Deep Dive Into Kubernetes: Who to run pod, node container in Kubernetes (K8s)

Kubernetes: History Overview

When docker manages the microservices and containers, a container management system became a paramount requirement for all organizations and individuals, during time Google was already working on the project and opensource the project called Borg. To enchase the container management system company came up with the Kubernetes, an open-source project to automate the process of deploying and managing the multi-cloud application at scale.

Understanding Kubernetes Architecture

What is Kubernetes?

Kubernetes is a platform that provides a huge number of services and capabilities that keep growing, it's core ability to schedule
the workloads in the container across the infrastructure, and also use for the following capabilities

1. Mounting Storage systems
2. Application Health
3. Replicating Application Instances
4. Horizontal Pod AutoScaling
5. Naming and Discovering
5. Balancing Loads
6. Rolling updates
7. Monitoring Resources
8. Debugging Application
09 . Providing Authentication and authorization
and much more capabilities Kubernetes have.

Also always remember that the kubernetes is not the Platform as a service.

What is Container Orchestration

The primary responsibility of the Kubernetes is container orchestration which means that all the containers that execute the different workloads should be working on the physical or virtual machine.

Kubernetes Concepts

Cluster

A cluster is a collection of computing, storage, and networking that Kubernetes uses to load various workloads.

Node

Node is a single host, which can be virtual or physical. Node runs the pods and Kubernetes other components such as kubelets or Kube-proxy.

kubelet

Kubelet ensures that all containers in the node are running and are in a healthy state. Kubelet monitors the state of a pod if it is not in the desired state. If a node fails, a replication controller observes this change and launches pods on another healthy pod.

container

Containers are the lowest level of the microservices, placed in the pod and external IP address to view the outside process.

kube-proxy

Kubeproxy acts as the network proxy and a load balancer. Kubeproxy also forwards the request to correct pods across the isolated network in the cluster.

cAdvisor

cAdvisor acts as assistance in the Kubernetes, and is responsible for the monitoring, gathering data of the resource usage, performance metric on each node.

Master

The master is the controller plan in the Kubernetes having components of API Servers, Scheduler, and controller manager.

Etcd Storage

etcd is an open-source CNCF Project. Kubernetes uses etcd to store the overall configuration of the cluster.

API — Server

The API server is the central controller entity that receives the rest API for the modifications in the Kubernetes, and the server is the front end of the control cluster. The API server is the one who triggers the etcd that the data is stored in the cluster.

Scheduler

Scheduler helps the pods on various nodes based on the resources utilization and decides where to deploy which service. The Scheduler also has the information regarding the resource available to the member as well as the configurations service to run.

Controller Manager

It runs several distinct controller processes in the background to regulate the shared state of the cluster and perform a routine task. When there is any change in the service, the controller spots the change and starts working towards the new desired state.

Pod

A pod is the unit of work in Kubernetes, a pod has one or more containers, sharing the same IP and port spaces, communicate using the localhost or standard interprocess communication.

Label

labels are the key-value pair that group together the set of objects, most often the pods.

Annotation

Annotation lets you associate the arbitrary metadata with Kubernetes. Kubernetes stores the annotation and makes the metadata available.

Label Selector

Label Selectors are usually used to select the objects based on their labels. There are two operators , == (or =) and != to denote equality or inequality based on the value. for example

rol= webserver ,application != foorol in (webserver,backend)

Replication Controller and Replica Set

Replication Controller and Replica set both manage the pods which are begin identified by the labels to check whether the pod is up and running or not. the main difference between the replication controller and replica set is that the replication controller tests for the membership by name equality while the replica set uses set-based selection.

Service

Service is used to expose a certain functionality to a user or other service and encompass a group of pods. You can have a service that provides access to the external resources or to the pods you control directory using the virtual IP.

Volume

Local storage on the pod is ephemeral and goes away when the pod is terminated. There are various types of volume, Kubernetes directly support the volume types but the modern approach for extending Kubernetes with more volume types is through the Container Storage Interface (CSI). emptydir mount on each container backed by default, this storage deleted when pod terminated. Also, there is one more volume type which is persistentDisckClaim that provides the persistent volume in your Kubernetes environment.

Stateful

Pods come and go, which means that the storage should be persistent otherwise the data inside the pod will be lost when the pod terminated so we use the persistent storage, but something Kubernetes needs to manage the distributed data store such as MYSQL Galare. Well, StatefulSet sits somewhere in the middle. StatefulSet ensures (similar to a replication set) that a given pet number with unique identities is running at any given time.

The pets have the following properties:

• A stable hostname, available in DNS
• An ordinal index
• Stable storage linked to the ordinal and hostname

Secrets

Secrets contain sensitive information such as entails or tokens. the sensitive information store in the etcd and accessed using the Kubernetes API server, and can be mounted as files into pods. The same secret can be mounted to multiple pods.

