Thursday, 12 April 2018

IBM Cloud Private - More on using Helm and Kubectl to create, upload, install and use applications

Following my earlier post: -


here's some more about using Helm and Kubectl to drive IBM Cloud Private 2.1.0.2.

Enjoy :-)

Install and Use IBM Cloud CLI / Helm / Kube on iceboat Ubuntu box ( as root )

Download the required ICP Plugin for the IBM Cloud CLI


Resolving icpboot.uk.ibm.com (icpboot.uk.ibm.com)... 192.168.1.100
Connecting to icpboot.uk.ibm.com (icpboot.uk.ibm.com)|192.168.1.100|:8443... connected.
WARNING: cannot verify icpboot.uk.ibm.com's certificate, issued by 'CN=mycluster.icp':
  Self-signed certificate encountered.
    WARNING: certificate common name 'mycluster.icp' doesn't match requested host name 'icpboot.uk.ibm.com'.
HTTP request sent, awaiting response... 200 OK
Length: 20746952 (20M) [application/octet-stream]
Saving to: 'icp-linux-amd64'

icp-linux-amd64                                                     100%[===================================================================================================================================================================>]  19.79M  43.1MB/s    in 0.5s

2018-04-12 02:20:55 (43.1 MB/s) - 'icp-linux-amd64' saved [20746952/20746952]

Install the Plugin

bx plugin install icp-linux-amd64

Installing binary...
OK
Plug-in 'icp 2.1.182' was successfully installed into /root/.bluemix/plugins/icp. Use 'bx plugin show icp' to show its details.

Validate plugins

bx plugin list

Listing installed plug-ins...

Plugin Name   Version
icp           2.1.182

Download the required version of Helm from ICP


Resolving icpboot.uk.ibm.com (icpboot.uk.ibm.com)... 192.168.1.100
Connecting to icpboot.uk.ibm.com (icpboot.uk.ibm.com)|192.168.1.100|:8443... connected.
WARNING: cannot verify icpboot.uk.ibm.com's certificate, issued by 'CN=mycluster.icp':
  Self-signed certificate encountered.
    WARNING: certificate common name 'mycluster.icp' doesn't match requested host name 'icpboot.uk.ibm.com'.
HTTP request sent, awaiting response... 200 OK
Length: 68393980 (65M) [application/octet-stream]
Saving to: 'helm'

helm                                                                100%[=================================================================================================================================================================>]  65.22M  11.8MB/s    in 5.3s

2018-04-10 02:10:08 (12.2 MB/s) - 'helm' saved [68393980/68393980]

Validate the download

ls -al helm

-rw-r--r-- 1 root root 68393980 Mar  5 15:01 helm

Set exec permission

chmod a+x helm

Move into local path

mv ./helm /usr/local/bin/

Log into ICP via the IBM Cloud CLI

bx pr login -a https://mycluster.icp:8443 --skip-ssl-validation -c id-mycluster-account -u admin -p admin

Authenticating...
OK

Targeted account: mycluster Account (id-mycluster-account)

List Clusters

bx pr clusters

Name        ID                                 State      Created                    Masters   Workers   Datacenter
mycluster   00000000000000000000000000000001   deployed   2018-04-10T15:18:16+0000   1         2         default

Configure Cluster ( this creates necessary TLS configuration for Helm )

bx pr cluster-config mycluster

Configuring kubectl: /root/.bluemix/plugins/icp/clusters/mycluster/kube-config
Cluster "mycluster" set.
Cluster "mycluster" set.
User "mycluster-user" set.
Context "mycluster-context" created.
Context "mycluster-context" modified.
Switched to context "mycluster-context".

OK
Cluster mycluster configured successfully.

Check Helm version ( with TLS )

helm version --tls

Client: &version.Version{SemVer:"v2.7.2+icp", GitCommit:"d41a5c2da480efc555ddca57d3972bcad3351801", GitTreeState:"dirty"}
Server: &version.Version{SemVer:"v2.7.2+icp", GitCommit:"d41a5c2da480efc555ddca57d3972bcad3351801", GitTreeState:"dirty"}

Create a Sample Helm Chart

helm create demoapp

- Creates demoapp in home directory e.g. ~/demoapp

Add required values to values.yaml

vi ~/demoapp/values.yaml 

Append: -

fullnameOverride: ""
nameOverride: ""


Validate the new Helm Chart's format

helm lint --strict demoapp

==> Linting demoapp
[INFO] Chart.yaml: icon is recommended

1 chart(s) linted, no failures

Package the Chart

helm package demoapp ; ls -l d*.tgz

Successfully packaged chart and saved it to: /home/hayd/demoapp-0.1.0.tgz
-rw-r--r-- 1 root root 2581 Apr 10 09:14 demoapp-0.1.0.tgz

Log into ICP via the IBM Cloud CLI

bx pr login -a https://mycluster.icp:8443 --skip-ssl-validation -c id-mycluster-account -u admin -p admin

