Kubernetes Concepts
Key Kubernetes concetps.
Kubernetes
Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation.
Kubernetes makes it easy to scale application, reduce downtime and increase security.
Key Features of Kubernetes
- Horizontal Scaling
- Self Healing
- Automated Rollouts and Rollbacks
- Built-in Service Discovery
- Built-in Load-Balancer
Cluster
A Kubernetes cluster consists of at least one master and multiple workers called nodes.
Master
The cluster master runs the Kubernetes control plane processes, including the Kubernetes API server, scheduler, and core resource controllers.
Users interact with Kubernetes using Kubernetes API calls. Master runs API Server to handle the request.
Master also schedule workloads and manage network and storage resources for the workloads.
Node
Node is worker machines controlled by Master. Nodes runs containerized application s and other workloads.
Node Pools
A node pool is a group of nodes within a cluster that all have the same configuration.
Custom node pools are useful when you need to schedule Pods that require more resources than others, such as more memory or more local disk space.
Workloads
Pod
Pods are the smallest, most basic deployable objects in Kubernetes. A Pod represents a single instance of a running process in your cluster.
Pods contain one or more containers. one-container-per-Pod model is the most basic Kubernetes use case. Containers in a Pod share storage and network. A sidecar container can be added to the pod. The sidecar container can provide log forwarding and proxying to other service.
A Pod can specify a set of shared storage Volumes . All containers in the Pod can access the shared volumes.
Each Pod is assigned a unique IP address. However, these IP addresses are not stable.
ReplicaSet
A Deployment creates ReplicaSet. ReplicaSet manages groups of identical, replicated pods. It creates and deletes Pods to reach a specified number.
It is possible to create ReplicaSet directly, but it is not recommended. Deployment will automatically create replicaset.
Deployment
Deployments represent a set of multiple, identical Pods with no unique identities. A Deployment runs multiple replicas of your application and automatically replaces any instances that fail or become unresponsive.
Deployment is used to run stateless applications. Example ofa stateless application is a frontend applications.
You can create Deployment using kubectl apply or kubectl create command.
StatefulSet
A StatefulSet is the workload API object used to manage stateful applications.
A stateful application requires its state to be persisted. examples are MySQL, MongoDB, Kafka, and Apache ZooKeeper.
For stateless applications, use Deployment instead.
DaemonSet
A DaemonSet ensures exactly one instance of pod is run on a node. It is a one-Pod-per-node model.
Example are storage daemons like cept, log collection daemons like fluentd, and node monitoring daemons like collectd.
Job
A job creates one or more Pods and ensures that a specified number of them successfully terminate.
CronJob
A Cron Job creates Jobs on a time-based schedule.
Networking
Kubernetes Cluster allocates IP addresses and assigns IP addresses to nodes, pods and services.
Service
a Service is an abstract way to expose an application running on a set of Pods as a network service.
With Kubernetes you don’t need to modify your application to use an unfamiliar service discovery mechanism. Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them.
Ingress
Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster.
An Ingress can be configured to give services externally-reachable URLs, load balanc traffic, terminal SSL/TLS, and offer name based virtual hosting.
An Ingress does not expose artitrary ports or protocols. Exposing services other than HTTP and HTTPS to the internet typically uses a service of type Service.Type=NodePort
or Service.Type=LoadBalancer
.
ConfigMaps and Secrets
ConfigMaps are used to store and sharing non-sensitive unencrypted configuration environment variables that can be passed to the running workloads.
Secrets are similar to ConfigMaps. It stores sensitvive data such as passwords, OAuth tokens, SSH keys.
Namespace
- Each resource can only have one namespace
- Namespace are intended for multiple teams sharing the same cluster
- Namespaces are a way to divide cluster resources between multiple users
- use labels to distinguish resources within the same namespace.
Kubernetes starts with three initial namespaces:
- default
- kube-system
- kube-public
Label and Selector
Labels are key/value pairs that are attached to objects, such as pods. Labels are intended to be used to specify identifying attributes of objects that are meaningful and relevant to users, but do not directly imply semantics to the core system.
Example:
1 | ... |
Selectors select the matched resources from query. The API currently supports two types of selectors: equality-based and set-based.
Equality- or inequality-based requirements allow filtering by label keys and values. Example:
1 | environment = production |
Set-based label requirements allow filtering keys according to a set of values. Example:
1 | environment in (production, qa) |
Not all concepts are listed. For details of a concept, see https://kubernetes.io/docs/concepts/
Annotations
You can use Kubernetes annotations to attach arbitrary non-identifying metadata to objects. Clients such as tools and libraries can retrieve this metadata.
Example:
1 | ... |
Architecture
By Khtan66 - https://commons.wikimedia.org/wiki/File:Kubernetes.pngMaster
Master is the node that manages others nodes.
It runs the following components
- kube-apiserver - exposes the Kubernetes API. It is the front-end for the Kubernetes control plane. Kubernetes API is a Restful API for user to interact with its components.
- etcd - consistent and highly-available key value store used as Kubernetes’s backing store for all cluster data.
- kube-scheduler - component on the master that watches newly created pods that have no node assigned, and selects a node for them to run on
- kube-controller-manager - component on the master that runs controllers
- cloud-controller manager - runs controllers that interact with the underlying cloud providers.
Node
A Pod always runs on a Node. A node is a worker machine in Kubernetes that is managed by a Master. Master is also a node. It manages the other nodes in the cluster.
Node contains the following components
- kubelet - An agent that runs on each node in the cluster.
- kube-proxy - kube-proxy is a network proxy that runs on each node in your cluster, implementing part of the Kubernetes Service concept.
- Container Runtime - The container runtime is the software that is responsible for running containers.