WEBVTT
Now let me check for CK.
CK, you're good?
Yes, I think we're good.
If you log in, any questions?
So what about Charles?
The font size of mine, is that?
OK.
So what you can do is, once you log in, for example,
click on the Open to.
So in OpenNet, you have an option in which you can.
So could you right click on the top in the white plane?
And you could go into this.
And you can say to resize.
This is one option.
Or you can go to Edit.
Go to Edit.
And under Edit, you can go to Preferences.
And under Preferences, you have Appearance,
in which you can make the size bigger size.
So you might have to.
You see a 12?
So make it, for example, bigger size 14 or size.
You can modify the numbers in here.
Clear?
Yes, yes, yes.
OK, OK.
Fine.
Yes, I think we're good.
We'll just wait for one more minute for Charles to confirm.
So please have this information, what I gave it to you.
At your end, save this information.
We're going to use the same VMs for the next three days.
Any questions?
Are we good?
OK.
Now let us start now.
So what I'm going to learn in this training,
we download the contents of the slides and the lab guides
from this link now.
So please access this link in the browser
and download the contents.
Once you download it, extract it.
And you can forward it in the contents.
Please confirm once you see the contents.
I see K, Gene, June, and Charles.
Please confirm.
I have to get a link in the chat.
No problem.
Access this in the browser.
It is a zip file.
Once it gets downloaded, please unzip it.
So in here, you'll be having a folder for containers
and documents.
We also have for Kubernetes.
And if you want to access the presentation,
you might want to double click on it.
It opens up.
At your end, please click on Read 1D.
You don't have password.
It is detected password.
So click on Read 1D.
And you'll be able to see the contents of the presentation.
And we also have in Documents, Use Cases,
last confirmed.
We're good.
The chat, please.
Others request to confirm in the chat, please,
so that we can proceed.
So to get started, you have the VM details.
You have the content.
And you also have access to login to the desktop.
So these are the prerequisites for you to get started.
First of all, what I'm going to learn in this,
you first learn about what is Docker, what are containers.
So this is your document.
So this is a three-day training in which you're
going to talk about containers, Dockers, how
to work with Docker images, how to create your containers,
and how do you manage your containers using Kubernetes.
You also learn about how to install and configure
Kubernetes.
How do we work with namespaces and pods,
cluster management.
And we'll end up by learning about six three-day topics,
security, and how do we monitor your cluster.
So these are the different topics.
So based on this, we have all the modules for each of them.
Example, these are the 0PPT, which
has all the contents of Kubernetes.
So let's get started now.
First one, do we all work on virtual machines
in your office and our projects?
You work on virtual machines?
Yes.
We also want to understand, do you
work on containers right now in your projects?
Do you work on containers?
OK.
But on VM, everyone, this batch?
Now let's first understand, why are we talking about containers?
Why containers?
What do we answer?
Why do you think enterprises are moving from VMs to containers?
Learn about this first.
Now let's consider that you want to create an application.
You're a developer, and you want to work on application.
You want to work on application.
Could be Apache.
Are we aware of this application?
Apache?
Listing?
So you want to write a code or you
want to work on the application.
So in case if you use a VM, you log into the VM,
then you install the application.
In Linux, for example, you would say, install HTTP.
And then you start the service.
You say, service start.
And later, you need to configure this file.
So in a VM, if you want to have the application,
you're supposed to do all these steps, install servers
and configurities.
So this takes in lots of time and effort.
We are talking about, can we make it much more better?
In which, do we have all these in a ready image?
Are you getting it, everyone?
In a VM?
So instead of this, can we have a ready image
in which you have all these available?
So we're talking something like this.
I want to go reverse so that you understand
what we're talking about.
So we're talking about the images.
Something like this, which already has all the contents
of the application.
So the image has very minimal OS.
It has in-ground variables, libraries, binaries,
all the information for the applications
that are already available.
So I get a copy of this image.
And I will make this runnable.
That is container.
So in a VM, we go and do all this work.
We do not do it because the image from which
you're going to create a container only has that.
That is what's the container, which you're trying to learn.
Are we clear?
I just want to give an overview about why
we talk more containers.
So containers are application-ready.
So containers are application-ready.
It has all the files which is required for to run.
Second one, in VMs, for example, this is a VM.
The VM takes more space for the guest force.
For example, in a Windows VM, it takes so much space.
And then application and data are on top of it.
So you are spending so much of storage.
And hence, also the cost.
Could be a license cost, storage cost.
And when you stop and start a VM,
it takes longer time to shut down the services
and then again start.
Slow, start, and stop.
You have to regularly upgrade and update OS.
And also, if the application is created on, for example,
like Windows 2022, for example, the same application
might not work on Windows 2023.
It may not work.
So this is not portable.
All these were challenges of a VM.
So in containers, the technology is all to avoid.
Can we skip the guestovers?
The containers, for example, it would have in the application.
And it would have in the binary.
It will have in the library.
It looks something like this.
It doesn't contain the guestovers.
This is what we're talking about.
Are we good?
Are getting the use cases wide enough for containers?
Any questions?
Yes, you're right.
The resources are lesser containers.
Now, one more.
So this is how we can start.
Now, let's look into the slides to understand all of this.
And before I get also one more term, what is monolithic
and what is microservice?
We need to understand the terms of monolithic and microservices.
And I'll just give a small example.
Now, let's consider that there is a website like Amazon.com.
It needs to be designed by developers.
So this has to be designed by developers.
So what they do is, in monolithic,
you would be having all services.
That is, they create a frontend page on a web server,
the login we're talking about.
And they also configure the application,
so let's consider that shopping website,
.co.uk or shopping of Amazon application,
in which they can choose a catalog of items.
And then once they add to cart, shopping website,
this is your DB.
So when you are talking about Amazon shopping website,
so frontend with a login, then they
can start choosing the items, what they want,
and then they add to the cart.
And this is making the complete application
of all these three services.
In this, service one, this is service two, and service three.
So even if one of the services has some problem,
example, tomorrow you update the service,
it might affect the entire application.
So all these are not good.
We want it to be loosely coupled.
That is called microservices, in which
we could have in the frontend of a web server,
so your login page, and your application, and your database.
These are not tightly coupled.
These are loosely coupled.
So these are called microservices.
Why are you talking about in here?
Containers follow microservices.
It means one container would be having only one application
or one service inside it.
So the conclusion is containers follow microservice
architecture.
It means one container would be having one application
or one service inside it.
That'd be good.
So you need to know these before we get started.
So now getting on to the slides.
So we'll talk about containers, docker, docker file,
docker compose, how these two networks network in Docker,
and how do you manage multiple missions of Docker
using orchestration.
So we talked about monolithic.
So one of the challenges is they are tightly coupled.
So what exactly?
So before containers came in, the challenges
we'll talk about now.
So you can think about this portion
that we're working on with developers.
And this is for operations.
So in any bigger companies, we have developers and operations
team working together.
Now the use cases we have in an application,
could be considered that abc.com.
They want to create the application or a website.
And this website has to run on multiple platforms.
Could be on x86, could be on x64, could be on ARM platform.
So enterprises, we work on multiple platforms.
Or think about WhatsApp.
So WhatsApp you might want to use on your mobile.
You might it on your laptop.
You might want a Windows lab mobile.
Could be on iOS mobile.
So talking different platforms.
So when you write in any code, or any code,
the code always runs on a specific platform.
Can the same code run on all the platforms?
Before continuous document, in general right now,
can we use the same code?
Would the code run on all the platforms?
Yes or no?
What do you think?
We have a code.
Would the same code run on the same on this, and this,
and this?
It is no correct.
It will not work on all of them.
So developers have to rewrite the code
to run on every platform.
Yeah?
Same for database.
What do you create?
The developers?
Or could be a front end or a back end applications.
We have to recreate the code.
And it's just not writing the code.
After you write in the code, you have to test the code.
Test the code.
Then you have to do a release.
Using your Jenkins, for example, lots of work
is required so that the code or the application
could be used.
So this process is lengthy.
So developer did a work wherein wrote the code on x86,
but the operation team wanted to release the same
on multiple platforms.
When it works on this, it's in now.
It works on this, but not on these platforms.
They agreed to the operation.
They'll again go back to the developer.
And developer has to recreate the code
so that it works on the other platform.
So talking of combinations about how
we can have in a single code run on different, different
platforms.
At the same time, the card, we talk about analogy.
The containers were coming from a shipping company.
I'm sure that we have a big harbor in Singapore.
So before, if they wanted to ship this to customer,
they have to use a fragile packing.
If they want to ship this, this oil,
they have to use an oil proof packing.
The shipping company, they had a challenge
that they had to procure new type of packing
and to ship to the customer.
It's not just the packing.
And again, once from the harbor, they have to again unpack it,
unpack, and again pack it to a format which
could be shipped to the customer.
This was the challenge.
So they had questions about, can we improve a better packing
format to ship these to the customer?
This is where they came with the standard box size,
which is called as a container.
So any of these workloads be shipped into this,
put into it, and it's quite robust.
Anyone could go and break it.
It's quite robust.
And the same box could be used for shipping from the harbor
to a train or to a truck and reach the customer's location.
So this is a box which can take any type of workload.
And it could be shipped to the customers
on different platforms.
So we're talking about, can you think about right now
that this is your application?
I'm talking about a platform.
So can we start packaging your applications
in application container format so that it
runs on multiple platforms?
And if you want to manage containers,
you require a platform.
Like, for example, for VMs to manage,
we use VMware, for example.
That is to start or stop, create VMs.
We'd have a platform.
We use Hyper-V. We use Citrix.
So similarly, if you want to manage containers,
to create containers, stop, and you require a platform.
And the word Docker came from a shipping company.
So this is, we call it as Docker React.
And all these are containers.
And also, who helps to unload it is called as a Docker guy.
So the word Docker came in from this word.
So Docker is a platform to manage containers.
So this question marks where you place with containers.
Yes.
Are we good, everyone?
We just say yes to chat.
I know that we don't speak much.
Just say yes to chat so that we can proceed.
OK.
Everyone?
Charles, and then Eugene.
How's the speed?
Is my speed good?
Or am I fast or slow?
We're good.
All right.
Yeah, just want to confirm because working
with a different culture.
Yeah, I think we're good.
Yeah.
So now, this is your container.
So you see this diagram?
This is the symbol of Docker.
So Docker is also referred as Docker Engine.
And you're managing containers.
So Docker Engine, this can manage any type of payload.
Payload means any type of workloads.
It could be application, or it could be a database.
It could be your analytics application, whatever it is.
So how does it work with a collaboration?
Now, we have a DevOps team.
So we have a DevOps team.
And this DevOps team wants to release an application,
like a website, for example.
So in Docker, we have a default registry called as Docker Hub.
We'll talk about the details.
I just want to give you an idea.
Here, Docker Hub is a default registry.
What we use GitHub, we use Docker Hub
for the container images.
So now, your SME, like a Scrum Master,
they've created a repository in the Docker.
And DevOps team, developer, tester, all these people
we have.
So everyone in the environment would install Docker.
Developer install Docker.
A tester install Docker.
And Docker and all of them would deploy.
So first, the developer will pull the image.
He would say the command, or on the command,
Docker pull the image.
This is Apache image.
This is the image which I showed you,
which has all the libraries, binaries, the application.
And this image get downloaded.
But this image is a read-only image.
You cannot log into it.
So you need a running copy of this.
So then, the developer would say,
I want to run a copy of it, which is runnable.
So I'll say Docker 1, the background,
hyper-t, dash mode, and give the image name.
This will create a container.
And the user can log into the container
by using Docker commands, Docker exec, hyphen IT,
intracted terminal, and then the container name, or the ID,
and the shell, like bash.
And now, the user can see all the application file
and can start working in.
So once it is done, he'll again commit to an image
and push this image to the repository.
Now, the tester who wanted to test it
would download this image from in here.
And from that, they would create a container.
So pull it, get a container.
Same.
Then create it again.
Like this, manual work.
Or in your DevOps, you can use CI CD.
So this is how, in your Docker and container world,
a very simple example about how different teams can
collaborate with each other and can quickly
release applications.
Yes, I'm getting a picture about how
we work with Docker and containers.
Any questions?
Let it proceed.
Now, the work of developers reduce.
And if a development team is not making much changes,
the operations team work is reduced.
Because if everything is working the same,
then operations team is much lesser because no changes.
Again, no need to check everything on the line.
So do once, run anywhere.
It means does not run anywhere.
We're talking about more platforms.
Same code once.
Docker is supporting all the cloud platforms.
Could be on Amazon, could be on these.
Example, we can deploy it on EC2 in Amazon, for example,
which is IAS platform.
It's an infrastructure service.
We can also deploy containers on a platform services.
Like we have ECS for containers and EKS for equipments.
So these are platform as a service
which you need not manage the VMs yourself.
So that actually can go ahead and create containers or ports
on top of this.
Google Cloud, we can either use a VM or we have a service
called GKE.
And in Azure, we can either use again a VM
or we can use ACS or AKS.
These both are platform service.
Is it IAS service?
So Docker is supported all the cloud platforms.
You can pause me any time in between in case
if you have a question.
How does a container look?
So this is your physical server.
And on physical server, we are having Post OS,
preferably Linux.
And then you install Docker software.
And using Docker, you manage containers.
You see these are the containers 1, 2, 3, 4, 5, 6.
And each of them have only one application.
It means they're following microservice architecture.
And they don't have guestovers.
So they are lightweight because no guestovers.
They're standalone because they have only one server.
It will package.
It means it has everything which is required for it to run.
It is there, including the code, runtime, tools, libraries,
and settings.
And this could be run on any platform quite easily.
So it looks something like this, the backend.
If this is your VM, for example, the same in here,
containers work directly on the Linux kernel.
This is the Linux OS kernel.
So in containers, Linux, we have properties
like namespaces, cgroups, and slinx.
The same in here.
Now these properties are used by containers.
So what are namespaces?
So namespaces in Linux ensures that each processes
are separated.
So similarly, containers also get separated
because they are part of a namespace.
This is not the same as Kubernetes.
They're different.
So namespaces ensure that these are isolated.
And cgroups provide resources like CPU, RAM, storage,
network.
Whenever they need, they take it from in here.
Online NaviMs.
NaviMs assign the resources before itself.
So it is more of a dynamic allocation
in your containers, which is much better
because you are saving on resources.
If you stop or delete it, it'll again pull back the resources
back to the host OS.
And slinx is for advanced security.
So these are the important things.
In the backend, we use namespaces.
And these are some specific namespaces in Linux.
And cgroups helps you to manage CPU memory.
So either it will take in the CPU what is required,
or it can also mention how much of CPU memory
you require for every container it can take in the resources.
And once you create containers, so containers are like processes.
So every container would have a process ID.
So example, if you get a container,
it'll have a process ID.
And once you go into the process ID,
you will have a namespace folder.
And inside that, once you do a ls,
you can see different processes compared
for different containers.
So cgroups and the user will be common.
But all these will be different for different containers.
So this is how we can validate that containers
are safe for production because customers would ask you,
how are the containers getting isolated
if they run on the same mission?
So there must be some technology in the back end.
So namespace property of Linux kernel
ensures that these are separated.
These are secure.
And hence, containers are good to work on production
workloads, namespaces.
So containers are lightweight because, you see,
they don't have guestovers.
They're faster because they don't have guestovers.
They're portable because they don't have guestovers.
They still use the host OS, but they use the host OS
rather than the guest OS.
For example, in a VM, you need to have a guest OS.
The VMs require a hypervisor.
So hypervisor software, like VMWare ESXi,
or could be Hyper-V, which we deployed on the physical
service directly on a bare metal.
And then you create a VMs.
And then deploy application.
Now you can see that we have ready applications.
It doesn't require a hypervisor, not a mandy.
But there is a challenge in this.
For example, if this physical server goes down,
users cannot log in the application.
So what we can do is you start installing Docker, the VMs.
Same mission, your three VMs, install Docker on these,
and create your containers.
So you can create application container app here, like this.
So the user is trying to access the application
through a load balancer.
And for some reasons, this mission is not done.
The user request goes to the other missions.
So it is much more easier for managing containers
if you use the VMs for failover or for resource allocation
for all these things.
So it's a good practice to use containers, VMs, and cloud
together so that the management becomes quite easy.
So containers summarize containers as smaller.
They are faster and very easy to integrate compared
to virtual machines.
Simple use case.
The team wants to release an application on JBoss.
JBoss, an application.
They were using different platforms.
So the use case for operation is it
has to run on multiple platforms.
There is a code.
There's the code.
I'll be pushing it to GitHub.
Now, they tested.
It works on this, but not on these.
It does not work on these platforms.
So again, you have to go back.
And then it works.
But this is achievable, but takes more time.
And you're talking about the DevOps world in these days,
wherein you want to do all the work quite efficiently.
DevOps is all about quicker, efficient resources.
All they're talking about.
It's not a good use case.
So they can start using Docker Hub.
All of them will be pushing and pulling in from a Docker Hub,
a common registry or repository, and they
can do the work quickly.
The reason containers and Dockers
are used across all the cycles of DevOps.
It's not just for deployment.
We use it for rebuild tools.
We can use it for your Jenkins.
We can use it for your testing tools.
We use Dockers and containers across all the pieces
of DevOps.
And it's probably good.
Have a good.
OK.
OK.
Now, where do you find information?
So lots of information about this.
I've given you that in the important links.
So if we access your worker and Dockers,
you have all the links that are coming in here.
The labs and use cases.
So where do we use these containers?
So containers are used across lots of applications.
And these, so many companies, they use these.
And this document is one.
So there are different technologies for containers.
Verantis, Kubernetes, Portman.
You have in some cloud management-based containers.
And how do we share it?
We use registries in which you have the images.
And if you have multiple containers to be managed,
we use orchestration.
The Kubernetes, Dockers, and
So in case you're looking for a quicker deployment,
containers is the answer.
If you're talking about to have a standard software
run on multiple platforms, then talk more containers.
Can you scale up?
Yes, you can use the scale up environments.
One more use case also we have for data warehouse.
This company, they're using outdated infrastructure
before, and they were not able to release applications
quickly.
And they wanted to have a better release management.
So what they did, so they started moving on to containers
to the company.
They want to move from VM to containers.
And this is that one.
The ecosystem that we have implemented Docker
works seamlessly regardless of whether developers
are permanent employees in here.
One more, they were able to release the application
very quickly to production.
And developers were happy because their workers
were used compared to what they were doing before.
And they can test it on their own laptops
and work in any environment to continue
to encapsulate dependencies.
So they don't have to wait as time setting up.
All these advantage what they got.
Customers were happy.
Developers were happy.
Team was happy.
They were able to get good revenue,
so talking cost, time, and efficiency.
All these are very good information
about Docker's insert for Docker container, for example.
We talked about what is a Docker container.
So containers definition is this.
Package software into standardized unit
for development, shipment, and deployment.
It means one standard using which I can start quickly
releasing it.
It's a lightweight standalone.
And the images become continuous over time.
The standard, because the same format, the same code
to run multiple platforms.
Lightweight, because they don't consist of guestovers.
They're secure because of the namespace property.
And containers, not just for Linux, but also for Windows.
But it doesn't support Windows properly.
But to an extent, support is not very easy
to support on Windows.
It is for Windows, it is for Linux, for a Mac.
Could be hybrid, serverless, or everywhere
we can use containers.
And every company are moving from VMs to containers
because of benefits what they provide for customers,
as well as for internal people for creating the code.
And you want to use them to get to the containers.
We're talking about more in which we abstract the OS
in containers.
We're virtualizing the OS.
The VMs are virtualization talking about virtualizing
your device hardware.
And you want to use them together.
So containers, there are lots of methods
using which you can manage containers.
One is Docker.
We are talking about ContainerD.
So we have Docker, Rocket, ContainerD.
There are multiple platforms for managing containers.
So ContainerD is one of the latest platforms
for managing containers.
So if you want to install latest Kubernetes software,
you can also use just Docker and use ContainerD.
ContainerD is again, even invented by Docker.
So Docker was invented in 2013, and it evolved a lot.
Let's see now what is Docker.
So we'll put Docker.com.
So Docker helps you to create containers,
and you can run anywhere.
You can also play around on your laptop
by installing something called Docker Desktop.
So Docker Desktop could be installed on Windows,
or on Mac, or Linux.
Install it.
And you might have to give permissions for Intel VP
or virtualization to be enabled in your BIOS.
And if you have appropriate drivers,
you will be able to install it.
And you can play around with that sandbox.
So Dev and not for live, just for test.
Which you create containers.
You can log into it, play around with the images, GUI,
all this you can get.
But this is just for testing, we use this.
It looks something like this.
So in Docker, we have free and we have paid.
We have different pricing models.
So if you are starting new, you can go for a free model.
It's called a Docker Personal, which is zero cost.
So what I'm saying here is, if you want to manage the images
and containers in a shared repository like this,
for this you have to buy licenses.
So if you have zero, no cost,
you can create a few public repositories.
You don't get much options.
You get only a GUI.
You go for a pro, you get more.
You get GUI options, Docker team, Docker business,
all these are plans.
And each of them come with a different,
this is zero cost, one user.
This is payable, Docker engine, container,
you get command line in your free,
you don't get GUI option.
When you're Docker desktop, you get it.
And these are features.
So looking for all the features,
then you want to go for Docker business
or looking for other options,
you have Docker team, Docker pro, Docker personal,
any of these subscriptions you can buy.
This is how we buy the Docker subscription.
So you also get access to run in your vulnerability checks
or integrate with security incidents.
You also get option to go for continuous integration
and build all those would have automatically
to go for the paid office deals.
Now coming back in here,
so Docker is a platform using which you can manage containers.
So you have free editions or paid editions,
which is observed, personal,
or you can go for a pro or team here.
So in this you get unlimited public repositories.
So you can create only one private registry,
public repository.
You get access to Docker desktop
and you get one ECLI, no GUI.
In this unlimited private repository,
you also get a GUI in this apart from CLI.
So in this, you can have multiple users to be used,
more users.
And this is gives you like as a single sign on,
for example, even if you do not have an account
in Docker Hub, you can log in from your office account
and be logged in.
And they provide you much more easier management
for buying and support the business as it work.
Okay, any questions?
This is Charles, Junwei, then Jean, okay.
Any questions, please?
I'm going to proceed.
And before I go to the next slide,
I'll talk about this slide.
Okay, much more easier for the next one back.
So now when you install Docker on your machine,
like on a VM, it had two components.
You have a client component and a daemon component.
So when you run any commands, like example,
you run a command like Docker pull the image name.
You're running as a client.
The request goes to the daemon,
the background process using a guest API.
And this daemon would help you to manage your VMs,
could be a storage, all those things in the background.
So this could be a client, either could be yourself
or it could be some other application.
And when you try to do this request goes to Docker daemon
and Docker daemon helps you to manage the patterns.
So Docker engine consists of both the components.
So if you install a VM,
it'll have both the client component and a daemon component.
And server background is called DockerD.
The company are using a list API
and we use Docker CLI commands to work with this.
And what you create in Docker is called as objects,
like containers, volumes, images, networks.
What do we create in Docker is called as Docker objects.
So how do these all work together?
So this is a diagram in which we talk about
the major components or a client component.
We're talking about daemon component and registry.
How does all this work?
Now, small use case.
Now let's consider that you're a developer
and you want to work on Nginx.
So Nginx is reverse proxy web server.
This is used for front end application.
It also support proxy load balancing other features.
So this one or Apache, all these are very similar.
This is still advanced for your web servers.
Now you want to work on this.
So you will first install Docker on your machine.
On your machine, you will install first Docker.
And then you would run a command Docker tool Nginx.
So you need to have appropriate privileges.
So this requires a pseudo access.
Because we work in Docker,
you make the changes in TCP ports.
And hence you'd have pseudo access.
So you would run a command Docker pull
the image name Nginx.
The request goes to Docker daemon.
Being a first time, so it will not have the image.
So request would go to the default registry,
if not the registry which you've configured.
It pulls the image and saves it in your local mesh
or the environment where you're working.
Now it is a read 1D image.
I cannot log into this.
So I'm still not ready to write in the code
in this application.
So I would say Docker 1 and the image name.
The request goes to Docker daemon.
So where does the image save?
So normally Linux will save under where lib docker.
So where lib docker is the root directory of Docker,
which will have volumes, overlay, all these.
You will go on search under this and the overlay,
it will have the image.
It'll understand and get a container.
Now I cannot just use one container
because if I delete it, I do something wrong.
It might make my container or up to not work.
So I want to create one more container.
So I use Docker 1 command, I run two times.
The create two of this.
Then I can log into the container.
Then I can log in saying that Docker exec,
an ID and the name on the shell.
I'll be logged in the container
and I can start working on my application.
So I can pull any images like this.
The process first will check in local message
or local environment or local mission.
If not, it goes to the registries.
And the default registry, what we use is Docker.
So in case you want to registry within your office,
for example, you can also registry on a VM,
on a cloud, a different registry.
Registry location where you store the images.
Now sometimes we cannot use the image
because these are not very specific to your organization.
You might want a custom.
For that, you create own image
and then you build the image.
For that, you use Docker build.
So you define the image contents
and then you build the image by using Docker build commands.
So Docker daemon, Docker client,
and we're talking about registries
is where you store the images.
In that, either you can get a public
or a private repository and participants
or talk to the developers or testers, everyone,
then do a Docker pull.
And then once they're in the work, they do a Docker push.
So that's sort of others can see the change.
If I go for engine next, for example,
click on the image.
And the image would look something like this.
So this is written by some developer, you see?
The file name is called Docker file.
So the image contains a file called a Docker file.
It would have lots of lines.
These are called as layers.
It's called layers.
And this is written in Go language.
And all these layers work together.
For example, you see from,
so it has a very minimal OS for running your application.
We're talking about who is the owner of this.
You can mention that I'm the author of this Docker file.
ENVs is in the variables.
Like I mentioned, the version,
you can mention the path of your Java,
the property for your Python.
And then you're running all your libraries
and binaries when you run commands.
So all these is part of the image.
We'll learn very specific parameters later.
This is what we're talking about.
And all these lines are called as the image.
What you observe right now is a read-one-day template.
And that has instructions for creating containers.
So it'll talk about using Docker file.
And each line talk about is instruction.
And they all work together to create for the image.
And from this image, we created running copy.
So even containers are an image.
Containers are not persistent.
Delete the container, you lose the data.
So you have to use a mapping storage
so the container's data is persistent.
I can create containers.
It's a Docker created grid, but it can start.
Or you can say Docker run, the image will create and start.
I can do a kill, I can do a pause.
Or I use all the Docker commands for doing operations.
I'm pausing here.
Any questions?
The Docker image, yeah.
But it is a compressed format.
When you download it, the size is very, very small.
It will be like only MBs.
It's only MBs, no GBs at all.
Very, very small.
So I compressed it, so it's quite small.
Okay, any other questions?
Let me proceed.
Now, how do we install?
We'll finish the installation topic
and then we can take a short quick break.
So for installing, we already have installed.
We'll learn about how to install all these.
You can sort on Windows.
So we separate software for Docker for Windows.
We separate software for Docker for Linux.
We separate software for Docker for Mac.
And all the OS must be a 64-bit.
Red Hat based, Red Hat based means
we're talking about could be Red Hat itself,
CentOS, Fedora, for all these things we use.
VM commands, RPMs all at once.
Here we use RPMs, we say VM install Docker, for example,
using a Linux server of Red Hat.
And then you can say service.
The service name is Docker.
And then you say start.
Using Debian based, Debian based,
we're talking about could be Ubuntu,
or Debian, could be a Mint, all these.
For these we use APT, or we can use apt-hidefactor.
These are the package manager.
And then you can say apt install docker.io.
So we can either use any of this for the use.
We're going to use Ubuntu.
So we're going to use commands like apt update
to update repositories.
And then we will say apt install docker.id.
It installs Docker.
Use for Mac, we can deploy it on Windows.
So Docker desktop, if you install it
on your local machine, for example,
you can do something like this.
So now you want to sign up with the Docker account.
Could you all access the website?
We'll learn about it and then we do a hands-on.
So please access this website, HTTPS, and the link,
and sign up for this account.
Create a personal free account and form once you're done.
This website, click on sign up.
Go with your email ID.
And you might want to check your email.
You want to click on the link, activation link,
and you will be able to log in and get a free account.
Please type in manually.
If it continues, you can do it,
but later you might have an,
I'll say that create a personal account manually
instead of using a Google or GitHub.
If you want, you can use it.
It's up to you.
Good, okay.
So now once you're logged in, click on sign in.
Click on and then get a pop-up.
In a screen like this.
Now please click on explore.
Click explore.
And under explore, you will see lots of images.
So all these are images.
And these images are again classified
into different categories.
So Docker official images,
it means that all the images you can docker official,
these are managed by Docker.
And any image would have image name like this.
It would have the details about the downloads,
the rating of it, the pulse.
So example, if you click on internet,
this came automatically when you're official.
You open it.
It will say that is official build.
And you want to use the image,
you want to use the command docker pull engines.
And there are different versions of index.
The latest one, then we have to use latest.
One other one, for example, you have to say docker pull,
the next colon and the image version number.
So image latest means this image docker update
very regularly and you can see the tendons.
Somewhere in the backend,
the images are stored in your version controller backend.
So these are the image looks in command.
You can also observe on which platform is supported.
Go down, they say that this supports on these platforms.
So this image supports on ANG64,
all these platforms on which you can identify.
And any official images would have details
about what is this image, the reverse proxy,
how to use the image, some examples.
They let you know which port, customize.
So you can learn a lot by when you see official images
of any images and you can play around.
Now back to screen.
Now Verified Publisher is third party company
and they have partnered with the docker.
What is this is open source images,
which is created by community of team,
might be CentOS, Fedora community,
they created some images.
Now let's consider that you want to see image of all the types.
What you can do, uncheck all the box
and then say example engine X, press enter.
And you will see official could be verified
all the images you see.
This is how we use to search the images.
This is a default registry, which we're talking about.
Now let's go back and talk about some theory part of this.
So we observe the images
and each image consists of multiple layers
and all these layers work together
to create your image or continue talking about.
And when you do a docker run
and I give the image,
that will make a runnable copy to the content.
So docker image consists of multiple layers
and all these are read-only images.
They get downloaded this.
This is a default two directory called a bare-lipped docker.
You can see volume and everything there.
Overlay is very specific for your images.
So example a VM or a server looks at something like this
and you have lots of images with that,
but you're in docker pool.
And each image would have an image ID.
It's very big, but now you see around 12 characters
or number, alphanumeric, and we can have a writable copy on it.
So docker images, you can go directly modify an image
like I said, you can modify the image,
but you need to get a running copy.
And the way how they work,
all the layers working together, that file system.
Like in Linux, we use ext4, GFS,
how they organize the file, the file system.
In container world, we talk about overlay file system,
which all the layers work together.
It's also called overlay file system,
layered file system.
So file system means how files are organized
internally in your OS.
Now in this directory, we can create
and then we can go to the histories
and we can see the properties.
You're all working on a project, for example,
the work team, your SME or a Scrum master
might create a repository where all of you get access.
So create a repository, there's a username,
then we give a report name and the date.
For free account, you have only one private or use it,
but you get multiple public.
So I create public repository, for example,
this will get created.
So all the devops team members,
they get access to this repository
and each of them can start pushing their container changes
as an image format to this repository.
So example, it will look something like this
once everyone pushes into this.
This is my example of how I have an image repository.
So someone has pushed 14 years back
and you wanna see the image contents,
you can either click on it or you can go to text tab,
you can click on the digest to see some information
about what it has.
And if you wanna get the complete information of this,
you can call the container, you can also do a Docker pull,
pull the image and then from that you create a container.
And when you go for a paid versions,
you can go to build and integrate with your GitHub.
You wanna give access to others account,
you add them and collaborators.
And if you want to do some automation, for example,
if something happens in this,
if some image comes in here, you can say to create image,
you can do some automation for building tests
like Jenkins V or CI CD.
And the settings, you can make lots of changes,
the scanning changes, other settings you can do it.
So with every repository,
you can go ahead and make those changes.
So this is how you are contain registries with your container.
So registries, public or a private,
either you can use Docker Hub or you can use cloud-based,
you can use a PCR and you can automate
the process of release.
Example, you initialize with your GitHub and CI CD.
So do you all work on DevOps?
Do you work on DevOps?
So are you aware of CI CD?
What is CI CD?
Everyone, do you understand what is CI CD build?
Do we understand these terms?
Yes, I understand.
Do we know what is CI, what is continuous delivery?
What is CI?
Yes, yes, what exactly happens in this?
You're right.
What exactly happens in continuous integration process?
Let me talk about it in case.
So example, I'm a developer
and if I push the code to GitHub, for example,
I keep on writing code, push the code
and as soon as I push the code to GitHub,
it will do a delivery
and test the code immediately.
I'll give a notification or errors.
I can see those and understand
if my code is written properly.
Yeah, you write the code, you push the code
or make changes in your GitHub
and the build and test of the code happens immediately
and you can see the results
and now you think, okay, my code is good, it's working fine.
This is called as continuous integration.
Continuous delivery means it will release the application
quite quickly like pipelines.
The Docker Hub is where you can create registries,
webhook and all.
So now in Docker Hub,
either you can pull and push all existing images,
for example, you have a machine,
which containers, you can do a Docker
and then I can search the images in Docker Hub.
I can pull or run all these.
Or other method is you create your own image.
You write a file called vi-docker-file
and put all the contents of the image
and you save this file in GitHub
and then once you're done,
then you say Docker build command
and give a name for the image
and you build the image.
You test it and then you push it for others to use it.
We have a demo for all these labs we have.
So in brief, you can use the existing ones
or create own images
and then you can integrate automation
or the release and all these things using your CI CD
and then you can start using the cross.
Very brief, you can do a pull,
you can do a pull, build,
you create a container.
When the container is created,
you can commit the container to your image
and then you can push the repository
so others can see it, stop, remove.
So these are some important commands to get started.
So now we'll see some commands,
take a break and then install it.
So these are your sheet sheets.
So layers, what's the image?
What's the container?
What registry?
I'm not using it right now.
Docker component will talk about it later.
Wanna pull, I'll use Docker pull.
I can start, stop, I can create and login.
I can kill all these.
So these are some commands using which you can get started.
What I've done, I've made this commands
much more easier for you in different documents
so that you really understand
which is important Docker commands.
So once you install Docker,
you can see a version of Docker by using Docker version.
If you want to know what exactly
a Docker software consists of, you can say Docker info.
Pull, you can say pull.
To see images downloaded, say Docker images.
Create containers with different options,
one, iPhone D, one iPhone, iPhone IT.
We'll talk about it in detail.
Login, use exit.
To see container, we can use PS, running containers.
Once you all of them, you see a PS, iPhone A.
I can authenticate by doing Docker login
and we can start, stop.
Now you might want to know what is in a container,
what layers, what is IP address, what configurations.
For any of the Docker objects, we can use inspect.
You can say Docker inspect images or containers.
You can commit the changes
and you want to share it with others.
You tag your image with the repository
and then you push it
so that others can see your container changes.
These are the different commands
for working with your containers and docks,
which are going to explore.
I think any questions, team?
The first part is what I wanted to talk in the first session.
We should learn about what is your container.
We learned about Docker.
We learned about different components of Docker,
like Docker registry, Docker client, and Docker post.
And how, what are the container, what does it consist of?
What are Docker images?
What are layers?
How do you install Docker?
And some important command.
Any questions?
I would like to understand from you all,
when you want to have a short breaks,
when you want your lunch, breakfast or lunch break.
Please let me know so that you can plan accordingly.
What time you prefer to have your coffee break?
What time do you prefer lunch,
breakfast break or lunch break so they understand?
I think you all had breakfast, everyone?
You all had breakfast before the joint session?
Okay, fine.
So you tell me now when you want to have coffee break,
when you want lunch break, whatever you want to say,
because I want to understand how it does work.
You want to go now for short break?
You want to have coffee break now?
Okay, so are we good for coffee break, 15 minutes now?
And then once we come back, we will install Docker,
and we'll learn about the lab in which we'll pull the image,
create containers, all of them after the break.
So let me put a timer so we have a 15 minute break.
Yeah, thank you.
We'll be back soon.
Sindhu.
Yes, is my screen visible, everyone?
Clear? Is my screen clear?
Okay.
Are this everything you have confirmed?
What's your picture?
Are we in this now?
So we've opened multiple windows.
Load other windows so that you get confused.
So open one in one as of now.
Let's have one terminal window.
And close that.
So now we are logged into the VM.
So now you can, this is Linux.
So you can do a clear, you can clear out.
So open two.
So first we'll do a sudo su-.
So sudo su- would give root privileges.
And now we're doing the hands-on of lab one.
So logged in using a different method.
Use apt update, run these three commands.
Run these commands.
First do a sudo su-
and then run these three commands without the prompt.
And confirm the doctor version
once you've done these steps.
So first one, apt update.
See apt update would download the latest packages,
a copy of it on your local so that we can install it quickly.
And then you can say apt install
along with dependencies, hy.
And the application is docker.ip.
This is going to install Docker software.
Once you run the first two commands,
install it all the starts.
And now next one is to enable Docker service
in your run levels in Linux.
And then confirm the Docker version.
So let me see what's happening at the order.
Okay, good.
Any questions?
Yeah.
So can you do a control C?
Control C.
The spelling is wrong.
You see spelling is wrong.
It is D-O-C-A-E-R.
Spell check, type over there.
No, it is.
After K, there's no C again.
D-O-C-K-E-R.
The spelling is wrong.
D-O-C-K.
And after K is E-R.
Do a control C.
Do a control C.
Go clear.
I can't see a screen.
That's what I'm showing as text now.
Good.
Okay.
I'm gonna go to the screen.
Are there any questions?
Are we good?
Okay, fine.
So we're first step.
So now type in Docker and press enter.
When typing Docker and press enter,
you get lots of commands.
Just see the commands.
So type in Docker and press enter.
All these are commands.
Docker run, Docker exec, Docker ps, build and all.
And if you want to run any command with the help,
you can see what are the options.
So example, if you want to know what is Docker run,
you can say Docker run and space hyphen hyphen help.
It lets you know what is this command
and how to use the command.
Yeah.
So use any command.
See how to browse or look into the help options.
So every command we have a help.
And using these options,
you can work to create containers.
So every command,
you want to know what is for images,
what are Docker images.
For example, you can say Docker space images
hyphen hyphen help.
And let's you know this is for to list the images.
You can use these commands, Docker image ls,
Docker image ls, Docker images, and these are the options.
There's one more command.
Type in Docker space info.
Please type Docker space info and press enter.
You run it, observe the output.
So Docker info gives you a client portion.
And this is your server portion.
It says what is running containers,
the version, the logs, architecture,
all the information about your host, network, logs, form.
And you see the directory of Docker,
the configuration of the 1GB of the server.
Now let's go to this location.
So go to the Docker.
R lib docker.
And press enter and do ls.
So this is where you can see all your configuration files
of Docker.
And this commands.
So run in the command of Docker
to see all the Docker commands.
You can use the help.
You can see Docker info using which you can find
in the complete details about the client
and server components.
And under where lib docker, the root directory,
you can see all your Docker configuration files.
So if you download any image, it will go to this location.
So any volume will go to this location in default.
Okay, any questions team?
That'd be good.
Now let's do a lab.
One more lab.
In module one, labs.
We're going to lab two,
in which you are going to work with,
you wanna create container full images.
So I'll explain this lab.
First we will pull in the image of Docker engine X.
We'll observe how it pulls.
And then we'll list the images,
which is pulled by using Docker images.
And then we create a container from it.
You run command, we observe the image
that got created by using Docker V
as a Docker container list
to see whether container got created.
And I might want to see the IP address
so I can do inspect the IP ID
or I want to grab the information
so I can IP address this word, just to browse.
So container get IP addresses.
Because containers also need to be part of a network
for communication across multiple containers.
Then we will try to log in the container
by using logger exit command, exec hyphen IT,
the container ID and the name,
or you can just contain the name.
And it creates some file.
Consider you're a developer or a tester,
you try to create some file.
And observe the file is got created.
Then it's a good practice to do a control PQ to exit.
Don't type in exit.
You want to come back to your host, control PQ,
it'll be back to the host.
You can stop the container.
You cannot run Docker commands into the container.
It will be on the host.
You can stop it and see what happened.
You cannot log in.
You again start it, log in
and check whether you have the file.
If you want, you want to put some contents into it.
So you can install the editor, be able to write it.
And then try to put some text into it.
So the first part is all about how you create images.
How do you see the images?
How do we locate a container?
How do you log in the container?
How we can create some files
and how you can do some basic operations in a container.
The first part.
Are we good?
The first part, everyone, the flow, let's start.
So here, first command, Docker.
Pull, indynext.
Now this command, this will go ahead
and download the latest version of indynext from Docker Hub.
You're good, good.
Charles, you're good.
Everyone, are we good?
Okay, so now what I do is I would say
Docker space images.
So this will show you the repository
from which you created.
Yeah, okay, question.
Okay, tag name, image ID.
And this image was updated two weeks back
in Docker Hub by Docker.
This is all good, yeah.
The next step, to create a container from here.
So I'd say the different options.
So I'd say Docker run, hyphen D, and the report name.
And colon the tag name.
This is an optional, tag name is optional.
The latest one, you can also skip it.
Or you can type it like this.
And then press enter.
Okay.
Create a container now, everyone.
Docker run, is there Docker run also?
Docker run, hyphen D, space.
Ingenix colon latest.
Okay, good.
You're good.
Charles, you're good.
Let me see your charts.
Charles, what's happening?
Do a control C.
Do a control C, do a control C.
Yeah, one second, yeah.
One second, what did you do with the previous command?
No, no, no, you have to use, yes, yes, you're good.
The chart is good.
Next is, okay, what's happening?
Whose screen is this?
CK, any questions?
I think you're lagging.
Okay.
Okay, you're created, all right.
I think all are good.
So now let's proceed.
So now it's created.
So now how do I check it?
Item two, Docker PS.
And you see it could create a container.
So the container ID.
And this is your container name.
And this is the image from which you created.
And what command went inside and the time.
And you can also use Docker PS hyphen A.
Sometimes if you see, you wanna see all the containers.
Docker PS will show only running containers.
PS FNA will show all the containers,
stopped running containers.
Okay, this is one method to create a container.
So now let's see how to log into it.
So logging onto it.
Docker exec hyphen IP,
the container ID or the name.
Copy and paste it.
And then you can mention the shell.
So Linux we use different shells, bash,
bin slash sh, other shells.
So we mention here.
And now inside the container,
you can see that it is your host name of the container.
Now how do we confirm that this is your container?
So this must have all the application files.
So you can explore.
So you can use the find command for example.
In Linux, find.
This is an observation.
And I can say I wanna find the content in the files,
I do a find.
You see that I'm able to see the content in the file.
Some files cannot be reached.
Can I see other files?
For example, I might want to work on index.html.
And it is there.
You see that whatever your application you require,
is already available.
So now we understand that container
is properly created for you.
So you have to go and find.
So you see a file.
So now can I write something?
So I can write some stuff.
I can find, I'm able to do a file.
And I can see the file in here.
Can I make some changes?
So I can use ABT update.
So whenever you want to install anything in a container,
first you update.
And now I want to install Wim editor for example.
I say install Wim.
Edit it for modifying your data.
And you would install.
So I can open the same file.
I'm writing something, some .txt.
And then you can see the text.
Just play around.
So play around what you want to do in a container.
You can do any of your operations.
So I just create a small file
and I put some contents into it.
Yeah, play around in the container.
What I want to do.
Create a file.
Try to put in something, text into it.
We all know how to use Wim editor.
Do we know how to use editor tools?
Everyone, any questions?
Okay.
Yeah.
So press I.
June press I.
Press I on your lap.
Yes, put some kind.
Type in something.
Type something.
Yes.
Now press escape.
Others please observe.
Press, if you want to save this file,
press escape on your laptop.
Colon, colon WQ.
Escape colon WQ.
Click on.
Escape button.
First press escape.
Colon WQ.
Sorry, are you with me?
Yeah, okay.
Now, so do a cat command.
Do a cat.
Of the file name.
Cat and the file name.
Now cat, type in cat.
Remove this, go back.
Backspace.
Yeah, do a cat.
C-A-T.
No, no, you're doing something wrong.
Okay, type the file name space.
Space example.txt.
No, no, you're doing something wrong.
Can type an exit here.
Press colon.
Yes.
Now again, can you log in?
Log in to a server.
Can you do a pseudo-su-hyphen?
Pseudo-su-hyphen.
Pseudo-su-space-hyphen.
Yeah, enter.
Yeah, type in Docker.
Type in Docker and press enter.
Just type in Docker.
No hyphen.
Okay, fine.
So now, can you do a do a Docker PS?
Remove this, I'm not sure why I'm adding those.
Yeah, yeah, remove those.
Additional characters, remove those.
Use the backspace.
Yeah, type in Docker space PS.
No, no hyphen.
Yes.
Now type in Docker.
Type in Docker.
EXEC.
EC.
EC.
Yeah, C, C for charge.
Space.
If an IT, hyphen, IT.
T, T for tango.
For tango.
Or Tom.
Not D, T.
Yes.
Space.
Copy the container name or the ID.
Not copying properly.
You're missing it.
Okay, I'll tell you how to copy it.
One second, one second.
Yeah, yes.
Highlight on it.
No, no, no.
Slowly, please.
So can you highlight on your container ID below that?
Okay, now what you do now is,
below the container ID, okay.
F, A, space, space.
Use space.
Bash.
B, A, S, H.
Enter.
Now type in clear.
Please type clear.
Now type in VI.
VI, V for Victor.
I.
Space.
Example.
TXT.
Enter.
Press enter.
Yeah, press I.
Have you used edited tool before?
Do you need a follow up?
So what you do is come out of this.
Let's make it simple.
Escape, colon, W, Q.
Escape, colon, W, Q.
Now just press Q.
Escape, colon.
I'm not sure.
I think you're not able to use those options on your escape.
Press escape button.
Escape, yes.
Escape, colon.
Escape, colon.
You have to do it faster.
Okay.
Yeah, that's fine.
So make it simple.
Do a touch.
Log in the container now.
Again.
Use app arrows.
Use the app arrow.
In your prompt.
I think you're not.
Not sure what you're doing.
Others are able to do it.
This one.
Jeff, everyone.
This is very good.
Who's speaking now?
Okay, do a control C.
Type in clear.
Type in clear first.
Now what are you going to do?
Do a APT space update.
Yeah, space update.
This is command in the document.
Yeah.
Next, you say APT.
What I want to do?
You want to, you can either use APT or APT-HFN-GET.
Both are same.
Space.
APT space.
Install.
Install.
Space.
WIM.
Now we can say WIM.
WIM.
Space.
Example.
Enter.
Enter.
I.
I.
To see.
Yeah.
Type in some content.
What I want to say?
Type in some content.
Type in some content.
Escape colon WQ.
Escape.
So team, to save the file,
once you enter it, you have to use escape colon WQ
and press enter.
Type whatever you want.
Press escape then colon WQ to save and quit.
I think I'm not in group.
Can you mock more?
Can you make it small or something?
I'm not sure.
How do I take control?
Did you have an option to give control to me?
Do you have control now?
I have.
No, I don't have control.
I don't think you can do it.
Let's check.
Okay.
Now we're prog.
Are you there?
Okay.
The terminal, how will it?
I need to get access to your session.
I'm not sure.
How does it work?
For your machine and insight.
There's an option to control in here.
Okay.
I'll show you once more.
Please observe at my end.
Yes.
Yeah, do a cat.
Yes.
Yeah, we go.
Yes.
Let me show you again.
Please observe my screen.
I'm gonna do it.
See, for example, if you want a file,
I have to use, okay.
I go inside.
You want to write something, I press I.
You see insert mode.
Now I can make some changes.
Everyone please observe.
I press I.
I make some changes.
So now I want this file to be saved
and I want to be out of this file.
So I press escape.
The I would go instead of go away.
And then you press colon WQ and press enter.
Later on, this is useful for the Kubernetes
or you need to know this.
If not, it's quite difficult for the Kubernetes labs also.
So put in a file.
Put the file, make changes.
We're going to I.
Once you're done, press escape.
The I will go away.
Then press colon WQ and press enter.
See the file, docad.
The file name.
We're able to see the file contents.
Okay, let's see how many are good in here.
Are we good?
Is June?
Yes.
Okay.
Predicate a file now.
APT first do APT space update.
Do APT space update.
Space update.
Enter.
Install WIM.
APT hyphen get install WIM.
Yes.
WIM, VIM.
You can give a different name.
That's fine.
Forget of the same name.
Give some other name.
No, no, no.
I think maybe you missed it before.
Make it some other name.
Test dot something.
Some other name.
Test or whatever you want.
Yes.
Enter.
Press I.
Yes, put some content.
You can be stuck in the previous one
to do different one because you're making errors.
So do something.
The new file.
Yeah, escape.
Press escape.
On your laptop.
On a laptop, press escape.
Coolant, shift and semicolon.
Yeah, WQ.
Q, Q.
Press enter again.
Press enter.
Escape, colon, W, Q.
Hit enter.
Now do a cat and the file name.
Do a cat and the file name.
Cat, cat.
Cat, C-A-T.
Use a tab.
It's a Linux box.
Use a tab.
We'll populate.
Enter.
Are we good?
Charles, okay, you're good.
And Gene, press escape on your laptop.
Colon, shift and semicolon button.
Shift and semicolon button on your laptop.
Shift and semicolon your button.
Yeah, WQ.
W.
W.
Type in W.
Q.
Q for create.
Quick.
Enter.
Enter.
Yes.
Now do a cat.
Do a cat.
C-A-T.
And the file name.
Okay, so this is enhanced.
Please be comfortable on these commands.
Okay.
Last one, let's see for,
so what's happening?
Whose screen is this?
C-K?
What happened?
No controls, C?
Okay, okay, fine.
All right, team.
Yes, I repeat again.
You must be comfortable using BI and Linux basics
because without this,
very difficult for you to do the hands-on.
