In this lab, you will deploy a Kubernetes deployment and perform a rollback operation.
The Authentication token stored in your local KUBECONFIG file expires every 10 hours. You will want to re-authenticate to the TKG Service before starting the lab to ensure you have access to the Supervisor cluster.
Run:
kubectl vsphere login --server=[vSphere Control Plane Endpoint] --tanzu-kubernetes-cluster-namespace=poc --tanzu-kubernetes-cluster-name=alphaclusterAfter successful authentication, change your Kubernetes context to the alphacluster by running:
kubectl config use-context alphaclusterNote: See the Authenticate lab for more a more detailed refresher on the procedures.
Pod Security Policies (PSPs) are sometimes used to limit what access pods have within a Kubernetes cluster. For example, PSPs can be used to ensure Pods don't have sudo access within the Kubernetes nodes.
For this lab we will disable Pod Security Polices as they have been deprecated and we are not covering them in this course. Some versions of TKG have them enabled by default.
To Disable PSPs just apply the yaml from this lab's directory.
kubectl apply -f disable-psp.yamlUse the deployment-manifest.yaml file supplied in this lab folder to create your first Kubernetes deployment.
kubectl apply -f deployment-manifest.yamlAfter the deployment has been successfully applied, review the objects created with the YAML manifest.
kubectl get deployments
kubectl get replicasets
kubectl get pods
Modify the deployment manifest to simulate a change to a running application. For this example we'll modify the nginx image used.
-
Modify the
kubernetes.io/change-cause:annotation to give it a descriptive update name such as:My Updated deployment using nginx alpine image -
Modify the container image to:
nginx:1.22.0-alpine
Note: There is a Modified Deployment File that can be used as a guide.
Apply the modified manifest to the cluster using:
kubectl apply -f modified-deployment-manifest.yamlOnce the deployment has been modified and applied, review the results.
kubectl get deployment
kubectl rollout history deployment myfirst-deployment
Notice the revisions and their change-cause descriptions. How would you use this field to update your own applications in the future?
Describe the deployment to get further information about the events the deployment has gone through.
kubectl describe deployment myfirst-deployment
Notice how the pods are scaled up and down during the rolling update of the deployment. If we wanted to replace two pods at once instead of one at a time, how could we accomplish this? What would we change in the modified deployment manifest to accomplish this?
Rollback the modified deployment to the original version.
Review the revision history to decide which version to rollback to.
kubectl rollout history deployment myfirst-deploymentThen choose the original deployment revision and rollback.
When complete check the rollout history again
kubectl rollout history deployment myfirst-deployment
When you're finished reviewing your pods, replica sets, and deployments delete the deployment.
kubectl delete deployment myfirst-deploymentNote: Leave the Pod Security Policies disabled (
from step 2) for future labs.