Use Ketch to Deploy Apps on Kubernetes Without YAML

Ketch, a relatively new open source project from application-as-code platform?Shipa, offers a simple command-line interface that developers can use to deploy and manage applications on any Kubernetes cluster without writing YAML configuration files.

Kubernetes is the ubiquitous standard for orchestrating containerized and microservices-based applications. However, operating Kubernetes requires developers to overcome a rather steep learning curve. Running Kubernetes successfully means gaining expertise in Kubernetes concepts, objects, and how to write and manage YAML files. Ketch eliminates much of that complexity by deploying applications directly to Kubernetes clusters, rendering YAML files unnecessary and easing entry for developers.

Let’s look at some key concepts behind how Ketch works, and then I’ll dig into an example using Ketch to deploy an application to a Civo Kubernetes cluster powered by K3s (though this example should work with any Kubernetes distribution).

Ketch Architecture

This image from the?Ketch documentation?diagrams the solution’s architecture. Within the Kubernetes cluster is a Ketch controller, as well as Pool and App custom resource definitions (CRDs) and an ingress controller. At the moment, Ketch supports?Traefik?and?Istio?ingress controllers. The Pool CRD isolates deployed applications, with each created pool configuring a namespace and other needed components on the cluster. The App CRD provides context for applications, runs the applications, and manages the application life cycle. The Ketch controller monitors the Pool and App CRDs for changes. Ketch can also provide comprehensive Helm charts displaying the Kubernetes resources that each application uses.?

To use Ketch, you’ll need a Kubernetes cluster under your control, the?kubectl?tool installed, and a downloaded copy of your cluster’s?kubeconfig?file. Once those are ready, test your connection to your Kubernetes cluster by running this command:

kubectl get nodes

If successful, you’ll see a display with the names of your cluster’s nodes.

Java

1

kubectl get nodes        

2

NAME                                STATUS   ROLES    AGE   VERSION        

3

k3s-ketch-50daed25-node-pool-d146   Ready    <none>   11m   v1.20.2+k3s1        

4

k3s-ketch-50daed25-node-pool-016c   Ready    <none>   11m   v1.20.2+k3s1        

5

k3s-ketch-50daed25-node-pool-7906 ? Ready ? ?<none> ? 11m ? v1.20.2+k3s1        

Ketch Implementation

To begin, download the Ketch binary from GitHub and install the Ketch client. In this example, the Ketch CLI is installed to a Mac computer.

Java

1

$ curl -s https://raw.githubusercontent.com/shipa-corp/ketch/main/install.sh | bash        

2

3

Downloading Ketch binary from https://github.com/shipa-corp/ketch/releases/download/v0.1.0/ketch-darwin-amd64 to /usr/local/bin/ketch        

4

Ketch client installation was successful        

5

6

$ ketch -v        

7

ketch version 0.1.0        

Ingress Controller

Select Traefik or Istio as your ingress controller (Ketch plans to add support for more options going forward.) In this example we’ll use the Traefik ingress controller, which comes with k3s by default. The following commands display the pods (including Traefik pods), and the traffic managing service running:

Java

1

$ kubectl get pods -A        

2

3

NAMESPACE   NAME                                   READY   STATUS      RESTARTS   AGE        

4

kube-system metrics-server-7566d596c8-ks9ss        1/1     Running     0        5m45s        

5

kube-system local-path-provisioner-6d59f47c7-d74ng 1/1     Running     0        5m45s        

6

kube-system helm-install-traefik-fwr9s             0/1     Completed   0        5m45s        

7

kube-system svclb-traefik-886fk                    2/2     Running     0        5m27s        

8

kube-system coredns-8655855d6-zzr8z                1/1     Running     0        5m45s        

9

kube-system traefik-758cd5fc85-2jf57               1/1     Running     0        5m27s        

10

kube-system svclb-traefik-lz8bl                    2/2     Running     0        4m59s        

11

kube-system svclb-traefik-xz2r7                    2/2     Running     0        4m51s        

12

13

$ kubectl get svc -A | grep Traefik        

14

15

kube-system traefik-prometheus ClusterIP 192.168.219.19 <none> 9100/TCP 6m18s        

16

kube-system traefik LoadBalancer 192.168.145.176 185.136.234.146 80:32596/TCP,443:30706/TCP 6m18s        

Traefik provides an external IP address. If using a Kubernetes cluster other than k3s, you can install Traefik or Istio for your particular Ketch implementation?from GitHub.?

Certificate Manager

Ketch also requires installing a certificate manager on the Kubernetes cluster. Complete this installation with this command:?

kubectl apply --validate=false -f?https://github.com/jetstack/cert-manager/releases/download/v1.0.3/cert-manager.yaml

?Then, verify that the certificate manager is running:

Java

1

kubectl get pods -n cert-manager        

2

NAME                                       READY   STATUS    RESTARTS   AGE        

3

cert-manager-cainjector-6d5dfbc779-jsrpj   1/1     Running   0          103s        

4

cert-manager-68d4985c5d-v6fw9              1/1     Running   0          103s        

5

cert-manager-webhook-59fccfc69b-xjwjt ? ? ?1/1 ? ? Running ? 0 ? ? ? ? ?103s        

Ketch Controller

Next, install the Ketch controller that monitors the Pool and App CRDs for changes.

