What is Kubernetes?
Kubernetes is a portable, extensible open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation.
Popular container orchestration system
Why Kubernetes?
- Automatic binpacking (Managing container)
- Horizontal scaling
- Automated rollouts and rollbacks
- Self-healing
- Service discovery and load balancing
- Secret and configuration management
Ref: Kubernetes & helm 활용
kubernetes component
- Master Components
- Node Components
- Addons
Master Components
Master components provide the cluster’s control plane
kube-apiserver
Component on the master that exposes the Kubernetes API. It is the front-end for the Kubernetes control plane.
etcd
Consistent and highly-available key value store used as Kubernetes’ backing store for all cluster data.
kube-scheduler
Component on the master that watches newly created pods that have no node assigned, and selects a node for them to run on.
kube-controller-manager
Component on the master that runs controllers.
- Node Controller: Responsible for noticing and responding when nodes go down.
- Replication Controller: Responsible for maintaining the correct number of pods for every replication controller object in the system.
- Endpoints Controller: Populates the Endpoints object (that is, joins Services & Pods).
- Service Account & Token Controllers: Create default accounts and API access tokens for new namespaces.
cloud-controller-manager
cloud-controller-manager runs controllers that interact with the underlying cloud providers. (etc. AWS, GCP, AZURE …)
Node component
kubelet
kubernetes agent on each node
check pod state(running and healthy)
kubelet is not container. -> binary file
kube-proxy
Maintaining network rules on the host and performing connection forwarding.
Container Runtime
Docker, rkt, runc, any OCI runtime-spec implementation.
Addon
Dns
Containers started by Kubernetes automatically include this DNS server in their DNS searches.
Web UI (Dashboard)
Kubernetes Architecture
kubrnetes architecture – 1
kubernetes architecture – 2
Kubernetes API
The Kubernetes API also serves as the foundation for the declarative configuration schema for the system.
The kubectl command-line tool can be used to create, update, delete, and get API objects.
OpenAPI and Swagger definitions
/openapi/v2
To make it easier to eliminate fields or restructure resource representations, Kubernetes supports multiple API versions, each at a different API path, such as /api/v1 or /apis/extensions/v1beta1.
API groups
- The core group, often referred to as the legacy group, is at the REST path
/api/v1and usesapiVersion: v1. - The named groups are at REST path
/apis/$GROUP_NAME/$VERSION, and useapiVersion: $GROUP_NAME/$VERSION(e.g.apiVersion: batch/v1)
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- name: nginx
image: dreg.be/tkwon/nginx-test:latestapiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 1
template:
spec:
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80API versioning
The Kubernetes API – Kubernetes
Just Only need remember this one.
Use api
betaandstable
Kubernetes Object Management
The kubectl command-line tool
kubectl run nginx --image nginxor
kubectl create deployment nginx --image nginxor more important object
kubectl apply -f nginx.yamlPod
- A Pod is the basic building block of Kubernetes
- the smallest and simplest unit
- Represents a unit of deployment
- Pods that run a single container.
- Pods that run multiple containers that need to work together.
Example for multiple containers in the Pod
The specific instances in which your containers are tightly coupled.
Pod detail
Pods provide two kinds of shared resources for their constituent containers: networking and storage.
Containers inside a Pod can communicate with one another using localhost
Pods and Controllers
A Controller can create and manage multiple Pods
- Deployment
- StatefulSet
- DaemonSet
Controllers
Deployment
To provides Declarative updates for Pods and ReplicaSets
deployment, replica set and pod
deployment yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80Statefulset
The workload API object used to manage stateful applications
To provides guarantees about the ordering and uniqueness of these Pods.
Using Statefulset
- Stable, unique network identifiers.
- Stable, persistent storage.
- Ordered, graceful deployment and scaling.
- Ordered, automated rolling updates.
Limitations
Deleting and/or scaling a StatefulSet down will not delete the volumes associated with the StatefulSet.
Pod Identity
StatefulSet Pods have a unique identity
The identity sticks to the Pod, regardless of which node it’s (re)scheduled on.
$(statefulset name)-$(ordinal). The example above will create three Pods named web-0,web-1,web-2
DaemonSet
A DaemonSet ensures that all (or some) Nodes run a copy of a Pod.
ex> Node exporter for prometheus
Services and Network
Service
Expose Pods and can make commnunication between Pods.
kind: Service
apiVersion: v1
metadata:
name: my-service
spec:
selector:
app: MyApp
ports:
- protocol: TCP
port: 80
targetPort: 9376my-service.my-namespace.svc.cluster.local
- ClusterIP
- NodePort
- LoadBalancer
- Match ELB on AWS
- ExternalName
Ingress
Similar wih Service, but
Service is kind of L4 network
Ingress is kind of L7 network.
Service map to AWS ELB,
Ingress map to AWS ALB
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: test-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /testpath
backend:
serviceName: test
servicePort: 80Storage
- Volumes
- Persistent Volumes
- PersistentVolumeClaim
- Storage Classes
Configuration
- Secrets
- ConfigMap
Kubernetes Pod Network
I think network is so importance to understand kubernetes.
You should check below references to understand it.
Network references:
understanding-kubernetes-networking-pods
Container Networking From Scratch
About Linux network namespace