« Previous 1 2
Exploring Kubernetes with Minikube
Kubernetes Kickoff
Digging Deeper
The next step is to see if Nginx is actually serving some HTML next.
If you run the following next command (substituting the hash 54b9c79874 with a valid pod name running on your cluster), you can see that the pod relies on the stated deployment (Figure 9):
$ kubectl describe pod nginx-dep-54b9c79874-b9dzh
The YAML in Listing 2 installed a service called nginx-svc . Request some important information about that service using the following command:
$ kubectl get svc
See the output in Figure 10.
In Figure 10, pay close attention to the NodePort setting, which was requested in the YAML.
This example uses a specific node's ephemeral networking ports to present a service; you would use an ingress controller in a cloud environment most likely. NodePort exposes the service on a static port of the node IP address [8]. NodePorts are in the 30000-32767 range. The NodePort is therefore unlikely to match a service's well known port.
I know the upper-range ephemeral port number already (TCP port 31867, in this case). The following command gives the Node IP address:
$ kubectl describe nodes
You might need to scroll up a little in the output to find the IP Address (Figure 11).
Proof Of the Pudding
Finally, a trusty curl command offers evidence that Kubernetes has ``exposed'' (or opened up) TCP port 31867 on the node for the nginx instance. Try the following command:
$ curl -k -v http://192.168.122.207:31867
And, low and behold, you will see the very welcoming, Welcome to nginx! index page (Figure 12).
The End
You'd be forgiven for wanting to learn more about the clever Kubernetes. This article covered the installation and the addition of a basic Nginx service, backed by a deployment with two replicas running, using Minikube -- a tool designed for exploring Kubernetes in a local environment.
For more information, the cheatsheet at the Kubernetes website covers common Kubernetes commands nicely [9].
The Author
Chris Binnie’s latest book, Linux Server Security: Hack and Defend, shows how hackers launch sophisticated attacks to compromise servers, steal data, and crack complex passwords, so you can learn how to defend against such attacks. In the book, he also shows you how to make your servers invisible, perform penetration testing, and mitigate unwelcome attacks. You can find out more about DevOps, DevSecOps, Containers, and Linux security on his website: https://www.devsecops.cc.
Info |
[1] Kubernetes: https://kubernetes.io/ [2] Minikube at GitHub: https://github.com/kubernetes/minikube [3] Virtualization Basics and an Introduction to KVM: https://mkdev.me/en/posts/virtualization-basics-and-an-introduction-to-kvm [4] Kubectl commands: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands [5] KVM Commands: https://www.cyberciti.biz/faq/howto-linux-delete-a-running-vm-guest-on-kvm/virsh-kvm-list-vms/ [6] YAML: http://www.yaml.org [7] YAML Checker: http://yaml-online-parser.appspot.com [8] NodePort: https://docs.openshift.com/container-platform/3.6/dev_guide/expose_service/expose_internal_ip_nodeport.html [9] Kubernetes Cheatsheet: https://kubernetes.io/docs/reference/kubectl/cheatsheet/ |
« Previous 1 2