Kubernetes
Kubernetes (aka K8s): A container orchestration tool used in enterprise applications
Main Components
- Pod: Abstraction of containers; can be thought of as an abstraction of an application
- Service: Service is like a static IP address for each Pod & a load balancer all in one; used for communication without needing to hardcode an IP address that will end up changing
- Ingress: Used to route traffic into the cluster
- ConfigMap: Used for key-value storage of config that you’d like to not have hardcoded in properties files in applications
- Secrets: Encrypted key-value storage
- Q: Not sure if this is good to use, as it’s only base64 encoded? I feel like runtime-injected secrets would be better?
- Volumes: Similar to Docker, used for data persistence for stateful applications like Databases
- Deployments: Pod blueprints including replication behavior
- Not to be used with Stateful applications like Databases; should only be used with stateless applications
- StatefulSet: Like a deployment, but for Stateful applications
- According to Nana’s tutorial, it’s very tedious and maybe not as used in the real world?
K8s Architecture
Node Processes
- In K8s, the Worker Node is a server that runs the applications stored in the Pods
- Runs multiple pods
- Usually K8s clusters have multiple Worker Nodes running as replicas, load balanced by Services
- Each node has to have 3 processes running on it in order to function correctly with K8s:
- Container runtime (e.g., Docker)
- Kubelet: The K8s process that interacts with both the container and the underlying VM (or physical machine)
- Responsible for taking the configuration and running the pod, managing Node resources for the various pods, etc…
- Kube Proxy: Forwards requests through services in a performant manner
Master Processes
- Master Node: Server that handles the higher level coordination of the cluster
- Most K8s clusters are made up of multiple Master Nodes for fault tolerance
- Need less physical resources (CPU, RAM, Storage) than Worker Nodes
- Tasks include
- Scheduling pod
- Monitoring overall health of cluster
- Rescheduling / restarting Pods when necessary
- Helping new Nodes to join the cluster
- 4 Process that must run on every Master Node
- Kubernetes API Server: Like a cluster Gateway; all K8s clients interact with this API server which receives instructions to pass down to the Worker Nodes
- Also is a gateway for Authentication for interacting with the Cluster
- Scheduler: Starts / schedules Pods on Worker Nodes in an intelligent manner without you needing to know which Worker Node the Pod will live on
- Controller Manager: Detects cluster state changes (like Pod crashes)
- etcd: Key-value store of cluster state
- Like the Cluster Brain, stores this data to then be retrieved by the API Server when we’re looking at dashboards, etc…
- Application data (like DB data for the app itself) is NOT stored in
etcd, just cluster information
- Kubernetes API Server: Like a cluster Gateway; all K8s clients interact with this API server which receives instructions to pass down to the Worker Nodes
Local Setup
- minikube: Open source tool to replicate production K8s clusters by running all Master and Worker processes on a single node running in a VM set up via some sort of Hypervisor (e.g., VirtualBox)
- Mainly used for just starting up a mini, local cluster, or deleting it; all interaction / configuration with the cluster happens a client like
kubectl
- Mainly used for just starting up a mini, local cluster, or deleting it; all interaction / configuration with the cluster happens a client like
- kubectl: CLI for locally interacting with Cluster running anywhere (including in
minikube)- Interacts with cluster via the Master Node API Server process
- Considered the most powerful of all K8s clients