Docker + Kubernetes + Helm: A comprehensive step-by-step using Java

The application

  • One will increase and return the value of a counter.
  • One will just read the counter.

Docker

The Dockerfile

  • The base image.
  • Arguments.
  • The exposed ports.
  • Files to be added.
  • The command to run.
FROM openjdk:11

EXPOSE 8080

ARG JAR_FILE

COPY ${JAR_FILE} docker-k8s-helm-demo.jar

ENTRYPOINT ["java","-jar","docker-k8s-helm-demo.jar"]
  • Start with a base image of openjdk 11.
  • Expose port 8080
  • Define a parameter for the java executable file path. This is because during build time, the executable is created with the version attached to the name. If you hardcode the version in the Dockerfile, it will not work on the next release. It is a way of keeping the Dockerfile agnostic from your build process.
  • Copy the file passed as parameter inside the image with the name docker-k8s-helm-demo.jar.
  • Define an Entrypoint for the application: What to run when it boots.
docker build --build-arg JAR_FILE=build/libs/docker-k8s-helm-demo-1.0-SNAPSHOT.jar -t my_tag .
REPOSITORY         TAG                  IMAGE ID       
my_tag 1.0-SNAPSHOT 8a6b3cd45513
docker run --name my_app -p 8080:8080 my_tag

Dockerfile-compose

Kubernetes

Kubernetes basics

  • Deployment: As stated before, you cannot define a desired state for pod. The deployment allows you to specify how many replicas of pods you want, makes sure all of them are configured the same and recreates them automatically in case of failure.
  • ClusterIP: Makes the container visible inside the the kubernetes cluster in case it needs to communicate with other containers.
  • Ingress: It represents an entry point to the cluster from the outside and performs routing of requests like NGINX. For example: if the request path starts with “/api” send it to some ClusterIP, if it starts with “/static” send it to another ClusterIP. We will get back to this later.
  • Persistent Volume Claims (PVC): As it name states, a PVC is used to persist data. But what does it mean? It is used to create a disk allocation outside the pods where data can be stored and not lost when the pod restarts. If you do not use it, your data in the database will be lost if the node dies for some reason.
  • Secrets: They are used to store sensitive data such as passwords inside the cluster. The idea is that some administrator will store passwords inside the container using secrets and then the pods will read from the secret. This means your passwords will not be present in your configuration files. Kubernetes stores the secrets encrypted and it takes takes care of the injecting them into the pods that say they need it.
  • Namespace: This is just a formality for the most part. In a large cluster, the number of objects could be really big and chances are you just want to focus only those belonging to your app. With a namespace, the results of every kubernetes command you run will be limited to just those belonging to it.

Networking

Helm

  • To automate the deployment of every kubernetes object. Without it, you should apply every kubernetes file you create, one by one. With helm you create a chart and helm deploys everything for you.
  • To configure the kubernetes objects for different environments. Helm treats the kubernetes files as go templates(See docs here). You can define values that change per environment (say dev, test, prod), definition of objects per environment (say you want so store a password hardcoded for dev and in a secret for prod) or you want a service to be deployed just in dev. There are tons of things you can do with it.
  • A Chart.yaml file stating the name of the chart
  • A values.yaml file with values for the variables you use inside your templates
  • A templates folder where you will store your kubernetes files.
containers:
- name: app
image: {{ .Values.image.name }}:{{ .Values.image.tag }}
image:
name: nacho270/docker-k8s-helm-demo
tag: 1.0-SNAPSHOT

Afterthoughts

--

--

--

I’m a back-end software engineer working in finance. I write about Java and tech that I decide to research.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The Project Portfolio Flows Work Through Teams

images/ppmflow.png

Is your Linux skill good enough for a System Admin role?

Using Packer to Create an AMI in AWS !!

Web Analytics Data Warehouse: Google Analytics and Search

Oasis Infobyte Internship experience

Bounty for Sharding Killer — MultiVAC: Over 150,000 MTV Plus Awards for Every Participant Are…

Accelerating Your Product Roadmap With Contract Developers

Beyond The Blueprint

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ignacio Cicero

Ignacio Cicero

I’m a back-end software engineer working in finance. I write about Java and tech that I decide to research.

More from Medium

Application Performance Monitoring: Monitor dynamically java applications with Consul, Prometheus…

Traffic routing using istio service mesh

Deploy a Microservice into Istio service mesh

This image has an empty alt attribute; its file name is image.png

Terraform: Deploy spring boot application with MySql DB on Kubernetes