Kubernetes Overview
With the widespread adoption of containers among organizations, Kubernetes, the container-centric management software, has become a standard to deploy and operate containerized applications and is one of the most important parts of DevOps.
Originally developed at Google and released as open-source in 2014. Kubernetes builds on 15 years of running Google's containerized workloads and the valuable contributions from the open-source community. Inspired by Google’s internal cluster management system, Borg.
Task 1️⃣: What is Kubernetes? Write in your own words and why do we call it k8s?
Kubernetes, commonly abbreviated as "K8s," is an open-source platform designed for container orchestration. It is used to manage and automate the deployment, scaling, and management of containerized applications.
Kubernetes provides a highly flexible and scalable infrastructure that allows developers to deploy and manage their applications in a distributed environment. It abstracts away the underlying infrastructure, providing a unified API to manage and deploy applications across multiple nodes in a cluster.
It also provides features such as load balancing, self-healing, and automatic scaling, which help to ensure that applications are highly available and responsive.
The name "Kubernetes" comes from the Greek word for "helmsman" or "pilot," reflecting its role as a platform for managing and steering containerized applications. The abbreviation "K8s" is a shorthand for the word "Kubernetes," with "8" representing the eight letters between the "K" and the "s" in the word.
Task 2️⃣: What are the benefits of using k8s?
There are several benefits to using Kubernetes (k8s) for container orchestration:
Scalability: Kubernetes provides an easy way to scale containerized applications up or down, based on demand.
Resilience: Kubernetes can automatically recover from failures, ensuring that containerized applications are highly available.
Portability: Kubernetes provides a consistent way to deploy and manage containerized applications across multiple environments, from on-premises data centers to public clouds.
Efficiency: Kubernetes automates many of the manual tasks involved in deploying and managing containerized applications, freeing up developer time and reducing the risk of errors.
Flexibility: Kubernetes is highly customizable and extensible, allowing developers to build and deploy complex applications with ease.
Task 3️⃣: Explain the architecture of Kubernetes
- A Kubernetes cluster consists of control plane nodes and worker nodes.
Control Plane
The control plane is responsible for container orchestration and maintaining the desired state of the cluster. It has the following components.
kube-API server
etcd
kube-scheduler
kube-controller-manager
cloud-controller-manager
Worker Node
The Worker nodes are responsible for running containerized applications. The worker Node has the following components.
kubelet
kube-proxy
Container runtime
Control Plane Component
1️⃣ Kube-API server
The kube-API server is the central hub of the Kubernetes cluster that exposes the Kubernetes API.
End users, and other cluster components, talk to the cluster via the API server. Very rarely monitoring systems and third-party services may talk to API servers to interact with the cluster.
It is used to authenticate users, validate requests, retrieve data, expose the cluster API endpoint and handle all API requests, update ETCD, and communicate with other components of the cluster.
2️⃣ETCD
Kubernetes is a distributed system and it needs an efficient distributed database like etcd that supports its distributed nature. It acts as both a backend service discovery and a database. You can call it the brain of the Kubernetes cluster.
It contains all the information related to Nodes, Pods, Configs, Secrets, Accounts, Bindings etc.
Key Value Datastore.
etcd stores all objects under the /registry directory in key-value format.
For example, information on a pod named nginx in the default namespace can be found under /registry/pods/default/nginx
ETCD CTL is a CLI tool used to interact with ETCD server.
3️⃣ Kube-Scheduler
The kube-scheduler is responsible for scheduling pods on worker nodes.
It just decides which pod to place on which node based on the CPU, RAM, and resources on the CPU.
The scheduler’s primary task is to identify the create request and choose the best node for a pod that satisfies the requirements.
Kubelet places the nodes after the scheduler decides.
The right container/Pod is sent to the right ship/Node.
4️⃣ Kube Controller Manager
It is a component that manages all the Kubernetes controllers.
Kubernetes resources/objects like pods, namespaces, jobs, replicaset are managed by respective controllers. Also, the kube scheduler is also a controller managed by Kube controller manager.
It continuously monitors various components of the cluster and works towards managing/restoring to the desired state.
Node Controller:
Communicate with kube api server and manages nodes. [Every 5 seconds]
Checks again for 40 seconds and then marks as "Unreachable".
After 5 minutes it replaces.
Replication Controller:
Responsible for monitoring the status of the replica set.
Ensure that desired no. of pods are available at the required time.
Deployment Controller, DaemonSet Controller, Job Controller, Endpoints Controller, Namespace Controller, and CronJob Controller are built-in Kubernetes Controllers.
5️⃣ Cloud Controller Manager (CCM)
When Kubernetes is deployed in cloud environments, the cloud controller manager acts as a bridge between Cloud Platform APIs and the Kubernetes cluster.
