Deploying The Mongo-Express app Using Kubernetes.
Introduction
Kubernetes also known as k8s is an open-source container orchestration platform developed by Google that is used to deploy, manage and scaling of the containerized application. Kubernetes architecture consists of two main part Control plane and Worker Node. In this blog post, we will explore how Kubernetes secret , configuration , deployment and services can be utilized to set up and manage mongo-Express . Lets's go !
Deploying Mongo-Express
Here in this blog, we will look at how can we create different types of files in order to deploy our web-app on mongo-express. We will have to deal about following file in order for maintaining good workflow.
Secret File
Config File
Deployment and
Service
Secret File
A secret is basically an object that will have our sensitive data like passwords, tokens, and ssh keys. Creating secret we do not need to include confidential data in our application code.
Below is our secret file
apiVersion: v1 kind: Secret metadata: name: mongo-secret type: Opaque data: mongo-user: bW9uZ291c2Vy mongo-password: bW9uZ29wYXNzd29yZA==In the above YAML file, we define it kind as
Secretand name asmongo-secretand type asOpaque.
Configuration File
A ConfigMap is an API object used to store non-confidential data in key-value pairs. It can be consumed by the pod or other resources within the cluster. ConfiMap is a key-value pair and we used to store the configuration file. It can be used to store :
Command-line arguments
Configuration files
Environment variables
apiVersion: v1 kind: ConfigMap metadata: name: mogno-config data: mongo-url: mongo-service
In the above YAML file, we define it kind as ConfigMap and name as mongo-config and we provide mongo-service as data. We will get the mongo-service from mogo-service file.
Deployment and Services
A Deployment provides declarative updates for Pods and ReplicaSets. We can declare the new state of pods, roll back to earlier deployment state. It is used to describe the desired state of a Kubernetes application deployment.
Even if the deployment is happened where we put our application in pod But we are still unable to communicate to the outer world or with in our network. In our case mogodb did not have the URL to forward to its default port where we can access. So we need another things i.e SERVICE which exposes the port that we have and make it available to the organization.
Here in our app we have MongoDB and mongo-express where we excess the mongo-express in the exposed port.
Monogo App Deployment and service file
apiVersion: apps/v1
kind: Deployment
metadata:
name: mongo-deployment
labels:
app: mongo
spec:
replicas: 1
selector:
matchLabels:
app: mongo
template:
metadata:
labels:
app: mongo
spec:
containers:
- name: mongo
image: mongo:6.0
resources:
limits:
memory: "128Mi"
cpu: "500m"
ports:
- containerPort: 27017
env:
- name: MONGO_INITDB_ROOT_USERNAME
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-user
- name: MONGO_INITDB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-password
---
apiVersion: v1
kind: Service
metadata:
name: mongo-service
spec:
selector:
app: mongo
ports:
- protocol: TCP
port: 27017
targetPort: 27017
WebApp Deployment and service file
apiVersion: apps/v1
kind: Deployment
metadata:
name: webapp-deployment
labels:
app: webapp
spec:
replicas: 1
selector:
matchLabels:
app: webapp
template:
metadata:
labels:
app: webapp
spec:
containers:
- name: webapp
image: mongo-express:latest
resources:
limits:
memory: "128Mi"
cpu: "500m"
ports:
- containerPort: 8081
env:
- name: ME_CONFIG_MONGODB_ADMINUSERNAME
valueFrom:
secretKeyRef:
name: secret
key: mongo-user
- name: ME_CONFIG_MONGODB_ADMINPASSWORD
valueFrom:
secretKeyRef:
name: secret
key: mongo-password
- name: ME_CONFIG_MONGODB_SERVER
valueFrom:
configMapKeyRef:
name: mogno-config
key: mongo-url
---
apiVersion: v1
kind: Service
metadata:
name: webapp-service
spec:
type: NodePort
selector:
app: webapp
ports:
- protocol: TCP
port: 8081
targetPort: 8081
nodePort: 30100
Here we have YAML file of deployment and service file of both mongo and Our webApp.
When deploying applications in Kubernetes, we use a Service of type NodePort to expose the application externally by assigning a static port. This allows external access to the application by accessing node's IP address on the specified NodePort.
Command Used
$kubectl apply -f secret.ymlfor creating the Secret$kubectl apply -f mongo-config.ymlfor Creating the configMap$kubectl apply -f mongoapp-deplyoment-service.ymlfor creating the both deployment and service$kubectl apply -f webapp-deplyoment-serive.ymlfor Creating the deployment and service
Now we can use $kubectl get svc to find the necessary details about the pods cluster.
$minikube service webapp-service-name to start the tunneling for the services of web-app service
WorkFlow
Once applied the above command , the workflow should enable the following:
The
ConfigMapandSecretprovides the necessary configuration and sensitive information to the application containers.The
Deploymentensures that the desired number of replicas are running, managing scaling, updates, and rollbacks.The
NodePortService exposes the application externally on a specified port across all cluster nodes.
Conclusion
Kubernetes provides several file types that play crucial roles in deploying and managing applications within a cluster. Config files (ConfigMaps) for the storage of non-confidential configuration data, while Secret files provide a secure means of storing sensitive information. Deployment files define the desired state of an application, and Service files abstract network endpoints to facilitate communication between different parts of an application or between applications. The NodePort service type exposes a specific port on all nodes within the cluster, enabling external access to an application. By following a well-defined workflow, which involves creating ConfigMaps and Secrets, defining Deployments, and setting up Services with NodePort, we can deploy and manage applications effectively in Kubernetes.
By following the following step we obtain our desired output in our exposed Nord Port