Deploying an application (Eclipse Mosquitto)

[dystewart]

Now to get into the nitty gritty. We are going to deploy an application in our OpenShift cluster to see how it works. The application we'll be using is called Eclipse Mosquitto, which is an open source MQTT broker. We don't need to worry too much about what it does because we won't be using it in depth but you can learn more about it here: Eclipse Mosquitto

It's important to remember that everything in OpenShift is defined by a yaml manifest. So what we need to do is create a directory somewhere on our local machine where we will gather and work with the manifests we need to deploy, so go ahead and set that directory up. Before we start though, we want to make sure we know all kubernetes terminology we'll be using to deploy this application. I'll include each of the files we'll be using so you can see what they look like along with a description. Copy and paste them into your working directory as they appear.

namespace
When we are working we always need to be aware of what namespace we are working in. A namespace allows us to scope our resources to avoid things like naming conflicts. This in turn allows multiple teams or applications to use the cluster. (NOTE: a namespace is also called a project within OpenShift)

More on namespaces: kubernetes namespaces

Let's create a new namespace that we'll deploy mosquitto in:
$ oc new-project mosquitto
Now your OpenShift CLI will be inside you new namespace.

deployment
Another critical object we'll be using is a deployment. We use a deployment to create and configure certain aspects of pods. A pod is essentially a container that runs our application. Deployments can also be used to spin up extra replica pods if for instance resource usage reaches a certain threshold.

More on deployments: kubernetes deployments

deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mosquitto
  labels:
    app: mosquitto
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mosquitto
  template:
    metadata:
      labels:
        app: mosquitto
    spec:
      containers:
        - name: mosquitto
          image: quay.io/dystewar/mosquitto
          ports:
            - containerPort: 1883
          volumeMounts:
            - name: mosquitto-conf
              mountPath: /mosquitto/config
            - name: mosquitto-secret
              mountPath: /mosquitto/secret  
      volumes:
        - name: mosquitto-conf
          configMap:
            name: mosquitto-config-file
        - name: mosquitto-secret
          secret:
            secretName: mosquitto-secret-file

secrets
We will be mounting a secret in our Mosquitto pod for testing Reloader later on. A secret is a Kubernetes resource that holds some sensitive info like credentials or a token. The benefit of a secret is that we need not include sensitive data in our application code.

More on secrets: kubernetes secrets

secret.yaml

apiVersion: v1
kind: Secret
metadata:
  name: mosquitto-secret-file
type: Opaque
data:
  username: YWRtaW4=
  password: MWYyZDFlMmU2N2Rm

configMap
We will be using a configMap to pass some configuration code into our Mosquitto pod via an environment variable.

More on configMaps: kubernetes configMap

config.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: mosquitto-config-file
data:
  mosquitto.conf: |
    log_dest stdout
    log_type all
    log_timestamp true
    listener 9001

If you take a look in our deployment.yaml you can see that it's dependent on a couple volume mounts namely the our secret and our configMap:

deployment.yaml

...
containers:
        - name: mosquitto
          image: quay.io/dystewar/mosquitto
          ports:
            - containerPort: 1883
          volumeMounts:
            - name: mosquitto-conf
              mountPath: /mosquitto/config
            - name: mosquitto-secret
              mountPath: /mosquitto/secret  
      volumes:
        - name: mosquitto-conf
          configMap:
            name: mosquitto-config-file
        - name: mosquitto-secret
          secret:
            secretName: mosquitto-secret-file
...

So we need to create the secret and configMap before we can actually create our deployment successfully so let's do it:

oc apply -f secret.yaml
oc apply -f config.yaml

Now double check that the resources were indeed created:
oc get configmaps
oc get secrets
You should see your secret(mosquitto-secret-file) and your configMap(mosquitto-config-file) listed in the reults. These are the same names as we see in the config.yaml and secret.yaml files. You can find the names under the metadata.name fields in each file.

Finally we can create our deployment to actually get our Mosqutto pod up and running:
oc apply -f deployment.yaml
Now we can see the deployment:
oc get deployment
And we can also see the pod the created by our deployment:
oc get pods

We can see all this via the web UI as well by selecting our mosquitto project from the projects tab. If you click on workloads you'll see your deployment, and by clicking on your deployment you will see the pod.

Now Mosquitto is up and running in the cluster!