kubernetes-services.sh

# Source: https://gist.github.com/vfarcic/8bfe61eafb03061c6fe4eb5c2866a5d5

############################################################
# Mastering Kubernetes: Dive into Service and Network APIs #
############################################################

# Additional Info:
# - Kubernetes: https://kubernetes.io
# - Mastering Kubernetes: Dive into Workloads APIs: https://youtu.be/U6weXlzQxoY
# - Gateway API - Ingress And Service Mesh Spec Replacement?: https://youtu.be/YAtXTI3NKtI

#########
# Setup #
#########

git clone https://github.com/vfarcic/kubernetes-demo

cd kubernetes-demo

git pull

git checkout services

# Watch https://youtu.be/WiFLtcBvGMU if you are not familiar with Devbox. Alternatively, you can skip Devbox and install all the tools listed in `devbox.json` yourself.

devbox shell

# Demo setup is based on Google Cloud GKE. If you prefer a different Kubernetes cluster, skip `gcloud` commands and ensure that your cluster has Gateway API setup.

gcloud auth login

export USE_GKE_GCLOUD_AUTH_PLUGIN=True

export PROJECT_ID=dot-$(date +%Y%m%d%H%M%S)

gcloud projects create $PROJECT_ID

echo "https://console.cloud.google.com/marketplace/product/google/container.googleapis.com?project=$PROJECT_ID"

# Open the URL from the output and enable the Kubernetes API

export KUBECONFIG=$PWD/kubeconfig.yaml

gcloud container clusters create dot --project $PROJECT_ID \
    --zone us-east1-b --machine-type e2-standard-4 \
    --num-nodes 2 --no-enable-autoupgrade --gateway-api standard

gcloud compute firewall-rules create silly-demo-node-port \
    --allow tcp:30000 --project $PROJECT_ID

kubectl create namespace a-team

kubectl --namespace a-team apply --filename deployment/base.yaml

kubectl create namespace b-team

###############################
# Kubernetes Without Services #
###############################

kubectl --namespace a-team get pods

kubectl --namespace a-team get pod --output yaml | yq .

######################################
# Kubernetes Services with ClusterIP #
######################################

cat service/base.yaml

kubectl --namespace a-team apply --filename service/base.yaml

kubectl --namespace a-team get services

kubectl --namespace a-team run curl \
    --image curlimages/curl:8.7.1 --stdin --tty --rm \
    -- sh

curl http://silly-demo:8080/fibonacci?number=5

curl http://silly-demo:8080/fibonacci?number=10

curl http://silly-demo:8080/fibonacci?number=15

curl http://silly-demo:8080/fibonacci?number=20

curl http://silly-demo:8080/fibonacci?number=25

exit

kubectl --namespace a-team get pods

# Replace `[...]` with the `NAME` of the first Pod

kubectl --namespace a-team logs [...] | grep fibonacci

kubectl --namespace b-team run curl \
    --image curlimages/curl:8.7.1 --stdin --tty --rm \
    -- sh

curl http://silly-demo:8080

curl http://silly-demo.a-team:8080

exit

#####################################
# Kubernetes Services with NodePort #
#####################################

cat service/node-port.yaml

kubectl --namespace a-team apply \
    --filename service/node-port.yaml

kubectl --namespace a-team get services

kubectl get nodes \
    --output jsonpath="{.items[0].status.addresses}" | jq .

# Replace `[...]` with the `ExternalIP` address.

curl "http://[...]:30000"

kubectl --namespace a-team delete \
    --filename service/node-port.yaml

#########################################
# Kubernetes Services with LoadBalancer #
#########################################

cat service/load-balancer.yaml

kubectl --namespace a-team apply \
    --filename service/load-balancer.yaml

kubectl --namespace a-team get services

kubectl --namespace a-team get services

# Replace `[...]` with the `EXTERNAL-IP`

curl "http://[...]:8080"

######################
# Kubernetes Ingress #
######################

cat service/base.yaml

kubectl --namespace a-team apply --filename service/base.yaml

helm upgrade --install traefik traefik \
    --repo https://helm.traefik.io/traefik \
    --namespace traefik --create-namespace --wait

kubectl --namespace traefik get services

# Replace `[...]` with the `EXTERNAL-IP`

export EXTERNAL_IP=[...]

kubectl get ingressclasses

cat service/ingress.yaml

yq --inplace \
    ".spec.rules[0].host = \"silly-demo.$EXTERNAL_IP.nip.io\"" \
    service/ingress.yaml

kubectl --namespace a-team apply --filename service/ingress.yaml

curl "http://silly-demo.$EXTERNAL_IP.nip.io"

##########################
# Kubernetes Gateway API #
##########################

kubectl get gatewayclasses

cat service/gateway.yaml

kubectl --namespace a-team apply --filename service/gateway.yaml

kubectl --namespace a-team get gateways

kubectl --namespace a-team get gateways

# Replace `[...]` with the `ADDRESS`

export EXTERNAL_IP=[...]

cat service/route.yaml

yq --inplace \
    ".spec.hostnames[0] = \"silly-demo.$EXTERNAL_IP.nip.io\"" \
    service/route.yaml

kubectl --namespace a-team apply --filename service/route.yaml

kubectl --namespace a-team get httproutes

curl "http://silly-demo.$EXTERNAL_IP.nip.io"

# The output might show an error (e.g., `fault filter abort`). If that's the case, the route was not yet configured. Wait for a few moments and re-run the `curl` command.

###########
# Destroy #
###########

gcloud compute firewall-rules delete silly-demo-node-port \
    --project $PROJECT_ID --quiet

gcloud container clusters delete dot --project $PROJECT_ID \
    --zone us-east1-b --quiet

gcloud projects delete $PROJECT_ID --quiet

rm $KUBECONFIG

exit