Kubernetes

Docker, Kubernetes, and Kali Linux Containers

Lesson Objectives:

By the end of this class, students will be able to:

  1. Understand basic Docker concepts and commands

  2. Grasp fundamental Kubernetes concepts

  3. Deploy a simple application to Kubernetes

  4. Create a Kali Linux container and deploy it to a Kubernetes cluster

Lesson Outline:

  1. Introduction to Docker

  2. Introduction to Kubernetes

  3. Deploying a Simple Application to Kubernetes

  4. Building and Deploying a Kali Linux Container in Kubernetes

Detailed Lesson Plan:

1. Introduction to Docker

a. What is Docker?

  • Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker's methodologies for shipping, testing, and deploying code, you can significantly reduce the delay between writing code and running it in production.

  • Docker's container-based platform allows for highly portable workloads. Docker containers can run on a developer's local laptop, on physical or virtual machines in a data center, on cloud providers, or in a mixture of environments.

b. Basic Docker Concepts

  • Images

  • Containers

  • Dockerfile

  • Docker Hub

Docker Architecture

Client

  • Docker Run: Command used to run a container.

  • Docker Build: Command used to build an image from a Dockerfile.

  • Docker Pull: Command used to pull an image from a registry.

Docker Host

  • Docker Daemon: The core component that manages Docker objects (images, containers, networks, and volumes).

    • Interacts with client commands to run, build, and pull images.

  • Images: Pre-configured templates used to create containers.

    • Examples in the diagram include Python, Redis, and a generic image.

  • Containers: Instances created from Docker images.

    • These are the actual running instances of applications or services.

Registry

  • Images: Stored Docker images available for pulling.

    • Examples in the diagram include NGINX, Ubuntu, PostgreSQL, and a generic image.

  • Extensions: Additional tools or services that extend Docker functionality.

    • Examples include JFrog and others.

  • Plugins: Plugins that integrate with Docker to provide additional capabilities.

    • Examples include Grafana and others.

Interaction Flow

  • Docker Build: The client sends a build command to the Docker daemon, which builds an image and stores it locally.

  • Docker Pull: The client sends a pull command to the Docker daemon, which fetches an image from the registry and stores it locally.

  • Docker Run: The client sends a run command to the Docker daemon, which creates and starts a container from a specified image.

c. Basic Docker Commands

# Pull an image
docker pull nginx

# Run a container
docker run -d -p 8080:80 nginx

# List running containers
docker ps

# Stop a container
docker stop <container_id>

# Remove a container
docker rm <container_id>

# Build an image
docker build -t my-app:v1 .

# Push an image to Docker Hub
docker push username/my-app:v1

d. Creating a Simple Dockerfile

FROM ubuntu:20.04
RUN apt-get update && apt-get install -y nginx
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

2. Introduction to Kubernetes

a. What is Kubernetes?

  • Kubernetes is a powerful and widely used open-source platform for managing containerized workloads and services. It is a portable and extensible platform that facilitates declarative configuration and automation. Its services, support, and tools are widely available and have a rapidly growing ecosystem.

  • Containers are an excellent way to bundle and run your applications but they require management. Kubernetes is the de-facto standard for container orchestration and management. It provides a comprehensive platform for deploying, scaling, and managing containerized applications.

b. Kubernetes Architecture

  • Master node components

    • API Server

      • etcd

    • Scheduler

    • Controller Manager

  • Worker node components

    • Kubelet

    • Kube-proxy

    • Container runtime

c. Basic Kubernetes Concepts

  • Pods

  • Deployments

  • Services

  • Namespaces

d. Basic Kubernetes Commands

# Create a deployment
kubectl create deployment nginx --image=nginx

# Expose a deployment
kubectl expose deployment nginx --port=80 --type=LoadBalancer

# Scale a deployment
kubectl scale deployment nginx --replicas=3

# Get pods
kubectl get pods

# Get services
kubectl get services

# Delete a deployment
kubectl delete deployment nginx

3. Deploying a Simple Application to Kubernetes

a. Creating a Simple Web Application

Create a simple "Hello World" web application using a language of choice (e.g., Python with Flask).

b. Dockerizing the Application

Create a Dockerfile for the application:

FROM python:3.9-slim
WORKDIR /app
COPY . /app
RUN pip install flask
EXPOSE 5000
CMD ["python", "app.py"]

Build and push the Docker image:

docker build -t my-flask-app:v1 .
docker push username/my-flask-app:v1

c. Creating Kubernetes Deployment and Service YAML

Create a file named deployment.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: flask-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: flask-app
  template:
    metadata:
      labels:
        app: flask-app
    spec:
      containers:
      - name: flask-app
        image: username/my-flask-app:v1
        ports:
        - containerPort: 5000
---
apiVersion: v1
kind: Service
metadata:
  name: flask-app-service
spec:
  selector:
    app: flask-app
  ports:
    - protocol: TCP
      port: 80
      targetPort: 5000
  type: LoadBalancer

This Kubernetes configuration file defines a Deployment and a Service for a Flask application. The Deployment named "flask-app" ensures that three replicas of the pod are running, each using the Docker image we pushed earlier username/my-flask-app:v1 and exposing port 5000. The Service named "flask-app-service" uses a LoadBalancer to expose the application to the outside world, forwarding traffic from port 80 to port 5000 on the pods, ensuring external accessibility and load balancing.

d. Deploying the Application

kubectl apply -f deployment.yaml

4. Building and Deploying a Kali Linux Container in Kubernetes

a. Creating a Kali Linux Dockerfile

Create a file named Dockerfile-kali:

FROM kalilinux/kali-rolling

# Update and install some basic tools
RUN apt-get update && apt-get install -y \
    nmap \
    metasploit-framework \
    && rm -rf /var/lib/apt/lists/*

# Set up a non-root user
RUN useradd -m kali
USER kali

# Set the working directory
WORKDIR /home/kali

CMD ["/bin/bash"]

This Dockerfile creates a Docker image based on the kalilinux/kali-rolling image. It updates the package list and installs basic tools like nmap and metasploit-framework, then cleans up the package lists to reduce image size. A non-root user named "kali" is created and set as the default user. The working directory is set to /home/kali, and the container runs with the command /bin/bash by default.

b. Building and Pushing the Kali Linux Image

docker build -t kali-custom:v1 -f Dockerfile-kali .
docker push username/kali-custom:v1

c. Creating Kubernetes Deployment for Kali Linux

Create a file named kali-deployment.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: kali-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: kali
  template:
    metadata:
      labels:
        app: kali
    spec:
      containers:
      - name: kali
        image: username/kali-custom:v1
        command: ["/bin/sleep", "infinity"]

This Kubernetes configuration file defines a Deployment for a custom Kali Linux application. The Deployment named "kali-deployment" ensures that one replica of the pod is running, using the Docker image username/kali-custom:v1. The pod is configured to run with the command "/bin/sleep", "infinity", effectively keeping the container running indefinitely. The pod is labeled with app: kali for identification and management purposes.

d. Deploying Kali Linux to Kubernetes

kubectl apply -f kali-deployment.yaml

e. Accessing the Kali Linux Container

# Get the pod name
kubectl get pods

# Access the Kali Linux container
kubectl exec -it <pod_name> -- /bin/bash

Further Practice

  1. Customize the Kali Linux container with additional tools

  2. Create a persistent volume for the Kali Linux container to store data

  3. Set up network policies to restrict access to the Kali Linux container

  4. Explore Kubernetes security best practices when dealing with potentially sensitive containers

PreviousContainersNextContainer Testing Methodology

Last updated