Agility, Java programming, New technologies and more…
  • rss
  • Home
  • Management
  • Agile Programming
  • Technology
  • Linux
  • Event
  • Android app
  • Contact
  • About the author
  • English
  • Francais

Flagger – Get Started with Istio and Kubernetes

Fabian Piau | Saturday May 2nd, 2020 - 06:40 PM
  • Print
  • Twitter
  • LinkedIn
  • Facebook
  • Pocket

 Version française disponible

Update
October, 17th, 2020 : Use newer versions (Helm 3, Kube 18, Istio 1.7).

This series of articles is dedicated to Flagger, a tool that integrates with Kubernetes, the popular container orchestration platform. Flagger enables automated deployments and will be one step closer to a continuous deployment process.

This article is the first of the series and also the only one where we won’t use Flagger yet… this article will walk through how you to run a Kubernetes cluster on your local environment and deploy an application which will be accessible via an Istio gateway.

Note
This is a hands-on guide and can be followed step by step on MacOS. It will require some adjustments if you are using a Windows or Linux PC. It is important to note that this article will not go into details and only grasp the concepts & technologies so if you are not familiar with Docker, Kubernetes, Helm or Istio, I strongly advise you to check some documentation yourself before continuing reading.


Docker

Install Docker by installing the Docker Desktop for Mac application, you can refer to the official installation guide. For Windows users, the equivalent application “Docker for Windows” exists.

In the next part, we will also use Docker for Mac to set up our local Kubernetes cluster. Note that this tutorial has been tested with Docker for Mac 2.4.0.0 that includes a Kubernetes Cluster in version 1.18.8, this is the latest at the moment of writing.

If you use a different version, technology is moving fast so I cannot guarantee that the commands used in this series will work without any adjustment.


Mirror HTTP Server

First a few words about the application Mirror HTTP Server we will use in this series of articles.

MHS is a very simple JavaScript application based on Node.js using the framework Express which allows you to customize the HTTP response received by setting specific HTTP headers in the request. The Docker image is publicly available on the Docker Hub. You can consult the Github repo of the project to find out more, please note that I am not the author.

This little app is exactly what we need to test the capabilities of Flagger to simulate 200 OK responses and 500 Internal Server Error responses.

Let’s pull the Docker image:

docker pull eexit/mirror-http-server

And run a new container that uses it:

docker run -itp 8080:80 eexit/mirror-http-server

Then let’s make sure it is functioning properly:

curl -I 'http://localhost:8080'

You should receive an HTTP 200 OK response:

HTTP/1.1 200 OK
X-Powered-By: Express
Date: Fri, 01 May 2020 17:57:17 GMT
Connection: keep-alive

While:

curl -I -H X-Mirror-Code:500 'http://localhost:8080'

will return an HTTP 500 response:

HTTP/1.1 500 Internal Server Error
X-Powered-By: Express
Date: Fri, 01 May 2020 17:57:45 GMT
Connection: keep-alive

For simplicity, we use the curl command, but you can use your favourite tool, e.g. Postman.


Kubernetes

Now that you’ve installed Docker for Mac, having a Kubernetes cluster running locally will be a simple formality. You just need to check a box!

Enable Kubernetes with Docker for Mac

Enable Kubernetes with Docker for Mac

If the light is green, then your Kubernetes cluster has successfully started. Please note, this requires a significant amount of resources, so don’t panic if the fan is running at full speed and it takes a bit of time to start…


Kube dashboard

We will install our first application in our Kubernetes cluster.

Kubernetes via Docker does not come with the dashboard by default, you have to install it yourself. This dashboard is very practical and provides a graphical interface of what is going on in your cluster and will save you from having to enter kubectl commands.

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml

The dashboard is protected, but you can use the default user to access it. You can generate a default token via this command:

kubectl -n kube-system describe secret default | grep token: | awk '{print $2}'

Copy it.

You will need to re-use this command and /or the token copied if your session has expired, this happens when you don’t interact with the dashboard for a little while.

Finally, create a proxy to access the dashboard from the browser (this command will need to run indefinitely):

kubectl proxy

If you access http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login and use the token that you copied to authenticate, you should see this screen.

Kube Dashboard

Kube Dashboard


Helm

We use Homebrew for the installation of Helm. Homebrew is a handy package manager available for Mac.

