Deploy to IBM Cloud Kubernetes from deployment.yml - kubernetes

I have developed my microservice ecosystem and i managed to deploy and run it localy using docker containers and minikube. For each service i have specified two files: deployment.yml (pod specification) and service.yml (service specification). When I deploy each service to minikube cluster i simply run:
kubectl create -f deployment.yml
and after that
kubectl create -f service.yml
Now I want to deploy microservice ecosystem to IBM Cloud Services. I spend some time researching the deployment procedures and I did not find any using the deployment.yml and service.yml when deploying services.
My question is, can I just somehow deploy my services using existing deployment.yml and service.yml files?
Thank you for the answers.

As long as it's kubernetes under the hood and kubernetes API is accessible (kubectl works) you can do exactly the same. Is it sustainable in long term, that depends on your case, but likely it is not and I would suggest looking into stuff like ie. Helm

So I was confused about the deployment steps.
I just needed to go to IBM Cloud Service dashboard, find my cluster, click on cluster link and follow the steps in the Access section on the page.
After finishing the steps described within the section we can deploy our services as we were using the minikube and kubectl locally.

Related

Can a pod within my cluster get a list of pods in a service?

Suppose I have a Service within my cluster called workers. From kubectl, I can list the pods in that service using the selector the service uses:
kubectl get pods --selector app=worker
Can a pod within the cluster get a list of that service's pods?
You can achieve it quite easily with Kubernetes Python Client library. The following code can be run locally as it uses your .kube/config file for authentication:
from kubernetes import client , config
config.load_kube_config()
v1 = client.CoreV1Api()
list_pods = v1.list_pod_for_all_namespaces(label_selector="app=worker")
for item in list_pods.items:
print(item.metadata.name)
Before that you will need to install the mentioned library, which can be done with pip:
pip3 install kubernetes
For production use I would recommend integrating it with your python docker image and of course instead of using .kube/config file, you will need to create a ServiceAccount for your client Pod so it can authenticate to kubernetes API. This is nicely described in this answer, provided by krelst.

Does kubernetes Deployment automatically create the service like openshift DeploymentConfig does?

I created a deployment using kubernetes Deployment in openshift cluster. i expected it to create the service for all the container ports like openshift DeploymentConfig does.
but i did not find any service created by the kubernetes Deployment.
does kubernetes Deployment not create the service automatically like openshift DeploymentConfig does ?
My openshift version is 3.11
Both Deployment and DeploymentConfig does not create the Service component in OpenShift. These component are used for creation of Replication Control of the Pod.
Service has to be configured separately with the selector parameter to point to the specific Pods.
selector:
name: as in the deployment or in deploymentConfig.
This link would help you on the same.
https://docs.openshift.com/container-platform/3.3/dev_guide/deployments/how_deployments_work.html#creating-a-deployment-configuration
Deployment and service are different kubernetes objects. Deployment doesnt automatically create service object. you need to define service definition in a YAML targeting the ports from the pod definition inside deployment manifests. You need to deploy both deployment and service objects. you can deploy then separately or bundle them together in a single YAML and deploy.
Further details follow the link --> https://kubernetes.io/docs/concepts/services-networking/service/

Kubernetes, deploy from within a pod

We have an AWS EKS Kubernetes cluster with two factor authentication for all the kubectl commands.
Is there a way of deploying an app into this cluster using a pod deployed inside the cluster?
Can I deploy using helm charts or by specifying service account instead of kubeconfig file?
Can I specify a service account(use the one that is assigned to the pod with kubectl) for all actions of kubectl?
All this is meant to bypass two-factor authentication for the continuous deployment via Jenkins, by deploying jenkins agent into the cluster and using it for deployments. Thanks.
You can use a supported Kubernetes client library or Kubectl or directly use curl to call rest api exposed by Kubernetes API Server from within a pod.
You can use helm as well as long as you install it in the pod.
When you call Kubernetes API from within a pod by default service account is used.Service account mounted in the pod need to have role and rolebinding associated to be able to call Kubernetes API.

How to deploy application to a different cluster within same google cloud project?

I have one google cloud project, but have 2 different kubernetes clusters. Each of these clusters have one node each.
I would like to deploy an application to a specific kubernetes cluster. The deployment defaults to the other cluster. How can I specify which kubernetes cluster to deploy my app to?
See the cluster with which kubectl is currently communicating:
kubectl config current-context
Set the cluster with which you want kubectl to communicate:
kubectl config use-context my-cluster-name
See official docs here for more details

Access non Istio resource

My current version of istio is 0.2.12.
I have a deployment that is deployed with istio kube-inject and tries to connect to a service/deployment inside of the kubernetes cluster that not uses Istio, how is it possible to allow access from the istio using deployment to the not istio using deployment.
In this case is the istio baked deployment a Spring boot application and the other is an ephemeral MySQL server.
Any ideas?
You should be able to access all the kubernetes services (Istio-injected and the regular Kubernetes ones) from Istio-injected pods.
This now possible, please see the
"Can I enable Istio Auth with some services while disable others in the same cluster?"
question in the security section of the faq: https://istio.io/help/faq.html