Yeah, so please look into these commands
in case you're time in the evening.
Just practice this.
You need to have knowledge of how to use this.
Yeah, so now I'm the container.
So to come to the container,
you have to press control PQ in the same time.
So you want to be back to host,
press control PQ.
Control button, PQ.
Control, press C,
and Q.
All these three buttons at the same time.
Are we back to the desktop?
The host?
Okay, I think we're good.
Fine.
So next one.
So now let's do some process.
Let's stop the container.
So do a docker.
How to copy?
Please observe how to copy it.
So if you want to copy something,
you copy it by highlighting what you want.
It gets, it'll normally be a copy.
Let's see this.
And then I click on paste.
You need not even right click and copy it.
Just highlight, it'll get copied.
And wherever you want, right click and paste it.
You need not go ahead and copy manually.
Just go ahead and try to do this.
Just highlight it,
and wherever you want, you right click, it'll get pasted.
Are we clear?
Okay, we're good.
I think, yeah, this is how we start working in.
Okay, okay.
So now you can do some operations.
Now we'll stop.
Can you log in?
You cannot log in now because it stopped.
So try to use the app.
You can use app arrow in Linux.
And then log into it.
You cannot log in because it is not running.
So what are you supposed to do?
What are you supposed to do now?
You cannot log in.
What are you supposed to do?
It is done.
Now I'm gonna create a new one.
So instead of start, make it start.
And now log into the container
and see whether you have the file.
Do the same file and do a cat.
And use a contents.
Start it.
Log in back and see if you have the same file.
Okay, you see it.
Do a cat now.
Do a cat and the file name.
Type in cat, cat, cat, and the file name.
Just type in.
You can use it, yes.
Example two, .ext.
So this is how we can log in back, see the files.
You see when you stop and start,
this is the file that's still existing.
Now press Control PQ.
Come to the host.
Control PQ in sequence.
That's it.
I think we're good now.
Press Control PQ.
Come out.
Yeah, I press Control PQ to come out.
So this is an example of how you create a container
and how you log into the container
and how we see the running containers.
So now, next is you want to share this file,
what you created with your team members.
So you need to push it to report the tweet.
So did we all create a report in Docker Hub before?
Did we create our own repository or not?
Let's start again.
So what we now do is, please observe.
Go along with me.
Do a Docker PS first.
And type in Docker commit.
Docker commit the container changes to a new image.
Give any image.
Do a Docker space commit space your container name
or the ID and give the image name
and check if it has got completed.
So again, do a Docker images
and check whether you have a new image.
The contents of the container and coming to image
and confirming.
Okay, I think June is good.
Charles is good.
Okay, I think we're doing it now.
So now this is what you want to push it.
So let's see the syntax.
You can also use the Docker tag.
This is syntax of every command.
Do a Docker tag and type in a one hell.
It says Docker tag source image and the target image.
So your source is a IN01, which is supposed to share
and to where does it target?
So now do you have a new report in Docker Hub?
You do or?
Confirm.
If you don't, can you create a repository in Docker Hub?
They can create a repository, give a name
and click on create.
Confirm once you're done.
Please access hub.docker.com in your browser,
hub.docker.com and create a new report.
Confirm once done.
Are we doing it Tim?
I don't see the screens.
Are you doing it?
Your report in your Docker Hub?
Please confirm.
Access hub.docker.com and create a repository
and confirm once you're done.
The chat please confirm because I can't see this.
My data didn't for me in your browser.
Confirm once.
Create a repository.
So click on report.
Click on create a report.
Give a name.
Yes.
And create, click on create.
Confirm once this is done.
Are this?
So now the repository is,
this is the report where you want, for example.
So you have to tag to this and push to this.
So now what you can do is,
I'm going to write the command in notepad
so that I can show you easily because the screens.
Syntaxes.
I'll say Docker tag.
My image name is img01.
My image which I want to tag is img01.
And the tag name of latest of images is this.
This is my source.
Where to push?
This is my target.
So I put a complete name.
So my complete name.
There I want to push.
Slash report.
Are we clear?
So Docker tag, the image01 colon latest.
And in here, and I'll paste it for you also in the tag.
And given some image version or latest,
you can say anything.
And you can say version one two, for example.
So in this syntax, modify your report name.
Modify this from this, what I've pasted you.
And run this command.
Modify your report, complete report name
with what I've given to you in the same syntax.
And run it.
And again, do a Docker images.
Let me know what happened.
No, no, no.
What's the name we gave before?
You have not done it properly.
You're not coming to properly.
Docker commit, you did.
You did not mention.
Can you go up again?
Use the apparel.
Please use the apparel.
Use the apparel.
Type in apparel, use apparel in the prompt.
Yes.
Yes, yes, yes.
Once more, once more.
Not this command, once more.
Use the apparel.
Apparel.
Run now, for Docker commit, slowly.
Go back to Docker commit command.
Docker commit.
Paste the, type in.
Docker space commit.
Can you type in otherwise?
Type it.
Docker space commit.
Space commit.
Yeah, space the container ID.
Paste it.
That A3 file, Docker mod.
The A3 file, you see in the top?
Yes, yes, yes.
Paste it.
Don't press enter, wait.
So now give a space.
Space IMG01.
IMG01.
IMG01.
IMG01.
Press enter.
Press enter.
Now run the tag command again,
the same which we ran before.
Just run the tag command again.
Yes, now do a Docker space images.
Okay, are we good?
You see the top one?
The first one.
First one is what has been tagged to.
Okay, are this good?
Okay, I think Charles is stuck somewhere.
Okay, it seems we're good.
Last one is gene.
You're good.
And we also talked about CK.
Even CK is good.
Yeah.
So now how do you push it?
Let us see the learner syntax.
So now if we do a Docker push
and see the help of it.
Do a Docker push and see help of it and see a syntax.
So it says Docker push and option in the name tag.
Yeah.
So it means that you can use the same command
just for your tag.
And just mention the destination.
So it can say Docker push
and give your destination location.
So Docker push space your report colon the tag name.
So it asks for authentication.
And for much just do something like this.
Okay, it's good.
Okay, I'll tell you what to do next.
Now what is the first thing to do is
you have to authenticate before you push.
So you say Docker login.
Give your username, which is signed up for a Docker Hub.
Use the username.
And enter the password of a Docker Hub account
and press enter.
So authenticate by using Docker space login
and then execute and then do a push.
It must push in the contents from a local to central.
Yeah, good.
So now refresh your repository.
Refresh your repository.
And you must be seeing the image in here.
And if you want your colleagues to pull, for example,
we can go to tags tab and you see tag name
and you can give it to your colleague.
For example, you can pull mine.
So this is mine copy.
If you want mine, you can pull it
and get a container from it.
Yes, let's see.
Can I do this?
Try to pull others, you can exchange
and see the image and try to get a container from it
and see if it can see.
Yeah, try to do yourself, let's see.
I want you to pull my image, get a container from this image
and see what is there in my example.txt.
This experiment I want you to do yourself.
What you can do, Charles.
Now go back to your repository in your Docker Hub.
Go back to Docker Hub browser and see,
do you refresh it?
Do you see the image there?
Yes, yes.
So now my next quiz, can you copy mine
and try to get a container from it?
I want you to pull my image and give me a chat history.
Run the command and try to get a container from it.
Do a clear.
See, it did not mean always in where you left Docker.
Just type in CD.
Type in CD, press enter.
Yeah, now try to copy what I did in the chat.
The chat I've given you.
Pull command, pull mine, run the command.
Copy and paste the command, not sure.
Why are you typing everything manually?
You're not even copying and pasting?
It must work.
Are this?
Okay, okay, I'm not sure.
It must work.
Are this?
I have to copy and paste from your chat history.
Experiment the next one, yourself.
Let's see, okay, one second.
Docker space login first.
I'm just asking you to log in.
One second, do a Docker space login.
Authenticate.
Okay, okay, sorry, sorry.
One second, one second.
I think I gave a wrong name.
Sorry, sorry, my mistake.
One sign mistake.
This can't form.
No, you type in manually, sorry.
My name is wrong.
See the spelling?
Check the name of the chat.
So I thought you copied and pasted.
Putting this wrong, okay?
Play around.
Yes, I'll be good.
I'm getting at the concept of how to work with containers.
Okay, now.
Download, this is,
whose screen is this machine right now?
It is June.
June, you're good now.
So what you do is,
so now you're inside my container, correct?
So now do LS.
Do LS, no, no, no.
You're already in the container right now.
Do LS.
Type in LS, LS.
LS.
Now you've typed it.
What happens?
Okay, re-login to it.
I'm not sure.
That's some issue that you're in.
Okay, team, this is how we get started.
The last command.
So we can also create containers in different methods.
So this is one more method,
where I can create a container
and I'll be inside the container.
That's an example.
So example, you're gonna get a container.
I can also use,
like run hyphen IT,
give the image name,
colon, the tag name,
and the shell.
So this get a container, I'm inside it.
There's a run hyphen IT.
So now if I come out of it,
do a Docker TS,
you'll see a new content got created.
So Docker run hyphen IT is a method in which
you'll get a container
and you'll be inside the container.
And then you can do LS, example.txt,
and you can see my files.
That's what I want to do at your end.
Okay, are we good?
Yes, you're good, June.
So now do a cat of example.txt.
No, no, no.
You're already in a container.
Please understand.
The run hyphen only contain, do LS.
Do LS please.
I don't have to type in LS?
Okay, okay.
Okay, okay.
Charles, are we good?
Now what are we trying to do now?
Do control C.
What is it, what are we trying to do?
Do control C, type in clear.
Please type clear.
What are the previous comment?
Just use the up arrow twice.
Use the up arrow twice.
Press the up arrow on your laptop.
Up, up, up arrows.
Yeah, yeah, once again, once again.
So what did I do?
Did you create a container?
Did you push it to Docker Hub?
No success, okay.
Can you do a control C?
Do control C.
Type in Docker space login.
Docker space login.
Enter.
All right, once again.
Yes.
Type in Docker space push.
Is copy the report, the top report completely.
The Charles, you see this?
Not that, not that.
The first column, yes, copy that.
Just highlight it.
Yeah, just highlight it.
That's it.
No, no, you don't do it.
That's not required.
Just highlight it.
That's it, got copied now.
Come back to next push.
Come back next push.
Now right click there.
Type in Docker space push.
Docker space push.
Paste where the pointer is there.
Not there, exactly the position.
Yeah, right click, paste, okay.
Type it, copy it properly once more.
You just need to highlight what you want to copy.
It's copy, enter.
No, no, no, sorry.
Use the again apparel.
Use apparel.
Yeah, colon, colon, then colon,
nginx version point two.
You see the tag name.
Nginx, v, point, zero point two.
No, no, no, zero point two.
Be careful, no, no.
V, see the name of the image.
Use apparel, please.
Use apparel again.
It is nginx, after v, you have zero, then point, point.
See the name tag name.
After v, it is zero.
Delete it.
Delete, dot.
Yes, zero.
No, zero.
Zero point two.
Point two, enter.
Understood, documents here, tag name.
The tag name, nginx.
So now refresh your browser.
Go to your browser.
In Docker Hub, do you see the images?
This is how we work.
Are we good?
Okay, okay.
This is a brief about the first one.
Any questions?
Okay, I'm getting idea about how do you log into container?
How do we do the operations?
Any questions?
Are we good?
So think this comes out so that I can proceed.
Okay, okay.
So we will just come first.
That's what I see, understand.
Nginx.
The next one, let's continue.
I also want to understand what time
is your preferred lunch time?
What time you prefer a lunch break?
Or you normally take a lunch break now,
or you take the lunch break after class?
I'm not sure how does it work there.
I can get you.
So you want to break time?
Team, everyone please, a request here.
Each one, let me know when you want to take a break.
After 30 minutes from now or right now, when you want.
That's my question.
They're right here.
12.30, you want 12.30, okay.
So is it okay if we can give a 30 minutes break
for lunch break for 31 o'clock, is that okay?
Or you need more time for lunch break?
Just asking how does that work?
Will 30 minutes be good for you all?
So for example, if I say 12.30 to 1 p.m.,
would it be good?
Yeah, confirm by using a thumbs up
so that we are beyond this.
Everyone, so I didn't get you.
You mean to say you need more time?
Yeah, that's what I'm asking you.
That's what I'm asking.
I was open, how much time do you require?
You need one hour or 45 minutes or 30 minutes.
Okay, okay, others, are we good?
Okay, but because what is happening here is
you're not able to do the hands-on quickly.
So we are actually going slow
compared to the speed expected.
Yeah, yeah, and hence, so can we, yes, yes, yes, yes.
So can we do it for 45 minutes?
Say one, to 1.15, sorry, 12.30 p.m. to 1.15.
Yeah, we'll do it later.
So right now, the time is, I think, for you,
it is 12.07, correct?
Is it 12.07?
Okay, fine.
Let's continue and then take a break.
Now, what is Dr. Fine?
The Dr. Fine is going to find this piece of all the contents.
So tomorrow, if you want to create all the files,
so are you aware of any languages like Python or Java?
Do we have programmatic language, anyone in here?
Do you know Python or you know Java
or you know C-sharp, any languages?
Yes, no, we know C-sharp, okay.
So how do you extract right in your own contents?
So we create a Docker file, BA Docker file,
and then you can mention from where you want the image.
You can mention who was the owner of it.
You can mention what you want to install.
That is the path of your application.
You can mention, for example,
you create a file called a Docker file.
And this use case is, you see it here,
is to create your own IndieNex configurations.
So in this folder, so you create a folder,
for example, CD Project One,
and in this folder, you will have a Docker file.
You will also have some files like IndieNex.com.
You will have all these things
in your local machine in the folder directory.
And then you can say that I want to copy this file
to this location in a container.
So whatever files you want, you have to copy to a folder,
and you can say add this file in the present directory
to your containers, like this.
You can also call in some file which is outside
in Intranet or internet to be copied.
So we use add or copy to copy the files,
and we use command and entry point
to refer some parameters to be run.
So like this, you update all the,
these are instructions, these are the arguments.
So this could be OS, or Ubuntu,
it could be your CentOS, or it could be .NET,
or this could be JDK, anything you can use.
Or if nothing is there, it becomes a scratch.
Scratch means it is from a blank image.
So from is to define some base.
It could be own images, or it could be a .NET.
It all depends on what exactly you are trying to create.
For IndieNex, I require a minimal OS file,
so I'm mentioning Ubuntu.
So based on your requirements,
you have to use appropriate instructions
and the arguments, and write like this.
We mention which port number.
So once written all these things, you run it.
So how do you run it?
To create a build image, you say docker build,
and give a name.
T means tag name.
And you want this name for the image
which you want building, space dot.
So it means that you're trying to run it
in the present working directory.
So when you run this,
you're running as a client.
Now the request goes to daemon.
Now daemon would look in for a file named as docker file.
It will go and file surface, file called docker file
in the dot, it means the current working directory.
It understands that the docker file,
and whatever was there in the docker file lines,
those would get executed.
The first line get executed.
So the first line would have some output.
It will create a container.
And the second line if required can use in those containers.
This all does it for temporary,
and the end it will build your image.
So every line would get executed.
It will have information cache.
A cache means like a temporary storage.
The other layers would refer those temporary layers,
get the information, and use the information
what is defined in those temporary layers.
And then it will collectively create an image.
And it says the image is built.
And then once you're done,
you can say docker space images,
and you will see a new image robot created.
Are we clear?
Everyone?
I'll do a hands on now.
Do a lab now.
Lab three.
This lab, so before we get started,
ensure that, so let's do together.
Let's create directory.
So be in your CD.
If you're somewhere, do a CD and be on your host.
We're talking about lab two.
So lab three, the word document.
So we'll first create a tree.
I want to show a project directory first.
So you say CD, project one.
So MKDIR, so MKDIR, project one, for example.
And go inside CD in your host.
So now you want to get your own docker file in this location.
This is going to have these variables.
And we're going to start your Apache.
So we are trying to create your own container image
for Apache, and these are the lines.
So copy, so say as vi docker file.
These caps, F is small.
Vi space docker file.
I'll give the chat.
Copy this contents and paste it.
Copy this contents and paste it.
Copy and paste the contents.
Let's see where to paste it, everyone.
Then colon, the same process.
Escape colon wq.
Yes, Charles, you're not able to copy it.
Charles, once again, vi, yeah.
Type in the same.
Use the app arrow, vi docker file, the same command.
Enter.
Remove this, do a backspace.
Do a backspace, yes.
Now press i, i.
Now go to a chat history and copy the contents.
Or you can copy from your document also.
Copy the contents.
Have you copied?
Yeah, please right click exactly on the
where you have the pointer, exactly on.
Yes, yeah, right click, paste, paste.
No, we're not doing properly.
Go back, backspace, remove this.
Remove this, which one are you copying?
Let me, can you share screen using your from Zoom?
Share screen, the option to share screen directly
and helping you access.
Charles, so which one are you using?
Because, okay, yeah, please share screen now.
I don't see it, I just see your name.
I don't see a screen, Charles, share it.
Please share screen in Zoom.
Yeah, okay, it's coming up now.
Yes, now right click.
Copy the content, the chat.
You see chat, we have some contents.
Or a document.
Can you go to one document and see how we're copying it?
Please show me how we're copying it, please.
Play backspace, remove it, delete it.
Could you delete this?
Am I not audible?
Yeah, is it because others can see me?
Can you go to document, Charles?
Please, Charles, we need help.
I mean, you need to do quickly.
Could you go to the word document?
Did you say complete, Charles, sorry.
I can't understand you.
So could you share the complete screen?
Where's the word document of a lab?
Yeah, please first click enable.
So you see there's not any,
one second, click enable editing on the top.
Yes, now you can copy.
Till now you're not able to copy
because of the enabled editing.
Getting it?
Yes, now you'll be able to copy it.
It's not getting copied before
because you're not able to edit it.
Now right click, paste.
Okay, use backspace.
Backspace, go back to word document.
Right click, right click in here.
Please click on copy.
I'm not sure, did you copy it properly?
Did you put a notepad on your laptop?
Did you put a notepad on your laptop?
Fine, now copy from, again, copy from here.
Copy the contents.
Yes, now go to your terminal, right click, paste.
I'm not sure what I'm doing.
I'm just not getting, just right click.
Okay, not sure.
Come out of this file.
Come out of this file, escape colon WQ.
No, no, no.
Escape colon WQ.
Enter.
Now do a VI again.
Use the VI again.
We have the same, yeah, enter.
I, right click, paste.
Okay, I'm not sure.
Okay, can someone help them?
Help them?
What's the problem?
Okay.
Might be it is not allowing to copy
from your office laptop or something restricted.
Okay.
Sir, can you proceed in the meanwhile?
For this?
Okay, everyone.
So now, once you paste it, press escape colon WQ.
Now to confirm whether it's properly copied, do a cat.
Do a cat of the Docker file.
You see?
Are we good till here, everyone?
So now, want to build this?
I'd say Docker build hyphen T.
Again, you may do whatever you want to give.
You may do a two, for example.
Docker build hyphen T image, zero two, and space.
One space is there and then dot.
Then do the command, use a dot and press enter.
So Docker build hyphen T image, zero two,
what are the name of the image?
Space dot and press enter.
And you see the build would happen in the back end.
So it is building the image.
Yeah, is it done?
Please confirm, are you able to get the image?
Okay, fine.
Next step is we might have to open some ports.
Let me log in once again.
Log into Amazon.
I'm going to give access for the ports.
So this is what the background service
is trying to go inside.
And you have all the VMs running in here.
Okay.
So now let's see the traffic.
I just want to check in the traffic
that's being allowed on all the machines.
Okay.
So we'll just, one minute.
Let me just modify the, yeah, my screen's not getting shared.
Let me share my complete screen.
Yeah, I think I'm finished.
Enter screen.
Is the screen all visible?
Okay, okay.
So logging to this one,
I'm checking for a port to be given
so that you can do the hands-on.
Just trying to enable a port for you all.
Just give me a minute.
I click on this.
You are working on Amazon?
You are working on Amazon?
Oh, no.
Okay, okay.
So I'm trying to modify security group
so that it can allow port 80.
Just trying to modify so that you can all do the output.
Okay.
I'm trying to open all ports
so that we can quickly do the hands-on,
making all traffic.
Okay, making all traffic.
Okay.
Now you do it.
Let me add a rule for SSH.
This is 22.
And we add one more rule for HTTP.
Which is port 80.
Okay.
I'm not able to do it.
I think I have to modify the break
and to protect the backend.
So now I do it.
Right now, port, I'll show you how to modify this offline.
So are you able to create an image till now?
Everyone?
The image is created.
Next?
Yeah, the next step is I'm trying to expose it
outside world, port 80.
And we're not able to see because the port is blocked.
Yeah?
So on port 80.
So what you can do is right now, you can do a curl.
So do a curl, the public IP.
So do a curl, the public IP in your browser.
So curl and the IP address.
18, 139,
and 250,
dot 99.
And this must give you the page.
So the port is blocked.
In the break, I'll let you know, I'll enable the port.
You must be able to see the Apache page.
Understanding the lab, let's go to this location
and give you the content.
What is there inside this as a website?
So a simple example about how you can create a container
and how you're exposing the container to outside world.
This port is blocked right now.
In the break, I'll work with the backend team
and have the port to be enabled.
And you will be able to see your website.
To be clear, a small example about how we can create
a own Docker file and you can create
and see the contents of the website.
Yes, no?
Okay, are you all able to do till here?
Everyone, this step, the last one will not work.
I'll explore in the break.
I'll have it done.
Any questions?
Any questions, Gene, Charles and others?
Are we good?
So we'll take break now.
And after the break, I'll ensure that the port is enabled.
You'll also see the output in the browser.
So break for you till 1.15 p.m.
Okay?
Or you want to come early.
You tell me.
Okay?
Break till 1.15 p.m.
Thank you.
Now you have done it.
Hi, sir.
Hi, sir, we have to modify the ports.
We have very severe access.
No, when I go to a modern security group,
this is already at a policy, I cannot do it.
I can't even one more.
So let's make it all traffic something easier.
Otherwise, every port we cannot open it.
So my, because these people are not very good in Linux,
okay, everything.
So very difficult for them to allow even one port also.
So if you can modify where in security group
with all traffic, it will be helpful for me
to install everything.
Yeah, yeah.
Thank you.
I'll wait for you.
There's a break now.
Hi, I'm back.
Everyone confirm as you're back from break.
Yeah, you can use group chat.
Good, others?
Just confirm.
Okay.
So in the break, what happened was
I informed the backend team to update the rules.
So they were added all traffic.
It means all ports are allowed right now.
Now, when you try to access the public IP
of your machine, the browser,
so you can say HTTP and paste the public IP in the browser.
You will be able to see this.
Confirm, please confirm to be able to see this
in the browser.
And you can also do a search.
You can also do a search in the browser.
And you can also do a curl.
And you will be able to see the website coming
in the content in your local machine also.
I'm sure, but the browser you can see.
Yeah, could you all confirm please?
Let me see this browser screens at your end.
Yeah, do a curl, HTTP colon double slash
and the public IP in your terminal.
You will be able to see this.
Could you all show me this output?
Let's see.
Do this curl HTTP colon double slash
and the public IP of your VM.
Yeah, good.
Good.
Curl, type in curl, type curl once more please.
Space HTTP, HTTP colon double slash.
Yeah, now the IP.
Type in IP 13.213.
Is the IP right?
Please confirm and type it.
Something is wrong.
Oh, you have come out of server.
Charles, log into your server first.
SSH, go to location first.
No, no, no, you have to go to location first.
Simple CD, forward slash CD space forward slash home.
Go to the path, go to the path.
Please log in server into the channel.
Spelling is wrong.
It's home.
CD forward slash home slash student.
CD forward slash home slash students.
Yeah, do it.
No, you can do a single one.
Once again, once again.
Do LS, do LS.
No, no, no, you're in wrong path.
Charles, please be in sync.
Please do LS in this location.
Do LS.
So now what you do is home student.
Do a CD, type in CD space VM.
Type in VM, small and tap, tap.
Enter, yeah, now do SSH hyphen I
space hyphen I, no hyphen hyphen hyphen hyphen
hyphen dash hyphen, yes, I
space now type in the key name key.pem key.pem key.pem
Charles space Ubuntu, Ubuntu spelling UBUNTU
UBUNTU, I'm not sure team.
So Charles, you have to be in sync please.
Please understand the commands.
This is your syntax.
The spelling is wrong.
UBUNTU, B for boy, Ubuntu, add.
Thank you for the typing.
I'm not sure.
Type it, yeah, type it.
Yes, now do a pseudo pseudo space hyphen.
SU, SU, not an SU.
Space hyphen pseudo, yeah, space, one space and hyphen.
Hyphen, enter.
Yeah, now do the curl command.
Http colon double slash and a public IP.
Http double slash, enter.
So it means that something is not done properly.
What I'll run, can you go to do a list?
Do a list, yes, where is the, go to project one.
Go to CD, go inside it, do a clear.
That been clear.
Please go inside the project.
CD, project one, enter, do a list.
Yes, do a Docker space images.
Charles, did you do the hands on of the lab or no, please?
Let us know, Charles, let us speak please.
I'm not sure.
Did you run the commands of the lab?
Yes or no, please.
Okay, type in Docker space images.
Images, Docker space images.
Type it clear, clear.
Please type clear, clear.
C-L-E-A-R, I can't see it.
So now do a VI.
No, once again, Docker build.
Type in Docker build, Docker build, build,
B-U-I-L-E, build, B-U-I-L-E space hyphen T,
T for Tango, hyphen T space, IMG01, 02, IMG01.
You can use any name, okay?
Just type in IMG, yeah, space, space dot.
Yeah, enter, this is me getting pulled.
Wait, yes, now come down.
Have you been clear?
Okay, now, images, enter.
Now do a Docker run hyphen D
space hyphen P, hyphen P space 8080,
no, 8080 number, number 8080, colon 80, colon.
No space, shift and semicolon button, colon 8080,
number 80 space engine X01.
No, no, no, why are you giving space?
You need to immediately recreate it.
Yeah, enter, now do the curl command now.
Use the apparel and the curl command again.
Curl HTTP colon double slash the public IP.
Type in the IP of the machine.
Is the IP correct?
No, can you confirm?
So I give you three machines, which one is locked in?
Can you type in ifconfig, ifconfig, one second.
Can you give the private IP of 172.31.28.2.35, one minute.
172.31, which machine is locked in?
Can you confirm?
172.31.28.2.35, one minute.
172.31, what is the private IP?
131, what do you see the left side?
131, what do you see there?
28.235, 13.213.49.12, okay, in the right machine.
Right machine, you have done some errors,
mischecking, what could be the reason?
So you're just checking in here.
Can you confirm?
Can you confirm?
Yes, do it.
Type in Docker space PS.
Yes, sir.
Can you show me the Docker file?
Cat Docker file, cat cat cat, cat.
CAT, CAT, space Docker file, dcaps.
Type in that.
No, no, no.
Only these capital, this file name.
Press tab, press tab, press tab.
Press tab.
D, capital D and press tab.
Tab, yes, enter.
Let me just check for this machine.
So can you copy the IP in the browser?
Once again, for some reasons,
you see that it is not the port 80 is not going.
So something is wrong and not properly run.
And I did it 8080,
got the next zero one.
Something is wrong.
Let me just check.
I can be 8080, one minute.
Engine X, zero one, all good.
Something is blocking.
So you have two images.
So do a Docker PS FNA.
Do a Docker PS FNA.
I think I've got to create a backend.
Let's see.
Docker PS space FNA.
So this is a mistake.
It's not created properly of the previous ones.
You see it's not getting started.
Okay, now do a Docker start.
Docker start, yeah, first one, the first container.
First container, yeah.
Double click, yes, just copy and paste that, yes.
So this is the answer I can enter.
Yes, now do a Docker PS.
Do a Docker PS.
It's not starting.
Something you have done, it's not starting for some reasons.
Docker start, time is bad.
It's not starting for some reasons.
So do a service.
Service type is service.
No, service.
Service.
S-E-R-V-I-C-E, service, service.
C-E space Docker.
Space start, enter.
Now again, do a Docker PS hyphen A.
Now do a start.
Do a Docker start on the container, ID, enter.
Yeah, do a PS, Docker PS.
It's not starting, something you have done.
Okay, I'm not sure.
So there's some reason is because the container
is not getting started for some reasons.
I'm not able to start it.
Might be you did some mistakes
for creating a container and this.
So let's do something.
So can you do a Docker?
Type in Docker.
Type in stop, stop.
And use the dollar prompt.
No, no, no, don't do like this.
Use the dollar prompt.
Dollar, shift and dollar.
Dollar, dollar prompt.
Yes, then open braces, open the brackets.
Open, no, no, not this.
Normal, normal, not this one, other one.
The other one, yeah.
Docker PS, Docker space PS.
Space, this one too.
Close the brackets, close it, enter.
Yeah, now use the apparel, use the apparel once.
Apparel on your laptop, apparel.
Yeah, instead of stop.
RM, RM and inside, go inside and instead of PS,
use PS space hyphen A.
He let the PS be there, one space.
And after PS, one space and hyphen A.
Space, hyphen, yeah, hyphen A.
Yeah, enter, now.
Now control C, so try and remove all the containers.
Do a clear, now create a container now.
Docker run hyphen D.
Docker run hyphen D, hyphen P, hyphen P, 80.
Space 80 colon 80, number 80.
Colon 80, space engine X, 01.
Yeah, enter.
Now do Docker PS, let's see if this will start.
Okay, okay, I'm not sure.
For some reasons, you're continuing
to go around setting started.
So something, can you open Docker file again?
Something almost, then no.
Do a cat to Docker file.
Okay, or can do a history, please?
Do a history, type in history.
Enter.
Okay, okay, come down.
Control prompt, control C, go clear.
So try to do a Docker PS, hyphen A.
Docker space PS hyphen A, now start it.
For some reasons, not even start it.
Might be your servers or something problem.
I feel.
So Docker start the container ID.
So do a Docker PS, Docker space PS.
Okay, last try, service, Docker restart.
Service, Docker restart, space restart.
So now I'm going to use the same thing.
Do a Docker start.
Docker start command, start and the container ID.
Yeah, do a Docker PS.
Okay, see, Charles, what I understand is
some configurations has got a problem.
So what you can do is you have to remove.
So do an apt remove, apt, apt, apt, apt.
APT, space remove, Docker, Docker.io, yeah.
Docker.io, enter some.
Choose yes, why?
Again, do an apt space, install Docker.io.
Something has gone.
Something has gone.
.io, enter.
Okay, type in clear.
Nothing with a prompt.
Yeah, use the apparel now and again,
create one more container, do a Docker run command.
8080, run the same command.
Use the apparels to go back to the previous commands.
Please use apparels.
Press the apparel.
Just use the press, yes, yes, yes.
Apparel once more, once more, once more, once more,
once more, once more, once more, once more.
Yeah, yes, no, no, yes, press enter.
So run the next command for starting the container.
One second, can you run the command
which is in the chat?
Now run the previous command, Docker run command again.
You can use the apparel and run it.
Use the apparel and run the same command
which you used before.
Yes, enter.
Yes, now do a Docker space PS.
Okay, I'm not sure.
There is something that's happened.
Might be, can you do the second mission
and do the steps from the first?
Yeah, yeah, yeah, the VM two, I've given you.
Okay, so apparently I'm gonna talk about the backend.
Something is wrong with VM something.
Let me check, figure out the break.
Yeah, so can you do it offline?
I'm gonna stop sharing.
Yes, yeah, you can see.
Okay, let me take a control.
Can you all see my screen now?
Can you all see my screen now?
Okay.
In the next topic.
Others, are you able to run this?
Did you all get the output of public app in the browser?
Did you all get the Ubuntu page in the browser?
Please confirm the chat, please.
Sorry, is it your screen?
Gene, correct?
So do a curl, type in curl, curl, no, curl, curl, curl.
Curl, HDP, colon, double slash, yeah,
and public app, public app.
Yeah, no, in the one which is this machine, public IP,
this machine, we need to log in, local host.
Enter, yeah, it's coming.
So it is your public IP means the machine,
the local host in which your machine install,
we're talking about that public IP, clear?
Okay, correct.
So I think,
good now to proceed.
Now next is your lab in which you're able to create
the image and you can go and make changes required
to the location.
It's in this location, you can go and make changes.
Let me do this, please observe.
So now I have a container, for example.
I'll go into the container, docker exec-IT.
This is my container.
Copy and paste in this.
Go to one,
or more, and then I save that.
So now I go to location,
var www.html, yes,
and inside this, you have a file.
So I would say app update, for example,
I want to install Wim editor.
This is trying to play around.
So I'm going to say install Wim editor.
So what are contents were there in the index files
that are going to come up?
I'm trying to modify my own custom.
And so the Wim editor,
and now I'll say Wim index.html.
Now in this file now, I'll go down.
This is my body, the background, all the colors.
So now I want to modify some contents into it.
This is Apache page, see this?
This is heading, which you're getting it.
So the contents are coming from this page.
So I'm going to modify this to some other context,
just say test, yeah.
And I'm going to save this file.
So I'm talking about line number, which I'm updating.
In here, and I save this file.
I'll take a tool.
Let's keep this setting.
on 2024-12-16
language: EN
WEBVTT
and space hyphen hyphen help. Let's you know what is this command and how to use
the command.
Yeah, so use any command see how to browse or look into the help options. So
every command we have a help and using these options you can work to create
containers. So every command you want to know what is for images what are docker
images for example you can say docker space images hyphen hyphen help and let
us you know this is for to list the images you can use this commands docker
image list docker image list docker images and these are the options. Let's
run one more command type in docker space info type docker space info press
enter. You run it observe the output so docker info gives you a client portion
and this is your server portion it says what is running containers version the
logs architecture all the information about your host network logs form and
you see the directory of docker the configuration the 1gb of the server. Now
let's go to this location so go to the docker.
var lib docker and press enter and do ls so this is where you can see all your
configuration files of docker. I ran this commands. So ran in the command of docker
to see all the docker commands you can use a help you can see docker info using
which you can find in the complete details about the client and server
components and under var lib docker you can see all your docker
configuration files. So if you download any image it will go to this location
any volume will go to this location default. Okay any questions team are we
good? Now let's do a lab one more lab in module one labs we're going to lab two
in which you are going to work with want to create container full images so I
like to explain this lab first we will pull in the image of docker enginex will
observe how it pulls and then we list the images which is pulled by your docker
images and then we create a container from it
how we can create some files and how you can do some basic operations in a
container the first part are you good the first part everyone the flow yeah
let's start so clear first command docker pull in the next
another command this would go ahead and download the latest version of enginex
yeah good good charge you're good everyone are we good okay so now what I
do is I would say docker space images so this will show you the repository from
which you could create it yeah question that name image ID and this image was
updated two weeks back in Docker help by Docker the next step to create a
container from here so I'd say the different options so I'd say docker run
hyphen D and the reforming and colon the tag name is an optional tag name
optional latest one you can also skip it or you can type it like this now press
enter okay create a container now everyone Docker run is there in Docker
do a control C do control C do control C yeah one second yeah one second what
into it for logging on to it
doctor exec hyphen IP the container ID or the name
copy and paste it and then you can mention the shell so the next we use
different shells bash with such other shells so in here and now inside the
container you can see that it is your host name of the container now how do
you confirm that this is your container so this must have all the application
files so you can explore so you can use a fine command for example in Linux fine
this is an observation and I can say I want to find the contiguous files I do
a fine you see that I'm able to see the contiguous file some first cannot be
teached can I see other file for example I might want to work on index or HTML
and it is there you see that whatever your application you require is already
available so now we understand that containers properly created for you so
you have to go and find so you see a file so now can you write something so I
can write some sort I can print I'm able to do a file and I can see the file in
here can I make some changes so I can use
so whenever you want to install anything in a container first to update and now I
want to install them editor for example I say install them edited from modifying
your data I would install so I can open the same file I'm writing something
some of the XT and then you can see the text just play around
the player what you want to do in a container you can do any of your
operations so I just get a small file and I put some contents into it yeah
play around in the container what I want to do get a file try to put in some
big X into it we all know how to use BIM editor
do we know how to use editor tools
everyone
any questions
okay yeah so press I press I on your lap yes put some type in some yes now press
escape others please observe press it for a save this file press escape on
your laptop colon colon wq escape colon wq quicker escape button first is escape
colon wq sorry are you with me yeah now so do a cat command do a cat of the file
name cat in the file name the cat type in cat remove this go back backspace
do a cat cat no no you're doing something wrong okay type the file name
space space example dot txt enter no no you're doing something is wrong can type
an exit here a press colon yes now again can you login login to a server
can you do a pseudo su- sudo is hyphen sudo su- sudo su space hyphen yeah
enter type in Docker type in Docker and press enter now just type in Docker no
hyphen okay fine so now can you do a be do a Docker PS remove this I'm not sure
adding those yeah yeah remove those additional characters remove those use
the backspace type in Docker space PS no no hyphen yes yeah now type in Docker
type in Docker exe see easy easy yeah see see what chance space hyphen IT hyphen
IT T for tango T for tango a Tom not D T yes space copy the container name or
the ID you're not copying properly you're missing it is right click slowly
okay I tell you how to copy it one second one second yeah yes highlight on
it no no slowly please so can you highlight on your container ID below
that okay now what what you do now is below the container ID okay space space
US space bash B SH enter now typing clear this type here now type in VI VI
or just press Q escape colon you're not sure I think you're not able to use
speaking now okay do a can do a control see yeah type in clear type in clear
yes now what I'm gonna do do a PT space update yeah space update this is come
and give the document yeah next you say a PT what I want to want to you can
either use a PT or a pity have and get what I say yes space a PD space install
that install space them VIM and now we can say them VIM space example dot enter
I just yeah type in some content
escape colon WQ escape so team to save the file once you enter it yet you use
escape colon WQ and press enter type whatever you want
press escape then colon WQ to save and quit so I think you're not able to can
you mock mark can you make a small or something I'm not sure how do I take
control so do you have an option to me to give control to me they are control now I
have no I don't have control I don't think you can do it let's check okay
now we're pro I did that don't but I get the terminal how will it I need to
get access to your session I'm not sure how does it work for your machine and
inside this an option to controlling here I think I'll show you once more
please observe at my end yes yeah don't cat yes yeah yes okay let me show you
again please observe my screen I'm going to it see for example if you want
a file I have to use okay I go inside you want to write something I press I
you see insert mode now I can I can make some changes area please observe I press
the file may changes they're going to I once you're done press escape the I will
go away then press colon WQ and press enter see the file do cat and the file
name we have to see the file contents okay let's see how many are good in here
yes June yes okay critical file now APT first APT space update APT space update
yeah space update and the install them APT hyphen get install them now them
VIM you can give a different name that's fine forget of the same name you
something no I think when we missed it before make it some other name test dot
something some of the name test or whatever you want yes okay enter this I
is put some content stuck in the previous one to do different or because
like an error so do something new file yeah escape does escape on your laptop
on a laptop in this case colon shift and semicolon yeah WQ QQ
present it again present escape colon WQ yet enter now do cat and the file name
do a cat and the file name cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat cat
wq w w type in wq q for create quick enter enter yes yeah now do the correct do
please be comfortable on these commands okay last one let's see for what's
happening whose spin is this CK what happened you can go see all righty yes I
repeat again you must be comfortable in using BI and Linux basics because
without this very difficult for you to the hands-on yeah so please look into
these commands in case your time the evening just practice this you need to
have knowledge of how to use this yeah so now I'm the container so to come to
the container you have to press control pq in the same time so you want to be
back to host press control pq control button pq control this V and Q all these
from if you don't can create a repository in Docker Hub they can create a
repository given name and click on create and for once you're done these
access hub.docker.com in your browser up dot Docker dot com and create a new
report and form once done are you doing it team I don't see screens are you do
it doing it a repo in your Docker Hub is confirmed access hub.docker.com and
get a report that we and confirm once you're done the chat please confirm
because I can't see this my data didn't for me your browser confirm what
create a repository click on click on create a report given name yes and
create click on create to confirm one this is done others so now the repository
no no what the name we gave before you are not done it properly you're not
coming to problem Docker commit you did you not mentioned can you go up again
use the apparel please use apparel use apparel type type in apparel use apparel
in the prompt yes yes yes yes once more once more not just come at once more
for Docker commits slowly go back to Docker commit command Docker commit
paste the type in Docker space commit type in other events type it Docker
space commit space submit yes space the container ID paste it that a three five
the a three five yes yes yes paste it don't present that way so now give a
space space IMG zero one IMG zero one hello one press enter present now run
the tag command again the same which you ran before just run this attack command
again yes now do a Docker space images yeah okay are we good you said top one
the first one first one is what has been tagged okay others are we good I think
chance is stuck somewhere okay change your good let last one is gene you're
good and we also talking about CK when CK is good yeah so now how do you push it
let us see the learner syntax so now if we do a docker push and see the help of
it do a docker push and see help of it and see a syntax so it says docker push
and option in the name tag yeah so it means that you can use the same
command is for your tag and just mention the destination so you can say docker
push
and give your destination location so docker push space your report colon the
tag name so it asks for authentication and for much just do something like this
okay it's good okay I'll tell you what to do next now what is
give your username which is signed up for a docker hub use the username and
enter the password of a docker docker of account and press enter so
authenticate by using docker space login and then execute and then do a push now
it must push in the contents from a local to central
yeah good so now refresh your repository refresh your repository and you must be
seeing the image in here and if you want your colleagues to pull for example we
can go to tax tab and you see tag name and you can give it your colleague for
mine so this is mine copy if you want mine you can pull it and get a container
from it yes let's see can I do this try to pull others in exchange and see the
image and try to get a container from it and see if you can see it yeah try to
yourself let's see I want you to pull my image get a container from this image
and see what is there in my example dot txt please experiment I want you to do
yourself I wouldn't then do chance now go back to your repository in a docker hub
go back to docker hub browser and see do you refresh it do you see the image
there yes yes so now my next quiz can you copy mine and try to get a
container from it I want to pull my image and give the chat history run the
command and try to get a container from it do a do a clear see you did not mean
always in very live docker just type in CD and CD press enter yeah yeah now try
to copy what I can attack the chat I've given you will command full mine run the
command
copy and paste the command I'm not sure why I think everything manually you're
not even copy and paste how come it must work others okay okay I'm not sure it
must work others I have to copy and paste from your chances to be okay
experiment the next one yourself let's see okay once in docker space login
first I'm asking you to log in once again do a docker space login authenticate
okay okay sorry sorry one second once again I think I gave a wrong name sorry
sorry my mistake once again my mistake this can form no you type in manually
sorry my name is wrong see the spelling take an hour gradual up so I thought you
copied pasted spelling is wrong okay play around yes I'll be good I'm getting
the concept of how to work with containers okay now download this is
full screen is this machine right now it is June June you're good now so what do
you do is so now you're inside my container correct so now do a list do
a list you're already in the container right now well as seven LS LS not even
type it what happens re long into it okay our team this is how we get started
the last command so we can also create containers in different methods so this
is one more method but I can get a container and I'll be into the
container that's an example so example you want to get a container I can also
use like run hyphen IP give the image name colon the cat name and the shed so
this get a container I'm inside it there's a run hyphen ID so now if I come
out of it do a docker T as you see a new content got created so docker run hyphen
IT is a method in which you'll get a container and you will be inside it it's
a container and then you can do LS example dot XT and you can see my files
that's all going to do that your end okay are we good yes you're good June so
now do a cat of example dot XT no no no you already in a container please
understand the run hyphen to all you contain do a LS do LS please you know
yeah right click paste okay type it copied properly once more you just need
to highlight what you want to copy yeah it's copied
enter no no no sorry use again a pattern use a pattern yeah colon colon then
delete dot yes zero no zero zero point two point two and let's do the documents
here tag name the tag name so now refresh your browser go to your browser
in Docker Hub do you see the image yes this is our view work are we good okay
okay team this is in brief about the first one any questions okay I'm getting
idea about how do you log into container how do we do the operations any questions
are we good I think this control so that you can proceed okay okay that's what I
see understand any next the next one let's continue I also want to understand
what time is your preferred lunch time what time you prefer a lunch break or
you normally take a lunch break now or you take the lunch break after class I'm
not sure how does it work there then get you so you want to break date time team
everyone please I request here each one let me know when you want to complete
after 30 minutes from now or right now when you want that's my question they
like it 1230 you want 1230 okay so is it okay we can give a 30 minutes break for
lunch break for that to 1 o'clock is that okay or you need more time for
lunch break just masking how will how is their work with that image be good for
you all so if I say 1232 1 p.m. would be good yeah confirm by using a
thumbs up so that we are beyond this everyone didn't get you you mean you
mean to say you need more time yeah that's asking you that's why I'm asking
how was it open how much time you require you need one hour or 45 minutes
or 30 minutes okay okay others are we good okay but we are because what is
happening here is you're not able to do the hands-on quick quickly so we are
let's continue and then take a break now what is dr.