Java

1

$ kubectl apply -f https://github.com/shipa-corp/ketch/releases/download/v0.1.0/ketch-controller.yaml        

2

3

namespace/ketch-system created        

4

customresourcedefinition.apiextensions.k8s.io/apps.theketch.io created        

5

customresourcedefinition.apiextensions.k8s.io/pools.theketch.io created        

6

role.rbac.authorization.k8s.io/ketch-leader-election-role created        

7

clusterrole.rbac.authorization.k8s.io/ketch-manager-role created        

8

clusterrole.rbac.authorization.k8s.io/ketch-proxy-role created        

9

clusterrole.rbac.authorization.k8s.io/ketch-metrics-reader created        

10

rolebinding.rbac.authorization.k8s.io/ketch-leader-election-rolebinding created        

11

clusterrolebinding.rbac.authorization.k8s.io/ketch-manager-rolebinding created        

12

clusterrolebinding.rbac.authorization.k8s.io/ketch-proxy-rolebinding created        

13

service/ketch-controller-manager-metrics-service created        

14

service/ketch-webhook-service created        

15

deployment.apps/ketch-controller-manager created        

16

certificate.cert-manager.io/ketch-serving-cert created        

17

issuer.cert-manager.io/ketch-selfsigned-issuer created        

18

mutatingwebhookconfiguration.admissionregistration.k8s.io/ketch-mutating-webhook-configuration created        

19

validatingwebhookconfiguration.admissionregistration.k8s.io/ketch-validating-webhook-configuration created        

Ketch Pool

As a last step before application deployment can begin, create a Ketch pool. You’ll need the ingress controller’s external IP address, which you can get by checking the service (Traefik in our example).

Java

1

$ kubectl get svc -A | grep Traefik        

2

3

kube-system traefik-prometheus ClusterIP    192.168.219.19  <none> 9100/TCP 93m        

4

kube-system Traefik ? ? ? ? ? ?LoadBalancer 192.168.145.176 185.136.234.146 80:32596/TCP,443:30706/TCP 93m        

Next, add to the pool by running?ketch pool.

Java

1

$ ketch pool add example --ingress-service-endpoint 185.136.234.146 --ingress-type traefik        

2

Successfully added!        

The above command created a new namespace, which you can now view.

Java

1

$ ketch pool list        

2

NAME    STATUS   NAMESPACE     INGRESS TYPE  INGRESS CLASS NAME  CLUSTER ISSUER  APPS        

3

example Created  ketch-example traefik                                           0        

4

5

$ kubectl get ns | grep example        

6

NAME              STATUS   AGE        

7

ketch-example ? ? Active ? 20s        

Now you’re ready to create an application (there are currently zero in the pool).

Java

1

$ ketch app create demo --pool example        

2

3

$ ketch app list        

4

NAME     POOL      UNITS    ADDRESSES                                   DESCRIPTION        

5

hello    example   0        https://demo.185.136.234.146.shipa.cloud        

6

7

$ ketch pool list        

8

NAME    STATUS   NAMESPACE     INGRESS TYPE  INGRESS CLASS NAME  CLUSTER ISSUER  APPS        

9

example Created ?ketch-example traefik ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 1        

Creating the app automatically creates an endpoint. However, the app still has zero units. The last step is to deploy an image to the cluster.

Java

1

$ ketch app deploy demo -i docker.io/example/ketch-demo        

2

Successfully deployed!        

3

4

$ ketch app list        

5

NAME    POOL      UNITS    ADDRESSES                                  DESCRIPTION        

6

demo ? ?example ? 1 ? ? ? ?https://demo.185.136.234.146.shipa.cloud        

The application is successfully deployed. Visiting the address available on the ketch app list now offers access to the app:

Ketch has done all the work of creating the deployment and Kubernetes objects necessary for the application to function.?

You can add customizations by using ketch.yaml and a profile, as seen here:

Java

1

kubernetes:        

2

  processes:        

3

    web:        

4

      ports:        

5

        - name: apache-http # an optional name for the port        

6

          protocol: TCP        

7

          port: 80 # The port that is going to be exposed on the router.        

8

          target_port: 9999 # The port on which the application listens on.        

9

    worker:        

10

      ports:        

11

        - name: http        

12

          protocol: TCP        

13

          port: 80        

14

    worker-2:        

15

? ? ? ports: []        

Much more information on application management is available in the?Ketch documentation.

Ketch CNAME

By adding a Ketch CNAME, you can serve your application from a URL of your choice:

Java

1

$ ketch cname add ketch.b84abe49-7e01-4c64-8dcb-3c7cde73947f.k8s.civo.com -a demo        

2

3

$ ketch app list        

4

NAME  POOL    UNITS  ADDRESSES                          DESCRIPTION        

5

demo  example 1     https://demo.185.136.234.146.shipa.cloud         

6

         ? ?https://ketch.b84abe49-7e01-4c64-8dcb-3c7cde73947f.k8s.civo.com        

Application Export

Ketch is able to export your application as a Helm chart. This strong feature allows you to easily distribute your application:

Java

1

$ ketch app export demo -d /Users/example/        

2

Successfully exported!        

3

4

$ ls        

5

Chart.yaml  templates   values.yaml        

6

7

templates $ ls -ltr        

8

-rw-r--r--  1 example  app  3361 Nov 26 14:24 deployment.yaml        

9

-rw-r--r--  1 example  app  2513 Nov 26 14:24 ingress.yaml        

10

-rw-r--r-- ?1 example ?app ?1020 Nov 26 14:24 service.yaml        

You can now send these files to a Git repository, submit changes, and make the exported application Helm chart available for others to utilize.

Conclusion

Ketch is a particularly powerful open source technology that solves many of the issues that developers and engineers encounter when they begin working with Kubernetes. Those hoping to leverage the full advantages of Kubernetes while avoiding its complexity should explore Ketch as an easy point of entry.