Fix #15 - Show how expose a service out of the Kubernetes Cluster

rafabene · rafabene · commit 5e2de3c412a8 · 2015-11-10T15:04:25.000-05:00
diff --git a/attendees/kubernetes/app-wildfly-rc.yaml b/attendees/kubernetes/app-wildfly-rc.yaml
@@ -11,6 +11,7 @@ spec:
     metadata:
       labels:
         name: wildfly
+        context: docker-k8s-lab
     spec:
       containers:
       - name: wildfly-rc-pod
diff --git a/attendees/kubernetes/app-wildfly-service.yaml b/attendees/kubernetes/app-wildfly-service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata: 
+  name: wildfly-service
+  labels: 
+    name: wildfly
+    context: docker-k8s-lab
+spec: 
+  type: NodePort
+  ports:
+    # the port that this service should serve on
+    - port: 8080
+  # label keys and values that must match in order to receive traffic for this service
+  selector: 
+    name: wildfly
+    context: docker-k8s-lab
diff --git a/attendees/kubernetes/create-script.sh b/attendees/kubernetes/create-script.sh
diff --git a/attendees/kubernetes/delete-script.sh b/attendees/kubernetes/delete-script.sh
diff --git a/chapters/docker-kubernetes.adoc b/chapters/docker-kubernetes.adoc
@@ -232,6 +232,7 @@ The order of Service and the targeted Pods does not matter. However Service need
 pods/mysql-pod
 ----
 
+
 It uses the following configuration file:
 
 [source, yaml]
@@ -280,6 +281,7 @@ mysql-pod   1/1       Running   0         44s
 
 `-w` watches for changes to the requested object. Wait for the MySQL pod to be in Running status.
 
+[[Mysql_service_file]]
 #### Start MySQL service
 
 . Start MySQL Service:
@@ -343,7 +345,7 @@ Kubernetes also allows services to be resolved using DNS configuration. Send a P
 #### Start WildFly Replication Controller
 
 . Start WildFly replication controller:
-+
+
 [source, text]
 ----
 ./cluster/kubectl.sh create -f ../../attendees/kubernetes/app-wildfly-rc.yaml
@@ -394,7 +396,7 @@ wildfly-rc-w2kk5   1/1       Running   0          6m
 ----
 
 [[Access_Kubernetes_Application_Node]]
-#### Access the application (using node)
+#### Access the application (from inside a node)
 
 . Log in to node:
 
@@ -412,10 +414,71 @@ Last login: Thu Jul 16 00:24:36 2015 from 10.0.2.2
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?><collection><employee><id>1</id><name>Penny</name></employee><employee><id>2</id><name>Sheldon</name></employee><employee><id>3</id><name>Amy</name></employee><employee><id>4</id><name>Leonard</name></employee><employee><id>5</id><name>Bernadette</name></employee><employee><id>6</id><name>Raj</name></employee><employee><id>7</id><name>Howard</name></employee><employee><id>8</id><name>Priya</name></employee></collection>
 ----
 