piece of all the contents so tomorrow if you want to create a file so are you
aware of any languages like Python or Java do we have programmatic language
anyone in here do you know Python or you know Java or you know C sharp any
program languages yes no you know C sharp so how do you write in your own
contents so we create a Docker file be a Docker file and then you can mention
from where you want image you can mention who was the owner of it you can
mention what you want to install where is the path of your application you can
mention like for example you create a file called a Docker file and this use
case is easy it here is to create your own Indian X configurations so in this
folder so you create a folder for example CD project one and in this folder you will have a
Docker file you also have some files like in the next dot-com you will have
all these things in your local machine in the folder directory and then you can say
that I want to copy this file to this location a container so into whatever
files you want you to copy to a folder and you can say add this file in the
present directory to your containers like this you can also call in some file
which is outside in the internet or internet to be copied so we use add or
copy to copy the files and we just command an entry point to refer some
parameters to be run so like this you update all the these are instructions
these are the arguments so this could be OS of open to it could be your CentOS or
it could be dotnet or this could be JDK anything you can use or nothing is very
conscious scratch scratch means it is from a blank image so from is to define
some base it could be own images or could be a dotnet it all depends on what
exactly you are trying to create but in the next I require a minimal OS file so
based on your requirement you have to use appropriate instructions and the
arguments and like this mention which port number so once written all these
things you run it so how do you run it to create a build image you say docker
build and give a name he means tag name and you want this name for the image
which you are building space dot so it means that you're trying to run it in
the present work in directory so when you run this you're running as a client
now the request was to demon now demon would look in for a file named as docker
file it will go some file surface so I could docker file in the dot it means
the current work in directory it understands that the docker file and
whatever was there in the docker file lines those would get executed the first
time get executed so the first time would have some output it will create a
container and the second line if required can use in those containers is
all does it for temporary and the end it will build your image so every line would
executed it will have information cache means like a temporary storage the other
layers would refer those temporary layers get the information and use of the
information what is defined in those temporary layers it will and then it
collectively create a image and it says the image is spelled and then once you're
done you can say docker space images and you will see a new image robot create
so mkdir project one example and go inside it CD on a host and now you want
to get own docker file in this location so this is going to have these variables
and we're going to start your app so we are trying to create your own container
and these are the lines so copy so say as vi docker file these caps
small vi space docker file and give the check copy this contents and paste it
copy this contents and paste it
copy and paste the contents let's see they have to paste it everyone
okay yeah then colon the same process escape colon wq yes Charles you know
to copy it chance once again we are yeah same use after we had a profile the same
remove this do a backspace your backspace yes now press I now go to a
chat history and copy the contents or you can copy from your document also
copy the contents have you copied yeah please right click exactly on the where
exactly on yes yeah right is paste not not in properly go back backspace remove
this remove this which will have a copy let me can you share screen using your
from zoom share screen the option share screen directly
developing give access so which are using because okay I don't see it I just
see your name I don't see a screen stash area please share screen in zoom yeah
okay it's coming up yes now right click copy the content the chat is your chat
we have some contents or in document can you go to word document let's see how
we're copying it please show me how very copy please now pay backspace
remote delete could you delete this I mean not audible is it because others
can you so can you go the document child please that chance we need help I mean
you need to do quickly could you go to the word document if you're complete
child sorry I can't I can't understand you so can you share your complete
screen document of a lab yeah please first click enable you see
once again click enable edit the top yes now you can copy till now you're not
able to copy because I enable anything getting it yes now you'll be able to
copy it's not getting copied before because you're only in you get it now
right click this space okay use backspace backspace but to word document
right click right clicking here please click on copy I'm not really copied
now copy from again copy from here copy the contents yes now go to your
terminal click paste what are you doing right just right click okay
come out of this file come out of this file escape colon WQ no no escape colon WQ
enter I'll do a VI again use the VA again we have the same yeah enter I yeah
right click and paste okay I'm not sure this okay can you someone help them
help them what what the problem okay maybe it is not allowing to copy from
your office laptop or something restricted okay so can you proceed in
yeah is it done
this confirm are you because image okay fine thanks the next step is we might
have to open some ports in this checking to open a port let me log in once again
go into Amazon and I'm going to give access for the ports
so this is what the background service is trying to go inside and you have all
the VMs running in here okay so now let's see the traffic I just want to
check in the traffic is being allowed for all the missions okay so it is that
one minute I mean this modify the screen is not getting shared okay let me share
my complete screen after you have finished in this screen the screen on
visible okay okay so logging to this one I'm checking for a port to be given so
that you can do the hands-on just trying to enable a port for you all just give
me a minute I click on this you're looking Amazon your work on Amazon so
I'm trying to modify security group so that I can afford 80 just trying to
modify so that you can all do the output okay I'm trying to open all ports so
that we can quickly do the hands-on making all traffic can make it all
traffic okay now you do it let me add a rule for SSH this is 22 and we add one
more rule for HTTP which is port 80 okay I am I'm not able to do it I think I have
to modify the break into the backend so so now I do it like the port I'll show
you how to modify this offline so are you able to create a image till now
everyone the image is created the next yeah the next step is I'm trying to
expose it outside world port 80 and we're not able to see because the port is
blocked yeah so on port 80 so what you can do is right now you can do a curl
so do a curl the public IP so do a curl the public IP in a browser so curl and
the IP address 18 139 and 250 dot 99 and this must give you the phage so the
port is blocked in the break I'll let you know I'll enable the port must be
able to see the Apache page understanding the lab so it is go to
this location and gives the content what is there inside this as a website so a
simple example about how you can create a container and how you exposing the
container to outside world this port is blocked right now in the break I'll work
at the backend team and have the port to be enabled and you will be able to see
your website I will clear a small example about how we can get a own Docker
file and you can create and see the contents of the website yes no okay are
you all able to do till here everyone this step the last will not work I'll
explore in the break I'll have it done any questions any questions Jean Charles
and others are we good okay so we'll take break now and after break I'll
ensure that the port is enabled we also see the output in the browser so break for you till
1 15 p.m. okay or you want to come early
break till 1 15 p.m. thank you
now you have done it hi sir hi sir we have to modify the ports we are very
restricted access no when I go to a model security group is allowing me at policy I
cannot do it I can't even one more so let us make it all traffic something
so my because these people are not very good in Linux okay everything so very
difficult for them to allow even one port also so okay if you can modify
wherein security group with all traffic it will be helpful for me to install
everything yeah yeah thank you I'll wait for you then a break now yeah
everyone confirm as you're back from break you can use group chat good others
just confirm okay so in the break what happened was I informed the back-end
team update the rules in the break I informed the team to update the rules so
they were added all traffic it means all ports are allowed right now now when you
try to access the public IP of your mission the browser so you can say and
pay the public IP in the browser you will be able to see this confirm is
confirmed able to see this in the browser and you can also do a curl and
you will be able to see that website coming in the contents in your local
browser you can see could all confirm please let me see his browser screens
are here in
yeah do a curl HTTP colon double slash and the public happy in your terminal
you may have to see this could you all shown this output let's see do this
curl HTTP colon double slash and the public happy good good
charge a curl type in curl curl once more please space HTTP HTTP colon double
slash yeah now righty every night be 13 2 1 3 the IP right he's come from and
type it something is wrong so you come out a server chance log into your server
first SSH for the location first no no no therefore location so you can be
simple CD forward slash CD space forward slash home the path for the path is
login server into the setting is wrong this home CD forward slash home slash
one that CD forward slash home slash students yeah do it now you can do a
single one one second one second do a list do a list no no no you're not
part charge please be in sync please do a list in this location location so now
so now do a VI now once again Docker build not type in Docker build Docker
so I give you three measurements in lock-in can you type in if conflict if
conflict one second can you get the private at the one son into 31 28 to 35
one minute 172 31 once on it to 31 28 to 35 one minute 172 31 what's the
private IP 131 what do you see the left side this
one 30 31 what do you see there 28 to 35 13 2 1 3 49 12 okay in the right
mission right mission you have done some errors this checking what the reason
the capital D and press tab tab yes enter for this mission so can you copy
the IP in the browser once again for some reasons you see that it is not the
port 80 is not going so something is wrong and not properly one one
hyphen a to start do a Docker start on the container ID enter yeah do a PS
Docker PS it's not starting some thing okay I'm not sure so the some reason is
because the contain is not getting started for some reasons I'm not able
to start it might be you did some mistakes for creating a container and
this so let's do something so can you do a Docker type in Docker type in stop
stop and use the dollar prompt no no no don't do like this you the dollar
prompt dollar shift and dollar dollar dollar prompt yes then open braces open
the brackets open no no not this normal normal not this one other one another
one yeah Docker PS Docker space PS face
close the break it's closed it enter yeah now use the apparel use apparel
once the panel on your laptop apparel yeah instead of stop RM RM and inside go
inside and instead of PS use PS space hyphen a he let the PS be there one
space and after PS one space and hyphen a space yeah hyphen a yeah enter okay now
now control C so trying to remove the containers do a clear now create a container
now Docker run hyphen D Docker run hyphen D hyphen P hyphen P 80 space 80
colon 80 number 80 colon 8 0 space engine X 0 1 enter now do Docker PS
let's see this is a start okay okay I'm not sure for some reasons you can do
more sitting started so something can you open Docker file again something
on this ten now cat do a cat to Docker file okay or can do a history please do
a history type in history enter okay okay come down control prompt control C
clear okay so die to do a Docker PS F&A Docker space VS hyphen a not started for
some reasons not in started maybe your servers or something problem I feel so
okay last last right service Docker restart service Docker restart
Docker start command start and the container ID enter yeah do a Docker
PS okay see charge what I understand this some configurations is got a problem so
what you can do is I had to remove so do a apt remove APT APT APT APT space
remove Docker talk about I know yeah Dr. I dot I enter some quantity choose yes
why yeah again do a APT space install Dr. IO something is going to go into
okay type in clear nothing with a prompt yeah do use a pair of now and again
create one more container do a Docker run command 8080 run the same command use
the apparel to go back to see the previous commands please use apparel
there's the apparel just use the press yes yes yes up there once more once more
once more once more once more once more once more once more yes no no yes press
enter run the next command for starting your container once again can you run
the command which is gonna chat and now run the previous command Docker run
command again you can use apparel and run it by us use the apparel and run the
same command which used before this enter yes now do a Docker space PS okay
I'm not sure there is something has happened my machine and do the steps
from the first yeah yeah yeah yeah the VM to I given you okay so apparently I'm
going to talk about the back end something is wrong this VM something let
so using Docker compose you create templates and you can reuse the
templates for different environments so example now if we go to contents we're
talking about the lab and you simple lab black for this may use case so I have
two containers running on so host me node means on your host machine I have to
contains WordPress and my secret and I want them to work together and I also
have a data dessert container for database I have a storage on my host so
even if I lose my container I can still have the data on my forced yeah so
whenever you have something like this and we have multiple containers you want
to work together then you talk a compass for this I do install Docker compose is
Docker install and we can for Docker compose push and then what I do was create
a WordPress folder and inside that get a yaml file and I will call out the
details of both the version of your Docker compose file services and first
defining my DB details which DB all the information and we also define volumes
sorry
please speak out oh okay voice problem okay so I've stopped my bandwidth for
some reason because using so much of bandwidth we also having labs the
meeting mode bandwidth I've stopped my webcam okay okay did you understand till
what I explained till here everyone okay let's go step by step the first can you
all open the document of laugh for open lab for document the done now go down
and run this command copy this complete command is going to download Docker
compose software for a terminal be under CD I've been CD he's been a default once
and paste that command paste it
and leave it it'll have something like this
and now you want to run this command copy and paste
now let me know the Docker compose version
confirm the Docker compose version once you're done the steps two commands first
one is for look at this in the chat piece what a version you see in the chat
everyone 28.5 okay others okay so this is how I'm installed so what happened in
here this command downloaded the Docker compose software from this location
based on your architecture so your name is a command in Linux to give you the
kernel details so based on your OS it went ahead and download the software
into user local bin Docker compose location and it does not have execute
permissions so we give execute permissions and hence we able to see
Docker compose now type in Docker hyphen compose and press enter type in Docker
hyphen compose and press enter now these are the command which you can use for
Docker compose you can use build config create down even exec all these are the
command which you can use for Docker compose yeah so now create a directory
so create a directory for WordPress for example or word simple get a new
directory mkdir space word go inside this CD word and now copy the YAML file
and after copy it go back to doc and remove the double quotes and manually add
the double quotes is it done okay I'll be aware of how to use YAML you work on
YAML or no have you used YAML before or no anything is okay if you want to use
YAML file let me talk very brief so and when you go to contents in module 1 I
give you YAML so YAML is a language like JSON using which you write in the
configurations so YAML is for configuration language so we can use XML
we can use JSON the latest one is YAML the YAML would look something like this
so example you want to write YAML this is how you write XML this is how you
write JSON and this is how you write YAML in YAML you'll be having a heading and if
these all belong to same level P one space and value key one space value key
one space value write something like this so all of a key value press using
arrays it looks something like this actually it looks something like this we
have to write something like this in YAML Docker compose requires YAML
and indeed this is wrong because in an issue strong so to be very careful in
the nation so with like this is what the YAML looks so this now going to your
document to copy to a notepad let me explain you what exactly is this
happening is your version number for Docker compose the file version number
double services is a DB service so this will go ahead and download the my SQL
so now I'm going to run this file copy the file run this and run a file in a
file called a Docker WIM Docker compose dot yeah but insert mode and then say I
want to paste it
order on it so now I'll escape colon WQ and then I'd say doctor hyphen compose
up up means run it hyphen D in the background
detached mode so run it it goes ahead and runs all those commands to put the
and create all the variables in the back end
in a container so all steps have been done yeah this observing here so now if
I do a Docker images you see you download the images of Ubuntu and my
sequel and you see also WordPress all this got downloaded and if I do a
Docker PS this will be the containers of my sequel and both places to plot it
so now what they do is the same which I did before instead of 80 the default I
say port number 8000 and you see the applications coming up so front end is
your WordPress if I do something it will also it will have a database in the back
my secret the back yes did you understand the lab everyone the flow
clear the tomorrow if I want to recreate my application I have the
template again I can be run it I can make in some different images
configurations so this is how I can use the same template to create multiple
examples multiple use cases for a dev test and free power yeah please do it and
confirm once you're done such as is working now on a new VM correct
okay some yeah so so be careful when you do something because sometimes
ransom command directly on the force of these it might get corrupted so when you
before on any command be careful before on the commands okay thank you
Jimmy what I don't see a screen not sure I don't see June screen see when they
have white screen for me then what have you reporting a system or something
okay do the lab and some of the lab is done is charge now access the public IP
cool 8000 in the browser HTTP but it will locally also HTTP colon double
slash public IP colon 8000 yeah yeah I'm talking to you so what I'm saying here
today in local host was in here
IP
now I say local host colon it's either you can do public IP or you can say
local host on your local and then say it will not come because work is
going to come up so you can see the browser are they good the lab okay now
let's see some commands so now there are different commands using which you can
work with Docker compose we can use up we can use PS stop locks and down just
play around with this so let's do some operations so now do a Docker compose so
instead of using Docker images I can see all those things using Docker compose so
if I can use Docker compose images so these were created using Docker compose
it also wanted to occur PS but a very specific want to understand what I can
talk to compose you can say Docker compose images I can use PS so I can see
all the information which got created using Docker compose
now for example once the locks of it to a doctor compose and save locks you can
see all the logs of the environment
are you clear
everyone
okay now the next one now let's do it down so what I don't want this now I
want to terminate so I can say Docker compose down
it is stopping your containers now you go and refresh is not that it's gone now
just make it up this up observe it see just make now say up this time it will
happen so quickly because it is having a copy on your host the volume
because it had a copy of the data on this location a copy of the data on your
host under DB underscore data could tell me where would this folder get created
in your host in which location which part we're not in the path where is it
get created anyone the DB underscore data on your host where it get created
in this location
esteem the DB underscore data is going to get in which location what do you
think this is your default directory of Docker with the default directory of
Docker yes so go to location where the Docker and under that you have volumes
and you see this here the word DB data
and under that you will have data keep on going inside
and you see that this is a contents of your container yeah so even deleted you
see that WordPress contents are there inside this contents get mapped this
and if you don't want these contents also you can go to word and you can also
do a Docker compose down you don't want even data in here you can say
Docker compose down I can have volumes determine everything will get terminated
even the data in the back end yeah once I do a down last command the document
I can volumes run it remove everything is that so now if I go to where live
Docker and if I what press you see here but the volumes and the volumes and
don't see the WordPress folder thoughts come so we just make it down you will
still have the data on a host you don't want even that date on the host you need
to use high-frame volumes it will delete the volumes even have a good and
so much you're done and I think John you're good any questions okay good
Charles are you good
Charles yeah because you came out a server you were in your window you have
to log in the server be careful so you have to again do SSH hyphen I the key
and all are you getting it but not inside the VM in which you did your
Docker lab we got it same steps how do you can the issue the SSH hyphen I the
key connect to a server login a server no no no no one space space initially
okay Charles I'm not sure you need help us charge chance you need you need to
let us know where you did you would install Docker which machine which
location okay others are you going to proceed yes John gene I think you're
good done it they're done no you must be in that folder CD type in CD space word
will be in your word folder wherever the Docker compose file is there no no
no CD space word WRD yes the image location where you are
directly in the aml file here in this location now no no once again do LS do
yeah now it will terminate because because it needs to understand the
location of Docker compose YAML either you be in the location or to copy the
path of Docker compose YAML so that he understands okay okay are we good so
whenever you have use case in enterprise in which you have to create or integrate
multiple containers to work together then you need to use Docker compose but
a single host is only create all in a single host
mesh yeah next topic so do you work on networking and volumes everyone do you
work on volumes and storage in your projects yes no yeah yeah in your office
do you work on volume storage generally not Docker other technologies story do
so let me talk about volumes very please now there are different types of volumes
so volumes means a storage so you can have in the storage of the container
like like now with it you can have the story the container outside the
container on the host or you could have on the memory or other one is my name is
something which you cannot share between containers one even one container
and is one need for Docker Linux it doesn't support Docker for Windows so
this is you have in the data outside container on the host memory and this is
one of a temporary and it go don't get additional charges for this because
using memory of the force you don't get additional charges buying mount is
is what right now is our example it will create automatically and that their
live Docker and this is very much preferred because I can use the same
volumes for Windows or Linux it doesn't depend on the file system and I can
easily take backups manage because all Docker base very easy to for you take a
backup if you want to do a list of the volumes all these we can use Docker
anytime you can see what is enough we can do a Docker inspect the container or
a Docker inspect the volume name you can see what exactly the volume details
where we can create all the information the Docker inspect the container name
you see that it has a volume name this well there's a map driver local and the
property so we can create list the same talking about in here you cannot remove
what you're getting use you might want to remove the containers first and then
you can do and we can also run it using the Docker file okay let's look into this
in detail so let's go to Docker volumes so you can see this let me use the
keyboard Docker storage this is your documentation what do you mount buying
mounts gfms mount all these are testing so do you feel that this hands-on is
required for you on volume you feel that it's required then we can do if you feel
that's not required you can skip their labs just for you because I want to
understand it's more important for you all you need hands-on on this or no
please confirm do you want to allow on this yes or no okay okay okay okay fine
but the concept clear we get in theory of it everyone okay assume the record
networking next topic you want to have a break or do to continue the next topic
okay fine now let me now talk about Docker networking so what is Docker
networking so when you install Docker it creates default networks so now example
if I say Docker network LS you see it creates the default networks and the
first network is a bridge second host and none local it means this is used
only within the same machine without networking not across the missions all
these networks are within your same mission and this is your network ID so
now if I say Docker inspect and if I say a bridge now this would give an IP
address you see here 172 17 0.0 because that's 16 so this is the network from
which containers get IP address so all the containers get attached to a
gateway of this bridge the first one would get a gateway and all the
containers will be attached to the same gateway and other container get 0 2 0
3 0 4 like this that is what a bridge network so in default we create your
default networks or in your own networks in a bridge network so which we
so gateway is that connection to a network are we good so this bridge
network gives IPs MAC addresses all these things for your containers and now
when I do a Docker inspect bridge you see that I can see all the containers
listed see one two three I have three containers now and all these three are
connected to the network are we good
this confirm when in doubt you can ask me
now let's do a inspect of a container and say Docker inspect the first container
and you see the content gets IP address it gets a MAC address and comes to a
gateway so this is how what talking about user networking components so
what your bridge network provides any questions you ever feel that not clear
you can ask me because we had to proceed silence sometimes doesn't make me
understand that you're good or not which which format
so Docker space inspect space the container name or the ID
and in that I go and see the network portions
yes so question is can we modify network of network for container is that a
question it depends on your depends on your
organization sometimes they say that if you want to consider default but
tomorrow you might get a requirement that your container application has to
be on a specific network range that is they might ask that you need to have a
container in this range for example getting it so tomorrow then you have to
create a new network and then create a content in that network of 192 yeah if
we don't change the default it gets one time to do this range what I just showed
you but in case you want to contain us in different network then you have to
say talker network create create a network in that frame and then get a
container inside it that's my answer so in default is not required it comes
automatically but still if you want you create it is a defined it will create
something like that actually how to do it also then default it looks something
like this so Docker 0 is the network which does all these in the default and
all these containers they can ping to each other because they all account to
the same gateway so example all these three can ping to each other because
they all come to same network so how do you do it you can check it for example
they are in the same network because they all kind of the same gateway they
have to ping to each other are we clear
yes this is how the default works but sometimes you might want to get a own
network might be you want to contain as different network that's a use case of
the organization so for doing that we create networks what you create networks
by yourself are called as user defined networks so you can create a network by
default you can create a bridge network those are called as user defined
networks let me show you how do you do this so user defined networks is the
network which you create you create a network so example if you want to be
network you can say Docker network create and we can give a subnet change
you can subnet I can say subnet equals like 192 168 dot 0 and you also need to
put the gateway so get here the first IP equals 192 168 the first IP in this 0.1
and then you need to mention network name network 1 so what will happen the
clear network name network 1 with this subnet and this gateway then I can
create continuous network let me show small example so to get more networks I
network is created how do we confirm I do a Docker
network LS let me make this form become much more bigger
are you able to see clearly the font is good make it bigger still for the 16 I
can make it to 18 and so okay so do network are created so I can now do a
Docker in spec network one and you see it got IP in this range yeah so what if
yeah so we can create any networks any range and get contained and these are
so now if I have two networks right now in your host can this and this
communicate now this is my machine which have two networks this is network one
and this is network two but contain in this C1 and C2 can they communicate and
they ping each other what do you think in before session clear everyone please
try to answer a two networks network one and network two can they communicate
each other yeah and networks so in case if you want to allow them to communicate
we have to use something called Docker network connect so you can allow them to
using Docker network correct wherein you can mention that you want this
container if you have C1 and if you have C2 and C3 for example in this network
you can say to connect C1 to these so once you say this C1 would get a
secondary IP in this range so you say Docker network connect C1 to this
network network one the C1 would get a secondary IP in this range and they can
connect to each other so what I'm saying let me explain and this is my host
machine right now and I have two networks network one and I have network
two I have two containers in this C1 and C2 and I have C3 and C4 in this
this network range is 192 168 0.0 star 16 and this network range could be
something like this these two from this they communicate but this cannot
communicate with this because we don't have a network but my use cases can I
communicate from this to this yes you can do it for that you say a command
Docker network connect you cannot mention the complete bridge bridge
you have to mention the container in C1 and say that I want to connect to network
to rather than this command once you run this command C1 would also get an IP in
this range so it'll have a secondary IP in this range of C3 and C4 and C1 C3
okay example they're just in tax so the syntax says you have to use a net one
network other side container I cannot mention both network names
getting it yes yes yes I can mention one container other
net he doesn't have a lot network in network there's a communication so so
what will happen this container will get like me in this and then we can connect
it okay now I want to play around take some time do a lap seven first yourself
the lap seven in which you create a network lay around the lap seven first
and then we'll do a lot or if you're good at laughing you can add a lap eight
are you good with basics do you understand what it is remove you okay
on 2024-12-16
language: EN
WEBVTT
You need not even have the image name.
Image is not required.
One more space, delete it.
No, no, no.
Not required, not required.
Delete one space, delete one space.
Yeah, press enter.
So now wait for some time.
It's going to push this image.
Every layer getting pushed.
Now go back to repo and check if you see, refresh repo and do you see a new image?
Please confirm.
Yes, yes, yes.
Copy the complete after gene, copy from gene.
Copy and paste from gene.
Yes, enter.
Yes, now refresh your repository in your Docker Hub.
You will be seeing a new image now.
You see this?
Refresh.
Yeah, yeah.
So it means that others can start using the image which you tested.
Yeah, it's a simple process.
So we were able to create an image.
We saw that it worked in the browser and we shared with others.
Others can start using the image.
This is how enterprises, your SMEs would create an image and give access to you all and then
you start doing the same.
Yeah.
The last CK.
Are we good?
Okay, okay.
A team.
So in case you feel that it's taking more time in the lab, you can also observe mine
Paste it.
And leave it.
It will have something like this.
And now you want to run this command.
Copy and paste.
Now let me know the Docker Compose version.
Yeah, confirm the Docker Compose version once you're done.
Two commands.
First one is for paste in the chat please.
What version you see in the chat?
Everyone in 8.5.
Okay, others.
So this is how we install.
So what happened in here?
This command downloaded the Docker Compose software from this location based on your
architecture.
So your name is a command in Linux to give you the kernel details.
So based on your OS, it went ahead and downloaded the software into user local bin Docker Compose
in this location.
And it does not have execute permissions.
So we give execute permissions and hence we're able to see Docker Compose.
Now type in Docker-Compose and press enter.
Type in Docker-Compose and press enter.
Now these are the commands which you can use for Docker Compose.
You can use build, config, create, down, events, exec.
All these are the commands which you can use for Docker Compose.
Yeah.
So now create a directory.
So create a directory for WordPress for example.
For Word, simple.
Create a new directory.
mkdir word.
Go inside this.
CD word.
And now copy the YAML file contents in the document.
So copy the contents to first to a notepad.
Copy this to a notepad.
It looks something like this.
Let me explain.
See the double quotes?
Could you please remove the double quotes?
Word can then copy like this from the terminal.
So copy it, remove it and add the double quotes manually.
Copy the YAML file contents from version.
Fill the end to a notepad.
Till here it's supposed to copy.
And after you copy it, go back to Docker and remove the double quotes and manually add the double quotes.
Is it done?
Okay.
I'll be aware of how to use YAML.
Do you work on YAML?
Or no?
Have you used YAML before?
Or no?
Anything is okay.
If you want to use YAML file, let me talk very brief.
So now I'm going to run this file.
Copy the file.
Run this.
And run a file in a file called a Docker WIM Docker Compose dot YAML.
Go to insert mode and then say I want to paste it.
I want to run it.
So now I'll escape colon WQ and then I'll say Docker hyphen Compose up.
Up means run it hyphen D in the background, in the dashboard.
So run it.
It goes ahead and runs all those commands to pull the images of your MySQL first.
It runs it.
Then it will install your WordPress as per the lab depends on.
And it will create all the environment variables in the backend.
In a container.
So all steps have been done.
So now if I do a Docker images, you see it download the images of Ubuntu and MySQL.
And you see also WordPress.
All this got downloaded.
And if I do a Docker PS, it will show you the containers of MySQL and WordPress.
It says 8000.
So now what I do is the same which I did before.
Instead of 80, the default, I'll say port number 8000.
You see the application is coming up.
So front end is your WordPress.
If you do something, it will also have a database in the back MySQL in the back.
Yes, did you understand the lab?
Everyone?
The flow clear.
Tomorrow, if I want to recreate my application, I have the template.
I can again rerun it.
I can make in some different images, configurations.
So this is how I can use the same template to create multiple examples, multiple use
cases for a dev, test and free trial.
Yeah.
Please do it and confirm once you're done.
The charge is working now on a new VM, correct?
Okay.
Some.
Yeah.
So, so be careful when you do something because sometimes ransom command directly on the host
or these it might get corrupted.
So when you before any command, be careful before on the commands.
Okay.
Thank you.
Jimmy, what I don't see a screen.
I'm not sure.
I don't see June screen.
I see when the white screen for either.
Okay.
What happened?
You're reporting a system or something?
Okay.
Do the lab.
Confirm when the lab is done.
Yes, Charles.
Now access the public IP, cool 8000 in the browser.
HTTP.
I can do locally also.
HTTP colon double slash public IP colon 8000.
Yeah.
Yeah.
I'm talking to you.
So what I'm saying here is now.
Now Google has access HTTP.
slash public IP colon 8000 on your browser or on a local machine.
And do you see the work classification?
This is something that is.
So if I say the public IP minus for example.
Local host also.
The name local host also in here.
Okay.
IP.
IP.
Now I'll say local host colon.
So either you can do public IP or you can say local host on your local and then say
it will not come because the word doesn't come up.
So you can see the browser.
Are we good?
Okay.
Now let's see some commands.
So now there are different commands using which you can work with Docker Compose.
We can use up.
We can use PS.
Stop.
Locks and down.
Let's play around with this.
So let's use some operations.
So now.
Do a Docker Compose.
So instead of using Docker images, I can see all those things using Docker Compose.
So if I can use Docker Compose images.
So these were created using Docker Compose.
It also shows a Docker PS.
But to very specific want to understand what a Docker Compose.
You can say Docker Compose images.
I can use PS.
So I can see all the information that got created using Docker Compose.
So now, for example, once the logs of it.
Do a Docker Compose and say logs.
You can see all the logs of the environment.
Are we clear?
Everyone?
Now the next one.
Now let's do a down.
So I don't want this now.
I want to terminate so I can say Docker Compose down.
It is stopping your containers.
Now you go and refresh.
It is not there.
It's gone.
Now just make it up.
Just observe it.
See, just make it now say up this time.
It will happen so quickly because it is having a copy on your host.
So what do you do?
Because it had a copy of the data on this location.
A copy of the data on your host under db underscore data.
Could you tell me where would this folder get created in your host?
In which location?
Which path?
We're not in the path.
Where does it get created?
Anyone?
The db underscore data on your host, where did it get created?
In which location?
Testing the db underscore data is going to get in which location?
What do you think?
Which is your default directory of Docker?
With the default directory of Docker?
Yes.
So go to the location.
Where?
Left?
Docker.
And under that you have volumes.
And you see this here the word db data.
And under that you have data.
Keep on going inside.
And you see this is the contents of your container.
So if you delete it you see that WordPress contents are there inside.
Contents get mapped.
And if you don't want these contents also, you can go to Word.
And you can also do a Docker Compose Down.
If you don't want even data in here, you can say Docker Compose Down.
I can have volumes.
Determine everything will get terminated.
Even the data in the backend.
Once I do a down, last command the document.
I can have volumes.
Remove everything.
It's done.
So now if I go to where?
Docker.
And if I WordPress.
You see here.
Go to volumes.
And volumes I don't see the WordPress folder.
It's gone.
If you just make it down, you will still have the data on your host.
If you don't want even that data on the host, you need to use hyphenate volumes.
It will delete the volumes even.
Are we good?
So much you are done.
Okay.
I think John you are good.
Any questions?
Okay.
We are good.
Charles are we good?
Charles.
Yeah because you came out of server.
You were in your window.
You had to log into server.
Be careful.
So you have to again do SSH hyphenate I the key and all.
Are you getting it?
You are not inside the VM in which you did your Docker lab.
We got it.
Same steps.
How do you count the initial SSH hyphenate I the key.
Connect to the server.
Log in to the server.
No no no.
One space space.
Initially after SSH.
H space one space.
Yeah yeah yeah.
I think.
Okay.
Now pseudo su hyphen.
Pseudo su su.
Pseudo space su.
Su.
Space hyphen.
Hyphen.
Enter.
Now do LS.
Check whether you have word folder.
LS list.
Enter.
Where did you create the word folder?
Which location?
I think it must be in project one.
Go to project one.
I think it is there.
Enter.
Project one.
YS.
Enter.
Where is your folder of word?
Where did you create it?
I didn't get you.
Why are you again doing it?
Others are you good?
Your next topic is you are looking different folder.
You are looking different folder.
Doing a wrong.
What is the word folder?
We created it before.
It is not there.
Create one please.
MKDIR.
MKDIR.
MKDIR.
Space word.
Can you confirm?
No word.
Any name.
Can you confirm Docker Compose?
Install Docker hyphen compose.
Type in Docker hyphen compose and version.
Hyphen.
No space please.
Not here.
After R.
No space.
Hyphen hyphen version.
Space.
One space.
Hyphen hyphen version.
Where is Docker compose?
I am not sure.
Where did you create it?
I don't know.
Where did you install Docker compose?
Can you type in exit?
One second.
Type in exit here.
Type exit once.
Only once.
Please type in exit.
EXIT.
Now run the command Docker compose hyphen compose hyphen version.
Enter.
Yes.
Where did you create all the Docker version before?
Check the Docker version.
Check Docker hyphen version in this location.
Charles, we don't understand.
Charles, where did you install Docker?
In which location?
Do control C. Type in clear.
Charles, I am not sure.
No.
I am not sure.
I am not sure.
Okay.
Charles, I am not sure.
You need help us.
Charles, Charles, you need to let us know where you installed Docker.
Which machine?
Which location?
Others?
I will go.
I will proceed.
Yes, Joan.
Jean.
I think you are good.
Yeah.
Done it.
Is it done?
No.
No.
You must be in that folder.
CD.
Type in CD.
Space.
Word.
It will be in your Word folder.
Where is the folder?
Where is the folder?
Where is the folder?
Where is the Docker Compose file?
Is there?
No, no, no.
CD.
Space.
Word.
W-O-R-D.
Yes.
Imagine a location where you have written the YAML file.
Clear?
In this location now.
No, no.
One second.
Do a list.
Do a list.
List it.
So you have to do any operation of Docker Compose commands from this location.
With Docker Compose.
Yes.
Volumes.
Yeah.
Now it will terminate.
Because it needs to understand the location of Docker Compose YAML.
Either you be in the location or copy the path of Docker Compose YAML so that it understands.
Clear?
Okay.
Okay.
Are we good?
Whenever you have a use case in enterprise in which you have to create or integrate multiple
containers to work together, then you need to use Docker Compose.
But a single host.
It's going to create all in a single host machine.
The next topic.
So do you work on networking and volumes?
Everyone, do you work on volumes and storage in your projects?
Yes, no.
Yeah.
Yeah.
In your office, do you work on volume storage?
Generally.
Not Docker.
Other technologies of storage.
Do you work like a Docker?
So let me talk about volumes very briefly.
Now there are different types of volumes.
So volumes means storage.
So you can have the storage of the container right now with it.
You can have the storage of the container outside the container on the host or you could
have on the memory or other one as my name is Docker.
So it means for example, I can say to create a mapping onto a folder like tmp.
You define it.
This is called as a binary.
The other one what you like to create is your Docker area.
So this will be under where the Docker.
The third one, you could also create in a memory.
So you create the memory of the host.
So these are different options.
So tmpfs is temporary for memory.
And this is something which you cannot share between containers.
It's only for one container.
And it's only for Docker Linux.
It doesn't support Docker for Windows.
This is to have in the data outside the container on the host memory.
And this is only for temporary.
And you don't get additional charges for this because using memory of the host, you don't
get additional charges.
Bind mount is where you can mention the path on your host.
And this path would get mapped.
For example, if you have a MySQL container.
And I can say to map it to a location like slash tmp on my host.
So what do you make changes in the container?
You could also get a copy in your tmp.
And even if you delete the container, you still can delete the data from in here.
It's a persistent.
This is based on file system.
And Docker volumes is what right now is an example.
It will create automatically under where lib docker.
And this is very much preferred because I can use the same volumes for Windows or Linux.
It doesn't depend on the file system.
And I can easily take backups, manage because all Docker based.
It's very easy to take a backup.
If you want to do a list of the volumes, all these we can use Docker commands.
So this is managed by Docker.
Very good.
It's as for both Linux and Windows.
You can share this volume with multiple containers.
And much more better performance rather than the bind mode we talked about.
Doing this, you say Docker volume create and give the name of the volume.
So Docker volume create, it will create a Docker volume.
If you want to use this Docker 1-90 name of the container, this name of the container,
which one do you want to use?
This is the volume on your host.
There's a bit of Docker and this is getting mapped to a container under off data centers.
So this is the name of the container, container name.
This is the image name.
This is your shell.
And this is your mapping on the host.
This is on your container.
So whatever change I do in the container under off data center, it will also get copied onto
my data inside my where left Docker.
Anytime we can see what is in Docker, we can do a Docker inspect the container or Docker
inspect the volume name.
You can see what exactly the volume details where it's getting created.
The Docker inspect the container name.
You see that it has a volume name this.
There is a map driver local and the properties.
You can create list the same Docker model here.
You cannot remove it if you're getting used.
You might want to remove the containers first and then you can do it.
And we can also run it using the Docker file.
Okay, I will be looking into this in detail.
So let's go to Docker volumes.
So you can see this.
Let me use the keyword Docker storage.
This is your documentation.
BODYMount, BIMount, TMPMount, all these are down.
Testing.
So do you feel that this hands-on is required for you?
On volume, do you feel that it's required?
Then we can do it.
If you feel that it's not required, you can skip the laps just for you, because I want
to understand what's more important for you.
Do you need hands on on this or no?
Please confirm.
Do you want to do a lab on this?
Or no?
Do you want to do a lab on this?
So answer this yes or no?
Please.
Okay, okay, okay.
Okay, okay, fine.
But is the concept clear?
Did we get in the theory of it?
Everyone can assume that it's good.
Networking, next topic.
Do you want to have a break or do you want to continue the next topic?
Okay, fine.
Now let me now talk about Docker Networking.
So what is Docker Networking?
So when you install Docker, it creates default networks.
So now, example.
If I say Docker Network LS, you see it creates the default networks.
And the first network is a bridge, second host, and none local.
It means this is used only within the same machine we're talking about networking, not
across the machines.
All these networks are within your same machine.
And this is your network ID.
So now if I say Docker Inspector, and if I say bridge, now this would give an IP address.
Are we good?
So this network gives IPs, MAC addresses, all these things for your containers.
And now when I do a Docker Inspector bridge, you see that I can see all the containers
listed.
See, one, two, three.
I have three containers now, and all these three are connected to the network.
Are we good?
It is confirmed.
If any doubts, you can ask me.
Now let's do an Inspector container.
I say Docker Inspector, the first container.
And you see the container's IP address.
It gets a MAC address and connects to a gateway.
So this is what we're talking about using networking components.
So this is what your bridge network provides.
Any questions?
If you feel that not clear, you can ask me because we're to proceed.
Silence sometimes doesn't make me understand if you're good or not.
Which format?
So Docker Inspector, space the container name or the ID.
And in that, I go and see the network portions.
Yes, so your question is, can we modify the network for containers?
Is that a question?
It depends on your organization.
Sometimes they say that if you want to, this is a default, but tomorrow you might get a
requirement that your container application has to be on a specific network range.
That is, they might ask that you need to have a container in this range, for example.
Getting it?
So tomorrow then you have to create a new network and then get a container in that network of 192.
If you don't change the default, it gets a 132 this range, what I just showed you.
But in case you want to contain us in a different network, then you have to say,
Docker, network, create a network in that frame and then get a container inside it.
That's my answer.
So in default is not required.
It comes automatically.
So if you want, you create a user-defined network.
You create something like this.
I'll show you how to do it also.
So in default it looks something like this.
So Docker 0 is the network which does all these in the default.
And all these containers, they can ping to each other because they all are connected to the same gateway.
So example, all these three can ping to each other because they all belong to the same network.
So how do you do it?
You can check it, for example.
So I have a Docker base.
I'll log in the first container.
So log into the first container, Docker exec-19.
And then hopefully, so I first get the IP of each one.
Let's get the IP of each one.
So I'll do a Docker inspect bridge, for example.
So 172.3.4.
So hopeful is 4.
From this, I'm going to ping to 172.3.
That's my use case.
So I'm going to log in.
And I'll ping to 172.3.
So I'll say, Docker exec-19.
Hopeful.
Underscore 4.
And I'm going to say bash.
I'm going to use apt update again.
I'll install ping utility.
I'll install ping utility.
And then I install iputils-ping.
So I ping in here.
And now I do a ping five times, for example.
To 172.17.0.3.
I'm going to ping because they are in the same network.
Because they all connect the same gateway.
They have to ping to each other.
Are we clear?
This is how the default works.
But sometimes, you might want to get your own network.
It might be you want to contain a different network.
That's a use case of your organization.
So for doing that, we create networks.
What you create networks for yourself are called as user-defined networks.
They can't create a network by default.
You can create a bridge network.
Those are called as user-defined networks.
Let me show you how you do this.
So user-defined networks is the network which you create to create a network.
So example, if you want to be network, you can say, Docker network create.
And we can give a subnet field.
I can say subnet equals 192.168.0.
And you also need to put the gateway.
So gateway to the first IP equals 192.168.
The first IP in this, 0.1.
And then you need to mention network name, network1.
So what will happen?
You create a network named network1 with this subnet and this gateway.
And then I can create continuous network.
Let me show a small example.
So when I get more networks, I can say Docker network create.
And I give a subnet.
And I can say 192.168.0.0.16.
And the first IP would be 192.168.0.1.
And then I give a network name, net network1.
The network is created.
How do I confirm?
I do a Docker network ls.
Let me make this form much more bigger.
Are you able to see it clearly?
The font is good.
Make it bigger still.
For the 16, I can make it to 18.
And select.
Okay.
So do network got created.
So I can now do a Docker int spec network1.
And you see it got IP in this range.
So if I want to create continuous network, what do I do?
I would say Docker run hyphen d.
And I can say give a name for the container, new.
And I can mention network name as network1.
And then the image.
I can create a container with name new in this network.
And now I'll do a Docker int spec.
The name of the container.
And you will see the container got IP in that range.
Are we clear?
So we can create any networks, any range.
And you can contain them.
These are called as user defined networks.
Are we getting it?
What is defined and user defined networks?
We're going to do a lab.
I'm going to give some time for a lab.
Just observe right now.
We have a lab now.
If you want you can do it.
If you want you can do it.
It's up to you.
Now the next one, learn about what is user defined.
So now if I have two networks right now in your host.
Can this and this communicate now?
This is my machine which have two networks.
This is network1.
And this is network2.
A container this C1 and C2.
Can they communicate?
Can they ping each other?
Question clear?
Everyone please try to answer.
Two networks, network1 and network2.
Can they communicate with each other?
Answer this.
No.
Because network is a network.
So in case if you want to allow them to communicate.
We have to use something called Docker network connect.
So you can allow them to communicate by using Docker network connect.
Wherein you can mention that you want this container if you have C1.
And if you have C2 and C3 for example.
In this network.
You can say to connect C1 to these.
So once you say this.
C1 would get a secondary IP in this range.
So you say Docker network connect C1 with this network.
Network1
The C1 would get a secondary IP in this range.
And they can connect to each other.
So what I am saying let me draw and explain.
And this is my host machine right now.
And I have two networks.
Network1
And I have network2.
I have two containers.
This C1 and C2.
And I have C3 and C4 in this network.
To four containers.
This network range is 192.
168.
0.0 star 16.
And this network range could be something like this.
But these two can only be from this.
They communicate.
But this cannot communicate with this.
Because we don't have a network.
But my use case is can it communicate from this to this.
Yes you can do it.
So I will mention the command Docker network connect.
You can mention the complete bridge.
You have to mention the container name C1.
And say that I want to connect to network2.
You have to run this command.
Once you run this command C1 would also get an IP in this range.
So it will have a secondary IP in this range.
Of C3 and C4.
And C1, C3, C4.
They all can communicate each other.
That's what we are talking about Docker network connect.
I want you to do the lab together now.
Can you do a lab 7 first?
Everyone?
Yes.
What do you mean one by one?
I didn't get you.
See I cannot.
The Docker network connect syntax does not have a bridge.
You cannot mention network name there.
Let me show you the syntax.
So we do a Docker network connect.
Example.
This is your syntax.
You have to use one network and other side container.
I cannot mention both network names.
Yes.
Yes.
I can mention one container and other network.
It doesn't have network2network.
It doesn't have communication.
So what will happen?
This container will get an IP in this.
And then we can connect it.
Now I want you to play around.
Take some time.
Do a lab 7 first.
Play around with lab 7 first.
Then we will do a lab 8.
Or if you are good with lab 7, you can do lab 8.
Are you good with basics?
Do you understand what I did?
Let's do a lab 8 directly.
Go ahead and create a network.
Bridge 1.
It will pick up some range.
Inside this you create two containers.
Run hyphen IP.
And try to ping each other.
Okay.
One more method to create a container.
You will be inside it. You want to come out of it.
And try to play around.
Thanks a lot.
I got one requirement from SIPI.
So last time we have heard it.
Okay.
For which one?
For SIPI, enter.
Same batch?
Same batch.
Same batch.
Same batch.
When is it?
On 20th.
20th?
Yes.
Can we do this before?
Because I might be in different training.
So Jan 20th is Monday.
Yes.
Yes.
We can do it on Monday.
Because on Tuesday I have training.
So on Monday I don't have.
Is it confirmed?
So we are looking for some things.
So much effort is required.
They say minimum but they ask so much questions.
Others are awesome.
I think last time we did for 30.
Correct?
28.
At least if we make 32 it will be good.
So I can get you a business fee.
I will do because the requirement is to take so much.
So much they ask for.
This is called.
I understand.
But they ask for more.
See what we can do.
28 can you at least make it 32?
See.
Let me make a suggestion.
I need to check how much budget they have.
Yes.
We will provide the answer.
Yes.
Thank you.
Thank you.
Are we good?
It is working.
We are still in C3 and C4.
Do the other steps please.
I think CK is done.
Yes CK you understood.
So C1 also uses C3 VIP.
In the other network range.
And hence they are both peaking to each other.
Hope you are getting it.
Do you understand?
Charles are you clear what to do with the lab?
You are understanding?
Sure.
Thank you.
We are doing lab 8.
By 5 we can do offline.
We are doing lab 8.
After lab 4.
The doctor composed.
We are doing lab 8.
Hope you are understanding what is the concept.
Understood?
Thank you.
Yes June.
What about you?
This is how we can use.
You can either use the default network.
Or we can create different networks.
This is all the different things.
Which you can use.
But all these containers must be on the same host.
You cannot use it across different host machines.
Now what is the host network?
For example.
It doesn't have any specific network range.
So let me do an instance.
If I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And if I say docker network ls.
And now if I say ifconfig.
So ifconfig is a command in Linux.
You see all the network configurations of a NIC card.
So you will have the primary interface card.
Which is the primary IP.
And you also will see docker 0.
Which is the default network.
And you see lots of interfaces.
And you see lots of interfaces.
When you go down.
You see interfaces 1, 2, 3.
You see interfaces 1, 2, 3.
All these.
So host network is just like an interface on every host machine using the container gets communicated.
So when you want to go to outside world or something.
So when you want to go to outside world or something.
So what I am saying is that you have to put the host network.
That's what we are talking about in here.
It's just a network on the host through the traffic goes to outside world.
So what I am saying in here.
Let me hit dot and explain.
This is your host machine.
And this is your container.
And this is your container.
You will be having some ports exposed on a container.
And some ports on your host.
That's it.
That's what we are talking about.
Like the example which I did.
So if you have a container.
Of this container.
Which name is test.
This will not have any IP.
You see that.
It has no IP.
It has no gateway.
It means this is like a stand alone.
So now let's log into this.
So I will say.
Docker ps.
And I will say.
Docker exec.
And then.
I would say.
Docker exit.
And then.
And then I log in the container.
Now if I do an apt update.
It cannot go outside world.
You see it's getting stuck.
Because there is no network.
It's isolated.
Are you getting it?
What is none network?
Everyone?
What is none?
So none network is a network in which.
Containers cannot communicate to outside world.
Completely isolated.
For that purpose we use a none network.
So you want to do this step.
This small step you can do it yourself.
So go ahead.
And run this command.
Do yourself.
Small example.
Run this command.
Like this.
It's get the container.
You can say. Docker 1-d.
The name of the container is test.
And give the network.
As this you can do.
None.
And nginx.
Yes. Run this command.
Get a container.
And say this name is test.
Log into it.
And see whether it will update.
It cannot work because it's none network.
You have to use the shell.
The end ck.
Docker exec have the container name.
And the shell bash.
Bash was missing.
Space bash. Others?
Are we good?
So Charles what happens is.
When you do exit in a container.
It gets stopped.
So you have to properly come out by.
Doing the control pq.
Start the container.
Any questions?
Gene.
Ck. Any questions?
Thank you.
This is our networking. We talk about.
With the default ones.
We can use the default networks.
We can also create our own.
We learned about.
How we can create your.
Different user defined networks.
How we can connect between.
Different networks.
Also in very brief about what is.
Host network.
The last one is non network.
This is our networking.
Now you're good to continue?
Team I won't.
So you need a quick break.
Or something just understanding.
Are we good?
Coffee break or good to continue?
Anything is OK.
Yes.
You need a break.
You need a break.
OK.
You need a break now.
How much time you require?
10 minutes.
So break for.
10 minutes.
I'll be back.
Thank you.
How was it?
Interesting.
Difficult.
So fast.
The reason I keep on asking is OK.
We don't speak.
I cannot see you all.
You have to understand correctly.
If you are able to respond.
I can see you.
They understand.
The reason I keep on asking questions.
OK.
But are you able to.
Are you learning new things today?
OK.
OK.
What about you Charles?
OK.
So what happens is do you log into Linux every day?
Do you log on?
Do you work on Linux machines on a daily basis?
OK.
You work more on Windows?
Might be that reason.
So if you want to learn
containers and Kubernetes.
You need to be good with Linux.
For sure.
And my reason.
So once you start practicing the
labs yourself.
Later also you must be
well good enough for the speed also.
OK.
Next topic.
About container orchestration.
So what could this
term mean?
What could the meaning
of container orchestration?
Anyone?
Anyone?
Anyone?
Now right now.
We are using one machine.
We have one Docker host
machine and in which
we have in some containers.
If this is a very. It is running very critical
application.
And if this machine goes down.
And the user trying
to access the user is trying to
access the application. The user cannot access
the application. Right now because it's
down. So what can you do?
You could have done something better before itself.
Before the application went down.
What would you do?
In this case. The host is down.
The user cannot access. So what can
you do? So you could have done something
better before the application went
down. What is
the thing about? How would
you improve the design of this?
You could have done a much better design.
So we
need to looking for HA is missing
in here. So in enterprises
we cannot just use one.
We have to use multiple
backend machines.
One, two, three.
Like this.
And these are also referred
as Booker nodes.
Worker or slave
nodes.
And these nodes are meant
to run your application.
So I have applications
running inside this. So I would be installing
Docker on all the boxes.
One, two, and three.
And then I create a container.
Is this better? Do you agree?
Everyone? Now
you are working in a company.
And it is not a good practice.
So if you are supporting this application yourself.
It is not a good practice to
login to these directly. Because
this consists of sensitive
information. So
if you are a developer or
if you are an infra.
You cannot do like this.
So you need to do any operations
using one more interface.
Call as a master.
So when you want for example you would say
that I want to do
Docker and what commands.
You would do it on the master.
And this master is also
called as manager.
It will have containers
which is for management.
And that will manage
these backend machines.
So even in this you have
Docker. In this you have Docker
all these things. So this
type of management in which you have a
master and backend machines
is called as container
orchestration. Are you getting it? Everyone?
In the sense container orchestration something
like this in which you have a master
through which
you would login and do operations.
And the master is connected to the backend
machines and slave machines.
And each of the content engines
it means like Docker
Docker
Docker
and Docker.
And we will have the applications
or the containers inside these.
These are the containers.
So these are application containers
and these are your
management containers.
And you would say
Docker run or any
operations on the
master. In master in turn
decides where to create the backend.
So this type of master
slave using which you manage
your live environments.
Like load balancing, scaling
for all these are required
for your live workloads.
So we use software
like example
Kubernetes. We use
Docker Swarm. We use
Mesos or cloud native
like ECS to do manage
something like this.
So Docker Swarm is native
to Docker. It means an unsolvable
Docker. All are Docker Docker Docker
then you can use Docker Swarm
or you can also use
Kubernetes. Both you can use.
But if this is using Docker for
example
and if this using container D
using different platform when containers
rocket. I cannot
use Docker Swarm.
So Docker Swarm works only
everything using Docker.
The mix of different platforms and containers
Docker Swarm cannot be used.
That would be good.
Till now. Why container
orchestration?
And how does it look? Any questions?
So now let's go and check
if I do a Docker info
so Docker Swarm is native. We are not getting
into it. But just showing you for Docker Swarm what does it look.
So now
if I do a Docker
info and a info
you would see a command
or parameter called
as Swarm.
It says Swarm inactive.
So Docker Swarm
Docker Station Software
is already installed
inside your Docker.
Not activated.
So now if you want
to make this a manager for example
I would go ahead
and say Docker
Swarm
and in it.
So now this will become the manager
and it will give you a token.
You have to run it on
the other machines where you install
Docker. And
that will become the client machines.
This is how we get started.
So you generate a token
in one of the machines.
It will begin a master. It will create
some configuration. For example if we do a Docker network
it will create some content in the backend like you see Ingress.
They get some
bridges.
They create some containers
that require to do some operations or more.
As well as create it to your
networks.
And they have connectivity to the backends.
So you need to go and run this token on the backend
machines. They get connected.
This is how we do.
But Docker Swarm does not have much features.
Not much scalability.
And hence we use
Kubernetes a lot. So Docker Swarm gives you
very very minimal capabilities
for managing a container
or constitution. Not much capabilities.
So you want to use Kubernetes.
Okay.
Team, I would like to understand. I'll be good.
So I can proceed.
This
I'm talking this one very
generic right now. I'm not putting on any
Kubernetes or Docker Swarm right now.
In master
or the manager what are the important
components?
One important component is a database
key value store.
So in Amazon, we all use Amazon?
Do you all work on Amazon Cloud?
Or no? Everyone?
So do you all know what is DynamoDB?
Do you know the DynamoDB?
We don't? Or we yes? Okay.
Are you all aware of NoSQL database?
NoSQL database? Yes.
Like MongoDB.
So in any of the
masters the database what we use
would be a Mongo, something like
MongoDB.
This database consists of all the
configurations or metadata
of a cluster.
That's a key value store. In Amazon
we use ETCT. So we're going to
generate right now. So you'll be having a database
in your master. This one
is a master component which can consist of the metadata
of the cluster.
Not the actual metadata of the cluster.
And other important
component of master is the scheduler.
For example, this is your schedule.
Master component. These are your
backend measures.
We'll have one more. We'll talk about
it in detail later. We'll also have an API.
So now
we'll use KSKLs.
I have three working nodes.
And you are a DevOps
engineer. Now this is using
SSD hard disk.
This is in HDD.
And this is in HDD.
Now if you want to deploy
the database
would you prefer one, two, or
three? KSKL question for you all.
If you want to create, deploy database
container on this,
this, this, which one you'll choose?
And buy. You'll agree?
SSD? Because
of performance.
