial delays again means what's the container spins up it's
going to wait for some five seconds before it starts with that health
check after five seconds every ten seconds it's going to call the
endpoint right so those configurations right so now you can see this in
action also let's say I'm going to delete the part that I created
earlier because the part that I'm going to create now it's with the
same name one two card board health cube CTL get parts you can see this
so now I'm going to do the port forward to access the application let me
refresh this okay we're already here just to demonstrate we are going to
simulate the scenario if liveness profiles how kubernetes is going to
act on that scenario right so let's say kubernetes is already calling this
application in this healthy endpoint every ten seconds right every ten
second if it calls this application is printing it in on a table okay you can
see already it's called and this application cell sent 200 response back
to the kubernetes right now we are going to intentionally send and
failure response to kubernetes fail for next three calls because three is
threshold that we set so if I click on three then we are going to send five
hundred and for the next call again an error code or a failure code the
third time it's going to send the threshold will hit and it's going to
be restarted okay as you can see already the part is restarted it's
waiting for the initial delay second of five and after that you will see again
the call happen from kubernetes it's going to continue for every ten
seconds so in this case if we simulated this behavior where the call
to the health endpoint failed let's say if this happened if all the
business endpoints are not accessible then the kubernetes will also be won't
be able to access the health endpoint also so which means we are taking that
liveness check near to your application code instead of relying
only on the container status or the process status we are taking it near to
the app code so that's the whole logic right so if I go back here you
can even see those informations in the describe command if I do keeps it
in get parts you can see the part is already restarted one time because it
liveness probe if you want to see those information you can look at the
event section
I think this is the card part right or the my part okay so here you can see
liveness probe failed with the status code 500 warning unhealthy and then the
part is restarted
okay so liveness profile sorry started so the learning from here is what is
liveness probe and why we need liveness probe this concept explains
that how to configure it you already seen an aml file if the liveness
probe fails the action is restarted that's it no complex access just a plain
restart of the container okay so this liveness probe as you can see here
from our application we exposed an API slash health endpoint isn't it what if
your application is an is an is not an API it's some kind of worker process
that doesn't exposes any API for those purposes we have different options
under the liveness probe we have HTTP probe that is the one that we just
seen we will expose an endpoint we also have TCP probe and we also have
TCP means you are going to probe to and specific port number as long as the
port is reachable it will be healthy healthy healthy port is not reachable
then it is an it will hit the unhealthy scenario exact probe means
you want to execute some command and that command execution should return
a success or failure code let's say 0 is a success code minus 1 is a
failure code after execution of the command every 10 seconds as long as you
the success code then healthy if it is a failure code then unhealthy right
so you will go for using this kind of probes where exposing an HTTP rest
API endpoint is not possible okay so you can see here this is using an
exact probe basically what this is going to do every five second it's
going to open this file temp healthy okay so as part of this file this is
creating that file and then slips for 30 seconds and then remove that file
sleep for five minutes right if you try this you can see also if it is not
able to find the file then it's going to be the failure scenario cat temp
health returns and failure code then the pod will be restarted as long as if
it is able to find the file then the thing will happen which means
application is healthy so a simple command so this is purely depends your
application team should know when we should tell that application is
unhealthy when we should tell that it is healthy based on that they are
going to write some exact commands here okay that is the exact probe this
is something that we just seen that is HTTP probe and the last one is TCP probe
will just specify the port number okay so which means the cubelet will
attempt to open a socket to your container on the specified part if if
it can establish a connection then they can consider containers healthy if
not consider the container is unhealthy okay three types based on the
application you can configure HTTP probe exact probe or TCP probe okay so this
is for liveness probe and if the linus probe phase the action is restarting
the container so similar to liveness probe we have one more called
readiness this serves a different purpose what is the purpose let's say
deploying nginx with five replicas five replicas which means five parts will be
running and here you have one another service that wants to call nginx
application your application my nginx application so which means you have
five instances the request needs to be load balanced to one of these five
so that one part will process it and send the response back to the
isn't it so for that we are going to create services resource in kubernetes
that we will discuss in a moment and this is the one that's going to load
balance to one of these five so in the readiness probe you are going to
specify the same config similar configuration as how we will specify
by linus probe maybe we will expose an endpoint called ready and you will
specify every 10 seconds that should be executed so based on that let's say
this container passes the readiness probe then this will be set to ready
ready state in this process ready state ready state ready state let's say
if this fails readiness probe it will be set to not ready state so by
the time when a request comes in this service component will consider only
the replicas that are in ready state that is one two three four and then
it will load balance to only these four this will simply be excluded because it
failed the readiness probe because it failed it is in not ready state so it
won't be considered for the load balancing maybe after a moment it will
turn to the next next calls it it may succeed it will success succeed the
readiness probe so that time another request comes in this time this will
also be considered because it's already transitioned to ready state okay so you
can have some kind of logic here to determine when your application is
ready maybe it's still processing the previous request or you don't have
enough sufficient thread pool to process the request so you may want
to fail the readiness probe so that you won't get any new request process
the one that that are already in in it and then once you complete it
then maybe the readiness probe will succeed and then it will get more
requests so when a liveness probe fails that is for a different case and a
part will be restarted if a readiness probe fails it just that that part
won't be considered for load balancing that's it once it transition to ready
it will be considered okay so that's what you can see under the readiness
probe I can show it yeah this one the same for the readiness also you can
specify the exact HTTP probe here it is an exact proof configured similar to
the liveness probe okay the only difference is instead of liveness you
are using the readiness so in our example if you go to the maybe the
you can see the readiness probe here same configuration is just that we are
calling another endpoint this may have a logic to tell whether their
application is in a position to accept the request new request or is
it still busy with processing the existing request good thing is for the
both liveness and readiness probe already the framework there are
some libraries that will take care of exposing these endpoints that will
determine or that will take care of exposing the endpoints with the
logics to say whether ready or not ready or your developer can take more
control and they can write their own logic by implementing this endpoint
okay but by all means now we are clear with this two probes and the purpose
of it and what will happen if these profiles any questions so far on this
any question or is it clear okay good so before trying the hands-on for
that part so in the in the in the simple part specification now we learned
how to add the two probes that is readiness and liveness probe now for
the same part specification we are going to add few more configurations
which are very very important right one is let's say I have Lewis and let's say
he is a beginner or he is a trainee he wrote on application and he deployed
the application into the kubernetes cluster have three nodes n1 n2 and
n3 and his application is running somewhere here in the node 1 and as
administrator hemos is already watching this application and he founds out that
this application has some a problem which means before an hour it was
using 0.5 CPU and 256 MB of memory now this application is using 1 CPU and
512 MB of memory and over the period it seems it's it started to use more
resources even though this application is sitting idle or it's receiving or
processing only few requests but then it keeps consuming more resources but
then it never releases the resources back to the pool once it's done with
the processing which means this application has some serious memory
leak issues and it's not releasing the resources so which means over the
period this guy may eat all the resources leaving all other containers
or parts to stow for the resources this was starving right so clearly as
administrator I don't want this scenario to happen if something seems
to happen like this then I want kubernetes to take some action so for
that you need to educate the kubernetes with some informations while
submitting the part specification you need to provide some information to
kubernetes ok what kind of information you need to provide resource
information resource limits you need to set the limits for CPU and then the
memory as a developer of this application you must know because you
must thoroughly performance test load test your application and then you
need to benchmark and come up with the values for CPU and memory limit maximum
CPU and memory your application will continue because you already load
tested performance tested and you should benchmark that value let's say
my application won't consume more than 1.5 CPU and memory more than 516 MB
let's say this is the limit you need to put it in the part
specification and if you apply to the kubernetes now kubernetes has this
information and it's going to keep an eye on your container so if your
container starts to consume more than what is specified on the limit then
kubernetes will decide that there is something going wrong with this guy
and kubernetes will take an action the action can be in restart or
sometimes it will delete and it will create a replacement container okay so
you will never get into a scenario of this guy eating all the resources
leaving others starving for the resources that is the limit resource
limit maximum so this is the case with Lewis who is a beginner he did
something and he ended up getting this advice from the Hermos who is the
cluster administrator and now he had deployed the application with this
input all good Hermos is happy Lewis is happy now we have another case
this time we have we have Jasper and what he did this he is an expert and
he wrote some kind of machine learning algorithm and he want to run the
application in the cluster node 1 node 2 and node 3 and he submits the
request and the application the container or the part scheduled to run
in the node 1 but then this part is not starting up it's still not showing
running status it's in some error status and upon analysis Jasper found
out that for this container to start up and work it minimum requires 0.5
CPU and 256 MB of memory but then in this node you don't have that
resource let's say you have only 100 MB of memory or you don't have you have
only point to CPU okay so which means and this particular application has
some minimum resource requirement for it to work minimum resource
requirement both on CPU and memory that how kubernetes will know there is
no way that kubernetes will know that unless you provide that
information to kubernetes as a developer you should know it and you
provide that information to kubernetes so that while scheduling scheduler will
consider that while scheduling scheduler will look into your part
specification and it will understand that okay this is the minimum
requirement and it won't consider the n1 because n1 doesn't have that
