Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.
- Manual Deployment of containers is hard to maintain, error-prone and annoying. These issues are beyond the security and configuration concerns.
- Containers might go down/crash and need to be replaced.
- We might need more containers when traffic spikes.
- Incoming traffic should be distributed equally.
- Container health-checks and re-deplyoment
- Auto-scaling
- Load Balancer
Note: These all problems are solved if we use AWS ECS, but we are locked to AWS. If we want to migrate to Azure or other cloud container service provider, then we have to learn about that service.
- a cloud provider - a cloud provider service (though cloud provider might offer Kubernetes-specific services)
- a tool or service that manages infrastructure - Kubernetes will NOT create and launch anymachines or do anything like that (managed Kubernetes services by cloud providers might dothat)
- a single tool or software - Kubernetes is a collection of concepts and tools
An open-source system(de-facto standard) for orchestrating container deployments. Helps us in below tasks:
- Automatic Deployment
- Scaling and Load Balancing
- Management
Kubernetes is like Docker Compose for Multiple Machines
- Cluster: A set of Node machines which are running the Containerized Application (Worker Nodes) or control other Nodes (Master Node)
- Nodes: Physical or virtual machine with a certain hardware capacity which
hosts one or multiple Pods and communicates with the Cluster
- Master Node: Cluster Control Plane, managing the Pods across Worker Nodes
- Worker Node: Hosts Pods, running App Containers (+ resources)
- Pods: Pods hold the actual running App Containers + their required resources (e.g. volumes).
- Containers: Normal (Docker) Containers
- Services: A logical set (group) of Pods with a unique, Pod- and Containerindependent IP address
| What Kubernetes Does | What You have to Do |
|---|---|
| Create your objects(Pods) and Manage them | Create the Cluster and the Node instances(Master and Worker Nodes) |
| Monitor Pods, re-create them, Scale Pods | Setup API server, kubelet and other Kubernetes services/softwares on nodes |
| Kubernetes utilizes the provided resources to apply your configuration/goals | Create other(cloud) provider resources that might be needed(File Systems and Load Balancers) |
- kubectl A command line tool to send instructions to Kubernetes Cluster(Mainly Master Node) using Kubernetes APIs
- minikube A local Kubernetes, focusing on making it easy to learn and develop for Kubernetes
Kubernetes works with Objects
- Pods
- Deployments
- Service
- Volumes
- Imperatively
- Declartively
The smallest unit Kubernetes interacts with
- Contains and runs one or multiple containers(mainly one container per pod)
- Pod contains shared resources(volumes) for all Pod containers
- Has a cluster internal IP by default(containers inside a Pod can communicate via localhost)
Pods are designed to be ephemeral: Kubernetes will start, stop and replace them as needed.
For Pods to be managed for you, you need a Controller(i.e Deployment)
Controls(Multiple) Pods
- You set a desired state, Kubernetes then changes the actual state
Define which pods and container to run and number of instances
- Deployments can be paused, deleted and rolled back
- Deployments can be scaled dynamically(and automatically)
Deployments manage a Pod for you, you can also create deployments.
You therefore don't directly control the Pods, instead you use deployment to set up the desired end state
Project used ---> kub-action-starting-up
- Commands used to create first deployment
-
Used to create deployment on the basis of an image on Docker registry. kubectl create deployment first-app --image=rchauhan9102/kub-first-app
-
Used to get the deployments and their info
-
Used to get the pods and their info
-
used to delete deployment and in result pods are also deleted. kubectl delete deployment first-app
kubectl create deployment name-of-deployment --image=image-name-with-repo-on-dockerhub
Commands goes to Master Node(Control Plane) ---> Scheduler analyses currently running pods and find the best node(Worker node) for our pod which is free or doing the least work. kubelet manages Pods and Containers.
Exposes Pods to the cluster or externally
- Pods have an internal IP address which changes when the Pod is replaced
Finding Pods is hard if the IP address changes all the time
- Service group a Pod with a shared IP address
- Services can allow external access to Pods
The default(internal only) can be overwritten
Without services Pods are very hard to reach and communication is difficult
Reaching ad Pod from outside of the cluster is not possible at all without services
- Commands used to expose deployment with service
-
This command exposes the deployment first-app on port 8080 create service with type LoadBalancer to so that we can get a shared IP which can be accessed from outside of the cluster.
