Kubernetes (K8s) Architecture and Its Components đ¶
What is Kubernetes, and Why Do We Need It? đ¤¶
Kubernetes, often abbreviated as K8s (K-eight-s), is a powerful open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It was originally developed by Google and is now maintained by the Cloud Native Computing Foundation (CNCF). But why do we need Kubernetes in the first place?
Containerization, popularized by technologies like Docker, allows developers to package applications and their dependencies into portable units called containers. Containers make it easy to ensure consistency across different environments and simplify the deployment process. However, managing containers at scale can quickly become complex and challenging. This is where Kubernetes comes to the rescue.
Kubernetes provides a robust and flexible framework for orchestrating containerized applications, allowing you to:
- Scale: Automatically scale your applications up or down based on demand.
- Deploy: Roll out new versions of your application without downtime.
- Manage: Efficiently manage and distribute workloads across clusters of machines.
- Maintain: Handle failovers and ensure high availability.
- Control: Define and enforce resource usage policies.
- Automate: Automate many aspects of application management.
Kubernetes Architecture đī¸¶
To understand Kubernetes fully, it's essential to grasp its architecture. Kubernetes consists of several major components and concepts working together seamlessly to create a powerful container orchestration system.
Let's dive into these major components and explore some example commands for managing them:
K8s Cluster đ¶
A Kubernetes cluster is the foundation of your container orchestration environment. It's a set of machines, physical or virtual, that run your containerized applications. The cluster is divided into two main components: the control plane and the nodes.
Control Plane đšī¸¶
The control plane is the brain of the Kubernetes cluster. It manages and controls all the nodes and containers within the cluster. It consists of several key components:
Kube API Server đ¶
The Kubernetes API server is the entry point for all administrative tasks. It exposes the Kubernetes API, which administrators, developers, and other services interact with to manage and control the cluster.
kubectl get pods --namespace=kube-system
Etcd (DB) đī¸¶
Etcd is a distributed key-value store used to store all cluster data. It serves as Kubernetes' backing store for all cluster configuration data, ensuring consistency and high availability.
kubectl get etcd --namespace=kube-system
Kube Scheduler đ ¶
The scheduler is responsible for distributing work (containers) across multiple nodes in the cluster. It considers factors like resource requirements and constraints to make intelligent decisions.
kubectl get pods --namespace=kube-system -o wide
Kube Controller Manager đ´ī¸¶
The controller manager runs controller processes that regulate the state of the system. These controllers ensure that the cluster moves towards the desired state and handles events like node failures or application scaling.
kubectl get nodes
Node Components đĨī¸¶
Nodes are the worker machines that run containerized applications. Each node in the cluster has the following components:
Kubelet đ§ââī¸¶
The kubelet is an agent that runs on each node. It ensures that containers are running in a Pod, a basic deployable unit in Kubernetes. Kubelet communicates with the control plane to manage containers on the node.
kubectl get nodes
Kube Proxy đ¶
Kube Proxy is responsible for network connectivity. It maintains network rules on nodes and performs network proxying for services in the cluster.
kubectl get services
Container Runtime đŗ¶
The container runtime is the software responsible for running containers. Kubernetes supports various container runtimes, including Docker, containerd, and CRI-O.
kubectl get pods
CoreDNS âī¸¶
CoreDNS is a lightweight, flexible, and extensible DNS server that Kubernetes uses for service discovery within the cluster.
kubectl get svc --namespace=kube-system
Kubectl đ ī¸¶
Kubectl is the command-line tool used to interact with Kubernetes clusters. It allows you to create, inspect, update, and delete resources in your cluster.
kubectl version
Kubernetes Objects (Resources) đĻ¶
Kubernetes uses a declarative configuration model. You describe the desired state of your applications and infrastructure using Kubernetes objects or resources. Here are some of the essential types of Kubernetes objects along with example commands for managing them:
Workloads đŧ¶
Workloads represent your applications and their components. Common workload objects include:
- Deployment: Manages the deployment and scaling of Pods.
kubectl create deployment my-deployment --image=my-image:v1
- ReplicaSet: Ensures a specified number of replicas of a Pod are running.
kubectl scale deployment my-deployment --replicas=3
- StatefulSet: Manages stateful applications with unique network identities.
kubectl get statefulsets
- Pod: The smallest deployable unit in Kubernetes.
kubectl get pods
- DaemonSet: Ensures that all or some nodes run a copy of a Pod.
kubectl get daemonset
- ScheduledJob: Runs Jobs periodically.
kubectl get scheduledjobs
- Job: Runs a specified task to completion.
kubectl get jobs
- CronJob: Runs Jobs on a schedule.
kubectl get cronjobs
Services đ¶
Services define networking rules to access your application. They include:
- Service: Exposes a set of Pods as a network service.
kubectl expose deployment my-deployment --port=80 --target-port=8080 --type=LoadBalancer
- Service Types: ClusterIP, NodePort, LoadBalancer.
kubectl get services
- IngressController and Ingress: Manages external access to the services.
kubectl get ingresses
- Labels and Selectors: Labels are used to select and organize objects.
kubectl get pods -l app=my-app
Configuration âī¸¶
Configuration objects help manage application configuration data:
- Secrets: Store sensitive information, like passwords or API keys.
kubectl create secret generic my-secret --from-literal=username=myuser --from-literal=password=mypassword
- ConfigMaps: Store configuration data as key-value pairs.
kubectl create configmap my-config --from-literal=key1=value1 --from-literal=key2=value2
- KubeConfig: Configure access to Kubernetes clusters.
kubectl config set-context my-context --cluster=my-cluster --user=my-user
Storage đī¸¶
Storage objects manage data storage:
- Volumes and PVC: Provide storage for Pods.
kubectl get pv
- Storage Classes: Define different classes of storage.
kubectl get storageclass
Security đ¶
Security objects help secure your cluster:
- RBAC (Role-Based Access Control): Control access to resources based on roles.
kubectl create clusterrole my-role --verb=get,list --resource=pods
- Service Accounts: Manage permissions for Pods.
kubectl create serviceaccount my-serviceaccount
Set Resource Limits âī¸¶
You can set resource limits on Pods to manage resource usage effectively.
kubectl set resources deployment/my-deployment --limits=cpu=500m,memory=256Mi
Health Checks â¤ī¸¶
Kubernetes supports health checks to ensure that your applications are running correctly.
kubectl get pods --field-selector=status.phase=Running