So what you can do is you can
define a label in this. You define a
label. This equal to
SSD on this.
And this label information
would be remembered by
the backend.
One minute. Getting a call from manage.
One second. Hi Shekhar.
Shekhar,
when are you back to
Chennai and till when you're in Chennai?
Alright, that's it. I got it. Thank you.
I couldn't plan.
Yeah. So I define a label in
here. And this label
would be remembered by the database.
So now when you say to run a
container where DB
SSD, the request
goes to the schedule, API,
the scheduler.
The scheduler doesn't understand what
is this, the metadata. So this
metadata would be understood by the key
value database.
And this key value would say that
there is a node of
node one where you have
a label. And the scheduler
will decide that they have
agents inside this.
That agent would create
the container in this node.
So it means that
you can use some labels
or you can do using some policies
using which
you can define where you
want to run your workloads.
And that is defined by scheduler
and it works with other
components.
Getting it? What's the process of scheduler?
In our presentation, small
example. This is one example
of schedulers.
Third one which is important,
in a cluster you're going to have
three nodes.
The network which we use,
Brish networks. Can we
use Brish networks to communicate from this
to this? This to this? Is it possible?
Yes or no? Can I use
Brish network to communicate from this container
to this container? And this to this?
What do you think?
What is the answer?
You see, what is
scope? It is
local. It means
I cannot use the default
Docker network or Brish network for
this network. Are you getting it? I cannot use
this. So we have to create a layer 3
network.
So what is OSI?
What's OSI?
What about the voice side? Yes,
no? If you know, you can say yes.
If not, you can say no. So that I can explain.
Do you know what is OSI in networking?
So in
OSI in networking,
we use seven layers.
So start from physical,
then data link,
then user network,
we use transport,
then we are talking about presentation
layer,
then use the presentation layer,
and then user application
layer.
So if you have computer 1 in network,
you will communicate to communicate
2, you will have a similar
layer in the other side. So
this wants to communicate to second computer,
it keeps on adding packets in every layer.
And they
exchange packets at the other side.
So this is
how they communicate using
OSI layer. And layer
1 is your physical. This is called
layer 1. This is layer 2.
Layer 3.
Layer 4.
Layer 5. Layer 6. And layer 7.
So example,
layer 7, we use these protocols,
HTTP, HTTPS protocol.
In transport layer and all, we use
TCP protocols, GDB protocols.
Network, we use
your IPs, all these
things. So we
need to use a layer 3 network. It means you need
a network of layer 3, which will allow
communication across
multiple machines.
So you need to have a layer 3 network,
which is also called as overlay network.
So you have to conflict with this, so that
all these can communicate.
So example,
when you did for Docker's form, you said
it will get created automatically. It will get an overlay network.
And in Cubans, you have to create it.
So overlay network is what is allowing them
to communicate.
Next concept.
Now,
when you create containers,
containers get
dynamic IPs. So dynamic IPs
means these IPs
would change when you stop and start.
Is it a good practice to use
dynamic IP? What do you think? Is it a good practice to use
dynamic IP? Normally not a good practice
sometimes because if this is trying to
communicate with this, and it is
using an IP
of this to communicate, if the IP changes,
then it will not work.
So you have to be careful.
And we cannot directly assign a
static IP to this. Static means it will not
change. So what you can do is,
you create
and you map it to a service.
And this service will
get this static IP. For example,
if this want to communicate with this, for example,
we first go to
the static IP and then
it beaches the backend. And not better.
So for example, this is mapped to a service.
And this is mapped to a service.
And these get a static IP.
So it could be 1, 2, 3,
.4. This could be
5, 6, 7, .8.
In turn. Now, if this
wants to communicate to DB service, what I do,
it will communicate to the
DB service.
And that will send traffic to this one.
If this want to communicate
with DB service, it will communicate
to the service and reach to the internal.
This is what is the static
method.
This is for internal.
Now, if I have an external, for example,
the traffic from
load balancer, this is, I want to reach
this from outside, from internet.
Traffic will come from outside.
It will go to the
port. It will go to
one of the server, talk about internet
service, and then reaches the first
user. If again someone, second user comes in,
it will go to load balancer, go to this one.
It will again go to the service web
and then reaches in here.
If the third user locks in,
it will go to, it will round drop in.
It will go to this, this, and go to this.
Fourth user will again
come into this,
this, and this. Like this it
happens.
So service mappings are used
because we can, we have
static communication internally.
And that is what we call a service
discovery. And we can use it for
internal or external
communication.
And we talked about
OLA network and we are also talking
about schedulers,
key values.
These are some important components
of your orchestration.
Any questions? Yes.
Let me know
any questions on orchestration. I want
you to understand this. Take some time.
Do you want to go through
for five minutes the orchestration part?
Please read for
five minutes.
Any questions please ask me because this is
important. Because without understanding
this, it will be difficult for
you to understand Kubernetes.
Please answer the reason why
I am giving more time. You need to be clear of what
is container orchestration, why,
and what is the master, what are
slaves, and why do you
use this in the components.
Then it will be easier for you to work
with Kubernetes.
I'll be back in five minutes.
In the meanwhile, please read it and
I won't
request you to ask questions if you have. If not,
we can put the next one.
We'll be back in five minutes.
on 2024-12-16
language: EN
WEBVTT
Type exit now. Are you back to your initial box? Yeah. Now login to the
machine of the other which is a bigger size. So let me use the command. Go to
the location first. cd home student vm underscore details.
One second I'll bring that from the path of it.
Close the window and come back to close the terminal everything. Close it and in
the main your box which are connected in that click on terminal. Do you all see
student at your name? Yes. In this now go to cd home student and the vm underscore
details. So be in this location.
And now ssh hyphen i t dot pem username ubuntu at the bigger one. Be careful in
here. So you won't use a bigger one. For example this is mine. 13 use us and press
Be connected.
Check for others.
Yes good.
So now let's continue. So now what we do is
Everyone please open this. Go to module 2 labs and under that it says the first
one. We'll talk about lab 1. Open this. Now I'll explain. This is a very simple
team which is for the steps. It'll be easier for you. So right now we only have
three machines. So tomorrow if you want to do yourself you have to create three
VMs like Ubuntu and the steps. Now right now we are logged in already.
Yeah so in case you log in yourself and put you using this. Now we're going to
set the host names. We're going to install this and we have a script. The script is
going to install configure, kubelet, others. Go ahead and say fifth step. All
the self-container which we saw. The plugins, the kubelet, kubeadm. All these
is part of the script. You write in the script and then we run the script.
Making permissions. Once the script is run we observe it and then we control the
version of kubeadm, kubelet and kubesatl on the master. Yeah. But first do the
step. Let's go step by step. So for this open the document. Start from the third
step. 3, 4, 5. Fifth one. File name. All these must be in the script. Starting
from curl. You see before all these steps before wql. You have to copy the script.
Save it and then we say run it. Permissions and then run the script.
And then you observe the outputs. Yeah. Let's get started.
Hostname.cp. This is the set of hostname.
Like master.
Now how do we confirm that this is working? So we can type in txec
bash.
Data master.
Now the next step is we have to run those commands. Run these two commands. You
can also copy multiple commands at once. Copy both the commands at once.
Copy it and run this.
You can copy both the commands at once.
This is going to update and it's going to install the utilities which are
required for you to download the Kubernetes repo.
Say okay. Say this okay.
Let install this.
This is okay.
Now this press enter. Press enter on a keyboard.
Press enter. Enter. Enter. Enter. Enter.
Yeah. We're good everyone. Okay. Now the next step is we have to write in
the script. Yeah. So vi.
Any names like contain. Just a name.
Contain.sh. So I'm writing a script to install the software easily.
The vi. The name of the script. The script name could be anything.
Whichever you want. And press enter.
Now press r.
Start from before. Copy from this command.
Before. And copy till this one.
Fs tab. Swap fs tab. Copy till there. And just copy there. Just right click.
It will get pasted. Or you can paste it open to one. Okay.
Click on paste. And observe again. Where you get started.
Observe. From.
We're starting from here.
Now you say paste.
So it does from.
Before till.
The fs tab. Are we good?
Okay. So now what we do is escape colon wq. Escape colon wq.
Now you want to run the script. In Linux you have to give permissions.
So we're giving permissions. Run the script. chmod.
700. And the file name. Just use the tab. chmod is for changing permissions.
700 is your permissions. And the script name. And press enter. What happened?
You can also observe. If you do ls-l. And the file name.
You can see the permissions. The user has complete permissions.
Read, write and execute. To run or do any operations from the
container. It requires permission. Now run the script.
. forward slash and script name. . forward slash script name and press
enter. Okay. Does it run?
I think good.
So it's going to configure. You can observe in here. It's going to download
container. It's going to install kubelet. You see it's going to kubelet.
Kubelet packages. All these required. We're going to do all these.
In the script. Click enter.
Now confirm the versions of each one which we installed. So first one is
container D. So container D.
Hyphen, hyphen version.
Next one is kubeadm version.
So we're installing 20.
And also check kubelet hyphen, hyphen version.
And also kubectl space version.
Right.
No, no, no. It is kubelet hyphen, hyphen version.
It gives space. Let me check. It must work fine.
No, no. Run the script. One second. Run the script. One second. One second.
So do a ls. Remove the clear. Type in ls.
Can you do a cat? C A T. C A T. Yeah. Just type in C O and tap.
Type in C O. C O. C O. C for chart. Yeah. Tab.
Press the tab button. .sh. Yeah. Yeah. Let's see the content. Go up.
Use apparel. Go up. I think good. Type in clear.
Type clear. Okay. Type in ls hyphen l. Paste hyphen l. Yeah. Enter.
Enter. All good. Can you do a dot? Dot forward slash.
Yeah. See. Yeah. Enter. Don't do anything. Let's leave it off.
Don't stop. What does it say? Is it done? Can see.
Choose yes. Choose yes.
Space hyphen version. Good. QBDM space version. No hyphen hyphen.
Good. Now QBLET hyphen hyphen version. QBCTL version. QBCTL space version. Yeah.
QBLET space hyphen hyphen. Enter. Yeah. Now QBCTL space version. QBCTL.
QBCTL. Yeah. B E. B E C T L. C T L.
Yeah. No. No. No. Again hyphen. No hyphen. Okay. You're good.
Okay. Others. You're good. CK. Get the message like connection. Last one. That's fine. Go
away later. Okay. What about chance? What's happening? Okay. Good. Fine. Let's proceed.
Now the next step is we have to do a very similar step on the worker nodes.
Yeah. So what you can do is you need to play around in here. Be careful. So you can again
click on the terminal window. The terminal window. Does it open one more screen? Everyone?
Yeah. Click. Click the terminal. Does it open one more screen? Is student? User?
Yes. Now log in to the first machine.
And type in the IP of the first one.
So
till here. Now in the document now go down and now we have the steps what is supposed to do on the
worker one. Same steps. You're going to use worker one. The script and confirm. Very similar steps.
So I think one step is not sure for some reason. Cut once again. Before you go to next step.
There's one step you see this cut for some reasons. This step is not sure how it will
get corrected. Let me again update it. So this step, the full step. So can you update this
in your worker session? After host name copy this and the worker node session. For some reason
it's not here. So you can make it forward. The next one is fine. Yeah. Do update, update, install
and then proceed. You have to do this on both the worker nodes. First one make it
work for one. Other one make it work at two.
Run the script. You're not installing cube ctl in this. You're not installing it here.
So once it's done and confirm the versions of everything except the cube ctl.
What is that? Why did the daemon reload those chips? 1991. What is the purpose of this? Was
it there in the document? Okay. No problem. Can type in host name. Just type in host name.
Let's proceed. Confirm the versions. Contain any all of them. Confirm the versions of all the
software. All the steps. Are we good with worker one? Everyone? Make it as worker two and proceed.
Okay. I think we're good.
Yes. Now next what we do is
master machine.
Yes. Cubeadm space int. On the master machine type in cubeadm space int.
On the master.
One day on the master.
And I think you see the components is putting certificates.
Or you see a base server getting all your master components.
Please confirm.
Okay. Once again. You're all good. So now what you do is copy the token. The last two lines.
The last two lines. Copy this to notepad.
Copy that to notepad. Highlight it. Copy that to notepad.
Okay. Now the next step is we're supposed to run the next three commands.
The documents. Go down.
You have to right click. Right click. Right click and click on copy.
So what you do is you see a screen like this. So use your mouse and your keyboard.
And then highlight like this. And then right click and copy.
Good. Now you're not able to paste. Are you using a laptop or office?
Okay. Why? What happens?
Can you paste in the chat history? Let's check whether you're able to paste to chat.
The zoom chat. Check whether you're able to paste it where? In notepad. Okay. Fine.
So let's do something. We'll come back to it. I'll resolve this. Let it be like this. Let it proceed.
Okay. Now, okay. One second. On the desktop of where you're logged in,
do you have a notepad? One second. Are you trying to copy to your laptop or
you're trying to paste it on your desktop? Which one are you trying to do?
Where are you trying to copy? To your laptop or you're trying to copy to
the Ubuntu desktop? Which one are you trying to copy?
Okay. If not, I think. So do we have a notepad or something in here? One second. It is confirmed.
Okay. Can you right click in this box? This will create document.
This is in this desktop. Right click. Click on.
Okay. Fine. We'll come back. I'll help you out later. Yeah. Okay. Now the next step is
we have to run in those three next commands. So run in these three commands. Run these three commands
on the master. Just copy and paste.
Yeah. Yeah. So, yes.
I'll do a copy of the properties of this one second.
Okay. Now I'm typing kubectl hyphen hyphen version.
I've run the command. Type in kubectl no hyphen hyphen version.
Now you see that the error is gone before you got an error message. It means
it is properly configured now. Everyone, are we good till here?
Yeah. Good step. No, no, no. Once again. Once again. See,
don't copy this command. What are you trying to do? Why are you running these commands?
Type in clear. I'll help you out. Type in clear. Please type clear. Do not even do anything. Do a
control c. Now copy the three commands of the next mkdir. The three commands I gave you.
Understanding which command I'm talking about. Let me give you a chat.
The chat I'm going to paste you. Run. Just copy those three commands. Yeah. The chat I gave you.
Just right click and paste. Yeah. Click paste. Enter. Yes. So now what you do is type in kubectl.
Fine. So now what we do is run the apply command. Run the apply command everyone.
Yeah. Does it say just add it?
Yeah. Then good. Gene. What's happening? That. Okay. Ck. Chance it will do it.
The coverage of in the chat. Just right click and paste it.
Enter. Yes. Okay. So now what we do is check if your master is ready. So go ahead and do
kubectl get nodes on the master machine. kubectl get nodes. Is it ready? Okay. Fine. So now what
you do is you have the token now. Just copy the token from your notepad. Complete token.
And run the token on your worker nodes. Copy the token which you have done before.
And go to the worker machines. And paste it. And press enter. Do it on both the nodes.
It will get added. Now go to the master. And again do get nodes. And you must be seeing all the nodes up and running.
Okay. Yes. Chance. Now let's be explained. Chance. Are you what are you going to do now?
One second. I'll tell you what to do now. So close this. So now what you do is you can run the command.
Run this command now. Run this command. Running it command. Did you get a token? Yes. One second.
Copy from this command. No not from there. Start from start. Yes from that. No.
Complete. Starting not from this. Yes. Yes. K is missing. K. Yes. Right click.
Copy. Now go to worker one. Worker one machine. Maximize.
Do the same other machine. You did some mistake. I think you did some additional
steps. What did you do? Before the work initial worker node something you have done some mistakes.
Okay. Let me figure it out. So can you go to worker one machine. Maximize the worker one.
Maximize. Can you do can you run the command again host name ctl hyphen once more.
Host name ctl. No no. Host name ctl is a single word. Ctl space set hyphen host name.
Set set. The ct. Just no hyphen dead. Host name ctl one space set hyphen.
After set no space. After set hyphen host name space. Worker one. Enter.
Type in exec bash ctl space. Now use the command and try to run the command again.
And the command is use the command.
Arrow keys on your laptop. No no no. Okay come down. Come down. Run the previous command.
Use the press the up arrow. Where the prompt. Yes yes yes yes. Once again.
No no. Go to the same command please. One second. Press enter. Okay. So okay. You need to tell me
what exactly happened initially. Something you have done. Some mistake you have done.
Can you type in container D hyphen version. Container D is hyphen hyphen version. Enter. Okay.
So can you do cubeadm once again. Cubeadm. Type in cubeadm cubeadm space reset space hyphen hyphen
force hyphen hyphen force force force force force. Yeah enter. Okay now type in.
Okay now run the script again dot forward slash container D. Just type in c one tab.
Tab. What is the tab? Use the tab. Yeah enter. You're getting a address error message.
A chance. What did you do? Something you did before. Choose Y.
Choose Y. Type in Y. Type Y. Enter. Okay now run. Use the up arrow. Use the up arrow and try to join again.
Please use run the join command again.
Run the join command. Join command. Previous model when you use apparel.
Press the apparel. Not here. Yes. Press the apparel. Key key on your laptop. On a laptop press the up
up key. Apparel key. Yes. Yes. Can run it once more. Okay. I'm not sure what has happened.
Something you've done. Okay can you now give it two more missions. Can you do on those two
missions instead of these two worker nodes. Yeah you can close this worker one worker two.
You can close these. I'll give you two more missions in which you want to do these steps slowly. Is it
okay? Okay so now the other two missions in which you want to play around. So check if I
able to log into this mission and this mission. Log into 193. Not here. Come back to the student.
Yeah and the student sorry Charles can you minimize the master? Minimize this. No no don't close it.
Minimize. I mean you have a okay maximize this. No no no no maximize this now. Maximize.
Maximize. Yes now this is one second. No no you're right window once again. Now type in cd
cd yeah yeah enter ssh hyphen i name key dot pmp. pmp. PMPace Ubuntu at
IP 54 at 54 255 54 54.255.235.193 press enter choose yes okay now do a sudo su hyphen
sudo su sudo after sudo no hyphen space su
is hyphen enter type in hostname ctl
hostname ctl space set hyphen hostname no no no hyphen set set set hyphen after set one hyphen
yeah next after hostname no no no this is the mistake you're doing I think
very careful control c that's what's happening I can't see that been clear please
type here yeah hostname ctl space set hyphen hostname space worker space worker one
no once again right so can you use apparel again use the apparel press apparel on your laptop
press make it three now sorry make it three so one make it three enter yeah type in exact bash
yeah so now run the write the script now the follow steps now properly then do it
now do the next command document so others you have to wait for five minutes
just finish off this troubleshooting yeah copy these enter press enter press enter
yeah now vi do a control c I can see it do a clear type in clear di
contain a d dot s and change the script which is there under the worker node session the complete
script okay once again can you go down go up go up in this document or go up up up
up still up once again once again go down in that last last line last line
okay now click on paste escape colon wq escape colon wq again do a cat of this file do a cat
cat cat the file name space container d dot sh space just type it tap with the tab enter okay
fine ch mod type in ch mod 700 ch mod space 700 the file name space just type in here enter
dot forward slash identity yeah enter now you see that you're not getting error
before you got an message of the host name or something or I miss a last time
the problem okay is it one before other him or others the voice is not clear okay fine okay
fine I'm making uh press enter press enter press enter okay so now go to the master
go to the master mission yeah maximize copy this token from the stack no no now go back and paste
not here on your worker worker three right click enter it's working now so do the same
on the other vm also here the new one okay so be careful I think no no not here now by
again coming in here not a worker one go back to your terminal is the terminal is it yours one
second is it yours which terminal is this okay now good yeah close this now again click on
terminal not this one the terminal dock yes yeah yeah yeah yeah right that's fine yeah now do it
quickly let's see finish off let's just uh do this go to cd location same steps uh they're supposed
to the next ip the ip which I gave it to you was uh 227 clear yeah yes into like this choose yes
yeah so does who hyphen also space hyphen enter hostname cd
space set hyphen hostname set set set hyphen hostname hostname the end make it as worker four
enter yeah exact bash exact bash enter now run those two utilities
I have to get update and uh installing the certificate yeah enter
enter enter enter enter yeah vi container d.sh
container d.sh you can give any names that you yeah container d.sh enter
pay the script insert mode i yeah pay the script yeah come down come down come down come down yeah
click paste yeah escape colon wq ch mod 700 space
now once this is done the meanwhile uh can you go and have the token copied in the master again
have the token copied now maximize copy from the start yeah which I will copy okay copy it yeah
come back to that node press enter enter right click and paste as enter now go back to the
space nodes enter all good yeah so remember which machines you're supposed to use worker
three and worker four clear not work on worker two clear okay so I think you missed on that
might be made some changes in there and hence it's not able to it has got corrupted the kernel
something yeah so you'll not be using those two machines now we're using these three machines
clear okay thank you others are you good to understand how you troubleshoot so you also
why I'm telling to install it because when you want to install it you know how to install it
and also to troubleshoot but if you just get the software sometimes you'll not understand
what is happening in the back end are we good till here everyone okay fine so now observe what
the next step okay so now how do we we can also use a nickname so we use alias so alias in linux
is to make the command easy so we can say something like this so instead of complete I can just say
k
so to use alias give a name short form and mention it so that you're not typing everything because
we make mistake with that in cube ctr okay now one more command next command I'm doing all the
commands as per document this is still here it is done is all we have done these are all we have done
so now let's run this command get pods all namespaces get pod all namespaces
hyphen o y so this is going to print all the pods across all the namespaces in a
white format means in a full information so that you can see all the information
yes you see this everyone
so what exactly is doing showing you they're showing you the pod names so again
they're showing in the pod name the namespace this is the pod name
how many containers this has one container one is running this has two contains running
for some reasons this is going crash go back off not sure is it working for you everything
the crash to back off is it
okay okay let's see why is it happening not sure network wise
so getting errors for proxy okay let's see next one you also see restarts and the pod names
this is a pod IPs this is your name on the node this is a pod IPs let's do a small example let's
do a small let's try to create a pod so you can say run substitute run give a name for the pod
and give an image equal to indianets
the last command let's get this part yeah we'll look into this later just try to get a pod right
now run example indianets and now get pods hyphen o and y
and it must create to your pod
because getting some error is it working for you all
or no
sorry minus pending because i think
yes no no no it must it is not okay there is some problem
if it is crashed over there is some error we're getting everyone okay let's see why is that
it's running for uh what do you call who is this last one
charles he runs for charles perfect now so what's happening the same thing we did but runs for him
okay let's uh not to why it's happening seems to be followed
this is troubleshoot
let's do a describe the pod
so let's do this uh
let's uh apply the network once more apply the network once more
the nodes are ready apply the network once more
okay and see this
and then again do it in it i'm doing a reset
try to do i'm trying to do a reset just to check that all the steps are same
radium reset force
and follow the steps again copy the token
to a notepad
and run those three commands
this is all right
okay so now what you do is
reset on the worker nodes also
and join the new token
you
this running is working to do properly again it's working please check
yes yes everything you're doing a reset thing reset on the master reset on your worker nodes
and do everything from the reset step here
do a reset what i'm trying to do now understand so you're doing it now again after you do a reset
again do a init and then apply it yeah cube adm space in it cube adm space in it and yeah
wait for all the steps the same for your steps you're supposed to do all on your worker nodes also
do a reset if an effort force to do reset have never forced on the master worker nodes also
copy the token copy the token okay ck what are trying to do
cube adm reset hyphen hyphen force reset space reset space hyphen hyphen force yeah force force
force yeah yeah good thing
press enter after you do it again do a in it again the same process do in it
yes same on the worker node also you're supposed to do a reset and get a new token and the token
chance you're good right now yeah who's talking now to me says why are you doing this we're all
why you did this all good correct i told you all good all are running
okay type in cube adm space in it i do not for you for others because you see now all the parts
are running before yeah cube adm space space in it is enter same step is supposed to do a reset now
on a work worker also to be adm reset hyphenation force after this is done
follow the steps reset and all of them
copy the token and run this token adm space reset hyphenation force and all the missions
is all in the chat and then join again before it master you first do this on the master you
run the three commands uh june v mkdr that cubes ct after you do a in it you also need to run those
three commands of mkdr all the three commands for cubes ct cube ctl first with the master is ready
did we got it you're supposed to you're supposed to run the three commands the mkdr
cube config and ch own the master the master after you did a reset you need to run those three
commands remember that mkdr that sudo scp these three commands so first always check the master
is ready and then you want to join us ensure the master is ready yes up to yes choose why choose
why why why type in why why why i think this check it i'm not sure uh okay proceed now next
again paste it enter choose why yeah enter so now paste that apply come apply apply hyphen f
network network which you added we've met the last line master okay go back to documentation
and you see apply command for network adding yeah let me give the comment chat
i am giving the command the chat yes i paste the chat right run this command yes first check if
master must be ready do get nodes cube ctl get nodes cube ctl get nodes first ensure the master
is ready and then add the token yes now go and add the token on the worker nodes repeat again
ensure the master is ready run in the cube ctl commands apply commands and then go ahead and
run in the token on the worker node okay miss the token you can also run a new token yes
she will get notes yeah this is there anyway just do it to get notes once get notes
yes you're good now now dedicate a part
dedicate a part cube ctl k run k run run space example hyphen space hyphen hyphen
image equal to indian x indian x and it will get created okay are you good now
jane no no no spelling is wrong it is syntax is wrong after example is paste and after image
equals it is equals not colon enter now do a get parts troops it'll get parts part parts parts
then remove that just cubes it'll get parts cubes etl get parts hyphen space hyphen o and
y it also which o o alphabet o space wide no hyphen again before yes yes enter it is running
everyone is running now sdk all are good now
so charles i clearly told you why you're doing all this and everything is good perfectly to
before yeah can you call the token to notepad or what you can do do like this
once again charles so can you go to the master to master why are you trying to join again on the
master please understand that's over you must no no no go control c tell you go control c
please do control c cubes etl get notes cubes etl get notes space get space notes space
have to get notes yes notes get notes e d d e s enter okay okay charles i'm not sure i told you
not to do these right i clearly told you why i repeat the same steps fine so what did you do
before do history you are perfectly is working fine the reason told you do not do the steps
okay do it here so control c i did not the token on the master why did i why did i run the token
on the master why did i run it you got the token why are you running again joint command the master
getting it i just what's the mistake you did you're not supposed on the joint command in the master
okay so can you do apply that network yeah that network command hyphen f enter yeah
charles you need to repeat the steps again because of something you've done on the master
so you have to be careful yeah so can you not sure what to do now okay let's do the last step
again enter reset hyphen f and force cube adm reset hyphen f and force
enter did i understand what the mistake you did on this mission now charles i have to get the
token don't run the token on the master so now do a space in it same thing here do a
suppose do a reset and all the missions and do properly is it okay yeah please what you're in
i think uh others are we good till here is everyone master ready now are you able to create part
please confirm gene is good
yeah which one who's this speaking generally uh yes one example okay understand understand understand
typing clear type here typing again cubes will get parts type in a more wide
and the same command yeah yes yes now do a cube ctl describe cube ctl describe type in cube ctl
please type yes cube ctl same command yes cube ctl describe r i b e no no no
c r i b e space pod space example spelling is wrong can do control c typing clear can
show the command what you ran use the apparel apparel again apparel apparel show me the command
one second one second okay let's create new one more part okay let's see it's very simple
cube ctl make it to see that let's add a new command now clear the screen typing clear
or do control c do a control otherwise cube ctl see what you can do is you can use like this
remove this remove this that's it completely but typing a l a i s a l a l i a s space k
equals no no space cube ctl cube ctl yeah and now it's the new one let's try a new one okay
okay run give a name as test this time test and give a different name for the for the pod
test or something space hyphen hyphen image hyphen hyphen image equals nginx inx let me say you did
before this is nginx after g it is i x enter enter now do a get pods get pods get pods a
get pods hyphen this is running so the biggest of the message okay fine a team okay charles i would
request you do the break properly the steps it must be running in we got it type twice to properly
clear okay let's see the step what is happening to what i need to do now so you know no no no it
will not work because your master is corrupted you have to do a reset again please do a reset again
on all the nodes on the master working is fine do a reset on the master cube adm reset hyphen
and then do it okay i'll help you out i just uh charles i'll help you out the break now so you
want to hold others going to take a break now short break yeah so so we'll take it because he's
still doing the lab so let's say 15 minutes here i will come and explain other things okay
fine charles so now once again do a cube adm reset it what did you do now one second
okay press enter in it press in it enter present now please do the steps and listen and tell you
okay i tell you what command run next month is done okay now in the chat don't anything else
in the chat i've pasted three commands run the three commands on the master choose yes choose why
choose why why why why and okay wait now now paste this command the chat which i give it to
one second did you apply it yeah so now paste the next command with again the chat yes now copy
maximize this window copy that open go to your worker one worker three worker three
we didn't copy completely yeah go to worker three right click and paste
press enter okay type in cube adm you didn't know nobody said before cube adm space reset hyphen
hyphen force space hyphen f and force yeah enter don't anything now okay now paste the token again
right click paste enter okay now wait so now go to the master so you can make it simple type an alias
al ias k equal to cube cdl k alphabet k just type in alphabet k k k equals small small k
equal to cube cdl k u b k u b cdl enter yes now get notes like this type in k space get space nodes
k get nodes k one space and get node enter okay now go to the worker three four do a cube okay i
think done the token copy the token and paste it just right click i think called copy this right
click in your worker four paste it enter okay do a reset cube adm reset hyphen f and force
enter spelling is wrong enter right click and paste the token now go to the master
run the same command what you ran before yes enter right now we'll do one more command k
k run k space run space test hyphen hyphen image equal to no no images images not images equal to
ng inx ng inx i nx enter enter now k get parts k get part hyphen o
space hyphen o space white w i d enter all good okay okay we'll take a break now and come back
yeah welcome back to this so now let's go back to the document and we're not we skipped 10
steps in the documents open a notepad and the last one let's run this command because if you want
to make a short form of alias once again not able to make it small of course since i'm scanning the
screen i get confused okay okay the challenge so many screens i'm seeing from the morning okay
sorry for that yeah so now i'm not using alias because everyone's easier for you so choose alias
k equal to troops etl first yeah so now you say troops etl api hyphen resources
so when you do this it give you all the objects information
yeah give all the object information
so you see components endpoints evens pods all these are the objects
and which api version is using you see in the next column which api versions
the short form this is a part of this whenever you want to know which api version what are the
object the nicknames we use the k cubes etl api hyphen resources now you might want to understand
more about any object so what you can do is you can use troops etl explain and like parts
and that will let you know what exactly this object what is it what the api version
what fields are supposed to use is a piece now if i open the part for example let's show a lab
and now i open the lab for the part and now you see a syntax of it a syntax says api version
kind metadata so now when you see the sin the explain output you can easily start writing in
the pod yaml file it says api version so it's your field it is required api version so api
version is b1 kind is pod the fields you see api version kind metadata so metadata means name of
the pod and the specifications so whenever you want to understand what exactly the object
and the syntax of it tubes etl explained the object name are we good everyone
yeah yeah so this is how we get started so in brief about this lab we learned about how to
install let me summarize this lab we first created three machines we already have three
machines in our use case we set the host names we installed utilities initially
and then install the main components and be able to all good okay
now what are namespaces the next topic what do you think in namespace what could be a namespace
anyone was right this is your diagram you tell me what would be namespace sorry are you talking i
can't hear okay nobody's talking fine so what is namespace right now we have a cluster
now this cluster resources has to be used by two teams so we want the resources to be separated
so within the cluster this could be project a and this could be for project b and if users a b c
they are working in in your office they're working on the project they get access to this namespace
like namespace one there are developers or users working on this project they get access to this
namespace like ns2 so each one cannot see what is happening in the other project this logical
separation of the resources within the cluster is called the namespace and inside this
administrators can define what you all can do how many parts you can create what you can do to what
level you can do this one namespace so we use namespace for logical segregation and you can
also define what the users can do inside the namespace are we good when you install kubernetes
it creates three namespaces now could you tell me the parts got created in which namespace
anyone in which namespace the part which you created the example in which namespace got created
let's see namespace let's see this so why use namespaces they use now let's go and see
how do you work with namespaces or resources there are two methods either so i will first get
the namespaces or i can use the nickname namespaces i mean screen as so these are
default namespaces already created now can i do a describe so if you want any specific namespace
i say get ns start form or i can also say default the namespace name i want to see what exactly
the namespace and use get if you want to get more information i can use work describe describe
namespace and the default so when you get of the object type will give all the all the objects
under that object type if you want to get any specific object then you mention the name of it
you want to describe you say describe the object type with namespace and the name of the namespace
these are the graphs now can we create so now when i do get parts you see that it doesn't have
you're not sure you want to know which namespace it is so when you don't mention any specific
namespace it will get created in your default namespace now for example one different different
namespace i can say get namespaces namespace equals cube hyphen system this will show all the
parts in this namespace
that'd be good if you don't make any namespace it'll always go to your default namespace if you
want a specific namespace you have to explicitly call the namespace are we clear for some reasons
one of the parts are going down that cash flow back how do you create a namespace now
so i can create namespace by create
namespace short form and ns and i can give like a test you got created how do you check it i can
do a get ns you see this created you see the information about it i can show a describe
ns or namespace the name of it
i'll give time for your lab this one method other method is i cannot use yaml file i can say vi
the yaml name file name insert mode the first line is api version colon one space
v1 next kind colon the type is namespace enter now what is the name of it that will get imagined
metadata metadata enter and give two spaces you have to write yaml like this v5 version
colon one space v1 kind one space metadata so i want this file so i save this file
and i can either use apply or create so i say apply which in which file name
hyphen f and the file name i will go and check what got created i do get ns and you see this created
this is how you work with your kubernetes yaml files either you can use the imperative method
command line or you can also use a yaml method so now for example i do not have a yaml file
i want to see what is exactly happening inside a pod for example and say get ns or namespace
and i can also say example hyphen o and the yaml format so i can see what is happening anytime
for any object in the yaml format so now i can see the configurations
and if you want you can also copy this to different yaml file for example i want to
rewrite something like this i can copy different yaml file you'll get copy the contents
and then i can open the three dot yaml file for example and i can modify the contents
like this we can play around are we good
okay now i want you to do a lab so go to labs under needs and pods lab one play around
the first part yourself till don't do resource quota try to create play around till here
but replace the name with the name what you want to give
please play around with this module two labs lab one like you but next inches and points please start
some firewall or something is there in the back end something is crashing of the service
is all good for you i did not get you see the same for me crash to backup okay fine
but please proceed let me check the back end something coming blocking or something let me check
do the lab
yes are we good okay okay gene a good next step i have not talked about the quota
gene sorry gene can you hear me gene can you hear me
we still not talked about quota i'm still not talked about i told you this dude on the namespace
first part yeah just hold on here no problem others just create the namespace okay we're good
chance we good chance do not do these resource quota just do one the first part that's what i
told you not talked about this okay now let me explain so team uh can you do a hyphen o y is
it happening only for worker one let's see for which one node run this command and tell me on
which node are you having the problem get bots namespace system why me on which node you see this
is worker one or on which node you see a crash loop back
okay one others that is running at least crock is running for you right now
okay okay let's see let's figure it out i think we are to again i'm not sure why is it having
one new and worker one sometimes it's really strange okay so what about you ck
for you also is working on worker one
okay fine let's see uh next let's proceed uh so what is this was quotas now let's consider that
we have two teams let me explain this now let's consider that now we have two projects was it a
and working on project b and they are using namespace could be namespace one and namespace two
now total cluster resources were 100 vcpo it was had 100 gp ground trust resource
now if this team or the project one consumes all of them then nothing would be there for the
project two understanding are you good if project one consume everything in here then project two
cannot do anything because they need some resources so this is where we can get a certain
quota that for this namespace maximum is 50 vcpo 50 gb ram and again 50 gb these things so we can
define some resources like cpo with memory disk storage we can restrict it by using a
quota there is one quota second one is you can also restrict the numbers that in this namespace
the team cannot create more than 10 parts in this namespace cannot get more than 10 parts
so we can define resource quotas both on resources as well as the number of objects what could be
created in that namespace so very special namespace so namespace resource quota is all about
managing resources example this is my use case there are two teams so now i want to allocate
like this so i define a resource quota that you cannot go beyond this because there's a requirement
for both of the work so i have to be careful when you work for production because in live environment
it could be more users keep on coming in so be very careful in different resource quotas on your
live but for testing you can play around but for live very very very careful because
because of the resource quotas they cannot create some resources so for production you might want to
say complete or you might want to be careful you can just fix it yeah so let's do the lab in this
the second part explain and i want to do yourself okay now i'm creating a namespace and in this
namespace i want to restrict the resources so what i do i would create a resource quota
then resources and then apply it while applying it i'll mention the namespace so this resource
quota applies on this namespace i'm going further i will go ahead and get the resource quota and
observe it now i create a pod first time this is within the limits so what does request means
request means what you're assigning it and limits means to what level it can go later
it'll work now i'll go again check now what i do i'll again create one more pod
right now it is has six and is used i have only 400 so now i'm asking for memory 700 but we have
only 400 so you see this i'm asking for more it will not get created you get an error message
are getting it everyone let me let's see a documentation so let's me i just want to
give example first so that it will be easier for you to understand and then to go reverse
i go to resource quotas and type it so resource quota defined by a resource quota object provides
constraints so you can define it for limits or request request in Asia and limit system maximum
we can do it for storage we can define it for objects numbers that don't create more than three
pods four pods like this we can define and we can define for all these config maps we can define for
pods we can define for resource quotas services for all these things so very brief these are
important one that you remember we normally define resource quotas for number of pods
we define resource quest resource for cpu memory all these are important ones yep
understood the use of resource quota now start good it is across the cluster namespace cluster
yes so example if you observe this output what we ran in here you see that the namespace of this
your cube system it is across master and all the nodes getting it so namespace is part it is not
specific node it is for the cluster okay please do the lab you're okay to do the lab yourself
do the remaining one do till here completed let me know if any questions
in the middle of checking for the lab the backend issues complete this let me check
what is happening in the backend okay
because for example uh they're able to create a cluster but on one node the two proxy and vnet
sometimes goes to crash to back off all the pods are running is there any any file or something
is the storage anything anything better than eight something
okay
i'm back
charles are you clear what to do the lab you're good okay yeah so i'm checking
what could be done for your question you can ask me and help you out
team uh excuse me everyone so on your work of one remember this is the work of one which we
use for your docker lab correct everyone so we do a ls you see additional files are there
word project one and snap are getting it so do a ls and you see some files so many files are there
you see some files so let's remove some folders so i can say rm hyphen word
we can also see rm hyphen rf snap and also remove this project one
because the space can be the same mission we can still extend but i just want to ensure that
before it does this remove the folders rm minus rf and the names of the folders are you good
and then check on the master does it improve
you
are you done
remove the additional folders that's fine that's fine
will it look little that's fine does remove the real folders word snap one and project one
okay so namespace lab that quota lab is done okay ck uh you want to remove the folder rm
okay good did you get it so now let's do together one more lab in namespace quotas together now
so now next lab the link is there on lab one this is done done go down let's do this lab together
you tell me what's happening this lab i want you to answer this please
what is happening in this lab access the browser the link and please let me know what what exactly
is happening in this lab anyway yes that's it so in this we're trying to do deployment not talked
about it we'll do this later so what we'll now do is we'll just apply this and try to manually
create a part in the same namespace do a manual method okay so go ahead and do this one don't
deployment method do a manual method just still not learned the other method so for example i
create a namespace so for example has home in needspaces so i want to apply it on test namespace
so i'll say resource quota dot yaml and i paste the yaml file
and now
while applying it be careful you have to apply the specific resource code the namespace
namespace equals to test any namespace which everybody
get resource code task and you can also see 202 so i can say part one
yeah create one more part
the same namespace
but create that part it must give you an error message
have a good
that's a small example in the dog that link they give you a deployment not talk about deployment
in which i can create multiple copies there is a manual one so you can use any namespace try to
create do not get third one because mention the numbers that not more than two are we good so this
is how we can restrict the resources as well as the numbers on a specific namespace good
i'll wait for you
yeah you're good then your one second your namespace is test it is equals to
test one and hyphen as an image
use our power again and the same command make it to two again try third one
it is equal equals no colon not there under before engine x yeah there's equal
they still have an end or namespace namespace yeah okay what happened to apply the quota you're
doing a small mistake do control c do apparel use apparel type in apparel apparel once more
once more you see a space is there before the quota
yes now done it again once again let's do a different name okay that's fine yeah
now do get parts do get part before the next step do it get for enter so use a different name
properly so test pod one three start from four now because made a mistake we did not get it
four five six first do a four check that the property gets created first do get parts
i can see it do you see the output is running i can see seeking type it clear please
type in clear get parts enter what happened no no no no no you're supposed to mention the
namespace
the mistake from that time okay sorry uh get parts no no no get parts this is a para again
refresh so you're getting greater the same command what you ran before just run the same
command and see you just got created the four no no no okay fine do fine do fine yeah
yeah yes yes the mistake are we good okay fine this is about your namespaces any questions
everyone the now what do you do now let's go and delete this it is only parts let's delete the
parts which is in here so say delete parts and mention
hyphen hyphen namespace equal to cube hyphen system
okay so you can say delete parts hyphen hyphen all
run this command let me give the command a chance
use all and do also also use the namespace because
here it's kissing so that the process will come up now do this command and now when you see
all namespaces hyphen o wide and your webnet must be good now let's wait
just trying to refresh okay
and also delete the parts in your default namespace
run both these commands
and then check in this command so that we are good now whether
you see it is running now whenever you do something delete it because space sometimes
any reintex in the storage are we good now is everything running now
you see the error
it gone
okay fine
yeah these two you can skip but others you can find okay let's proceed
that's fine the last one is crashed that's fine we're talking about the main command getting it
the main was important the main master everything is running others that's fine
okay so because of the storage issue
next topic is parts let me now talk about the parts what are parts the parts are inside the
namespace the parts are inside this is your namespace and inside this is your part and
into the part i have two containers example it looks something like this a part can have one
container or multiple containers the example of a node in which you see that it has multiple
parts through single container or multiple container let me let me maximize this so when
you see this diagram this is your node for example the node has one container or multiple parts you
can have these are node loops yeah this is your node like a worker node and your one how many
parts we have in this how many parts we have in this diagram four parts and this part has one
container there's a two containers some storage still normally you can use the outside and these
are three parts two country containers so they all use the same IP this could be on port 80
this could be on port 8080 this could be on port 8000 so all the containers in the part
they use the same IP but exports on different port numbers so we have different types of part
we can we can have two containers in here could you tell me why are you are using two containers
why not one why are you talking about two containers why not one what is the use case
so this is an example of a website this hosted so if a node the storage is the volume is on the
node i have two containers which is file pull on the web server what is this using this for a website
it is facing the customer website and this is what is it gets in some images from internet
and downloads the images from internet and save this in the shared volume the same volume is
shared across the other container it picks up the images what has been done and it will show in the
website getting it everyone so any part remember that there will be one main application other one
would be helping the main application because if this needs to do both the work it might be slow
performance issues so we use multiple containers in a part wherein you have one would be a main
other would be helping the other containers and they can have in a common data to be shared
using a volume this is how the port works it's not a mandate that you have two part two containers
could have one two three is up to you but we do not want to mix multiple applications with one
for example in this example i have a shared volume with my one other one is used for log
sealing the logs you can have something like this in which i have the main application there's a
proxy so whenever it has to go to outside world it goes through a proxy and i'm not installing
proxy agent inside in a separate container we could also have in some like this so i'm
having monitoring agent inside this this is going to get in all the information and push it or
with a log to some monitoring tools so we separate containers for making the work much more easy
in which you have main one yeah so question for you so can i have in a pod both a web and database
is a good use case in a pod is a good practice to have both web application and database in the
same part what do you think anyone tomorrow for example you want to give access to someone you
give access to a pod correct for example your developer front end developer you give access to
a pod now the he's also getting access database getting it understanding this yes no so he cannot
give access database for a front end developer are getting it because his work is only for
writing the code the front and on the back so always do not mix multiple things so make it
very simple we have one main application and then the other containers and they get in the ips using
the cni now let's do this no good okay fine now let's do the lab two i'll explain this so lab two
we can create a pod simple example one name you can do the engine x or ignore use or you can
use htpd so you can if you find it difficult that you can also use one more image which is
htpd any medic in most so i'm trying to create a pod and then seeing the yaml file of it
sometimes you might want to find the pod id use the syntax you replace the part name the part name
what you created let's play around this let's play around with this command but you get a different
part and get the pod id
the name and you can also give a different image name
and get the pods with an old white
is running
pod and the pod name hyphen o and yaml and see the config what do you want to see in the yaml
and also find the pod id play around
that's fine okay uh charles what you do is do a get pod the part name hyphen o yaml
and so now you can say config in the yaml format so when you want to know what exactly is in here
you can go ahead and see the details of the pod what are the fields what does it have yeah
okay try to get the part id the part id modify the name of the part name in the next one copy this
in this command replace your part name with the part what you created
and copy it and run that command replace the part name with your name name of the part
so this is your pod id sometimes when you do some operation you might require a pod id
this is how we get in the information using a JSON path we good we can stop till here i think
any questions team of nine spaces resource quotas and the pods what it will till now
any questions okay uh so is it 12 30 this is your lunch time correct will be 45 minutes or you need
one hour break what are you asking how much time required one hour 45 minutes okay so you have to
cook and eat is that okay no problem others one hour is okay everyone more than more than happy
yes are there any questions team so are we doing good are you understanding the concepts are you
comfortable now with using the commands and not getting hang of how do you run the commands are
you good okay okay all right so we'll be back by your time 130 yeah break till 130 pm you can
also come early and practice also your wish yeah break to 130 pm let you remind me to start the
recording some something forget to start the recording once you come in case you forget it
please remind me and right now was in the recording thank you thank you
on 2024-12-16
language: EN
WEBVTT
we're going to install this and we have a script. The script is going to install
configure, kube-let, others go ahead and say fifth step. All the self-container B which we saw
the plugins, the kubelet, kube-adm, all these is part of the script. You write in the script
and then we run the script, making permissions. Once the script is run, we observe it and then
version of kube-adm, kubelet and kubes-atl on the master.
Yeah, let's first do the step. Let's go step by step. So for this, open the document,
start from the third step, three, four, five. Fifth one, file name, all these must be in the script,
starting from curl till this step. You see before
all these steps, before wq, you have to copy the script, save it and then we say run it,
permissions and then run the script and then you observe the outputs. Yeah, let's get started.
Host name, cpl. This is the set of host name.
Like master.
Now how do we confirm that this is working? So we can type in exec-master.
Now the next step is we have to run those commands.
Run these two commands. You can also copy multiple commands at once,
copy both the commands at once, copy it and run this.
You can copy both the commands at once.
So this is going to update and it's going to install the utilities which
are required for you to download the kubernetes repo.
Say okay. Say this is okay. Let's install this.
Press enter on a keyboard.
Just press enter, enter, enter, enter, enter.
We're good everyone. Okay now the next step is we have to write in the script. Yeah so
vi any name so like contain any just the name and contain any dot sh so I'm writing a script
to install the software easily. The vi the name of script and the script name could be anything
which have to you and press enter. Now press R.
Start from before copy from this command before and copy till this one.
Fs tab swap fs tab copy till there and just copy there just right click and it'll get pasted
or you can paste it open to one okay click on paste and observe again where you get started.
Observe from starting from here. I'll say paste.
So it does from
before till
the fs tab. Are we good?
Okay so now what we do is escape colon wq escape colon wq.
Now you want to run the script. In Linux you have to give permissions. So we're giving permissions
run the script chmod 700 and the file name just use the tab chmod is for changing permissions
700 is your permissions and the script name and press enter. What happened you can also observe
if you do ls-l and the file name it's the permissions the user has complete permissions
read write and execute to run or do any operations from the container it
requires permissions. Now run the script dot forward slash and script name
dot forward slash script name and press enter. Does it run?
I think good.
So it's going to configure you can observe in here it's going to download
container. It's going to install cubelet. You see it's going to cubelet
Kubernetes packages. All these are required we're going to do all these in the script.
Click enter.
Now confirm the versions of each one which we installed. So first one is container d
so container d hyphen hyphen version.
Next one is cubeadm version.
So we're installing 20.
Now also check cubelet hyphen hyphen version
and also cubectl space version.
Right no no no it is cubelect hyphen hyphen version.
It will give you a space let me check it's all it must work fine let me just run the script.
One second one second one second so do ls.