-[[Access_Kubernetes_Application_Proxy]]
-#### Access the application (using proxy)
+[[Access_Kubernetes_Application_Service]]
+#### Access the application (using Services)
+
+For some parts of your application (e.g. frontends) you may want to expose a Service onto an external (outside of your cluster, maybe public internet) IP address, other services should be visible only from inside of the cluster.
+
+Kubernetes ServiceTypes allow you to specify what kind of service you want. The default and base type is ClusterIP, which exposes a service to connection from inside the cluster. NodePort and LoadBalancer are two types that expose services to external traffic.
+
+Valid values for the ServiceType field are:
+
+- *ClusterIP*: use a cluster-internal IP only - this is the default and is discussed above. Choosing this value means that you want this service to be reachable only from inside of the cluster.
+- *NodePort*: on top of having a cluster-internal IP, expose the service on a port on each node of the cluster (the same port on each node). You'll be able to contact the service on any <NodeIP>:NodePort address.
+- *LoadBalancer*: on top of having a cluster-internal IP and exposing service on a NodePort also, ask the cloud provider for a load balancer which forwards to the Service exposed as a <NodeIP>:NodePort for each Node.
+
+As you could see on <<Mysql_service_file>> section, the MySql service file doesn't contain any ServiceType field. For that reason, the default value is *ClusterIP* which means that the MySql service can be accessed inside the Cluster.
+
+In the other hand, not all Kubernetes Provider supports the *LoadBalancer* type. On cloud providers which support external load balancers, setting the type field to "LoadBalancer" will provision a load balancer for your Service.
+
+Do show how to access WildFly outside Kubernetes, we will need to use *NodePort* type which exposes your service on an external port on all nodes in your cluster.
+
+Let's see how it works.
+
+
+. Create a WildFly service of NodePort type 
+
+[source, text]
+----
+./cluster/kubectl.sh create -f ../../attendees/kubernetes/app-wildfly-service.yaml
+You have exposed your service on an external port on all nodes in your
+cluster.  If you want to expose this service to the external internet, you may
+need to set up firewall rules for the service port(s) (tcp:30140) to serve traffic.
+
+See http://releases.k8s.io/HEAD/docs/user-guide/services-firewalls.md for more details.
+services/wildfly-service
+----
+
+Note that it will reply with the port that was opened on each node of the cluster. Now you can use the combination between the node ip and the service port to access the service.
+
+. Get the IP of the node
+
+[source, text]
+----
+cluster/kubectl.sh get nodes
+NAME         LABELS                              STATUS
+10.245.1.3   kubernetes.io/hostname=10.245.1.3   Ready
+----
+
+. Get the PORT of the service
+
+[source, text]
+----
+cluster/kubectl.sh describe se wildfly-service
+Name:			wildfly-service
+Namespace:		default
+Labels:			context=docker-k8s-lab,name=wildfly
+Selector:		context=docker-k8s-lab,name=wildfly
+Type:			NodePort
+IP:			10.247.39.239
+Port:			<unnamed>	8080/TCP
+NodePort:		<unnamed>	30140/TCP
+Endpoints:		10.246.88.7:8080
+Session Affinity:	None
+No events.
+----
 
-Send a PR for https://github.com/javaee-samples/docker-java/issues/80
+Note the _NodePort_ value and now you can access the URL: http://10.245.1.3:30140/employees/
 
 ### Deploy Java EE Application (one configuration file)
 
@@ -485,6 +548,7 @@ spec:
     metadata:
       labels:
         name: wildfly
+        context: docker-k8s-lab
     spec:
       containers:
       - name: wildfly-rc-pod
@@ -505,7 +569,7 @@ services/mysql-service
 replicationcontrollers/wildfly-rc
 ----
 
-. Access the application using <<Access_Kubernetes_Application_Node>> or <<Access_Kubernetes_Application_Proxy>>.
+. Access the application using <<Access_Kubernetes_Application_Node>> or <<Access_Kubernetes_Application_Service>>.
 
