Geekdocs
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Geekdocs
  2. /
  3. Tsuka
  4. /
  5. V1 - Challenge Containers

V1 - Challenge Containers

Initially we were planning to deploy images from within the cluster. There are 2 parts to this.

  1. Image Building
  2. Applying Deployments

Image Building

Kubernetes does not support docker inside their containers, we have looked at alternatives approaches. Click on the link to see the details and also why they were rejected.

  1. Mounting docker onto the container
  • Rejected ? : By giving root access to docker daemon, a team may delete the image or fiddle with the resources of other teams.

[WIP : Explore and write for each sub-methods]

  1. Docker out of docker
  2. Docker in Docker
  3. Kaniko
  4. Moby

Applying Deployments

InCluster Deployment

  1. First we make a RBAC role to allow access to namespace for creating incluser deployments. Here we have used the default namespace for testing purposes. Write and apply an RBAC accordingly as per your infra and flow.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  namespace: default
  name: deployments-and-deployements-scale
rules:
  - apiGroups: ["apps"]
    resources: ["deployments"]
    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: deployments-and-deployements-scale-rb
subjects:
  - kind: ServiceAccount
    name: default
    namespace: default
roleRef:
  kind: ClusterRole
  name: deployments-and-deployements-scale
  apiGroup: ""
  1. Next we use the kubernetes client api to apply deployment.yaml stored in katanad which runs the deployment. The image should be inside the minikube docker daemon which is the dependency on the first step.

A Basic Challenge Deployment yaml. The challenge’s image should be inside the minikube docker daemon and image pull policy is never in order to avoid dockerhub pull.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: challenge-deployment
  labels:
    app: challenge
spec:
  replicas: 1
  selector:
    matchLabels:
      app: challenge
  template:
    metadata:
      labels:
        app: challenge
    spec:
      containers:
        - name: challenge
          image: challenge:latest
          imagePullPolicy: Never
          ports:
            - containerPort: 80

Python file to apply deployments.


from os import path
import yaml
from kubernetes import client, config

config.load_incluster_config()

//print(path.dirname(__file__))

with open(path.join(path.dirname(__file__), "deployment.yaml")) as f:
    dep = yaml.safe_load(f)
    k8s_apps_v1 = client.AppsV1Api()
    resp = k8s_apps_v1.create_namespaced_deployment(
        body=dep, namespace="default")
    print("Deployment created. status='%s'" % resp.metadata.name)

Outcluster deployments

Outcluster deployments are pretty forward. You can run a script using the kubectl commands or you can use the client api’s and write similar files as above and change config.load_incluster_config() to config.load_kube_config().