Kubernetes

Introduction In the modern era of containerized applications and microservices, efficient management of container images becomes paramount for enterprises. Azure Container Registry (ACR) offers a robust solution, allowing organizations to securely store, manage, and deploy container images. In this comprehensive guide, we’ll walk you through setting up an end-to-end ACR infrastructure tailored for enterprise needs. In this post I want to cover end to end secure Public ACR architecure with scope base access....

Today, I am going to show a demo app which shows you the running containers of your GKE cluster. There was a time that we need to demonstrate Kubernetes to several parties, and we find it difficult to show them graphically when we do scale up and scale down. There is cool Hexboard app which demonstrate during a Redhat Openshift demo, but it was keep crashing when I do a refresh....

In this post, I am planning to discuss what are the things that we want to decide when creating a GKE cluster for your production environment. There are several flavours of settings you can select when creating a GKE cluster. I came across these settings with the help of my friend Chanux, and you can visit his blog for more awesome stuff. Cluster Types There are two major types of GKE clusters; Regional GKE cluster and Zonal GKE clusters....

In my previous post we discussed about deploying a app to the created GKE cluster. Now we will focus how we can access this app using a cost effective method. Typically to access a application deployed in GKE you can use HTTP LoadBalancers, but Google LoadBalancers are pretty expensive. As solution we are deploying a nginx pod to every node (as a Daemonset) with a config map which will contain nginx configs....

In my previous post we discussed about creating a GKE cluster to deploy your apps. In this post I am planning to walk you through how to deploy apps to your GKE cluster, and we will automate the entire process. Architecture My app is a simple index.html which prints “Hello World”. I am building this app using nginx docker images and I am using Google Cloud Build to build the image and push it to the container registry....

I have couple of applications that I need to run on public. At the beginning I was running them in docker containers using a GCE instance. The problem I was facing is to update the code and push the changes into my live site. The ideal option to manage docker containers is to deploy them using Kubernetes. When using Kubernetes you can easily deploy and update your changes to production environment....

Problem! I have deployed GKE cluster and run our workloads in there. As a monitoring stack I deployed Prometheus and Grafana using stable helm charts. Problem here is, how we can monitor these kube-dns pods? I can get cpu and memory usage of these kube-dns pods, but other metrics like skydns_skydns_dns_error_count_total etc won’t scrape by prometheus, by default. The reason for this is those metrics endpoint are not exposed yet....

To access services deployed in your GKE cluster, you can use nginx ingress controller. You can quickly deploy nginx ingress controller via stable helm-charts. Nginx ingress controller will scan entire namespaces and will update the nginx configurations base on you ingress objects. If you want to limit your scope of nginx ingress controller, you can do that via enabling ‘scope’ and indicating which namespace you want for your scope. Enable scope in helm values file...

Create Service accounts for the project you deploying the prometheus pod. oc create serviceaccount -n oadm policy add-cluster-role-to-user cluster-reader system:serviceaccount:: oc create serviceaccount metrics -n paas-prometheus oadm policy add-cluster-role-to-user cluster-reader system:serviceaccount:paas-prometheus:metrics Creating the Docker image #Base Image FROM docker.io/prom/prometheus #copy the config yaml file to the directory ADD prometheus.yml /etc/prometheus/ #expose the port EXPOSE 9090 Prometheus.yml File global: scrape_interval: 10s evaluation_interval: 10s rule_files: - "*.rules" scrape_configs: - job_name: 'kubernetes-cluster' tls_config: ca_file: /var/run/secrets/kubernetes....