resource so maybe it will consider the end to entry that will have
enough resources to to run that container okay so that is the
minimum resource requirement that that that is required for your application
to work so that you can specify it under resource request CPU limit 0.5
CPU 256 MB of memory so resource requests resource limits now you know
why we need those two so here you can see resource request and resource
limit okay so as I mentioned this is an time-consuming activity you need to
perform developers need to perform load balancing and then they need to
load testing performance testing and they need to come up with these
values but then if you are running the applications on the cloud we have
something called VPA vertical part auto scale what it means if you
configure VPA for your application part then the VPA will observe the CPU and
memory utilization of your of your application container it will observe
the values past values and it will recommend the request and limit for
CPU and memory this VPA component will recommend what to put here instead of
you are performing a manual benchmarking activity it will observe
your application over a period of time and based on that hey just set this to
this this to this this to this value limits and requests it also provides
an capability where it can automatically set the values also it
can it can recommend and if you needed you can update it if you configure it
bit more then this VPA will automatically set the request and
limits for both CPU and memory time to time both options are possible with
VPA why I need to do this because it's very important for you to
right size your application you need to right size your application it
shouldn't be it should have enough resources for it to work and it
didn't be eating more resources than what it is required for it right so we
need to right size the application right size our application in the
cluster that is more important okay so every specifications that are submitted
to the cluster you can demand or you can mandate their applications team
to have this information if not you can simply reject the request as a
admission controller layer level where you can simply reject the request that
comes to the cluster without resource request and limits okay and you can
even automate this if you are in the cloud you can make use of VPA where in
it will recommend or you can configure it in such a way it will
automatically set the values how it does it it has access to the matrix
of your application based on that based on the historical values it
okay I hope it is clear please let me know if you have any questions before we
go for a lunch break I'm going to stop here if you have any questions I will
address it if no then we can go for a lunch break okay after the lunch
break I will give some time for you to try this no worries is it clear so
any questions perfect vertical part of scaling up all right time is now 12 20
so let's take a 45 minutes lunch break and be back by 1 5 p.m. thank you thank
you for listening
welcome back welcome back please raise your hands in the teams if you are
back to a desk just a quick attendance check okay since we are ready to okay
perfect perfect good we got everyone back I hope you had an great lunch
time so now it's time to continue our discussion right so I'm going to
increase the pace of the course a little bit faster right so fine so what
we completed before the lunch break is we know we now know how to create
and part using and declarative ml5 creating and part from ml and we
also learned a couple of probes we have different ways to implement it one is
using HTTP I think I'm using a wrong pen it should be the pen from me know
under the parts we learned how to create it with an email under the
probes we covered different types that is HTTP probe exact probe TCP probe
there are two different probes that we discussed one is liveness second one is
readiness if liveness probe fails action is restart if readiness probe
fails action is don't consider that specific part for load balancing right
and then from the resources perspective we learn the importance of
both limit and request this applies for both CPU and memory and in align with
that we also learned vertical part auto scaling right to automatically set
values for this or get a recommendation for for the values to be
set on this limit and request correct so these are all the things
that we discussed just before our lunch break right so there are a couple of
other configurations let's talk about that and then I will give some time
for the hands-on so that you can try it all once in one single example
right so we know we create an container from the images we have
images this access and template which means if you create a container this is
going to get its own file system which means every container will have
its own file system if you have container to it has its own file
system isn't it so let's say we have velocity and she tried to spin up a
for customer database so she choose and postgres image and she is running and
container are a part based on the postgres image and it's running a
database and there are many applications that are writing or
reading the data from this database so this postgres process is going to
all the data in its file system let's say we have a directory called data
within the container in a specific folder data you have all those
millions customer records information about the customers let's say and this
is working fine what happens is here we have hair moves and he is an
so what he does is he simply deletes this container let's say mistakenly he
deleted it so the moment when he deleted the container there is no undo
for that which means if you delete a container then the file system
associated with the container it all will also get deleted which means
you will lose all those million customer records that were in the data
folder because you deleted the container it goes to any country doesn't need
to be a database let's say you have an in backend API that generates some
kind of XML file in a directory for every requested process and if it is
going to store all those data in this XML directory then if someone
deletes the container you will lose everything that is there in the
right so clearly this is not the scenario that we want to face
basically here the requirement is I have something inside the container
that I want to possess outside of container lifecycle even if the
container is deleted I want the data in this directories to be safe okay
so that is the use case for volumes that's the use case for volumes this is
the problem that volume concept tries to address so the idea here is simple
you have your velocities postgres container and all the data is returned
to the data directory this is the directory you want to possess so what
I can do is I can choose any location remote location or a local location
let's say this postgres is running in an host machine host one I can choose a
path from the host machine let's say there is a path called lax or there is
a network file share I have a directory here or I have a GC
persistent disk some some some storage from a cloud or I have azure this
it can be anywhere so what you can do is you can mount this folders or this
directories are these volumes you can create a volume in an in an host
machine path or you can create a volume in an azure disk or you can create a
volume in a GC persistent disk or create a volume in a network file
share once the volume is created then you can mount that volume to an
specific location inside the container so let's say here I am mounting this
host machine path to the data directory within the container so which means
whatever the process writes to the data directory it's actually getting
stored in the lax directory in the host machine so which means if this
container is deleted the data is still safe in the lax directory okay
so that I can spin one more new container with the same volume mapping
so that the new container can see all the data that is left by the previous
container okay so by this way we are persisting something outside of
container lifecycle it can be one directly or you may have multiple
directories that you want to purchase this directory to an NFS this
doesn't matter based on your requirement you are going to store it in some some
remote data center or in cloud storage okay so now we know the use case for
volume and then the problem it addresses correct how to specify that
volume in your part specification that is our next question in the part
you have multiple containers at the container level you are going to
specify all this liveness probe resource request limits even the volumes okay so
using the volumes is a two-step process first step is you need to define the
volume and I say define you are going to give a name to the volume and then
you need to specify the target destination or location where you want
to create the volume in the host part RNN cloud provider storages so
that type provider type you need to specify right once the volume is
defined you need to mount the volume inside the container okay so how to do
that the step number one is defining the volume isn't it so in the same
intention as containers you can see we define the volume the name of the
volume and then where you are going to create the volume in a network
file share this is the server name this is the part in that NFS you can
even provide more configurations like how much space you want to block and so
on so details but keeping it simple this is how it's going to be in a
network file share you are going to create a volume with the name as an
core data remaining properties are defaults that's going to get applied
right so step one is defining defining the volume and step two is
mounting this volume inside the container path or a directory so that
you can see it under container specification under containers we have
volume mounts and here you are specifying the name of the volume and
then the mount path this is the path inside this container that is in this
data directory it will get mounted with this volume so which means whatever
the application writes to the data directory it will go all the way to
this network file share export directory okay defining the volume is
part one and using or mounting that volume to a path inside the
using volume mounts is the step number two okay so later on day two we are
going to see how we are going to refactor this logic to move to
persistent volume and persistent volume claims what is the what is the
problem or the challenge with this way of defining the volume compared to
using PV and PVC right but pretty much this does the job using volume and
okay so if you look at and production grade what specification these are all
the things that you will always see one is the the image specifications the
application specific things and then resource request and limits liveness
probe readiness probe volume mounts we are yet to see secret mass and
you will also see many specifications related to injecting some
configurations right that's it so this is for the NFS I don't think I have a
server with this name you can also replace it with the host path let's
say you want to mount a path from a host machine then there is one type
called host path and then to the type you are going to specify the path in the
host machine let me open this file yep as you can see here it uses and type
as an host path the path in the host machine and then mounting that volume
to the data directory okay there are many supported storage provided types
that again we will discuss while we talk about persistent volumes right but
now we are clear with the workflow what it all takes to create a volume and
then mount it inside a folder okay so with this we now know in addition to
this resource request and limit what it all takes to configure the
volumes defining the volume and then mounting that volume inside a container
those two steps okay please feel free to stop if you have any questions so
now I think now we are getting more clarity on what all the things that
we can do at the pod level itself isn't it so if you still remember I
mentioned about multi container part there are some use cases for
multi container part so let me talk about a bit here right so the first
scenario that I'm going to talk about is unit containers this is there to
serve a specific purpose for example this is your main container a
container that runs your business application and we will also run one
or more unit containers the purpose of the unit container is as the names
it's for executing some initialization logics or in other terms setting the
stage for the main container to run so based on your application you may have
some complex initialization logic like mounting and volume or creating
checking some dependencies there are a lot of initialization logic that you
want to check so instead of having those initialization logic as part of
main container you can have it in the unit containers you can have one or more
unit containers and for the containers we define like containers and
