Dissecting a Kubernetes manifest

Dissecting a Kubernetes manifest

Kubernetes manifests can seem quite daunting at first, but it is important to understand that their apparent complexity is simply a result of the large number of customization options. In the end, manifests are used to deploy resources that interact with each other, which, among others, lead to the correct operations of containerized applications. Consequently, resources specified in a manifest must be configured accordingly. This article aims at explaining how manifests are structured to do so.

The following is a manifest file to deploy a PostgreSQL container in a Kubernetes cluster, accessible via nodePort and with its data stored in a persistent volume. As such, it is composed of three parts, or resources: Deployment, service and persistent volume claim.

Article image

Deployment

Let us first focus on the deployment. A deployment is a resource that automatically manages containers, which Kubernetes handles by itself in resources called pods. As such, a deployment sets the template for those, hence the "template" property. In order to keep track of the pods of each deployment, a label is assigned to the former and used as a selector by the latter.

Article image

Persistent volume claim

The container data is intended to be stored in a persistent volume. This involves defining the directories to mount in the container specifications of the pod(s). In this example, the data is to be stored in a persistent volume (PV). Consequently, a persistent volume claim (PVC) is required to tell Kubernetes to allocate a volume accordingly. The matching of a PVC and a pod's mounts is defined in the volumes field as follows:

Article image

Service

This instance of PostgreSQL is meant to be accessed using a nodePort service. As such, the service is tasked to route external traffic into the PostgreSQL container. This is similar to the NAT feature of a router. Consequently, the service targets pods of the deployment, which is achieved using the labels of the latter. Moreover, the port forwarding configuration must match that of the container.

Article image

Summary

Here is the complete picture of how the manifest resources relate to each other. Although seemingly complex at first, manifests like those can be easily understood by having a good grasp of how resources interact.

Article image