Road to Kubernetes (Justin Mitchel) (z-library.sk, 1lib.sk, z-lib.sk)

M A N N I N G Justin Mitchel

Road to Kubernetes

MANN I NG Shelter ISland Road to Kubernetes JUSTIN MITCHEL

For online information and ordering of this and other Manning books, please visit www.manning.com. The publisher offers discounts on this book when ordered in quantity. For more information, please contact Special Sales Department Manning Publications Co. 20 Baldwin Road PO Box 761 Shelter Island, NY 11964 Email: orders@manning.com © 2024 by Manning Publications Co. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps. Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books we publish printed on acid- free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without the use of elemental chlorine. ∞ Manning Publications Co. 20 Baldwin Road PO Box 761 Shelter Island, NY 11964 ISBN: 9781633438200 Printed in the United States of America The author and publisher have made every effort to ensure that the information in this book was correct at press time. The author and publisher do not assume and hereby disclaim any liability to any party for any loss, damage, or disruption caused by errors or omissions, whether such errors or omissions result from negligence, accident, or any other cause, or from any usage of the information herein. Development editor: Connor O’Brien Technical editor: Billy Yuen Production Editor: Aleksandar DragosavljeviÊ Copy Editor: Katie Petito Typesetter: Bojan StojanoviÊ Cover Designer: Marija Tudor

To my wife Emilee—thank you for your endless support and encouragement. I am a very lucky man to have you in my life. Thank you for giving me everything. To my daughters McKenna, Dakota, and Emerson—thank you for being you. Each one of you is exactly what our family needs, and I am so proud of the women you are becoming. Being your Dad has been the greatest and most rewarding gift in the world. I love each of you more than you can possibly know, and I am very excited for many more adventures together. Love you all!

vi brief contents 1 ■ Kubernetes and the path to modern deployment 1 2 ■ Creating the Python and JavaScript web apps 9 3 ■ Manual deployment with virtual machines 37 4 ■ Deploying with GitHub Actions 71 5 ■ Containerizing applications 103 6 ■ Containers in action 126 7 ■ Deploying containerized applications 148 8 ■ Managed Kubernetes Deployment 172 9 ■ Alternative orchestration tools 223 A ■ Installing Python on macOS and Windows 249 B ■ Installing Node.js on macOS and Windows 258 C ■ Setting up SSH keys for password-less server entry 261 D ■ Installing and using ngrok 269

vii contents preface xii acknowledgments xv about this book xvi about the author xxi about the cover illustration xxii 1 Kubernetes and the path to modern deployment 1 1.1 Anyone can deploy 2 1.2 Our path to deployment 3 1.3 The challenge of dependencies 4 1.4 What do containers do? 5 1.5 The challenges in building and running containers without Kubernetes 6 1.6 What are the fundamental challenges with using Kubernetes? 7 1.7 How does this book teach the technology? 8 2 Creating the Python and JavaScript web apps 9 2.1 Designing a basic FastAPI web app in Python 10 Python project setup with virtual environments 10 Hello World with FastAPI 13 ■ Handling multiple routes with FastAPI 14

viii 2.2 Creating a JavaScript web application with Node.js and Express.js 15 Hello World from Express.js 17 ■ Run the Node.js + Express.js app 19 ■ Create a JSON response with Express.js 20 2.3 Tracking code changes with Git 21 Using Git in our projects 23 ■ Ignoring files 25 ■ Tracking files 26 ■ Complete Git repo reboot 29 ■ Git logs and show 30 ■ Fundamental Git commands overview 31 2.4 Pushing code to GitHub 32 Creating a GitHub account 32 ■ Create a Git repository on GitHub 33 ■ Configuring our local git repo for GitHub 34 Rinse and repeat 35 3 Manual deployment with virtual machines 37 3.1 Creating and connecting to a remote server 38 Provisioning a virtual machine 39 ■ Connecting via SSH 40 3.2 Serving static websites with NGINX 43 Embrace ephemeral VMs 44 ■ Modify the default NGINX HTML page 45 3.3 Self-hosted remote Git repositories 47 Log in to the server with SSH 48 ■ Creating the bare Git repositories 48 ■ Pushing local code to the remote repo 50 Git hook to check out code 51 3.4 Installing the apps’ dependencies 53 Installing Python 3 and our FastAPI project 54 ■ Installing Node.js and our Express.js app 58 ■ Running the Express.js application 61 3.5 Run multiple applications in the background with Supervisor 62 Installing Supervisor 63 ■ Configure Supervisor for apps 63 3.6 Serve multiple applications with NGINX and a firewall 66 Configuring NGINX as a reverse proxy 67 ■ Installing Uncomplicated Firewall 68 contents

