WEBVTT

00:00.110 --> 00:05.150
Okay, so now that we've pushed our images up to Gcloud, we're going to go ahead and start by running

00:05.150 --> 00:09.590
our own local Kubernetes cluster and have our images running locally.

00:09.620 --> 00:14.270
Now I'm using Docker desktop as my Kubernetes provider here.

00:14.270 --> 00:19.970
So if you use Docker desktop, you should be able to go into the settings and see a Kubernetes field

00:19.970 --> 00:26.240
here where you can enable a Kubernetes cluster on Docker desktop to make it very easy to get started

00:26.240 --> 00:28.640
with Kubernetes back in the command line.

00:28.670 --> 00:35.840
You can see if I run Kubectl get namespaces, I have the default namespaces for Kubernetes cluster and

00:35.840 --> 00:41.000
if I run Kubectl get pods, I have nothing running in my default namespace right now.

00:41.000 --> 00:44.840
So let's go ahead and change that by starting to create our first deployment.

00:44.870 --> 00:51.110
We're going to be using Helm as our dependency manager for Kubernetes so that we can easily deploy our

00:51.110 --> 00:56.030
application anywhere locally or on Gcloud very easily using helm.

00:56.030 --> 01:03.960
If you don't have helm already installed, simply go to helm sh slash docs intro install here where

01:03.960 --> 01:10.080
you can get instructions for how to install helm easily on any system, including from a script or through

01:10.080 --> 01:12.930
package managers like Homebrew or Chocolaty.

01:12.960 --> 01:16.770
It's very easy to install helm so go ahead and make sure you have this running.

01:16.770 --> 01:22.440
So to start, let's go ahead and create a new folder in our project called K80s, which is where all

01:22.440 --> 01:25.560
of our Kubernetes deployments and manifests will live.

01:25.680 --> 01:26.790
Now in our terminal.

01:26.820 --> 01:36.270
I'll CD into that folder and then I'll run helm Create Sleeper here to create a new helm chart called

01:36.270 --> 01:37.080
Sleeper.

01:37.080 --> 01:42.540
And what this is going to do is it's going to create some starter files for Sleeper here and give us

01:42.540 --> 01:48.900
some starting templates as well as an all important chart YAML file which defines our application and

01:48.900 --> 01:51.390
all the dependencies for this chart.

01:51.390 --> 01:53.400
So we're going to go ahead and clean things up here.

01:53.400 --> 01:58.560
I'll go ahead and remove everything in the templates folder that was generated.

01:58.560 --> 01:59.700
We don't need any of this.

01:59.730 --> 02:04.890
We can keep the helm ignore here, which will make sure we don't commit any of these unneeded files.

02:04.890 --> 02:08.640
And then in the values file, I'll go ahead and delete everything as well.

02:08.640 --> 02:13.080
So now we just have a completely empty chart called Sleeper here.

02:13.110 --> 02:13.440
Okay.

02:13.440 --> 02:18.630
So the next thing we want to do is actually create deployments for each of our services.

02:18.630 --> 02:24.420
Deployments are what's going to define the manifest for each of our microservices and make sure we always

02:24.420 --> 02:27.390
have a pod running for each one of these apps.

02:27.390 --> 02:29.340
So let's go ahead and start creating one.

02:29.340 --> 02:36.000
We're going to go ahead and use the Kubectl command here and run create deployment and we'll start off

02:36.000 --> 02:40.890
with reservations here and then I'll provide the image name here.

02:40.890 --> 02:46.290
And of course, we know we need to get the image name from our Gcloud repository.

02:46.290 --> 02:52.290
So we'll go ahead and copy the full path to the image here and paste in the image and of course make

02:52.290 --> 02:55.160
sure we add slash production to the end here.

02:55.170 --> 03:01.230
Next, we're going to set this flag called dry run equal to client here to make sure that we don't actually

03:01.230 --> 03:06.630
execute this, but we want to actually output this to YAML so that we can source control and commit

03:06.630 --> 03:12.030
it as part of our helm chart and make sure it's always going to be run when we do helm install.

03:12.030 --> 03:17.790
So let's go ahead and add dry run equal client and then we'll add output equal to YAML here and pipe

03:17.790 --> 03:21.240
this to a file called deployment dot yaml.

03:21.390 --> 03:27.660
So now if we go back to our folder, we have this generated yaml here which is the manifest for the

03:27.660 --> 03:33.240
reservations deployment and you can see we have everything we need out of the box to create this deployment.

03:33.240 --> 03:34.470
Go ahead and clean this up a bit.

03:34.470 --> 03:40.140
I'll get rid of the creation timestamp up here, then I'll get rid of the strategy section.

03:40.140 --> 03:46.350
We can get rid of the creation timestamp resources status and then I'll change the name of the container

03:46.350 --> 03:48.240
here to be reservations.

03:48.270 --> 03:54.330
Next, let's go ahead and in the sleeper directory we need to move this deployment manifest into our

03:54.330 --> 03:58.650
templates folder, which is where everything is going to be actually deployed from.

03:58.650 --> 04:04.830
So let's create a new directory in the templates folder here called Reservations, and then we'll move

04:04.830 --> 04:08.310
the Deployment.yaml into that reservations directory.

04:08.310 --> 04:09.630
So let's go ahead and give this a try.

04:09.630 --> 04:16.230
Now if we CD into Sleeper and then we can run helm, install Sleeper and then provide the path to the

04:16.230 --> 04:16.830
helm chart.

04:16.830 --> 04:22.080
In this case, it's in the current directory, we can see our deployment was successful and now if we

04:22.080 --> 04:25.440
do kubectl get pods, we can see our reservations.

04:25.440 --> 04:27.120
Pod is running, which is awesome.

04:27.120 --> 04:32.340
However, we have an image pull backoff issue here, which means we're not able to correctly pull the

04:32.340 --> 04:33.030
image.

04:33.030 --> 04:39.990
So if we do describe pod and enter it, you can see we're getting denied access on our image.

04:39.990 --> 04:42.150
So let's go ahead and take care of this next.

04:42.150 --> 04:47.520
So remember that out of the box that our artifact registry is completely private, which means that

04:47.520 --> 04:50.910
people can't pull our images without correct access.

04:50.910 --> 04:57.900
And that means even on our local Kubernetes cluster, we need a way to configure access to these images,

04:57.900 --> 04:59.730
just like we did for local Docker.

04:59.950 --> 05:01.240
We were pushing and pulling.

05:01.240 --> 05:02.920
So let's go ahead and do just that.

05:02.920 --> 05:10.450
We'll go into the G Cloud console and go to APIs and services, then go ahead and click on credentials,

05:10.600 --> 05:16.300
and then we're going to click Create Credentials and click on service account.

05:16.420 --> 05:22.670
I'll go ahead and call this artifact image pull, then click create and continue.

05:22.690 --> 05:29.500
Then for roles here, click on roles and scroll down until we find the artifact registry.

05:29.500 --> 05:35.860
And then we're going to click on Artifact Registry Reader so that we can read items from our artifact

05:35.860 --> 05:36.550
registry.

05:36.550 --> 05:37.970
Then click on Continue.

05:37.990 --> 05:40.510
Then we'll go ahead and finish by clicking Done.

05:40.510 --> 05:45.940
So now that we've created the service account, go ahead and click on it and then we're going to click

05:45.940 --> 05:50.410
on Keys here and add a new key and click Create new Key.

05:50.440 --> 05:51.700
This will be JSON.

05:51.700 --> 05:56.530
So go ahead and click Create and then we'll click Allow to download this.

05:56.740 --> 06:01.380
So make sure you download this JSON and save it somewhere on your machine where you can find it.

06:01.400 --> 06:07.160
Okay, so now we need to tell Kubernetes to use our JSON key file when pulling from GCR by creating

06:07.160 --> 06:08.300
a new secret.

06:08.300 --> 06:17.540
So we'll call kubectl, create secret of type Docker registry and we'll call this GCR JSON key and provide

06:17.540 --> 06:20.180
a flag here called Docker Server.

06:20.180 --> 06:26.960
And this is going to be equal to the domain of where our repository is living, which we can also get

06:26.960 --> 06:36.870
by clicking on a repository, setup instructions and copying this here the US East four in my case.package.dev.

06:36.890 --> 06:38.600
Copy this and paste this in.

06:38.630 --> 06:46.400
Then we'll provide a Docker username and we'll set this equal to underscore JSON key.

06:46.970 --> 06:50.660
And then importantly the Docker password.

06:50.690 --> 06:57.440
This is going to be equal to open up quotes and inside of here we'll do dollar sign and then open up

06:57.440 --> 07:04.700
parentheses and in the parentheses we're going to run a command cat and then enter the path to the JSON

07:04.700 --> 07:05.630
key file.

07:05.630 --> 07:11.090
In my case, I've put it in this exact directory here, so I will paste the path here.

07:11.090 --> 07:16.510
Finally, we'll provide a Docker email here and I'll set this equal to our email that we set up Sleeper

07:16.520 --> 07:19.190
Nest app at gmail.com.

07:19.400 --> 07:24.050
And then you can see our secret JCR JSON key was created.

07:24.140 --> 07:28.880
Finally, we need to add the secret to our default service account so that it's actually going to be

07:28.880 --> 07:30.320
used to do this.

07:30.350 --> 07:41.060
We can run Kubectl patch service account default and add dash P, open up single quotes here and inside

07:41.060 --> 07:49.760
of here we're going to open up a new object and we're going to use open up quotes and put in image pull

07:49.790 --> 07:51.140
secrets here.

07:52.200 --> 07:55.110
And set this equal to an array.

07:55.380 --> 08:01.230
And inside of that array we'll have another object with a name here.

08:01.620 --> 08:03.930
And the name is going to be equal to the key.

08:03.930 --> 08:07.510
We just created GCR, JSON Key.

08:07.530 --> 08:09.680
So go ahead and patch this.

08:09.690 --> 08:14.370
Now we can go ahead and run kubectl rollout, restart deployment.

08:16.250 --> 08:24.290
Reservations so that a new reservations pod will be created can now run kubectl get pods to see our

08:24.290 --> 08:25.100
reservations.

08:25.100 --> 08:30.980
Pod is running and if we take a look we can see it's currently crashed loopback offing.

08:30.980 --> 08:37.400
If we run kubectl logs and paste the pod name in, we can see that the startup failed because we're

08:37.400 --> 08:42.740
not supplying the pod with the correct environment variables, which is what we expect to see because

08:42.740 --> 08:45.020
our validation is working correctly.

08:45.020 --> 08:48.670
Let's go ahead and continue fleshing out our deployment.

08:48.680 --> 08:53.000
Okay, so we're going to go ahead and create the deployments for the rest of our services before we

08:53.000 --> 08:54.680
define our environment variables.

08:54.680 --> 09:00.770
So let's go ahead and in our folder, in the templates directory, let's go ahead and create a new folder

09:00.770 --> 09:02.390
for each of our services.

09:02.390 --> 09:08.030
We of course already have the deployment here for the reservation service, so we'll go ahead and add

09:08.030 --> 09:13.130
an additional templates folder here for the auth service.

09:13.670 --> 09:20.910
Now in the terminal, we can CD into the templates folder and let's start off with the auth deployment.

09:20.910 --> 09:26.580
So CD into the auth folder and we'll run the command we already ran earlier for the reservations deployment.

09:26.580 --> 09:33.510
We'll run Kubectl, create deployment and we'll provide the image name now so we can go back to Google

09:33.510 --> 09:35.790
Cloud into artifact registry.

09:35.790 --> 09:42.420
So we'll click on Auth and click the copy button here to get the path to the auth repository and then

09:42.420 --> 09:44.250
we'll paste in the image name here.

09:44.250 --> 09:48.750
Make sure we also add the name of the deployment here in this case auth, and then we'll go ahead and

09:48.750 --> 09:56.640
specify dry run equal to client here and specify the output should be in YAML format and then we will

09:56.640 --> 10:00.600
pipe this to a deployment dot yaml file.

10:00.600 --> 10:05.850
So we should now see in the auth folder we have the deployment now filled out, we'll get rid of the

10:05.850 --> 10:07.200
time stamps here.

10:07.200 --> 10:14.070
So go ahead and delete the two creation time stamps, the resources status and strategy object and go

10:14.070 --> 10:20.160
ahead and add the slash production to the end of our image here to make sure we're using the production

10:20.160 --> 10:20.610
image.

10:20.610 --> 10:22.290
We'll go ahead and back in the terminal.

10:22.290 --> 10:26.010
We'll repeat the same process next for the payments deployment.

10:26.010 --> 10:32.820
So go ahead and regenerate this create deployment command and we will go ahead and just swap out the

10:32.820 --> 10:40.260
repository URL here to make sure we're targeting the payments image and go ahead and change the name

10:40.260 --> 10:42.480
of the deployment to payments as well.

10:42.480 --> 10:48.600
Then we'll go ahead and open up this new deployment and repeat the same process, delete the strategy,

10:48.630 --> 10:55.200
time stamps, resources and status, and go ahead and add a slash production to the end of the image

10:55.200 --> 10:55.950
name here.

10:55.950 --> 11:00.900
So finally, we need to do the same thing for the notifications service.

11:00.900 --> 11:08.580
So let's go ahead and create a new deployment here, change payments out and add notifications and change

11:08.580 --> 11:09.810
the name of the deployment.

11:09.840 --> 11:12.210
Now to notifications as well.

11:12.450 --> 11:19.800
Let's go ahead and open up the notifications deployment, delete the time stamps, strategy, resources

11:19.800 --> 11:24.720
and status, and add the slash production to notifications image.

11:24.720 --> 11:26.700
So now we have all of our deployments.

11:26.700 --> 11:28.410
We're going to need to deploy our app.

11:28.410 --> 11:34.030
Let's go ahead and upgrade our helm installation so that we can get these new deployments.

11:34.050 --> 11:41.670
To do this, we can make sure we're at the root of the chart here and we'll go ahead and run helm upgrade

11:41.670 --> 11:49.230
Sleeper and provide the path to the chart YAML In this case, in the current directory you can see that

11:49.230 --> 11:56.790
our deployment here was upgraded and we can run kubectl get pods to see all of our different deployments

11:56.790 --> 12:02.880
running and you can see they're all in an errored state and that's because we have no environment variables

12:02.880 --> 12:05.280
as we've already seen with the Reservations pod.

12:05.310 --> 12:09.570
We can run kubectl logs on the auth pod here and see the same issue.

12:09.600 --> 12:12.240
We're not passing the environment variable validation.

12:12.240 --> 12:15.900
So let's go ahead and continue to set up these environment variables properly.