How to deploy an application on IBM Kubernetes Services (a.k.a. IKS)
IBM Cloud offers managed Kubernetes cluster services, which could be used to deploy entreprise grade applications.
When provisioning a Kubernetes cluster on IBM Cloud, one has the choice of a “real cluster” (single-zone or multi-zone);
(Flavours of Kubernetes shown above as of March 2022)
Or only provisioning a “Free” ($0) cluster which lasts for 30 days and is good enough to realize some tests.
The advantage of a free cluster is that in order to deploy and test an application, it is only required to enbale the “NodePort”, so for rapid development it makes the lives of developers easier.
This example is based on a free cluster and the purpose is to give the basic understanding of application deployment on IKS.
So let’s jump into the sample application we want to deploy!
To establish access to the cluster (verify that you have already installed ibmcloud and kubectl CLIs) ;
Login to IBM Public Cloud (the login below is generated by IBM Cloud Kubenetes provisioning dashboard);
ibmcloud login -a https://cloud.ibm.com -u passcode -p xxxxxx
(xxxx generated randomly by IBM Cloud)
Connect to the IKS instance (generted by IBM Cloud)
ibmcloud ks cluster config --cluster xxxxx
or in our example
ibmcloud ks cluster config --cluster c2jr04vd0gva8pgpoam0
Verify that you are working with the current cluster context (you could have several Kubernetes clusters, so kubectl should know which cluster to work on)
kubectl config current-context
1. Deployement of a sample application
In this part of the lab we will deploy an application called guestbook
that has already been built and uploaded to DockerHub under the name ibmcom/guestbook:v1
(https://hub.docker.com/r/ibmcom/guestbook) and which is also available on Github (the repo is here, but no need to go there: Github IBM Guestbook).
So the aim is to acheive the following very simple architecture;
Hereafter the steps;
kubectl create deployment guestbook --image=ibmcom/guestbook:v1
The output to be expected:
deployment.apps/guestbook created
This action will take a bit of time. To check the status of the running application, you can use
kubectl get pods
You should see output similar to the following:
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
guestbook-59bd679fdc-bxdg7 1/1 Running 0 1m
2. Make the application visible and accessible to users
Preambule: as we are using a free version of IKS for this demo/exercise, the path which is used by the IKS engine is different from the way that an application would be deployed on a Kubernetes production ready cluster. Below is the schema which demonstrates the way that an application would be accessible to end users once deployed on either versions of IBM Cloud Kubernetes services (https://cloud.ibm.com/docs/containers?topic=containers-cs_network_planning).
A word on ports in Kubernetes
Kubernetes has several port configurations for Services:
- Port: the port on which the service is exposed. Other pods can communicate with it via this port.
- TargetPort: the actual port on which your container is deployed. The service sends requests to this port and the pod container must listen to the same port.
- NodePort: exposes a service externally to the cluster. So the application can be accessed via this port externally. By default, it’s automatically assigned during deployment.
A detailed version would be the following;
So in our example for a single mono-region IKS cluster we would have the following:
In a real world example, you would think of high availablty, regions, zones…
Now back to our sample app:
The end result of the run command is not just the pod containing our application containers, but a Deployment resource that manages the lifecycle of those pods.
Once the status reads Running
, we need to expose that deployment as a service so we can access it through the IP of the worker nodes. The guestbook
application listens on port 3000. Run:
kubectl expose deployment guestbook --type="NodePort" --port=3000
You should get the following message:
service/guestbook exposed
To find the port used on that worker node, examine your new service:
kubectl get service guestbook
You should get a similar message:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
guestbook NodePort 172.21.40.1 <none> 3000:31747/TCP 2m2s
We can see that our <nodeport>
is 31208
. We can see in the output the port mapping from 3000 inside the pod exposed to the cluster on port 31208. This port in the 31000 range is automatically chosen, and could be different for you.
guestbook
application is now running on your cluster, and exposed to the internet. We need to find out where it is accessible. The worker nodes running in the container service get external IP addresses. Get the workers for your cluster and note one (any one) of the public IPs listed on the <public-IP>
line. Replace $CLUSTER_NAME
with your cluster name unless you have this environment variable set.
ibmcloud ks workers --cluster $CLUSTER_NAME
(if you have already set this) or
ibmcloud ks workers --cluster c2jr04vd0gva8pgpoam0
(in case of this example)
You should get an output like the one below:
ID Public IP Private IP Flavor State Status Zone Version
kube-c0igf50d0t5cp9eut8o0-aammycluste-default-0000004d 169.57.85.182 10.131.83.214 free normal Ready mex01 1.18.15_1540
We can see that our <public-IP>
is 169.57.85.182
.
Now that you have both the address and the port, you can now access the application in the web browser at <public-IP>:<nodeport>
. In the example case this is 169.57.85.182:31747
3. Additional information and resources
You can find some additional information regarding IBM Kubernetes Services;
Getting started with IBM Cloud Kubernetes Services: https://cloud.ibm.com/docs/containers?topic=containers-getting-started
Tutorials: https://cloud.ibm.com/docs?tab=tutorials&tags=containers&page=1&pageSize=20
Conclusion
We successfully deployed an application on a managed IBM Kubernetes cluster!