-
used to get the list of services available
-
exposes the deployment using the service to the localhost machine. This command is not required if we are running the kubernetes cluster on a Cloud provider
- ClusterIP
IP address only available to Kubernetes Cluster
- NodePort
IP address of the Worker node(Machine IP at which Worker node is running)
- LoadBalancer
Shared IP for all the services and available to outside of the cluster
If there is any error in the running container, the Kubernates will restart the container as well as Pod
create replicas of the first-app pod
- Build new image with latest source code and the incrementing tag
- Push the image with new tag to dockerhub
-
to update the deployment with newly pushed docker image on dockerhub
-
to get the rollout status of updated deployment
To make kubernetes pull the image, there should be change in new image tag
-
To undo the latest deployment and rolled back to the previous one
-
To get the history to the deployment
-
To rollback to a specific deployment
- kubectl delete service first-app
- kubectl delete deployment first-app
| Imperative | Declarative |
|---|---|
| kubectl create deployment .. | kubectl apply -f config.yaml |
| Individual commands are executed to trigger certain kubernetes actions | A config file is applied and used to change the desired state |
| Comparable to using docker run only | Comparable to using docker compose with compose files |
Reference Doc to create yaml file for Declarative Approach
-
Used to apply the deployment related changes
-
Used to apply the service related changes
-
Used to delete the deployment and services
To update the deployment we just have modify the yaml file and apply those changes
Labels and Selectors are necessary... Labels and Selectors are used to make a link between pods and services
We can have multiple resources in one single deployment file by adding --- in yaml file. It is better pratice to create service before deployment.
-
matchExpressions:
- key: app
operator: In
values:
- second-app
- first-app We can use matchExpressions in place of matchLabels to select on the basic of key value pair and operator. -
Used to delete the resoures on the basis label key value defined in applied config file
-
livenessProbe:
httpGet:
path: /
port: 8080
periodSeconds: 10
initialDelaySeconds: 5Used to get the health of the running container
Force kubernetes to pull the image always during update in deployment
-
Often stored in databases but can also be file(e.g. Upload files)
-
Often stored in memory, temporary database tables or files
State is data created and used by your application which should not be lost
- Kubernetes can mount volumes into containers
- A broad variety of volumes/driver types are supported
- Local Volumes(i.e. On Nodes)
- Cloud provider specific volumes
- Volume lifetime depends on the Pod lifetime
- Volume survives containers re-starts(and removal)
- Volumes are deleted if the Pods are destroyed
| Kubernetes Volumes | Docker Volumes |
|---|---|
| Supports many different drivers and Types | Basically no driver/type support |
| Volumes are not necessarily persistent | Volumes persists until manually cleared |
| Volumes survives container restarts and removal | Volumes survives container restarts and removal |
Kubernetes Volumes Documentation
- Some Common Kubernetes volume types
-
Creates an empty directory and is linked with a container path so content can be written and saved at the newly created empty directly in Worker Node. It is not suitable for multiple replicas.
-
Used for Multiple Replicas. It stores data in host machine(Worker Node) and available for all replicas.
-
Used for any outside file system which is very flexible. You just need integration driver available for that file system.
Volumes are destroyed when a Pod is removed. hostPath partially work around that is one-node environments like minikube
| "Normal" Volumes | Persistent Volumes |
|---|---|
| Allows to persist Data | Allows to persist Data |
| Volume is attached to Pod and Pod Lifecycle | Volume is a Standalone Cluster Resource(Not attached to a Pod) |
| Defined and Created together with Pod | Created standalone and claimed via PVC |
| Repetitive and hard to administer on a global level | Can be defined once and used multiple times |
- Define a Persistent Volume
- Define a Persistent Volume Claim
- Using a Claim in Pod
- Commands for Persistent Volume Deployment
-
To get the Storage Classes
-
To apply Persistent Volume Config
-
To get the List of Persistent Volumes
-
To apply Persistent Volume Claim
-
To get the List of Persistent Volume Claims
-
To update the deployment
We can set using env tag at containers tag in deployment.yaml
-
To Apply config Map
-
To get Config Map
-
For Pod internal Communication(Same Pod Container), we can user localhost as the address for the second container.
-
-
Pod to Pod Communication can be achieved using the IP address of Pod(Cluster IP of the Service) and environment variables generated by Kubernetes
-
Core DNS - Domain Name Service
We can use servicename.namespace too for Pod to Pod communication
kubectl get namespacesTo get the namespaces
-
To get the logs of the Pods
-
You need to install and configure everything(i.e. Machines and Kubernetes Software)
-
- You do all the installation and configuration on your own(Manually or via Kops)
- Managed Service(Just need to define cluster architecture) i.e. AWS EKS
-
- Configure Cluster
- Create EKS role for EKS Cluster
- Create VPC using Cloud Formation Stack Creation
-
This file is used to by kubectl to connect with minikube We need to override this file. This we can user AWS CLI. We need to download and install it so that we can communicate with the AWS Cluster from our local machine. For that we need to create Access Key from IAM.
-
- enter access key
- enter access secret key
- enter default region
-
This will update local kubectl config file to connect to AWS Cluster
-
-
-
On Cluster-->Compute
- Add Permissions AmazonEKSWorkerNodePolicy, AmazonEKS_CNI_Policy, AmazonEC2ContainerRegistryReadOnly
- Set Compute and Scaling Configurations
- Specify Networking
-
Simply run the kubectl apply to apply the configs.
AWS automatically create a Load Balancer in EC2 if the service is of type Load Balancer
for Load Balancer type service we will get an AWS url using which we can access our app. -
- Install AWS EFS CSI Driver into Cluster using deploy command on this page
- Create Security Group for EFS using VPC being used for EKS. Set the Inboud/outbound rules.
- Create EFS using EKS VPC.
- Create Persistence Volume and Claim for EFS
To get the storage Classes