We will use Helm to install Istio and the MHS application in our cluster. Helm is a bit like Homebrew, but for Kubernetes. We are using version 3. Helm will save you from having to enter many kubectl apply commands.

Let’s install Helm 3 with:

brew install [email protected]

To verify that Helm has been installed:

helm version

You should have a similar output (note that Helm 3.3.4 is the latest version at the time of writing):

version.BuildInfo{Version:"v3.3.4", GitCommit:"a61ce5633af99708171414353ed49547cf05013d", GitTreeState:"dirty", GoVersion:"go1.15.2"}


Istio & Prometheus

Now, we are going to install the Istio Service Mesh. For full explanations and the benefits of using a Service Mesh, I invite you to read the official documentation.

First of all, you must increase the memory limits of your Kubernetes via Docker, otherwise you will run into deployment issues. Your laptop’s fans will recover, don’t worry…

Here is my configuration:

Kubernetes Configuration in Docker for Mac for Istio

Kubernetes Configuration in Docker for Mac for Istio

I followed the Docker Desktop recommendations for Istio.

Let’s go and install Istio 1.7.3 (the latest version at the time of writing). First, download the source:

curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.7.3 sh -

cd istio-1.7.3

Add the istioctl client to your path:

export PATH=$PWD/bin:$PATH

Install Istio with the provided client, we use the demo profile:

istioctl install --set profile=demo

After a few minutes, you should get a message confirming that Istio has been installed. And voilà!

To install the latest version of Istio, you can simply replace the first line with curl -L https://istio.io/downloadIstio | sh -.

Add Prometheus as it’s required for Flagger:

kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.7/samples/addons/prometheus.yaml

From the Kube dashboard, verify that a new namespace has been created istio-system and that it contains the Istio tools including Prometheus.

Istio is deployed in your cluster

Istio is deployed in your cluster

Why is Prometheus important? Because it is an essential component for Flagger which will provide the metrics to show if the new version of your application is healthy or not, thus it will know when to promote or rollback a version. I will come back to this in detail in the next article.


Deploying Mirror HTTP Server

Before deploying MHS, let’s create a new namespace application, we don’t want to use the default one at the root of the cluster (this is good practice). The name is too generic, but sufficient for this tutorial, in general you will use the name of the team or the name of a group of features.

kubectl create ns application

Do not forget to activate Istio on this new namespace:

kubectl label namespace application istio-injection=enabled

To deploy MHS, I created a Helm chart.

This chart was created with the helm create mhs-chart command, then I updated to use the latest image of MHS. I also added a gateway.yaml file to configure the Istio gateway so it can be accessible outside of the cluster.

Clone the chart repo:

git clone https://github.com/fabianpiau/mhs-chart.git

And install MHS:

cd mhs-chart
helm install --name mhs --namespace application ./mhs

After a few moments, if you look at the dashboard, you should see 1 replica of MHS in the namespace application.

MHS is deployed in your cluster

MHS is deployed in your cluster

You now have 1 MHS pod running in your Kubernetes cluster. The pod is exposed to the outside world via an Istio gateway.

To test, use the similar commands that we used against the docker container earlier:

curl -I -H Host:mhs.example.com 'http://localhost'

You should receive an HTTP 200 OK response that was handled by Envoy, the proxy used by Istio:

HTTP/1.1 200 OK
x-powered-by: Express
date: Fri, 01 May 2020 17:37:19 GMT
x-envoy-upstream-service-time: 17
server: istio-envoy
transfer-encoding: chunked

And:

curl -I -H Host:mhs.example.com -H X-Mirror-Code:500 'http://localhost'

should return an HTTP 500 response:

HTTP/1.1 500 Internal Server Error
x-powered-by: Express
date: Fri, 01 May 2020 17:38:34 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
transfer-encoding: chunked

Congratulations, you’ve come to the end of this first tutorial!

For information, you can also access MHS with your favourite browser if you run a proxy command first to expose the pod:

export POD_NAME=$(kubectl get pods --namespace application -l "app.kubernetes.io/name=mhs,app.kubernetes.io/instance=mhs" -o jsonpath="{.items[0].metadata.name}")

kubectl port-forward --namespace application $POD_NAME 8080:80

Then, navigate to http://localhost:8080/.

You should see a… blank page. This is normal, MHS does not return a body in the response and there is no HTML output!