then we define the first container right similarly for the unit
containers we have and separate attribute like the same indentation as
continuous you will defend any containers and you will give the first
unit container second unit container third unit container like this so it's
not like you will put it here that's that's that's meant for different pattern
that we are going to discuss like sidecar you will run it but in it
containers it has its own life cycle which means if you have it in it
container defined it will execute in the same order that you defined here
one by one first this container will execute it will run to its entirety
and then it should exit with an success code completely it should execute
successfully maybe it has some set of commands to execute and then the
second unit continuous but must execute successfully third unit
container must execute successfully if all the unit containers completed
basically is going to have some short lived set of commands to perform if
it all successfully executed that's the time the main container will start
because the stage is ready now the hero can enter right so if it's one of the
initialization container fails then the entire part will be restarted again
from first container second category third category execute so that's the
behavior of unit containers let me include this links in the etherpad so
that it will be easy for you to refer in it containers eight containers
always runs to completion each unit container must complete successfully
before the next one starts and this unit containers it doesn't support
liveness probe readiness probe bar so on so because it's it's not the long
running process this is that to just set the stage for the main guy and
the way to define it as you can see here as like containers we have any
section this application has two unit containers and here it you can see
here it checks whether the my service my service is already available in the
cluster so it's going to wait it's just checking one of the dependent
service is already up and running or not this is checking for the database
this is checking for a service if it is already available then this will
succeed this will succeed then the main container will start maybe the
main container is as part of his initialization logic it may want to
communicate with my service and my DB so if these two are not up then if it
spins up it may fail so in this case they are using the unit containers to
make sure those two services are available and then it does right so
this happens only during the startup time once unit containers are
executed and started up and the main category started up then it
won't execute again maybe in the next to start it will execute okay so which
means after main container is up and running if the my service container
goes down then this this this is not responsible for that okay I think you
got that idea right so this is just for the initialization logic as
okay so I also mentioned about sidecar patterns right car sidecar cycle that
is the given as documentation okay that's fine I can explain it from here
so this is one case for multi-container part other cases in the
containers array you are going to define the first container and then the
second container here there is nothing like an order like this should execute
and this should execute both will run parallel this is going to be a long
running process this is also going to be a long running process this is the
specification for main container this is the specification for a sidecar
and this is here to provide some helper functionality one of the
functionalities you have a main container and you have let's say and
logging back in and your application is generating a logs in an ABC format
but you are logging back and expects the log in an XYZ format so what I
can do is I can run a sidecar maybe the main application is writing to an
volume and this sidecar can read the log from the volume transform the
ABC format to XYZ format and it can even forward the log to the logging
packet so in this case this sidecar does two operation one transforming the
logging from ABC to XYZ format and then forwarding the log to the logging
packet so this is just one helper functionality so in this case what
does is an adapter pattern so this is an adapter sidecar because the target
system experts in a different format the source generates in a different
format so this access and kind of adapter between these two okay one case
where we will use the sidecar and there is another case let's say the
same main I have and here I have an external and web service from my
party vendor and dealing with the external web service which means there
is a separate authentication mechanism if service is not available retry
patterns circuit breaker patterns and implementing some kind of fallback
mechanisms there are a lot of things that I need to handle at the main
container to call this service and working with this external service so
instead of having all those logics in the main container how about creating
an sidecar and offloading all the responsibilities to here so that as a
main container I will simply call it as an local host as like any local
method I will call this method and this is going to take care of dealing
with this external service all the authentication retry circuit breaker
logic it's all resides here so in this case this is kind of acts as an
proxy this sidecar acts as a proxy for this external web service so this
pattern we call it as an ambassador pattern this is also providing a
helper functionality but the cases are different for these two scenarios
okay and always keep in mind that if you are going to schedule a part let
say velocity she is going to schedule a part with two containers or
containers one main and two sidecar and in the kubernetes cluster if if this
part is scheduled to run in a node number two then all the containers
will run in the same node only that is the characteristics of part right
because all these containers can reach to one another via IPC inter process
communication which means as can call this as an local host and then hit
the port number dish to it this can call this as a local host right so
which means all the containers in that part will always land in the same
node it not like see one will run here see two will run here see three
will run here that is not the case all the containers within the part
specification will always land in the same node okay just keep that in
mind all right so fit these discussions are part topic comes to an end we deep
dived into the part we we learned the part lifecycle commands different things
that will be there in the part specification and then the use cases
for multi-container parts with this I am going to give a quick pass you can
directly try the 1 6 part fully aml file that has all the concepts in it
you can try it or you can spend some time to go through the specifications go
through the documentations I'm going to give you here a 10 to 15 minutes let's
say after that you will move to the next resource that is replica set and
deployments is this clear guys are you good with the pace is it all
clear I need few confirmations please okay thank you please okay go ahead
please
on 2022-11-21
language: EN
WEBVTT
If you are disconnected from the training room, please feel free to join back.
Okay, so it can be because in the volume we are using an NFS referring NFS server,
but this NFS server doesn't exist, so it's an valid error.
It tries to mount the volume, but then it's unable to reach the NFS server, right?
So I would recommend you to replace this with host path.
Maybe if you go to 1.5 pot volume ML, replace the NFS with the host path
because it's available anyways in the host machine.
Welcome.
Jury, what you are trying to test is a valid thing, but the host is not your Ubuntu machine.
The host is the Minikube machine.
So you need to SSH to the Minikube.
Can you type Minikube?
Yeah, Minikube SSH and you will see that.
Okay, okay, perfect.
Minikube SSH.
Welcome to come out.
You can just type logout, that will do.
Last four minutes to complete this activity.
Okay, sure.
So port forward.
Okay, the port number within this container is 8080.
We used 80 for Nginx, but for this custom application, it is exposed in port number 8080.
8080 colon 8080.
I mean, you specified it as 80, right?
80.
So this part.
You see my screen, right?
Okay, so let me explain it here.
You specify it as an 80 colon 80.
So this is the port inside the container.
But for our custom application, it is exposed in 8080.
So if you correct it, then it will do.
No, no, it can be the same way in the card application that web application is accessible in the port 8080.
But in case of Nginx, it was accessible in port 80.
So we used 80 in the Nginx, but for the card, it is 8080.
So this can be any port in the host machine, available port.
This can be 8081, 8082, 8080.
That doesn't matter.
But the one on the right side is the port number within the container where your application is exposed.
Okay, kubectl getbots, and it is still in the terminating state.
Can it do again?
Getbot, getbots.
Okay, it's already deleted.
Welcome.
Good job, Hermo.
Okay, guys, I need to stop you guys here because it's already time to move to the next topic.
And I hope you are clear with the concepts.
You can try this later.
Also, let's proceed to the next kubernetes resource.
Okay, so in our examples, we created multiple parts, the card part and then the Nginx part.
We created it all.
So if I go back here and if I do kubectl getbots, there are a couple of parts that are running.
I can delete the part.
kubectl delete part, card, my part, our part, all that's going to delete the part.
So what happens?
I don't have a part with the name my part.
kubectl delete part, my part.
Okay, it's already deleted maybe.
kubectl delete part.
Come on.
Nothing happened.
We deleted a part and then it deleted.
Correct.
So there is no part that is running right now in Luis namespace.
So now instead of creating a part, I'm going to create an top level resource, one another kubernetes resource.
I'm going to introduce a new kubernetes resources and those new resources are going to bring in some new capabilities or features to the table.
Okay, for example, we know we use kubectl run command to create a part.
This time I'm going to create one top level resource called deployment.
kubectl create deployment with the image engine next and even you can specify how many replicas you want to run.
Let's say I want five replicas or five instances of engine next part to create for a deployment with the name my deploy.
Let's say I'm going to call this deployment as in my deploy.
Okay, so if I press enter, this is going to create a part and some top level resources.
As usual, let's go with the dry run approach.
Let's create create this with yaml file dry run as a client or put as an animal.
And here you can see now the kind says deployment and some metadata like names and labels and we have a specification.
So here you can see two things.
There is a spec under that we have another spec under the template.
We have the spec.
So this is the specification that corresponds to deployment resource and this specification corresponds to the part specification the deployment at the end.
It's going to create the parts.
This is the part specification.
Basically, this is the place where you are going to put all the container specification with resource request limits liveness probe readiness probe volume modes.
Everything will go here apart.
Specification is encompassed by an deployment specification.
Okay, so now I'm going to apply this file.
My deploy.
Okay, I didn't wrote it to and file it.
I'm going to write to the file.
Come on.
My keyboard is having some split second delay.
My deployment.aml.
There you go.
And now I'm going to apply this one.
QCTL apply FNF.
My deployment.aml.
And it says deployment.apps.
My deploy created.
So if I do QCTL get parts.
Because I specified replicas as a file.
I can see some five parts are created by this deployment.
The name of the part starts with my deploy my deploy my deploy so I can easily recognize that these five parts are now created by an deployment top level resource.
Okay, so now what I'm going to do is I'm going to pick one part.
Let's say I'm going to take the part that ends with XXLBP.
Take this part.
And I'm going to try deleting that part.
QCTL delete the part.
With this name.
The usual delete that we do.
And it says deleted.
So which means out of five we deleted one.
So we expect four parts.
But we got five and there is one that created 11 seconds ago, which means we deleted this part.
It's actually deleted.
But the next moment and replacement is created immediately.
No matter how many times you are going to delete this part and replacement will get created again and again and again.
But that is not the case when we deleted nginx my part or card part.
Because what we created earlier is an standalone part.
Nobody's there on the top to manage this case if we delete nothing happens.
But what we created now is an deployment first.
