Demystifying Kubernetes: A Guide for Developers
In today’s fast-paced world of software development, building and deploying applications that are scalable, resilient, and easily manageable is essential. Kubernetes, an open-source container orchestration platform, has emerged as a game-changer in the world of cloud-native development. In this blog post, we will explore how Kubernetes empowers developers to build and deploy applications efficiently while ensuring scalability, high availability, and seamless automation.
What is Kubernetes:
Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It provides a robust framework for managing and running applications across a cluster of machines.
How can we setup the dev environment for K8s:
Setting up a development environment for Kubernetes involves a few key steps.
- Docker setup: https://docs.docker.com/engine/install/
- Kubectl installation: https://kubernetes.io/docs/tasks/tools/
- Minikube setup or : https://minikube.sigs.k8s.io/docs/start/
- Any K8s cloud service provider (AKS, EKS)
Components of Kubernetes:
Image source: CNCF
Master Components:
- API Server: Exposes the Kubernetes API, handles requests, and serves as the front-end for the Kubernetes control plane
- etcd: A distributed key-value store that stores the cluster’s configuration data and represents the cluster’s state.
- Controller Manager: Manages various controllers responsible for maintaining the desired state of the cluster, such as Node Controller, ReplicaSet Controller, and Deployment Controller.
- Scheduler: Assigns pods to nodes based on resource requirements, node availability, and other constraints.
Node Components:
- Kubelet: The primary agent running on each node, responsible for managing containers, communicating with the control plane, and ensuring the desired state of pods.
- Container Runtime: The software responsible for running containers, such as Docker, containerd, or CRI-O.
- Kube-proxy: Manages network routing, load balancing, and service discovery within the cluster.
Add-Ons and Networking:
- DNS: Provides DNS-based service discovery for pods and services within the cluster.
- Ingress Controller: Manages external access to services within the cluster by routing and forwarding incoming traffic.
- Network Plugin: Implements networking capabilities, enabling communication between pods and external networks. Examples include Calico, Flannel, and Cilium.
Storage:
- Volume Plugins: Provide different types of storage volumes that can be attached to pods, such as emptyDir, hostPath, NFS, or cloud-specific volume types.
- Persistent Volume: Represents a piece of network-attached storage in the cluster that can be dynamically provisioned and consumed by pods.
- Persistent Volume Claim: A request for a specific amount and type of storage from a Persistent Volume.
Monitoring and Logging:
- Metrics Server: Collects resource utilization metrics from the cluster’s nodes and pods.
- Prometheus: A popular open-source monitoring and alerting toolkit used for collecting and analyzing metrics.
- Elasticsearch and Fluentd: Often used in combination to collect, aggregate, and analyze logs generated by pods and containers.
Security:
- Service Account: Provides an identity for processes running in a pod and determines the permissions they have within the cluster.
- Role-Based Access Control (RBAC): Defines and manages access controls to Kubernetes resources based on roles and role bindings.
- Network Policies: Specify how pods can communicate with each other and with other network endpoints, enforcing security policies at the network level.
Cluster Management:
- Cluster Autoscaler: Automatically adjusts the size of the cluster by adding or removing nodes based on resource demands.
- Horizontal Pod Autoscaler (HPA): Automatically scales the number of pod replicas based on CPU or custom metrics.
- Kubernetes Dashboard: Provides a web-based graphical interface for managing and monitoring the cluster.
I hope you can follow up and understand the important components of K8s
Cool, let’s proceed further!!!.
key concepts of Kubernetes:
Pods: The smallest unit in Kubernetes, representing one or more containers running together on a shared network and storage. Pods are the basic building blocks of applications.
apiVersion: v1
kind: Pod
metadata:
name: my-pod
spec:
containers:
- name: my-container
image: nginx
ports:
- containerPort: 80
ReplicaSets: A controller that ensures a specified number of identical pod replicas are running at all times. It helps with scaling and high availability.
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: my-replicaset
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: nginx
ports:
- containerPort: 80
Deployments: A higher-level abstraction that manages ReplicaSets and provides declarative updates to pods. Deployments allow rolling updates and rollbacks of application changes.
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: nginx
ports:
- containerPort: 80
Services: An abstraction that provides a stable network endpoint to access one or more pods. Services enable load balancing and service discovery within a cluster.
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: my-app
ports:
- protocol: TCP
port: 80
targetPort: 80
type: ClusterIP
Namespaces: A way to logically divide a Kubernetes cluster into multiple virtual clusters. Namespaces help in organizing and isolating resources, allowing multiple teams or projects to use the same cluster securely.
apiVersion: v1
kind: Namespace
metadata:
name: my-namespace
ConfigMaps: A configuration mechanism to decouple configuration data from container images. ConfigMaps store key-value pairs or configuration files that can be consumed by pods.
apiVersion: v1
kind: ConfigMap
metadata:
name: my-configmap
data:
key1: value1
key2: value2
Secrets: Similar to ConfigMaps, Secrets store sensitive information such as passwords, tokens, or certificates. They are encoded or encrypted to protect the data.
apiVersion: v1
kind: Secret
metadata:
name: my-secret
type: Opaque
data:
username: <base64-encoded-username>
password: <base64-encoded-password>
Volumes: A directory accessible to containers within a pod, used to persist data or share files between containers. Kubernetes supports various types of volumes, such as emptyDir, hostPath, persistentVolumeClaim, etc.
apiVersion: v1
kind: Pod
metadata:
name: my-pod
spec:
containers:
- name: my-container
image: nginx
volumeMounts:
- name: data-volume
mountPath: /data
volumes:
- name: data-volume
emptyDir: {}
Persistent Volumes (PV): A cluster-wide storage abstraction that provides storage resources for persistent data. PVs are provisioned and managed separately from pods.
apiVersion: v1
kind: PersistentVolume
metadata:
name: my-pv
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data/my-pv
Persistent Volume Claims (PVC): A request for a specific amount and type of storage resource from a PV. PVCs allow pods to dynamically request storage without knowing the details of the underlying storage implementation.
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: my-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
StatefulSets: An extension of ReplicaSets designed for stateful applications that require stable network identities and ordered deployment/scaling.
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: my-statefulset
spec:
replicas: 3
serviceName: my-service
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: nginx
ports:
- containerPort: 80
DaemonSets: A controller that ensures a copy of a pod is running on each node in the cluster. DaemonSets are useful for running monitoring agents, log collectors, or other system-level tasks.
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: my-daemonset
spec:
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: nginx
ports:
- containerPort: 80
Ingress: An API object that manages external access to services within a cluster. It allows inbound traffic routing and SSL termination at the edge of the cluster.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress
spec:
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-service
port:
number: 80
Labels and Selectors: Labels are key-value pairs attached to Kubernetes objects to identify and group related resources. Selectors are used to filter and select objects based on their labels.
apiVersion: v1
kind: Pod
metadata:
name: my-pod
labels:
app: my-app
spec:
containers:
- name: my-container
image: nginx
ports:
- containerPort: 80
That’s it guys. We completed our basics of K8s Components and concepts.
Hope this article is helpful to you. We will catch up on upcoming articles.
Follow Veerasolaiyappan for the more insightful knowledge content