Wise people learn when they can; fools learn when they must - Arthur Wellesley

Saturday, 25 June 2022

KUBERNETES-2

  

                   KUBERNETES-2 (BASICS)

What we will learn,

What is Kubernetes?
Why Kubernetes?
What is a Kubernetes cluster?
Kubernetes Architecture

What is Kubernetes?


Kubernetes also known as K8S is an open source platform for managing containers.
Simply K8S is container orchestration solution or container management software which is used to control Scaling, lifecycle, monitoring, fault tolerance, deployment, management, networking, provisioning, resource allocation, load balancing, upgrade…etc,

Why Kubernetes?

Answer is already given above, let’s make it simple. There are several applications running inside several containers,

How we will monitor all containers?
How the load balancing will perform in case of extra traffic?
How the fault tolerance will work?
….. etc …. etc….
All can be done via Kubernetes, which further required creation of Kubernetes Cluster to achieve the requirements.

What is a Kubernetes cluster?

Nothing fancy, K8S cluster is set of nodes to run containerized applications. Simply if you are running K8S means you are running K8S cluster.

Two major components are required to form a K8S cluster

Master Node (Control Plane): Access point to manage the workers.

Worker Node: Each worker node hosts one or more pods – a collection of containers under Kubernetes’ control.

Kubernetes Architecture:

As we already learned that K8S cluster comprises of two components, let’s see some more about it.

MASTER NODE

WORKER NODE

Kube-API Server

Kube Proxy

Kube-Controller

Kubelet

Kube-Scheduler

Container Runtime

ETCD

 

 



MASTER NODE (CONTROL PLANE):


All Master Node components can be placed at one server or different servers.
Usually ETCD database kept at different server and rest three at one.

 

Image Courtesy: https://www.vmware.com/topics/glossary/content/kubernetes.html

KUBE API SERVER: This is front end of K8S control plane; The API (application programming interface) is responsible to check the validity of requests and their processing. The API server implements a RESTful API over HTTP, performs all API operations. Simply we can say gateway or master communicator for K8S cluster.

API server is only component which is capable to connect ETCD, rest all other components need to convey their requests to API server. API server acts as an interface between user and K8S cluster.

ETCD: Consistent and highly-available key value store for Configuration management, service discovery, and coordinating distributed work.

Each and every info & configuration about the K8S cluster is stored at ETCD, hence we always have backup of this.

What is Key-Value store?

I suggest reading below excellent explanation and appreciate the efforts.

https://www.waytoeasylearn.com/learn/what-is-etcd/

KUBE-SCHEDULER: It works as accountant of K8S cluster; scheduler has all the info of resource consumption across cluster. It decides which POD goes on which node (*Placement of PODS done by kubelet) and also decides the deployment of services.

Work assignment to various nodes are done by scheduler, It also keep track of resource consumption and ensures that the node’s performance should must kept under threshold.

KUBE-CONTROLLER: Also called Controller Manager, It is responsible to make a POD always live. Means it keep eye on current state of cluster and if sense any deviation it makes the required changes and move the state to desired. Basically all kind of FT & LB done via controllers.

Logically, each controller is a separate process, but to reduce complexity, they are all compiled into a single binary and run in a single process.

Some types of these controllers are:
Node controller: Responsible for noticing and responding when nodes go down.
Job controller: Watches for Job objects that represent one-off tasks, then creates Pods to run those tasks to completion.
Endpoints controller: Populates the Endpoints object (that is, joins Services & Pods).
Service Account & Token controllers: Create default accounts and API access tokens for new namespaces.

WORKER NODE:

KUBELET: An agent that runs on each node in the cluster. It makes sure that containers are running on the nodes as expected by tracking the state of pods to ensure that all the containers are running and healthy. It provides a heartbeat message every few seconds to the control plane.

KUBE-PROXY: A network proxy that runs on each node in a cluster which maintains network rules on nodes. These network rules allow network communication to Pods from inside or outside of cluster. Responsible to route traffic correctly to & from service/pods. It ensures each Pod gets a unique IP address with individual host sub-netting and acts as a load balancer across all pods in a service.

CONTAINER RUNTIME:

The container runtime is the software that is responsible for running containers (in POD’s)

To run the containers, each worker node has a container runtime engine, which pulls images from a container image registry and start/stop containers..

Kubernetes supports container runtimes such as docker, containerd, CRI-O, and any other implementation of the Kubernetes CRI (Container Runtime Interface).

CONTAINER/PODS:

What is POD?

Containers are deployed over worker node, but how?

Container/s are encapsulated inside POD,

A Pod is a group of one or more containers, with shared storage and network resources, and a specification for how to run the containers.
POD’s are considered as single instance/application and K8S manages pod’s instead containers because,
Pods have a unique IP address that is applied to every container within the pod.
Containers in a pod share the same resources such as memory and storage.
 
There are two types of Pods −
Single container pod
Multi container pod

 

POD is collection of containers and works as logical boundary for containers.
POD provides redundancy of containers and maintaining the shared resources along with consistency of network.
Whenever we create any POD, two containers are created one is desired and another is secretly created called “PAUSE”. This happens only once at the time of POD creation.

IP & namespace are stored at PAUSE. Kubernetes creates pause containers to acquire the respective pod’s IP address and set up the network namespace for all other containers within that pod, also the pause container shared the volume for entire pod. If the pause container is dead, kubernetes consider the pod died and kill it and reschedule a new one.

No POD created on Master Node, a restriction called TAINT applied at master node which prevents any POD creation at Master.

 

References and good read...

 

 

Posted by at

1 comment:

Subscribe to: Post Comments (Atom)