Lesson 09 Continuous Orchestration Using Kubernetes
Lesson 09 Continuous Orchestration Using Kubernetes
Container orchestration is the automation and management of lifecycle of containers and services.
Purpose
Docker Swarm
Introduction to Kubernetes
Introduction to Kubernetes
Designed in GO language
Acts as a cloud service in major cloud providers such as EKS in AWS and Kubernetes Engine in
GCP
Features of Kubernetes
Kubernetes
Automatic bin packing Batch execution
Features
Installation and cluster Easy and fast to install and Takes some work to get up and
setup configure running
Autoscaling Cannot do autoscaling Can do autoscaling
Highly scalable, scales five times Highly scalable, but scaling and
Scalability
faster than Kubernetes deployment are slow
Manual intervention needed for
Load balancing Automatic load balancing of traffic
load balancing
Can overcome Docker API
Container setup Limited to Docker API capabilities
constraints
Need third party tools for logging Built-in tools for logging and
Logging and monitoring
and monitoring monitoring
Benefits of Kubernetes
Spotify is an audio-streaming platform launched in 2008 and has grown to over 200 million
monthly active users across the world.
With a goal to enable an immersive listening experience for all of its consumers,
Spotify became an early adopter of microservices and Docker.
Case Study: Spotify
Challenge
Spotify had containerized microservices running across its fleet of virtual machines with a
homegrown container orchestration system called Helios. By late 2017, it was clear that having a
small team working on the features was just not as efficient as adopting something that was
supported by a much bigger community.
Case Study: Spotify
Solution
kube-apiserver
kubelet
kube-proxy
kube scheduler
Container runtime
kube-controller-
manager Pod
etcd Containers
Kubernetes cluster
Kubernetes Components
• Nodes: Sets of worker machines on the Kubernetes cluster that run containerized applications
• Pods: Components of the application workload that run on the worker nodes
• Control Plane: Manages the worker nodes and the pods in the cluster
In production environments, the control plane runs across multiple computers and a cluster runs
multiple nodes, providing fault tolerance and high availability.
Kubernetes Architecture
Control Plane
etcd
• Control plane contains the following
components:
o etcd
o kube-apiserver Kubelet Kube-Proxy Kubelet Kube-Proxy
o kube-scheduler
o kube-controller-manager Pod Pod … Pod … Pod Pod … Pod
Control Plane
kube-controller-
manager
kube-apiserver
kube-scheduler
Developer
Users
• Kubernetes node contains the following /Operator
etcd
architecture components:
o kubelet
o kube-proxy
o Pod Kubelet Kube-Proxy Kubelet Kube-Proxy
o Container runtime
Pod Pod … Pod … Pod Pod … Pod
Control Plane
kube-apiserver
kube-apiserver
● kube-apiserver supports Kubernetes API and processes all the
kube scheduler requests from various components.
● It handles the REST requests and JSON requests and updates the
kube-controller-manager
state of each object in etcd.
etcd
Kubernetes Control Plane Components
Control Plane
kube-scheduler
kube-apiserver
● kube-scheduler is the component of Kubernetes responsible for
managing workloads in a cluster.
kube scheduler
● It identifies the unutilized node and the process to schedule pods
kube-controller-manager on unutilized nodes based on the requirements.
Control Plane
kube-controller-manager
kube-apiserver
● kube-controller-manager manages all controllers in Kubernetes
kube scheduler such as DaemonSet and ReplicationController.
● It interacts with the API server to create, edit, and delete any
kube-controller-manager
resources being managed.
etcd
Kubernetes Control Plane Components
Control Plane
etcd
kube-controller-manager anytime.
cloud-controller-manager
● It only runs the controllers that are specific to your cloud provider.
Kubernetes Node Components
Kubernetes Node
kubelet kubelet
kube-proxy ● Kubelet is responsible for the working of each node and ensuring
the container’s health.
Container runtime
● It monitors how the pods start, stop, and are maintained.
Pod
● It does not manage containers that are not created by kubernetes.
Containers
Kubernetes Node Components
Kubernetes Node
kubelet kube-proxy
Containers
Kubernetes Node Components
Kubernetes Node
Container runtime
kubectl Kubernetes
Kubernetes API
You use kubectl to send commands to the cluster's control plane, or fetch
information about all Kubernetes objects via the API server.
Overview of kubectl
Use the following syntax to run kubectl commands from your terminal window:
• command: Refers to the operation you want to perform on one or more resources, for
example create, get, describe, delete
Duration: 25 Min.
Problem Statement:
You are given a project to install Kubernetes and set up a Kubernetes cluster.
Assisted Practice: Guidelines
1. Install Kubernetes.
Pod is a collection of one or more containers with shared storage and network resources and a specification
to run its containers. It is the smallest unit of a Kubernetes application.
Kubernetes Node
• Each pod comprises one or more
containers that can be initialized on any kubelet
host.
kube-proxy
• Each pod is assigned a unique IP using
which we can redirect traffic from outside Pod
to the pod.
Containers
• Pods are managed using the kubelet
command line in a Kubernetes cluster.
Pods
apiVersion: batch/v1
kind: Job
• Containers in a pod can consist of multiple metadata:
name: hello
applications. spec:
template:
# This is the pod template
spec:
• Pod templates are used to define how pods will containers:
- name: hello
be created and deployed. image: busybox
command: ['sh', '-c', 'echo
"Hello, Kubernetes!" && sleep 3600']
restartPolicy: OnFailure
• Pods share physical resources from host # The pod template ends here
Duration: 20 Min.