Cleaning up resources

You can delete the MHS application and its namespace.

helm delete mhs --namespace application

kubectl delete namespaces application

We don’t remove Istio / Prometheus because we will need it in the next article, but if you want to free up some resources, you can use these commands:

kubectl delete -f https://raw.githubusercontent.com/istio/istio/release-1.7/samples/addons/prometheus.yaml

istioctl manifest generate --set profile=demo | kubectl delete -f -

kubectl delete namespaces istio-system


What’s next?

The next article will focus on the installation of Flagger and use different versions of MHS to try canary deployments. Stay tuned! In the meantime, you can stop the Kubernetes cluster by unchecking the box and restarting Docker Desktop. Your computer deserves a break.

Related posts

kubernetesFlagger – Canary deployments on Kubernetes kubernetesFlagger – Monitor your Canary deployments with Grafana
Comments
No Comments »
Categories
Agile programming
Tags
cloud, docker, flagger, helm, istio, kubernetes
Comments rss Comments rss

Choose the web hosting service that fits your needs

Fabian Piau | Wednesday September 17th, 2014 - 02:15 PM
  • Print
  • Twitter
  • LinkedIn
  • Facebook
  • Pocket

 Version française disponible

For this article, I will talk about two different hosting solutions, a standard one suitable for a simple site (e.g. in PHP) and another one cloud-oriented PaaS (Platform as a Service) for a more complex application (e.g. in Java). My point is not to make a market analysis by comparing all existing offers, but to introduce two solutions that I use today and meet my expectations.


1&1, standard hosting

1&1 logo

This blog is hosted on 1&1 for several years (3 years). At the beginning, I was using Free (a French Internet Provider) which was… free, but their hosting service was limited and quite slow. The triggering factor was when Free decided to remove my blog for reasons that are still unknown. I then decided to choose a more reliable and professional solution that will allow me to create my own domain and get rid of the “free.fr”.


The 1&1 solution works well and is not so expensive (about 30 euros per year or the price of a monthly coffee). I took a look at the competitors including OVH, I finally choose 1&1 because of a promotional offer on the first year. About the availability, the plugin Jetpack Monitor constantly monitors CarmaBlog and alerts me when a downtime is detected. I must say that it happens from time to time (2-3 times a month) for small periods of time, no more than 5 minutes in general. For a blog like mine, that’s enough, I do not need to have an availability rate closed to 100%.


The 1&1 pack provides a default domain name, the one you have chosen (in my case, www.fabianpiau.com), but you also have the ability to create sub-domains. I have created sub-domains for:

  • The contact form: contact.fabianpiau.com (redirection).
  • The blog itself: blog.fabianpiau.com (web space).
  • And also my resume: cv.fabianpiau.com (web space).


You have access to the following set of tools and technologies:

  • A MySQL database. Limited to 1GB which is more than enough, unless you store entire files. With nearly 80 posts, I may be using max 10MB.
  • A FTP server access. I’m not sure there is any size limit, but I do not store movies or music.
  • An email account matching your domain. I do not directly use the webmail, I prefer set up a redirection to my personal email address.

You can configure all of these from a dashboard.

1&1 dashboard

1&1 dashboard


You can access your database only via an online web interface phpMyAdmin. To be honest, WordPress and Matomo are doing very well by themselves so I let them manage the database. Fortunately, you can use a FTP client like FileZilla to transfer files to your FTP server.


Note that 1&1 provides ready-made solutions to help you create your website more efficiently. For example, there is a dedicated pack for WordPress, slightly more expensive than the Basic pack. 1&1 also provides a turnkey solution to help you create your website 1&1 MyWebsite even if you don’t have any technical or programming skills.

In my case, I know the technology and make a blog from scratch by installing WordPress on my own was the natural way (and also the cheapest!).


Heroku, Cloud hosting

Heroku logo

The application Updapy is hosted on Heroku. I’m very satisfied because it cost me 0 euro per year (difficult to do better, I think). I have bought a domain name through 1&1, because the default URL https://updapy.herokuapp.com/ was not sexy enough. The domain name on 1&1 is about 12 euros per year, 1 euro per month, I should be ok… I took the easiest solution as I was already a 1&1 customer so I did not look for another domain name registrar.