Names

Each object in Kubernetes is identified by a UID and a name. The name is used to refer to the object in API calls. Names should be up to 253 characters long and use lowercase alphanumeric characters, dashes (-), and dots (.).

NameSpaces

A namespace is a virtual cluster. You can have a single physical cluster that contains multiple virtual clusters segregated by namespaces. Each virtual cluster is totally isolated from the other virtual clusters, and they can only communicate through public interfaces.

#Running Kubernetes

Running Kubernetes on GCE (GKS)

GCP offers the Google Kubernetes Engine (GKE) (for more information visit https://cloud.google.com/kubernetes-engine/), a powerful cluster manager that can deploy, manage, and scale containerized applications in the cloud. Google has been running containerized workloads for over 15 years, and this platform is an excellent choice for sophisticated workload management.

Credit: Google Cloud

Running Kubernetes on AKS

Azure offers the Azure Container Service (AKS) (for more information visit https://azure.microsoft.com/en-us/services/kubernetesservice/), which aims to simplify the deployment, management, and operations of a full-scale Kubernetes cluster.

Credit: Microsoft Azure

When you take advantage of one of these systems, you get built-in management of your Kubernetes cluster, which allows you to focus on the optimization, configuration, and deployment of your cluster.

Running Kubernetes on EKS

Amazon Web Services: AWS offers Elastic Container Service for Kubernetes (EKS) (for more information visit https://aws.amazon.com/eks/), a managed service that simplifies running Kubernetes clusters in their cloud. You can also roll your own clusters with kops (for information visit ).

Credit: AWS

Kubernetes Commands

As I explained completely how you can install the minikube in the centOs Virtual Machine, because it provides you with a complete Kubernetes environment, which is more suitable for the learning, you can also use Amazon Kubernetes Service, Google Kubernetes Service, or Microsoft Azure Kubernetes Service with Respective to your Production level.

These are the following commands which might be helpful for you when you get started with the Kubernetes on minikube using centOs.

Pods

These commands will display all the pods in your node

kubectl get podskubectl get pods --all-namespaces

If you want to filter the pod then you can run the following command

kubectl get pod busybox2 -o wide

if you want to generate the YAML file of your pod then you can use the following command.

kubectl get pod busybox2 -o yaml

or in case if you want more information about your pod then you can use the following command

kubectl describe pod busybox2

NameSpaces

As we have already discussed the namespaces let check how many namespaces we have in our Kubernetes environment and also learn how to create a new one.

kubectl get ns

and with the following command, we can create a new namespace

kubectl create ns myspace

Create Deployment

Kubectl has the option, in case you are facing troubles with the command, just add the -h at the end of your command and it will show you all commands.

kubectl create deployment -h

let’s have an Nginx command

kubectl create deployment my-app --image=nginx --replicas=3

You can also filter the running pods using this command

kubectl get pods --field-selector status.phase=Running

We can also scale up or down our pods by using the following command

kubectl scale deployment/POD_NAME --replicas=N

In case if you want to check the label of your pod, you can do by following the command

kubectl get all --show-labels

or you can also apply the filter to get the relevant information of your pod, as I deployment the pod with label my-app, so I can use filtering accordingly

kubectl get all --selector app=my-app

To get the explanation of the deployment, use the following command

kubectl explain deployment

Services

You can get the service of your Kubernetes cluster

kubectl get services

Volume

To get the volume details, use the following command

kubectl get pvkubectl get pvc

Secrets

To get the secrets of the pod, you can do by the following command

kubectl get secret

You can also get help by following the command

kubectl create secret generic -hkubectl create secret generic myapp --from-literal=password=root

and then get the password by following the command

kubectl get secrets myapp -o yaml

Scheduler

NodeSelector based policy:

kubectl label node minikube foo=bar

Troubleshooting

You can use the following commands for the troubleshooting in the Kubernetes environment

kubectl describekubectl logskubectl execkubectl get nodes --show-labelskubectl get events

Role-Based Access Control

These are the followings control level

• Role
• ClusterRule
• Binding
• ClusterRoleBinding

kubectl create role fluent-reader --verb=get --verb=list --verb=watch --resource=podskubectl create rolebinding foo --role=fluent-reader --user=minikubekubectl get rolebinding foo -o yaml

Conclusion

I hорe this blоg саn helр yоu tо leаrn the bаsiсs оf Kubernetes, in the next blоg, I will dо аll the Kubernetes deрlоyment оn Miсrоsоft Аzure Kubernetes Serviсe, АWS Elаstiс Kubernetes Serviсe, аnd Gооgle Kubernetes Serviсe, in the meаntime, рleаse fоllоw me оn Medium аnd соnneсt with me оn Linkedin. httрs://www.linkedin.соm/in/syedаsаdrаzаdevорs/