Introduction and Fundamentals
What is Kubernetes?
Overview: Kubernetes is a container orchestration platform for automating the deployment, scaling, and operations of application containers.
Key Concepts:
Cluster: A group of nodes.
Master Node: Manages the cluster.
Worker Nodes: Run the application Pods.
Pod: The smallest deployable unit in Kubernetes, encapsulating containers.
Kubernetes Architecture
Kubernetes is built with a modular architecture designed to manage containerized applications effectively. Below is an overview of its architecture and components:
1. Kubernetes Cluster
A Kubernetes cluster consists of:
Control Plane: Manages the cluster.
Worker Nodes: Execute workloads as containers.
2. Control Plane Components
The control plane is responsible for maintaining the desired state of the cluster and managing workloads. Key components include:
API Server (kube-apiserver)
Purpose: Acts as the entry point for all administrative tasks.
Features:
Serves the Kubernetes REST API.
Authenticates and validates requests.
Updates the etcd datastore with the cluster's desired state.
Cluster Store (etcd)
Purpose: A distributed key-value store that holds all cluster data, including configuration and state.
Key Characteristics:
Ensures consistency across the cluster.
Highly available and fault-tolerant.
Controller Manager (kube-controller-manager)
Purpose: Runs multiple controllers to ensure that the cluster state matches the desired state.
Controllers Include:
Node Controller: Monitors node health.
Replication Controller: Maintains the correct number of replicas.
Endpoint Controller: Updates endpoint objects.
Service Account and Token Controllers: Manages access tokens.
Scheduler (kube-scheduler)
Purpose: Assign Pods to Nodes based on resource requirements and constraints.
Scheduling Factors:
Resource availability (CPU, memory).
Node affinity or anti-affinity rules.
Taints and tolerations.
3. Worker Node Components
Worker nodes are responsible for running application workloads. Main components include:
Kubelet
Purpose: Acts as the agent on each worker node.
Features:
Ensures containers in Pods are running as defined in the PodSpec.
Communicates with the API Server.
Kube-Proxy
Purpose: Manages network connectivity within and outside the cluster.
Features:
Maintains rules for network traffic forwarding.
Supports Services by routing requests to appropriate Pods.
Container Runtime
Purpose: Responsible for running containers.
Examples:
Docker
Containers
CRI-O
4. Kubernetes Objects
Kubernetes uses objects to represent the desired state of the cluster. Key objects include:
Pods: The smallest deployable unit.
Deployments: Manages stateless applications.
StatefulSets: Manages stateful applications.
DaemonSets: Ensures a copy of a Pod runs on all or specific nodes.
Jobs: Executes one-time tasks.
Services: Provides stable networking for Pods.
5. Networking in Kubernetes
CNI (Container Network Interface): Provides networking plugins (e.g., Calico, Flannel).
Cluster Networking: Ensures communication between Pods, services, and external clients.
6. Add-ons
Additional tools for cluster functionality:
DNS: CoreDNS for internal service discovery.
Monitoring: Prometheus and Grafana.
Ingress Controller: Manages external HTTP/S traffic.
Setting up Kubernetes
https://github.com/Roit15/k8s.git Clone this repository for a streamlined, one-click Kubernetes setup experience.
Pre-requisites:
- Install Docker
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
Install Docker:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
- Install Minikube:
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube && rm minikube-linux-amd64
Start Minikube:
sudo usermod -aG docker $USER && newgrp docker
minikube start
- Install kubectl:
Download and install:
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256"
echo "$(cat kubectl.sha256) kubectl" | sha256sum --check
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
chmod +x kubectl
mkdir -p ~/.local/bin
mv ./kubectl ~/.local/bin/kubectl
kubectl version --client
Running Your First Pod
Create a simple Pod:
kubectl run nginx --image=nginx --port=80
Check Pod status:
kubectl get pods
Access Pod logs:
kubectl logs <pod-name>
Namespaces
Namespaces are a way to organize and isolate resources within a Kubernetes cluster. They are virtual clusters backed by the same physical cluster.
Key Features:
Resource Isolation: Separate environments within the same cluster.
Efficient Management: Grouping resources like Pods, Services, and Deployments.
Scoped Resource Access: Role-based access control (RBAC) per namespace.
Predefined Namespaces:
default: Used when no other namespace is specified.kube-system: For system-level resources.kube-public: Public resources accessible to all users.kube-node-lease: Manages node lease objects.
Example YAML:
apiVersion: v1
kind: Namespace
metadata:
name: dev-environment
Deployments
Create a Deployment YAML file:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: my-namespace
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.19.0
ports:
- containerPort: 80
Apply the Deployment:
kubectl apply -f deployment.yaml
ReplicaSet
A ReplicaSet ensures that a specified number of Pod replicas are running at any given time.
Key Features:
High Availability: Maintains reliability and fault tolerance.
Self-Healing: Automatically creates new Pods if existing ones fail.
Example YAML:
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: my-replicaset
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: nginx
Scale ReplicaSet:
kubectl scale --replicas=6 -f replicaset.yaml
Services
1. ClusterIP (Default Service Type)
Purpose: Exposes the service to other resources inside the cluster.
Use Case: Internal communication between Pods.
Example YAML:
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: my-app
ports:
- protocol: TCP
port: 80
targetPort: 8080
type: ClusterIP
2. NodePort
- Purpose: Exposes the service to the external network by opening a specific port on each node.
Example YAML:
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: my-app
ports:
- protocol: TCP
port: 80
targetPort: 8080
nodePort: 30007
type: NodePort
3. LoadBalancer
- Purpose: Exposes the service to the internet through a cloud provider's load balancer.
Example YAML:
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: my-app
ports:
- protocol: TCP
port: 80
targetPort: 8080
type: LoadBalancer
Apply the Service:
kubectl apply -f service.yaml
Check the Service:
kubectl get services