Kubernetes

Kubernetes is a container (Private) orchestrator. It's open source software (Private), written in Go (Private), for orchestration of containers (Private). It was originally developed by Google, and it's governed by the Cloud Native Computing Foundation.

It's built on the lessons learned from the Borg and google.omega (Private) platforms Google uses to maintain its production workloads, but isn't a direct descendent.

The name Kubernetes, often abbreviated to K8s, comes from the Greek word for "Helmsman", though its name was originally Seven of Nine in reference to a rescued Borg drone. The seven spokes in the logo are a reference to the former name.

Benefits

  • Enhanced developer experience:
    • Accelerate developer on-boarding through common infrastructure.
    • More accurate, and easier, emulation of production.
  • More reliable operations:
    • Codified deployments are easy to move between environments.
    • Managed deployment model with automated rollout and versioning.
    • Deployments can be made self-healing.
    • Easier scaling, as the underlying compute is decoupled from the logical view of a deployment.

Architecture

Kubernetes clusters are made up of a series of nodes which are maintained by the control plane. Clusters are made up of two types of nodes, each specialised for a role:

  • Master nodes, head nodes, or control plane nodes run the control plane and are responsible for managing the state of the cluster.
    • The API Server exposes a REST API for interacting with the cluster control plane, both for kubelets and external clients. This is the sole component which directly communicates with etcd.
    • The Controller Manager performs control loops, communicating with the API Server, determining changes that need to be made to make the cluster's actual state reach the goal state.
    • The Scheduler binds Pods to Nodes, communicating with the API Server.
  • Worker nodes, often referred to as workers or just nodes, execute containers.
    • The kubelet is the agent responsible for reporting node state and requesting work from the control plane.
    • Container runtimes execute the containers.

All Nodes, regardless of role, are responsible for their own networking.

  • kube-proxy configures the node's host firewall (a backend) to enable traffic to be routed to services in line with Services' endpoints.

Configuration

Configuration is stored in etcd.

Controllers

See controllers.

Objects

Kubernetes stores its view of the desired state as a series of related objects. Objects can reference other objects via selectors targeting their labels. The creation of an object can trigger Controllers which will create additional objects, forming a common use case for CRDs.

Objects are identified through several means:

  • A unique name assigned at creation time.
  • A unique server-generated object ID.
  • A parent namespace is used to create security, naming/organisational and resource allocation boundaries. Not all objects are namespaced!
  • Labels contain data used to locate objectsL e.g. for administration of the cluster, matching pods to controllers and matching pods to appropriate nodes when scheduling.
  • Annotations are used by people and tooling to make decisions about objects. It's commonly used to embed information from external sources (e.g. source code management or build tools containing versioning information) to make the cluster self-contained and avoid integrations. Unlike labels, it's not possible to search for objects by annotations.

Objects can be defined either statefully using manifests or imperatively via the CLI.

Some common objects are defined in:

Namespaces

See namespaces.

Networking

See networking.

Cluster setup

Different deployment tools are used to deploy Kubernetes to different environments:

  • `kubeadm` is best suited to deploying on bare metal, and is general enough to be usable in most settings.
  • kops currently only supports AWS.
  • AKS Engine can be used to deploy to Azure.
  • Minikube configures a single-node deployment for use in development environments.
  • Docker Desktop embeds a single-node Kubernetes cluster for use in development environments.
  • kind sets up a Kubernetes cluster using Docker containers to host Nodes, and is geared towards testing Kubernetes itself.

Administration

`kubectl` is the administrative client for Kubernetes.

*[API]: Application Programming Interface


Children
  1. API Server
  2. Authentication
  3. CRDs
  4. ConfigMaps
  5. Configuration
  6. Container Runtime Interface
  7. Control plane
  8. Controllers
  9. CronJobs
  10. DaemonSets
  11. Dashboard
  12. Deployments
  13. ExternalDNS
  14. HPA
  15. Ingress
  16. Jobs
  17. Kind
  18. Kubeconfig
  19. Kubelet
  20. Manifests
  21. Minikube
  22. Namespaces
  23. Networking
  24. Node
  25. Operators
  26. PersistentVolumeClaim
  27. PersistentVolumes
  28. PodDisruptionBudgets
  29. Pods
  30. RBAC
  31. ReplicaSets
  32. ReplicationControllers
  33. Scheduler
  34. Secrets
  35. Secrets Store CSI Driver
  36. Selectors
  37. ServiceAccounts
  38. Services
  39. StatefulSets
  40. Storage
  41. kube-proxy
  42. kube-vip
  43. kubeadm
  44. kubectl

Backlinks