Skip to content

explicit-logic/kubernetes-module-10.4

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Module 10 - Container Orchestration with Kubernetes

This repository contains a demo project created as part of my DevOps studies in the TechWorld with Nana – DevOps Bootcamp.

https://www.techworld-with-nana.com/devops-bootcamp

Demo Project: Deploy NodeJS application in K8s cluster from private Docker registry

Technologies used: Kubernetes, Helm, AWS ECR, Docker

Project Description:

  • Create Secret for credentials for the private Docker registry
  • Configure the Docker registry secret in application Deployment component
  • Deploy web application image from AWS ECR in K8s cluster

Prerequisites

Complete the previous demo project first. You must have a Docker image pushed to your private AWS ECR registry. See aws-module-9.5 for setup instructions.

  • AWS CLI configured with an ecr profile
  • kubectl installed locally
  • A DigitalOcean account with Kubernetes access

Step 1 - Create a Kubernetes Cluster on DigitalOcean

Provision a managed Kubernetes cluster through the DigitalOcean dashboard:

Cluster Configuration

Step 2 - Connect to the Cluster

Download the kubeconfig file from DigitalOcean, then configure access:

chmod 400 k8s-id-kubeconfig.yaml
export KUBECONFIG=k8s-id-kubeconfig.yaml

Verify the connection:

kubectl cluster-info
kubectl get nodes

You should see the cluster endpoint and node(s) listed as Ready.

Step 3 - Create a Docker Registry Secret

Kubernetes needs credentials to pull images from your private AWS ECR registry. Choose one of the options below.

Option A - Single command (quick setup)

kubectl create secret docker-registry ecr-secret \
  --docker-server=<aws_account_id>.dkr.ecr.<region>.amazonaws.com \
  --docker-username=AWS \
  --docker-password=$(aws ecr get-login-password --profile ecr)

Note

Replace <aws_account_id> and <region> with your actual AWS account ID and region (e.g., us-east-1).

Option B - Using config.json (preferable for multiple repositories)

  1. Get your ECR password:
aws ecr get-login-password --profile ecr
  1. Create a Docker config.json file:
{
  "auths": {
    "<aws_account_id>.dkr.ecr.<region>.amazonaws.com": {
      "username": "AWS",
      "password": "<password-from-step-1>",
      "auth": "<base64-encoded-credentials>"
    }
  }
}

Generate the auth field:

echo -n "AWS:<password-from-step-1>" | base64
  1. Create the Kubernetes secret from the file:
kubectl create secret generic ecr-secret \
  --from-file=.dockerconfigjson=config.json \
  --type=kubernetes.io/dockerconfigjson

Alternative: Apply the secret declaratively using the provided manifest:

  • Base64-encode your config.json and place it in the .dockerconfigjson field of docker-secret.yaml
  • Apply it:
kubectl apply -f docker-secret.yaml

Step 4 - Deploy the Application

Update the image reference in app-deployment.yaml with your ECR repository URL:

spec:
  imagePullSecrets:
    - name: ecr-secret
  containers:
    - name: app
      image: <aws_account_id>.dkr.ecr.<region>.amazonaws.com/app:1.0
      imagePullPolicy: Always

Then deploy:

kubectl apply -f app-deployment.yaml

Verify the deployment is running:

kubectl get pods

Demo

Demo


Deploy and Configure Nginx Ingress Controller

Add the ingress-nginx Helm repository:

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx

Install the Nginx Ingress Controller:

helm install nginx-ingress ingress-nginx/ingress-nginx --set controller.publishService.enabled=true

Verify the controller is running:

kubectl get pods
kubectl logs nginx-ingress-ingress-nginx-controller-<pod-id>

A DigitalOcean Load Balancer is automatically provisioned:

Load Balancers

Note the external IP address assigned to the ingress service:

kubectl get svc

Nginx Ingress Service

Create and Apply the Ingress Rule

Update the host in app-ingress.yaml with your external IP (replacing dots with dashes):

- host: <your-ip-address>.nip.io
  # Replace <your-ip-address> with your actual external IP

Apply the ingress rule:

kubectl apply -f app-ingress.yaml

Ingress Rule

Access the Application

Navigate to http://<your-ip-address>.nip.io in your browser.

About

Deploy our web application in K8s cluster from private Docker registry

Topics

Resources

Stars

Watchers

Forks

Contributors