Getting Hands-on with Kubernetes using Simple Python Application (Part II)
As in our previous blog, we had just saw a very basic deployment of a python-flask application on Kubernetes using minikube . Moving forward to the second part of this blog, we will be extending the python-flask application to use the DB and deploy it within the K8s cluster. Moreover we can have a look at how the new updates are being rolled in the clustered environment. While the DB will be in place then the management of secrets and other connectivity issues will also needs to be be addressed in order to make it up and running.
Creating Configuration for MySQL Database
We can now have a look at the YAML configuration file for the deployment of MySQL database in our K8s environment. For that purpose we will be creating a file named “db-deployment.yml” with the following content listed below:
- name: mysql
- name: MYSQL_ROOT_PASSWORD
- containerPort: 3306
- port: 3306
The configuration listed above is same as used in our previous blog, Once we will save this file, we will be running the same
kubectl command and pass the file as the argument
$ kubectl apply -f db-deployment.yml
Once you apply the configuration and run the command
kubectl get pods then you will see your pods in a running state. Once complete, you can inspect the components deployed via the standard kubectl commands.
$ kubectl get pods
$ kubectl get deployments/mysql
$ kubectl get services/mysql
After checking the status, you can see that the MySQL database is now up and running. For validating it we can simply use the local
mysql client application to access the Service running.
Here we have both DB and Python application pods in running state, Now we will jump towards linking them .
Linking the DB with Python Application
As the DB is now up and running and we have YAML files for both application and the database. Now we can setup the application in order to talk with the the database. In order to do so, we can just fill our DB with some sample values for testing the connectivity.
Creation of a DB named pyapplicationdb inside the mysql container, First just taking the access of the container;
$ kubectl exec -it <podname> -- /bin/sh
once we have the access, we can do the magic easily;
$ mysql -u root -pmysql> create database pyapplicationdb;
mysql> use pyapplicationdb;
mysql> create table random_words(word_id int auto_increment, word varchar(255) not null, primary key(word_id));
mysql> insert into random_words (word) values ('randword1'), ('randword2'), ('randword3');
mysql> select * from random_words;
The DB is now being populated, so we will once again just make the python application up and see the results;
$ kubectl apply -f app-deployment.yml
Once it is up and running, we can see the results in our browser via minikube service command;
$ minikube service pyapplication --url
Managing Database credentials secretly
Currently, we have used a very basic technique just to setup things. There is a lot of improvement to be done in order to make it looks good. First of all we have passed the DB credentials in a plain format in our db-deployment.yml configuration file. Kubernetes secrets will be helpful in this case, To use a Secret, a Pod needs to reference the Secret. A Secret can be used with a Pod in three ways:
- As files in a volume mounted on one or more of its containers.
- As container environment variable.
- By the kubelet when pulling images for the Pod.
we will create a YAML configuration file for the database user password Secret. There is one extra step involved in creating a Secret configuration file which is to base64-encode the sensitive values prior to placing them into the YAML configuration file:
$ echo -n 'Passw0rd' | base64
Next step is to create the Secret YAML file, named
secret.ymlin order to bind it to our db-deployment config;
Save the file above and then run the
kubectl command to create the secret:
$ kubectl create -f secret.yml# inspect that the secret was created
$ kubectl get secrets/mysql-password# decode the secret to validate the contents
$ kubectl get secrets/mysql-password -o yaml
Now that we have a secret created within the cluster, we can update our app-deployment.yml file, so that it can fetch the credentials from the secrets we have just created.
- name: MYSQL_DB_PASSWORD
Rolling out the updates
As we are now up and running. So now if we have to perform or make some changes or update. We have couple of different ways to achieve this. One thing is to do it via command-line (being explicit to change the image of the deployed application) or may be via the
kubectl edit command, which will allow updating the Deployment YAML config file and then handling the changes for you.
For doing it via the
kubectl edit command;
$ kubectl edit deployment/pyapplication# check pods now and we can see updates to the pods being made
$ kubectl get pods# check the rollout status for the updates made
$ kubectl rollout status deployment/pyapplication
In A Nutshell
It was just a basic tutorial just to get the concept of how things are working here. Obviously it was not written with the best practices. There are a lot of things to be included or added. Just to give a hint, we can work more on secrets, configmaps, persistent volumes.
Moreover modern practices involves different tools for deploying the cluster, some of the examples are helmcharts and there are a lot others as well.
Moreover we can also keep an eye on curated list with different options available. Here is Nubenetes or this list may be.
Happy coding and kubernetesing!