This way the core Kubernetes core components can work independently and allow the cloud providers to integrate with Kubernetes using plugins. (For example, an interface between Kubernetes cluster and AWS cloud API)
Cloud controller integration allows Kubernetes cluster to provision cloud resources like instances (for nodes), Load Balancers (for services), and Storage Volumes (for persistent volumes).
Worker Node Component
1️⃣ Kubelet
Kubelet is an agent component that runs on every node in the cluster. It does not run as a container instead runs as a daemon, managed by systemd. It registers the Node with the Pod.
Kubelet monitors the status of the Pods and reports to the Kube API server.
Kubelet needs to be installed on Worker Node.
2️⃣ Kube Proxy
Kube-proxy is a daemon that runs on every node as a daemon set. It is a proxy component that implements the Kubernetes Services concept for pods. (single DNS for a set of pods with load balancing).
Thus Pod network allows us to connect/communicate Pods for each other by Pod IP.
Kube proxy talks to the API server to get the details about the Service (ClusterIP) and respective pod IPs & ports (endpoints). It also monitors for changes in service and endpoints.
Kube Proxy runs on each Node, using IP tables rules so that any service can connect to pods from outside.
3️⃣ Container Runtime
Container runtime runs on all the nodes in the Kubernetes cluster. It is responsible for pulling images from container registries, running containers, allocating and isolating resources for containers, and managing the entire lifecycle of a container on a host.
Container Runtime Interface (CRI):
It is a set of APIs that allows Kubernetes to interact with different container runtimes. It allows different container runtimes to be used interchangeably with Kubernetes.
The CRI defines the API for creating, starting, stopping, and deleting containers, as well as for managing images and container networks.
Open Container Initiative (OCI):
- It is a set of standards for container formats and runtimes
containerd:
- Docker Engine uses containerd which pulls images from registries, manages them and gives them to Lower-Level Runtime(Host)
CRI-O:
- CRI-O is an implementation of the Kubernetes Container Runtime Interface (CRI) to enable using Open Container Initiative (OCI) compatible runtimes. and alternative to containerd.
Kubernetes Objects
1️⃣ Pods
Kubernetes doesn't deploy containers directly, it is encapsulated in Pods.
The smallest object you can create in K8s.
New Pods are created in case of we need to scale our application
New Node is added to the cluster in case further scaling is needed.
We can have multi-container Pods as well as a side-cav container or Helper container
2️⃣ Replica Sets
To prevent users from losing access to the app, the replication controller gives high availabilities.
Helps in Pods Balancing and Scaling.
3️⃣ Deployment
Pods deploy single instances of an application
Deployment allows updating the pod's infrastructure with Replicas, rolling updates etc.
4️⃣ Services
Helps to connect our application with other applications/ databases etc.
Task 4️⃣: What is Control Plane?
In Kubernetes, the Control Plane is a set of components that collectively manage the state of the cluster. It includes several core components such as the API server, etcd, kube-scheduler, kube-controller-manager, and cloud-controller-manager.
The API server is the front end of the Kubernetes control plane and provides a consistent interface for managing the cluster. etcd is a distributed key-value store that stores the configuration and state information for the entire cluster. The kube-scheduler schedules workloads onto available nodes in the cluster, while the kube-controller-manager manages various controllers that regulate the state of the cluster.
The cloud controller manager manages interactions between Kubernetes and the underlying cloud infrastructure, providing features such as load balancers, storage volumes, and virtual networks. Together, these components form the Control Plane and provide the foundation for the management and orchestration of containerized applications in Kubernetes.
Task 5️⃣: Difference between kubectl and kubelets
Kubectl and kubelet are both command-line tools used in Kubernetes, but they serve different purposes.
Kubectl is the command-line interface used to interact with the Kubernetes API server, which is the control plane component responsible for managing the state of the cluster. With kubectl, users can deploy, manage, and monitor Kubernetes resources, such as pods, services, and deployments.
On the other hand, kubelet is the agent that runs on each node in the cluster and is responsible for managing the state of the containers running on that node. It communicates with the control plane to receive instructions on which containers to run and how to configure them. The kubelet ensures that the containers are running and healthy, and reports their status back to the control plane.
Task 6️⃣: Explain the role of the API server
The API server is a core component of the Kubernetes control plane that serves as the front end for the Kubernetes API. It provides a RESTful interface for managing the state of the cluster, allowing users to create, read, update, and delete Kubernetes objects such as pods, services, and deployments.
The API server validates and processes requests from clients such as kubectl and kubelet, and ensures that the desired state of the cluster is maintained. It also provides authentication, authorization, and admission control mechanisms to secure the cluster and enforce policies on resource usage.
Thank You,
I want to express my deepest gratitude to each and every one of you who has taken the time to read, engage, and support my journey.
Feel free to reach out to me if any corrections or add-ons are required on blogs. Your feedback is always welcome & appreciated.
~ Abhisek Moharana 😊