We created a deployment and this deployment internally.
It created one replica set and this replica set is the one that created those five parts.
So we specify the replicas as an five here.
This information is cascaded down to replica set as a five and this replica set is the one that created this part.
So the moment when I delete a part, this is the one that creates an replacement part because the only duty of replica set is to always ensure current state matches to the desired state.
Current state matches to the desired state.
The desired state is five, which is what is submitted by the developer or the administrator who created this deployment.
The moment when I delete then the current state became four.
The desired state is five.
So there is a mismatch.
So replica set spin up an additional one part to bring it back to the desired state.
So basically this guy is the one who is who is tearing it towards the desired state always.
Okay, because this replica set is run.
This replica set is running an infinite.
Reconciliation loop logic always make sure current state matches to the desired state.
That's its only duty.
Okay.
So if I go back here and if you get will also delete that if you have desired state letter.
Yeah, yeah.
If you have five and you have one more and the desired set is five, then the next moment when replica set performs reconciliation, they said is five.
Current state is six.
So it will delete randomly pick one and delete it to bring back to the.
So if you look at here, Cube CTL get deploy.
So this is the deployment we created and this deployment created and replica set.
This replica set is created by this deployment where it cascaded that configuration here and this replica set is the one that created those five parts.
You can see the name starts with those replica sets.
Okay.
So which means if I want to scale up or scale down, I can there are a couple of ways.
One, you can imperatively use the Cube CTL scale command deploy my deploy and then I can even you can specify the replicas.
Let's say I want to scale down from five to three.
And if I do Cube CTL get parts, I'll read two parts will be terminated.
I have three.
If I do more count, then it's a scale up.
If I do less count, it's going to be a scale down.
Right.
This is imperative scaling.
But you need to update the YAML file and then you need to apply it.
You need to update the replicas properties in the YAML file.
And then it apply.
That is also one way to increase or decrease the scale count.
Okay.
So this scale command is also applicable for replica set.
You can also scale.
Okay.
For example, Cube CTL scale RS scale command is applicable for replica set and then the deployment.
But scale is not applicable for the part, which means you can't do something like Cube CTL scale part.
That's meaningless because these are top level resources.
And if we scale it, it's actually scales the part, isn't it?
So I'm going to scale the replica set.
And I'm going to specify the replicas as in five right now.
That replica is holding three three as in state because we already scale the deployment.
If I do a misspell the replicas.
And it says RS deploy.
This is I think I pasted a part name here.
This is the name of the replica set.
So it says scaled.
So which means if I do Cube CTL get RS, I expected to have.
It was three earlier, so I'm going to scale it to five.
And it says scale if I do get RS.
I gave five and it says scale, but then it still says it the three.
And if you look at the part.
There are only three parts.
The reason behind that is yes, you can scale replica set, but that replica set is not and standalone replica set.
This replica set is now managed by a top level resource.
So even it accepted, you cut this hierarchy and you try to scale this the next moment.
The deployment overridden that hey, I am the top level.
I am the one who created you.
So you should comply to my desired state.
So that is three.
So even though it accepted five immediately overridden as in three by the top level resource.
Okay, so that is number one.
So which means you need to scale it only at the top level.
And if you try to delete the part, it's going to create again and again.
Similarly, if you try to delete the replica set, it will get created again.
So the only way to delete is deleting the deployment.
If I do cube CTL.
Delete there are two ways to delete one is specify the name of the deployment like this.
Or if you have the email file, you can also specify the name of the file like this.
As like how you used for deploy, you can use the email file.
So it will read the email file match with the current state.
It will find the object and then delete that resource.
Okay, so I'm going to delete this deployment.
If I press enter, this is going to delete the deployment.
The resource replica set it created because replica set is getting deleted.
It will also delete all those three parts.
So basically the whole hierarchy will be deleted.
Okay, but then just for demonstration sake, I'm going to delete with cascade flag as and false.
So what it means is deployment replica set parts.
I'm just deleting only this top level resource, which means I don't want the delete to cascade down.
So I set the cascade to false.
So one is a top level resource will be deleted, which means the replica set and parts will be still there.
So if I do kubectl get deploy, kubectl get deploy, there is no deployment.
But if I do kubectl get RS, it's still running with the status and three and those three parts will also be running.
So at this point, if I scale the replica set, it will work perfectly fine because this replica set is now a standalone replica set.
There is nobody at the top of this guy to override it.
You can see it's already scaled up.
So if I do kubectl get parts, I will already see five parts managed by this replica set.
Okay, so same way, if you delete a replica set, it's going to delete the replica set as well as all the five parts.
But just for the demo sake, I'm going to delete the replica set with the cascade flag as and false.
Okay, so kubectl get RS.
kubectl delete RS, my deploy seven seven D five seven four F four D eight.
My bad, I missed the full name of the replica set.
Okay, so if I do kubectl get RS.
There is no replica set running, but if I do kubectl get parts, because I specified cascade as and false.
That deleted only that top level replica set resource, which means I have all those five parts.
All these five parts are now orphan or in other terms, it all already and standalone part.
There is no top level resource that are managing this, which means if I delete this, it will simply get deleted.
Nobody is there at the top to create a replacement or whatsoever.
Okay, so four is five minutes on four, right?
The reason why I explained this with cascade option is just to provide a better understanding on this hierarchy.
The deployment create replica set replica set create parts.
So which means if if victory.
If she have an application to deploy in the kubernetes, she can deploy test and part.
She can deploy test and replica set or she can deploy test and deployment.
If she deploy test and part, then this is more of like an pet that she need to take care because if it goes down, she need to manually bring it up.
Right. Everything she need to do manually when it comes to maintaining the state and all those things.
But still she can use all the liveness for readiness for the source request limits, because those are at the part level replica set.
She will go for if if she want to maintain a specific count.
Let's say all the time she want to make sure five instances of the application is running.
Then she will create an she can create an standalone replica set with kindness and replica set.
And she can specify the replicas as in five.
So this will do that CS equal DS job.
It will make sure all the time by such as of the parts are running in the cluster across the cluster.
Deployment I will go for if you are looking for zero downtime deployment, which means you want to roll out new version of the application during peak business hour with zero downtime.
Then at the deployment resource level, we can specify something called strategy with which we can make use of this feature.
For Victor is application.
She is performing multiple deployments in a day.
And she's really need these features.
Something goes wrong.
She want immediately undo that undo that version deployment for features like this.
If she's looking for features like this, then she should deploy the application as an deployment.
But let's say this application changes rarely, which means yearly once or two years once you will do some code changes.
In those cases, I don't want this undo feature.
I don't want this zero downtime feature.
I don't need any of this.
All I need is as long as I have five running, then it is OK.
Then she can deploy doesn't replica set.
But all victory has is just one application.
Just one instance will run in the cluster and she will take care of it on her own.
Then she can run it as part.
So I got the idea right.
So you are going to run the container.
But what capabilities and features that you want based on that you are going to deploy it as as an as one of the top level resource.
OK.
So which means going back to the middle for every microservice M1 M2 M3 you are going to create a deployment that's going to create and parts.
Let's say the replicas is five.
Then it's going to create five parts for M2.
You will create a deployment that's going to create its own replica set.
Maybe here the replicas you set it to and for M3 you will create a deployment that's going to create the parts.
Let's say here you have three three parts will be run.
OK. So for every microservices you are going to deploy as and deployments and the parts will be running.
So now we are clear with the part already dive into it.
We are also clear with replica set.
It's only duty is CS equals DS job.
Nothing more than that.
And the deployment is there.
But we are yet to deep dive into it.
Why it is that the features like strategy rolling update those things we are yet to discuss.
But it's there to provide some additional capabilities or features for zero downtime deployment and those stuff.
Fine.
So if I delete this part then this replica set is taking an immediate action to create a replacement.
If I delete this only this replica set takes an action.
Correct.
So how this top level resources identifies their identifies their child resources.
How this top level resources like how deployment identifies its replica set and its part how replica set identifies its part.
Yeah.
Yes. Yes.
You can do you can quarantine apart.
You can adapt apart so that I will explain while we talk about labels and label selectors.
Yes that is very much possible.
So how this top level resources identifies the child resources.
Is it by the name because if you look at the name the name of the part starts with the name of the replicas it name of the replicas it starts with the name of the deployment.
That's the convention that it uses but that is not the logic that it uses to identify the child resources.
How it works is or how this hierarchy works or how any hierarchy in the kubernetes works is by one simple resource called labels labels is also in kubernetes resource one of the simple resource.
But an powerful one in the kubernetes for simple and powerful.
Okay, let me explain that how it is simple and powerful right?
Let's take the same deployment scenario.
You created a deployment with the name my deploy correct because while creating the deployment you didn't specified any labels explicitly by default kubernetes will assign a label to this resource.
Key equals value app equals it will assign a label like this app is the key my deploy is the value and then this deployment is creating an replica set after the replica set is created.
It will assign this label to the replica set in addition to this label kubernetes will also add a label called pod hash template.
This replica set is created right?
It will get an unique ID a long random hash like a 1 4 b c k something like this.
