Kubernetes is greek for “Captain” or “Pilot”. Kubernetes was born in Google. It was donated to CNCF in 2014 (open source). It is written in Go language. It focuses on building a robust platform for running thousands of containers in production.
Kubernetes repository is available in github @ https://github.com/kubernetes/kubernetes
What is Kubernetes?
Kubernetes (or just K8s) is open source orchestration system for Docker containers. It let us manage containerized applications in a clustered environment. It simplifies devops tasks such as deployment, scaling, configuration, versioning, rolling updates etc. Most of the distributed applications built with scalability in mind, are actually made up of smaller services (called as micro services) and are hosted/run through a Container.
A Container provides an isolated context in which an app/ micro service together with its environment can run. But containers do need to be managed externally and must be scheduled, distributed and load balanced to support the needs of modern apps and infrastructure. Along with this, data persistence and network configuration makes it hard to manage containers and therefore, however powerful containers are, they bring scalability challenges in a clustered environment.
Kubernetes provides a layer over the infrastructure to address these challenges. Kubernetes uses label as name tags to identify its objects (and it can query based on these labels). Labels are open-ended and can be used to indicate role, name or other important attributes.
The controlling services in a Kubernetes cluster are called the master, or control plane, components. It is in charge of the cluster and monitor the cluster, make changes, schedule work, respond to events.
The Kubernetes Master is a collection of four processes that run on a single node in your cluster, which is designated as the master node –
It is brain to the master and is front-end to the master or control plane. Kube-apiserver implements the RESTful API and consumes json via manifest file. Manifest files declare the state of app like record of intent and are validated and deployed on the cluster. It exposes an end point (by default on port 443) so that kubectl (command line utility) can issue commands/queries and run on the master.
It provides persistent storage and is stateful. It uses etcd. It is distributed, consistent and watchable.
etcd – etcd is open source distributed key-value store that serves as the backbone of distributed systems by providing a canonical hub for cluster coordination and state management. Kubernetes uses etcd as the “source of truth” for the cluster. It takes care of storing and replicating data used by Kubernetes across the entire cluster. It is written in Go language and uses Raft protocol, which helps etcd in recovering from hardware failure and network partitions.
Kubernetes controller manager is a daemon that implants the core control loops shipped with Kubernetes. It is a Controller of controllers. It watches the shared state of the cluster through the api server and makes changes attempting to move the current state towards the desired state. Examples of controllers that ship with Kubernetes today are the replication controller, endpoints controller, namespace controller, and service accounts controller. At the point when a change is seen, the controller reads the new information and implements the procedure that fulfills the desired state. This can involve scaling an application up or down, adjusting endpoints, and so forth.
A Replication controller provides a pod template for creating any number of pod copies. It provides logic for scaling pod up or down. It can also be used for rolling deployments.
This is the process that watches api-server for new pods and assigns workloads to specific nodes in the cluster. It is responsible for tracking resource utilization on each host to make sure that workloads are not scheduled in excess of the available resources.
The server that do the actual work are called as Nodes.
Each node in a cluster run two processes –
- the main Kubernetes agent on the node
- registers node with the cluster
- watches api server for work assignment
- instantiate pods for carrying out the work
- reports back to master
- exposes end point on port – 10255. it lets you inspect the specs of a Kubelet
It is like the network brain of the node. It is a network proxy which reflects Kubernetes networking services on each node. It ensures every pod get its own unique IP. if there are multiple containers in a pod, then they all will share same IP. It load balances across all pods in a service.
Pod is the basic building block of Kubernetes and is deployed as a single unit on a node in a cluster. A pod is a ring fenced environment to run containers. Usually, you will run only one container inside a pod but in some case where containers are tightly coupled, you can run two from a pod. A pod is connected via an overlay of network to the rest of environment
Each Pod is assigned a unique IP address. Every container in a Pod shares the network namespace, including the IP address and network ports.
Kubernetes Pods are mortal and when they die they can not be resurrected. As Kubernetes has to maintain the desired state of the app, when pods die/crash or goes down whatever you want to call it, new pods will be added which will have different IP address. This leads to problem with the pod discovery as there is no way to know which pods are added or removed. This brings Service into action. A service is like hiding multiple pods behind a network address. Pods may come and go but the IP address and ports of your service remain same. Any other applications can find your service through Kubernetes service discovery. A Kubernetes Service –
- is persistent
- provides discovery
- load balances
- provides VIP layer
- identifies pods by label selector
A volume represents a location where containers can store and access information. On-disk files in a container are ephemeral and will be lost if a container crashes. Secondly, when running containers together in a Pod it is often indispensable to share files between those containers. A Kubernetes volume will outlive any containers that run with in a pod and data is preserved across container restarts. For applications, volumes appears as part of local file system. Volumes may be backed by other storage backends like local storage, EBS etc
Namespace functions as grouping mechanism within Kubernetes. Services, pods, replication controllers, volumes can easily cooperate within a namespace. It provides a degree of isolation from other part of the cluster. Namespaces are intended for use in environments with many users spread across multiple teams, or projects. Namespaces are a way to divide cluster resources between multiple use.
Kubernetes is exciting!! It is an amazing tool for micro services clustering and orchestration. It is relatively new and under active development. Therefore I believe, it is going to bring lot of functional improvements in how a clustered infrastructure is managed.
If you want to get started with deploying containerized apps to Kubernetes, then minikube is the way to go. minikube is a tool that helps you deploy Kubernetes locally.