Overview of Kubernetes Components
What is Kubernetes?
As per the official website
Kubernetes is an open-source platform for managing containerized workloads and services. Some of its capabilities include:
- Service discovery and load balancing: It can expose a container using the DNS name or using their own IP address and if the traffic to a container is high, Kubernetes is able to load balance and distribute the network traffic.
- Storage orchestration: It allows you to automatically mount a storage system of your choice, such as local storage, public cloud providers, and more.
- Automated rollouts and rollbacks: Automate Kubernetes to create new containers for your deployment, remove existing containers and adopt all their resources to the new container
- Self-healing: Restarts containers that fail, replaces containers, kills containers that don’t respond to your user-defined health check
- Secret and configuration management: Lets you store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys
Why is it popular?
Traditional Deployment: In the early days, organizations ran applications on physical servers. There was no way to define resource boundaries for applications in a physical server, and this caused resource allocation issues
Container Deployment: Containers are considered lightweight. Similar to a VM, a container has its own filesystem, the share of CPU, memory, process space, and more. As they are decoupled from the underlying infrastructure, they are portable across clouds and OS distributions.
- In the previous time, as the trend for microservices grew, companies began deploying more and more of them.
- There was no proper way to manage them.
Rise of DevOps
Kubernetes introduced DevOps. Without Kubernetes, software development teams need to script down their own software deployment, scale it manually, and update workflows. In a large enterprise, DevOps handles this task.
- The smallest unit of Kubernetes (K8s)
- It is an abstraction over the container
- Any containers in the same pod will share the same resources and local network.
- Containers can easily communicate with other containers in the same pod.
- Each pod gets its own IP address, and when a pod dies, a new IP is assigned.
- Pods are the unit of replication in K8s. If the application becomes popular and a single pod instance can’t carry the load, Kubernetes can be configured to deploy new replicas of your pod to the cluster.
- Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods and can load-balance across them.
- The client sends a request to the stable IP address, and the request is routed to one of the Pods in the Service.
- The lifecycle of a pod and service are not connected. So, if a pod dies, its service is not affected.
- This component itself is a load balancer.
- A Service identifies its member Pods with a selector. For a Pod to be a member of the Service, the Pod must have all of the labels specified in the selector.
On-disk files in a container are ephemeral (lasting for short time), which presents some problems for non-trivial applications when running in containers.
- Loss of files when a container crashes. The kubelet restarts the container but with a clean slate.
- Sharing files between containers running together in a
- Used for persisting data. Kubernetes guarantees data is preserved across container restarts.
- It is a directory with some data, accessible to the containers in a pod.
- There are different types of volumes available
- Apod can use any number of volume types simultaneously. Ephemeral volume types have a lifetime of a pod, but persistent volumes exist beyond the lifetime of a pod.
- ConfigMaps enable you to separate your configurations from your Pods and components.
- This makes pod configurations easier to change and manage and prevents hardcoding configuration data to Pod specifications.
- Let’s you set the configuration data separately from the application code.
- Store non-confidential data in key-value pairs.
- The pods read the data from this config map.
Note: To use sensitive information in your clusters, you must use Secrets.
- Secrets are secure objects which store sensitive data, such as passwords, OAuth tokens, and SSH keys, in your clusters.
- Using Secrets reduces the risk of exposing the data to unauthorized users.
- Values stored are base64 encoded.
Note: Built-in security mechanism is not enabled by default in K8s
- Although pods are the basic unit of computation in k8s, they are managed by a layer of abstraction: deployment.
- A component that specifies the blueprint for a pod.
- Used to create stateless applications.
- Mostly you will not be working with pods, instead of with deployment.
- Deployment’s primary purpose is to declare how many replicas of a pod should be running at a time.
- If a pod dies, the deployment will automatically re-create it.
You can create a cluster of nodes, and launch deployments of pods onto the cluster. However, we need to allow external traffic to your application.
- Exposes HTTP and HTTPS routes from outside the cluster to services within the cluster.
- Request from the outside world first goes to the ingress.
- Ingress has the traffic routing rules defined and forwards the request to the appropriate service.
There are multiple ways to add ingress to your cluster. The most common ways are by adding either an Ingress controller or a LoadBalancer.
Note: Client can be a web browser, mobile devices, etc.
If you deploy any stateful application on Kubernetes, you’ll need to ensure that pods can reach each other through a unique identity that does not change (hostnames, IPs…etc.).
Enter Stateful Set
- This is responsible for creating stateful applications, for instance, MySQL clusters, Redis, Kafka, MongoDB, and others.
- Maintains a sticky identity for each of its pods. Each pod has a persistent identifier.
- Headless Service like Nginx controls the network domain.
Programs running on your cluster aren’t guaranteed to run on a specific node. If a program tries to save data to a file for later but is then relocated onto a new node, the file will no longer be where the program expects it to be.
- To store data permanently, Kubernetes uses Persistent Volumes.
- PersistentVolume (PV) is a piece of storage in the cluster.
- PV is independent of the pod lifecycle.
- They provide a file system that can be mounted to the cluster, without being associated with any particular node.
- A PVC is the request to provision persistent storage with a specific type and configuration.
- Applications claim the PV using PVC
- To specify the persistent storage flavor that you want, you use Kubernetes storage classes.
- When we create a PVC, the request is sent to the storage provider.
- Depending on the configuration that is defined in the storage class, the physical storage device is ordered and provisioned in your application.
- If the requested configuration does not exist, the storage is not created.