I chose the popular Heroku mainly because of the number of users and the large community behind. Moreover, the documentation is very well written. In particular, this tutorial to build and deploy a Java application was very helpful. I hesitated with CloudBees which was also another good option. Finally, I had the chance to choose Heroku because CloudBees has decided to focus on the Jenkins business and abandoned its cloud offers a few days ago. There are also other solutions such as Clever Cloud (French hosting) or Cloud Foundry to name only the best known. I cannot make any comparison here, as I end up with Heroku, but feel free to try these other platforms.


Heroku provides many add-ons to cover the needs that an application can have: sending email, SMS, monitoring, JMS queues, caching, NoSQL, the list is too long to mention all here. The principle is usually the same, when you want a feature, you add the extension to your application via the dashboard or with the command line tool. Then you adapt your code to use these new features (again, the documentation for each add-on is very helpful).

Many of the add-ons available are following the same business plan, you have different options:

  • A free basic version with limitations. This is perfect for small applications or for evaluation purposes.
  • Advanced versions with fewer limitations, but they come with monthly fees.
  • Expert versions so more expensive. To use only if you are managing a large traffic site.


The availability with Heroku seems very good. I will see after few months of usage, but the monitoring add-on I use alerts me of an unavailability of 3 minutes in 3 months. I got few other downtimes, but it was my fault…

Heroku dashboard

Heroku dashboard


As you can see on the dashboard above, I managed to take only add-ons in their basic version with their limitations. So I “pay” $0.00 each month, I’m not sure I can afford it…

  • The SendGrid basic extension allows me to send 200 emails max a day.
  • The PostgreSQL basic extension allows me to have a database on a shared instance on Amazon, with tables that can contain up to 10,000 rows.

These are examples of limitations, you can take a look at this page to know the main limitations. For a small application like mine, it’s enough, but as soon as your application grows and you can turn it into a business, it is normal that you have to pay the Heroku team. You can read the list of add-ons available on this page, there is a lot!


With Heroku, the cloud makes sense. You do not care about the infrastructure, you just adapt the resources to suit your needs (scalability) and the cost per month is updated on the fly (be careful, because it goes up very fast). You can manage and focus only on things that matter to you: the business and the code of your application. When deploying a new version, you simply push your changes to the git repo provided by Heroku and the application is automatically deployed into production. It’s pretty magical and stunning.


I hope I give you some ideas especially if you are thinking to start your own blog or launch an application on the cloud.

Related posts

devoxxDevoxx UK 2018 – Day 2 IT jobsComputing jobs simplified overview microservices-legoMicroservices architecture – Best practices html5HTML5 or the Web 3.0 era?
Comments
4 Comments »
Categories
Technology
Tags
1&1, cloud, hosting, heroku
Comments rss Comments rss
Page 2 of 41234
Download CarmaBlog App

RSS feeds

  • RSS Feed RSS - Posts
  • RSS Feed RSS - Comments

Most viewed posts

  • Changing the language in Firefox - 114,915 views
  • Using Google Forms / Drive / Docs to create an online survey - 61,532 views
  • FAQ – Online survey with Google Forms / Drive / Docs - 41,348 views
  • Customizing Gnome 3 (Shell) - 29,100 views
  • The meaning of URL, URI, URN - 15,919 views
  • Java EE & CDI vs. Spring - 14,817 views
  • Open Street Map, better map than Google Maps? - 13,776 views
  • Comparing NoSQL: Couchbase & MongoDB - 13,525 views
  • Firefox Nightly, Aurora, Beta, Desktop, Mobile, ESR & Co. - 12,725 views
  • First steps with Apache Camel - 11,724 views

Recent Comments

  • Saint hilaire albert on FAQ – Online survey with Google Forms / Drive / Docsmerci beaucoup
  • Fabian Piau on FAQ – Online survey with Google Forms / Drive / DocsNon, ce n’était pas la bonne pratique effectivemen…
  • Saint hilaire albert on FAQ – Online survey with Google Forms / Drive / Docsah, alors je crois avoir trouvé : mon lien se term…
  • Fabian Piau on FAQ – Online survey with Google Forms / Drive / DocsJe n'arrive pas à reproduire car si vous cliquez s…
  • Saint hilaire albert on FAQ – Online survey with Google Forms / Drive / Docsje vais tenter d'être plus précis : j'envoie un li…