So it will also put that as an label here pod hash template as a key and then the that long random hash as a value.
So basically the replica set will have two labels and this replica set created those five parts.
So in all those five parts, you will see these two labels.
Okay, so basically the step one is assigning the labels labels are assigned the way how it is assigned.
I told already the it put a label and this replica set created these spots and then it assigned those label on these resources.
You can assign label to any kubernetes resources.
If I go back here, let's say if you want to view the labels.
Cube CTL get you can describe it.
That is one way and you can see the labels or you can simply include this flag show labels that will show an additional column where we can quickly see the labels.
So for example, the previously created deployment.
It has four parts and it has all those two labels on it the label that came all the way from the deployment and then the label on the replica set.
Basically these two labels are there on the replica set.
Okay, so you can assign label to any resources part deployment replica set node any kubernetes resource.
You can assign a label. For example, I can assign a label for this part.
Cube CTL label the part.
With the name.
And key equals value. Let's say ENV equals product.
And if I do get parts which show labels you can see that label is assigned here.
Okay, if I want to delete a label then the same key minus.
This is going to delete that entire label.
As you can see, I no longer have that label ENV equal to product.
So as simple as that right so going back here, that's how the deployments are assigning the labels to the resources.
Fine. This is about assigning the label.
This is just.
Part one of the story.
Part two of the story is these labels will be used.
In the selector queries.
Which means if I go back here, it's I'm going to assign that label back.
Where is the label command to assign it?
Environment equals dev.
Okay, I assigned a part. I sent a label. If I do Cube CTL get parts.
It shows four parts.
So now I can write an selector query.
I find a friend selector.
And here I can specify get all the parts that has the label environment equals dev.
So as you can see only one part of that because that's the only one that has the that label.
So similarly you can do some more thing like all the parts which has the label that doesn't have this value if it has a key or if it is in one of it.
So there are many many operators that you can use it here to filter down the result set.
Okay, so you can use labels in an selector query like this.
So if you remember I mentioned about this replica sets duty that is CS equals DS job.
And I also mentioned it's running an infinite reconciliation.
Loop logic what it actually does is it execute this command Cube CTL get parts.
I find a friend selector and then these two labels.
This is the exact query that this is the exact query that replica set is executed.
So if it executes this command, it will simply look for the count how many results set returned by this query 3.
What is the desired state for mismatch create a new part?
Assign this to label on it the next moment when it does then four will match for four equals.
Okay, so this is the exact query that replica set execute.
So this overall hierarchy is completely loosely coupled.
It's all tied up only by the labels nothing more than that.
Okay, so now to the scenario that someone has mentioned right there's the question related to quarantining and adapting a part.
So let's say I'm going to Cube CTL get parts.
Okay, so here you can see we have four parts that has this labels my deploy and then the part template hash blah blah blah stuff.
Right. So now I'm going to apply the same Cube CTL apply if any.
I'm going to create the deployment again and if you do Cube CTL get deploy.
It has the file.
Cube CTL get parts.
So if you if you look at here it has five four and it was its five.
So basically this is the only part that is created newly remaining others are simply just got adopted by the replica set
because when the first time it tried to perform the reconciliation loop looking for a specific label.
It already got four and it already got four entries matching.
So it simply adapted those part and it's pinned up just one new point.
Okay, so this is that adapting scenario show labels.
You can see it's created all so the replica set it created it got the same ID.
So if it is going to create a different replica set with a different ID then.
Any parts will be created.
Okay, so in general in the etcd database it stores the previous replica set IDs with IDs available simply reusing that same replica set right fine.
So now look to the scenario of quarantining.
Let's say I'm going to delete.
The label from this part KB 5 gr power right and let's see how we are going to quarantine this part.
Cube CTL label part.
Name of the part.
Key minus.
Cube CTL label part.
Okay, Mr. R at the end.
And if I do keep CTL get parts again.
See how many are there now one is newly created earlier.
It was five now I have six and this container I removed that app equals my deploy.
Which means.
When the after I removing that part the replica set did the reconciliation loop logic and it does that Cube CTL get part if an FN selector with those two labels only four got matched because this doesn't have that label.
But the desired is five so it's been up one part this one to make it to so which means this is now an orphan.
If you delete this nothing will happen.
Which means we quarantine a part.
If I put the label back then it will get adopted.
Let's say I'm going to put the label back on the same part app equals.
My deploy.
Okay.
Get parts.
So you can see here now from the six.
Six match to the label, which is one extra.
So it randomly picked one and deleted it.
So now the count become five.
Okay, the reason why we are explaining this.
Because now you are clear with how this hierarchy is constructed and how it purely works by the labels.
What it all takes to assign a label and assign a label and how to use labels in the selector query.
And with the help of label how to quarantine and adopt and part.
Okay, just it's looking only the labels that it's not even seeing whether the one that it is going to adapt belongs to the same family or not.
It's not even looking that as long as the label matches just adopts our coordinates.
Okay.
So with this go ahead.
Cube controller.
Good question.
Right.
Cube controller.
Cube controller.
So actually we created a part.
We created replica set deployment.
We are going to deal work with demon set stateful set job.
Cron job.
So there are dozens of core kubernetes resources and there are there exists controller for every resources.
All of these controllers are rolled up into one single binary called cube controller.
So for every resources it it works the way that we are discussing because the controller is taking care of that logic for the replica set.
We have replica set controller that's performing that logic.
Correct.
Correct cube controller will work with the API server.
And then and then it go to the scheduler and then scheduler will send to the cubelet and then scheduler will simply assign a node.
That's it.
If you scale up or scale down and then the cubelet is the one that's performing the end action.
Okay.
So with this I'm going to give a quick pass here for you to try these commands.
Yep.
Go ahead please.
Okay.
That's zero downtime deployment.
It works in a different way that we will explore later.
The reason why I explained that unlabeling part here is for better understanding.
Maybe the use case you can think of.
You are seeing that there is something going wrong with this specific part and you suspect that it may got compromised and you want to immediately unlabel it and then disconnect from the network.
So that you can troubleshoot or analyze that specific container separately something like that.
That's a rare case.
Right.
But for the zero downtime deployment it's going to take a different approach that we will discuss when we talk about deployment resource.
You are right.
You are right.
But we are at the mini queue where you have cluster administrative access so you are able to do it.
But in your cluster level you can put some access control on.
You won't.
Nobody will be able to do it or something like that.
And yeah so you can have more control on the labels part.
But yes you are right.
If different teams are going to work in the same namespace and if they are sharing the same labels yes things will mess up.
So it's important to have a unique label for your applications as per your organization structure.
Let's say if you are under a specific tribe under a specific squad specific team then have the labels reflect your structure over the organization structure so that you can easily manage it all.
Okay I'm going to paste this commands in the etherpad.
Creating and deployment.
Oh my God what happened to this page.
Okay still there.
Okay here and there I made some typo errors so please ignore this commands while you are trying it.
But in a nutshell what you are going to try now in this hands on time you are going to create a deployment by a file and you are going to understand that hierarchy.
How replicas and replicas it creates the part correct.
And then you are going to try the scale command delete.
Delete commands and then you are going to learn.
Labels.
What it all takes to assign or unless in a label and using the labels in the selector query.
And if you are interested you can try those quarantine and adapting containers by labeling and labeling.
Okay replica set labels label selector.
These three new resources that we learned now.
Let's take some 10 to 15 minutes to complete this hands on.
on 2022-11-21
language: EN
WEBVTT
Hell is it? I think your voice is breaking, but I am able to see your
Machine now. Yeah, so what is the problem here? CubeCtl scale rs 7b
CubeCtl get rs, but you are not
It says not found
Did you my deployment your replica set name is my deployment by deployment? Yeah
a problem
Deployment
You can scale the deployment you need to deploy. This is the command right you need to deploy
Scale your deployment. What is your deployment name? CubeCtl get deploy do CubeCtl get deploy. Okay, so CubeCtl scale
Deploy my deploy if and if and replicas equals five deploy
Deploy you need to specify the resource name
You are trying to deploy and deployment, right? So it should be CubeCtl scale
deploy
Space my deploy resource name of the resource and then the replicas if and if and replicas
Yeah, perfect
What is that can you please come again with your question?