 ### Rescheduling Pods
 
diff --git a/instructor/dockerfiles/lab-httpd-server/index.html b/instructor/dockerfiles/lab-httpd-server/index.html
@@ -615,10 +615,10 @@ <h1>Docker for Java Developers</h1>
 <li><a href="#Deploy_JavaEE_Kubernetes_Multiple_Config">10.4. Deploy Java EE Application (multiple configuration files)</a>
 <ul class="sectlevel3">
 <li><a href="#_start_mysql_pod">10.4.1. Start MySQL Pod</a></li>
-<li><a href="#_start_mysql_service">10.4.2. Start MySQL service</a></li>
+<li><a href="#Mysql_service_file">10.4.2. Start MySQL service</a></li>
 <li><a href="#_start_wildfly_replication_controller">10.4.3. Start WildFly Replication Controller</a></li>
-<li><a href="#Access_Kubernetes_Application_Node">10.4.4. Access the application (using node)</a></li>
-<li><a href="#Access_Kubernetes_Application_Proxy">10.4.5. Access the application (using proxy)</a></li>
+<li><a href="#Access_Kubernetes_Application_Node">10.4.4. Access the application (from inside a node)</a></li>
+<li><a href="#Access_Kubernetes_Application_Service">10.4.5. Access the application (using Services)</a></li>
 </ul>
 </li>
 <li><a href="#_deploy_java_ee_application_one_configuration_file">10.5. Deploy Java EE Application (one configuration file)</a></li>
@@ -2444,7 +2444,7 @@ <h3 id="_start_application_server">8.2. Start Application Server</h3>
 <div class="listingblock">
 <div class="content">
 <pre class="CodeRay highlight"><code data-lang="text">mkdir deployments
-chmod aw deployments</code></pre>
+chmod a+w deployments</code></pre>
 </div>
 </div>
 <div class="paragraph">
@@ -3760,7 +3760,7 @@ <h4 id="_start_mysql_pod">10.4.1. Start MySQL Pod</h4>
 </div>
 </div>
 <div class="sect3">
-<h4 id="_start_mysql_service">10.4.2. Start MySQL service</h4>
+<h4 id="Mysql_service_file">10.4.2. Start MySQL service</h4>
 <div class="olist arabic">
 <ol class="arabic">
 <li>
@@ -3843,15 +3843,15 @@ <h4 id="_start_wildfly_replication_controller">10.4.3. Start WildFly Replication
 <ol class="arabic">
 <li>
 <p>Start WildFly replication controller:</p>
+</li>
+</ol>
+</div>
 <div class="listingblock">
 <div class="content">
 <pre class="CodeRay highlight"><code data-lang="text">./cluster/kubectl.sh create -f ../../attendees/kubernetes/app-wildfly-rc.yaml
 replicationcontrollers/wildfly-rc</code></pre>
 </div>
 </div>
-</li>
-</ol>
-</div>
 <div class="paragraph">
 <p>It uses the following configuration file:</p>
 </div>
@@ -3908,7 +3908,7 @@ <h4 id="_start_wildfly_replication_controller">10.4.3. Start WildFly Replication
 </div>
 </div>
 <div class="sect3">
-<h4 id="Access_Kubernetes_Application_Node">10.4.4. Access the application (using node)</h4>
+<h4 id="Access_Kubernetes_Application_Node">10.4.4. Access the application (from inside a node)</h4>
 <div class="olist arabic">
 <ol class="arabic">
 <li>
@@ -3937,9 +3937,101 @@ <h4 id="Access_Kubernetes_Application_Node">10.4.4. Access the application (usin
 </div>
 </div>
 <div class="sect3">
-<h4 id="Access_Kubernetes_Application_Proxy">10.4.5. Access the application (using proxy)</h4>
+<h4 id="Access_Kubernetes_Application_Service">10.4.5. Access the application (using Services)</h4>
+<div class="paragraph">
+<p>For some parts of your application (e.g. frontends) you may want to expose a Service onto an external (outside of your cluster, maybe public internet) IP address, other services should be visible only from inside of the cluster.</p>
+</div>
+<div class="paragraph">
+<p>Kubernetes ServiceTypes allow you to specify what kind of service you want. The default and base type is ClusterIP, which exposes a service to connection from inside the cluster. NodePort and LoadBalancer are two types that expose services to external traffic.</p>
+</div>
+<div class="paragraph">
+<p>Valid values for the ServiceType field are:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><strong>ClusterIP</strong>: use a cluster-internal IP only - this is the default and is discussed above. Choosing this value means that you want this service to be reachable only from inside of the cluster.</p>
+</li>
+<li>
+<p><strong>NodePort</strong>: on top of having a cluster-internal IP, expose the service on a port on each node of the cluster (the same port on each node). You&#8217;ll be able to contact the service on any &lt;NodeIP&gt;:NodePort address.</p>
+</li>
+<li>
