Kubernetes
0 likes102 views
This document provides an overview of key Kubernetes concepts including containers, pods, volumes, deployments, services, configmaps, secrets, replica sets, and horizontal pod autoscaling. It describes the basic building blocks in Kubernetes like pods, containers, volumes, labels and selectors. It also covers different types of services, deployments for declarative updates, replica sets for scaling pods, and horizontal pod autoscaling for autoscaling based on CPU utilization.
Kubernetes
- 4. Concepts ❏ Containers ❏ Pods, ReplicaSets, Volumes, PersistentVolumes... ❏ Deployments, Loadbalancer, Labels, Selectors... ❏ Controllers, HPA, ConfigMaps, Secrets... ❏ Master, Worker nodes, Etcd ❏ GitOps
- 5. Containers ❏ Isolation (Cpu, memry) ❏ Linux Kernel Features ❏ Packing / Specification ❏ Images, Image Repositories ❏ RuntimeClasses: Alpha == CRI
- 6. K8s files: Specs ❏ Declarative ❏ Spected State ❏ Version Control ❏ Rollout and Rollback ❏ All in one Vs one concept per yaml file
- 7. Nodes ❏ Master and Worker nodes ❏ K8s rely on ETCD ❏ ETCD = (Distributed k/v store) ❏ Worker Nodes (minions) ❏ You app runs on worker nodes ❏ 3 Masters nodes for HA Worker Node 1 Worker Node 2 Master
- 8. Pod ❏ Basic Building block in k8s ❏ Smaller Deployment Unit ❏ Group of Co-located Containers ❏ Share: Network interface + Volumes ❏ Has 1-N containers(docker) Pod Container 1 Container 2
- 9. Pod: spec
- 10. Labels and Selectors ❏ Labels: K/V props attached in to objects. ❏ Labels are used for identification: Release, Version, Tier, Account, Project ❏ Selectors: Select Resources based on labels i.e tier=frontend, =, != ❏ Selectors support expressions: like in, notin, etc… ❏ kubectl get pods -l environment=production,tier=frontend
- 11. ConfigMaps ❏ K/V pairs ❏ Decouple Images(Containers) from configurations ❏ For non-sensitive information - Application specific ❏ Can be exposed via: Environment vars or Volumes.
- 12. ConfigMaps: Spec
- 13. Secrets ❏ K/V pairs ❏ Secret: Hold sensitive information: Tokens, passwords, ssh keys. ❏ Secrets are safer than putting info into Pods. ❏ Secrets can be exposed via Environment vars or Volumes.
- 14. Secret: Spec
- 15. Volume ❏ Disks in Containers are Ephemeral ❏ Don't lose the State ❏ Share with other containers(Pod) ❏ Several Types: ❏ EmptyDir | local ❏ ConfigMap ❏ GlusterFS ❏ EBS(AWS), PD(GCP), Azure and much more... Pod Container 1 Container 2 Volume
- 16. Volume: spec
- 17. Controller (RCs) ❏ Old Pattern - now ReplicaSets are Recommended. ❏ Similar to a Supervisor process ❏ Use Cases: Rescheduling, Scaling, Rolling Updates ❏ Liveness and Readiness probes
- 18. DaemonSet and Job ❏ Similar to ReplicationController (RCS) ❏ DaemonSet: Nodes are Copy or Deleted from Pods. ❏ DaemonSet: Used for: Gluster, Ceph,FluentD, logstash, mon agents ❏ Job: Make sure pods successfully terminate. ❏ Job: Used for Batch Processing: One time tasks, Spark / Flink
- 19. ReplicatSet ❏ Scale Up or Scale Down Pods ❏ Pods can die(no resurrection) ❏ Make sure pods are running(available) ❏ By number of (same) pods (i.e: 3,5,7,10 etc…) ❏ Decoupled from Pods - use Selectors(labels == K/V config pairs) ❏ In production we use Deployments instead(rollout capability) Pod 1 Container 1 Pod 2 Container 2 ReplicaSet Template: 2
- 20. ReplicaSet: spec
- 21. Service ❏ Sometimes called *Microservice* ❏ Abstraction on top of Pods ❏ Define policies to access the service ❏ Defined by Label / Selector ❏ Have they own DNS names ❏ Several Types: ❏ ClusterIP, NodePort, Loadbalancer, Ingress ❏ AWs, GCP, OpenStack and much more... Pod 1 Container 1 Pod 2 Container 2 Service
- 22. Types of Service ❏ ClusterIp: ❏ Good for: Debugging ❏ Good for: Dashboarding ❏ No External Access (need to use: kubectl proxy --port=8080) http://localhost:8080/api/v1/proxy/namespaces/<NAMESPACE>/services/<SERVICE-NAME> :<PORT-NAME>/
- 23. Types of Service ❏ NodePort: ❏ Open a Port on a NODE VM ❏ Only 1 Service per Port (ports available: 30000–32767) ❏ If Node/VM Ip change you need to deal with it ❏ Good for: Temporary access ❏ Not recommended for production
- 24. Types of Service ❏ Loadbalancer: ❏ Classical LoadBalancer as name says :-) ❏ Several Protocols: HTTP, TCP, UDP, Websockets, gRPC ❏ Great for Production ❏ BUT It can be expensive == 1 LB per Service
- 25. Types of Service ❏ Ingress: ❏ Multiple service under same IP ❏ Smart Routing ❏ It can get complex easily ❏ Several Options: Nginx, Istio, Google Load Balancer, and more...
- 26. Service: spec
- 27. Deployment ❏ Production way to do things :-) ❏ Declarative Updates for Pods and ReplicaSets ❏ Scaling for Cpu Utilization ❏ Support for Selectors ❏ Pause / Resuming ❏ Strategies: ❏ Rolling updates ❏ Destroy/Create
- 28. Deployment: Spec
- 29. HPA ❏ Beta ❏ Horizontal Pod Autoscaler (HPA) ❏ Works with the Metrics Server component ❏ Scale RCs by CPU ❏ Scale by App custom metrics. I.e: queue_depth or Inflight-Connections.
- 30. HPA:Spec
- 31. CA ❏ Beta ❏ Cluster Autoscaler ❏ More | Less Worker Nodes onDemand ❏ 2 Conditions to trigger: ❏ Fail to schulle pods due lack of resource ❏ Pods that are not being used can be replaced
- 32. CA: Spec
- 33. CA: Spec
- 34. Architecture