Okay, one way is
By looking at the labels that is there is no specific commands that you can execute but
From the resource perspective you can pick a label and then you can use it in the sector query if that resource matches
then it is let's say you have a replica set that has a
Just give me a minute go back to the board. Okay, so you have a deployment and
The deployment has a label my my app equals hermohab
Right. So if you want to see whether if a specific part belongs to this deployment, then you can execute a query
using the selector
app equals
Hermohab if that part is listed here, then it is maintained by the top-level resource
Okay
That's how you can see so from the pod perspective. You can't say
What all the top-level resources manage in this part that is not something that you can find only with the label selector
you can identify go to the top-level resource look at the
label selector and query for that
Query for query for the pod with those labels
You
Yeah, you can do that selector equals there are many
You can refer the documentation. Yes. There are many operators that we can use under the selector level
You can use operators like get all the parts that has only this key
You don't bother about the value as long as it has a key get all the
Things and then get all the thing that that has a value in some list of values
There are multiple operators that you can use at the selector query level
Yes, that is possible not app which means get all that doesn't have this label on it
Correct correct, but the best but the best practices in your deployment file just include the label
This is the deployment file for the my deploy if you look at any deployment file
You will see label related
configurations in three places
The first place is under the metadata. We have labels. You see that here labels app my deploy
This is the first place
second place under the specification we have selector and
It also has a label and the third place is under the template. We have the label
See that
So this is the YAML file created by the kubectl client for us
So these three are three different things what this first one is a deployment is created to the deployment
And label is assigned app equals my deploy
So how a label is assigned to the deployment using this?
metadata label under the metadata
Okay, and then this deployment is going to create child revel
replica sets right replica set and parts and
The label that should be assigned to those child level resources
You can see it under the template template label, which means it will get that
labels app equals my deploy
That is this one
the labels on the resources and
The third one is this selector. This is the important one what you give here
This is what going to be used in the selector query app equals my deploy got the idea
So which means in our case, it's all look same, but you can have a different values here
Maybe on the resource level you can have a different labels
But what you give here?
Should be here at least a subset of what you give here should be here because then only
These parts will match to this selector query if you are giving a different labels here and different labels here
Then that that is an invalid configuration. You won't be able to spin up the deployment
So basically it's creating the resources and with the match labels
You are going to this is what will be used in the sector query by the resources like replica set or the deployment
Yes, go ahead, please
Correct part template has is created at run at runtime only will know the ID right so kubernetes will assign it
You
Can do anything this is this is not an assist system reserved label keyword it can be anything
Right. I hope it is clear
So you generally for the applications that you deploy to the production the application team will have more control on the labels that they
Are going to assign and do stuff if if if you miss to do it then kubernetes will do it
Okay, okay going back to the question from hamo, I totally
Forgot the question that came from hamo. So it is about
Or fan parts what was the question again, okay
Got it out of the box. We don't have a straightforward command to achieve it, but with a bit of
Scripting we can achieve it. We can identify the top-level resources get their sector labels
Look for the parts that doesn't have any of those
Top level resource labels and then delete it. So we need to do do some
Bit of scripting and we can automate it
But out of the box, it's not possible. Yep
You are welcome
Okay, I think this is the perfect time to take a quick coffee break
So let's take an coffee break for 15 minutes and refresh yourself and be back by
310 p.m. Thank you
I'm back. I'll come back. So just an
Quick attendance check
Can you please raise your hands in the teams if you're back to your desk? Okay velocity
So I'm not sure I don't have an
Option to record this because this meeting came from your organization
So I'm not sure whether they I don't have permission to start recording
If it is not recorded maybe from tomorrow
You can request your organizer to join and begin the recording so that we can cover these scenarios, right?
And in the last one and a far. Yes
We discussed a lot of things respect to a deployment replicas it and then the parts
you can follow along the video file that I shared and
You can connect with any one of the colleague, but if you still feel that he likes
I really want to catch up on it
Maybe after the training time if you find some time I'm available anyways, so
If we can have a connect for just the 30 minutes or so I can quickly given a
Quick overview on the topics that we covered, right?
So it's up to you so you can check with the colleagues or you can later
I will drop my email is in the email
We can have an quick one-to-one and I will make sure you are on board on these topics. All right, welcome
Sure. Sure. Maybe you can also check with others if somebody has the similar problem
They can also join into that meeting. Okay
Perfect
Okay again, welcome back so we are at the last part of the day one of training and
The thing that we discuss before our coffee break is
We now know how to create a deployment and creating a deployment creates a replica set and then the parts and we know
The role and role of replica set here that is CS equals DS
In addition to that. We also learned
Labels and
Labels select us how this simple but powerful
Kubernetes resource ties up this entire hierarchy, right?
We even learned how to assign and as in the label using the labels in the sector query using different operators
those stuff we discussed and
then
What else?
Yeah, some cases like quarantining apart adopting apart using labels those things
we tried
Okay
so now the next topic that we are going to discuss is about
Deployment itself we created a deployment
But then we discussed more on the features of the replica set
The reconciliation loop it executes and so on so but what this top-level resource deployment
actually does
Or what what all the features that it brings to the table?
That's what we are going to discuss now
so let's say we have velocity and
She deployed an application name of the name of her application is let's say speed
Speed is the name of velocity supplication. I think we are more into physics lessons now, right?
I'm just kidding. So this is the name of the application and right now she developed version 1.0
And she deployed to the kubernetes cluster. So in the cluster
There are hundred replicas of speed application that are running hundred replicas, let's say
And now velocity came up she did some
enhancements and bug fixes and she came up with version 2.0 of the speed image and
now she want to
Roll out this new version of the application, which means all the 100 parts that are running version
1.0
Needs to be replaced with new 100 parts. That's going to run version 2.0. Correct
So how we are going to achieve by specifying something called?
Deployment strategy
At the deployment level
We can specify the strategy as recreate or
Rolling update if you set it to recreate
which means all this 100 old parts will be deleted and
Then new 100 parts will be spin up
Which means
This will come with the downtime the time it takes for all the 100 parts to be deleted and the time it takes
For the new parts to be up and running all the 100 part must go through the liveness probe and it should be healthy
and ready
Then only it can accept the request
So there is going to be a downtime that comes with the recreate strategy
but if we choose rolling update, let's say velocity chosen
strategy as and rolling update for our application and
Under the rolling update she can make use of couple of properties. Let's say max unavailable
max search
She can give Alice for both but just to give you an idea, let's say she said max unavailable as and 25% each and
Then she update the image and apply the DML file. Then what will happen is
Because she specified max unavailable as and 25 you have 100
version 1.0 running and
You set the strategy as and rolling update max unavailable 25 and you trigger the rollout
What will happen is it will bring?
25 version 1.0 parts down and
Then you will have 75 version 1.0 running
you will first bring the cubanets will first bring 25 parts down and
Then it will bring up version 2.0. Let's say
so which means at that moment you have
75 version 1.0 and 25 version 2.0 and again another
25 version 1.0 down bring 25 version 2.0, which means at that moment you will have 50 version 2.0
50 version 1.0
Right. So similarly did this iteration this iteration will move on and at one moment
All you have is 100 version 2.0 zero version 1.0. So if you look at this process
rollout process
There is only 25 percentage of the parts were unavailable
Because the max unavailable is set to 25 only 25 parts were unavailable
75 parts were available throughout this deployment process
which are
Processing all the records that this application receives. Okay, you're bringing down only 25 percentage 25 percentage 25 percentage
And then bringing up new parts
Which means during the rollout process you have mix of both version 1 and version 2.0
Which means it's your applications team's responsibility to make sure these two versions are backward
compatible if there are any breaking changes then
Users will face errors if they try to access the application during this rollout time
So there are breaking changes, obviously need to go with
Recreate or some other deployment patterns in combination with recreate. Okay, that is max unavailable
She can also set max search
What it means
Here in the unavailable scenario, we have 25 parts that are unavailable, right?
What if if your application is really really
doing busy and
Even the 25 percentage unavailability you won't be able to tolerate you really need that 100 percentage
That is 100 parts all the time. Then you can play with the max search property and
How it's going to work instead of bringing down the parts. It will spin up additional 25 version 2 0 parts
You will have version 1.0 running and a surge of 25 percentage that is 25 parts will be spin down
Once it is up and running then I will bring 20 parts down
Kubernetes will bring 20 parts down so that you will have a mix of this and then again additional and then bring 20 down
So similarly the iteration is going to move on 25. Sorry 25 25 25 something like this
You will create additional parts here you are deleting the you are setting the unavailable here you are setting the search
Okay, so you need to be careful while while doing
setting high value for the search because
You are spinning 25 new parts. Do you have?
Enough resources in the cluster to accommodate that new 25 parts, even though it's going to be for a short time
But do you have the resources if resource is a constraint in the cluster then better go for max unavailable and set some lower percentages
Okay, so that the deployment that week this go ahead please 75. Yeah, it should be 75
Yeah, I made a mistake there. Okay
So that's the whole idea here
So for the deployment that we created we didn't specify the strategy at all, right?
So the default is rolling update with max available and max suggests and 25 25
so if I do keep CTL get deploy you can describe the deployment and you can understand the
Strategy but then if you output it as an AML and if you scroll up here you can see
Strategies rolling update with max search max unavailable as a 25 25
Which means at the same time 25 will be brought up and then 25 will be added
Right, so you can configure one of it or even you can specify some hard numbers instead of the percentage
Right purely depends based on how we want you can configure this so this is this is the two strategies
Recreate and rolling update that comes out of the box from the core kubernetes distribution, right?
So on top of it you can traditionally we are following some kind of deployment patterns right?