ix 4 Deploying with GitHub Actions 71 4.1 Getting started with CI/CD pipelines with GitHub Actions 72 Your first GitHub Actions workflow 73 ■ Creating your first GitHub Actions secret 78 ■ Installing the public SSH key on Akamai Connected Cloud 79 ■ Creating a new virtual machine on Akamai Linode 81 ■ Installing NGINX on a remote server with a GitHub Actions workflow 82 4.2 Virtual machine automation with Ansible 85 GitHub Actions workflow for Ansible 86 ■ Creating your first Ansible Playbook 88 ■ Ansible for our Python app 90 Ansible for our Node.js app 97 5 Containerizing applications 103 5.1 Hello World with Docker 104 Running your first container 105 ■ Exposing ports 106 Entering a container 107 ■ Stateless containers 107 5.2 Designing new container images 108 Creating a Dockerfile 109 ■ Running your first container image 110 5.3 Containerizing Python applications 110 Version tags and a Python Dockerfile 110 ■ Creating a Python Dockerfile 113 ■ Ignoring unwanted files in Docker builds 115 Creating and running an entrypoint script 116 5.4 Containerizing Node.js applications 118 The Node.js entrypoint script and .dockerignore file 119 The Node.js Dockerfile 120 5.5 Pushing container images to Docker Hub 121 Your first push to Docker Hub 122 6 Containers in action 126 6.1 Building and pushing containers with GitHub Actions 127 Docker login and third-party GitHub Action tools 128 A GitHub Actions workflow for building containers 129 contents

x 6.2 Managing a container with Docker Compose 130 Why we need Docker Compose 130 ■ Docker Compose for our Python app 131 ■ Docker Compose for our Node.js app 134 6.3 Stateful containers with volumes 135 Using volumes with Docker 135 ■ Using volumes with Docker Compose 137 ■ Built-in volume management with Docker Compose 138 6.4 Networking fundamentals in Docker Compose 140 Container-to-container communication simplified 141 Databases and Docker Compose 143 ■ Environment variables with dotenv in Docker and Docker Compose 145 7 Deploying containerized applications 148 7.1 Hello prod, it’s Docker 149 Provisioning a new virtual machine 149 ■ Installing Docker on Ubuntu 150 ■ Installing Docker Compose on Ubuntu 151 Deploying NGINX 151 7.2 Staging containers 153 Dockerfiles for multiple environments 154 ■ Docker Compose for multiple environments 155 7.3 GitHub Actions to deploy production containers 157 Building and hosting a production container 158 Installing Docker and Docker Compose on a virtual machine with GitHub Actions 161 ■ Using GitHub Actions to run Docker Compose in production 162 7.4 The limitations of using Docker Compose for production 167 Scaling containers with Docker Compose 168 8 Managed Kubernetes Deployment 172 8.1 Getting started with Kubernetes 174 Self-service or managed Kubernetes? 174 ■ Provisioning a Kubernetes cluster 175 ■ Core concepts and components 177 8.2 Connecting to Kubernetes 179 The Kubernetes Dashboard GUI 179 ■ Installing kubectl 181 Configuring kubectl 183 contents

xi 8.3 Deploy containers to Kubernetes 185 Your first Pod and manifest 186 ■ Your first Service 187 From Pods to Deployments 191 ■ Customize NGINX with ConfigMaps 193 ■ Environment Variables with ConfigMaps and Secrets 196 8.4 Volumes and stateful containers 200 Volumes and Deployments 201 ■ StatefulSets 203 Container-to-container communication within Kubernetes 208 Namespaces to manage cluster resources 211 8.5 Deploy apps to production with Kubernetes 214 LoadBalancer Services 215 ■ Deploying to Kubernetes with GitHub Actions 219 9 Alternative orchestration tools 223 9.1 Container orchestration with Docker Swarm 224 Preparing the Docker Swarm Manager 226 ■ Docker Compose for Docker Swarm 229 ■ Start Docker Swarm 230 ■ Deploy a Docker Swarm Stack 231 9.2 HashiCorp Nomad 232 Preparing our Nomad cluster 233 ■ Installing Nomad 234 ■ Configuring the Nomad server 235 ■ Configuring the Nomad Clients 238 ■ Running containers with Nomad jobs 240 appendix A Installing Python on macOS and Windows 249 appendix B Installing Node.js on macOS and Windows 258 appendix C Setting up SSH keys for password-less server entry 261 appendix D Installing and using ngrok 269 index 271 contents