Problem Statement:
You are given a project to create a Kubernetes pod using a yaml file.
Assisted Practice: Guidelines
Label
s
• Kubernetes attaches key-value pairs called labels for various objects such as services,
pods, and nodes.
• They are intended for easy identification by users and do not have any semantic
implication on the core system.
• They can be used to organize and to select subsets of objects.
Labels
"metadata": {
• Labels can be attached to objects at creation time and can
"labels": {
"key1" : "value1", be added or modified at any time.
"key2" : "value2"
} • Each object can have a set of key/value labels defined.
}
• Each Key must be unique for a given object.
Labels
Selectors
• Labels do not provide uniqueness, many objects can have a similar label.
• In Kubernetes, the label selector is the core grouping primitive.
• They are used by the users to select a group of objects.
• The Kubernetes API currently supports two kinds of selectors: equality based and set based.
Selectors
Controllers are control loops that monitor the state of your Kubernetes cluster, and make or request
changes wherever needed.
Kubernetes
Controllers
Ensure availability of
Manage pods using
pods by creating
labels and selectors to
replacements
identify resources
automatically
Controllers
The controller can directly carry out the action on its own or can control via the API server in
order to bring the desired state.
Types
• Kubernetes has a set of built-in controllers which provide important core behaviors.
• Some examples of such controllers are deployment controller and job controller.
• There are a few controllers that run outside the control plane.
• You can also write your own controllers to extend the functionalities to suit your needs.
ReplicaSet
A ReplicaSet is used to ensure that a set of replica pods is running at any given time. It is commonly used to
guarantee the availability of a specified number of identical pods.
● The ReplicaSet uses the selector to identify the pods running and based on the result,
it creates or deletes the pods.
● It acquires the pod if the pod does not have an OwnerReference and matches the
selector of ReplicaSet.
ReplicaSet
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: frontend
labels:
app: guestbook
tier: frontend
spec:
# modify replicas according to your case
replicas: 3
selector:
matchLabels:
tier: frontend
template:
metadata:
labels:
tier: frontend
spec:
containers:
- name: php-redis
image: gcr.io/google_samples/gb-frontend:v3
Example of a ReplicaSet
Deployments
A Deployment is used to provide updates for pods and ReplicaSets. It is a controller that changes the actual
state to the desired state as specified.
To facilitate more
load
Deployments
Creating a Deployment
1
Scaling a Deployment
2
Service is an abstraction which defines a logical set of pods and a policy which can be used to access them.
• Kubernetes allocates a unique port and DNS to each service. The port and DNS details are
changed only if the service object is recreated.
• In case of multiple pods, an in-built load balancer is used to share the load between pods
running on different nodes.
Services
When you define a service without a pod selector, the corresponding endpoints object is not
created automatically.
apiVersion: v1 apiVersion: v1
kind: Service kind: Endpoints
metadata: metadata:
name: my-service name: my-service
spec: subsets:
ports: - addresses:
- protocol: TCP - ip: 192.0.2.42
port: 80 ports:
targetPort: 9377 - port: 9377
You can manually map the service to the network address and port where it's running, by adding an
endpoints object manually.
How Do Kubernetes Services Work?
A Kubernetes service enables communication between nodes, pods, and users of your app, both
internal and external, to the cluster.
• They are not node specific and can point to a pod irrespective of where the pod runs in the
cluster at any given point in time.
• By exposing a service IP address along with the DNS service name, the application can be
accessed by either method as long as the service exists.
Accessing a Kubernetes Service
● The DNS server monitors the Kubernetes API for new services and creates a set of DNS records for each.
● The kubelet adds a set of environment variables for each active service for every node a pod is running on.
Types of Kubernetes Services
Kubernetes provides four types of services in order to expose a service onto an external IP address
that's outside the cluster.
ClusterIP NodePort
LoadBalancer ExternalName
Types of Kubernetes Services
• ClusterIP: Exposes the service within the Kubernetes cluster, default ServiceType
• NodePort: Exposes the service via a static port on each node’s IP. The NodePort
service routes to a ClusterIP service that is automatically created. To access the
service from outside the cluster use NodeIP:nodePort.
• LoadBalancer: Exposes the service externally via a cloud provider’s load balancer.
The external load balancer routes to NodePort and ClusterIP Services that are
automatically created.
• Ingress can also be used to expose the service although it’s not a service type.
Kubernetes Networking
Kubernetes networking allows Kubernetes components to communicate with each other and
with other applications.
● The service resource that enables you to expose an application running in pods to make it
reachable from outside your cluster
● Services used to publish services only for consumption inside your cluster
Kubernetes Storage
● Kubernetes uses the same storage volume concept that you find when using Docker.
● The Kubernetes volume's lifetime is an explicit lifetime that matches the pod's lifetime. This
means a volume outlives the containers that run in the pod. However, if the pod is removed,
so is the volume.
Kubernetes has two types of objects that are used to inject configuration data into a
container when it starts up: Secrets and ConfigMaps.
Secrets ConfigMaps
Description: You have created an application and want to containerize it. For
efficient load balancing and auto-scaling of the containers depending on the
requirement, you decide to deploy your app on a Kubernetes cluster.