Canary deployments blue-green deployments
So those patterns you can apply on top of this any one of these strategies that has nothing to do with kubernetes
But out of the box from the kubernetes at the deployment resource level you can specify the
Strategy
recreate and rolling update if you are going to set max unavailable as an 100 percentage if you set max unavailable as an
100% it is nothing but the recreate strategy
Isn't it because it's going to do the same behavior and that what's deleted
Create under new parts. That is nothing but the recreate
Okay, so
Resource level that is number one. Let's say
Velocity see chosen rolling update as the strategy and she set some values for the max unavailable
So she is all set. She already chosen the strategy now
she included those values in the deployment dot eml file and
She updated the version of the image from version 1.0 to version 2.0 and then she is going to apply that eml file
the moment when she applies
It's going to trigger
the rollout
Rolling out the new version of the application rollout
Based on the strategy. It's going to bring down bring up bring down bring out bring down bring up and after a few seconds
Or a minute. It's going to complete the
Rollout process correct. So while rollout is in progress. You can actually view
status of your rollout kubectl rollout
Status for the deployment
My deploy so this will actually show you and a running update of
the deployment progress you can even
Pass a rollout. Let's say already some 50 percentage is completed and
You are seeing a lot of alerts
Coming from the cluster and
You suspect maybe this deployment is causing this rollout is causing some issues
So you may want to pause that rollout for a moment
To observe those logs and informations to see what went wrong so you can pause it
so which means it will simply the rollout will pass it to the current state, which means
40 old 60 new it will simply stay in the same state without any progression and
After analysis you can simply resume the role or resume
and
Once the rollout is successfully completed, which means all the old parts are replaced with the new parts
You can actually view
The history of rollout for that specific deployment
for example velocity
humans back to started with zero point one point six zero point two point three zero point three point five one point zero point
Today she is deploying one point zero point two for the speed app
So she can actually see all this
history of rollout she performed for that specific deployment speed and then today she deployed this and
after deployment
there are a lot of errors that are there are a lot of incidents that users are reporting and
Then you found out that
There is an bug in this specific version one point zero point two
You can easily and undo will
Will revert back to the previous version which means all the 100 parts will be replaced with
parts version one point zero point one
This is again going to trigger another rollout. You can undo to the immediate previous version or you can even go back in time
specifying to revision
From here you can go back to zero point two point three
Let's say each each will be associated with some kind of revision number
So you can specify that revision number here to revision number two that is associated with zero point two point three version of your application
So status pass
resume history
Undo you can do all of these operations for the rollout
Which is associated with an deployment resource
Okay, so with this I'm going to quickly demonstrate that so that you can also give it a try
So we already have a deployment, but I'm going to create a new deployment for this purpose kubectl create
Deployment I need an an image with different versions, right?
So I'm going to pretend like the developer of the application and I'm going to deploy
Multiple versions of the application so for that I'm going to pick any image from the docker hub and I'm going to try
Deploying multiple versions of a same application
Let's go with the same engine X
Okay, I'm going to first start with
One point two to a fan Alpine and then I am going to update it to one point two two and then
point
To three Alpine and
Then finally to the one point two three. Let's give it a quick try
So first I'm going to start with one point two to a fan Alpine tag
image
Engine X and the code tag is one point two two
Something wrong with me
Keyboard engine next one point two
See, I forget the tag name already one point two to a fan Alpine
And the name of the deployment is my web
And I want to get the ML file for this
I
Output as an ML
Perfect I'm going to write this to an ML
I
Perfect let's open that file
Come on I'm trying to open a file
Okay, let's go with this defaults if you want you can clear it up it's up to you
I'm going to go with the default strategy. I'm happy with the default strategy
That cubers is going to assign
Let's keep it simple
Okay a more simpler version
And I want let's say
Some fire replicas and it's going to use this image, right?
So as like labels
We have one more cuban its resource called annotations
So be aware of the indentation under the template in the same indentation as labels
I am giving
Annotations
Okay, it takes the same format as labels
But annotations are meant for different purposes
annotations are heavily used by automation tools or
Kubernetes is also using heavily the annotations. There are many
system reserved keys annotation keys that we will use to enable or disable or to set some system level
Properties kubernetes system level properties. You can also use any
thing like for example
Logo URL and then you can give the URL for the logo PNG something like that
You can put some metadata informations on the rotations also
right, for example, the build tool will use annotations to
put the
Build hash template something like that. Okay
You can't use annotations in the selector query
You can use label only label in the sector query
Alright, so for the annotations we have one system
Reserved annotation key called kubernetes at IO change cause
some user-friendly text
That you can have as an value for this rotation
To quickly identify what's happening with this rollout for example
Deploying initial
Version
1.22 if an Alpine some some user-friendly text that you can provide here
So this is going to reflect in one place that we will see in a moment
Okay, this key isn't reserved one
Fine, so with this change now, I'm going to save this file and apply this yaml file
We are deploying the first version of our application kubectl
Apply if nf my web
Kubectl rollout
Status for the deploy my web
As you can see it's showing as there as a running update on the current rollout
Successfully rolled out perfect. So now you can view history of this deployment
So far we deployed only one version
So it should at least show one entry
See revision number one
That that the annotations that we gave it reflected here, right if you want to view more information little bit more information
about that specific revision then you can use revision flag and
specify the revision number
That will tell what is the image that's used?
and
some additional metadata information
Okay, we deployed our first version and we are able to view the
Rollout history comments, right? So now I'm going to make a change. I
Did some bug fixes and enhancements. I came up with the new version 1.22
Go back here and I'm going to update the image
To use the 1.22 version
I'm dating from 1.22 Alpine
So in this case, I'm manually updating it so in your CACD scenario
You can add an annotation automatically
After your build process and everything is completed so that it will get reflected updated from
1.22 to 1.22
And save the file
I
Play it so which means all the five parts will be replaced with new five parts that uses version 1.22
Cubectl apply
Cubectl rollout status
Based on the strategies that is there in the ML file it's performing the rollout
and
Perfect so if I do history again
Now I can see to two revisions under the history, right?
Let's deploy one more and then we can try down to operation pass and resume. You can try it while you are
Doing the hands-on. So let me show the undo for that. I am going to deploy one more revision
Let's say I'm going to deploy 1.23
Back open your email file
Dating from
You
Bear with me there is an split-second delay when I'm typing here
All right save this
Go back apply it
Okay, so if I do history again I
Can now see three revisions, right? So let's say after deploying 1.23
I'm getting some errors and blah blah blah. I want to roll out then the same command roll out undo
The deployment
My web if I press enter it will roll back to one point two two half one point two two
The immediate previous version if I want to go back then I need to put
Two revision and specify the revision number
Let's say the revision number is one
And you can view the rollout status the parts getting being replaced
And it's successfully rolled out and
If you view the history now
One became for the revision number will be keep on incrementing so one
Became four. So we don't see the one here because it already became four, right? So we deployed the initial version back
Okay, so these rollout features are available only at the deployment resource level
This is not applicable for replica set this is not applicable at the pod resource level
Okay, so that's the two thing that we learned from here one is strategy second is
Making use of this rollout capabilities
well, you are
Deploying the new version of the application. So how many versions it will it will maintain that also
You can have more control. Let's say get deploy
my web
Output as an email
There is one default here revision history limit so by default it will keep past 10
rollout
In the history if you do if you do rollout history command if you want 100
Then you can include this in your email file and then put it as an handle simply over at this default
Okay revision history limit
How many revisions you want to see positive visions
Alright with this our
deployment
resource
Comes to an end. I am going to share this email file with you
Please give it a try any questions on the deployment
Deployment and in the rollout features
Let me also include the kubernetes documentation
You
Okay, it already has all the information that we discussed
Okay, so
Yep, any questions before I give time for you to try this any questions on the deployment. Perfect. Let's give these comments a quick try, please
Yes, please is that a question
Why we use dry run is that a question
Okay, so okay, so if you are
If you want to create an email file from scratch. Yes, you can go ahead and you can write an email
from scratch
specifying the API versions kind
Specifications you can define it as a kind
Or you can copy from the kubernetes documentation some templates and you can modify it right there are two ways
Scott from scratch or get a template from kubernetes documentation
another way is
You are right. You are writing some kubectl command behind the scene
This guy is translating your command to an email and then submitting to the API server
If you do kubectl create deployment and press enter is generating an email file and is submitting it to the API server
So what we are going to do is we are going to ask this kubectl
For the command that you wrote a dry run, which means don't submit the request to the server
Just print the email that you will you will send it to the server, but don't submit to the server
Okay, and we are able to see that email and have we are writing it to an file and having that as a base
We do some changes and then we are applying on our own by using the application. Okay, dry. Okay this option, right?
Okay, you can also give it a sense server, which means request will be submitted as well as you will get the email
I there are multiple options that you can do here
Okay, let me show the
Client means at the kubectl client client refers to this kubectl client
Okay, so you can give options like
dry run
client kubernetes
Let me show from the documentation
So you can't set it to server
Where is it? Where is it? Here it is
It can be non server or a client if if it is a client
Then it will only print the object that would be sent without sending to the server if server
Then the records will be submitted to the server without persisting that resources
Go ahead. Correct. Correct
So basically, yep, if we don't persist that resource to that city, so it's also more often writer, correct
So, yep
That's the purpose come again
Sorry, I missed the question
Yes, so basically every request that you submit because you ask this question
Let me provide a quick level over here. Whatever the request that you submit from your client or dashboard or GUI
The first component that's going to process is the API server, right?
so
in the API server
within the API server
Let's say this is the core logic that's going to persist to the etcd database. Okay, so before that core logic
kicks in your request will pass through three gates that I mentioned in the morning at
authentication
Authorization admission controller. So if and only if your request passes in all the gates, let's say
Velocity is an valid employee
Velocity has a permission to create a deployment
velocity
In each spot specification. He has all the required namespace information resource information something like that. Then only it will be persistent
So when I say by persisting this is what it is
Storing that specification in the aml file by including all the defaults and stuff
Okay, so to answer your question. Yes, if there are something that are missing
Let's say you're submitting without request
But you have an admission controller that will perform some validation if an if an request is missing reject the request, right?