Upload the new Chart

bx pr load-helm-chart --archive demoapp-0.1.0.tgz --clustername mycluster.icp

Loading helm chart
OK

Synch charts
  {"message":"synch started"}
OK

Check Helm Repo


Resolving icpboot.uk.ibm.com (icpboot.uk.ibm.com)... 192.168.1.100
Connecting to icpboot.uk.ibm.com (icpboot.uk.ibm.com)|192.168.1.100|:8443... connected.
WARNING: cannot verify icpboot.uk.ibm.com's certificate, issued by 'CN=mycluster.icp':
  Self-signed certificate encountered.
    WARNING: certificate common name 'mycluster.icp' doesn't match requested host name 'icpboot.uk.ibm.com'.
HTTP request sent, awaiting response... 200 OK
Length: 354 [application/x-yaml]
Saving to: 'index.yaml'

index.yaml                                         100%[================================================================================================================>]     354  --.-KB/s    in 0s

2018-04-10 09:29:52 (72.6 MB/s) - 'index.yaml' saved [354/354]

cat index.yaml

apiVersion: v1
entries:
  demoapp:
    -
      apiVersion: v1
      created: '2018-04-10T16:24:55.459Z'
      description: 'A Helm chart for Kubernetes'
      digest: '-1'
      name: demoapp
      urls:
      version: 0.1.0
generated: '2018-04-10T16:24:55.459Z'

Search Repo

helm search -l|grep -i demo

local/demoapp                        0.1.0        1.0                         A Helm chart for Kubernetes

Install Helm Chart

helm install --name mydemoapp demoapp --tls

NAME:   mydemoapp
LAST DEPLOYED: Thu Apr 12 02:41:09 2018
NAMESPACE: default
STATUS: DEPLOYED

RESOURCES:
==> v1/Service
NAME       TYPE       CLUSTER-IP  EXTERNAL-IP  PORT(S)  AGE
mydemoapp  ClusterIP  10.0.0.17   <none>       80/TCP   0s

==> v1beta2/Deployment
NAME       DESIRED  CURRENT  UP-TO-DATE  AVAILABLE  AGE
mydemoapp  1        1        1           0          0s


NOTES:
1. Get the application URL by running these commands:
  export POD_NAME=$(kubectl get pods --namespace default -l "app=demoapp,release=mydemoapp" -o jsonpath="{.items[0].metadata.name}")
  echo "Visit http://127.0.0.1:8080 to use your application"
  kubectl port-forward $POD_NAME 8080:80

List Deployed Charts

helm list --tls

 NAME     REVISION UPDATED                 STATUS  CHART        NAMESPACE
 mydemoapp 1       Thu Apr 12 02:41:09 2018 DEPLOYED demoapp-0.1.0 default

Get the Deployment Details

kubectl get deployments mydemoapp

NAME        DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
mydemoapp   1         1         1            1           47m

kubectl describe deployment mydemoapp

Name:                   mydemoapp
Namespace:              default
CreationTimestamp:      Thu, 12 Apr 2018 02:41:09 -0700
Labels:                 app=demoapp
                        chart=demoapp-0.1.0
                        heritage=Tiller
                        release=mydemoapp
Annotations:            deployment.kubernetes.io/revision=1
Selector:               app=demoapp,release=mydemoapp
Replicas:               1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        0
RollingUpdateStrategy:  25% max unavailable, 25% max surge
Pod Template:
  Labels:  app=demoapp
           release=mydemoapp
  Containers:
   demoapp:
    Image:        nginx:stable
    Port:         80/TCP
    Host Port:    0/TCP
    Liveness:     http-get http://:http/ delay=0s timeout=1s period=10s #success=1 #failure=3
    Readiness:    http-get http://:http/ delay=0s timeout=1s period=10s #success=1 #failure=3
    Environment:  <none>
    Mounts:       <none>
  Volumes:        <none>
Conditions:
  Type           Status  Reason
  ----           ------  ------
  Available      True    MinimumReplicasAvailable
  Progressing    True    NewReplicaSetAvailable
OldReplicaSets:  <none>
NewReplicaSet:   mydemoapp-84dcbdfbf4 (1/1 replicas created)
Events:
  Type    Reason             Age   From                   Message
  ----    ------             ----  ----                   -------
  Normal  ScalingReplicaSet  48m   deployment-controller  Scaled up replica set mydemoapp-84dcbdfbf4 to 1

Expose the Demo App via a NodePort service

kubectl expose deployment mydemoapp --type=NodePort --name=mydemoapp-service

service "mydemoapp-service" exposed

Describe the new NodePort Service

kubectl describe service mydemoapp-service

Name:                     mydemoapp-service
Namespace:                default
Labels:                   app=demoapp
                          chart=demoapp-0.1.0
                          heritage=Tiller
                          release=mydemoapp
Annotations:              <none>
Selector:                 app=demoapp,release=mydemoapp
Type:                     NodePort
IP:                       10.0.0.74
Port:                     <unset>  80/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  30129/TCP
Endpoints:                10.1.28.131:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

Note the NodePort

Test the Service using curl ( using the ICPProxy and the exposed NodePort )


<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Test the Service using a browser


If needed, validate upon what node(s) the application is running

kubectl get pods --selector="app=demoapp" --output=wide

NAME                         READY     STATUS    RESTARTS   AGE       IP            NODE
mydemoapp-84dcbdfbf4-gvnvp   1/1       Running   0          50m       10.1.28.131   192.168.1.101

Next to use a "real" Docker example ( Hello World ) from here …


No comments: