Exploring Kubernetes with Minikube

Kubernetes Kickoff

Digging Deeper

The next step is to see if Nginx is actually serving some HTML next.

If you run the following next command (substituting the hash 54b9c79874 with a valid pod name running on your cluster), you can see that the pod relies on the stated deployment (Figure 9):

Figure 9: A snippet of the abbreviated output from the command: ``kubectl describe pod nginx-dep-54b9c79874-b9dzh''.
$ kubectl describe pod nginx-dep-54b9c79874-b9dzh

The YAML in Listing 2 installed a service called nginx-svc . Request some important information about that service using the following command:

$ kubectl get svc

See the output in Figure 10.

Figure 10: Getting internal port numbers: ``kubectl get svc''.

In Figure 10, pay close attention to the NodePort setting, which was requested in the YAML.

This example uses a specific node's ephemeral networking ports to present a service; you would use an ingress controller in a cloud environment most likely. NodePort exposes the service on a static port of the node IP address [8]. NodePorts are in the 30000-32767 range. The NodePort is therefore unlikely to match a service's well known port.

I know the upper-range ephemeral port number already (TCP port 31867, in this case). The following command gives the Node IP address:

$ kubectl describe nodes

You might need to scroll up a little in the output to find the IP Address (Figure 11).

Figure 11: Finding the IP Address.

Proof Of the Pudding

Finally, a trusty curl command offers evidence that Kubernetes has ``exposed'' (or opened up) TCP port 31867 on the node for the nginx instance. Try the following command:

$ curl -k -v

And, low and behold, you will see the very welcoming, Welcome to nginx! index page (Figure 12).

Figure 12: HTML served up by the nginx server.

The End

You'd be forgiven for wanting to learn more about the clever Kubernetes. This article covered the installation and the addition of a basic Nginx service, backed by a deployment with two replicas running, using Minikube -- a tool designed for exploring Kubernetes in a local environment.

For more information, the cheatsheet at the Kubernetes website covers common Kubernetes commands nicely [9].

The Author

Chris Binnie’s latest book, Linux Server Security: Hack and Defend,  shows how hackers launch sophisticated attacks to compromise servers, steal data, and crack complex passwords, so you can learn how to defend against such attacks. In the book, he also shows you how to make your servers invisible, perform penetration testing, and mitigate unwelcome attacks. You can find out more about DevOps, DevSecOps, Containers, and Linux security on his website: https://www.devsecops.cc.


[1] Kubernetes: https://kubernetes.io/
[2] Minikube at GitHub: https://github.com/kubernetes/minikube
[3] Virtualization Basics and an Introduction to KVM: https://mkdev.me/en/posts/virtualization-basics-and-an-introduction-to-kvm
[4] Kubectl commands: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands
[5] KVM Commands: https://www.cyberciti.biz/faq/howto-linux-delete-a-running-vm-guest-on-kvm/virsh-kvm-list-vms/
[6] YAML: http://www.yaml.org
[7] YAML Checker: http://yaml-online-parser.appspot.com
[8] NodePort: https://docs.openshift.com/container-platform/3.6/dev_guide/expose_service/expose_internal_ip_nodeport.html
[9] Kubernetes Cheatsheet: https://kubernetes.io/docs/reference/kubectl/cheatsheet/

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Monitoring container clusters with Prometheus
    In native cloud environments, classic monitoring tools reach their limits when monitoring transient objects such as containers. Prometheus closes this gap, which Kubernetes complements, thanks to its conceptual similarity, simple structure, and far-reaching automation.
  • Run Kubernetes in a container with Kind
    Create a full-blown Kubernetes cluster in a Docker container with just one command.
  • Safeguard and scale containers
    Security, deployment, and updates for thousands of nodes prove challenging in practice, but with CoreOS and Kubernetes, you can orchestrate container-based web applications in large landscapes.
  • Kubernetes Auto Analyzer
    The fast pace of Kubernetes development can patch and introduce security vulnerabilities between versions. The Kubernetes Auto Analyzer configuration analyzer tool automates the review of Kubernetes installations against CIS Benchmarks.
  • Zero-Ops Kubernetes with MicroK8s
    A zero-ops installation of Kubernetes with MicroK8s operates on almost no compute capacity and roughly 700MB of RAM.
comments powered by Disqus