xii preface I believe that more applications are going to be released in the next decade than in the previous decade to the 10th power. This exponential growth is going to be driven by modern deployment technologies like containers and container orchestration, along with the explosion in the use of generative AI tools. While the tools and technologies might change, I am certain that more applications will be deployed. I have seen software go from floppy disks to compact disks (CDs), to car- tridges (for game consoles), to DVDs, and ultimately to the internet. As the format of distribution changed, so did the number of applications that were released; they increased exponentially. Even if each physical format change did not see this exponential growth, the internet definitely did. I grew up in a time when I never had to write a single line of code that required a disc or cartridge for the app to work. My programming and web development skills were devel- oped on the internet. When I was 16, I decided I was going to make my fortune selling t-shirts. A friend agreed this plan was a great idea, so we joined forces and did what any smart teenager would: borrow money from our parents. While this money was enough to print shirts, it was not enough to build a website, or so we thought. At the time, MySpace was the most popular social media site, and eCommerce was just starting to explode. We wanted to look as legit as possible to potential retail- ers, so we figured creating a website was a great idea. The problem? Websites were at least $800 to hire a company to create one. Because we spent all of our parents’ money, we needed to do this one on our own.

xiiipreface That’s when I met Bobby Kim, the founder of an up-and-coming clothing company, The Hundreds, and he gave me the advice I will never forget: “Oh man, you don’t need to hire a website design company, buy a book and do it yourself! That’s what we did; it’s really not that hard.” Despite not fully agree- ing with the sentiment of “It’s not that hard,” I did buy the book. To my sur- prise, creating a basic HTML website was easy, thanks to the practical, hands-on nature of the book. While the website I created was definitely amateur by any standard, I was able to publish it on the internet with the help of a family friend. Achievement unlocked, and $800 saved. It might not be surprising to learn that a couple of 16-year-olds failed to com- pete with the likes of Quiksilver and Billabong right before a massive global recession. While that sentence might echo the current economic times and maybe would make a good one-liner for a movie, I hold that time period near and dear because that t-shirt company propelled me into the wonderful world of building things for the internet. Fast forward a few years, and I found myself at odds with creating real soft- ware. While HTML might look like “real software,” I consider it a bit more like a complicated text document (ahem, because it is). Once again, I was misguided in thinking that writing code was far too complex and thus not for me. Thank- fully, during yet another one of my many projects, my technical cofounder told me I should try out this tool called Python. And so I did. I bet you know where the story goes from here. It felt like it was a matter of months, and I was regularly releasing my Python- based web applications to the world faster than I ever could have hoped. These skills led to many freelancing opportunities and many more opportunities to learn and grow. That’s exactly what I did. Over time, I came to realize that I needed to help others overcome their own self-doubt in writing, learning, and releasing software to the world. A few months after this realization, a friend invited me to a weekend workshop called Startup Weekend, where various entrepreneurs and coders would come together and create businesses in just two days. I decided that instead of driving 10+ hours to a workshop in another state, I would just buckle down and create my first course. After a caffeine-filled weekend, I had my first four-hour course done and ready to release. Here lies another inflection point on my journey to you reading these words. Was I ready? Was the course any good? Will people find out that I am bad at this? The questions went on and on in my head causing me to rethink my course alto- gether. During this time, two quotes rang in my head:

xiv preface “Business is just two things: innovation and marketing.” —Peter Drucker “Just Do It” —Nike So, despite my self-doubt and self-defeating thoughts, I decided to release the course, which took over two weeks after creating it. I decided to name the course “Coding for Entrepreneurs” because it’s exactly who I am and who I identify with: a coding entrepreneur. I also figured that if the 16-year-old ver- sion of me saw the course “Coding for Entrepreneurs,” he would have pur- chased it in 2 seconds. The course took off and quickly amassed 10s of thousands of students, which led to a successful Kickstarter campaign and eventually to hundreds of thou- sands of students across the world through platforms like Udemy, YouTube, CodingForEntrepreneurs.com, and many others. To date, I have more than 800,000 students enrolled on Udemy, more than 235,000 subscribers on You- Tube, and more than 15,000 followers on GitHub. I created this book as a result of the many journeys I have been on with software and, more importantly, deploying software. I believe that deployed software is the only software that will propel you or your team forward. I hear statements all the time about what the best place to deploy software is, and in all honesty, I do not think there will ever be a best. Best implies finished, done, over, and so on, whereas better implies there’s a chance for worse. At one point, file transfer protocol (FTP) was considered the best option for deploying code, and spoiler alert, it no longer is. While I just bemoaned the term best, I will say that I think containers and container orchestration are, as of the end of 2023, the best ways to deploy code into production. I suspect these tools will eventually change for something better. The Road to Kubernetes is about learning various options to deploy your appli- cations into production so that you can continuously do so. I wrote this book as a step-by-step journey so you can have practical and tangible results each step of the way to help you deploy more often and, if I did my job correctly, deploy better. The more you can deploy your software, the more momentum your proj- ect may have and thus end up helping others in the process. The more you can deploy software, the better it can get.

xv acknowledgments First, I would like to thank you, dear reader. I created this book for you, and I hope you enjoy it. Please feel free to reach out to share any insights you may have. I would like to thank my students and followers for all of your watching, read- ing, listening, sharing, and doing the work; I would not be where I am today if it weren’t for you. Thank you for letting me be a voice in this group of outstand- ing people. I would like to thank Akamai for their support in my educational and techno- logical pursuits. Akamai has been a great partner in my mission to help others build software and release it to the world. I would like to thank Timothy Ryan for his support in making this book possible and for being an ear for my long-winded discussions about all things technology. I would also like to thank Andrew, Justin, Jamie, Hillary, Kerterika, Maddie, Talia, and other members of the Akamai Connected Cloud team for your help on this and many other projects. While this list is not exhaustive, I do appreciate you and what you have done over the time we have worked together. Last, I would like to thank Andy, Ian, and Connor at Manning for helping bring this project to life.

xvi about this book With Road to Kubernetes, we start with creating simple Python and Node.js web applications. These applications will stay with us for our entire journey so we can learn about all the various tools and techniques to deploy them. From there, we start using secure shells (SSH) and modern version control by way of Git with self-managed environments, self-managed repositories, and self-man- aged deployments. After we understand the self-managed way of deploying, we move to auto- mation with GitHub, GitHub Actions, and even Ansible. GitHub is a popular third-party-managed git repository and code hosting service that also allows us to run one-off code workflows called GitHub Actions. These workflows are short-lived computing environments that are useful to build, test, and deploy our code and help us to continuously integrate and deliver (CI/CD) our apps. Ansible helps us automatically configure our deployment environments (e.g., virtual machines) by declaring what software we need to run our applications. While Ansible is great at configuring our environments after the fact, we started adopting a way to preconfigure our environments into portable and manageable runtime environments called containers. Containers and the process of containerization were pioneered by Docker and are often known as Docker Containers. These containers are essentially apps themselves that include a small operating system to run our code–think of it as a tiny Linux OS that runs our Python or Node.js app that can be easily moved around from sys- tem to system with no additional configuration.

xviiabout this book After learning about building and running containers, we learned how to manage deploying different kinds of containers because applications rarely exist in a vacuum–web apps often need databases to run. Running and man- aging more than one container at a time is called container orchestration and is exactly what Docker Compose, Docker Swarm, HashiCorp Nomad, and, of course, Kubernetes do. While each tool handles containers differently, we’ll look at a number of ways these tools intersect and when and where you might use them. Kubernetes is one of the most used container orchestration tools in exis- tence and is, in many ways, better than the alternatives thanks to its third-party ecosystem, as well as managed support by many cloud providers. In some cases, companies offer services to run and manage your containers for you where the underlying technology is actually just Kubernetes. While deploying to Kubernetes may seem complex, this book aims to break apart this complexity by homing in on the various technologies and deploy- ment techniques available so you can determine which option is best for you and your projects. More often than not, you may come to find that Kubernetes is the best option. Who should read this book If you are unsure if Kubernetes is right for you or your project, this is the book for you. Ideally, you have some basic knowledge of writing Python or JavaScript code, so you have the foundation to start with the practical examples in this book. If you are unsure if containers or Docker containers are right for your applica- tions, this book is also for you. Containers are an essential element of Kuberne- tes, allowing you to create portable applications that can run on any computer, cloud, on-prem servers, Raspberry Pis, or some mixture of all of these. Contain- ers can help make your apps scale. Kubernetes is one of the tools to help ensure that scale is possible, but it’s not the only one. We also learn about Docker Com- pose, Docker Swarm, and HashiCorp Nomad to run containers. How this book is organized: a roadmap The name of this book implies that you are about to embark on a journey, and that was done with purpose. Depending on your background, you can pick up from nearly any part of this journey. While each chapter builds on the previous one, the goal is to allow you to work through this book as your project grows or your curiosity does.