Can you do a cat cat yeah just type in co and tab type in co co co co
c for char yeah tab press the tab button dot sh yeah yeah let's see the content go up
use apparel go up okay i think good type it clear type clear okay type in ls hyphen l
is hyphen l yeah enter enter all good can you do a dot dot forward slash yeah see yeah enter
let don't do anything let's leave it off don't stop press a is it done you can see
choose yes choose yes
space hyphen version good cubadm space version no hyphen hyphen
no hyphen hyphen for this just cubidm space version yeah enter
good now cubelet hyphen hyphen version or cubectl version cubectl space version yeah
cube cubelet space hyphen hyphen enter yeah now cubecctl space version cubectl
cubectl yeah be bectl c t l t yeah no no again hyphen no hyphen for enter okay you're good
okay others you're good ck together message like connection last one is fine to go over later
okay what about chance what's happening okay good fine let's proceed now the next step is
we have to do a very similar step on the worker nodes yeah so what you can do is
you need to play around in here be careful so you can again click on the terminal window
the terminal window does it open one more screen everyone
yeah to click click the terminal that is open one more screen is student user
yes now login to the first machine
and type in the ip of the first one
so
till here
now in the document now go down and now we are the steps what is supposed to do on the worker one
same steps we are going to use worker one the script and confirm very similar steps
so i think one step is i'm not sure for some reason cut once again before you go to next step
is one step you see this cut for some reasons this step is i'm not sure how will it get cut
let me again update it so this step the full step so can you update this in your worker
session after hostname copy this and a worker node session some reason is not
here so you can make it four the next one is fine do app get update install and then proceed
but do this in both the working nodes first one make it work for one other one make it work at two
run the script it will you're not installing cube
let cube ctl in this not be you're not installing in here
so once it's done and confirm the versions of everything except the cube ctl
charts any questions and the script now dot dot forward slash and the fire yeah just type in co
and tap yeah and okay something given wrong uh let's see why is it happening
we're in some mistake char what do you do see some error let's see uh can you type in hostname
type in history please type in history one second come down come down what is that
i did the demon reload chips 1991 what is the purpose of this was it there the document okay
no problem can type in hostname just type in hostname let's proceed uh confirm the versions
contain any all of them and then we should confirm the versions of all the software all the steps
are we good with uh worker one everyone
make it as worker two and proceed
yes yes the other machine make us work at two
clear
same things except instead of welcome i go to work at two that's it no commissions
you
okay i think we're good
yes
yes
on the master machine type in cube adm space in it
on the master
money on the master
and it's easy to measure your components is putting a service
it is creating your specific part you see a base server getting all your master components
it is like screen like this is confirmed
okay uh once again uh you're all good so now what you do is
copy the token the last two lines the last two lines copy this to notepad
copy that to notepad highlight it copy that to your notepad
now the next step is you're supposed to run the next three commands the documents go down
here to right click right click right click and click on copy
so what you do is this is screen like this so use your mouse and your keyboard
and then highlight like this and then right click and copy
it would good now yeah you're not able to paste i using a laptop of office
okay uh uh why what happens okay uh can you paste in the chat history
let's check with the area to face the chat yeah the zoom chat check where you have to paste
where in notepad okay fine so let as you can already be the zoom chat okay
i don't see it yeah is it to this side okay okay let's uh do something uh okay we'll come back
i'll resolve this let it be like this let's proceed okay now okay one second on the desktop
of where logged in do you have a notepad one second are you trying to copy to your laptop
or you're trying to paste it on uh your uh desktop which one you're trying to do
where are you trying to copy to your laptop or you're trying to copy to
the Ubuntu desktop which one you're trying to copy
okay if not uh i think so do we have a notepad or something in here one second to just confirm
okay can you right click in this box this will create document
this is this in this desktop right click click on
okay thank you yeah okay now the next step is
we have to run in those three next commands so run in these three commands run these three commands
on the master just copy and paste
yeah yeah yes
okay
i'll do a copy properties once again
okay now type in cubes etl hyphen hyphen version
run the command type in cubes etl no hyphen hyphen version now you see that the error is gone
before you got error message it means it is properly configured now everyone are we good till here
yeah good step i mean chance no no no one second one second uh see uh
don't copy this command uh what are you trying to do why why are you running these commands
type in clear i'll help you type in clear please type clear not even do anything do a control c
yes now copy the three commands uh the next uh mkda three commands i gave you are you understanding
which come and talking about let me give the chat the chat i'm going to paste you run just copy
those three commands yeah the chat i give into you just right click and paste yeah click paste
enter yes so now what you do is type in cube ctl
cube ctl cube cube kube ctl space version
fine so now what we do is next command run the apply command run the apply command everyone
let us say it is added
okay then good uh gene what's happening done okay ck chance it will do it come on
it's been the chat just right click and paste it enter yes okay so now what we do is check if
your master is ready so go ahead and do cube ctl get nodes on the master machine cube ctl get nodes
is it ready okay fine so now what you do is you have the token now except child and help you out
others copy the token from your notepad complete token and run the token on your
worker nodes copy the token which you have done before and go to the worker machines
and paste it
and press enter do it on both the nodes
it'll get added now go to the master and again do get nodes and you must be seeing all the nodes
up and running
happy good okay yes chance now uh let's be explained explained are you what are you going to do now
one second one second what to do now so close this so now what you do is you can run the command
run this command now run this command running it command we need to get a token this one
copy from this no not from there start start no start yes from that no experience
complete starting not unless yes yes k is missing k k yes right click
copy now go to work one worker one machine maximize
the same other machine you did some mistake i think you did some additional steps what did you
do now before the work initial worker node something you've done some mistakes
okay let me figure it out so can you go to worker one machine maximize the worker one maximize so
can you do uh can you run the command again host name cpl once more host name cpl no no host no no
host name ctl is a single word ctl space set hyphen host name set set ct just no hyphen dead
host name ctl one space set hyphen after set no space after set hyphen host name space
worker one enter yeah type in exact bash exe c space bash enter now use the
arrow keys on your laptop no no no okay come down come down
run the previous command use the app press the app arrow where the prompt yes yes yes yes once again
no no no go to the same command please one second press enter okay so okay charge unit tell me what
exactly happened initially something you've done some mistake you're done can you type in container
d hyphen version container d space hyphen hyphen version enter okay so can you do cube adm once
again cube adm type in cube adm cube adm space reset space hyphen hyphen hyphen force hyphen
enter okay now type in uh okay now run the script again dot forward slash container d
just type in c one tap tab press the tab use the tab yeah enter so you're getting at this item
what did you do something you did before choose why choose why yes why type in y type y enter okay
now run use the app arrow use the app arrow and try to join again please use run the join command
again the join command join command the previous model ran use app arrow press the app arrow
not here yes press the app arrow key key on your laptop on a laptop press the up up key
or up arrow key yes yes can run it once more okay i'm not sure what has happened something you've
done uh okay can you now uh i'll give you two more machines uh can you do on those two machines
instead of these two worker nodes yeah you can close this worker one worker two and close these
i'll give you two more machines in which you won't do these steps slowly is it okay
okay so now the other two machines in which you want to play around to check if i able to log into
this mission and this mission log into 193 not here come back to the student yeah and the student
sorry charles can you minimize the master minimize this no no don't close it minimize
i mean you have okay maximize this no no no maximize this now maximize maximize yes now
once again no no you're right window once again now type in cd cd yeah yeah enter
ssh hyphen i name key dot pimp p dot pimp p m paste open to at the ip 54 at
54 255 54 54.255.235.193 press enter choose yes okay now do a pseudo pseudo hyphen pseudo su
sudo after sudo no hyphen is su is hyphen enter type in hostname ctl
hostname ctl space set hyphen hostname no hyphen set set set hyphen after set one hyphen
yeah next after hostname no no no this is the mistake you're doing i think
very careful control c what's happening you can't see that been clear please
type hostname ctl space set hyphen hostname space worker space worker one
no i think once again right so can you use apparel again use the apparel press the apparel on your
laptop press make it three now sorry make it three so one make it three enter yeah type in exact bash
yeah so now run the write the script now the following steps now properly then do it now do
the next command document this wait for five minutes just finish off this troubleshooting
yeah copy these enter press enter enter yeah now vi do a control c i can see it do a clear
typing v i contain a d dot s and change the script which is there under the worker node session the
complete script okay one second can you go down go up go up in this document or go up up up
up still up once again once again okay go down in that last last line last line
okay now click on paste yes escape colon wq escape colon wq again do a cat of this file do a cat
cat cat the file name space container d dot sh space just type it tap with the tab enter okay fine
ch mod type in ch mod 700 ch mod space 700 the file name space just type in yeah enter
dot forward slash identity yeah enter so now you see that you're not getting error
before error message of the hostname or something but i miss a last time the problem okay is it
24 other him or others the voice is not clear okay fine okay fine i'm making uh press enter
press enter press enter okay so now go to the master go to the master mission yeah
maximize copy this token from the start no no yeah now go back and paste this
not here not here on your worker worker three right click enter it's working now
so do the same on the other vm also here the new one okay be careful i think no no not here now why
are you again coming in here not a worker one go back to your terminal is it terminal is it yours
one second is it yours which terminal is this okay now good yeah close this
now again click on terminal not this one in the terminal doc yes yeah yeah yeah yeah right
that's fine yeah now do it quickly let's see finish off let's just uh do this go to cd location
same steps uh they're supposed to use the next ip the ip which i gave it to you was uh 227 clear
yeah yes you can go like this choose yes yeah pseudo so hyphen so space hyphen enter
what's name cd
space set hyphen hostname set set set hyphen hostname hostname the end make it as worker for enter
yeah exec bash exec bash enter now run those two utilities get update and
installing the certificate yeah enter enter enter enter yeah bi container d dot sh container d dot
dot sh enter page script insert mode i yeah page script yeah come down come down
come down come down yeah take paste yeah escape colon wq ch mod 700 space
once this is done the meanwhile uh can you go and have the token copied in the master again
have the token copied maximize copy from the start yeah which will come okay copy it yeah come back
to that node press enter enter right click and paste as enter now go back to the master type in
group ctl get notes ctl cube ctl cube ctl space get space nodes enter all good yeah
so remember which machines are supposed to use worker three and worker four
clear not work on worker two clear okay so the message is i think we're doing the
i think you missed on that enter or something when as a kernel
remember the screen we got might be you made some changes in there and hence it's not able to it
has got corrupted the kernel something yeah so you'll not be using those two machines now
we're using these three machines clear okay thank you others are you good to understand
how you troubleshoot so you also why i'm telling to install it because when you want to install it
you know how to install it and also to troubleshoot but if you just get the
software sometimes you'll not understand what is happening in the backend are we good till here
everyone okay fine so now observe what the next step okay so now how do we so you can also use
a nickname so we use alias so alias in linux is to make the command easy so we can say something
like this so instead of complete i can just say k
the two use alias give a name short form and mention it so that you're not typing everything
because we make mistake in typing cube ctf okay now one more command next command i'm doing all
the commands as per document this is still here it is done is all we have done these are all we
have done so now let's run this command get pods all namespaces get pod all namespaces
hyphen o y so this is going to print all the pods across all the namespaces in a
wide format means in a full information so that you can see all the information
yes you see this everyone
so what exactly is doing showing you is showing you the pod names so again
showing the pod names the namespace this is the pod name how many containers this has one container
one is running this has two contains running for some reasons this is going to crash to back off
not sure is it working for you everything fine
the crash to back off is it
oh okay let's see why is it happening uh not sure network wise
so getting errors for proxy okay let's see next one uh you also see restarts and the pod names
this is a pod i piece and this is your name on the node this is a pod i piece let's do a small
example let's do a small let's try to create a pod so you can say run cube ctl run give a name for
the pod last command and give an image equal to indianx
the last command let's get this pod let's look into this later just try to create a pod right now
run example for indianx and now get pods
hyphen o y
and it must create g of pod
because getting some error is it working for you all
or no
sorry minus pending because i think
yes gene no no no it must it is not okay there is some problem if it is crashed over this some
error we're getting everyone okay let's see why is that it's running for uh what do you call
who's this last one charles he runs for charles perfect now so what's happening
the scene says we did but runs for him what's happening okay let's uh
not to why it's happening seems to be followed for others let's troubleshoot
let's do a describe the pod
okay
so let's do this uh let's apply the network once more apply the network once more
the nodes are ready apply the network once more
okay and see the status
same
and let me do this i'm going to do uh
master
and then again do it in it i'm doing a reset
try to do i'm trying to do a reset just to check
then all the steps are same i'm sure radium reset right force
and follow the steps again copy the token
to a notepad
and run those three commands
is all right
okay so now what you do is reset on the worker nodes also
and join the new topic
you
this running is working to do properly again it's working please check
yes
yes everything you're doing a reset thing reset on the master reset on your worker nodes
and do everything from the reset step clear
okay let's see for others but you have to do a reset on all of them gene hope you understood
do a reset what i'm trying to do now understand so you're doing it now again after you do a reset
again do a init and then apply it yeah to be in space in it to be in space in it and yeah
wait for all the steps the same process steps you're supposed to do all on your worker nodes also
do a recent different force you do reset have different force on the master worker nodes also
of the token of the token okay ck what are trying to do you radium reset
cube adm reset hyphen hyphen force reset space reset space hyphen hyphen force yeah force force
force yeah yeah
after you do it again do a in it again the same process and do any test same on the worker node
also you're supposed to do a reset and get a new token and the two charge you're good right now
who's talking now to me says why are you doing this we're all good you did this i told you all
good correct i told you all good all are running okay type in cubidium space in it
i do not for you for others because if you see now on the parts running before
yeah cubidium space space in it yes enter same step is supposed to do do a reset now
on a work worker also to be adm reset hyphenation force after this is done
follow the steps we sit on all of them
copy the token and run this token adm space reset hyphenation force and all the missions
is all in the chat and then join again before master you first do this on the master you
run the three commands uh junvi mkdir that cube ctl after you do a in it you also need to run those
three commands of mkdir all the three commands for cubes it's a cube ctl first with the
confirm the master is ready did we got it you're supposed to you're supposed to run the three
commands the mkdir cube config and ch own the master the master after you did a reset you need
to run those three commands remember that mkdir that sudo scp these three commands so first all
this check the master is ready and then you want to join first ensure the master is ready yes after
yes choose why choose why why why type in why why why i think this check it i'm not sure uh
okay proceed now next again paste it enter choose why yeah enter so now paste that apply command
apply apply hyphen f network the network which you added we've met the last line master okay
go back to your documentation see apply command for network adding here let me give the comment
a chat i am giving the command the chat yes i paste the chat right run this command yes first
check if mass mass must be ready do a get nodes to see it'll get notes to ctl get nodes first
ensure the master is ready and then add the token yes now go and add the token on the worker nodes
repeat again ensure the master is ready run in the cube serial commands apply commands and then
go ahead and run in the token on the worker node okay miss the token you can also run a new token
yes same for what the two was yes now go to the master
she will get notes yeah this is there anyway just do it cube ctl get notes once
get notes yes you're good now now dedicate a part dedicate a part cube ctl k run k run
run space example hyphen space hyphen hyphen image equal to indian x indian x
and it will get created okay are you good now jane no no no spelling is wrong it is syntax is
wrong after example is spaced and after image equals it is equals not colon enter yeah now
do a get parts troops it'll get parts for parts parts then remove that just you see it will get
parts cubes etl get parts hyphen space hyphen o and by it also which o o alphabet o space wide
no hyphen again before yes yes enter it is running everyone is running now kck all are good
so chance i clearly told you why you're doing all this instead of everything is good perfectly to
perform yeah can you call the token a notepad or what you can do do like this uh once again chance
so can you go to the master to uh master why are you trying to join again on the master please
understand that's over you must no no no no go control c i tell you go control c please do
control c cubes etl get nodes cubes etl get nodes space get space nodes space have to get
nodes yes nodes get nodes e d d e s enter okay okay charge i'm not sure i told you not to do
these numbers i clearly told you why i repeat the same steps fine so what did you do before do
history you are perfectly is working fine the reason told you do not do the steps okay do a
clear so control c i did not the token on the master chance why did i why did i run the token
on the master why did i run it you got the token why are you running again join command the master
getting it i just what the mistake you did you're not supposed on the joint command in the master
okay so can you do apply that network yeah that network command hyphen f enter yeah uh chance
you need to repeat the steps again uh because of something you've done on the master so you have
to be careful uh yeah so can you not sure what to do now okay let's do the last step uh cube adm
in it cube adm space in it again and to be the md set hyphen f enforce
cube adm reset hyphen f enforce enter did i understand what the mistake you did on this
mission now chance after you get the token don't run the token on the master so now do a
space in it same thing you're supposed to do a reset on all the machines and do properly is it okay
yeah please what you're in i think uh others are we good till here master is ready now
are you able to create pod please confirm gene is good
who's this between me uh yes one example okay understand understand understand
run example right i've been clear
thank you again cubes will get parts i can avoid run the same command yeah yes yes now do a cube
describe cubes etl describe type in troops etl please type yes cubes etl the same command yes
cube ctl describe r i b e no no c r i b e space pod space example enter the spelling is wrong
can do control c tapping clear can show the command what you ran use apparel apparel again
apparel apparel show me the command where do you run to create the part please use apparel
one second one second okay let's create new one more part okay let's see it's very simple
cubes etl make it to creative
let's add a new command now clear the screen
that been cleared or do control c do a control otherwise cube ctl what you can do is you can
use like this use the alias now let me use the alias al ias remove this remove this back there
completely yeah but type in a a l a i s a l a l i a s space k equals no no space cube ctl
yeah and enter now it's the new one let's find a new one k k run give a name as test this time
test and give a different name for the for the pod test or something space hyphen hyphen image
hyphen hyphen image equals nginx inx let me say good before
nginx after g it is i x enter enter now do a get pods get pods get pod a get pods hyphen
this is running so the because of the message okay fine a team okay charles i would request
you do the break properly the steps it must be running in we got it time twice to properly
clear okay let's see the step what is happening to what i need to do now no no no it will not
work because your master is it is corrupted we have to do a reset again please do a reset again
on all the nodes on the master wakena is fine do a reset on the master cube adm reset hyphen
fn force do this properly get a new token and then do it okay i'll help you out i just uh charles
i'll help you out in the break now so you won't be hold others going to take a break now short break
yeah so so we'll take it because he's still doing the lab so let's say 15 minutes thank you
we'll come and explain other things okay fine charles so now once again do a cube adm
reset it what did you do now now one second okay press enter in it press in it
enter present now please do the steps and listen and tell you okay i tell you what
comment run next month is done okay now in the chat don't anything else in the chat i've pasted
three commands run the three commands on the master choose yes choose why choose why why why
why and wait now now is this command the chat which i give it to you one second did you apply
yeah so now paste the next command with again the check is now copy maximize this window
copy the token go to your worker one worker three worker three we didn't copy completely
yeah go to worker three right click and paste just enter okay type in cube adm you didn't notice it
before cube adm space reset hyphen hyphen force space hyphen f n force
enter don't anything now okay now paste the token again right click paste enter okay now wait
so now go to the master so you can make it simple type an alias al ias
k equal to cube ctl k alphabet k just type in alphabet k k
k equals small small k equal to cube ctl k u b k u b ctl enter yes now get notes like just type in
k space get space notes k k get notes k one space and get note enter okay now go to the worker
okay i think done the token copy the token and paste it just right click i think copy this right
click in your worker phone paste it enter okay do a reset cube adm reset hyphen f n force
enter spelling is wrong enter and right click and paste the token enter right now go to the
master yes use up run the same command what you ran before yes enter right now we'll do one more
command k k run k space run space test hyphen hyphen image equal to no no image it is not images
equal to nginx nginx
i nx enter enter now k get parts k get part hyphen o space hyphen o space white wid enter
okay okay we'll take a break now and come back yeah welcome back this so now
let's go back to the document and we're not with skips 10 steps in the documents go open a notepad
and the lab one let's run this command request everyone to make a short form of alias
one second not able to make it small who says i'm seeing the screen i get confused okay okay
so many screens i'm seeing from the morning okay okay sorry for that yeah so
now start using a ds because everyone's easier for you so choose alias k equal to cube cd at first
yeah so now you say to cd l api hyphen resources when you do this to give you all the objects
information
yeah give all the object information
so you see components endpoints events pods all these are the objects
and which api version is using you see in the next column which api versions
the short form this is part of this whenever you want to know which api version what are the
object the nicknames we use the k cubes et al api hyphen resources now you might want to understand
more about any object so what you can do is you can use cubes et al explain and like parts and
that will let you know what exactly this object what is it what the api version what fields are
supposed to use these are fields now if i open the pod for example let's show the lab and now
i open the lab for the pod and now you see a syntax of it a syntax says api version type metadata
so now when you see the synth the explain output you can easily start writing in the pod yaml file
it says api version so it's your field it requires api version so api version is b1
kind is pod the fields you see api version kind metadata new so metadata means name of the pod
and the specifications so whenever you want to understand what exactly the object and the
syntax of it cubes et al explain the object name are we good everyone yeah yeah so this is how we
get started so in brief about this lab we learned about how to install let me summarize this lab
we first created three machines we already have three machines in our use case we set the host names
we installed utilities initially and then install the main components
and we're able to all good okay now what are namespaces the next topic
what do you think namespace what could be a namespace anyone was right this is your diagram
you tell me what would be namespace sorry are you talking i can't hear nobody's talking fine
so what is namespace right now you have a cluster now this cluster resources has to be used by two
teams so we want the resources to be separated so within the cluster this could be project a
and this could be for project and if users a b c they are working in your office they're working
on the project they get access to this namespace like namespace one there are developers or users
working on this project they get access to this namespace like ns2 so each one cannot see what is
happening in the other project this logical separation of the resources within the cluster
and inside this administrators can define what you all can do how many parts you can create what
you can do to what level you can do this work namespace so we use namespace for logical segregation
and you can also define what the users can do inside the namespace are we good when you install
kubernetes creates three namespaces now could you tell me the parts got created in which namespace
anyone in which namespace the part which you created the example in which namespace
got created let's see namespace let's see this so why use namespaces they use cases now let's go and
see now when you work with namespaces or resources we have two methods either so i will first get
the namespaces or i can use the nickname namespaces
so these are default namespaces already created
now can i do a describe so if you want any specific namespace i say get
nsx.com or i can also say default the namespace name i want to see what exactly the namespace
and use get if you want to get more information i can use work describe describe namespace and
the default so when you get of the object type will give you all the all the objects under that
object type if you want to get any then you mention the name of it you want to describe you say
describe the object type with namespace and the name of the namespace these are the props
now can we create so now when i do get parts you see that it doesn't have you're not sure
you want to know which namespace it is so when you don't mention any specific namespace
it will get created in your default namespace
now for example one different different namespace i can say get namespaces namespace
equals cube hyphen system so this will show all the parts in this namespace
have you good if you don't make a namespace it'll always go to your default namespace if you
want a specific namespace you have to explicitly call the namespace quickly for some reasons one
of the parts are going down that cash flow back of your not sure let's see this now how do you create
a namespace now so i can create namespace by create namespace short form and ns and i can give like a
test you got created how do you check it i can do a get ns you see this created
you see the information about it i can show or describe
ns or namespace the name of it i'll give time for your lab this is one method other method is
i cannot use yaml file i can say vi the yaml name file name insert mode the first line is api version
colon one space v1 next kind colon the typist namespace
now what is the name of it that is getting mentioned metadata meta
data enter and give two spaces but right yaml like this vpi version colon one space v1 kind one space
metadata so i want this file so i save this file and i can either use apply or create so i say apply
which in which file name hyphen f and the file name now we'll go and check we'll got created
i do get ns and you see this created
this is how you work with your kubernetes yaml files either you can use the imperative method
command line or you can also use a yaml method now for example i do not have the yaml file i want to
see what is exactly happening inside a pod for example i say get ns or namespace and i can also
say example hyphen o and the yaml format so i can see what is happening anytime
by any object in the yaml format so now i can see the configurations
and if you want you can also copy this to different yaml file for example i want to
rewrite something like this i can copy different yaml file you'll get copy the contents
and then i can open the three dot yaml file for example and i can modify the contents
like this we can play around
are we good
okay now i want you to do a lab so go to labs under needs and pods lab one
play around the first part yourself till don't do resource quota try to create
play around till here but replace the name with the name what i want to give
please play around with this module two labs lab one and kubernetes ns and pods please start
some firewall or something is there in the back end something is crashing of the service
is all good for you i didn't get you is he saying for me crash loop back okay fine but
please proceed let me check the backend something i mean blocking or something let me check
the lab
are we good okay okay gene you're good next step i have not talked about the quota gene sorry
uh gene can hear me gene can hear me we still not talked about quota
i'm still not talked about i told you just do one in the first part yeah just hold on yeah no
problem uh others just create the name space okay we're good chance we're good chance do not do
these resource quota just do one in the first part that's why i told you not talked about this
okay now let me explain so team uh can you do a hyphen over wipe is it happening wanting for
worker one let's see for which one node run this command and tell me on which node are you having
the problem so get pods namespace system one
tell me on which node you see this uh is worker one or
on which node you see a crash loop back on okay one others
okay but is running at least clock is running for you right now okay okay let's see let's figure it
out i think we have to again i'm not sure why is it having one new and work of one sometimes
it's really strange okay so what about you ck for you also is working one okay okay
fine let's see uh next let's proceed uh so what's this was for us now let's consider that
we have two teams so let me explain this now let's consider that now we have two projects was it a
and working on project d and they are using namespace to be namespace one and namespace two
now total cluster resources were 100 vcpo it was had 100 gb
now if this team or the project one consumes all of them then nothing would be there for the
project two understanding are you good if project one consume everything in here then project two
cannot do anything because they need some resources so this is where we can get a certain
quota that for this namespace maximum is 50 vcpo 50 gb ram and again 50 gb these things so we can
define some resources like cpo with memory disk storage we can restrict it by using a quota is
one quota second one is you can also restrict the numbers that in this namespace the team cannot
create more than 10 parts in this namespace cannot create more than 10 parts so we can define
resource quotas both on resources as well as the number of objects what could be created in that
namespace so very special namespace so namespace resource quota is all about
managing resources example this is my use case there are two teams so now i want to allocate like
this so i define a resource quota that you cannot go beyond this because there is a requirement for
both of the work so you have to be careful when you work for production because in live environment
it could be more users keep on coming in so be very careful in different resource quotas on your
live but for testing you can play around but for live very very very careful because because of the
resource quotas they cannot create some resources so for production you might want to say complete
or you might want to be careful you can restrict still yeah so let's do this lab the second part
will explain and i want to do yourself okay now i'm putting a namespace and in this namespace
i want to restrict the resources so what i do i would create a resource quota
then resources and then apply it while applying it i'll mention the namespace so this resource quota
applies on this namespace now going further i will go ahead and get the resource quota and
observe it now i create a pod first time this is within the limits
so what does request means request means what you assigning it
and limits means to what level it can go later it will work now i'll go and again check
now what i do i'll again create one more pod right now it is has six and is used i only 400
so now i'm asking for memory 700 but we have only 400 so you see this i'm asking for more
it will not get created you get an error message are getting it everyone let me
let's see a documentation so what does mean i just want to do example first so that it will be easier
for you to understand and then go reverse i go to resource quotas and type it so resource quota
defined by resource quota object provides constraints so you can define it for limits
or request requesting issue and limit system maximum value can go we can do it for storage we
can define it for objects numbers that don't create more than three pods four pods like this
we can define and we can define for all these config maps we can define for pods we can define
for resource quotas services for all these things so very brief these are important ones
that you remember we normally define resource quotas for number of pods we define resource
resource for cpu memory all these are important ones yep understood the use of resource quota
now start it is across the cluster namespace cluster yes so example if you observe this output
what we ran in here you see that the namespace of this your cube system
it is across master and all the nodes getting it so namespace is part it is not the sequence
node it is for the cluster clear okay please do the lab you're okay to do the lab yourself
you do the remaining one do till here completed let me know if any questions
immediately i'm checking for the lab the backend issues complete this let me check what is happening
in the backend
because for example uh they're able to create a factor but on one node the two
is
something
uh charles are you clear what to do the lab you're good okay yeah yeah
so i'm checking what could be done for your question you can ask me and help you out
okay team uh
excuse me everyone so on your work of one remember this is the work of one which we
use for your docker lab correct everyone so we do a ls you see additional files are there
word project one and snap are getting it so do a ls and you see some files so many files are there
you see some files so let's remove some folders so i can say rm hyphen word
they can also see rm hyphen rf snap and also remove this project one
because the space can see because the same mission we can still extend but i just want
to ensure that before it does this remove the folders
rm minus rf and the names of the folders are you good project one snap and word we can remove it
and then check on the master does it improve
you
you
have it done remove the additional folders that's fine that's fine
well it looked little that's fine just remove the real folders word snap one and project one
okay so namespace lab that quota lab is done okay ck uh you want to remove the folder
rm one okay good did you get it so now let's do together one more lab in uh namespace quotas
together now so now next lab link is there on lab one this is done done go down let's do this
lab together you tell me what's happening this lab i want you to answer this please
what is happening in this lab access and browser the link and please let me know what what exactly
is happening in this lab anyway yes that's it so in this we're trying to do deployment not talked
about it we'll do this later so what we'll now do is we'll just apply this and try to manually
create a part in the same namespace do a manual method okay so go ahead and do this one don't
the deployment method do a manual method because it's still not learned that method so for example
i create a namespace so for example has home in needs spaces so i want to apply it on test namespace
so i'll say resource quota dot yaml and i paste the yaml file
and now
while applying it be careful you have to apply the specific resource quota the namespace
namespace equals to test any any namespace which ever you want
get resource quotas
and you can also see
202 so i can say part one
create one more part
the same namespace
particularly third part it must give you an error message
be good
that's a small example in the dog that link they give me for deployment not talk about
deployment in which i can create multiple copies in a manual one so you can use any namespace
try to create do not get third one because mention the numbers that not more than two
have a good so this is how we can restrict the resources as well as the numbers on a
specific namespace good uh i'll wait for you
yeah you're good and you're one second your namespace is test it is equals to
test part one and heighten up an image namespace equals to test
and then use apparrow again and the same command make it to two again try third one very good it
is equal equals no colon not there under before engine x yeah that's equal they still have an
or namespace namespace yeah then okay fine what happened did i play the quota you're
doing a small mistake do control c do apparrow use apparrow type in apparrow apparrow once more
once more you see a space is there before the quota
it's now done it again once again let's do a different name okay that's fine yeah
now do get parts do get part before you do next step do it get parts
fine so use a different name properly so test part one three start from four now
because made a mistake we did not get it did not get created
four do a four five six first do a four check that the property gets created first do get parts
i can see it do you see the output is running i can see ck type it clear please
type in clear reports and what happened no no no no you're supposed to mention the namespace
the recipe from that time okay sorry uh get parts no no no get parts this is a para again
refresh so you're getting greater
in the same command what you ran before just run the same command and see you just got created
before no no no okay fine do fine do fine yeah yeah yes yes the mistake are we good
okay fine this is about your namespace any questions everyone for now what do you do now
let's go and delete this it has only parts let's delete the parts which is in here so say delete
parts and mention
hyphen hyphen namespace equal to q hyphen system
okay so you can say delete parts hyphen hyphen all
run this command let me give the command a chat
use all and also also the namespace because
see all namespaces hyphen worldwide and your webnet must be good now let's wait
just trying to refresh okay
and also delete the parts in your default namespace
run both these commands
and then check in this command so that we are good now whether
you see it is running now whenever you do something delete it because space sometimes
and it takes the storage are we good now is everything running now
you see there
it gone okay
yeah these two you can skip but others you can find okay let's proceed
that's fine the last one is crashed that's fine we're talking about the main command getting it
the main was important the main master everything is running others that's fine because you're
terminating this point the main ones are running fine okay so because of the storage issue
the next topic is parts let me now talk about the parts
what are parts the parts are inside the namespace the parts are inside this is your namespace
and inside this is your part into the part i have two content for example
it looks something like this a part can have one container or multiple containers the example of
a node in which you see that it has multiple parts through a single container or multiple
container let me let to maximize this so when you see this diagram this is your node for example
the node has one container or multiple parts you can have these are node loads yeah this is your
node like a worker node and your one how many parts we have in this how many parts we have in
this diagram four parts and this part has one container there's a two containers some storage
still normally you can use the outside and these are three parts two country containers
so they all use the same ip this could be on port 80 this could be on port 8080 this could be on port
8000 so all the containers in the part they use the same ip but exports on different
port numbers so we are different types of part we can configure let's see we can have two containers
in here could you tell me why are you are using two containers why not one why are you talking
about two containers why not one what is the use case why are you talking about two containers in here
so this is an example of a website this hosted so if a node the storage is the volume is on the
node and i have two containers which is file full the web server now what is this using this for a
website it is facing the customer website and this is what is it gets in some images from internet
and downloads the images from internet and save this in the shared volume now same volume is
shared across the other container it picks up the images what has been done and it will show in the
website getting it everyone so any part remember that there will be one main application other one
would be helping the main application because if this continuous need to do both the work it might
be slow performance issues so we use multiple containers in a pod where we have one would be
a main other would be helping the other containers and they can have in a common data to be shared
using a volume this is how the port works it's not a mandate that you have two port two continuous
could have one two three it's up to you but we do not want to mix multiple applications in one
for example in this example i have a shared volume with my one other one is used for log saving the
logs we can have something like this in which i have the main application there's a proxy
so whenever it has to go to outside world it goes through a proxy and i'm not installing proxy agent
inside in a separate container we could also have in some like this so i'm having monitoring agent
inside this this is going to get in all the information and push it or with the log tools
monitoring tools so we separate containers for making the work much more easy in which you have
main one yeah so question for you so can i have in a pod both a web and database is a good use case
in a pod is a good practice to have both web application and database in the same part what
do you think and even tomorrow for example you want to give access to someone you give access
to a pod correct for example your developer friend and developer you give access to a pod
now the he's also getting access database getting understanding this yes no so you cannot give access
database for a friend and developer are getting it because his work is only for writing the code
the friend and all the backing so always do not mix multiple things so make it very simple we have
one main application and then the other containers inside and they get an ip using the cni now let's
now let's do the lab 2 i'll explain this so lab 2 we can create a pod simple example one
name you can do the nginx or you can also use or you can use htpd so you can if you find it difficult
that you can also use one more image which is htpd any image you can use so i'm trying to create a pod
and then seeing the yaml file of it sometimes you might want to find the pod id use the syntax
you replace the pod name the pod name what you created let's play around with this let's play
around with this command but you get a different pod and get the pod id
give any name and you can also give a different image name and get the pods that can all write
is running
pod and the pod name type in now and yaml
and see the config what do you want to see in the yaml you can observe it
and also find the pod id play around
charles what you do is do a get pod the pod name hyphen o yaml hyphen o hyphen small o f and hyphen o
space yaml yaml and so now you can see the config in the yaml format so when you want to know what
exactly is in here you can go ahead and see the details of the pod what are the fields what does
the detail have yeah yeah yeah okay try to get the pod id modify the name of the pod name in the
next one with this in this command replace your pod name with the pod what you created
and copy it and run that command replace the pod name with your name name of the pod
so this is your pod id sometimes when you do some operation you might require a pod id
this is how we get in the information using a JSON path
good here i think any questions team of nine spaces resource portas and the pods what it
will tell now any questions okay so is it 12 30 this is your lunch time correct will be 45
minutes or you need one hour break what are you asking how much time required one hour or 45
minutes okay so you had to cook and eat is that okay no problem are this one hour is okay everyone
more than happy yes are there any questions team so are we doing good are you understanding
the concepts are you comfortable now with using the commands and not getting the hang of how do you
run the commands are we good okay okay all right so we'll be back by your time 130
okay break till 1 30 pm you can also come early and practice also
your wish yeah big 130 pm catch you remind me to start the recording some something forget to
start the recording once you come in case you forget it please remind me i'm right now
thank you thank you
on 2024-12-16
language: EN
WEBVTT
You can delete all the files.
If you want to delete these files if you want.
Let us do that, but do not, we can see anything.
Is it working now?
Charles, are you able to log into the pod?
Please check.
The master, get a log in the pod.
Apply again, create the pod again.
Once again, once again, they give a pod name is wrong.
It is hyphen F P O D dot YAML.
The create command is wrong.
The create command.
It is wrong.
It is F hyphen F P O D not P prod.
That's the reason nothing's happening.
Yes.
Yeah, P small, delete R.
The file name what you gave us P O D.
Correct.
Please Charles, the file name is P O D dot YAML not prod dot YAML.
Remove R under the word.
Remove word letter R.
Delete the letter R under prod.
Yes.
Yes.
Now I understand.
Now do get pods.
The next steps.
Jovian, are you good?
But it's getting created.
Correct.
It's getting created on the pod.
Okay.
So understand.
So can you go and delete the additional files with the files of the.
I think it's taking more space or something for some reasons, but it's
still able to log in to log in the pod now.
Log in the pod.
It's a master login to the pod.
Cube CTL exec.
Cube CTL exec.
Yeah.
Type in the command.
Cube CTL.
Cube CTL.
Okay.
You're not sure short name.
Yeah.
Exec.
E X E C.
Space hyphen IT.
The name of the pod.
G INX space space hyphen hyphen space bash VSH enter in the pod.
Okay.
Now do some operations.
So if you're in the pod, it means that you're not in the container.
Okay.
Yeah.
Okay.
Yes.
Chats are you good?
Yeah.
You're you're like into the pod now.
Pots.
I can avoid.
Yeah.
It's running.
So do a get log into the pod now.
This is right.
Cube CTL describe the pod and the pod name.
Do slowly all the commands.
That's because of some firewall, even I have same problem.
Let's see.
I'm very able to proceed now.
Let's proceed.
Any questions you can ask me inform on this lab is done.
Yeah.
Yeah.
Yeah.
Better.
Yeah.
Yeah.
You type in exit.
Enter.
Okay.
And next, next lab can proceed.
Okay.
Next lab.
Uh, I think she can do yourself later.
We'll do lab four.
Okay.
I'm going to explain this.
Everyone please listen here.
Very important.
That for please listen, observe.
And I wanted to ask questions.
Okay.
I want you to think and let me know.
So can you all open lab four at urine?
Would you all please open lab four?
Okay.
And I want you to say, read that lab and tell me what is the name of the part
in lab four, please open the lab four at urine.
Read and let me know what the name of the part.
Look into the M.
Let me see.
Let me see.
Wow.
Okay.
Good.
What are the name of the containers?
First and the other container.
Second.
Okay.
What does this happening?
What exactly this lab is doing now before you go, what is happening?
The second container, the second container, what is happening?
Go down and let me know in second, what is happening in second contain?
What is it?
Why are you doing?
Okay.
In Linux, what does date date command do?
I mean, Linux in date command date, what will happen?
So for example, if I type in date, what I'm getting the current time.
Okay.
This is a hint.
Let me know what's happening.
Yes.
So every second it is writing a date to HTML file.
Clear.
Getting it.
So where is it writing on the top?
You can see there's an empty directory of folder.
So let me explain now you're getting ideas.
So it is going to create a volume of the type empty directory.
And what's the mapping?
You see a map mount path.
Where is the mount is getting mounted?
The first container.
Anyone is a mapping to the volume.
What are the path in first container?
See I'm in five mention mount path.
Yes.
User share in the next HTML.
The second one, slash HTML.
Now I understand the diagram.
So it is creating a temporary volume on your host.
So in whichever node the mark work, this part get created.
It'll create a temporary storage.
Empty directory is your storage in the memory.
And that volume is getting mapped to the first container in this location.
And the second contains getting mapped to slash HTML.
So what is happening in the second container?
For example, if I make any change under this HTML, it also gets copied to this volume.
And the same data is also getting mapped to the container, the first one.
So all these three parts are in sync.
Getting it?
This volume and the path and the first is container.
And the second container, they all are in sync.
They're working together and they all will have the same data.
Let me do a small demo.
Let me do this.
Observe.
And then I'll give it time.
So I'll say now, for example, shared some name I'm going to give.
And I put an insert mode.
I copy the YAML file and we paste it.
Now I'm going to say, apply FNF YAML file.
It'll get created.
So now I'll go and check on which node it got created.
Might be the image version.
Fine.
I'll just make a mistake.
So can we go ahead and modify?
There is some problem with this image.
Okay.
So I think we'll use some other image.
Let's, let's say same image for both of them.
Just take one second.
Let me just check on the image.
I'm going to use index.
Okay.
Now you have to create it.
Just try this.
Is it working for you?
Is working for you?
Please confirm.
Poxy errors are getting network error because of the second node.
Because of this error.
Let me delete all the parts.
I go to work at two.
I remove this.
Code one is a problem.
Okay.
On worker one, let me remove the files.
I'm going to the files and then I'm going to go to the master.
It's just open.
Everyone.
Right.
Let's see.
Let me just check.
Are you able to work?
It's working or no?
Okay.
Okay.
Yeah.
Yeah.
You got proceed.
Let me sub it.
Shoot my end storage.
Are you good?
Uses good.
Charles is working for you.
You know, modify the US is good.
Mine.
I'm getting at a message that we just check.
Is both the container getting created?
Go and check.
Complete the lab.
Some problem.
To modify to Nginx or use Debian.
Suppose do is go to the worker machine where you created.
Go to CD.
Bar.
Lip.
Q.
Blade.
Which you know, got created.
Go to that node and under Q.
Blade.
You see a folder called parts.
Good parts.
Do L.
S.
F.
And L and log into the latest part.
Going to the latest part.
This way get maps.
And under that go to volumes.
Yeah.
Good to wear lip.
Q.
Blade.
This part.
On your.
No.
Where it got created.
You see a volume folder.
Everyone under that.
Go to volumes.
The latest volume already created.
Good.
Inside that.
Now in this now, if you see you have entered that we go into the entry that a folder CD.
And empty directory.
Go inside this.
This is where you'll see the file.
It will not working from any errors.
Do you see your file?
Of what you didn't create.
You see some files there.
Everyone gene.
Everyone I see files on this one.
Not this one.
Empty directory.
You went to the wrong folder.
After.
No, no.
I, I, you know, what is now.
No, no, no.
You went the wrong book and note.
You had to see which work and note got created your part.
On the master.
Once again.
In which note your part got created.
Work it to.
Any maximizes.
You're you're you're in the wrong part.
Maximizes.
Maximize your worker to screen.
Please maximize work it to.
Okay.
Here type in clear clear clear.
Look.
Okay.
Now type in CD space dot dot.
Dot dot dot dot enter.
Once more CD space.
Yes.
Now do LS hyphen L.
Now you're supposed to be latest for latest for the third one.
Starting a.
Yes.
Go inside it.
CD.
CD.
Into that.
Yes.
Now do a LS.
CD volumes.
Did you want to use that now?
LS.
Yes.
Now with the first one.
CD.
The entry directory.
Cube and it's type in E and tap.
Yeah.
Enter.
Do LS enter.
Now go inside this CD space HTML.
Okay.
Do LS.
Do a cat of this file.
Cat.
Yes.
Got it.
Everyone.
Once again.
A gene is.
Everyone are able to understand.
Now what you do is.
Uh, try to create some file in here.
Take that been clear.
Type here.
Create a file.
Touch.
Touch.
The T O U T S.
Touch word.
T O U C H O U.
O O U C H.
Space space.
Give a file host dot T X T.
Type in H O S T dot T X T.
Okay.
Enter.
Right now.
Minimize this.
Now go to your master.
Now cube C T L exit.
Log into the pod.
No no.
Cube log into the pod.
Cube C T L.
E X E C.
E X X C minus.
Type in the ID.
M C 1.
Minus.
Space hyphen C.
Hyphen C C.
Space first container.
Space.
Yes.
Space.
No no no.
Use space.
Hyphen hyphen.
Space bash.
Enter.
The first container.
The first kind of as a path.
So C D.
Forward slash user.
U S R.
Share.
Engine X.
H T M N.
Enter.
Do it as now.
So you see the file now which came from there.
I got an understanding.
So now try to get a file in here.
Say touch.
Type in touch.
What first.
Then this type in first.
Dot dot dot.
Now go to the worker node.
This is going to worker node.
Do L S.
You see that file coming in.
Understanding.
Now again go back.
I mean again go back to master.
Now exit out of this.
Log in to the second container.
Enter.
Use the up arrow.
And instead of C first use second.
Send this.
You're supposed to go to which path.
We'll go to which path.
Send a slash.
H T M N.
Right.
H T M N.
No no no no.
Just H T M N.
See the lab.
No no.
Forward slash.
No.
Do a C D dot dot.
Yeah.
See.
C D.
Yes.
H T M N.
Not coming in.
Do L S.
You see the file is coming in.
Understanding.
All these are in sync.
If we get a file in here.
It will also reflect in the first container.
As well as in here.
Center.
Are we good.
Everyone.
This is a simple example about how you can.
It is bash.
P A S H L space.
After hyphen hyphen one space and then bash.
C D forward slash user.
U S R forward slash share.
Forward slash engineer.
Forward slash.
H T M N.
And press enter.
Now do L S.
Yeah.
You see the file.
So make some changes in here.
You'll see this.
Is this file.
Yeah.
Do T O U C H U.
T O U C H.
Given name like first dot T X T.
Yes.
Enter.
Now go to the worker to a very good created that location.
Go and check the file is there.
A play around.
Okay.
I think I'm getting it.
Are we clear.
Everyone.
We can take some two more minutes and play around.
Concerts mode.
Once you answer concept, then it will be very easy for you to do the hands on.
The mount.
The mount path is different.
But they are.
Using the same volume.
So you can defend any mount part.
It's up to you.
For example, the first container.
I wanted that part because I found that was very critical.
This more.
So mount cut to the different, but the both are getting more to the same volume.
Getting it.
The volume name is the same.
But they are getting mapped from a different mount path.
What's your question?
Please.
Yes.
Yeah.
Yes.
Yes.
Yeah.
It is because for example, your engine X, you might want to some other file.
There's a different deviant.
You might want some other file to be mounted depends on where is your file,
which you want to map, which part.
Any part could be there.
It's up to you, but those parts.
Not be available.
And I'll delete the part.
Delete the part and observe what happens to the storage on the host.
Do you assume?
Observe what happens to the storage on the worker notes.
What is happening to mine?
Are we good?
Everyone.
So you see once you delete it, what happens?
You will not find the details in that mount path.
Do you agree?
Everyone is deleted.
Yeah.
Yes.
Did you the part MC1 and go to work worker two and see whether do you see
that files now on the worker note?
If I'm logging back, so once you're done, what does that option?
Did you see the contents?
And gene yeah.
I'll be done.
The fights are not, it will not be there.
The fights will not be there.
Once you delete your part, you observe it.
And not like that.
No, no, no.
One second.
One here.
I see CD CD CD for slash where were.
What forced as live.
Live library.
Cubelet.
K U B E LED LED.
Yes.
Yes.
Now go inside the point.
You'll not have a part now CD parts.
Enter.
Do LS.
Now you see that you don't have that is gone.
You don't see the part at all.
Do LS F and L.
You had such a study.
A remember?
You don't see the part at all.
It's gone.
The part is not there.
So it means that you lose the data to delete the part of this type.
Okay.
Are this, are we good?
So I'm trying to do it on my local mission because of errors.
Any questions you can ask me.
One minute.
Are there any questions?
So we see I've been so on my end of the moment and you see that everything is
good and not sure.
So there is some challenge in here.
So, okay.
The next lab, everyone.
Next topic.
Okay.
So I've done it.
I'm going to use my network because I'm not going to use this.
We'll see it works.
Everything's fine.
Something is happening in the backend.
I'm not sure, but everything is fine.
I'm just going to do it at my end so that I take notes about.
So we talked about this is done.
The next topic.
Now, could you tell me, is there any disadvantages of using part?
Okay.
Let me give an example.
So let's consider right now.
We created some part on a worker.
We have a part, which is the container.
Now, what if this part goes down?
What will happen to the application?
Yes.
So do we need.
So we need to create multiple parts.
You agree?
So now I have to create a manual part again.
I cannot create two parts at once.
I understand.
The kind of support I can create only one part at once.
I have to again run the command to create a part.
So I cannot, the challenge with the kind part is multiple parts cannot be created.
At once.
It will again do manually.
Now, if I have two parts and the load is more, I cannot scale the parts.
So I cannot scale up.
I cannot make it five or scale down.
If you're having part with the version one, and if you want to update this to V2, a
new version, when do this, there'll be some downtime would be there in your kind part.
And all these are very important when you have a live application, because tomorrow
you might want to create multiple parts at once.
You might want to scale up the part because load is more.
You might want to add any updates without any having any downtime.
So this example of a kind part just to start off, but we actually create part
with different methods, which is your deployments.
So deployment is a method using which we create the parts.
Which is highly available and you can scale up your part.
You can do updates.
You can pause.
You can do all the operations if you use a kind as deployment.
So what I'm saying here is if you want to get a part, the better method to create a
part using a kind deployment.
So example, you want to create something like this.
So now the difference between this.
So kind is deployment.
Now what is three here?
What will three do?
Is answered.
Please think, because we have to answer this question.
I give a hint.
What are the three?
Yes, we'll create three parts and each part will be having this container.
So I don't have an option of matching replicas, option, and kind of support.
So you're talking something like this now.
So it means I can scale the create multiple parts and tomorrow I want to scale up.
For example, I have three parts.
I can scale to scale up to five.
It'll become from three to five increase automatically.
If I want to scale down, I can scale down to one.
All these operations is what your deployment would allow you to do it.
That's what we are talking about now.
The next topic.
So for doing this, first thing to understand about labels, what are labels?
So labels are key value pairs.
So you give some names for the parts like app equal to blue in here.
So tomorrow, if you want to do some operations on different application,
you can do some filtering.
So I can get in the part which I wanted and I want to a patch.
So I want to a patch of this particular part, which has a label name.
Or I want to building off it.
I can do a filtering like this.
This is called a selectors.
So we can define labels and we can define selectors.
So labels are key value pairs that we can attach it to objects such as parts or the nodes we can attach.
And all these are some recommended key and value pairs, which is recommended by Amazon working on release, environment, partition, all these.
So how do you create it?
This is the syntax for the labels.
And this is what they say.
Now, can you create labels?
Yes, multiple labels.
Method to create a label.
Let me do a demo.
So in this part, you want to get the part with this name, with these two labels.
Let me do this.
Let me even you can try to do this.
So try to create the ML of this and try to get a part from this.
So go ahead on the master mission.
Try to create a part of this.
You can say label for dot YAML and you paste it.
Now I'm going to say apply FNF label the part name.
Now the part of our created, I would say get parts FNO and while.
So now I can use a command.
See show labels.
This will show the labels of.
Now I'll take one more part.
For example, I just create a part, like an example, the image of engine X, for example.
Now, if I say get parts show labels, it is showing for both the parts.
This comes by default.
This is specific.
Now I can also say a label F equals engine X.
So it's going to filter the part and show only this part.
Did you get it? Everyone?
I getting it.
There is a filter.
What is equal to?
If it, what is this symbol?
What is the symbol?
What is the symbol of?
What is the symbol?
What do you call this symbol as?
This is equal to what was not equal to.
So now I'm going to do a not equal to.
So it will give me all which does not matching it.
It's giving me the other part.
I'm getting it.
So we can use these operators for equal to not equal to.
This is how you can do a filtering.
So you can do equal to not equal to.
You can use for operators and operators.
All these are called as selectors.
I understand you want to label selectors.
Everyone?
Now I can also create one more label manually.
So let's me, let me show.
So example, label.
So I can say, this is my part.
I want to get labeled for example, for example, I want additional label.
So I can say label the part and the part name example.
Then you can say, I want to give a label and you can give a label
with this hyphen E and V equal to product.