Recent posts

  • Flagger – Monitor your Canary deployments with Grafana - 6 months and 3 weeks ago
  • Flagger – Canary deployments on Kubernetes - 8 months and 3 days ago
  • Flagger – Get Started with Istio and Kubernetes - 8 months and 2 weeks ago
  • Expedia CoderDojo in London - 1 year and 6 months ago
  • Volunteering at Devoxx4Kids - 1 year and 8 months ago
  • A Java 11 migration successful story - 2 years and 3 weeks ago
  • Tips to make your WordPress website secure - 2 years and 3 months ago
  • Devoxx UK 2018 – Day 2 - 2 years and 7 months ago
  • Devoxx UK 2018 – Day 1 - 2 years and 8 months ago
  • TransferWise, Revolut and Monzo, a small revolution for travelers and expats - 3 years and 10 hours ago
  • Autocomplete for Git - 3 years and 8 months ago
  • Swagger, the automated API documentation - 3 years and 10 months ago
  • Microservices architecture – Best practices - 4 years and 3 months ago
  • FAQ – Online survey with Google Forms / Drive / Docs - 4 years and 8 months ago
  • QCon London 2016 – Project Jigsaw in JDK 9 – Modularity comes to Java - 4 years and 9 months ago
Buy me a coffee

Language

  • Français
  • English

Follow me!

Follow me on Linkedin
Follow me on Twitter
Follow me on Stackoverflow
Follow me on Github
Follow me on Rss
Link to my Contact

Email subscription

Enter your email address to receive notifications of new posts.

Tags

.net agility android bash best practices blog cache cloud computing conference continuous integration css developer devoxx docker docs drive eclipse extreme programming firefox flagger forms google helm hibernate istio java job jug kubernetes london mobile computing overview performance plugin programmer qcon script sharing society spring tool ubuntu windows wordpress

Links

  • Blog Ippon Technologies
  • Blog Publicis Sapient
  • Blog Zenika
  • Classpert
  • CommitStrip
  • Coursera
  • Le Touilleur Express
  • Les Cast Codeurs Podcast
  • OCTO talks !
  • The Twelve-Factor App

Categories

  • Event (15)
  • Linux (3)
  • Management (7)
  • Agile programming (29)
  • Technology (44)

Archives

  • June 2020 (1)
  • May 2020 (2)
  • July 2019 (1)
  • May 2019 (1)
  • December 2018 (1)
  • October 2018 (1)
  • June 2018 (1)
  • May 2018 (1)
  • January 2018 (1)
  • May 2017 (1)
  • March 2017 (1)
  • October 2016 (1)
  • April 2016 (2)
  • March 2016 (1)
  • November 2015 (1)
  • May 2015 (1)
  • February 2015 (1)
  • December 2014 (1)
  • November 2014 (1)
  • September 2014 (2)
  • August 2014 (1)
  • July 2014 (2)
  • June 2014 (1)
  • April 2014 (1)
  • March 2014 (1)
  • February 2014 (2)
  • January 2014 (1)
  • December 2013 (1)
  • November 2013 (1)
  • October 2013 (3)
  • September 2013 (5)
  • July 2013 (1)
  • June 2013 (1)
  • May 2013 (1)
  • April 2013 (1)
  • March 2013 (2)
  • February 2013 (1)
  • January 2013 (2)
  • December 2012 (2)
  • October 2012 (1)
  • September 2012 (1)
  • July 2012 (1)
  • May 2012 (1)
  • April 2012 (1)
  • March 2012 (1)
  • February 2012 (1)
  • January 2012 (2)
  • December 2011 (1)
  • November 2011 (2)
  • October 2011 (2)
  • September 2011 (1)
  • July 2011 (1)
  • June 2011 (2)
  • April 2011 (1)
  • March 2011 (1)
  • February 2011 (1)
  • January 2011 (2)
  • November 2010 (2)
  • September 2010 (1)
  • August 2010 (1)
  • July 2010 (1)
  • June 2010 (1)
  • May 2010 (1)
  • April 2010 (1)
  • March 2010 (1)
  • February 2010 (1)
  • December 2009 (1)
  • November 2009 (1)
  • October 2009 (2)
  • September 2009 (2)
  • August 2009 (3)
  • July 2009 (1)
  • June 2009 (2)
Follow me on Twitter
Follow me on Linkedin
Follow me on Stackoverflow
Follow me on Rss
Link to my Contact
Follow me on Github
 
Fabian Piau | © 2009 - 2021
All Rights Reserved | Top ↑