xviii about this book Chapter 1 lays the foundation for what we will do in this book. This chapter is for technical and non-technical readers alike to help understand where mod- ern deployment is and what you can do about it. Chapter 2 is where we create sample Python and JavaScript via Node.js web applications. These applications serve as stand-ins to nearly any type of appli- cation you aim to create. Two different runtimes, Python and Node.js, help us understand the challenges that we face when deploying various kinds of soft- ware; these challenges are almost identical but different enough to cause a lot of issues. Chapter 3 is the first foray into deploying applications. This chapter is all about the manual efforts you will take to deploy code to a server using mod- ern technologies like version control through Git and mature technologies like secure shells and firewalls. The manual nature of this chapter is a rite of passage for many developers because this way is often the scrappiest way to get your application deployed. Chapter 4 converts a manual deployment into an automated one by leverag- ing GitHub and GitHub Actions to run various commands on our behalf using a one-off computing workflow. This computing workflow allows us to use the third-party software Ansible to automate how we configure our deployment environments instead of doing them manually. Chapter 5 is where we start learning about bundling our applications into containers. Containers help us preconfigure environments for our applications so we can more easily move them around with very little additional configu- ration. While this might feel more complex up front, containerized apps can run wherever there is a container runtime, regardless of whether the applica- tion uses Python, Node.js, Ruby, Java, and so on. Container runtimes mean we do not need our deployment systems to have application runtimes installed to work–as in, we can skip installing Python, Node.js, Ruby, Java, etc., in favor of just a container and a container runtime. Chapter 6 is where we use automation to build and push our containers to a place to store our containers called Docker Hub. From here, we’ll learn about our first way of multi-container management, called container orchestration, with a tool called Docker Compose. Chapter 7 is where we deploy our first containers to a production server, which will require us to configure the server and run our container images through Docker Compose, all orchestrated by GitHub Actions. Chapter 8 is where we deploy our containers to Kubernetes. In this chap- ter, we’ll learn how to provision a managed Kubernetes cluster across a set of virtual machines. This cluster of machines, coupled with Kubernetes, gives us

xixabout this book the ability to scale and manage containers, unlike any tool we have used to this point. Managed Kubernetes unlocks much-needed production features, such as a static IP address, load balancers, and persistent volumes. We also learn how to design manifests so we can be deliberate about what containers need to do on Kubernetes and how. Chapter 9 is where we deploy containers to two Kubernetes alternatives called Docker Swarm and HashiCorp Nomad. Both these tools orchestrate containers like Kubernetes, but the approach and features are different. Docker Swarm is a natural extension of Docker Compose, while HashiCorp Nomad is a unique take on managing containers that fits well within the HashiCorp ecosystem of tools like Terraform and Vault. As you can see, each chapter builds on the concepts introduced in previous chapters and ultimately ends with two chapters covering how to manage con- tainers with modern container orchestration tools. The fundamental building block of Kubernetes is a container and therefore containers are also a funda- mental concept for this book. The first few chapters help you understand both conceptually and practically the need for containers, while the remainder of the book helps you better understand and leverage containers in deployment. About the code This book contains many examples of source code both in numbered listings and in line with normal text. In both cases, source code is formatted in a fixed- width font like this to separate it from ordinary text. Sometimes code is also in bold to highlight code that has changed from previous steps in the chapter, such as when a new feature adds to an existing line of code. In many cases, the original source code has been reformatted; we’ve added line breaks and reworked indentation to accommodate the available page space in the book. In rare cases, even this was not enough, and listings include line-continuation markers (➥). Additionally, comments in the source code have often been removed from the listings when the code is described in the text. Code annotations accompany many of the listings, highlighting important concepts. You can get executable snippets of code from the liveBook (online) version of this book at https://livebook.manning.com/book/road-to-kubernetes. The complete code for the examples in the book is available for download from the Manning website at https://www.manning.com/books/road-to-kubernetes. Each chapter, with the exception of chapter 1, uses code and code listings throughout. A few public repositories are available for you at