Kubernetes
Kubernetes ↗ is a container orchestration and management tool. Kubernetes is declarative, so you define the end state in a .yml file. A Kubernetes cluster has two components, the master, and the workers. The master is the control plane that the user interacts with to manage the containers. Worker nodes are where the containers are deployed and run. A Kubernetes cluster is connected internally through a private network. Cloudflare Tunnel can be used to expose services running inside the Kubernetes cluster to the public.
This guide will use a Google managed Kubernetes GKE. To get started, perform the following steps:
- Install the gcloud CLI ↗ and kubectl CLI ↗.
- In the GCP console create a new Kubernetes cluster.
- In order to connect to the cluster, select the three dots and then connect from the drop down.
- Copy the command that appears and paste it into your local terminal.
A pod is the basic deployable object that Kubernetes creates. It represents an instance of a running process in the cluster. The following .yml file ( httpbin-app.yml) will create a pod that contains the httpbin application. It will create two replicas so as to prevent any downtime. The application will be accessible inside the cluster at web-service:80.
apiVersion: apps/v1kind: Deploymentmetadata:  name: httpbin-deploymentspec:  selector:    matchLabels:      app: httpbin  replicas: 2  template:    metadata:      labels:        app: httpbin    spec:      containers:        - name: httpbin          image: kennethreitz/httpbin:latest          ports:            - containerPort: 80---apiVersion: v1kind: Servicemetadata:  name: web-servicespec:  selector:    app: httpbin  ports:    - protocol: TCP      port: 80Using the following command the application will begin to run inside the cluster.
kubectl create -f httpbin-app.ymlThe pods' status can be seen through the console or using the kubectl get pod command.
kubectl get podsThe tunnel can be created through the dashboard using this guide. Instead of running the command to install a connector you will select docker as the environment and copy just the token rather than the whole command. Configure the tunnel to route to k8.example.com from the service http://web-service:80 ↗. Create the cloudflared-deployment.yml file with the following content.
apiVersion: apps/v1kind: Deploymentmetadata:  labels:    app: cloudflared  name: cloudflared-deployment  namespace: defaultspec:  replicas: 2  selector:    matchLabels:      pod: cloudflared  template:    metadata:      creationTimestamp: null      labels:        pod: cloudflared    spec:      securityContext:        sysctls:          - name: net.ipv4.ping_group_range            value: "65532 65532"      containers:        - command:            - cloudflared            - tunnel            - --no-autoupdate            # In a k8s environment, the metrics server needs to listen outside the pod it runs on.            # The address 0.0.0.0:2000 allows any pod in the namespace.            - --metrics            - 0.0.0.0:2000            - run          args:            - --token            - <token value>          image: cloudflare/cloudflared:latest          name: cloudflared          livenessProbe:            httpGet:              # Cloudflared has a /ready endpoint which returns 200 if and only if              # it has an active connection to the edge.              path: /ready              port: 2000            failureThreshold: 1            initialDelaySeconds: 10            periodSeconds: 10This file will be deployed with the following command.
kubectl create -f cloudflared-deployment.ymlThe application within the cluster will now be accessible through the domain name as configured.