+<p><strong>LoadBalancer</strong>: on top of having a cluster-internal IP and exposing service on a NodePort also, ask the cloud provider for a load balancer which forwards to the Service exposed as a &lt;NodeIP&gt;:NodePort for each Node.</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>As you could see on <a href="#Mysql_service_file">Start MySQL service</a> section, the MySql service file doesn&#8217;t contain any ServiceType field. For that reason, the default value is <strong>ClusterIP</strong> which means that the MySql service can be accessed inside the Cluster.</p>
+</div>
+<div class="paragraph">
+<p>In the other hand, not all Kubernetes Provider supports the <strong>LoadBalancer</strong> type. On cloud providers which support external load balancers, setting the type field to "LoadBalancer" will provision a load balancer for your Service.</p>
+</div>
+<div class="paragraph">
+<p>Do show how to access WildFly outside Kubernetes, we will need to use <strong>NodePort</strong> type which exposes your service on an external port on all nodes in your cluster.</p>
+</div>
+<div class="paragraph">
+<p>Let&#8217;s see how it works.</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Create a WildFly service of NodePort type</p>
+</li>
+</ol>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre class="CodeRay highlight"><code data-lang="text">./cluster/kubectl.sh create -f ../../attendees/kubernetes/app-wildfly-service.yaml
+You have exposed your service on an external port on all nodes in your
+cluster.  If you want to expose this service to the external internet, you may
+need to set up firewall rules for the service port(s) (tcp:30140) to serve traffic.
+
+See http://releases.k8s.io/HEAD/docs/user-guide/services-firewalls.md for more details.
+services/wildfly-service</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Note that it will reply with the port that was opened on each node of the cluster. Now you can use the combination between the node ip and the service port to access the service.</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Get the IP of the node</p>
+</li>
+</ol>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre class="CodeRay highlight"><code data-lang="text">cluster/kubectl.sh get nodes
+NAME         LABELS                              STATUS
+10.245.1.3   kubernetes.io/hostname=10.245.1.3   Ready</code></pre>
+</div>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Get the PORT of the service</p>
+</li>
+</ol>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre class="CodeRay highlight"><code data-lang="text">cluster/kubectl.sh describe se wildfly-service
+Name:                        wildfly-service
+Namespace:                default
+Labels:                        context=docker-k8s-lab,name=wildfly
+Selector:                context=docker-k8s-lab,name=wildfly
+Type:                        NodePort
+IP:                        10.247.39.239
+Port:                        &lt;unnamed&gt;        8080/TCP
+NodePort:                &lt;unnamed&gt;        30140/TCP
+Endpoints:                10.246.88.7:8080
+Session Affinity:        None
+No events.</code></pre>
+</div>
+</div>
 <div class="paragraph">
-<p>Send a PR for <a href="https://github.com/javaee-samples/docker-java/issues/80" class="bare">https://github.com/javaee-samples/docker-java/issues/80</a></p>
+<p>Note the <em>NodePort</em> value and now you can access the URL: <a href="http://10.245.1.3:30140/employees/" class="bare">http://10.245.1.3:30140/employees/</a></p>
 </div>
 </div>
 </div>
@@ -4018,6 +4110,7 @@ <h3 id="_deploy_java_ee_application_one_configuration_file">10.5. Deploy Java EE
     <span class="key">metadata</span>:
       <span class="key">labels</span>:
         <span class="key">name</span>: <span class="string"><span class="content">wildfly</span></span>
+        <span class="key">context</span>: <span class="string"><span class="content">docker-k8s-lab</span></span>
     <span class="key">spec</span>:
       <span class="key">containers</span>:
       - <span class="string"><span class="content">name: wildfly-rc-pod</span></span>
@@ -4047,7 +4140,7 @@ <h3 id="_deploy_java_ee_application_one_configuration_file">10.5. Deploy Java EE
 <div class="olist arabic">
 <ol class="arabic">
 <li>
-<p>Access the application using <a href="#Access_Kubernetes_Application_Node">Access the application (using node)</a> or <a href="#Access_Kubernetes_Application_Proxy">Access the application (using proxy)</a>.</p>
+<p>Access the application using <a href="#Access_Kubernetes_Application_Node">Access the application (from inside a node)</a> or <a href="#Access_Kubernetes_Application_Service">Access the application (using Services)</a>.</p>
 </li>
 </ol>
 </div>
