Deploying a Container

In Kubernetes the most basic building block is the Pod.

In many ways a Pod resembles something like running docker-compose; it contains one or more containers with configurable ports, networking, environment variables and more.

In very few cases will you need to create a Pod yourself. Instead Kubernetes defines a few different resources that in turn will manage your pods for you.

Workload Resources

  • Deployment - Ensures a desired number of pod replicas are running simultaneously
  • StatefulSet - Used for stateful applications where pods need access to persistent storage
  • DaemonSet - Manages sets of pods so that all (or some) nodes each run at least one replica
  • Job - Creates one or more pods that retry until a specified number of them succeed
  • CronJob - Schedules one or more pods to run on a timer

For a typical stateless application running multiple replicas you will probably want to use a Deployment. In this how-to we will go through how to use Deployments to launch a container and access it over the internet.

1. Publishing your Docker Image

How to build a docker image is out of scope for this article. However, in order for you cluster to be able to access your image it will have to be available in a docker registry.

Docker maintains their own registry that can be used to publish public images freely. If you don't want them to be globally available you have to pay.

However, it's also possible (and pretty easy) to launch your own docker registry into your own cluster. Harbor and Docker Registry are two such alternatives.

2. Image Pull Secret

We will need to provide a way for Kubernetes to authenticate against your protected registry. You can skip this step if your images are public.

Fill in the details below to create a docker-registry secret named my-registry-cred that we can use for authentication in the following step.

kubectl create secret docker-registry my-registry-cred \
  --docker-server=<your-registry-server> \
  --docker-username=<your-name> \
  --docker-password=<your-password> \
  --docker-email=<your-email>

3. Create a Deployment

We will create a simple deployment with three replicas running an image named docker-registry/my-backend-api.

By default Kubernetes uses a rolling update strategy. This means that, for example, if we update the image tag it will roll out the new pods one by one to avoid any potential downtime.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-backend-api
  labels:
    app: my-backend-api
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-backend-api
  template:
    metadata:
      labels:
        app: my-backend-api
    spec:
      containers:
        - name: my-backend-api
          image: docker-registry/my-backend-api
          ports:
            - containerPort: 80
      imagePullSecrets: # Can be omitted if your images are public!
        - name: my-registry-cred

When we have created and saved our manifest we can apply it to our cluster.

kubectl create -f deploy.yaml

Voila! Your container should now be running, check its status by writing kubectl describe pod my-backend-api.

4. Accessing your app from the Internet

However, your container will not be accessible from the internet. If you want to enable an ingress have a look at installing an ingress controller such as NGINX Ingress.

5. What's next

For more information on Kubernetes Deployments have a look at the official documentation.