KUBERNETES-1

 

                     KUBERNETES-1 (BASICS)

What we will learn,

There are few things which we need to understand before getting involved with Kubernetes,

What is Monolithic application?
What is Hypervisor & type?
What is virtualization?
What is Virtual machine?
What are Micro Services?
What is container?
What are the benefits of Containers?
What are the drawbacks of Containers?
What is containerization?
What is difference between containerization and virtualization?
What is container orchestration?

What is namespace?

 

 
Probably we all used one server with one application architecture. Means thousand applications require thousand servers.
 
Later Hypervisor introduced and changed the deployment overnight; industry has welcomed and accepted the change.
Then the concept of containers arrived and received cordially by organizations. Now everyone is moving towards container.
 
Well this was evolution in few sentences, let’s get in brief.
 
MONOLITHIC:
 
What is Monolithic application?
One server one application,
Traditionally the applications are written as single program, entire codes are bind together. These applications are termed as Monolithic and meant to run on server as individual entity.
 
What does it mean?
 
One executable file to run/install entire application (java/apache/database… whatever required are built in one package.
 
All required components are at one place hence it’s easy for developers to work on development and also helpful in end to end testing.
 
Because of single entity debugging seems easy.
 
Though above are some benefits but there are significant drawbacks also,
 
With time the size of applications increases which added significant time in deployment, debugging getting difficult because even a small part of code replacement needs complete re-deployment.
 
Non functionality of a single part/service will impact on whole application and its availability.
 
Scaling was not possible, if do so then need other server and separate instance of application need to deploy on new servers.
 
Bundling of all components result in slower development because the complete code needs to be rewritten according to upgraded components.
 
These are some advantages/disadvantages of monolithic applications.
 
HYPERVISOR:
 
Later hypervisor introduced, before getting in to Hypervisor we need to understand Virtualization,
 
What is virtualization?
 
Simplest definition is
Converting hardware resources in virtual resource is called virtualization.
 
Like if we have a server with 128G RAM, 64 core cpu, 2TB hdd etc…  If we go with one server/one app then whether it is required by app or not we are bound to provide everything to that app.
 
Here comes virtualization which supports us to distribute every physical resource according to requirement.
 
How it will achieved, via HYPERVISOR.
 
What is hypervisor & its type?
 
Hypervisor is virtualization software which helps to convert phy resources in to virtual resources, also known as a virtual machine monitor or VMM.
 
There are two types of Hypervisor,
 
TYPE1: it’s lightweight operating system which installed directly on bare metal. Ex: VMware ESXi, Microsoft Hyper-V, citrix XenServer, KVM
 
TYPE2: It runs as application on host operating system. Ex: VMware workstation, Oracle Virtual box
 
Now Hypervisor has given power to create multiple VM’s on single server and distribute resources accordingly.
 
It has also ruled the industry for several years but the issue remains same. Still we need to deploy monolithic applications; benefit was the huge reduction in organizations costing.
 
What is Virtual machine?
Virtual machines are same like physical machines, only difference is VM’s are not directly installed on bare metal, they need hypervisor (type1/type2). VM’s have their CPU, RAM, BIOS, HDD, NIC ...etc… VM’s are called guest which run on physical machine called host. Several VM’s with can be created on single host depending upon requirement and server’s HW capacity. Each VM have its own OS and it can be from any vendor which runs independently means host OS having it’s own kernel and guest’s (VM’s) having their own kernel.
 
MICROSERVICES:
 
Applications based on Micro Services.
What are Micro Services?
As the name suggests something based on several services, let’s recall the monolithic where everything was tightly coupled but in Applications based on micro services all components are distributed and loosely coupled.
 
To understand better we can say reverse engineering of monolithic applications.
 
Several small services, each service has their own set of processes. These services can be developed on independent platforms and different languages java/python etc… and combined via API’s to serve single purpose.
 
Several small services running independently as application and combined via API’s to serve single purpose.
 
What are these small services?
 
HTTP/Apache to access application
Cassendra to maintain data
Nagios to check status
RabbitMQ to maintain alarms
 
All above are connected via API’s to run and maintain one large application smoothly.
 
Great…. Now the question is how and where these services will run?
 
Do they run on host machine or they run separately?
 
If they had to run on single host machine then there are numerous challenges, someone has developed the service on Java 8 and someone has developed another service on java 7, some services developed on ubuntu and some developed on centos.
 
How to run all them at single host machine?
They must need to run separately, but how?
 
Here comes the Container
 
CONTAINER:
 
What is container?
 
Container is an isolated process which shares same kernel of host Linux machine.
Containers are executable software package with everything that application needs to run in any environment. Everything includes codes, dependencies, libraries, binaries, configuration files means everything required to run the application except OS.
Instead of whole OS it virtualize the operating system and share all the required resources from host OS.
** Upgrade of OS or upgrade of container does not affect each other.
 
