Kubernetes Mash — It was a Spookernetes Bash!
Currently Reading: The Magna Guide to Microprocessors, Kubernetes Up & Running
Spookernetes was my first ‘real’ DevOps project. By real, I mean I talked to other DevOp-sy people and they said that they’ve done similar things in their day to day. Only, instead of a day, this took me awhile.
Phase One of Spookernetes was to set up Traefik as a load balancer, Consul as a service registry, and use something to return a unique ID (container ID) in a browser.
Initially I went through some katacodas to learn how to make Traefik work with Nginx. Once I finally had Traefik working, I went through the step by step Consul Getting Started which helped me gain some familiarity with Consul. However, that didn’t make setting up automatic service discovery any easier (and I’m still not sure with Docker Compose that is a thing I can do). I used Registrator to automatically register all services with Consul. In the end, I forgot I needed something that actually knows PHP to read my PHP files, which is why PHP FPM is just thrown in there.
Phase One’s biggest hiccup was making Nginx and PHP FPM mesh. In the end, I found out you could just use the Nginx configuration file (default.conf) to return what I needed.
Phase Two was much more challenging. Now it was time to take my cute Docker compose file and shove it into Kubernetes. Once my services were working on Kubernetes, I was supposed to step up network policies to have only certain Nginx’s talk to certain PHP-FPMs, and show that fake Nginx’s could not talk to PHP FPM.
I started off using Kompose, and I had high hopes. Kompose will take your Docker-Compose file, and translate it into a bunch of YAML files for Kubernetes to understand. Kompose quickly crushed my dreams as I realized it is not easy to take the configuration files on your local machine and make them magically appear somewhere, somehow, on the cloud. This is where I learned it is okay to ask for help! Instead of realizing this sooner I spent a couple days at a coffee shop, way too stressed out over configuration files.
ConfigMaps were confusing at first, but after a brief sit down with my mentor, I learned that past all the ‘techie’ talk that ConfigMaps take data you need and store it in a key/value store so that it can be used later. With a brief understanding of ConfigMaps, and the realization I could make my own images by simply baking files into already made images, I was able to start standing up my services.
Next it was onto Network Policies! I used Kubernetes’ documentation for version 1.7. After spending a couple hours not understanding what was wrong with my network-policies.yaml, I realized I was using the 1.8 documentation. Their documentation was pretty clear, and I was able to use the labels I created and set an ipBlock for the IP range my actual Nginx service is set in. I stood up a service called ‘Nginxfaker’ to show that it couldn’t talk to PHP-FPM.
This project really opened my eyes to how much I need to learn about Kubernetes, and how your mentors and friends are there to save your sanity!
I want to learn all the nifty tricks things you can do with Kubernetes, but I’m also curious about Nomad, and HashiCorp products. I think it would be fun to do a Nomad + Vault + Consul + Packer project to gain some familiarity with that family of tools, even though this project had me interacting with Consul.
This week I want to learn about encryption, keep reading about microprocessors, and I will hopefully have a firm grasp and familiarity with lists in Python.
Kubernetes is starting to get a lot less spooky!