Kubernetes (K8s) adalah platform open-source untuk automating deployment, scaling, dan management containerized applications.
Apa itu Kubernetes?
Konsep Dasar
Kubernetes mengelola:
- Containers (via Docker/containerd)
- Scaling (horizontal & vertical)
- Load balancing
- Self-healing
- Rolling updates
- Secret management
- Service discovery
Komponen Utama
Control Plane:
- API Server: Entry point untuk semua requests
- etcd: Key-value store untuk cluster data
- Scheduler: Assign pods ke nodes
- Controller Manager: Maintains desired state
Node Components:
- kubelet: Manages containers on node
- kube-proxy: Network proxy
- Container Runtime: Docker/containerd
Setup Kubernetes
Option 1: Minikube (Local Development)
# Install minikube
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube
minikube start
Check status
minikube status
Dashboard
minikube dashboard
Option 2: Kind (Kubernetes in Docker)
# Install kind
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind
Create cluster
kind create cluster --name my-cluster
List clusters
kind get clusters
Delete cluster
kind delete cluster --name my-cluster
Install kubectl
# Download
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
Install
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
Verify
kubectl version --client
Enable autocomplete
source <(kubectl completion bash)
echo 'source <(kubectl completion bash)' >>~/.bashrc
Basic Concepts
Pods
# pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
# Apply
kubectl apply -f pod.yaml
Get pods
kubectl get pods
Describe pod
kubectl describe pod nginx-pod
Logs
kubectl logs nginx-pod
Exec into pod
kubectl exec -it nginx-pod -- /bin/bash
Delete
kubectl delete pod nginx-pod
Deployments
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.21
ports:
- containerPort: 80
resources:
limits:
memory: "128Mi"
cpu: "500m"
requests:
memory: "64Mi"
cpu: "250m"
# Apply
kubectl apply -f deployment.yaml
Get deployments
kubectl get deployments
Scale
kubectl scale deployment nginx-deployment --replicas=5
Update image
kubectl set image deployment/nginx-deployment nginx=nginx:1.22
Rollout status
kubectl rollout status deployment/nginx-deployment
Rollback
kubectl rollout undo deployment/nginx-deployment
History
kubectl rollout history deployment/nginx-deployment
Services
# service.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
type: ClusterIP
NodePort Service
apiVersion: v1
kind: Service
metadata:
name: nginx-nodeport
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30080
type: NodePort
LoadBalancer Service
apiVersion: v1
kind: Service
metadata:
name: nginx-lb
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancer
# Apply
kubectl apply -f service.yaml
Get services
kubectl get services
Get endpoints
kubectl get endpoints
Port forward
kubectl port-forward service/nginx-service 8080:80
ConfigMaps dan Secrets
ConfigMap
# configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: app-config
data:
APP_ENV: production
APP_DEBUG: "false"
config.json: |
{
"database": "postgresql",
"cache": "redis"
}
# Using ConfigMap in Pod
apiVersion: v1
kind: Pod
metadata:
name: app-pod
spec:
containers:
- name: app
image: my-app:latest
envFrom:
- configMapRef:
name: app-config
# Or individual env vars
env:
- name: DATABASE_URL
valueFrom:
configMapKeyRef:
name: app-config
key: APP_ENV
# Mount as volume
volumeMounts:
- name: config-volume
mountPath: /app/config
volumes:
- name: config-volume
configMap:
name: app-config
Secrets
# Create secret from literal
kubectl create secret generic db-credentials \
--from-literal=username=admin \
--from-literal=password=secret123
Create from file
kubectl create secret generic tls-secret \
--from-file=tls.crt=path/to/cert \
--from-file=tls.key=path/to/key
# secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: db-credentials
type: Opaque
data:
username: YWRtaW4= # base64 encoded
password: c2VjcmV0MTIz # base64 encoded
# Using Secret in Pod
apiVersion: v1
kind: Pod
metadata:
name: app-pod
spec:
containers:
- name: app
image: my-app:latest
env:
- name: DB_USER
valueFrom:
secretKeyRef:
name: db-credentials
key: username
- name: DB_PASS
valueFrom:
secretKeyRef:
name: db-credentials
key: password
Namespaces
# Create namespace
kubectl create namespace development
Get namespaces
kubectl get namespaces
Set default namespace
kubectl config set-context --current --namespace=development
Apply to specific namespace
kubectl apply -f deployment.yaml -n development
Get resources from all namespaces
kubectl get pods --all-namespaces
Ingress
# ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: app-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: app.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: app-service
port:
number: 80
- path: /api
pathType: Prefix
backend:
service:
name: api-service
port:
number: 8080
tls:
- hosts:
- app.example.com
secretName: tls-secret
# Install ingress controller (nginx)
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.0/deploy/static/provider/cloud/deploy.yaml
Get ingress
kubectl get ingress
Persistent Volumes
# pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-data
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
hostPath:
path: /mnt/data
pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
# Using PVC in Pod
apiVersion: v1
kind: Pod
metadata:
name: app-with-storage
spec:
containers:
- name: app
image: my-app:latest
volumeMounts:
- name: data
mountPath: /app/data
volumes:
- name: data
persistentVolumeClaim:
claimName: pvc-data
StatefulSets
# statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql
spec:
serviceName: mysql
replicas: 3
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8.0
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: password
volumeMounts:
- name: mysql-data
mountPath: /var/lib/mysql
volumeClaimTemplates:
- metadata:
name: mysql-data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 10Gi
Helm (Package Manager)
Install Helm
# Install
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
Add repository
helm repo add bitnami
https://charts.bitnami.com/bitnami
helm repo update
Search charts
helm search repo nginx
Using Helm
# Install chart
helm install my-nginx bitnami/nginx
Install with custom values
helm install my-nginx bitnami/nginx -f values.yaml
List releases
helm list
Upgrade
helm upgrade my-nginx bitnami/nginx
Rollback
helm rollback my-nginx 1
Uninstall
helm uninstall my-nginx
Create Custom Chart
# Create chart
helm create my-app
Structure
my-app/
├── Chart.yaml
├── values.yaml
├── templates/
│ ├── deployment.yaml
│ ├── service.yaml
│ ├── ingress.yaml
│ └── _helpers.tpl
└── charts/
Package
helm package my-app
Install local chart
helm install my-release ./my-app
Kubectl Cheat Sheet
Basic Commands
# Get resources
kubectl get pods
kubectl get deployments
kubectl get services
kubectl get all
Detailed info
kubectl describe pod <name>
kubectl get pod <name> -o yaml
Logs
kubectl logs <pod>
kubectl logs -f <pod> # Follow
kubectl logs <pod> -c <container> # Specific container
Execute
kubectl exec -it <pod> -- /bin/bash
Port forward
kubectl port-forward <pod> 8080:80
Apply/Delete
kubectl apply -f file.yaml
kubectl delete -f file.yaml
Scale
kubectl scale deployment <name> --replicas=3
Edit
kubectl edit deployment <name>
Debugging
# Get events
kubectl get events --sort-by=.metadata.creationTimestamp
Resource usage
kubectl top nodes
kubectl top pods
Debug pod
kubectl debug <pod> --image=busybox -it
Kesimpulan
Kubernetes adalah tool powerful untuk container orchestration. Start dengan minikube/kind untuk local development, lalu gradually learn more advanced concepts.
Ditulis oleh
Hendra Wijaya