It's got labeled.
So now if I say get parts hyphen hyphen show labels, you see that it also
got one more label.
If you don't want the label, for example, I can just same command.
And in the end, I can just say hyphen with the key.
It is unlabeled here.
So like this, you can define multiple labels.
Have a good label is gone.
Just use the syntax.
Okay.
I think you want to do a lab.
Uh, I don't think lab is there for this.
Now, why is this important?
Going to help you a lot.
So what happened in the deployment?
So when you write a YAML file of a kind deployment, and when you apply, when
you apply the YAML file, where does the request goes first?
Which component the request goes first?
In master testing, you're writing a YAML file and apply it where the
request goes to which component in master.
API.
Do you agree?
As for this, I can have it will go to next after they'll go to controller manager.
The controller manager would create the replica set and then the replica set
in turn uses scheduler to create the part.
So this could be your worker one, for example, and this is your worker two.
So the replica set.
So since you asked for three, the replica set would remember that you asked for
three and if something happens to this, the cubelet would immediately inform the
problem and a new part would come immediately.
That's what the replica set is.
So the replica set would remember there's a problem.
So in this case, example, if your part went down, what will happen?
Let me explain once more.
So in this case, we have worker one in which we have work this one.
Okay.
One, you'll also have a cubelet.
This is could be your worker two.
You have cubelet the node.
Now this goes down cubelet will understand there's a problem.
It'll go and inform to API.
It'll go and contact the controller manager.
And we'll check on the replica set.
So replica set says that three.
So it was value was saved as desired was three.
Current was three before.
This is what is saved in the memory, but right now it is not.
It'll understand there's some problem because desired is not even current right now.
So it'll again take the help of scheduler and schedule will inform the API that
you're going to hit and we'll go ahead and create a pod immediately on that node.
This is what replicas that does.
The replica set ensures that anytime the numbers, what was there, you're going to
match.
So even the pod goes down, come up automatically because of replicas.
Are we good?
Everyone.
Yes, no questions.
Now let's do a lab on this.
Now the first one in lab 3D, I'll explain this.
There are two methods to create a deployment.
One is imperative method in which you create deployment, deployment name, the
image and how many pods you want and which pod you want to expose internally.
They created.
So we'll go ahead and scale up, we'll create two more pods.
We'll observe it.
Let's first do this.
So go ahead and on the first command, before you do this to avoid confusions,
delete all the pods.
So say delete pods hyphen, F and all.
So type in delete pods hyphen, F and all.
And now on the command and see what happens in the back end.
What created.
So you can get deployment or deploy hyphen over Y.
Get deployment or deploy hyphen over Y.
You see that there are two copies.
Again, you can say get RS.
It is replica set.
It's created too.
So how do you know this?
This deployment created your replica set.
And again, you can say get pods hyphen over Y.
You see it's got pod.
So deployment created your replica set and replica set in turn created the pod.
How do you know this is naming conventions?
Sorry, I'm getting error.
Okay.
Let me see your screen.
So can you, it's what there is some network problems.
So can you go to worker one machine?
Do LS.
Can delete that files.
RM, RM minus, no, no, no.
RM minus RF.
RF.
Yeah.
Space.
Just type in CNI.
Yeah.
Enter.
RM minus RF.
Container D is tab tab tab.
And not that side.
Just type in tab.
Don't do, don't do that.
Not this one.
Yes.
Tab.
Test tab.
The first one hyphen.
Just type in hyphen 1.6.
Yeah.
Delete this.
Okay.
Now go back to the master.
So cube CTA delete the pods.
Yeah.
Delete the pods hyphen O hyphen.
All.
Yeah.
All.
All.
Enter.
That's fine.
We'll go up.
We'll again come back.
Can you see?
I can see.
Do the same for the second one.
Now cube CTA will get powers.
Because of the storage issue.
Okay.
Let me.
Go to log in and increase the storage.
Yeah.
Proceed to the next step.
If con I have conflict at APT install APT install run command.
No, no, no, no, no, no hyphen and hyphen tools.
So the command, what does he know?
Tommy just say something.
The exact command.
Run that command space net hyphen tools.
You see comments.
Say is that under command net hyphen tool.
Choose enter enter.
Yeah.
Now type in if conflict, the top go up, go up on the top.
Up, up.
No, no, no.
Now put what you got up up in this up.
Yeah.
Go up.
What was 172 20.0.1 that one come down, come down.
Come down.
Yeah.
172 31 27 one in one second.
One 70 to 31.
Is this a 192 ending?
Yeah.
Yeah.
20 to 31 27 192.
So I'm going to increase the storage.
Let me check if I can add it.
Others.
Okay.
I don't have permission to do it.
Uh, okay.
Please proceed.
Let me check in the break about how to do it.
So I, is it, is it running now?
The master, both the parts, please check.
That's fine.
Proceed.
That's fine.
They got created.
Okay.
Others are you.
Yes.
I will do it.
Others are you good.
Tell them to increase the storage.
The back end.
Uh, are we good with the first one?
So now please have them on screen.
I'm going to do the next steps.
So now we have two parts.
Please observe right now.
So now when I do a describe.
Okay.
Off deployment and you would see that it created a replica set.
So deployment is creating your replica set.
Okay.
Backing team is calling.
Yes, sir.
Yeah.
Yeah.
Yes.
Yeah.
Yes.
Yes.
Hi, Raghav.
Raghav, they're getting errors in between for some parts.
They're not, when they get the part, it says error cannot create.
These are the errors we're getting in.
And some, it's an intimate issue.
There is something blocking something in between.
I'm not sure if you want to transition.
I'm able to do it on my laptop.
There's something, uh, session or from noble Prague.
I'm not sure.
The normal program.
Everything is, uh, the TCP port is all out.
We're asking about some memory.
How did we create this?
Uh, want to understand how did we get into that noble from a case?
How, how was it coming in there?
Okay.
Okay.
Okay.
Then why are they getting intimate issues?
Uh, what reason?
So there is an amusing created mine and mine is working for them.
It's not working the same lab.
They're doing it.
Mine doesn't like, I use my account.
Yes.
I'm created in my database account and mine in that I created the
Cuban cluster in that I'm not having issue, but if I am using your environment
in which I deployed, it is having some problems.
Sometimes the parts.
No, it is normal.
Cuban.
That's to be.
Do you think you can join someone's, uh, I think that, uh, asking me
once I'm with the backend team.
Yes.
Uh, is it working?
Everyone is gene.
Okay.
Okay.
I'm taking the backend team.
Why are you getting error messages is working on mine.
Others are we good?
Are you still getting error message gene?
I still getting error messages.
When do an all namespaces.
Okay.
Let me see.
I don't know.
Can you do no clear pinch there?
I get parts.
I don't know why this hyphen.
Why did the doing the restart?
Okay.
Get parts.
Do a cubes.
It'll get parts hyphen hyphen.
All hyphen namespaces.
Hyphen space hyphen.
Oh, why?
Oh, why?
Hyphen hyphen.
Not there.
And namespace also hyphen hyphen.
Enter one second.
Let me give a command.
Yes.
Hyphen hyphen all hyphen namespaces.
Use apparel.
Enter.
Okay.
One second.
Getting a call.
Yes.
Yes.
I'll.
What do you want me to do?
You want the link of zoom link?
You want that link?
Yeah.
So that he can connect with you over the call.
I think I'll manage now.
I think the break or something we can do.
Okay.
Then I think last one break now.
Okay.
Team.
I'll ask for right now.
Okay.
Yeah.
Thank you.
Our team.
So, so we want to do see what's happening in the backend.
Uh, is it okay that you can take 10 minute break?
Now?
Yes.
Want to check the word by the reason getting this so that we need 10 minutes.
Yeah.
So break for 10, 15 minutes.
So I think we take 15 minutes break now.
And we'll be back.
Yeah.
Thank you.
So I've given a link to you.
Okay.
You can join the Google meet.
Hi, can you hear me?
Hi, Hi, can you hear me?
Now who's speaking?
Hello.
Hello.
Hi, can you hear me?
Yeah.
See admission screen.
So when they log in here, so they're getting this here.
This is coming common.
See if I.
Yes.
Yes.
This is mine.
Also happened.
So now I have to go.
Oh, get parts.
And this has some intermediately.
See it.
Okay.
So now if I do describe the part and this is my name and I'm just mentioning
then system.
So you're getting in this carer, magnet network.
Okay.
So I'm getting something because of this fail container to proxy
for backup restarting.
So I also went ahead and any, any additional for anything is there.
I'm trying to read it and it's happening when we want a few of them.
Not an honor.
If I taste all of them, it's fine.
See here, example works for this book for this, but on this sentiment happens.
So what I've done is the reason I've installed on mine won't easy to instance.
And for past one, I'm using this.
Yes.
So for past one, I'm using my account and not having this and this people are
getting intermediately.
So I'm even I'm telling them to delete the files.
I just told age and what I bring to the storage because I don't have access to
into the storage on beans.
I'm not sure it is.
Yeah.
I feel that or it's something else that we are taking because it is not happening
in mine here.
It is happening intermediately.
And for example, I also had some files.
I wasn't removed any other files.
We are just having many basic files.
So can you increase the storage now in the backend?
I feel that could be a problem because other things is good.
So I feel sorry for the problem.
So I want to increase the storage or anything else you feel could be a problem.
I mean, based on settings, what setting we have done, what apart from that,
anything else settings or something, I'm not sure any policies or something
you're set it or anything.
I'm not aware of it.
Have you mentioned all traffic or you all mentioned all PCP ports?
Okay, fine.
Now, why is that?
See, now we have used two rules correct.
Why are we having can remove the previous one?
So for example, if you go to security, you added it.
So why are we having the minimum port?
Don't think this is going to have a complex sometimes because you have small
and then more understand, but to be honest, but why do you want to do
not teach us what I'm having problem.
So my question is, can you remove this one?
Because there's some conflict between more and less.
I'm just thinking of the thoughts.
Can you remove this?
This have one rule is all traffic by very having both of them.
This is one.
Another one is I want to increase the storage on all the nodes in the back end.
Can do these two.
Is it the security group is removed?
I mean, the ports are modified.
The ports have been modified.
Okay.
Let me just check.
I've got a teacher and then click this.
Yeah.
Yeah.
It's coming in.
Okay.
Okay.
Can you increase the storage?
For example, my worker one is having a problem.
So for example, this is coming on my.
Worker one, which is this IP.
So can you go ahead and encourage all this one, which is this one,
increase the storage of this to at least 10 or something at the 2 GB.
And let's see what happens.
That is 18 138.99 the public IP.
Or one instance ID.
I'm asking because my concern is here since all of them are coming in somewhere in,
see at the end of the day, they all are coming in one screen.
So is it because of any network issues in which you are seeing everything?
Any bandwidth issues or something?
I'm not sure.
Just give me a thought because it is working with on my putty.
Perfect.
And this lab is still edited.
And this is happening randomly on some machines, not on very specific machines.
See, for example, you can see for these, it's working, but some doesn't work.
So that's the reason not able to understand why is it money for some.
Randomly it happens like this.
What have you done now?
If you increase the volume, existing volume, you need to be able to, right?
You need to report and can't directly modify the existing one.
I think it must allow you.
Okay.
Okay.
Tim, are you back?
Charles Jean Nathas.
Okay.
Okay.
We just think the issue this for to be unsafe aside.
Okay.
Rack of can we start working in on the back?
Finally, one, two, back in anything else you want me to.
Okay.
Thank you.
Yes.
Now let's continue.
So now we're going to, I'm going to do a demo now.
What the YAML file.
So before I'm going to use this mine, I'm going to say, delete the deployment.
I can, I can, let me do this.
You want to observe and then I'll give you time for every step.
Yeah.
So in the down now, first I'm going to write in the YAML file with this.
I copied this YAML file, go into the master.
I say, deploy dot YAML and observing here, the API version is different because
your deployment is a different location, the path and to find this, we are using
these comments.
So this command will let you know, which is your API version to be used.
And it's, it's going to give apps for such V even.
And this session is for your deployment.
This session for replica set.
This is your pod.
And this is your continuous session.
So once I applied this, the clear deployment with this name, that will
create a replica set and that replica set in turn creates the parts, three parts
with each one having one container.
So now I'm going to apply this.
So now I see
and now I say deploy, I can open by deployment got created with three
copies of this image and I'll say to replica set it got three copies.
And this got created from this deployment.
You see this name and I'll say get pods I've been owned by.
And you see three pods got created from this replica set.
How do you identify it?
It has a replica set name and the unique name.
Are we good till here?
Everyone Charles, CK, Green, others.
Yeah.
Could you please do this step everyone?
The same lines do just create the YAML file, apply it and observe the outputs.
Do till F command.
And both these pods get treated on different nodes.
You see they are getting load balance waiting for it.
Let me see if you're still creating on worker one.
Yeah.
So I can see it here.
Refresh the command now.
G again, do get pods have no Y.
Okay.
Let's see.
Uh, didn't create it.
Well, now let's go next step.
So now let's play around.
Let's try to delete the pod and see what happens.
So delete the pod.
Any pod is got created among these.
This is running.
Copy the pod and paste it.
Now, since we talked about replica set, it will understand that's a problem.
It'll immediately create the pod.
Let's see what happens now.
So I do get pods have no Y and you see the pod came up automatically.
Yeah.
You observe that a pod will come automatically once get treated.
So this is what is replica set.
So replicas will ensure that the numbers would match.
Now let's just try to see.
So now we will say, just scale up your pod.
So let's do.
Cube C D L scale.
Connect with our next command.
So when you go to documentation, it's almost killing up now.
Run this command and observe.
Does it scale up?
Now it immediately update.
So it can do a deploy and say five copies.
Deployment.
It'll update the replica set to five copies.
It will also create two more pods to make it five.
Are we good everyone?
Okay.
See five is coming in.
Yeah.
There is some issues going on, but I think that is coming up.
Taking some time.
Now you can make it to one.
So observed get created more.
And again, you can try to make it less.
So we see it increases.
Now you can use the same command and make it less.
So make it two, for example, delete.
And you can see that it'll have only two parts.
So this is how we can either scale up the workload is more, or you can scale
down when the workload is less.
Are we good?
Everyone now let me talk the next one.
Don't delete it.
Let us proceed to the next step.
I'll explain the next.
Now next topic is rolling update.
Now, right now, what we created your pod is version is engine X 1.14.2,
which is part of a replica set.
And that replica set in turn, your scheduler got created.
There's all these are 1.14.2.
I want to update the application to a new version to 1.16.1.
So you do need to do update.
When you do an update, it creates a new replica set for 1.16.1.
And it'll create new things.
First we create equivalent one of this.
We create this and then this will get terminated.
Then we create equivalent one of this, the other side.
Then this will get terminated.
And then we create one of this and then this will get terminated.
This is called as a rolling update.
So rolling update, you can mention how many you want update at a single point of time.
It'll always ensure that the other version comes up first, all settle down,
and then the existing pod would go down.
And this is the default strategy in your department.
Yes, are we good?
Let's do this in your documentation.
This is the command to update your new version and want to record it so that
tomorrow you can go ahead and see what exactly updated.
Then we can see the rollout history and you can roll back to previous version.
What's the question using these rollout history commands?
So now let's go ahead and set the image.
So now when I do now get RS or the get plot, right?
You see that it gets updated so fast.
And if I do get RS-O right, there are two replica sets.
So all of them became zero in here.
And this has got two and all the pods were updated to the latest version.
You can go describe and see the pod.
So you can go describe of the pod and see what are the version of the pod.
So you see that they updated to 1.16.1.
Let me know if any questions and you can see the rollout history.
Let's see now.
Okay.
So can you do get pods hyphen O byte G?
CubeC will get pods space hyphen O and byte.
I think we understand what we did now.
Yes.
No.
Are we good?
After describe command, describe pod, describe pod and the pod name.
And in that go ahead and see which version is it is using 1.16.1.
You can see under the container session.
It means the pod is using right now.
It is using this image version.
It answer a question.
Yeah.
So now let's consider that something happened.
You want to revert back.
You can revert back to previous, just the previous version by just mentioning
this command, undo deployment.
So now do it, undo deployment and this command.
You'll roll back just to the previous version automatically.
And you can see all the pods would move to the old replica set.
So now run this command and when you now do get all, or you can do one by one.
You see, it rolled back to 1.14.2.
And do get RS-O wide.
You see that all of them has moved to the previous ones.
Again, you can get pods.
If you know one by do a describe of any of the pods, any of the pod.
And you would see the version would be 1.14.2 for the image.
You can also roll out a specific version by using a revision number also.
On the revision numbers, you can again update to different version.
Try to update different version.
For example, you can use one more if you want player app.
So we use 1.14.2 something.
Correct.
So try to update it to this one and try and update the latest one.
So I'm going to just find player app.
So I'm going to do latest and record.
Yeah.
So now how many replicas that must be there now?
How many replicas sets now?
Two or three.
I think.
Run this command now.
It'll have three replicas sets of two replicas sets now.
Others.
CK.
Jean.
Must have three replicas sets.
Do you agree?
Because we have three image versions.
Are we good?
I understand it.
So every image version would be part of one replica set.
Clear?
All of the latest one now, it is a contour latest version.
Now let's see the rollout history.
Same thing.
Just play around.
So now to roll out history and see the history of your, the J command.
Run again and see a rollout history.
And you see it is update to four.
Now let's again, give it back to revision number two.
So you want to move to one revision number two.
So you can go ahead and run this command or any additional number you can put.
What numbers you see there.
So revision number two is my.
To one point 16.1.
You see number number two.
I press enter and you would see a deployment wide.
So move to one point 16.1.
And also your replica set or would be under the one point 16.1.
And your parts also you can do like this and also do a described part.
Okay.
Parts example.
And do a described part.
Described part.
Give any part name and it gives a grip symbol if you want.
Grip, hyphen, I, the image.
Now they use the syntax.
It'll give me only the line, which has the word image.
Replace the part name with your part name.
So shortcut instead of me go into the part and seeing the details.
I can see the details by gripping it.
Good.
The concept here for everyone.
Charles, CK, June.
So in enterprises, you normally create parts using a deployment because it has
to create multiple parts at once.
You can scale up, scale down.
You can do updates.
You can record it.
And you also have other methods to update, which are going to talk about now.
Yeah.
Now question for you all.
If you delete replica set, what would happen if you delete replica set, what
would happen?
Please try to think, would it come up automatically or no, it is because
so it taught me come up.
So if you want to delete everything, then you delete the deployment.
Now let's go ahead and delete the deployment.
So you can delete.
If you're multiple ones, you can say delete, deploy, nickname, and you can say
all.
Yeah.
Like this.
So get, delete, deploy, hyphen hyphen, all get deleted.
Now, when you go back now and you see you'll not have parts, your deployment
is gone, you don't have any replica set.
You also see that there are no parts of that particular needs.
So let's go to the next topic.
Continuation of deployment.
Let me, I think, so do you work on updates?
Do you work on updates in your, in your work?
Do you update applications like this?
Is it part of the workloads?
The future?
Yeah.
Yeah.
Yeah.
So tomorrow you would be updating application, different version, all these
you're supposed to do.
Is that your work?
Okay.
Okay.
Fine.
Yes.
Let me share, share one more document.
Give me a minute.
I'm going to share a document to you, which will be useful for you for deployment.
Please download this document.
It's on the way.
Take some time.
So this document talks about different methods to update or deploy in your
independence.
Now we're talking about recreate ramp, blue, green, canary, AB testing and shadow.
These are different methods.
Now, how does it work?
We observed right now that one deployment can have single replica set or multiple
replica sets.
We'll talk about services.
The next topic.
We're going to talk about these next topic.
So what is recreate?
So recreate is where?
The user traffic, the user traffic on the load balancer and then reaches
your application.
These are the part.
So these are, you have three V1 part versions.
Now, if you want to update, you delete the V1 and then we'd create the V2 version.
So there's a downtime involved.
So this method is used when you are doing a testing of a workloads, whether the
downtime doesn't matter.
It's quite easy to do it.
You just need to delete the older ones, create a new YAML file of a new version
and then create it.
But there's a huge impact in case if you're looking for live customers,
downtime will be there.
One which we use right now is also called a ramp or incremental or rolling update.
So in this, what happens right now?
We have even like 1.14.2, which we use.
When you say update 1.16.1, what happens?
You define the percentage in default.
If you don't mention percentage, it is normally 33%.
33% of 3 is 1.
So you'll update one of them first, higher version, and then the existing would go
down.
They create equal on one of this.
You see here, the user is still connected to this version, not this.
Once this is ready, then this will go away.
And then this gets created.
This is called as a rolling update.
And you can modify how many you want to update at once by using in a kind
deployment, you can write in the parameters.
Yeah.
So for example, if you observe your deployment, so if I say apply, I can
have the YAML file that you created.
And if I say get deploy, I can know YAML file.
You see this.
It gets in the YAML file information and this YAML file right now, you could see
the rolling update.
It is that 25%.
So approximately after three, it is taking in one right now.
So you can modify these values and what are the values?
You can also use this method.
You can also say edit.
You can also either open the YAML file or you can say edit, deployment,
deployment name, YAML, and they can modify the contributions.
So example, I want to three had, I want to create more copies.
I can also modify like this, either open the YAML file or you can modify
it like this and then save like this.
So like this, we can make in the modifications.
This is the rolling update.
So you can define how many you want to unavailable, that is two.
Like this, we can enter the numbers.
Are we good?
Sometimes you might have in lose control, but very rare.
This is very good to use.
So this is something recommended by Kubernetes.
Blue green is a strategy in which one is live, other one is not live.
So example, this is a green, this is live.
It means customer workloads is going to this V1.
Now assume that the V1 version is getting expired.
You have to move the application to a new version.
So internally you create a V2 version of application and then switch the user to V2.
The V1 version is still there in the backend.
It's not terminated.
So something happens to V2, it can switch back to V1.
So blue green is something like this and we have two environments.
In this, the challenges you need to deploy two of them.
It will be, it means it is costly.
And other one is you are not doing a live testing.
You're assuming that it will work for V2 for the customer.
You're not doing a live testing.
It might get some errors.
So you're very confident that you can do, but you're taking a risk.
So in case you don't want to take a risk, you can do a canary in which you would send
traffic like 10% other side.
Then increase from 10% to 20%, like 30%.
You keep on doing it.
And for doing this traffic management, Kubernetes does not have the capability.
So you have to use service mesh.
Like we have Linkerti, we have Istio, third party tools, which are to install it.
And you have defined the routes or the rules.
So example like this.
So you have to use tools like Istio, install it, configure with Kubernetes.
And then you can mention that for version one, 90% traffic for version two, 10%
traffic, we have to do something like this.
This is good, but this is complex.
AB testing is also very important.
So AB testing is example.
If you access your Amazon consort from a mobile, you see a different screen.
If you see it from your laptop, you see a different screen.
So testing has to be done with Amazon to ensure that users are able to see the
options properly on their different devices.
While the user is logging from US, you might want to see a different page,
no login page, something like that.
So based on user preferences, user location, you want to do some testing.
That is called AB testing.
So this is for one version, this is B2 version.
The last one, which we can use the shadow testing, but in the user
traffic also goes to the other version, but the user will still see the old screen.
So internally, the backend theme you would observe is the traffic going
properly to the B2 version, and then you can switch the user to B2 version.
So light traffic is going to the backend, shadow, mirrored, and dark we talk about.
So these are different methods using which you can update applications in Kubernetes.
So when you go for, if you're looking for zero downtime, these are good.
We're talking about real traffic testing, these are good.
If there are use cases, very specific, specific users, then AB testing talking about.
Cloud cost, this is more because we are talking about two environments.
This is more because having two environments again.
Rollback duration, impact, complexity.
Are we clear?
Any questions?
Yes, no.
Are we good team?
Yeah.
If any question you can ask me.
Okay.
So now in the labs, we have seen this is an example of a rolling update, simple example.
So if you have, you first create one version, you create one version.
This is version one.
You want to update to new version, the same image, for example, right now we have, what
you can do, you can either use edit method as a doctor, you choose to edit the deployment
name or open the YAML file and then apply it with a new version.
So modify the version and apply or edit and see what happens here.
Going to play around with this second one.
The second lab yourself, please.
That too.
That too, please.
Please find in your application lifecycle management, which is more than three in a
Kubernetes with a laptop.
Good.
You're doing good.
First version.
Yes.
Not try to modify that.
Instead of one, make it two.
See, can insert more.
I this I.
This I, and then, and so one, make it two there.
Yes.
Escape colon.
Same escape.
Colon WQS.
Now it'll update automatically.
Just do it.
Get deployed.
I find no white.
But apply, apply, apply.
Cube C tail.
Apply this.
Now you can check the version of the deployment.
You see it has gone into two version, but you can do the other method.
Do edit method now instead of get.
Do edit deploy the other method.
Now seeking.
Cube C tail edit.
Yeah.
I'll tell you.
Cube C tail edit.
Yes.
EDIT.
Uh, the IT.
Yes.
I T I T yes.
Deploy.
Deploy and give the name of the deployment.
Hello.
Hyphen.
Deb.
And that what happened to me blank.
Yeah.
So now in this, now go down and modify again to a three, for example, make it a
three version, then the line, the image line is set more, make it a three.
Just escape colon.
Save.
Save it.
Colon escape, colon WQNN.
I missed it.
Uh, can you come out of this file?
Okay.
Come on.
Don't save it.
Escape colon Q.
Don't do a W escape colon Q and exclamation.
Again, go inside and don't see.
Yeah.
Okay.
I think, uh, can you go down and tell me how to do it?
So I tell you what to do.
Go down, put it in set mode.
I go to the line where the image line is there.
Go up.
Yes.
Delete.
No, one delete, one delete.
There's a delete once.
Once again, that's fine.
No, good.
The starting of the line.
You made some errors.
Uh, yeah, this really click on delete button once.
Delete.
Yes.
Once more.
Yes.
Yes.
Now save it.
Escape colon WQNN.
Now you could go ahead and see it will update to version three to do again.
Deploying.
No, no, just see the version now.
You see that.
So we can, yeah.
So we can either use the existing YAML.
We can open it or we can do edit or get in a new YAML file and modify.
These are different methods, but then you can update your configurations.
Clear.
Yeah.
Yeah.
Are this, are we good?
No, no, no.
Uh, okay.
I tell you what to do.
Go.
Now let's consider you had, this is a work and note and you have QBlet in every
node and you have the part running inside this and the part one, part two, and part
three, and this is running your application.
Okay.
So QBlet needs to check if it is working fine.
So it has to go ahead and look into some important file.
For example, for a front end could be index.html is very important file
because this has the front end contents.
If this is not responding, then there's some problem with your application.
This type of probing, what QBlet can do is call less liveness probes.
So liveness probe means QBlet will check if the end point is responding
properly, is it coming up very soon?
Is it slow?
Those type of checks.
And for doing this, it does a help check using a port.
So it uses a protocol like HTTP.
It uses try to reaches using a port number 80 and this is the end point.
So the protocol is HTTP.
It'll go like this.
It'll go to port 80, for example, and under 80, it'll try to reach
the point index.html.
This is your protocol.
So you have to mention which port number and you have to mention the
destination or end point or retort of path.
You would want to put names.
And when must it do?
So you mentioned interval name like interval 15 seconds.
So it does this checks every 15 seconds.
Whenever it does, how much of time you want it to wait, that you mentioned
under a period called as timeout, like five seconds.
And how does it know it's healthy?
So you can say healthy threshold and you can say three.
It means that if three times it is able to reach to this continuously, three
times consecutively, it'll understand healthy.
Not just say unhealthy threshold, like two times.
If this is not able to reach two times consecutively, it'll understand it is
unhealthy and whenever it is unhealthy, after some time it will do a restart of
the port, thinking that if you restart the port, it would become good.
And hence, whenever you see any restarts in your port, it means there is some
health checks defined inside it.
So there are issues in general, very regularly, QPlet would do a restart of the port.
So this type of probing, we're talking about the liveness probe.
Now let's consider that your application did not come up at all.
The port did not come.
Then the liveness probe would fail.
So you can also define one more probing called as startup probe.
The startup probe would ensure that once your port or the application is running,
settle down, then your liveness probe would get started.
So first would be a startup probe and then a liveness probe.
We also have something called readiness probe.
Readiness probe means is your application ready to take a new workloads.
Can it take new workloads?
Is it okay to run new workloads?
You can do some checks.
So we can do liveness probes to check in the status of application.
Startup probe to ensure it is started.
Readiness probe to check if it's ready to take the workloads.
And we can use different protocols for doing this health checks.
So we're talking about oneness.
We'll talk about this basically after this.
We can use HTTP or they can use TCP or you can use a custom methods.
And whenever the health checks failed, it says to restart.
What is liveness?
There's some problem.
The application getting hanged.
So for these types of issues, you have to understand the reason to understand the
restart readiness probe and the startup probe to ensure that these are ready or
started and we can use different protocols for the same here.
Have you got the concept clear everyone?
Let's do the module four.
Now what is 200?
What is the code 200 needs?
Code 200.
HTTP.
What is 200?
What is 400?
200 means success or fail.
I'm sure we've seen this when you access any website, sometimes you see 401.
We get some error messages.
So the cubelet and the pod, they communicate using these code languages.
They use the status codes in the backend to understand whether the health check
passed or failed.
Yeah.
So now in this lab now we're going to do health check, so we're going to create a
pod in which you're going to define a correct probing and then we observe as a
restart.
Then we'll make some error wantedly and we'll see if the container gets restarted.
So this is your example.
Now what is this path?
What is this path?
Would this linus check pass or fail?
What is pass or fail and by the same?
What is health check pass or fail?
And what is path root?
What is root?
Should every container have a root path?
Yes, no, I'm getting it.
Do we have root path or not?
Please confirm.
The next country would have a root path.
This would run because it will find the root path.
What did he call code?
Now you tell me now would this run the next one?
Would this pass or fail this one?
Testing does every default content engine X would have example.txt.
You agree?
Would every container of engine X would have a path of example.txt?
No, correct.
You'll not have the default file.
So it will not find the file and it will restart the container.
Are you getting it?
Yeah.
Let's do the lab now.
Let's do lab four.
So let's go ahead and try to get a pod and we'll see the pod status and
observe the restart column and let's see whether it gets restarted the health
check pass.
So let's go ahead and do this.
Do a lot with me.
First one create YAML file and then create a pod and run this.
Good.
Now do a describe yourself.
Do a describe of the pod.
Everyone describe of the pod and check whether the health come.
It says line, which will update the health check.
Go and check that.
Go up.
You see a line which says health check.
Let's see.
I wanted to observe that.
The describe command.
You'll have a line with the health check.
What a health check says.
Yes.
Okay.
That's the right one.
So after how many, okay.
I wanted to answer after how many times it will do a restart after how many times
does it do a restart in case the condition fails.
Yeah.
Let me explain to this now.
So it's got created now.
So I'm going to say describe pod and the pod name.
And now you see that it got created on worker one and this is a health check.
So now it is going to do a restart in case it fails after three times.
This is a threshold success.
So even though we did not mention these values, these are default values
we expect to pick up time out once again.
So every time it does the check, wait for one second and every five
seconds going to a check and initially first time before it does a check,
it'll wait 15 seconds.
And this is it.
So it is all good.
Got to reach because you have a root path.
So now let's check what is happening.
You see no restarts.
Yeah.
Now let's check the logs.
Do QCTL logs and give the name type in QCTL logs and the pod name.
You get output like this.
Everyone is do this.
Yes.
You're good.
They didn't do this command QCTL logs and the pod name QCTL.
No, your comment is wrong.
QCTL logs.
You did not get full name.
Charles logs, engine X hyphen lightness in full name of the yes.
No, no, no lightness.
No, no.
Hey, just type it.
I'm going to tell you.
Hey, space logs.
Space.
Logs, L O G S space.
G G G S.
Yeah, space engine X, N G I N X.
This is name of it.
Just copy and paste.
N G.
Just paste the name of your pod.
What's the pod name?
N G I N X.
No I, no I.
N G I N X I N X hyphen lightness.
No space.
No space.
Yeah.
I hyphen lightness enter.
Okay.
So now do you see that the cell check passing now?
What are they getting?
We're getting the messages 200.
It means the health check is running every how many seconds?
You have to answer this please.
Five seconds.
You see it has the date.
It has the pod IP.
It is running in and the success code 200.
It means a successful.
This is how we see the logs.
So it checks our passing.
So there's no restarts.
Okay.
So now this is our success.
So now let's go ahead and do the next one, which is wrong.
So let's go ahead and see the live fail.
So I say, say dot N, that command.
It's the same what it did for this and see what the log says and
observe the describe, please observe everything.
Okay.
Okay.
So now apply hyphen F and this.
So now do a get pods hyphen O and white.
You see it is not to a describe of the pod and engine X hyphen
lightness fade.
Now you see that it is going to fail because not have find the file.
Yeah.
So wait for some time.
You can also do a describe and you see this again, your describe.
Wait for 10, 15 seconds and do a describe again.
You see lightness profile because not even to find it.
So now you can do a logs and you see restart.
It happened once.
Now do a logs of the pod and you will see that it says the health check
phase, it'll do at least three or four times.
And after that, it will restart or it will become a crash loop back on.
It'll do a crash loop back off.
So it'll wait 45 seconds every time, five times, and then do a crash loop back off.
So two times yet.
So wait for some time and you'll see the logs get failed.
See four times, five times.
And after five times, it would do a reboot.
It'll go crash loop back off, crash off.
You see here it's fine.
So tried this time, keep on trying, trying, trying, trying, 1044, 1044,
trying, it failed and it's gracefully shutting down.
Now when you see this, it will crash loop back off.
Okay.
Are we good?
This is one method.
We could also use the other method in which we talk about TCP.
So TCP is one more protocol, which works on port 8080.
So it can also do with port 8080 and it'll work because the ports are number right.
And in here, we do a small example in which you're trying to make it a fail by
giving a different port number 8090.
This is wrong.
So it will not be able to reach on port 8090 on your container.
And hence the health check would fail.
So like this, we can either, in actuals it will be the actual numbers.
Not your location, but it's quite difficult to replicate the actual data.
So here just to show you how your health check fails and
passes, we're doing some small examples.
Are we clear?
Everyone.
Any questions?
Okay.
Now we forgot the best practices.
Let me go to best practices and also Cron.
I think we'll come back to here.
So best practices when you work with the deployment is start always scanning the images.
So what are the images you use?
Always ensure that the images are secure.
Your private images, which is tested and do regular scanning.
Regularly update your updates.
For example, we do regularly, we want to do always update,
host this in your contains because you always want to get the updated ones.
Ensure that use when they authorize images.
No access in when you work in enterprises, you will not get access to work and notes.
Any work must be done for the master.
Define policies as to what this was can be communicated.
Network.
Like the privileges and everything log everything.
What are you doing?
Okay.
What is the cron job?
Cron job.
Yes.
No.
Yeah.
So like in windows, we have dot back schedulers, we got a windows back schedulers.
Similarly, we have cron jobs for Linux schedulers.
You can go and see this.
Exactly.
It looks something like this.
So it is crontab.create image.
You can go for example, I want to schedule a job in this time on this date.
Yes.
So if it's two asterisks, asterisks in here, it means is going to every minute.
The first with this minute.
The second field is hour.
Third one is day, like 28 numbers.
Stuff about this is the month and this is the day.
So example, I can put five.
It means every Friday.
Now, if I put in here, it means may be talking about, and in here I can say 25th
on day of the month, 25.
And here I can mention, I can mention in here that.
So this is going to take exactly some work at 12, 12 o'clock, 12, one on
May 25th, which is on Friday.
Or you can just even, even give zero, for example, going to take it.
Zero means Sunday.
That's a random five.
So can we do, so we can do something like this.
We also have an object called as a cront.
So if you search for cront, they're very good document.
You can just go and search anything, whatever you want.
So cront job is an example.
Okay.
What does this do?
What does this do?
Sorry.
It can be louder.
No issues.
It's going to run every minute.
What is going to run every minute?
Will the output ends?
Yes.
So this is going to get printed every day.
You can apply this and then we can see the output.
So let's try to do this play around.
Let me give this V I cront dot YAML insert mode and paste the contents.
So this is doing wherein it is going inside your shell.
This printing it with this message.
So let's save this and apply.
I can have cront on YAML.
So if we say get all example, see that all you can say get jobs.
Also say cront job, get cront job and get pods.
So it has got created one.
So do a get cront job when you want to see what is there.
You see get cront job is your job.
And now get pods happened one.
You see it's completed.
Do logs of the pod.
Do logs of the pod and you will see the logs printed.
Hello from.
Wait for one moment.
Eight seconds.
So it again created one more.
So let's wait.
38, sorry, it's still not created.
Let's just have one create in a minute now.
10 more seconds.
See one more got created and you'll be seeing the output of that also.
So go ahead and do a logs of this.
You see the hello from cluster.
So this is a simple example.
So like this, you can define some mapping.
Like what did for empty directory, some location or file, you can say it copy the
files to a specific location, like a backup or some specific scripts to run.
That time we can use a cront.
Okay.
Any questions?
So what are we learned in deployment?
Let's summarize deployment.
So we first learned about deployments.
The deployments are very important and this is what we use in enterprises to create.
So once you create a deployment, it first creates a deployment that
deployment creates a replica set and that replica set create your ports.
This is what we use for releases and updates.
So deployment, the replica set says clearly, and the parts will get
created from your deployment.
You can roll back, scale up pause for all.
We talk about kindness to prom.
It's very, very important.
How do all these components get linked to each other?
Use labels in the backends.
Labels are tag names, which we can.
You identify what is the use of the particular components.
How do we do some operations on it?
For that we can use this.
We can have multiple labels for a form.
You can filter it using selectors.
So when you create a deployment, the request goes to API first, then to
controller manager, this will create your replica set and then the scheduler
would come in and it decide which node and kubelet would create the
port on the particular nodes and deployment normally does load balancing by default.
So if you say that you want five ports, we create two in one, three in one,
something like this.
replica set remembers the current state.
If anything is there, it will again help to ensure that it is going to the
current and decide how much match.
Different methods to update the default one is rolling update.
You can roll back to previous versions by doing recording it.
And we can also integrate with the CI CD tools like Jenkins or team city,
other tools to make it much more easier.
Methods to update, create new replica set.
It was all the new replica set as practices.
So do you want to do some more topics or we are good.
What do you say?
What are you all saying?
If you don't talk, I'll keep on talking.
If you don't talk, I'll keep on talking myself.
What do you want to do?
Either you want to talk to say yes or no, keep on talking.
What do you want to do?
10, yes, Charles, Jean, others.
I want you to talk.
What's the answer?
Do you want to continue or we're good.
I want to understand what's happening in your mind.
And I don't, uh, it's quite difficult for me to.
You're feeling hungry.
Yes.
We have a topic.
So I think that we are in the right phase for it.
See, I don't have any, because I cannot, I understand.
I know the participants.
I cannot decide which topic.
Let's for example, some parts are very fast, some are slow.
So, uh, based on the participants, I map my schedule.
Yeah.
Otherwise I'll keep on.
Is that difficult to map?
So the reason I always look into how are the participants, how are they
learning, what is your learning speed?
And then I paste my topics here.
Yeah.
So what I feel is as per your speed, I think we're good.
Uh, we have done, we are good.
We are done a lot today.
We learned about Kubernetes.
We installed Kubernetes, namespaces in here.
So if we are doing the same speed tomorrow, we are good.
But if you want, I can still talk about.
It all depends.
Are you okay to continue?
Are you able to take in more information?
That's my question.
Each one can give the opinion.
We'll decide how many wants to continue to say yes in the chat or no in the chat.
Anything is okay.
Okay.
Jane, want to start?
Let's start with you.
Please say yes or no chat.
Okay.
Others.
Okay.
Let's continue.
Okay.
Next topic is networking.
But in networking, we learned when you add in the CNI, the CNI is what giving
IP addresses, allowing them to communicate all the communication, network, all these
things, they get IP address, MAC addresses, all these because of the CNI, which you've added.
So we added the WeaveNet or Calico or Flannel.
All these provide networking features for the Kubernetes.
That's what we learned.
I have one more concept, networking services.
For example, these are your backend ports.
Yeah.
Now, if the containers, I cannot directly restart my port, but I can, the backend
start and stop my containers.
So if I do a start and stop, you see the IP changes.
And if I'm a user, if I have set up some session that I have to use 192, something
you see 192, 168, 2.32.
It will not work for me because the IP changed or this is how we can try to
communicate with this IP will not work.
So this is not very good.
It might stop your working off some components or applications.
And we cannot directly assign a static IP to this.
So we have to use some middlemen as per service.
So what we do, example, you create a blue deployment, you see blue color
with replicas three, and you use the label like app equal to blue.
See you use this label.
Now I want to map to a service.
So I say kind service and I would use the same label app equal to blue.
See.
So since the label names are getting mapped this and these are getting mapped
and this gets a public static IP.
So user now first user creates it.
He logs in using this IP.
The traffic could go to this one.
For example, if a second user tries to access it, the traffic would go to this
and then reach the second one.
Third user comes in, it's it.
The traffic go to the third one.
So instead of reaching directly you, the traffic will go via the static IP.
Same for other application.
Now other application, you create a deployment or a pod and map it to a service.
You want to reach the application to reach to this and then we just in here.
I'm getting it.
Similarly, this wants to communicate to blue.
It'll go to this service and this will send the traffic to either this or this or this.
Any communication would be in the backend using services.
And these are very important because the IP keeps on changing.
And unless until you use a service, they may not be able to reach the back end properly.
Yeah.
And this is part of your cluster.
So this would be your master, would be your worker one and worker two.
The services across the cluster, you see, is common.
We know blue.
So cluster service is called internal.
What are the internet?
Now this is your application, for example.
And this is your database.
Now this wants to come in database.
So what it'll do, it'll go and hit the service.
And that is the traffic with this.
So only if this one to communicate to database, this will come to get to this and reaches in here.
And you have to use a group proxy, Q proxy network rules.
You have to use a port number AP for two proxy.
And then it reaches the service, it is a service and then reaches the back ends.
This is very internal.
Now the next one, which is just as a note board is used in your pre-prod.
Or a CD.
What is changing?
You all work on it.
Yeah.
Testing area.
Okay.
You all work on agile, you're open releases.
So enterprises, you'll work on dev environment.
You work on test.
And then you would release it in pre-prod or a staging and then use your prod to
agree production.
So before we lie, we have to do a staging.
So now I'm using note port in my staging area.
How does it work?
You need to mention a kind again as a service and we can use any port
number between 30,000 and three to seven, any port number you can mention.
And the type would be no port and the port number you can mention like 30,000.
For example, so in do this, the same port number will be exposed at all the
nodes, including a master.
And if this is your web server, you don't want to access the traffic and go.
So you, you're testing it.
So you would use the public IP of this mission of like master public IP, the
public IP of this mission, colon, if you type in public IP of the master,
colon 30,000, it'll go to this.
Then it will go into this service and be just to here.
Now, if I type in public IP of worker one, it'll go to the note board of this
mission because the crew proxy goes to this and reaches it.
But I'm public at this mission on the beach.
It, it goes to this, put a few proxy and then we just in here.
This is what is not.
We cannot expose the outside world because you cannot get public IP to the others.
Let me give us different easier method to see this one so easily.
Please save this link at your end.
Did this link let's see this link.
I paste this link.
The chat.
So other way to look around in notepad is something like this.
So I see here, you say any traffic comes to prove proxy.
Now, if you see for notepad, the notepad, the traffic is coming from internet.
It reaches the notepad.
So each get a notepad.
It creates a cluster service.
It also exposes the port on your.
Excellent traffic comes like this.
We just hear cluster service and then reaches in here.
Traffic comes from outside.
It reaches the notebook number and then it just has a service reaches in here.
This is what is notepad and enterprises.
The DevOps engineer, they play around by using notebook.
And then once it is good, then they can't take a load balance on top of this
because the traffic, it can more traffic and go into this.
Less to this, less to we need to have load balancer.
So once you test this and then we go ahead and get load balance on top of this.
It could be your VMware load balancer.
We can use our FI load balancer or AWS load balancers,
or they can use ingress controllers.
All these we can use instead of.
The default ones.
So this is what is type notebook.
Now, as I talked about, this is doesn't have much distribution workload.
You have to use the load balancer type.
For this, we meant the type of is your load balancer.
Traffic again goes in notebook and then reaches and reaches.
Okay.
Are we getting this?
What are these three types of services?
Cluster is internal.
And talk about notebook, external.
And then you're talking about load balance also external.
Any questions?
Any questions?
So what I recommend do is we have learned a lot today for doing this
hands on services, you need to understand this very clearly.
So I would request you to read through what we learned this just for 30
minutes at your, at your home or wherever you are.
So that easier for you.
And we, I think we'll do the last of this other topics tomorrow.
Is that okay?
Any other questions before we close the session today?
Okay.
All the, all the hands are we'll do tomorrow.
So we don't, if you want, we can do it now.
If you can't, we can do it now also.
For load balancer, there's a demo because we cannot do it.
No balancer.
This is a demo.
I'll explain how to do it.
Uh, but we'll talk about ingress controller later.
That time I'll show you all like this because, uh, you have to use ingress
controllers, we use a lot as in this, we'll do an ingress controller.
So these are the topics.
Okay.
Thank you team.
See you all tomorrow.
Welcome.
Bye bye.
on 2024-12-16
language: EN
WEBVTT
Okay, so running or gene
So can you delete okay fine
Can delete your can you run the command?
kubectl delete
Is gene good?
Gene can you delete kubectl delete
pause
Space hyphen f and all
Hyphen hyphen all
Also delete kubectl delete
Jobs
Jobs yeah enter
Cron job
Yeah, no space
No, no is here
This use upper noise
No, not going
Can you mention the name of it? Okay delete from job? Hello is hello. Okay, fine. So now refresh the command of get ports
Hyphen not spaces
Why on the command again? Yeah
Okay, all good right here good right now
Yes, generally and chance
How to
Okay, how do you log in the server is that a question
Yeah
Yes
First login the master master you
What a master this is the IP of the master?
No, no, no one second one second
No, that's not a master the master
Master's ending the 233 charts one right here again master IP which you're using before is
52
Chat yeah confirm these three
52 is yeah, and you will know me this is what you use before and then maximize
Hey, what type exit is now run that command is a command what you ran now
You already have worker one
Please understand once again once again. What I plan to do master. Yeah
lunch once more
one once more is
So I fact you know so space I felt that I can see it. We're typing in
pseudo space
The center and please type in here. It is so
Space
Yes
Al I is
a
Yes
Yeah, right a s space K
K K K
alphabet K
Let me type the command
Let me type not this it is
He this
It was through CDS
Run the other command use your app add on your keyboard once more once more. Yes
Yeah, now, let's see this. Okay. Can you do a delete cubes K delete?
K delete space
What sports space space your space is bad yeah
Hyphen hyphen hyphen hyphen hyphen two hyphens. I don't see it a ll
Enter now also do a K delete K delete
Cron job on job CRON CRON RR
C R O N no E remove the E yes after cron job give a space space space
And hello. Hello
Hello, hello enter and what did you do? Okay. No problem. Let's proceed
Okay, let's proceed no issues. Okay others
Not good. Okay. So I think it's better now. Let's put the crash loop back off is not very getting shown
Let's see how does work the next topic
Any questions that you have a question?
Let me go down
What is this is
Let me what better okay, okay. Okay. So what are services services in simple example?
It's again blocking not clear voice one second one second
Is it better now? Okay. Okay now. Yes
It's good
All right. So what what is the service?
Why do you use services a simple example?
You have answered before you in this slide
What's happening in here?
Was answer was the IP changes is that the reason you're right
So whenever you stop and start or restart the container the port IP changes you agree it here so we can have a static IP
Instead of reaching directly the back-end part the user can reach to this
Static IP with type it doesn't change and that allows to reach your back end
So one is cluster service, which were internal services
It means if this was a communicated this it reaches the service and reaches in here
And similarly this wants to communicate this it reaches to
This and reaches here. Okay, so let me I think this is taking because of the problem. Let me discuss top the one second
It's a conversion of the video. I
Think that mean to later this is leading them on by this is a cluster service
in which it takes and
Reaches the back-end using services
was it talked about
node port in node port it is still a cluster service and
It also exposes an external port like 30,000 on
all the nodes
So any traffic comes from the public IP of this machine
They say public IP
Colon 30,000
Public master of worker node
traffic coming here and
Then reaches the cluster service and then reaches in here
Yeah, if you want to reach using the work owner IP I can use public IP's
Same one thirty thousand it comes in here and then come in here to same in here
So this is normally used in your staging area for testing internally and
Once this is tested fine, then we go on to load balancer in which you can create a cloud load balancer
Or we can also use ingress controller options and then the traffic now for example if 10 users login
the website
3 would go for this 3 or 4
3 and 3
So it's also load balancer the workload so that any service doesn't get overloaded and
Then it goes to the internal service same happens, but it goes
Much better management of the load is good
Now we will do hands-on labs now under labs. We have the lab under application
networking and
Lab point
I'll do some I'll do this observe and
Then you want to start
Let me stop these let me use the existing ones. I wanted to see what the problem
Okay, I go to this
And I click and paste
Now what is going to create so this created a part
Named backend it also create a service named backend
Both having the same label, which is role equal to backend
so you're mapping your service and your part with the same label names and
The exposed word is what binding the service to the part
Yeah, let me show you this so now if I say get parts open worldwide
You see that the part got created the backend and the part IP is 10 44 0.2
now I'll do a get service and
This service got created now, which is backend
Now I would do a describe
Service and the name of the service now if I do this
This is your static IP of your service and this is mapping your endpoint. You see endpoint
1044 0.2
So you see that is the IP of your part
So instead of me directly I can directly reach part by doing this curl
1044 dot 2
But this IP might change
So instead of using this IP I want to use the IP which is your static IP
So now what I'm going to do is I am going to describe I'm going to say curl
I'm going to run this command 10 1 0 2
126
Dot 1 3 you see I'm able to reach
Did you understand
Everyone
So instead of reaching using a pod IP you able to reach the backend and you can do this on all the nodes
You can do the master once you do it with this observe it and try to reach
The pod on all the nodes using the service will probably put your master and worker nodes and all of them
Yeah
Start doing it now. So first do the master and then check able to reach the IP on all the nodes
Yeah, what the one is right looking
What what's happening sure yeah one minute
Let's finish this so her in one zero two
And then talking about 126 and 13
So like this you can do on all the nodes right so start doing at your end
This chance
Also, once again spelling is yes. Yes
Yeah, yeah, no no no one second
They move one just have SU and that's it out. Why?