So those validations will happen. Of course
If you submit right and as a client then it will go through the admission controller layer level
Authentication authorization, it will be simply rejected if any one of it fails. Okay, you can try an example with dry run as a server and observe the
difference
Setting dry run as a server and without dry run server and submit a resource and find the difference. Okay, I hope it helps
Dry run server
Let me see if I can include some documentation link so that you can try it. Okay, so here you can see that
Look at this one if you are giving it as an server
Your request will actually go through
authentication authorization and then the admission controller at the admission controller layer level
We will do some validations. Even the kubernetes can do some mutations, which means as
Administrator you can run some admission controllers that will do some modifications to your request, which means
What you submit is not what you are going to see in the kubernetes because
Your cluster administrator may have an admission controller that will perform some mutation
let's say if you are submitting and request without namespace an
Admission controller will include a namespace with value as and Luis
So those kind of manipulations also we can do so if you dry run as a server
it will go through authentication authorization and then the admission controller step and
then that
File object will be returned to the user
It won't be persisted to the etc database, but it will go through the server side process
Which means you will already see the one that has the defaults and steps already included in it
But in the client you won't have the defaults included because the default included logic happens in the server side
Okay, is it clear or I did I confused you a lot already? Okay, great great there
Good I could see a few of them already completed the rollout exercise good job
Okay, I think we are at the end of the training so if you are progressing you can continue on this
We only have five more minutes left to conclude the day one
So I'm going to do a quick review on the topics that we completed today
Let me go back to the
Agenda one that we discussed in the morning. It looks like we covered only few resources
But then the knowledge that we gained. Yep. Go ahead
Change cause okay. Let me share it
In the chat. Okay, maybe you need to look at your
Intendation
Yes, sure sure sure sure who is this? Okay training room
Are you in the training room? I'm not seeing you here
on 2022-11-21
language: EN
WEBVTT
So who is this again who reported this show I can directly log into your machine
Malos, right? Okay. Let me connect your mission. Okay, Cuba Nets
Annotations is this all spaces or use the tab? Okay, if you stabbed obviously it will throw your ears
Well, you're up a cubanets.io slash change cause
Or looks good
Yep
Can you modify another different version and try apply again? Okay, save the file and then
Apply it. It's
Nothing difference if you are going to apply at
Deployment level or at
Template level because anyways a system result key
It's going to pick it and then it's going to use it
So there is no difference you can deploy that at the deployment you deploy at the deployment metadata level
Right. Yeah, you can you can have it there also. That's okay. I think my loss. It's reflected, right?
There is no problem with the with the key. Okay, okay
Revision number yes
Revision revision number is associated with a specific application version
The revision number will be continuously incrementing. Yeah, any other questions?
Okay, so the concepts that we learned on day one, which is the base for all other day two and day three topics
Remaining topics you will we will simply discuss the use cases. We won't again deep dive into hey this works by label
This is how it's going to do it
I will simply touch on it saying hey this works by labels and then we will deep there the use cases for each
Of this right in tomorrow's session. So tomorrow's session the pace will this is going to be
Little bit fast compared to today
Because we got our basics right that out on day one, so it's going to be a little bit fast
So please be prepared for that again
We can adjust it if you feel it's going too fast or way too slow something like that, right?
So we started with the overview on
Why containers so far that we had an understanding on the challenges that we face
Maintaining and monolith application
Which is also in legacy one and then how we move to so one then micro services
Because we have micro services how to run it as and containers
Because we have containers everywhere
relying on it software like our kubernetes to manage it all and
What it all takes to form a kubernetes cluster by grouping the host machine
So all those things we will cover it covered it under the overview section, isn't it?
and then we started with our first kubernetes resource and atomic unit parts and
Here we learned all the lifecycle commands
as well as
Writing and part specification from scratch
Including the probes resources volumes, right all those things we discussed and then we created a deployment and replica set
We learned what is the role of replica set how it works by labels and label sector how to assign and assign a label
using the labels in the selector queries how this hierarchy is using that CS equals DS and
finally on the deployment
specifying the strategy and
And the rollout features and for all of these topics. We also tried some hands-on
Okay, so that's all for day one. Congratulations. You successfully completed day one. Good job guys
So tomorrow we have another set of interesting topics and hands-on should try so please keep the same excitement and
Commitment so
That's it. If you have any questions, I can address it now and for those
who
Went out and in because of some power failures or some
Important calls if you want to have a quick connect with me, please drop an email to me
With some teams link or whatsoever so that I can join here and we can have a quick one-to-one connect
And I can I will make sure I will address all your queries. Okay
Any?
Yep. Yep. Yep. Sorry. What is what is that? Sorry. Go ahead. What's the question? Mm-hmm
Correct. Correct
Okay, okay, okay, so two questions you asked right number one number two number one is related to
The replica said the component behind it and all those stuff, right? So I already addressed for one of the question
So keep it in mind
The important components involved is AP server cube controller
Cube scheduler, okay, so which means for all the resources we see in part we have one part controller
Replica set replica set controller is that deployment deployment controller is that deployment controller is taking care of executing that strategy?
Handling the rollout and all those stuff replica set controller is responsible for
executing an infinite while loop
To perform CS equals DS job. So all those controller
Code is all rolled up into one binary and it is running as an cube controller part in the cube system namespace
So this is the one that has that logic
Okay
So if you are doing scale up or if it is something is missing and you want to schedule more parts for a specific
replica set let's say you have a replica set with 3s replicas you modify to 5 then
Cube controller is going to update the specification all these components relies on the
HCD database to maintain the state information of the resources and the cluster
So if you modify it to 3 to 5 in the etc database
For the three for the three parts you will already have a node for example part 1 node 1 part 2 node 1 part 3
node 2
You will already have this assignments already you created two more parts and then for this the node is yet to be assigned
so that's where cube scheduler will kick in and
it will look into the current cluster state the node the resource availability and
Then it will consider various interacting factors for example. We are going to talk about
Pod affinity anti affinity node affinity so it will consider various interacting factors
And this will finally say hey assign part 4 in node 3 part 5 in node 1 so it will put that information here
So once this information is here, which means a node is assigned, but this part is yet to be
Scheduled on this mode right so that's where again this instruction will be passed by one of the master component
let's say scheduler to the node 3 cubelet and
also an instruction will be passed to node 1 cubelet and
These guys are going to create work with the underlying container runtime to create the container and wrap it as a part
Create a container rapid test and port and then do all the liveness and readiness from here right so the
component behind the scene that that's the reconciliation logic are
Managing that resources if it is a deployment deployment controller is managing it if it is a replica set replica set is managing
controller is managing it and
For the scheduling decision where to schedule if you delete a part a replacement is going to be created
where in which node that purely depends on the
cluster state in that moment
that cube scheduler knows
So if you are not happy with the scheduling decision that cube scheduler does you can also run your own custom scheduler
along with the cube scheduler and
For the applications XYZ ABC you can configure it to use the custom scheduler all are all other applications
Cube scheduler can make the scheduling decision you can have one or more scheduler components running in the cluster
You can even have your own own custom scheduler logic for your custom applications
Okay, but all the state informations are ATCD and the APA server is is a stateless
Component it persists every changes to the ATCD right and if the replica set controller is executing a command write kubectl get parts
With all the parts with the label so actually your controller will make a call to APA server
To execute the cut to query the cluster
That is my thing. I think it went
so controller will make a call to
APA server and it will get a response and then it's going to put an entry in the ATCD database
So that's how the interaction between the master components happens
Okay, so that is for your question number one. Is it clear on the question number one?
Question number two is if if if in the node if I have two same application part running my web my web
Both are going to use port number 80 80 80
So is it going to be a conflict? Yes, you're right. It's a conflict, but this is not the way
We are going to access the parts
we have one service that is our that is the first thing that we are going to discuss tomorrow morning and
we are we will expose this part and we will access it via service and
you won't get into this scenario still you can have many parts of the same application and
We will never get into this poor context scenario or that first you need to learn what service resources how it works
Right. So answer for this. We are going to discuss tomorrow
Okay
Yep. Yep. Yep. Welcome
Okay, did the guys are there? Okay, if you still you guys are that thanks for your time
And do you have any specific feedback that you want me to correct for the day to all right?
I will take this silences and no and
Enjoy your rest of the evening and see you guys tomorrow morning 9 a.m. Again. Bye. Bye. Take care
it will be there until the
Wednesday
Evening right so you can access it after the course time also it will be there until the end of the day 3
Thank you. Bye. Bye
