Kubernetes

Kubernetes (K8s in short) is an open-source container orchestration platform introduced by Google in 2014. It is a successor of Borg, Google’s in-house orchestration system that accumulated over a decade of the tech giant’s experience of running large enterprise workloads in production. In 2014, Google decided to further container ecosystem by sharing Kubernetes with the cloud native community. Kubernetes became the first graduated project of the newly created Cloud Native Community Foundation (CNCF), an organization conceived by Google and the Linux Foundation as the main driver of the emerging cloud native movement.

Kubernetes Master Node

A Kubernetes master runs Control Plane, responsible for maintaining the desired state of the cluster,

ComponentDescription
EtcdThis is a data store used by Kubernetes to store all information about the cluster. It’s critical for keeping everything up to date
kube-apiserverThis component exposes Kubernetes API to users allowing them to create API resources, run applications, and configure various parameters of the cluster.
kube-controller-managerThe component that manages API objects created by users. It makes sure that the actual state of the cluster always matches the desired state
kube-schedulerThis component is responsible for scheduling user workloads on the right infrastructure. When scheduling applications, kube-scheduler considers various factors such as available node resources, node health, and availability, as well as user-defined constraints.
cloud-controller-managerThis component embraces various controllers, all of which interact with the cloud providers’ APIs.

Kubernetes Worker Node

It is a physical server or you can say a VM which runs the applications using Pods which is controlled by the master node.

ComponentDescription
kubeletThe Kubelet is responsible for managing the deployment of pods to Kubernetes nodes. It receives commands from the API server and instructs the container runtime to start or stop containers as needed.
kube-proxyA network proxy running on each Kubernetes node. It is responsible for maintaining network rules on each node. Network rules enable network communication between nodes and pods. Kube-proxy can directly forward traffic or use the operating system packet filter layer.
Container runtimeThe software layer responsible for running containers. There are several container runtimes supported by Kubernetes, including Containerd, CRI-O, Docker, and other Kubernetes Container Runtime Interface (CRI) implementations.

Kubernetes Resource Objects

Kubernetes Objects are persistent entities in the Kubernetes system that represent an intent (desired state) and the status (actual state) of the cluster.

The kubectl api-resources command actually lists not API resources but known types of Kubernetes Objects.

 1kubectl api-resources
 2
 3# output 
 4NAME                 SHORTNAMES   APIVERSION    NAMESPACED   KIND
 5bindings                          v1            true         Binding
 6componentstatuses    cs           v1            false        ComponentStatus
 7configmaps           cm           v1            true         ConfigMap
 8endpoints            ep           v1            true         Endpoints
 9events               ev           v1            true         Event
10limitranges          limits       v1            true         LimitRange

Kubernetes Resource Objects defination

Kubernetes Object Schema

FieldDescription
API versionSpecifies the version of the Kubernetes API that you are using to create this object. For example, apps/v1 for Deployments. (Alpha - v1alpha1/ Beta - v2beta3 /Stable - v1 )
KindDefines the type of Kubernetes resource you are creating.
MetadataMetadata describes higher-level information about the object — e.g., its name, what namespace it lives in, or whether it defines labels and annotations.
SpecThe specification (“spec” for short) declares the desired state
StatusThe status describes the actual state of an object. The Kubernetes controllers and their reconcilliation loops constantly try to transition a Kubernetes object from the desired state into the actual state.

Kubernetes Resource Objects defination approach

Imperative Approach

1kubectl run frontend --image=nginx --restart=Never --port=80

Declarative Approach

1vim pod.yaml
2kubectl create -f pod.yaml

Hybrid Approach

1kubectl run frontend --image=nginx --restart=Never --port=80 -o yaml --dry-run=client > pod.yaml
2kubectl create -f pod.yaml

Kubernetes Comman Resource Objects

  • ReplicaSets: Ensures that a specified number of pod replicas are running at any given time.
  • Pods: The smallest deployable units in Kubernetes, which encapsulate one or more containers.
  • Deployments: Manages ReplicaSets and provides declarative updates for Pods.
  • StatefulSets: Manages stateful applications, providing guarantees about the ordering and uniqueness of Pods.
  • DaemonSets: Ensures that a copy of a Pod is running on all (or some) nodes in the cluster.
  • Jobs: Creates one or more Pods and ensures that a specified number of them successfully terminate.
  • CronJobs: Runs Jobs on a time-based schedule.
  • Services: Defines a logical set of Pods and a policy by which to access them, enabling network access to Pods.
  • Ingress: Manages external access to services, typically HTTP, and provides load balancing, SSL termination, and name-based virtual hosting.
  • NetworkPolicies: Controls the communication between Pods and/or Services based on rules.
  • ConfigMaps: Provides a way to inject configuration data into Pods.
  • Secrets: Stores sensitive information, such as passwords, OAuth tokens, and SSH keys, and makes it available to Pods.
  • Volumes: Manages storage resources that Pods can use, including persistent and ephemeral storage options.
  • PersistentVolumes (PVs): Represents a piece of storage in the cluster that has been provisioned by an administrator.
  • PersistentVolumeClaims (PVCs): A request for storage by a user.
  • Namespaces: Provides a mechanism for isolating resources within the cluster.
  • ResourceQuotas: Limits the amount of resources (e.g., CPU, memory) that can be consumed by resources in a namespace.
  • LimitRanges: Sets constraints on the resource requests and limits for Pods and Containers within a namespace.
  • ServiceAccounts: Provides an identity for Pods to interact with the Kubernetes API and other resources.
  • Roles and RoleBindings: Define and bind sets of permissions to users or ServiceAccounts for access control within a namespace.
  • ClusterRoles and ClusterRoleBindings: Define and bind sets of permissions cluster-wide.
  • HorizontalPodAutoscalers (HPAs): Automatically scales the number of Pods in a Deployment or ReplicaSet based on CPU utilization or other select metrics.
  • VerticalPodAutoscalers (VPAs): Adjusts the resource requests and limits of Pods based on usage patterns.
  • PodDisruptionBudgets (PDBs): Ensures that a certain number or percentage of Pods remain available during voluntary disruptions.
  • Endpoints: Represents a set of network endpoints (i.e., IP addresses and ports) for a Service.
  • CustomResourceDefinitions (CRDs): Allows users to define and manage custom resources in the Kubernetes API.
  • Helm Charts: While not a native Kubernetes resource, Helm is a package manager for Kubernetes that uses charts to define, install, and manage Kubernetes applications.