No, why are you using worker one?
Chance yesterday configured. Can you go to master mission? Please do a cube CTL for every node?
You have to write that you have to write it alias
If you don't have it you have to write it manually on every node there whenever you log off and re log in
You have to again buy that command alias are getting it alias K to cube CTL
Okay, can you now type in?
Yeah, you already know master before okay enter please enter take get nodes
K get nodes
Nodes
Enter
You're supposed to log in a worker three and worker four
Abhi good
Charles
I gave it to I piece correct. I gave it to I piece
Don't log into that close the worker one piece close the worker one in the back end close it
You get confused again closes click on close
Yeah, click on close window
Fine, so now no no now in this version now log into the worker three the IP which I gave you today
I mean I give you a copy script. I'm not sure I give the IP string in the morning
Yeah, so 193 is please note down somewhere, please
worker three
Yeah
Abhi clear
So in any mission if the K doesn't work, it means that you might have logged off or something
You have to use alias K equal to cube CTL
If not here type in the exact command cube CTL clear. Okay. Fine now proceed
You're good now alias
K
Equal cube CTL. Yes
One second on worker three one second one second
We don't use cube CTL on a worker nodes are getting it
We used to be one day on the master because the interface is a master
That's fine, you've done it that's fine. No need to worry about it
But we don't use cube CTL on your master we use one day on the work and we use one in the master clear
So any work we're doing it right now the K would be on your master clear
Thank you others any questions, uh, junbi, are you good? Okay. I understanding what's happening
Now let's proceed. Yeah, so it runs in the lab. Okay. Are you doing the lab now?
Okay, next one the continuation of the same this is your port
But in the part we cannot scale up so we preferably want to use
So before we go ahead
you can also go ahead and delete
The
Delete your part build a service first
Delete your service
Hate delete svc in the packet
It doesn't affect the existing part it still runs but the ip is gone
So now when you try to access the same word it before
It will not work because the cluster service deleted
Yeah, so after you do this now
It would
So let's go ahead
The last master machine can also delete
The parts
So next we are now going to do
Operation using deployment now i'm going to create deployment
And we're going to map the deployment with the service
Okay, let me do this
I wanted to observe ask questions and then do it so that you understand the concept
So this is my deployment
of one copy
And uh, this is your application
I'm going to create this i'm going to map this to my service so copy this and I go to my server
I would say plus
Name of my deployment give any name
insert mode
And I would paste this
Paste
Okay, so it's pasted
So now i'm going to run this now and say apply
FNF
The cluster
Will get created
So say all you consider all get all it show everything what is there. So it's created your
deployment
It's created your
Replica set it has created the part it's doing the part
The part is got created
So now i'm going to map this part which is 1044 0.2
Okay, first create this
Run the deployment and observe does it create your deployment replica set and the part?
Yeah, what are you doing have you saved the file
Now you want to say cube k apply
K apply and now
To ptl
By q it is cube ctl or k use k you already use the word cake before apply minus f plus dot yaml
FNF and the file name space file name
Okay, I want to understand chas is your internet slow because I see others are faster
Use the stove is the internet slow today? Not sure i'm able to see other terminals getting loaded faster. Yours is very slow
I'm not sure fine
Yeah, plus dot yaml dot yaml
Dot yaml enter. Yeah now do a k
Type in k space get space all
All all
Enter
Yeah, you see now you see that the part has got created deployment is running and all the got created, okay
right now
We're next step
So next step is I want to map this deployment
To a service i'm going to create a service. You see here. This is a kind service
name of the service
And the type is cluster ip because I want for internal
And this port is for q proxy
This is your port on your container
protocol is tcp
And your service and the port needs to get mapped and hence you are using labels and selectors
So this is going to map your service to the pod
Which you created using your prompt
Let us go ahead before we do this one delete the previous one we did so now i'll say plus
Svc dot yaml and i will paste this
I'll burn this down
K apply hyphen f and find me you can use the tab
Now we'll check
svc
Now I do a dist file
Svc and the name is nginx
Hyphen svc
So now it says this is a service name
Which namespace default this is the label in the selector the type of cluster ip single stack ipv4
And this is your cluster service
So now let's just say
curl 10
109
Dot 186 whatever ip you have you go ahead and try this
Do the same on all the nodes
Yes next task for you all create the service and try to reach the service on all the nodes
on master worker1
and work it too
good
Then we good
On all the nodes I see junv is good ck also is good. Okay, so it's working
so now
What we now do is we would now
scale up
The question for you all so now if I scale up my deployment
It'll create new pods do I need to add them manually to the service?
If you create the scale up and deployment do I need to add them manually?
To the service what do you think? So for example scale up and deployment
Do I need to add them to service again or would they get added automatically?
Yes, why it is because they have it they're using the same label names getting clear
Since they use the same label they get mapped so now scale up and check in the service now and you'll see that
The new pods which came with these ips even they're getting mapped automatically
So now first time if we hit it the traffic it'll go to this pod
The second time someone hits the service static IP will go to second pod
If someone hits again the same IP will go to third pod
So it is also acting as your internal load balancer. Yep
Do next step, please
scale up
And try to reach
You have to reach you cannot see where it's going. You can you want to check the logs of it?
But you can able to see some information here
Okay
Are we good any questions? Yeah. Yes
This is internal for example, if you have an application and database
The application database is trying to communicate internally not outside. So for so got it now this is this could be an application
And this could be your database for example here
When the applicant want to communicate with this it will go to the hit this it reaches in here
Yes, so now if you want to do it now we can again do it you have to create one more deployment
Then you can map it so you have to create one more service if you want to we can create one more service
The different application try to do it
But this happening internally here. Okay now
Now we'll look into node port method so now let before that let's delete the existing ones
So delete your deployment and delete yourselves
They mentioned the deployment name or delete deploy or deployment
Hyphen hyphen all
And you can do a get all
You'll have a default service everything is gone
Okay, good fine now let's do the node port now so the node port
The lab two, yeah, we'll deploy again the same one
same deployment
And then we are going to map this to a node port in this now
You see here the service
Type is node port
And it is you also mentioned one more node port number
So this will create the cluster service first
I will also map
The node port on top once you do this
It gives us cluster service
And it also maps a node port
So traffic comes first from internet it comes to port 80 to this and then reaches your cluster service and reaches your internet and you can access
Public ip colon the node port number on all the boxes in the browser
And you will be able to see this page. Yeah
start
Yeah, so now you can do anywhere you can do any any ip wherever you are you can play around so for example
First ip is in this example. So now what I do is
I would copy that ip and
Do the same for all the ip's so we see that
Cluster or the service is not part of a node it across the cluster. This is what we understand
You can also copy this
And run it on any mission any ip you can do so you can master mission from master
You can try to use a public ip of your worker one or worker two
You can also do anywhere anything any ip
Curl and ip
That's uh
We're trying to do one second charles
It is curl not this ip. So do a k
Get service first
Type in k get svc now
You have to use curl the public ip
Of the master not the private ip public ip not here the one the ip which is logged in
The ip using which is logged into the machine the master ip
Service ip ip public ip any public ip you can try either worker worker three worker four any ip
No, no one second. Not second at a whole. Yeah
Do our power do a parent
Colon
No, no, no same command at the end of the command
Can you do the same command now, please go back to same command
Use the up arrow
Not this yet. Wait colon press colon
The end press colon shift and colon not three one
0091 the ip port number you see number
The number nine. Okay, press enter. Okay
So what did we do?
Is the ip right? Let me confirm
So charles arish with ip is right one second, where is your deployment really clear deployment? Okay do
then
It does region deployment. Correct. So write the deployment file now again
Do k get deploy once again
K get get get k get deploy k
space get
Space deploy enter. Yes, so create a deployment first vi you see deployment file
In your document
Create that and then when the run little work here getting it run the deployment and then do a curl the same command
It will work. Okay clear. Okay
Others are we clear everyone you can curl to any ip for example from the master
You can put in the public api or worker one. It will work
From your worker two you can try to use the public api of your master according 3109 to work
The cluster is completely part. It is service is part of a cluster anywhere to work
Yes, so what's it now minister how it is coming from other node, how is it going is that a question? Yeah
Yeah, it's because your cluster the service
Doesn't belong to one node. It is part of a complete cluster. Any it
The service doesn't belong to one node
So it is all this is common across one any nodes or the cluster so it reads a master
Worker one worker two because the cluster the service is not part of one node. I get it
It's for the complete cluster
Hence we have to reach on all the nodes answer question. Yeah. Yeah, so are you able to reach on all the nodes?
Is it who is speaking now? Is this ck? Okay. Okay fine
So this is how we talk about
Now this is used one day for testing. Why tell me we can we give public api to your customers?
We cannot get it
We do one day for testing and then on top of this we create a load balancer
So now so how do we do for load balancer?
It's a demo we cannot do it because it you need to lots of work in case you want to have a load balancer of amazon
to do it
incubarium
But I just tell the process we have to do lots of work
But once you're done
the syntax is this
So instead of the
You can update this load balancer and this will create a load balancer
Of amazon could be like classic load balancer or you can create applicant load balancer
If you really want to do this with cubarium or other methods then there's other method called a kops method
So you have to deploy your cluster using kops
If you deploy using kops you can get in the load balancers and other ones you can observe it
But this is very very specific to amazon
And this is advanced
Yeah, so you have to use kops method or or eks method you can use it
Yeah
so this is about
Services we talked about what the cluster service we talked about
Node put and we also talked about here. We'll again come back to load balancing using ingress controller in the last topic
Okay, charles. Are you good? Did you create?
Uh the deployment can you do a get k get deploy
K get deploy, okay do ls
Do ls, please. Where is your yaml file of your deployment? Can you do a cat?
cat of that file
cat node dot yaml yes now one second come down
This is service with the deployment file deployment can you go to document?
Okay, i'll give it which is not this is round let me one second
No, one second in the chat i'm going to paste a yaml file copy that to a new file and burn it
So in the chat i've pasted the yaml file
Create a new yaml vi and copy that so vi give some name so you can say deploy dot yaml
deploy dot yaml
Enter
Yes, I
Copy the yaml which is in the chat. Yeah paste it. Yes escape save this file save
Apply fnf
And this file name deploy just type in your tab you can use tab
Spelling is wrong. No, no, no use the tab key. You have tab tab key on your keyboard tab. Yes enter
Okay, now do a k get service k get svc
Enter so now what you do is
Do a curl no curl c u r
htp
Curl p colon
Double slash and what is the public IP of your vm any vm public ip paste it. Yeah
Do one second. Yeah paste it and then yeah paste it colon 31009 and are we clear?
So you can do a curl of any ip or the other machines also in here or you can also copy that
Yeah, do the other one do htp colon
Double slash any other ip of your worker one colon 31009. Are we good?
You can also copy the htp url
Now copy the htp url the browser
To your systems system browser
And able to you can also see the web page. Yeah copy the htp url colon
And be good. So you can do not in this you will be able to do this on all the public ips
Worker one public ip worker two public ip workers all those time getting it concept
Okay, thank you. Thank you. Now next topic is storage. So do you remember this lab which we did empty directory?
Do you recollect
Empty directory in which you created a part and then you went into where lip cubelet
Ports and once it deleted the part you lost the data the memory. Are we clear? Okay
Do you want to once more this lab? Yeah, do it now if you're doubtful
The concept not clear do it now
So before you start same go ahead and delete your previous resources
So delete this we see all
And delete the deployment all
Okay
Do this yourself what I talked about it
Charles I want you to do the lab yourself and do this next lab in your storage storage do the lab one
Yes, are you able to do it the lab
Yes, chas any questions under parts, yeah, press enter and remove the additional for yeah enter press one second one second
Do ls-ls. Yeah
Space okay yet wait, uh chance ls. Okay type in ls
Space hyphen l and enter it represent. Yeah now go to the latest one see the time now
You created a pod
See the 558
Not that one the 558
Yes, go inside this
Cd
Type in cd and just type in d just type in d a just type in d and tap not paste it
Tap tap tap on a keyboard. Okay. Okay, and then press enter. Yeah typing clear. I can see a screen
I've been clear. Please. Yeah now do a ls enter cd space volumes
Cd space volumes enter less wrong fine. I think you have gone to a different one. So do a cd dot dot
Did you create that part transcript?
But tell me what exactly did you do before this step? Okay, do a cd dot dot one second. So now
Can you run a command?
Uh, let me give a command type in cubes etl. What is the pod name of yours? What the pod name it got created?
Do a cube cd get pods
Do a cube cd get pods cube cd
Get pods present
Okay
Okay, let me give a command you want to paste the command the chat, okay i'm pasting it just run that command
Okay, can you copy and paste the command?
Which again a chat enter?
Yes, so you're supposed to go into this folder clear
Which is
Okay
so now
Do ls-l ls-l now go to this one
Where is this once again once again, okay do ls. I'm not sure backend
Did you create a part once again once again, give me a minute
I don't see this part
Where is this part? Okay. Okay. Okay once again
Once again, you're doing a mistake
Charles
You're supposed to check this on the worker node where it got created
Not in the master here. So can you now do a cubes to get pods hyphen o white?
Again run the command cubes will k get pods
K
You have a short form correct you have k or you created before k get pods hyphen o
Hyphen o space white
Yes
Now which number you're going to go to work in worker four you're supposed to go to this and search the folder
Okay, are you clear in worker four do the same what you did?
And you have the name of the folder
Clear okay others are you clear? So this is a temporary directory
Okay, let's wait
Yes, gene your question
Yes, yeah do ls go to volumes ls
No, this is wrong one the wrong one can you now so can you go to the master first
In the master I give the chat one command
So can you paste that command of getting the pod id pod id your pod id is wrong you're getting confused
So you can run the command in the chat and give it a command the chat run that command to get the pod id
Yeah, enter they're supposed to go into this folder in your worker two
E4 yeah, yeah, so go to cd dot dot cd dot dot
Once more cd dot dot is now do this
Now do a cd and say just type ee
Just type in e and tap yeah, so e4 e4c
if type
Okay now
Are you clear?
So when you have a confusion about which part you have to get the pod id go inside it the same now volumes
First one type in e type in e and tap
Yeah, go inside it cd cache
Do ls yeah now try to create a
Now no files are there correct so try to create a file
Touch example dot txt
Yeah, now do ls now go inside your container which is mapped and check whether you see that file
You must log into the container so which part is supposed to check you're supposed to check the path of
slash h a 1 here are you so
Ca ch e
Ca ch e
No, no ca
Okay
See yeah, that's it
enter
ls
Now try to create a file in here
Create a file touch file touch some file. Yeah some other name
Dot txt now go to the enter now go to the worker node do ls you see this now are we getting it?
Yeah, yes, yes you did you did it the wrong one before
So now now delete the pod and see what happens
In your master come out of this you're in the container now yes
Delete the pod
Delete pod and the pod name test hyphen type warning all that also anything look here. Yeah. Yeah
Yes, now go to your worker one
and uh
Yeah, the the node worker two here so worker two now do ls. We don't see the data clear
The data lost so empty directory is running for temporary storage
But delete the uh pod you will lose the storage. Yeah
Because because you see when you know get pods hyphen o while
This is the output of get pods hyphen o while it says which work node above that above that
Above that above that above up up. Yes
Yes, yes that output is yes, you see yes
No
This is deserved given us
Thank you. Okay. Others are we good? Okay, so I want to understand i'm not including one module. Do you also work on scheduling?
Would you schedule the parts yourself or done by someone else? So what a question is we have in different uh,
policies for scheduling
Is it required or not? Do you want to learn about how to schedule different policies? Is that a use case?
So for example you you can say that I want a pod to get created on a specific node
Or on some other node you can write in some policies of scheduling
Is that
You require
To be learned or no. Okay. Can I use the replica set for empty directory? Is that a question?
Yes. Yeah. Yeah. Yes. No, no
It it does the load balancing
It'll create on both the nodes you can check it now. Let's get let me give a command
Okay, so like like run a command give a small command observe it. Okay, so
you can
run
uh deployment
deployment to
replicas as four
And you made equal to hdpd
Okay
Now i'm going to get command
Run this command on the master can run this command the master. I'll show you right away. Okay, whose screen i'm seeing is it screen of
charts, okay
Okay, okay. So whose question is now? Uh
Is it doing ck? So secret i've given a command. Can you run the command in the master?
Type it clear first
Please type here. I can't see a screen, uh down so type it clear and then down the command. Yeah
Okay, now you see here this is going to create four copies of image. Okay enter it now
Now do a k get all
Hyphen o white parts hyphen o white hyphen
Oh
Wide yeah, you see here it is created on both worker one and worker two two copies. Have you good?
It's okay. So do you want to go only on one node? Is that a use case? You're good. Okay. Yeah. Okay
Thank you. This is how it works by default
So to understand my question your question is can I mention a specific worker node to create a part or deployment correct?
Yeah, yeah, we can
So we can so as a reason talking about do you want to loan those?
So let me give an example of what our do does in tax
So let me
So we have
When you go
We have node name
Method this is syntax
You just need to replace the node name with your worker one. Okay, let me run this so
Question was can I create a specific node so I can do it. Yes
node name
dot yaml
And I paste that
So now this is going to get created on which node
Yeah, I modify the node. I'll say worker
Two clear
And modify the name of it, this is the name of the part going to be created on worker two
And now I can say to run this
If I say get pods hyphen over y it runs on worker two clear
Yeah, this is syntax they can modify the worker to worker two
You cannot create a master because it's tainted. I'll talk about it later if required
Okay. Yeah, any other questions this chance are good. Now, let me talk about the other types of storage
Then storage we can use why you're talking about storage outside is because if you delete the pod you lose the data
And hence you might want to have in the containers or the pod data to be outside
So one option is this is temporary you can have in the storage outside
Temp is a temporary one
You can define a specific path
You can say that I want to create a net slash tmp and this is nfs. What is nfs?
For example, let's consider that you want to have in this folder
Which is outside cubanets
It is not in cubanet is somewhere outside and this folder could be shared by both the nodes
one and two
And if I have a pod
And if I have a pod in here both these can share in this folder
Xenof is network file system for external sharing or we can use a cloud-based method also
So we talked about empty directory
Which we did right now
It creates in the memory when a pod is assigned to a specific nodes
When you remove the pod if you lose the data is temporary
What is host path so in a host path you can mention either a directory or create
Option in which it will create a directory on the fly
Or you can mention specific existing directory
Or it can create a file
or the existing ones
socket
Character all these would support
So example
This is a pod
I want to get created in the path host path you see under mnt slash html
So if this path must be existing
So it will go ahead and create
And this will get mapped so whatever I make changes under this
Path it will get updated on the host on the specific worker nodes. Yeah
Let's do this now
Let's do the next one host path lab
Which is your lab two
So example in this
i'm using
a pod this is my pod name
And this is the type directory or create
So if this path is not there on the node where it gets created this path will get created automatically
And this path is getting mapped to the container because here's the name of the volume
I'm, definitely the same name of the volume in my container
So whatever I do in here it gets mapped to this location
Even delete the pod you still have the data. Are we clear? I can also do this for same for example if you have a file
Or directory I can have two mount points so I can mount a file also
Or directory also
And I'll have two mount points if I make any change on this and this will work. Yes do the lab now everyone
To do it. Let's get started
So before we start to avoid confusion delete any existing ones
From this part copy this and paste it
We run this
Reply hyphen f
host part
Now this got created
See on which node it got created
Work it to
So now I have to go to work it to
And see if you have the folder
Create it
You see the folder is there try to create a file so I can say host dot ext
And now check if able to access it
See that file try to create a file in here
And now you see that file in here
That's it did the pod and see the file still existing it will still be there because the host method
So play around then come out of the container
And say delete
The pods
And you will still be able to see the content the host
Yes, team, please play around hrs. You need help now do a do a k get pods hyphen o wide
Do a k get pods
Hyphen o wide
Enter
You went out so type in alias
Type in alias. Yeah, set the k word again from that k could cube ct error run the command again
Okay
You know
One second k can you do a cat?
cat
cat
host space
host pod
Yeah tab tab
No, no, no after host tab
No space
After host press the tab button
Tab on your keyboard tab, you know what the tab
press it
Enter. Okay now
Apply
He apply
Space hyphen o the file name tab
Yes
Now get the pods hyphen o wide
Get pods
Space hyphen o wide
And on which node you got created worker three so go to worker three cd
cd
Forward slash var forward slash local
Now var
var
forward slash
You can use the tab press the tab forward slash d d before
Denver denmark d d
d for denmark
Yeah
Now d for denmark d and tab tab see data coming up. Yeah, press enter center
Okay, create a file touch
uch touch space
Host just give a name any name any name of the file dot txt
For h o s t. Yeah something dot txt enter now go to the master login log into the pod
Cube ctl k
K exec space exec login the pod
Log into your pod which you created
exec hyphen it
Can't you understand please you know the commands you practice
Exec space hyphen it and the pod name and the shell is nothing you internet is low. You want to check at your end?
It's very slow at your end. I give it a command in the chat can run that command
Copy and paste that see you wouldn't copy it. So it's somewhere getting stuck
enter
Okay, charge I want to understand is your system slow is your system internet slow or only the server is slow, okay
Fine now go to cd
Let me give you a path once again the chat will give you okay access this path. No, no, no, no one second
Sorry, sorry, it's a spelling mistake one. Sorry
Uh, so can you use apparel use apparel press apparel
Yes, now just go to the shared word use the backspace. Yeah, so spelling mistake is there you see share spelling. Yeah s h a r e
a
Enter and press ls. Do you see the file? What do you create?
Yes
Now try to create a file in here do a touch
Give a file name in here touch any other file name not get some some other file name not the same
dot txt enter
Now go to the worker node do ls file
here
Now delete the pod go to the master
And do k
k space delete
Space pods type in pods
Space hyphen-hyphen all yes. Now, why is that going off? I think getting this kind of something. Okay cube ctl delete. No, no ct
l
space delete
Space
Pots. Okay. Okay. Sorry. Sorry. Sorry. You are inside the container. Yes type and exit
Sorry, sorry, you're in the container. You cannot do it type and exit. Yes
Now delete the pods here
Delete
Space pods hyphen-hyphen all two hyphens
Two hyphens. So now go back to the host now
The worker node ls you see the files clear. Yeah, this is the lab clear
Okay
Yes team. So this is all about how you could create a host path. Are we good?
Okay, do you want the second one yourself with the file?
The second task in which you might mounting both a file and
The folder of the lab yourself the task two same lab task two
Okay, are we good you must be able to see the file getting mounted automatically
Genuine ck gene
Any questions? Okay. Good. That's are we good?
No, no, no, so what is the example what is the example html it is your the file path is wrong
So when it asks you let me know what you're trying to do
So you created a share
Once again, you created the master cut you have to the it's not created on
worker
To correct it. No, it is a it's an old one. You're not created it
You're not created it
Are you sure you created it? What is the name of the yaml file you gave?
Can show the yaml file of this in master run the gap do a cat of the yaml file. No, no, no
Don't do like this use apparel
Please use apparel
Yeah, which one was it
Once again go up again once more up open this file. No, no go down press down arrow
Okay, can you do the lab again to create a new one
Can you create new one?
Post path. No, no. Yeah new dot yaml. Yeah
Before
Let's talk about the next one that task two not this
You did this
so escape colon
You only completed this correct why doing again so press escape then we'll do this escape escape code q
Q no, no
Fine escape
Colon escape. Okay. Now do a new one vim
Type in vim
Please new type in new dot yaml. Okay enter
Now when you go to the lab document when you go down you see one more yaml file is that
Yes
See on which node it got created
See on which node the pod got created get get get is missing
Okay, go to work of four yes now which path is supposed to go
Which one is supposed to go check your yaml file
Dot local dot data credits go to the location where local a a c d dot
forward slash bar
slash local
Forward slash a a a
after
It is not local. Yeah, it is a a not d type in a
Delete d type in a
And tap tap press the tab key. Yes, this is the path now press enter do ls
Create a file do the same thing. You see the file
Yes
Okay, I think good others. I'll be good. We'll continue or you need a short break
Okay, I think the time right now for you is
1046 is the time. Okay
So break till 11 a.m
Hi, I'm back
Yes, charles. Okay, who's talking now?
Is charles and whose question is it? Okay charles. Can you hear me now?
Okay, what's your question I don't understand you yeah, okay, what's your question now what do you get can you show me?
Okay, it means that
After you create you cannot modify the field
Yes, yes
It'll be a new new part with a different name of the part
Or you have to manually go inside and modify it. You cannot modify that parameter because the part is got created
Is mounted
Okay others any questions? Okay, let's proceed now
Now continuing the same storage
We have the next one which is called a storage class or storage profile
Let me talk. What is this? So what is storage class or?
What is called as storage?
profile
sorry class no profile now
You work on so we work on different environments so you work on dev in enterprises you work on test
You work on production
You also would be
Requiring for archiving archiving long-term storage
And enterprises we use ssd
HDD
And magnetic so which one is faster among this ssd which one is faster
Which disc is faster among these?
Is ssd faster hd faster this one is faster this is faster this is the first one
This is the second
and third
Which is costlier?
This is costly this
So now which one would I use for prod?
For live which this could be good good clear for test workloads and dev
Can we use this and for long term we can use archive
Is the diagram making sense good? So
In your cubanets, we have to create a storage class or profile for each of these
So what does the backend storage team does so they would create a storage class?
kind
Storage class and they mentioned
the type
Like ssd
And they say size could be 100 gb
So they create something like this for ssd they create something like this for hdd
So say that size is 100 gb
So these are called a storage class of profiles. So we again have one more kind. This is what they do
After this is done what they do is the storage team
This they make it to small portions. So they convert this to something like persistent volumes
so persistent
Volumes could be one
This is 25 gb. So they create like this
four parts four components
25 25 25 which makes 100
Are we clear what is persistent volume? So we have how many persistent volumes now how many persistent what will we have right now?
As a diagram board. So this is what they do similarly for this also they create
multiple persistent volumes
One two three and four
So persistent volumes are
partitioning or splitting up your disk
Into different logical volumes, so this also call us logical volumes. Okay, so this is done by
The storage team this is this is all done by storage team. We're working on kubernetes
They create a storage class for different different type of storage and they create the logical volumes
Yeah, now what is next now? Let's consider that you belongs to a devops team
You are a devops team
And you want to use that storage so we have a storage create in the backend and you want to use that so your
sme
Or could be your team lead
Of your team
They would create something called as persistent
Volume
claim
They create a claim for the team and then they say that
Give us 50 gb
So they would create a kind
Personable in claim and they say that I want 50 gb. So this 50 gb is within the team now
You are an analyst a developer
And when you create a pod a kind a pod you would refer this so this will be like pbc1 for example
You would refer that pbc name inside your pod
So this pod requires like 1 gb it is taken from in here
So like this we can create multiple pods or deployments and the storage comes from this storage
So now your team lead can understand how much you are using it
So you're following a process to ask for the storage
similarly
The backend team the storage team they can see who which team asked for the storage
So this is a good process to manage storage
And accountable tomorrow if someone needs to know which team used the storage
How much the cost all this could be done by using this process you understand the process everyone? Yeah, I repeat
So storage team would create what?
what are the things they do they create the storage profile
And then
They create the pb
The devops team
Would create a pbc and the analyst would start using that in the pods or deployments
This is what's very class
Yeah, or the profile talking about it the story class provides a way for administrators to describe the classes of story they offer
And this is based on different type of
service levels speed
discover profiles
So example
Type dp2 in amazon gp2 is a type of ssd. So we have in amazon we use gp2
We use io1
Or we can use sd1
Or we can use sc1. These are different types of what we have. So these two use hdd
And these two use ssd
Yeah, i'll talk about these later as of now just think about what we'll talk about all the things that are latest
We'll come back a minute later
So in a pb, they create something like this
And after this is done
Yeah question, okay after this is done you see this is your pb method
Name
This could be a local. Don't mention local local means is going to take the storage of your cubanest
Cluster and the path and if you want to have in the storage to be accessed by all the nodes
Host path provides you one in the same node. So we can also use an nfs. So nfs means external storage
Which is on this server?
It could be used by multiple ports running on different nodes as we mentioned
And a claim
You mentioned the claim how much you want in the backend?
And this will be used by the team
There is your pbc for doing the pbc either you can a static method or dynamic method
So in a static method
All this must be done
So static method all this must be done
but this sometimes could be slow because the team
Needs to create a pb manually
And then the pbc all these things
This is slow
so
This is where this is the method is called as static
Now in the dynamic method we could quick do quickly
wherein
The type of the story class which for dynamic must be something called
Immediate
So when you have any story class with this words like immediate or it could be wait for first
Customer it'll have in some parameters like this
So when you see something like this, it means that this is a dynamic storage class
Yeah, so what exactly we mean by that so dynamic storage class if your story profile is dynamic
You can directly go ahead and create something like that. Let me show a small example. You need not create a pb
You need not create a pbc
So directly you will go ahead and mention in your pod
or deployment
directly a template
like this
So this will automatically create a pbc in the back end
It will create a pb in the back end
Automatically we need not go ahead and create a pb pbc all these things manually
So it creates your pbc
And creates your pb all these things automatically in the back end
That is called as dynamic
So dynamic you need not create a pbc and pb just refer the template in your port or in your deployment
And that will get created automatically
That is called as dynamic
Why do you want dynamic?
Because of the challenges of the manual
And the same in here i've referred that also so there must be a storage class
With need to support a dynamic
And then you can refer that template in your pod or or your deployment and that will take in the resources
So for example if it is in cloud
Or very fast then you could practice to use dynamic again when using this we can define some modes
So you can say access it only by one node
Multiple nodes and what happens so example your sme created a pbc for example, and if you delete the pod
For example, you had a pod created and later you delete all the pods. So the pbc is something you have
so either you can give this claim back to
the
Storage team or you can use it for other project
So retain means
If you have the claim still you can use it for a different project
You need again ask the storage team give me the storage
Delete means it will delete the pbc the story from your team
It will go back to the storage team and the storage team can use it for different other purposes
So if you don't mention the type it's retained by default delete is something which you need to explicitly mention that
in your type
So in here the default is reclaim the testing so
Very brief. I hope you understood now what is sorry we talked about
Or also called a solid profile
How do you create it looks something like this if you see a word immediate or wait for first customer it means it is
Dynamic if you don't see these are static methods
They can mention reclaim policy for the pbc to retain or delete it
and you can also mention the type and you can also mention the
permissions the dynamic
Or it could be your static
This is your pb
Any questions, so I want you to see some live examples, let's see this
See this link, how does it look so you can see this link and observe all these information
Then go down
How do you create all these examples claim precision volume storage class?
Looking for search for storage class the right side left side
What I want to search it you'll get some documentation you need to mention provisioner
Parameters and their rank reclaim calls into a class is one more example
Okay, is this a static or dynamic this word class dynamic or static testing?
Please answer
Is static or dynamic you mention chat also the chat piece who wants to try this
Charles gene is a static or dynamic dynamic. How do you say that? Yeah, you're right
It is this one. You see this
Wait for first consumer or immediate if you see it. It is a dynamic. Are you clear? Yes
That's wonderful. So this is an example about retain it means that
If you
It'll go back to it will be still with your team. So this is what we're writing in your storage class example
So you can mention could be a cloud
Or could be a local local means going to use your storage of your cluster if you use nfs for example
We have to refer again. It's a nfs. It's a different type. Let's create again a
Subplace for that class so for each and every type we create so that
Example you're working on vmware
And you want to get your cubanets then you use your v-spear
You create a separate storage class
For the v-spear which will work for a vmware. Yeah, so this would be a static because don't say the word of
Dynamic or wait for don't see this. This is your static like this you can create for every storage
All these are in classes, this is your dynamic
Okay, are we good? Okay. So now let's do uh, and so on access
Model lab three so we're going to do a small example of a local
See in cubeadm
You you don't have any storage class. You have to install plugins and other ones. We're going to use a local one right now
So we're going to create a 10 gigabit and we'll see the information by doing describe and get then we create a pbc
Or the size of what you want let's tactic. There's a small challenge
For example, you had 10 gigabit, but you asked for one it'll give you the complete storage
The challenge is there in your tactic
To give a complete one that at least we'll try to see how you can do it
Then we will create a pod and in the pod we'll refer this pbc name. So refer the claim name as
My claim one or for what i've given in here. I think we're given here my claim one
Sorry, this is your one, okay
I create
And it will use the storage
from your pbc
And this will get mapped to the back end in your host path, which is the first one the first one the lab
In here it will map it to work. This is on the host
And this is getting mapped onto the container
in this location
Let's say go ahead and create a pod and see which node got created
And you still see the data persisted
So your pb is mapped using the host path method. Okay, let's start before we get started delete the previous one so that
You don't get confused
Go to the master
Delete the pod
And then start the lab
So first create a pb
Do it get describe observe and then the next step
So copy this now
And then at the vipv any name can give at pb.yaml
And right click paste
Paste
Here
And save this and now apply at neft pv.yaml
Is it done what is not care? Let me check your screen and type it here type here
Yeah
Okay, which yaml file is this
Can you show the yaml file of this?
I think because of the syntax one second the small error I can delete this
Syntax is not I think some confusion one second. Let me give you the updated one because syntax give me a minute
Can we replace that yaml with this replace the yaml with this the small
Change and now try to use this yaml file delete or create a new one
and confirm
And again elements like this
Getting error
Give a different name for pb what he had one
Okay modify I think what he had a previous one so give pb2
What do you have that
What he had one before okay, I think you can use the existing one also I didn't want demo before
Does it work?
Yeah, good the one which I gave you now it is working
Is dean are you able to create
Now one second, uh, can you tell me what you're trying to do now? Okay for which for which one?
Yeah, I think what he can use it try to try to apply it fine. Fine. Okay done. Do yeah next command do get pb
Do okay
typing clear right here
Okay, get pb
Do I apply apply it again enter? Yeah
Do okay get pb. Yeah, good. Okay for the next step now the next step any question you have
Yeah, the next step now what you do is
Go ahead
and
create a pbc
Okay
fine
We're gonna pbc dot yaml
Set mode and paste the yaml file imagine volume name. I'm using pb2
So i'm just trying to i'll modify that my end you can use pb1 itself
And I paste it in here so my you can modify the volume for example make it two my minus two viewers one play around
and create
A pbc
Yes, is it bound check it got bound
So you see a pbc now it's bound you can again do get pb you can see that which claim is using it
Do a get pbc
After creative apply the pbc
Do a get pbc also do a get pb and you can see so now the storage team can see which claim is using it
Are we clear
Okay, good so now do a get pb. Okay. Good. So now let's create a part and we'll use the claim in the part
Next step is go down create a part and referring the claim name now create a part
Dot yaml insert mode and you paste it
Now you want to save this
Apply fnf pod pbc dot yaml so the pod you've got created
After the pod got created do a describe pod and see
Whether do you see the details of the volume? Okay, you can do one more step. I remind you do a describe
Pod and give the pod name just to confirm it is properly created with the volume
And when you see this in describe pod you see this
This is what talking about you see it is using your pb claim. You see this everyone
Confirmed
After I create the pbs this is so it means that this part is using this pb
That is already confirmed
Yeah, so now go ahead and check the mapping so the pod what you created the container
It would have got mapped with which location?
So this one the starting one which you created tmp data 01
So see on which node it got created
Go to that location to this this one and see the mapping to the container. So now what you do is
You're going to work it too for me. So i'll go to work it too
And I go to cd emp
The folder
So this is what is getting mapped so i'll now create a file
See on which node got created and go to the location where the tmp data 01
Which you see under the path in the first yaml file try to create a file
And check if we able to map it to the container
Which is under user share engine x html
Yep now go to master
So that's fine now create a file and say container dot xt
And now you go to the worker node
You do ls you see the path is coming in
Are we good
everyone
Junvi ck charles
Okay, okay same delete the pod and see it will be there because we're talking about host path
So this is a simple example of how we can use
static volumes
And the storage it is using is within your cluster. You see the container still there. Okay, so this is
All about your storage and we'll talk about tv pvc and these once you're done delete the pod
In the pvc
And delete the pvc
Next one, so as of now, do you work on microservices?
Do you work on microservices or containers in your projects are you working on these
In your projects. Okay. Have you heard about this 12 factor?
Have heard about this
Let me explain the 12 factor app
Is the framework?
so when you work with
Containers and cubanets or any developers for example or application we use some frameworks
So 12 factor app is a framework which you want to use when you work with microservices
Let's understand what they say
First one they say is use declarative formats
It means you always write in like a code like a yaml do not just use imperative method not a command line
So that it is reusable
Second one have a clean contract
It means that whatever you create applications
It must be runnable on any operating system in the future third one
Whatever you create right now on premises it must also run on the cloud tomorrow
So you have to carefully plan that if you're doing some work on on premises
The same what you do must also be runnable on your cloud
Fourth one
When you work on different environments, there has been very minimal changes. For example, if i'm using a yaml in my dev environment
If I want to create a test environment, I must not make much changes in my configurations
I'm talking the template or about using templates
And anytime you must be able to work scale up your workloads
Yeah, so now this is what we are doing it right now. We are doing it declarative
We are following clean contract
We are doing all these in your cubanets
And apart from these they also say that you want is code base. It means start using version control like github
dependencies configurations
Now let's go to config
And see what is this
So under config what they say
Do not mention the configurations in the same file where you have the code
So what do they mean by this?
So for example tomorrow you want to create a mysql
I'm giving example. Let's get you want to create a mysql pod
You want to create a mysql
pod
So for mysql you might want to have in the information of
username
Password
And could be some urls
of
Database you do not want to put it in the main type of the pod
Don't put this information this file
You want to put this information of username for example in a kind called as config map
So you put this username and urls in this and then once you log into the pod you can get the information
So we're separating
Your configurations usernames passwords from the main file
That's what i'm talking about here
So now saying this will let us look into config maps. So config map is what is going to provide you to separate
uh your configuration from the main pod file
And secrets is what is going to separate your passwords and private keys other
Other information very sensitive. You don't want to put in the main code. You're going to put your secrets
So
So what i'm saying in here is you create a basic pod just pod with very minimal information
And all the configurations would be in a kind called as config map and when you log into the pod
The pod you get the information of these
either mounted as an enb
or a volume
And you can start doing your work
Yeah
So let's see this
I'll give simple example. I want you to let me know this is clear. So this is my config map
In my config map
I'm saying database name and the url and I create it or apply the details
I describe it
Then I want to use this in my pod
So I would say time pod
Name and say enb from
So whatever data was there in the configuration map, it will get mapped to the enb. I apply it
And then I will log into the pod and type in enb
You can see the information what was there in a config map. Are we clear? Did you understand this? No
Yeah
So this is this is one method there is one challenge in this method the challenge in here is
Tomorrow I can go and update the configurations
I can do apply
But these changes and then you can again do apply for this pod
The changes doesn't reflect in enb because enb is something like a hard bound they get mounted. It's quite difficult to unmount it
And enb doesn't give you huge data to be saved
It just gives you some lines. It is the number of limits is then enb. You cannot mount a very big files
So for that purpose what you can do is you want to mount as a volume
So what you now do is instead of using the enb
You can say that I want to mount the config map as a volume. This is a volume. This is a volume name
This is a volume name and you would refer the contents of this would get mapped amount
And this contents could be a map and a container in the etc config
so now
You apply it you go ahead
And make some changes and you'll be able to see the changes have updating
And you put a container we go inside this and you see the contained contents what were the config maps
So this is how we can separate the config the config maps are meant for non sensitive data
So non-sensitive data means like usernames could be public keys
Uh could be some urls for those type of things we can use config maps
If any sensitive information is there we have to do very similarly we use secrets
Yeah, so let's start the lab now. So config maps and secret the first lab we're going to do now
Yeah now apply it
And you see it has two
Constraints you could do a describe of other roles do a describe you want
Config map and then the name of the config map
on 2024-12-16
language: EN
WEBVTT
okay so now let's continue yeah so doing this
are you all done till here first step okay fine now the next step is try to create a pod
and save this and again you can apply
join is there any feedback link or something they have to take it to the end of the session today
and type in ENV and you see the information coming up do the same for volume and confirm once you're done
is uh charles uh you're good you're getting it good yes so now do the other method charles
exit exit exit please exit yeah create one more yaml file or try to make some changes in the yaml
file of config map refresh and see whether changes are getting updated in your volume based or emb
based play around
yes are we good so if we do one your volume method you have to print you have to do a cat
and the file name use the volume method you have to go to etc config give it the file names here
now you can do one more gene others try to make some change in your config map apply it
and see whether data gets updated in your volume yeah the config map yeah dot yaml make some changes
so make some change uh enter no no you're in the content yes make some changes so for example
modify database name to mysql for example insert mode modify the database to mongo db not that
yeah yeah yes below that below line what anything just modify anything okay and save this
save this and apply it apply apply hyphen f and the file name okay so now login to the
pod which you get using volume method and check if you see a content getting updated do you know
the part name yeah yeah the volume one the second the first one exec config map hyphen volume
space hyphen f and bash yeah so now go to cd for etc
forward slash config and enter now do ls yeah whatever you see changes getting updated yeah you
see so in your volume you can see now try to do the same try to go and do the same in env method
and check whether the data getting updated env method log into the other pod and observe type in
env no no type in env and you see that the changes are not getting updated you observe that the older
one so if you want the changes so volume is a update better method than env clear okay others
are we good take care uh then junwe charles any questions and uh let's track the same one second
go inside env did it make some change okay so you don't see the changes getting updated
the top you still see the older one are we good junwe okay ck are we good charles we good
okay so this is about your content the next one is secrets so what are secrets what are secrets
so we all tell some secrets to your friends yes or no do you say secrets your friends
no you don't say any secret your friends yes we say secrets your friends
yeah so similarly secrets are very very confidential obviously so you do not want others to know
so similarly we have secrets uh in kubernetes in which you can save in passwords you can save
in tokens you can save in private keys which is very confidential which you do not want to
expose in the main file we use the secrets let's learn about it so i said for secrets
and this is your yaml file of your documentation of secrets so what is secret the secret is a small
sensitive data such as password a token or key and this information is something which you do
not want to put in the main file and there are different types of secrets and remember
amazon doesn't encrypt it they do the encryption they do not encrypt it you are supposed to do
encryption so you do encryption you are supposed to manage access management you have to protect
passwords even if you're saving secrets and they provided different types of secret which you can
use so example they provide you a type of opaque if you mention as opaque it will get created
using the generic category you cannot classify it so if you want service account token like this
we can use metadata if you are using service account you want to save it use this metadata
for docker all these are examples so what is opaque so opaque is a generic method
it will not have any specific type in it just mention it get saved in the back end
but now when you want to store service account tokens for example you can mention the annotations
and say this is for the service account so tomorrow if you want to know which type of
data you saved in secrets you can do a filtering or processing and see the annotation yes so this
secret is for a service account that's how you understand it sometimes you get confused or you
want to know which one and then put the data inside it now if you want to store like docker
configurations i would use the type as docker configuration and then i save in the docker
configuration information if you want to use it for example for password and usernames for example
very basic so that use the type as secret basic auth and then username and password which is
encrypted now we can also use it for private keys for that use ssh auth so either you can
mention the default opaque but if you don't want or you can classify to specific categories
that is what we're talking about in the annotations and all we have to mention
data certificates you can store and you can use in some of the tokens all these are use cases where
you can use secrets yeah so similar to how you can get retrieved in for your config map
similarly you can retrieve it using your enbs and the volume methods
so let's see the lab so lab two so you can use some methods like this so i'm using a base 64
encryption i want to store these two in my secret so i may use base 64 to get some value and then
you can store it inside your secret but base 64 is not very strong someone can easily decrypt it
so you have to use much strict mechanisms so this is one method so you can use your other methods
also or if you use genvick method it does a base 64 either you can do like this right now base 64
and do it or directly if you do it genvick it is going to a base 64 encryption and then you store
it either one method you can use then we do a described secret these are optional just for
observing for you with your basic 64 anyone can go ahead and easily get the data to decrypt it
so four and five just for observation that how we can decode it in case one decode next we will
start from the task two so you have created a secret now how do you retrieve it so you would
want to mention that data what you have in my secret you map it to a variable like secret underscore
username similarly whatever you save in a secret password it will have an information of my secret
so now once you're done you create a part login the part and then actually can do a print or
log into the mission and do an env you see the information similarly you can also mount
the details to volume so go ahead and mount to a volume so this is your mount path and the actual
data of the volume is this one this one is getting mounted to a volume name this and this is a mount
path log into the container and go to the location and you can see the password same what we did
before are we clear let's get started either you can use this method or directly you can use this
method also so that if you want you can actually use this method so that you copy this and create it
and say get secrets
so since we did not mention any type it creates your op-ed
do a describe of the secret and see what exactly does it have
so when you do outside you cannot see the actual values you can see the actual value
one you when you're logging okay please start do yourself i give an idea about how to do this
please do next steps please do yourself a chance you're good to do the next step
you could skip the three four five this was observation so directly you can go to
yeah yeah if you want you can do it if you want to observe this you can do it yeah
you can do whatever you can play around you can observe you can play around and then you could
ask too yeah
are we good any questions what are trying to do you're supposed to go to
in your container Charles fetching the data it must be the container correct to the container
and go to the path which one was it you created engine x2 the latest one what he created was
engine x2 correct for once again it's not a secret once let me confirm one used to use for
was my secret one correct yeah my secret one okay yeah okay go inside secret i fun env
one that is done now go into engine x2 go inside engine x2 now login engine x2
x cube c to the exec hyphen it engine x2 k is missing exec hyphen it base hyphen it
engine x2 hyphen hyphen bash hyphen it in the next space hyphen fn bash here enter
now inside this go to cd forward slash data data data forward slash db db yeah enter
do ls do a cat do a cat password i can see a t space password now do a cat username
i just said ck are you good okay
genv here good okay fine now we'll do one more lab last lab and then take a break
okay so let's we'll do one more lab in a secret itself so before we start delete the parts
okay next one i'll explain the lab in lab three i have a certificate in this location and this
is here with document dls and i have this is my location where i have the key so for example if
access this in my laptop i can download the certificate on my laptop in this similarly
we also have a certificate the website so i i'm trying to download these two inside my vm that
is on the master and then you say create a secret generic and you want to encrypt these information
and the secret name is this and this is a file name so both these are going to save as a secret
inside to confirm by doing describe and see some values now so what is tls certificate used for
what the purpose of tls certificate what why do we use this testing why do you use this
anyone you all know you all know that bank net banking on the right side you see a lock a small
lock you see this something like this you've seen the browser yes no so what exactly does
so when you're trying to log in from your laptop and it has to reach your server the traffic from
here to here gets encrypted doing encryption we use tls certificate and if you have a hacker
for example you have a hacker okay we'll make some diagrams so the hacker cannot see the information
what is going here because this encrypted this is what tls certificate we normally bind the
certificate to a user and the user traffic goes from say encrypted ones for the use case
so this is one use case other one is if a pod is communicating with api for any service
you want these two to use a cf tls certificates so they can use data certificate between users
and the backend services or between services so now i have a certificate i want to use
the certificate for pod to communicate outside world using the certificate that's my use case
so what i do i want to use the secret in my pod i create a pod and in the pod i mount that to a
path so it picks up the certificate from this location and it starts using it for communication
so once you get a pod i would once i do something like this so i do
qfc report forward it means that it is trying to do some work for other port or something
i'm just trying to do it and when i do this it'll go ahead and it'll use the certificate in the
backend to do a quick in here do it and you open a new session and see the logs of it
and you would see a certificate being used down to see the logs of it it means that the certificate
is being used by the pod understood everyone yeah let's do this so you have to create you have to
don't disturb the existing session the last step try to create a new session into the logs of it
you can see the output easily so let's get started so first do a curl
don't go controls and wait till it comes in property
use our pattern just modify these values like this
okay all right now do a ls and see those do a cat of the files
observe the certificate and the key do a cat
so this is your certificate the public certificate
another one is your private key
and how do you know it if it says begin private key it means it is a private keys
and other says the algorithm so now i want to store these in my secret that's my use case
copy the command
and run this
okay get secrets that's fine
yeah okay do all the steps so create a secret and then do a describe secret
and observe it good so now what we do is we want to use that in my part just create a part
and use it go down and copy the file
we can say for secret
dot gamble
and paste it
apply it
get parts
while we're describing the part and see what is the part has
and you say that it is mounted the tls from sense
now do a port forward
paste it run so you can try to
okay so now what you do is go ahead and create one more terminal
open a terminal and now login the same machine
locks and pod name
and you see this coming in something as you can play around the simple example of how we can use
the certificate mounted in this let me know once you're done
yes yes okay the simple example thing so so we learned about config maps config maps are for
non-sensitive information secrets use sensitive information and for secrets we again have
classifications in which you can generate or could be you can mention the annotation types
we can separate we can mount using envs and volumes yeah so are we good for lunch break
everyone okay so we'll be back by 130 your time
okay thank you break till 130
on 2024-12-16
language: EN
WEBVTT
and observe what happens. Now it get a new pod immediately. This is what happens.
Now describe the pod and see how does it look.
So to describe the pod, you can see that is controlled by daemon set. So in your
deployments when you created it was controlled by your replica set. It's
controlled by your daemon set. Are we good? So these are very important for like agents
like monitoring agent or could be a logging agent because these must be up
and running anytime. So if you can still monitor it but it takes some time for
it to monitor it, it goes down again to start it. So this is very important
because you need these to be running on every node and hence it's a good
practice your daemon set wherein they'll come up automatically even if they go
Command us to check it.
