Overview Flashcards
What is Kubernetes? (3)
is a portable, extensible, open-source platform
for managing containerized workloads and services
that facilitates both declarative configuration and automation
History
Traditional > Virtualized > Container
Container Benefits (10)
increased ease and efficiency of container image creation compared to VM image
reliable and frequent container image build and deployment with quick and easy rollbacks
create application container images at build/release time rather than deployment time, thereby decoupling applications from infrastructure
Observability not only surfaces OS-level information and metrics, but also application health and other signals
Runs the same on a laptop as it does in the cloud
Runs on Ubuntu, RHEL, CoreOS, on-premises, on major public clouds, and anywhere else
Raises the level of abstraction from running an OS on virtual hardware to running an application on an OS using logical resources
applications are broken into smaller, independent pieces and can be deployed and managed dynamically – not a monolithic stack running on one big single-purpose machine
predictable application performance
high efficiency and density
Why Kubernetes? (6)
Service discovery and load balancing (expose a container using the DNS name or IP)
Storage orchestration (automatically mount a storage system)
Automated rollouts and rollbacks:
create new containers
remove existing containers
adopt all their resources to the new one
Automatic bin packing (How much CPU and memory (RAM) each container needs)
Self-healing:
restarts containers that fail
replaces containers
kills containers that don’t respond
Secret and configuration management (lets you store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys)
What Kubernetes is not (7)
Does not limit the types of applications supported (If an application can run in a container, it should run great on Kubernetes)
Does not deploy source code and does not build your application
Does not provide application-level services, such as middleware
Does not dictate logging, monitoring, or alerting solutions (It provides some integrations as proof of concept, and mechanisms to collect and export metrics)
Does not provide nor mandate a configuration language/system (for example, Jsonnet)
Does not provide nor adopt any comprehensive machine configuration, maintenance, management, or self-healing systems.
Additionally, Kubernetes is not a mere orchestration system
Components (3)
Node:
worker machines, that run containerized applications
Pod:
The worker node(s) host the Pods that are the components of the application workload
Set of running containers in your cluster
Control plane:
Manages the worker nodes and the Pods in the cluster
The container orchestration layer that exposes the API and interfaces to define, deploy, and manage the lifecycle of containers.
Control Plane (2)
make global decisions about the cluster
detecting and responding to cluster events
Control Plane Components (4)
kube-apiserver:
is the front end for the Kubernetes control plane
is designed to scale horizontally—that is, it scales by deploying more instances
etcd:
Consistent and highly-available key value store
backing store for all cluster data
make sure you have a back up plan for those data
kube-scheduler:
watches for newly created Pods with no assigned node, and selects a node for them to run on
Factors
individual and collective resource requirements
hardware/software/policy constraints
affinity and anti-affinity specifications
data locality
inter-workload interference
deadlines
kube-controller-manager:
runs controller processes
Logically, each controller is a separate process, but to reduce complexity, they are all compiled into a single binary and run in a single process
controllers
Node controller
Responsible for noticing and responding when nodes go down
Replication controller
maintaining the correct number of pods for every object
Endpoints controller
Populates the Endpoints object (that is, joins Services & Pods)
Service Account & Token controllers
Create default accounts and API access tokens for new namespaces
kube-scheduler Factors (6)
individual and collective resource requirements
hardware/software/policy constraints
affinity and anti-affinity specifications
data locality
inter-workload interference
deadlines
kube-controller-manager controllers (4)
Node controller:
Responsible for noticing and responding when nodes go down
Replication controller:
maintaining the correct number of pods for every object
Endpoints controller:
Populates the Endpoints object (that is, joins Services & Pods)
Service Account & Token controllers:
Create default accounts and API access tokens for new namespaces
Node Components
run on every node
maintaining running pods
providing the Kubernetes runtime environment
Components
kubelet:
runs on each node in the cluster
makes sure that containers are running in a Pod
takes a set of PodSpecs that are provided through various mechanisms
ensures that the containers described in those PodSpecs are running and healthy
doesn’t manage containers which were not created by Kubernetes
kube-proxy:
network proxy that runs on each node in your cluster
implementing part of the Kubernetes Service concept
maintains network rules on nodes
allow network communication to your Pods from network sessions inside or outside of your cluster
uses the operating system packet filtering layer
Otherwise, kube-proxy forwards the traffic itself
Container runtime:
software that is responsible for running containers
Addons
use Kubernetes resources (DaemonSet, Deployment, etc) to implement cluster features
DNS Addon (3)
all Kubernetes clusters should have cluster DNS, as many examples rely on it
serves DNS records for Kubernetes services Containers started by Kubernetes automatically include this DNS server in their DNS searches
Web UI (Dashboard) Addon
It allows users to manage and troubleshoot applications running in the cluster, as well as the cluster itself
Container Resource Monitoring Addon
records generic time-series metrics about containers