Let’s summarize,
 
An isolated process which is capable to run on host OS without creating any dependency with OS or any other process/software residing at OS. Let’s say if we use a container of apache 2.4.43 and same time host OS having apache 2.2.34. both will run independently without any issue. We can have a container of centos 7.9 over host Centos 7.3 without any issue.
 
What are the benefits of Containers?
 
Lightweight: though they are independent of OS only shares OS kernel, hence they are extremely small in compare to VM and also boot in seconds.
 
Less Overhead/Efficiency: Containers require less system resources compared to traditional or VM environments because they don’t include OS. Consuming less resource allow more containers to run on phy/vm machines.
 
Portability: Containers carry all their dependencies with them, means can run virtually on any platform. Once an application is built and containerized, deployment can take place in any environment on any operating system.
 
Isolation/Debugging: Containers virtualizes all HW resources like Mem/CPU/HDD/NIC, hence they are logically isolated from all other applications running on OS as well as OS itself. Due to isolation is it easy for developers to pin point the issue and work on it without interfering whole environment.
 
What are the drawbacks of Containers?
 
Security: If OS kernel is compromised then all the containers will vulnerable.
 
Flexibility: Container must use the same OS as the base OS, a container developed on Linux is not capable to run on windows.
 
Monitoring: if there are hundred or more containers running on same machine then it’s difficult to see what’s going in each container.
 
Data Persistency: If external storage is not configured inside container then all data will lost will disappear if Container is stopped or shutdown.
 
What is containerization?
 
Putting an application inside container is called containerization of that application/service. Containerization is a form of virtualization where applications run in isolated user spaces, called containers, while using the same shared OS.
 
DIFFERENCE BETWEEN CONTAINER & VM:
 
What is difference between containerization and virtualization?
 

 

VM	Container
Heavyweight	Lightweight
Boot in minutes	Boot in seconds
Hardware-level virtualization	OS virtualization
Each VM having their own OS	Containers share the host OS
Resources dedicated to VM	Resource distribution to container as per requirement
Fully isolated, more secure	Process-level isolation, less secure.
KVM, Xen, VMware.	Docker, Rocket (RKT), Linux Containers (LXC)
Update is time taking, need to consider OS and its dependecy on Application	update is easy only container need to considered
Use a virtual hard disk (VHD) for local storage for a single VM which is persistent	For persistent data storage an external storage or host volume mapping is required inside containers
New VM installation/Configuration is time taking	Container installation/Configuration taking very less time compared to VM

 
Container orchestration:
What is container orchestration?
 
It’s not only about creating containers and managing applications within them,
There are several questions like
Scaling, lifecycle, monitoring, fault tolerance, deployment, management, networking, provisioning, resource allocation, load balancing, upgrade
 
How we will achieve them, Answer is Orchestration.
 
Container orchestration automates all above requirements and provides co-ordination and management of containers.
 
Kubernetes and Docker Swarm are Container Orchestration tools.

NAMESPACE:

What is namespace?

Simply called as process isolation,
Namespaces are a feature of the Linux kernel that partitions kernel resources such that one set of processes sees one set of resources and another set of processes sees a different set of resources.
Basic principal is to isolate processes with each other so that no one can interfere with others.
Let’s say you have a NFS drive and you mount it to one of your container where several other containers are also hosted on same machine. If you mount that NFS drive in container1 you are not expecting that the NFS drive will mount in all of your containers. It’s just an example to understand why process isolation is important.
 
Linux kernel having below namespaces,
 
Process isolation (PID namespace) - isolate the PID number space
Mount (mnt namespace) - isolate filesystems mount points
Network interfaces (net namespace) - isolate network interfaces
Cgroup - isolate cgroup root directory
Unix Timesharing System (uts namespace) - isolate hostname and domainname
Interprocess Communication (IPC) - isolate interprocess communication (IPC) resources
User namespace- isolate UID/GID number spaces

References and good read...

https://www.redhat.com/en/topics/virtualization/what-is-virtualization
https://www.redhat.com/en/topics/microservices/what-are-microservices
https://smartbear.com/solutions/microservices/
https://aws.amazon.com/microservices/
https://nordicapis.com/whats-the-difference-between-containers-and-microservices/
https://k21academy.com/docker-kubernetes/what-are-containers/
https://www.redhat.com/en/topics/containers/whats-a-linux-container
https://opensource.com/resources/virtualization
https://www.citrix.com/en-in/solutions/app-delivery-and-security/what-is-containerization.html
https://www.redhat.com/en/topics/cloud-native-apps/what-is-containerization
https://www.cloudsavvyit.com/742/what-are-linux-namespaces-and-what-are-they-used-for/