Throw labels. It shows the labels of all your worker nodes on master. We have master. These are
your label and the values. For worker 1, these are your keys and the values and
worker 2, these are keys. So now under worker 1, you see that a new label got
added. So you can add the same label on multiple nodes.
So now I want to run our body on this now. That's my use case. So now create a
Now do a DSNodeWide. You see 21 has gone to SSD. So now get pods. Type in own wide and
you see working on worker 1. So this is how you can define a specific application
or a version to get created on a specific node. So it will go on a specific label
names. Are we good everyone? This is the second use case. So you can use any labels
either the label like SSD or you can use it you can also use the existing labels
or you can create any labels as required. So same syntax for example
You can also do like this. You can also go and do the same label for other nodes also.
Now let's delete the demensit.
It's gone. Now the next scenario. Can we do on the master? Let's do this. The big one
but interesting. So access the link. I'll explain this. So my use case here is we talked about
your master has a taint. So the taint will look something like this. Let me go back. Let me show
you. So if I do a describe. So now I can overwrite this on a specific pod by mentioning this
label name. So for example let's consider that you go for a movie. Without a ticket they don't
allow you. But if you have the ticket you can you'll be allowed. So similarly this would be
referred in the pod. For example since I'm referring something like this. You see control plane
or they're using a master. So you modify something like this and you would use. So they're using a
first one. So they have two masters. The one master you see this is your label. Exist no schedule.
So this is what I'm talking about. This is a label. For colon they're using a word exist
and then is your no schedule effect. Now once you run this the fluency is going to run it on
the even the master because you have an exception. Yeah please run this. Next copy this and see does
this get concentrated in the master now.
So it's a separate namespace. See which namespace is it.
They're doing cube system. They're taking cube system namespace.
And you see. So get pods have an O wide and namespaces cube system.
And you see it is having is running all the fluency on your master worker one and worker two.
Because we had mentioned a condition to tolerate maintained only for this use case
exception. Not a good use case to untainted because master is meant for management.
Don't untainted completely. The third use case where where you can get the deployments. Now the
fourth one you can do it or just observe. So now how do you update and roll back.
So I have an application running a daemon set. I want to update this to a new version.
Like what did for your deployments. So it supports both on delete. It means you delete
and then create a new version. Rolling update is it creates a new version.
It doesn't have any downtime. So both we can do. So example this is how it looks.
The default is rolling update. So you can create this for example.
And the version is 2.5.2 and then you say apply it gets created. Now what you do is you update
the template or you can start from here also. So I think start from here. Update this engine.
First yaml file is with 2.5.2. I want to update this version in this. So what I do I can either edit
and modify the version to different version or we can use the set image which used before
and using this we will modify the version to different version.
And see how does it get updated. A new version. Let's do this. The link which I gave it to you.
Go down and do these. Start from here. So before you start delete the existing one.
The update session. This is the yaml file. In case you want to get it.
We're talking about this yaml file. I'm not saying it because it's a big very big file. Okay.
Paste it.
And add on it.
Same. See which namespace it belongs to. Namespace again a cube system.
You see this and again you come to do a word wide and you see the version number
the parts
at 2.5.2. Okay. See in your Elastic DS. So now I want to update this to
other version. So either you can do edit method and manually modify this or
we would go ahead and do the set image property. Let's use this method and see what happens.
This is going to update the new version immediately to 2.6.
It is done. So now let's go ahead and on the previous command. You see the beta 2.6.
And get the parts.
You can do a display with the part.
And you can do a grip.
And then say fluency.
I look good.
What I'm doing describe the part 2 and D. Elastic such.
Hi friend for this.
Six four and said.
It's crime.
We do describe.
I got to do it some reasons. I'm not sure.
For us.
Six four is said.
If you were you and DD.
Hi friend elastic such.
Hi friend for us.
Six four said.
Surprising.
Let me know different one DD.
To to our.
I'm not sure why it's not coming. So now when you check for other one.
You see it is your demon set.
And you can see also version number in here.
Part.
So it is using version number.
2.6.0.
Have you got.
Similarly you can also record to make some changes you can record.
And you can revert back to previous versions.
So in case you make any change might want to record.
The change the vision history.
And then you can revert back.
This is what we say same what it did before.
Deploy OK you want to do it or you're good.
If you want to do it last one.
Try to make some change record it.
And see if we can revert back to previous changes previous division.
Can form one starts you're done you can delete them demons.
A play around.
Inform once you're done.
Any questions.
See many questions.
They're good.
OK.
Now next topic is your stateful sets.
What do you mean by stateful.
What do you mean by stateless.
What do you mean by stateless.
And what could be mean by stateful.
Yes any any example.
OK for example your deployments as stateless or stateful.
Deployments.
As stateless or stateful.
OK why did you say that.
OK good so what is stateless to summarize.
So in your deployment when you delete the deployment or read the part.
It is creating a new part but you are losing the content of the existing part.
So the new part comes up it doesn't get the same data as what was there in the previous part.
Stateful if the part goes down and comes back it will have in the same data what was there before.
This was stateful.
So stateful will have the data preserved stateless will not have the data preserved.
Will not stateful yes.
Yeah.
So now stateful so we have a topic called stateful sets.
In which it preserves multiple things so it can preserve.
The data.
So simple example where you we can use this is for example.
Let's consider that you are playing a game online game.
It could be a football game.
So when the power goes off it comes back or something have internet goes down.
You'll be back the same screen where you were that's a stateful.
And in case you restart and start it means it is stately something like this.
So it preserves the exact screen or snapshot of what what exactly we're doing.
That is what is your stateful set be used for.
So preserves the data.
It also preserves.
The host name of the existing ones they go down come back.
And also ordering let's see all this thing with example.
And these are main use cases preserve data is ordering or you can ordering of creation.
And termination and these are very important when you talk about databases.
Or a big data because they require these data to be highly preserved all these challenges.
Yeah we'll talk about now.
This is an example of a stateful set.
So in this now I have a cluster of database my use cases.
This is a primary so it has to first create the primary.
And after that it has to create a second week.
So it means that it has to do it for the order 0 1 and 2.
And these also the read replicas it means any read up this is applications.
So any right operations has to go into here.
And any read has to go into here.
So read the read replicas and we are using.
To preserve the configuration using config maps we also have the DNS names getting stored.
So this is what talking about the lab.
This is my use case open this.
We can we'll go to the more of this we cannot do it because it requires chaos.
It requires.
A dynamic story class will observe.
What exactly is happening.
So this diagram what they're doing here this to understand this diagram you have a config map.
Which is having data of my sequel primary and secondary.
Second you can classify in as config map like something like this.
And then.
They're talking to create a service.
You see they're using a service they say cluster is not.
It's called headless service.
Headless service would remember the host names of your parts.
Or what are you creating it and then.
Be using also service.
Which is going to use for your cluster IP.
If it don't mention any specific type of service.
We're going to create a cluster service is for internal communication.
And we also have stateful service.
Like my sequel three copies.
So the but the database takes a very long time to get created and hence using engine X for the exam.
So.
Zero one and two.
And each of them are having unit containers that refers create these.
And then your actual project get created.
All this happen in the packet.
You see health checks.
The define.
So in enterprises you do all you need to create stateful services health checks all this be part of your YAML files.
Very big one volumes and all and you see it is also using your.
Dynamics for a class.
So when you do something like this it creates a copy like zero one and two.
And you see here.
It follows orders this will get fit first next this ordering happening the proper order.
And you can also make some changes you find like we're going to I'm just going here.
So when we'll come back to this again I just want to show you this.
So when you want something like this in which you want to create you want to have an ordering and all these things.
Then you can set a stateful sense.
So stateful sense and use for proper ordering when creating.
You create zero one and two you can terminate delete the two one and the contours and I want to have to the data.
I want to present the host names.
For these we use the headless service is that was which is going to remember the host names.
When something happens.
And also you have a part with the storage.
So in the come up again they'll have the same claim attached to it.
We use this for databases for big data.
All these are use cases where stateful because these are very important for your applications of databases data warehouse for those same you can do on the late building up that you can do.
Same thing.
This did understand the use case of stateful sets everybody stateful sets.
What are stateful sets.
We'll not be told this because it requires dynamic.
So I had written that demo.
So you can sort of chaos method.
So what you had a first with a service and this would be a headless service and then we map it to a stateful set.
And using two copies of them.
In the next years, for example, this is your claim.
The PVC.
The created illiterate zero and one then you log into each of the part and get the whole streams created test part.
And from the test part you go inside it.
And do a endless look up you're trying to resolve.
And they get resolved to an IP address.
So this is your DNS server.
They get the result to the IPs like 72 or three or two one.
Yeah, you're going to see it here.
So now there are four.
These are a piece of your beams.
Now what you do is to delete the part.
They come back again and when they when they created or the terminate can see the reverse one when they create the case in the proper order.
Zero one and then again you go and check they'll have the same host names.
Now you want to create a part.
Going cited.
And again, resolve it.
It will have dissolved the same.
Like you're not going to scale up.
For example, you scale up.
You see zero one two three four five.
It's going to proper order and they'll have all the VPCs.
PVG these were very old.
23 minutes.
This will be having the same PVC, TV data and the packet.
You can roll down.
You can do all the operations.
They terminate in the reverse order in the roll roll back to make a scale to less.
And even if you roll back or delete anything, it will still preserve your PVC.
It will not delete it.
So you have to manually delete the PVC if you want to do it.
And any updates in here example, you have a stateful sets.
You modify the template to different version like internet latest now.
It also update in the proper order.
First will be your primary.
The second, we get updated and you can delete the stateful set.
Very good.
So I tried to do, let's try to do, but you can observe what happened.
Let's try to run this.
It gets stuck.
It doesn't understand the three ones.
So let's, for example, I'm going to copy this.
You copy and you paste it.
And then you.
Apply.
Get.
STS.
And get.
The service.
Now get pods.
I put on white.
So it gets stuck.
Just create.
Because it's not, you can do a describe.
The part.
And says.
It requires a stateful that is it requires your dynamic storage class.
Immediately looking for.
We don't have that.
And we cannot do it in your cube area.
Okay.
Now let's see what's happening in the back in PVC.
You see this.
You try to get a PVC automatically.
It will also create a PV.
Try to get a PV.
Now let's do a scale up.
So I'm going to say scale up your part.
Luckily, we can see what's happening.
So we'll do a scale up our part.
So if I miss.
Okay.
Shot.
So now I do STS.
Right.
So it's trying to clean the back end.
It will be stuck because.
Not good.
Okay.
Are we good?
It'll not run, but this is your process.
So concept is more important.
Now when you see this, the YAML files, observe this.
So when you work in enterprises, you need to do all these things.
You see this YAML file is for stateful which I gave it to you.
So you'll be using services.
Internal, you'll be using services, which is headless.
You'll be fitting like they are stateful sets.
And you will be using some volume mounts.
You'll be in containers.
What do you want?
All these you can mention resources.
How much is it you want?
You can say this much you want.
We define probing readiness probe.
This example is giving you lots of all what you learned about in once in simple file.
Let's go ahead and delete it.
Now the last topic, certificates.
Security.
Time to present.
Now.
Next one is Kubernetes security.
Now let's consider that you're working for a company.
And your administrator needs to provide access for you.
For example, they want to provide for Gene and B for CK.
You are the users.
So based on what you are supposed to work on the project,
they are supposed to provide you proper access.
So they provide a mechanism that you can log in using a password.
Or you can log in using a token.
Or SSO, signal sign-off as authentication.
Once you're logged in, what you can do.
So they give you a modify access for your part.
Might be read access for databases.
Parts.
And to what level you can go.
So if you are having a part, they can restrict that.
You can go only to TMP.
Not more than this.
You can go into like a wire folder.
Not more than this.
And how many parts you can create and create.
That's what I mentioned.
Authentication means how the users can log in.
And once the users log in, what they can do.
And to what level they can go.
And what they can create or do.
That is called as admission controls.
And this could be either given for you or for applications.
So example, some of the application wants to communicate to cluster.
How do they?
So we can define for users.
We talk about groups.
And we talk about some application complicated normal talk to service accounts.
So for all these three, we can define policies, access controls, and all these things.
So authentication is how they log in.
Authentication means what access they get in.
Admission controllers to what level they can go.
What they can do.
All the admission controls.
Normal users are you all for working on the cluster.
You are helping your customers.
And service accounts are different like POD.
Communicate with API.
Using service account in the background.
So example, you can see this.
So when you have any PODs.
Let me see.
POD.
Example.
I do a describe the POD.
And example.
You see they use service account in the mouse.
So they use service account for communication.
Service accounts are not used by POD, the API, or other services.
They use service accounts.
Now.
How do we get started for giving access control?
So authentication.
So you can get authenticated using client certificates.
Token files.
Passwords.
Account token.
OpenID.
Lots of methods.
So let's see this method.
So users can authenticate by using certificates.
Or do a lab using certificates.
And then tokens.
You can allow users to also log into SSO.
Do you all know what is SSO?
Do we know SSO?
How does it work?
Yes?
No?
The example, we all use SSO.
Example, when you log into any website.
They say that login with the LinkedIn or Google.
It means you are authenticating using a Google account.
But you're logging on a different account.
This is Collosive Federation or SSO.
So you can either use some other websites.
Federation.
Or your office domain login.
Using which you can log on to Kubernetes without having an account in Kubernetes.
That's what SSO is talking about.
So in this example, if you want to do this, you need to have a connection like OpenID or OAuth.
These must be configured on all devices.
And these are providers who help for SSO.
Once these are configured and you would get a URL provided by your administrator.
You log in to your identity protocol.
It means you log in to your domain which will hit your AD or LDAP domain.
Once you log in, you get authenticated to your office domain.
On the other side, the OpenNorth Connect, it will understand that you're authenticated.
That will help you to go to the other end and gives you a token.
Which is JSON Web Token.
The token will have some duration.
During that, you'll have some permissions to do some work in your Kubernetes.
So the token would have permission, the time duration using which you can start doing the work.
So part API, they communicate.
All these will happen during the time and you get access to do the work.
So log in.
You'll get authenticated.
The OpenID will help you to generate a token in the backend.
And then you can start doing the work based on the access given for you.
So this is how we can restrict for users with outside or temporary access.
Even for applications, we can give this access.
This is what is called as SSO.
So you want to configure this, you're going to configure all these and then we provide access.
Like this, we provide different mechanisms for authentication.
Now, once they are in, what they can do, that is called as authorization.
Authorization means what the users can do, what the groups can do, what the service
accounts can do, to what read, write and all.
So example, we can define permissions for users.
We can define permissions for groups.
We can define which level they can go and which API resource.
The permissions are get, list, create.
Get and list are very, very minimal.
Create, update, patch, watch, delete.
You can mention which resource and which sub-resource.
Which namespace and which group they belong to.
You can use your API.
If you're a developer, you can use API methods like port, get, host, methods.
In here, we have different options.
Again, always allow.
It means complete open access.
We also have always deny, complete deny access.
And we have a method called as attribute control.
Attribute base is wherein a single policy would have the permissions
as well as the users and the group in a single policy.
So example, this is your ABAC permissions.
So giving access, Alice permission for doing the work.
So do anything to all resources.
We can complete access.
So API version, ABAC, client policy, specification user, Alice to all and resources.
So mixing both the permission and the user the same, which is not good.
It's always good practice to separate the users, groups and the policies.
They can define for a cubelet, for example, for parts you're giving
that they can do only read one lead.
Now, cubelet want to give access.
You say kind, policies, specification, users, cubelet, namespace, all namespaces, resource events.
So we are not separating these.
So we want to have a better use case of how you manage it.
That is where we use something called as a role-based access control.
Which is more preferred.
So role-based access means example, you're a developer.
You need to get only very minimal access, especially backends.
The administrative want to give full access.
Let us call us a roles and role-based.
So roles is a set of permissions, which is for a specific namespace.
Cluster role is for the complete cluster.
So the administrative will first create permissions like this.
Roles, they want to give a read access.
They define which level, API group, what's, get what's in this.
So like this, they create different permissions for different namespaces.
And then they bind this to a user or a group or a service account.
Now, for cluster roles, for example, you see that it doesn't have a name.
This is for the complete cluster.
So it can define for secrets.
So they will have the same level.
So now if you want to bind this, you have to bind it and say that role binding.
And kind could be user or a group or a service account you mentioned.
And you mentioned the role and a role reference.
So they get the access was defined in this particular role name.
So the user Jane, we're going to read access.
We can do the same for cluster roles in which you can mention.
So that's what I'm saying.
We don't mention namespace.
Like this, we can define for multiple resources.
Example, I can restrict to what level they can go.
You can define it for config master example.
That's complete domain you can give access.
Cluster roles.
So now all these are in the same level in API.
So I can mix one permission with all of these.
All these are examples using which you can create roles and then bind with your backends.
Have a good everyone.
What is authentication?
What is authorization?
And what are roles and role bindings?
So role binded to users or to a group or service account,
stressed through a namespace.
Threshold binding is across the cluster for users, service accounts and groups.
Are we good?
Okay.
Now, while doing this, you need to assign certificate for the users or the groups.
So you need to use certificates.
Then you can use a third party certificate.
And the users logs in.
They can authenticate the backend.
They exchange the keys.
Public and private keys.
And any communication between users.
So you have to create a certificate and you have to bind the certificate to the user.
So if you get a certificate and you have to bind the certificate to the user.
And now when the user tries to access from the laptop,
the traffic to other side goes in.
It understands that the secure user and they allow communication between them.
So client sent hello.
And this will confirm.
They have the proper keys, private and all.
And then they communicate.
If you have owned a certificate, you have to download those tools.
You have to ask for that I need a certificate request.
Then the certificate to approve it.
And then once approved, you have a duration.
You mentioned with the name, your company,
the domain, everything.
And then you download it.
And then you start using it with the users.
With the process.
So for doing this, we have a policy, easier method to do it.
We have open SSL.
So open SSL is a free, which you can use it for playing around with certificates.
So example, I first create a key.
The key size.
Using the key, we will create a certificate signing request.
Then you want to approve it.
So you say open SSL, X 509, which has a digital certificate requirement.
You mentioned this syntax and this is your certificate.
There's a PKI.
All these are the back end.
What do you call it?
Public key infrastructure we're talking about.
And this is certificate.
And you mentioned the duration.
And for doing this, it requires the details of your key also.
You mentioned that your key.
So now once you did the certificate, you assign the certificate to the user.
Use it one.
Client certificate.
You mentioned the root.
This is the one dot CRT.
The location where the certificate is.
And the key.
So both the public certificate talking about and the public key, both must be there.
Using this, the user's traffic will be encrypted.
So now what we do is create a rule.
Same what you saw.
And get a rule binding.
So you can do, I not mentioned here, how to do some step in this.
So you want to say QCETL apply.
Apply having told.
Dot YAML.
The step was missing.
Then you say QCETL.
Get rules.
Same, the same.
Do QCETL describe the rule.
Name the rule is what I'm doing.
So now you have the rules.
Now to bind it.
So now you bind it by mentioning the user.
What you created, use it one.
And say refer the particular user.
And apply it.
So now the user will get an access.
Now how can the administrator be very sure that they're given proper access?
So we can use utility call us authcannine.
So they can go ahead and test authcannine get pods namespace user one.
Yes, because they gave access.
I will delete now it will be answer is no.
So you can use different verbs or you can use different namespace.
Or you can use different user names.
Whatever has been properly provided.
Only that would say yes.
Others will be saying no.
So this is how they can simulate the permissions before they want to give access.
So once they simulate it, once they're confident, then they share these details to the users.
This is what is your rules.
Similarly, we can clear the cluster rule in which we don't mention the namespace.
The namespace is missing.
And we can go ahead and create a similarly binding.
And then we bind the permissions and then bc.
Are we good everyone?
Okay, let's do this lab now.
So do the lab one.
Already found.
Yeah, now do yourself.
I'll give an idea about how to do it.
Any question you can ask me.
Second, you're not copy the aml file properly copied additional characters to the aml file.
Can you open the aml file again?
See those lines are not prepared.
You see that you copied apply and those things.
Yeah, do insert mode.
I.
I and do a backspace remote.
Press I first.
Yeah, remove all the white ones.
Yes.
Yes, now save it and proceed.
Do apply.
There are some commands missed.
So do apply and miss that.
It's not there.
Apply of your rules.
Describe and then proceed.
Apply was not there.
After the aml creation to apply.
Get described and then proceed.
It applied chance.
Again, check.
For your role here to apply the step was missing again.
Read the lab.
Okay, once again, who's talking now?
Tell me chance.
Yes, do a cat.
Do a cat for this file.
I think miss something.
Enter.
See what you have pasted.
The first line API version missing is not there.
I understand the mistake.
The API version line is missing.
You're just from the API version.
Is it there?
Yes, yes.
So what you can do is remove this file.
Do RM, the role binding dot aml.
RM and space the file name.
And again, create a new one.
You can give any names.
But the API version line was missing.
It says errors.
It says version not set.
Yeah, good.
Escape.
Hold on.
WP and run this file.
Good.
Okay.
Are this gene, gene way, are this K I have tested is working.
So you see that there are so many rules of cluster role to see it because every component
they communicate using these tools.
So if we just read this great cluster goals in your cube system, for example, is he launched
up goals.
Yes, chance.
Are you good?
Can.
Okay.
Are this every good?
So this is how enterprises, they provide access for the users.
We can move for groups or service accounts.
We still have so much to want to get in so much is there in Kubernetes, but you're trying
to cover what is possible in the three days.
Yeah.
Okay.
So now what we do is we'll take a break now.
And after the break, we look into net.
We still have some topics.
We have network policies and then you're in Greece and in this controller.
Yeah.
So I think time is right now.
It is 3 PM approximately.
Correct.
We'll take a break.
So big to 320 PM.
I am back.
Okay.
Now let's continue.
The next topic in security is network policy.
What is network policy?
For example, now you have a cluster.
Let me go reverse.
Can access this link.
So the user use cases are these.
So we can click any other use case of this.
So when you go down.
So in my cluster, I have different parts.
And I can say the parts to communicate or not communicate.
So for this example, I have a namespace is default and had namespace foo.
This is foo namespace.
I have a part.
I have a part in default namespace.
So now in here, you're saying that allow any traffic from here to here,
but not the other way around.
So this cannot communicate, but this can communicate.
Similarly, this cannot come into this, but this can communicate to this.
It's a colors the end.
So I want to do something like this.
So you can do within a cluster some or outside if you're having traffic
or within your cluster for all these use cases.
If you want to allow district access, we define or do something called the network policies.
Network policies are used to define deny traffic like these within a namespace across namespaces,
which is a layer three and layer four.
Yeah.
So you're talking about this one next.
So network policies are all about how you can restrict access between the layer three and four.
Between the parts and within the parts are outside the world.
And for doing this, we can use example like this.
This has all the scenarios.
So now in this scenario, you have network policies
and you're defining the network policies for a part which has this role name.
So any parts which has the label of this, we're defining policies for that.
So defining what policy for that both ingress means inbound and ingress means outbound.
You mean what traffic can reach that it DB parts and what traffic can go out of these parts outside
world. So ingress from you're defining which range and in this range you can say
that not to allow this particular range like a sub-range.
And in that IP range, you can say that which namespace that must come from.
Which parts names and from which port they can come in.
Similarly, you can define where the traffic can go out from DB.
It can go out to this IP range through this port.
So like this, we can define multiple policies.
Yeah.
So talking about specifications, we can use for selectors.
You can use ingress, ingress, ingress is what traffic is allowed to go out and I can see isolates
for this part in the default namespace. Defining policy for both ingress and ingress.
Ingress means what traffic is allowed, which namespace we're talking about.
In that namespace, what is your labels must be for the part.
And they must be in the range of this because this is not this.
So this is blocked.
Ingress.
So like this, we can define options, labels, all these are examples.
Default policies, this is going to deny completely.
So you have a closed practice.
It means no inbound traffic could be done.
You can allow completely in which you will have an open basis.
So any inbound traffic could be done through the existing which you allowed.
So they can say deny all traffic, close it.
And you want to allow all traffic, you say make open basis.
So all these are the default, either completely deny it,
together we can also mix it, like these rewrite policies.
So this is uses in the backend, talk for CNIs, the network,
like QPROC 3, the VNet, all these, they work together
and allow the proper communication to be done.
So one more example.
So defining for a guess policy for a part which has a label of DB.
Now they can go to this network from the outbound port number is 3000.
And where they can go, they can go to this port number on the other side.
Have a good.
In this, I think not the input number, I think talking about the range of port,
in this example, they're talking about between these port numbers, start and end.
Now let's do a small example for this.
So it is good practice for us to deny it and then we allow it.
By default, the traffic is allowed completely.
They can communicate in the namespace, they can communicate easily.
So we'll deny it.
Let's see.
Example of that.
So in this, we're going to create a port.
This is your backend.
So I'm going to get a port with your service.
So as I talked about, and you're going to create a frontend port and reach it.
So what I'm saying here is you're trying to create a backend port first.
This is your backend port.
Could be like a database example.
And you're mapping this to a service.
As we learned before that it's not a good practice, like I feel like a service.
So now I want some other port to communicate to these.
So you allow the communication service.
That's what I'm doing.
So trying to create a first backend port, the mapping,
and you're checking if they're able to reach for the service.
That's your second step.
Now what I'm trying to do is now you're trying to check whether you can reach.
Now what you do is create a port, some port, and they try to reach the backend
during a service VIP IP.
Some port, random port, able to reach because in default,
in a namespace, all the ports can communicate to the backend.
Not a good practice.
So I won't deny it.
So what I'm going to do is I'm going to do a deny policy.
Close, no open.
Now I'll create again a test port and it tries to access the backend.
It cannot because it denied it.
But there was someone to communicate.
So you need to allow someone to communicate.
So what we now do is we modify the rule wherein I want some port to get like a frontend port.
So I'll modify that allowed traffic from a port in the default namespace,
which has the label as frontend.
Apply.
I can't form, I see the policy.
Now what I do is I do a test.
I create a port with the label name frontend.
And this RMI5D means when you exit from the port, this test port will get deleted.
That's the purpose of RM.
So you're going to create a port with this image, with this label.
And once you come out of the port, the port will get deleted for testing
because we don't want to do a manual.
So now it will work because the label is matching.
And you can see it.
So you have to replace.
These are the exact.
You have to replace this as a service.
Now we try to do a different one without a port label.
It will not work because we're not defined the label.
It has to match the frontend port label.
This is how we can test it.
So initially we are observing that whether any ports can communicate.
Yes, they can communicate by default.
Then you do a deny.
They cannot communicate because denied it.
Then you allow basic that they always allow the least privilege
and able to see that the labels port is able to access it.
Are we good?
Yeah, let's start.
So first step, we have one, two.
So delete any ports.
Let's create it and observe the static IP and check the reach.
So this is my static IP.
It's getting created.
This is your static IP.
And this is my port.
It's creating a port.
The port created.
It's low for me.
It's low.
At your end, I will do it.
Okay, proceed.
You can proceed to the lab.
Sorry, is not getting it.
Sorry, it's created now back.
What's the doubt?
Okay, same.
Okay, delete it.
June, I will do it.
It's working for you.
Same problem we're having.
Why is that?
Let me check.
I think the storage problem.
Let me see.
So.
Create a normal port.
Create a normal port.
What happens?
It's working now.
Do get ports.
Okay, getting error.
Correct.
Okay, not sure.
Let me check the backend team.
Give me a minute.
Hi, Raghu.
Same.
We're getting all of them.
All of a sudden, all of a sudden, we're getting some network issues and errors.
All of a sudden.
Yes, we're not able to create it.
It is getting some error.
Nobody is able to create.
Yeah, yeah, at least.
No problem.
But why is it happening all of a sudden?
See, till now, 130 is good.
Now all of a sudden, we're not able to create any port.
Why is that?
What can we do?
Yeah, as the photo of everyone, I can just send you the snapshot of the complete itself
for everyone.
They're getting it.
So if I open any session of my user.
Let me show you the logs.
Okay.
This is what is happening.
I send the logs.
It's a common log for me and others also.
It is happening on the proxy error.
We need.
No problem.
Let me just check.
Gene, is it the same still?
Gene is working now.
So.
All the parts is that solution.
Let's see.
Yeah, I want to have water and speak.
Yeah, yeah, tell me.
Okay, one minute.
Yes, Gene, is it work?
Gene, does it work?
Didn't get you.
So do a get pods.
Do a get pods.
Cube will get pods.
Enter.
Is not going next comment.
Yeah, it's got stuck.
Okay.
Can you do a service system CTA?
System CTA restart space restart.
Cube.
Yeah.
KUB.
Yeah, yeah, let's check for others.
Same issue.
Can you describe?
Okay, give me a minute.
Take the backend team.
Give me a minute.
Yes, I'm sorry.
Got disconnected.
Yeah, yeah, everyone automatically.
Understand.
Yeah, I do understand.
See, it is not able to reach the network.
So what is the reason I'm asking you?
I said all the same.
We increase the solid.
It worked.
So what is happening?
I'm not.
For example, if I don't mind,
this thing will work.
I'm not sure what to do now.
See, I will use somewhere.
See, there is something in the backend.
And say, example, if I'm using my own laptop,
one account, it was fine.
But one thing here,
why is ATV is more than enough current?
Why are we having the common storage?
We have nighttime, the backend.
Now, it doesn't take so much.
There is something somewhere.
We're putting a shared storage.
We're using somewhere.
We're doing a shared storage.
Are you somewhere using a shared storage?
The end of it?
Okay.
So what to do?
We have to control what is happening now.
So I can still do a restart.
I can do all these things.
But if we, for example,
did this serve the error message?
Did it serve the error message
somewhere in the backend?
So it means so, but so I understand.
So what could be the problem?
It means some network coming in, correct?
So what understands what the solution now?
So where is the mistake now?
See, all of a sudden,
this is going down.
I'm not sure how is it going down.
Okay.
I'm checking the error message also.
All of a sudden doesn't go like this.
Quite surprised by the taping.
When I search this,
okay, Tim, let's do something.
So can you go and check the status of the parts?
Everyone let's do like this.
Let's go to
K get parts
all main spaces
type and go and wide.
So Veebnet, can we add the Veebnet again?
Everyone?
Tim, are you good?
Are you with me?
For some reason, the Veebnet is gone.
You see this?
Okay.
And even proxy is gone.
That reason you see a key proxy both are gone.
Why is that?
I'm thinking, okay.
So to resolve it, what you'll do is
let's do a cube idiom.
Okay.
Okay.
Let me just resolve it.
And I'm going to do a cube idiom space in it.
Yeah, do the same.
And I'm now going to do the next step.
Okay.
Yes.
Let's see cube CTA.
Okay.
Okay.
This is coming up.
Can you do the same everyone?
Yeah, reset.
Sorry, you did come and reset.
Yeah, do a init.
Do a init.
So do a reset on all the nodes.
And then join the token.
Is working for you?
Okay, then good.
Who's not working?
Do a reset and get in a new token and join that.
So I go to the master.
Get the token.
Run the token.
And the token, paste it.
Okay.
Do the same for other node also.
Okay.
And next.
Okay, all good now.
So now, Shutter Lab.
Let's see.
Let me do this first.
Okay.
Yeah, all good.
Yes, Gene, all good.
Others, do a reset and join and continue.
After joining in, are you able to get a part?
After you do a reset, do a get nodes and check if everything is ready.
And see all the parts, props, everything is ready.
Let me check for you.
Did you reset on worker one, worker two also?
Just nodes.
So you're not joined.
Not out of the network.
Apply hyphen F.
One command is there.
Correct?
After doing reset, did you run those three commands of cubelet?
Cubectl.
Okay.
Are you understanding?
No, no, not these.
The mkdir.
I'll give you those.
So run these three commands.
Understood?
I'm giving the list.
So run these three commands at once.
Run these three commands and then add the network.
You're not copying properly.
You're not running the command properly.
Please run each command properly.
You're not running the command properly.
Run the mkdir first.
Run each one completely.
Enter.
Wait, wait.
Yeah, choose yes.
Wine.
Choose wine.
Yeah, run the next.
Now then the next command is given you.
Apply command.
Recharge.
Enter.
Yes.
Now type in cubectl get nodes.
Get assigned.
I think.
Net nodes.
Yeah, do it.
Type in yes.
Enter.
Enter.
First enter.
Fine.
Now cubectl get nodes.
Cubectl get pods.
K get pods hyphen hyphen hyphen hyphen hyphen all hyphen namespaces space space hyphen
enter.
Yeah, all good.
Now proceed.
Others.
Others even do it.
Who's done with the lab?
You're done.
So I didn't get you.
Yeah, do a restart of this one.
Initialize.
Okay.
Gene, are you able to proceed now?
Is it working?
The pod get into the lab now.
Yes, Charles.
What's happening?
See, one second, one second, one second.
You're not done properly.
Can you again copy those three commands?
The mkdir, the three commands, not all the four.
The first three and get the three commands.
Yes.
Wait.
Don't do anything.
This will be a minute.
Choose why.
So you have to wait.
You have to wait for response.
Choose why.
Press enter.
Now copy the apply command.
So for every command, you have to wait.
Yes.
Enter.
Now do clubs will get nodes.
Cubectl get nodes.
Yes.
So did you run on the other worker also?
That's fine.
That's fine.
Let's proceed.
This one.
That's fine.
Let's proceed on this.
Proceed to the next step.
The next step.
The part.
Okay.
Okay.
So now you have to exactly copy the direct command and replace that with your service IP.
So you have the service IP.
Replace service with IP.
What do you have so that you don't make a mistake?
So you want to copy that command to a notepad.
Copy this to a notepad on WGET.
Copy this.
And replace the service with IP.
Only this IP with yours.
So example like this.
This is my IP.
I have to copy this.
And do that.
How is it because every time they're really difficult for copy and paste.
So be careful.
1097.118.12.
And replace that where in WGET.
Replace with that.
That you don't have confusion later.
And proceed.
It's working.
So now we'll deny it.
Then create one more test pod.
Okay.
I think are they doing good?
Charles, Jean, everyone is working fine.
You see that?
Yeah.
Do slowly.
It'll work.
Either you can copy and paste or up to you.
I think you can copy a notepad and paste it.
Jean, it's quite difficult.
Don't do this.
Copy the complete line itself to a notepad.
The WGET line.
So for example, this is my WGET line.
And update it inside this itself.
Understanding.
Update.
Copy and paste.
Yeah.
Copy the notepad.
Update the document itself.
So that every time you don't do it.
What can we do Charles?
It's NET QOL.
It's a single O, not two O.
And you're re-scrolling a space.
Additional space is there between after F and N.
Yeah.
Proceed.
Yeah.
Are we good?
Okay.
You can do the next lab.
Agress.
In which how you can disallow the traffic to outbound.
They cannot access internet.
The next lab.
The agress lab.
Yeah good.
It's working now.
Okay.
Jean, what's the doubt?
We're good?
Yeah, it's good.
It means it doesn't work.
Okay.
What's the next step?
All steps done.
Oh, you're good.
Yeah.
So it means that your lab is good.
Okay.
Fine.
Good.
So the next lab.
Okay.
You can do yourself also.
Outbound.
So you are blocking outbound traffic.
No outbound traffic.
It's for creating a pod.
And then defining a policy denying the outbound.
So when you log into the pod and we try to access any website,
they cannot access it.
Because it is blocked.
Either you can refer that your service name using your name,
like a web, or you can also refer using your IP.
Both the names we can use.
For services, either we can use a name
or we can also refer it using your service IP.
This is trying to use your IP.
Yeah, please go ahead.
Lab 3.
I'm back at blocking.
Charles, you understand the lab?
Okay.
Okay.
So you're modifying one in the outbound rules.
That's what it thinks.
So now try to log into the pod and try to access any website or the lab.
You cannot because your outbound is blocked.
Yes.
Are we good?
Dream, does it work for you?
Okay.
Junveen.
Okay, team.
So this is how we could work.
So hope you got.
We learned both about inbound and outbound.
Correct?
Okay.
Charles, are we good?
Okay.
Do that.
Let's wait.
You finish and then let's proceed.
Do a test of the outbound.
We're not doing that for testing.
We're trying to reach a website.
That's fine.
That's fine.
Okay.
We're not doing that.
Use the apparel.
Use the apparel and after you have to use a port 80.
Fine.
Use web.
Use web.
Give web name as web.
Remove the IP.
Put as web and colon 80 for slash.
Yes.
Yeah.
Enter.
Press enter.
So it will not understand 80.
It's going to give a message that it can understand 80 because it's not going to put number 80.
That's it.
It means it's not going out.
Understood.
Thank you.
Okay.
This is about your networking security.
Is that the last one which is your ingress?
Let me talk about this.
Team.
Let's come back.
Please listen.
Last topic.
So how do we use TLS?
Control access or restrict access to a database.
Enable audit logging.
Rotate credentials.
Encrypt data.
And you want to get alerts and notification as soon as there are some vulnerabilities or incidents.
These are some best practices to be followed.
Now what is ingress and ingress controller?
Okay.
Now let me give an example.
So have you all worked on load balancer before?
Have you worked on load balancer?
Okay.
Now let me give an example.
In Amazon, have you all worked on application load balancer?
Everyone?
Or any of you?
This is Charles.
ALB Charles.
Who said yes right now?
Gene, have you worked on load balancer with ALB?
Let me give a small example how it works.
So now for example, let's consider that we have a load balancer.
And this load balancer is going to support different use cases.
For example, it could be
people can reach amazon.com
or it can get the traffic amazon.com slash in
and it can get the traffic amazon.com slash us
or it could be x.amazon.com y.amazon.com
So you see here you have the same domain but multiple endpoints something like this.
So these are called as context based routing.
So same domain but different endpoints.
Now the load balancer we need to accordingly route the traffic to the back ends.
So what does it do?
You would be having in Amazon called listener.
And in the listener you write in the rule as to where to go.
So in the backend we call target groups.
So you'll have one group in which you'll have instances one and two.
And this would point out to amazon.com.
You will have one more group which is tg2 in which you have instances three and four.
This will point out to amazon.com slash in.
So the listener would have some rules stating that if someone hits amazon.com.in
send the traffic to group two.
Getting it?
If someone hits group three of this send it to group three.
Are we good?
Everyone?
Okay so now very similarly in kubernetes we can do.
So in kubernetes the same one what we do first do is you create my use cases
simple example i'm going to route amazon.com and some amazon.com slash in.
This may use case using a load balancer in kubernetes.
So what I do I create a deployment.
So this is for amazon.com in which I have two pods.
Pod one and pod two.
This is pointing out to amazon.com.
And I also have pod three and pod four.
These are pointing out to amazon.com slash in.
And I map it to a service.
Service one would reach to these and service two would reach to this.
Clear?
Till now?
I have a deployment one you have two pods and a deployment two I have two pods.
I map it to a cluster service.
Clear?
Yes.
No.
Check your deployment two pods a cluster service.
This is done.
So now we have a load balancer and the user trying to reach to this website.
So when they hit amazon.com for example.
Now the load balancer needs to send the traffic to where?
To this service.
Do you agree?
Getting it?
When some user amazon.com load balancer someone has to send the traffic to this service.
Do you agree?
So that reaches this where we use two components.
So load balancer need to have an ingress controller and it also uses the ingress rules.
So ingress rules would allow it to reach to this one.
So you would have written up something like a default rule sent to this.
If they hit slash in you have written a rule stating that if someone hits slash in
it will send traffic to this.
This rule is called as ingress rules.
Are we clear?
Yes.
Getting it?
I will repeat.
I will repeat again.
So for example if this is your backend service
and this backend is where we are talking about amazon.com.
So you need load balancer.
The load balancer doesn't understand to work ingress rules.
It needs another component called ingress controller.
And this controller and this works together and then they use the ingress.
That is how we do for a normal load balancers.
But we also have an open source ingress controller which is indianx which
acts both as a load balancer and the ingress controller.
So if you use amazon load balancer you have to additionally install
ingress controller component along with amazon load balancer and then define the rules.
But in case if you go for indianx controller it has both of the component.
The same and you now try to write ingress rules.
You go to this, you go to this, go to this, go to this.
That's it.
So this will point out to like amazon.com
It will point out to slash in slash us slash uk.
Have a good ingress controller pod would get created in case if you use in amazon for example
ingress controller of indianx.
It will create the controller pod in one of the node.
And through that the traffic goes to the backend.
So when you use ingress controller it will create one of the nodes.
And through that the traffic goes to the backend.
That is what is ingress controller.
Have a good.
Okay let's do a small lab.
Lab 4.
For networking we don't have labs.
Now what we are going to do is we are going to deploy ingress controller.
Let's run this.
Everyone create this yaml file in your master.
Sorry.
So the yaml file in the master.
And apply it.
So this will get created in a separate namespace called ingress-indianx.
So you can go and say get all ingress-indianx namespace.
So once you apply it go ahead and check what got created under ingress-indianx.
The ingress controller needs to separate namespace.
And it will take some time.
And it will get created in a minute.
You see it's creating the services.
Yeah it will go to node port.
It will go to load manager right now.
It's fine.
Let's see I'll tell you what to do.
It's creating your jobs.
It's creating all your components of ingress controller.
Okay.
Have a good.
So now next step is.
It takes some time load manager to be up and running.
Let it wait.
So now what we do next.
Let's go ahead and create our backend service.
The deployment.
This is my deployment.
And I map it to a cluster service.
So write the deployment of hello app.
It got created.
Now map this to a cluster service.
We're going to map it to a cluster service.
Now do a cube.
So it will get service.
You see a new service got created which is hello server.
You can do a curl.
Get IP.
And check if you're able to reach your internal application.
So it is coming hello server.
So we have a deployment.
We have a cluster service.
And we have in the load balancer ingress controller.
Now we have to define the ingress rule.
Have a good till now.
So now for doing that we'll create an ingress file.
So go ahead and create an ingress rule.
Then you say that if any traffic goes forward slash hello.
Then it must reach your backend service.
Write in a rule.
So it's a ingress.yaml.
Insert mode and you go and paste it.
Ingress file.
And apply it.
So it got created.
So you can also do a get ingress.
And you see it got.
And you can do describe ingress.
And it will have in the rule.
Hello.
So if you say hello slash hello.
It will reach your hello server service.
And that will reach your backend port.
Have a good till now.
Please confirm.
Okay Gene.
The next step.
Go ahead and create.
Okay good.
So now what do we do?
The next step is.
Now what happens is.
In our use case.
The load balancer would not work.
So we are going to modify the load balancer node port method.
And we are going to say public IP code node port slash hello.
And you must be able to see the output.
Yeah.
So now what we do back to server and run the command.
Tubectl get service.
And the.
Of this.
Get svc hyphen fn namespace or hyphen n ingress hyphen nginx.
Okay.
So as you are spending.
So now let us modify it.
So we say edit.
svc.
Type in that name.
This modify edit inside otherwise.
The cubectl edit svc the service name and the namespace.
We go inside.
Now go inside.
And when you say last.
But one line you see a type is load balancer.
So we would modify this to node port n is caps p is caps.
So remove the word load balancer.
And in there type in node port n caps p caps.
N is capitals p is capitals and save this file.
N is capital P is capital.
Yeah good save this.
Junvi yeah you want help.
Now.
To see it.
Edit svc.
Edit edit.
So get do edit edit svc.
In the end of the command type in edit first so clear please do clear.
Have it clear.
Yeah.
A edit.
A edit svc edit edit.
EDIIT edit.
Space.
Service.
The name of the service name.
Ingress.
Ingress.
Ingenix.
Okay we'll be in the commander chat please not come properly making mistakes.
Yeah paste this command right hand side of the command.
Yeah now go to last but one line the last but one line go down complete down.
Yes go up where is the load balancer now.
Go up yes go to insert mode delete it press i.
Press i delete that word replace with the node port n caps n capital n o d e node p capitals.
Node port n o d e p o r t escape colon save.
Okay now I'm done so now again do a get service.
And the same command now.
Not edit get service you see the exposed to the port number the first you see on port 80.
Supposed to access this so access the public IP.
Hold on the node port number.
That node port number.
Power slash hello can it take some time.
Do it on the node of worker one and worker two is working on worker one for me.
It will normally get created on the node where the controller got created it hit from there.
Where the controller got created hit from there.
Others it may not work it will hit from your controller where got created in the back end.
Okay so since my controller got created on my worker one and able to see it on worker one.
Are we clear.
So I got created on worker one and hence it is working for me.
So we see my part worker one.
Or worker two.
See my worker two I got created I got a worker two working for me worker two.
Is running for you all.
Yes Gene does work.
Then it's wrong public IP public with the public IP not the private IP the IP the IP.
Not the master one which is the master machine which machine is this.
Now pays the private of your worker one skip in the other one other node node other workers.
No no no no what I'm saying is.
On which node it got created put a master not like.
That clear K.
A to still get all get all all space all hyphen n hyphen space hyphen n.
Ingress hyphen engine X NG INX NG INX yeah.
Enter again can use a hyphen oh why use a pair and use the n hyphen oh why enter.
So a controller got created you see the pod got created on worker two but about that about that
yeah yeah about that with the bucket to put the bucket to public IP is.
What's the work of the public IP.
Yeah that's it understood.
So this is the third one the third one in this control the third one that's below that yes the DH
yes this is what the node is going to work it to the right side you can say work it to.
So it goes to work it to that controller and then it reaches their back end application.
Clear service okay others.
Are we good very once again that will do that been clear.
Thank you clear clear clear now do and get get get get.
SBC.
I've been space hyphen n.
Space no one once again in financing and and and and yes space.
Ingress hyphen engine X enter you press enter.
Okay fine fine now what is your can you give me the IP of your.
Worker one and yeah what the one public so it is the can you give a worker one IP
worker one click IP that the worker three correct sorry worker three and worker four
okay let me show you one yes.
Let me yeah let me give you the output how do you just test it yeah so.
I'm doing this the other one.
Other worker mission 5454 179 correct that's what I tried now I'm trying to 54 now 20.
193 is over you have a 2 to 70 half correct.
Yeah I'm trying to 2 to 7 now okay try this now the browser this in your browser
it will work like this are you good yeah again the chat.
HTTP double slash HTTP chat I given you.
This place that HTTP colon double standard the chat I given to you are replacing that HTTP.
Type in HTTP I tell you colon double slash 54 yeah no the end blues hello the end
after forward slash type in hello hello hello hello hello hello hello hello enter.
Enter it is 3099 that is okay sorry 3096 30996 yeah that's it okay team are we good everyone.
So simple example of how it can so you can do any part is this a hello example you can give
any part you can have multiple parts you have to create multiple services and you can map it to a.
Yeah the last one monitoring so promote we use Prometheus.
We have very less tools for monitoring in cubanets we can either use the probing which
you talked about via metric server the metric server is not very good.
We have to use Prometheus we can use dashboard but not very good not secure in cubanets.
So we use Prometheus which gets the data so you can install Prometheus this gets the data.
To the back ends so how does it work so once you install Prometheus.
Okay so it'll have all these are the components of Prometheus so the server it'll have alerts so once
instead of Prometheus will have all the components you see this exporters so these exporters runs in
every node including a master and every node in that gets in it gets the data from the back end
and stores in your server you want to monitor your cluster you need to configure Prometheus
it will have in these components get the information and sort in your server
and then what do you install Grafana and Grafana you say that get the information from this
so you would add a plugin in Grafana and the data comes from Prometheus
yeah so you have to define what you want all these Prometheus and get the data from the back.
Let me show you this so I go to Prometheus so Prometheus there are lots of monitoring tools
we have Prometheus, Datadoc, we can use Plunk all these tools this is an open source tool
which is highly customizable visualization but they don't have proper dashboard so if you want
to install it you can download and you an extract like this the software and then you're supposed
to write a file called as Prometheus.yml in which you define what you want to extract what data
what time interval you define all those things in a Prometheus.yml and Prometheus works on port
1990 you can get in some information from the dashboard probably extracts it
you define what you want all these and this information would be gotten a component called
exporter so exporter will go ahead and get all these components on the master worker nodes and
it saves this information on your Prometheus server then what do you do we use Raffan now
so Raffan is an open source dashboard tool which could be used for any tools you can integrate
for example you can take with any cloud on premises it's a free open source it's more
of a dashboard rules so you can go inside this once it is configured we have in plugins so now
I click on the plugins and then I say that I want to install Prometheus you get option to integrate
once you deploy it and the data would start coming from a Prometheus here so you have to install
Prometheus you get a url for the Prometheus and you have to refer that data source in your graph
and now and they get the data in the front so graph on is an open source dashboard tool
in which you can create multiple there's a plug plugin option you choose the plugin and choose
Prometheus the url it is start getting the data in your dashboard it looks something like this
very brief about so Prometheus is your extracting tool to install it it has the components
and these are components you can integrate with Grafana or other tools
in Grafana once you install it you can get information and we're not talking about more
topic help charts so you can look into you can easily install all these things using help chart
it's a package management tool using which you can install Grafana Prometheus all these quite
easily and you can play around with this testing very brief about monitoring do you work on
monitoring tools or no you work on monitoring tools any monitoring tool you work which one oh
you're aware of this okay good good everyone is aware of this the team okay not sure silent yes
the same so Prometheus is your scraping tool from which you get the data you have to configure
the points at yaml and then integrate your Grafana which you see the details in this
dashboard yes team so this is all about uh the topics i think we exactly covered it exactly
this is three minutes i hope you learned new things in this training everyone you're happy
with what objective you had is your objectives met rck junv gene are you happy with what
you learned okay so if you want to remember what you're supposed to do every day yes
you're supposed to practice right so what you can do is you can also create own free account of
aws i'm sure that your company also provide you and you can practice this labs anytime it is not
that you had to practice money now anytime keep on practicing practice makes you perfect
and practice will also give you solutions about how i can learn more how to troubleshoot
but if you don't practice then theory would not help for cubanets you have to practice the same
labs try to experiment and see how you can learn more yeah any questions yes noble proc any questions
any group photo something no no any no do you take any group photo do you you take any
group photo do you do that normally i'm not sure just asking you okay no no issues we can also
what are their problem uh who is it thank you team all the best uh joan i have sent the email
to alex with the google drive links of the yes i've sent it yeah thank you looking forward bye
bye