Demystifying Kubernetes: A Guide for Developers

In today’s fast-paced world of software development, building and deploying applications that are scalable, resilient, and easily manageable is essential. Kubernetes, an open-source container orchestration platform, has emerged as a game-changer in the world of cloud-native development. In this blog post, we will explore how Kubernetes empowers developers to build and deploy applications efficiently while ensuring scalability, high availability, and seamless automation.

What is Kubernetes:

Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It provides a robust framework for managing and running applications across a cluster of machines.

How can we setup the dev environment for K8s:

Setting up a development environment for Kubernetes involves a few key steps.

1. Docker setup: https://docs.docker.com/engine/install/
2. Kubectl installation: https://kubernetes.io/docs/tasks/tools/
3. Minikube setup or : https://minikube.sigs.k8s.io/docs/start/
4. Any K8s cloud service provider (AKS, EKS)

Components of Kubernetes:

Image source: CNCF

Master Components:

• API Server: Exposes the Kubernetes API, handles requests, and serves as the front-end for the Kubernetes control plane
• etcd: A distributed key-value store that stores the cluster’s configuration data and represents the cluster’s state.
• Controller Manager: Manages various controllers responsible for maintaining the desired state of the cluster, such as Node Controller, ReplicaSet Controller, and Deployment Controller.
• Scheduler: Assigns pods to nodes based on resource requirements, node availability, and other constraints.

Node Components:

• Kubelet: The primary agent running on each node, responsible for managing containers, communicating with the control plane, and ensuring the desired state of pods.
• Container Runtime: The software responsible for running containers, such as Docker, containerd, or CRI-O.
• Kube-proxy: Manages network routing, load balancing, and service discovery within the cluster.

Add-Ons and Networking:

• DNS: Provides DNS-based service discovery for pods and services within the cluster.
• Ingress Controller: Manages external access to services within the cluster by routing and forwarding incoming traffic.
• Network Plugin: Implements networking capabilities, enabling communication between pods and external networks. Examples include Calico, Flannel, and Cilium.

Storage:

• Volume Plugins: Provide different types of storage volumes that can be attached to pods, such as emptyDir, hostPath, NFS, or cloud-specific volume types.
• Persistent Volume: Represents a piece of network-attached storage in the cluster that can be dynamically provisioned and consumed by pods.
• Persistent Volume Claim: A request for a specific amount and type of storage from a Persistent Volume.

Monitoring and Logging:

• Metrics Server: Collects resource utilization metrics from the cluster’s nodes and pods.
• Prometheus: A popular open-source monitoring and alerting toolkit used for collecting and analyzing metrics.
• Elasticsearch and Fluentd: Often used in combination to collect, aggregate, and analyze logs generated by pods and containers.

Security:

• Service Account: Provides an identity for processes running in a pod and determines the permissions they have within the cluster.
• Role-Based Access Control (RBAC): Defines and manages access controls to Kubernetes resources based on roles and role bindings.
• Network Policies: Specify how pods can communicate with each other and with other network endpoints, enforcing security policies at the network level.

Cluster Management:

• Cluster Autoscaler: Automatically adjusts the size of the cluster by adding or removing nodes based on resource demands.
• Horizontal Pod Autoscaler (HPA): Automatically scales the number of pod replicas based on CPU or custom metrics.
• Kubernetes Dashboard: Provides a web-based graphical interface for managing and monitoring the cluster.

I hope you can follow up and understand the important components of K8s

Cool, let’s proceed further!!!.

key concepts of Kubernetes:

Pods: The smallest unit in Kubernetes, representing one or more containers running together on a shared network and storage. Pods are the basic building blocks of applications.

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
  - name: my-container
    image: nginx
    ports:
    - containerPort: 80

ReplicaSets: A controller that ensures a specified number of identical pod replicas are running at all times. It helps with scaling and high availability.

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: my-replicaset
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx
        ports:
        - containerPort: 80

Deployments: A higher-level abstraction that manages ReplicaSets and provides declarative updates to pods. Deployments allow rolling updates and rollbacks of application changes.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx
        ports:
        - containerPort: 80

Services: An abstraction that provides a stable network endpoint to access one or more pods. Services enable load balancing and service discovery within a cluster.

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: ClusterIP

Namespaces: A way to logically divide a Kubernetes cluster into multiple virtual clusters. Namespaces help in organizing and isolating resources, allowing multiple teams or projects to use the same cluster securely.

apiVersion: v1
kind: Namespace
metadata:
  name: my-namespace

ConfigMaps: A configuration mechanism to decouple configuration data from container images. ConfigMaps store key-value pairs or configuration files that can be consumed by pods.

apiVersion: v1
kind: ConfigMap
metadata:
  name: my-configmap
data:
  key1: value1
  key2: value2

Secrets: Similar to ConfigMaps, Secrets store sensitive information such as passwords, tokens, or certificates. They are encoded or encrypted to protect the data.

apiVersion: v1
kind: Secret
metadata:
  name: my-secret
type: Opaque
data:
  username: <base64-encoded-username>
  password: <base64-encoded-password>

Volumes: A directory accessible to containers within a pod, used to persist data or share files between containers. Kubernetes supports various types of volumes, such as emptyDir, hostPath, persistentVolumeClaim, etc.

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
  - name: my-container
    image: nginx
    volumeMounts:
    - name: data-volume
      mountPath: /data
  volumes:
  - name: data-volume
    emptyDir: {}

Persistent Volumes (PV): A cluster-wide storage abstraction that provides storage resources for persistent data. PVs are provisioned and managed separately from pods.

apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv
spec:
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: /data/my-pv

Persistent Volume Claims (PVC): A request for a specific amount and type of storage resource from a PV. PVCs allow pods to dynamically request storage without knowing the details of the underlying storage implementation.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

StatefulSets: An extension of ReplicaSets designed for stateful applications that require stable network identities and ordered deployment/scaling.

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: my-statefulset
spec:
  replicas: 3
  serviceName: my-service
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx
        ports:
        - containerPort: 80

DaemonSets: A controller that ensures a copy of a pod is running on each node in the cluster. DaemonSets are useful for running monitoring agents, log collectors, or other system-level tasks.

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: my-daemonset
spec:
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx
        ports:
        - containerPort: 80

Ingress: An API object that manages external access to services within a cluster. It allows inbound traffic routing and SSL termination at the edge of the cluster.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              number: 80

Labels and Selectors: Labels are key-value pairs attached to Kubernetes objects to identify and group related resources. Selectors are used to filter and select objects based on their labels.

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
  labels:
    app: my-app
spec:
  containers:
  - name: my-container
    image: nginx
    ports:
    - containerPort: 80

That’s it guys. We completed our basics of K8s Components and concepts.

Hope this article is helpful to you. We will catch up on upcoming articles.

Follow Veerasolaiyappan for the more insightful knowledge content