Introduction à Kubernetes

Kubernetes est une plateforme open-source d'orchestration de conteneurs qui permet d'automatiser le déploiement, la mise à l'échelle et la gestion des applications conteneurisées.

Concepts de base

# Pod - Unité de base
apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
  labels:
    app: nginx
spec:
  containers:
  - name: nginx
    image: nginx:1.24
    ports:
    - containerPort: 80

# Déploiement
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.24
        ports:
        - containerPort: 80

# Service
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 80
  selector:
    app: nginx

Composants de base

  • Pod : Plus petite unité déployable, contient un ou plusieurs conteneurs
  • Deployment : Gère le déploiement et la mise à jour des pods
  • Service : Expose les pods au réseau
  • ConfigMap : Configuration non sensible
  • Secret : Données sensibles (clés, mots de passe)
  • PersistentVolume : Stockage persistant

Commandes de base

# Informations sur le cluster
kubectl cluster-info
kubectl get nodes
kubectl get namespaces

# Gestion des ressources
kubectl get pods
kubectl get deployments
kubectl get services
kubectl get configmaps
kubectl get secrets

# Création et suppression
kubectl apply -f manifest.yaml
kubectl delete -f manifest.yaml

# Logs et debug
kubectl logs pod-name
kubectl describe pod pod-name
kubectl exec -it pod-name -- /bin/bash

# Scale
kubectl scale deployment nginx-deployment --replicas=5

# Port-forward
kubectl port-forward service/nginx-service 8080:80

# Contextes
kubectl config get-contexts
kubectl config use-context my-cluster

Architecture :

  • Control Plane (Master)
    • API Server
    • Scheduler
    • Controller Manager
    • etcd
  • Worker Nodes
    • Kubelet
    • Container Runtime
    • Kube Proxy

Stockage et configuration

# ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  database_url: "postgres://db:5432"
  api_url: "http://api:8080"

# Secret
apiVersion: v1
kind: Secret
metadata:
  name: app-secrets
type: Opaque
data:
  db_password: cGFzc3dvcmQ=
  api_key: c2VjcmV0

# PersistentVolumeClaim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: app-data
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi

Réseau

# Service LoadBalancer
apiVersion: v1
kind: Service
metadata:
  name: web-service
spec:
  type: LoadBalancer
  ports:
  - port: 80
  selector:
    app: web

# Ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: web-ingress
spec:
  rules:
  - host: app.example.com
    http:
      paths:
      - path: /api
        pathType: Prefix
        backend:
          service:
            name: api-service
            port:
              number: 80
      - path: /
        pathType: Prefix
        backend:
          service:
            name: web-service
            port:
              number: 80

# NetworkPolicy
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: api-policy
spec:
  podSelector:
    matchLabels:
      app: api
  ingress:
  - from:
    - podSelector:
        matchLabels:
          app: web