- Managed Kubernetes
- Managed Kubernetes
rok8s scripts are Kubernetes scripts that help manage the deployment of applications to Kubernetes via a continuous integration environment. rok8s-scripts are Fairwinds’ fork of the original k8s repository created by Ross Kukulinski.
Here, I’ll provide some more context about what rok8s scripts are, what they do and why you should consider using them.
Kubernetes deployments involve a lot of files. For example, you have to install the Kubernetes command line utility, authorize that utility with the cluster you’re working with and add all the files that determine your deployment configuration.
Automated deployments follow similar patterns, which have been incorporated into highly efficient scripts that facilitate deployment into Kubernetes. Open source rok8s scripts make it easy to manage the application development and deployment lifecycle and deploy to Kubernetes from within your continuous integration environment. (rok8s scripts work with CircleCI and Jenkins. Caching with Docker 1.10 or later isn’t currently supported, though it will be in the near future.)
rok8s scripts can be used to verify deployment, verify database migrations, handle secrets and organize YAML files.
With Kubernetes, you describe what image you would like to deploy and set parameters for how Kubernetes should roll out that deployment into the Kubernetes cluster. Because Kubernetes doesn’t have a built-in way to notify you if your code rollout has failed, rok8s scripts can be used to verify deployment.
When you’re deploying your code, the code and the database schema need to align. rok8s scripts include a wrapper around Kubernetes Jobs (one-time executable sets of code) called a Blocking Job. A Blocking Job will deploy a job into the cluster and provide verification. If the migration succeeds, you can roll out the deployment. If it fails, the deployment will stop before your code is put into Kubernetes and give you the opportunity to address the problem. This process allows migration code to be checked in, reviewed and applied automatically.
Applications need to run a lot of sensitive information, such as passwords to databases and API keys to other services. When this information is checked in with your source code, you’re essentially giving others easy access to the sensitive credentials needed to exploit your system. rok8s scripts include wrappers around Kubernetes’ secrets, enabling the storing of secrets in Amazon S3 with the appropriate permissions set on the file. As you build the deployment within CircleCI or Jenkins, you pull down the secrets from S3, put them into the file format needed by Kubernetes and then push them into Kubernetes. That way, changes in secrets can be synced without keeping secrets in the source code.
It’s not uncommon for a single application deployment to involve multiple YAML files, so one goal is to organize those files within the repository. rok8s scripts can help manage deployments (how you get code into Kubernetes), Services and Ingress (how an application in Kubernetes is deployed) and ConfigMap (how you push a configuration into Kubernetes so the deployment remains the same across environments).
Setting up Kubernetes is simple to do, but managing Kubernetes can be complex. (For an overview, check out kops 101 - The Kubernetes Deployment Game-Changer.)
By automating standard workflows and simplifying common tasks, rok8s scripts provide an opinionated guideline on what an application deployed into Kubernetes should look like, ensure all deployments follow the same pattern and fast-track common functions. While rok8s scripts don’t replace the need for expertise in Kubernetes and kops, they will dramatically reduce the number of steps you need to follow in order to deploy to Kubernetes quickly and effectively.