Kubernetes is a framework Google created, now an open source software managed by CNCF.
Its a Container Orchestration, which helps to manage 1000s of containers. It provides means to host multiple services which are required to manage Production deployments, like Security, High Availability, Storage, Authentication, DNS Resolutions among others.
In Kubernetes, Pod is a logical component, which is an abstraction over the containers. Each node/VM can contain multiple pods, with each pod containing one or more containers. All containers in each pod share the same IP Address with different ports. The Work being done is the Container, and the Worker is the VM/host machine where the actual work is being done.
Kubernetes Architecture consists of Master and Worker Nodes.
Master consists of 4 components.
- apiserver : This manages 1000s of APIs, which are required to manage the work. Uses REST interface and supports JSON. This is SOURCE of TRUTH.
- Controller Manager : This delegates the work to each node, which checks the status of specific task that is allocated and reports back to apiserver.
- etcd : This is Storage component, which maintains all status, and updates of each node in the cluster. The apiserver writes all the information that it receives into etcd.
- Scheduler : Schedules the work as configured. There is a default scheduler, that can be overridden and customized as needed.
Worker Nodes consists of following components:
- Pods are logical entity
- Pods contain Containers
- Pods are not created
- Pods are instantiated
- Pods can contain multiple Containers
- LifeCycle of pods are : Pending, Running and Successful/Failed
- Pods are Ephemerel, once destroyed cannot be brought back, but similar pods can be instantiated.
- Atomic Unit of Scheduler
- New pods can be instantiated using the kube config with 'kind' as 'pod'
- Namespaces are logical segregation to ensure the resources are managed efficiently across the cluster.
- Pods are created under a namespace, default is "default' namespace.
- Pods created under one namespace is not visible to other namespaces.
- This controls the number of replicas that are required.
- if we need 5 instances of container, we can create using --replicas=5
- ReplicaSet is same as ReplicationController, but with additional features and bug fixes done over ReplicationController.
This is most commonly used Kind in production. Primarily has 5 features:
Type of deployment.
- “Recreate” - Deletes all pods and recreates new ones with new version. Some down time is observed.
- “RollingUpdate”. Default is RollingUpdate. - Deletes few older versions of pods, and exchanges with newer version of pods. No downtime, since exact number of pods are always available.
Deploys one pod per Node. Useful for having single instances like logging, printing, etc
Runs the job as per the configured schedule.
- Its a key value pair created at cluster level
- Can be accessed by attaching the configmap to a pod
- Containers can access this by using the VolumeMounts
- Network Load Balancing
- Redirects the requests only to healthy pods
- The LABEL of the pods should match the Selector level of Service label
- ClusterIP - Exposes the cluster IP to redirect the request at pod level. This Service is inside the Cluster
- NodePort - Exposes the ports at each Node level. This Service is inside the Cluster
- LoadBalancer - Exposes the DNS name and IP to manage the traffic to the cluster. This Service is Outside the Cluster, created by Cloud Admin.
- Maintains order, name of pods
- Remembers the PV that was used and re-attaches to same one
- Web Hook