Container and Container Image

• Container is an abstraction on application layer that packages application code, dependencies (i.e. libraries, runtime) and configurations together
• Application code, its dependencies (libraries, runtime) and configurations are packaged into a binary called a container image
• Details:
  • what is container
  • What is container image?

Docker

See; what is docker?

Kubernetes

• Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation
• Kubernetes (K8s) is the container orchestration tool
  • A container orchestrator is a system that automatically deploys and manages containerized apps
  • Orchestration is the automated configuration, management and coordination of applications, and services
• Kubernetes abstracts away complex container management and provides us with declarative configuration to orchestrate containers in different compute environments
• Kubernetes is a portable, extensible open-source platform for managing and orchestrating containerized workloads
• As Kubernetes is a container orchestrator, it needs a container runtime in order to orchestrate. Docker is mostly used container runtime
• Modular, pluggable, hookable, composible

Kubernetes abstracts away complex container management tasks, and provides you with declarative configuration to orchestrate containers in different computing environments.

Kubernetes Cluster

• A cluster is a set of computers that you configure to work together and view as a single system
• A Kubernetes cluster is a set of nodes that run containerized applications
• Kubernetes clusters are comprised of one master node and a number of worker nodes
• Each node in a cluster can be either physical server of Virtual Machine

Node

• A node may be a virtual or physical machine, depending on the cluster
• Kubernetes runs your workload by placing containers into Pods to run on Nodes
• Each node is managed by the control plane and contains the services necessary to run Pods

Typically you have several nodes in a cluster, but you might have only one node.

Master node

• The master node controls the state of the cluster; for example, which applications are running and their corresponding container images
• A master node is a node which controls and manages a set of worker nodes (workloads runtime) and resembles a cluster in Kubernetes

Worker nodes

• The worker nodes are the components that run containerized applications
• Tasks are assigned to worker nodes

Kubernates Compnents or Kubernates Resources

• Things that makes Kubernates Workloads to work are called “Kubernates Objects” or “Kubernates Compnents” or “Kubernates Resources”
• Example: Service Object or Service Compnent
• “Kubernates Objects” or “Kubernates Compnents” are created using manifest file (yaml or json)

Pod

• Unlike in a Docker environment, you can’t run containers directly on Kubernetes. You package the container into a Kubernetes object called a pod
• A pod is the smallest object that you can create in Kubernetes
• A pod represents a single instance of an app running in Kubernetes
• Pod is an abstraction over container in context of Kubernetes
• Pods are the smallest, most basic deployable objects in Kubernetes
• A Pod represents a single instance of a running process in your cluster
• Pods contain one or more containers, such as Docker containers. When a Pod runs multiple containers, the containers are managed as a single entity and share the Pod’s resources
• Each Pod is it’s own self-contained server
• A single pod can hold a group of one or more containers. However, a pod typically doesn’t contain multiples of the same app

Endpoint

• An endpoint in Kubernetes can be considered as an object-oriented representation of a REST API endpoint that is populated on the Kubernates API server. Thus, the ‘endpoint’ in terms of Kubernetes is the way to access its resource (e.g. a Pod) - the resource behind the ‘endpoint’
• In other words, an endpoint is a socket (IP + Port) used by service to access/communicate to Pod
• Pods expose themselves through endpoints to a service
• See: https://stackoverflow.com/q/52857825/4802664

Service

• Also called “Service Object”
• Each Pod would have a service in-front of it
• Service would have IP address and Pods communicate with each other using that IP address
• See details: Kubernetes Service Component

Control Plane

• Kubernetes control plane is a collection of services that manage the orchestration functionality in Kubernetes
• The container orchestration layer that exposes the API and interfaces to define, deploy, and manage the lifecycle of containers
• A set of components for managing the overall cluster

Kubernetes Cluster Compnents

• Control Plane Components:
  • API Server:
    • Exposes the Kubernetes API
    • Exposes a REST interface to all Kubernetes resources
    • Serves as the front end of the Kubernetes control plane
    • All the communication between the components in Kubernetes is done through this API
  • Cube Controller Manager:
    • In Kubernetes, a controller is a control loop that watches the shared state of the cluster through the apiserver and makes changes attempting to move the current state towards the desired state
    • Runs controller processes and reconciles the cluster’s actual state with its desired specifications
    • Manages controllers such as node controllers, endpoints controllers and replication controllers
  • Cloud Controller Manager: A Kubernetes control plane component that embeds cloud-specific control logic
  • Scheduler:
    • Watches for newly created Pods with no assigned node, and selects a node for them to run on
    • Places containers according to resource requirements and metrics. Makes note of Pods with no assigned node, and selects nodes for them to run on
  • Etcd:
    • Stores all cluster data. Consistent and highly available Kubernetes backing store
    • Consistent and highly-available key value store used as Kubernetes’ backing store for all cluster data
• Node Components:
  • Kubelet:
    • The kubelet is the agent that runs on each node in the cluster, and monitors work requests from the API server
    • Ensures that containers are running in a Pod by interacting with the Docker engine
    • The default program for creating and managing containers
    • Takes a set of provided PodSpecs and ensures that their corresponding containers are fully operational
  • Kube Proxy:
    • Manages network connectivity and maintains network rules across nodes
    • kube-proxy maintains network rules on nodes. These network rules allow network communication to your Pods from network sessions inside or outside of your cluster
    • Implements the Kubernetes Service concept across every node in a given cluster
  • Container Runtime: The container runtime is the software that is responsible for running containers

The master node runs Control Plane Components, and the worker nodes run Node Components.

ReplicaSet

A Replica Set’s purpose is to maintain a stable set of replica Pods running at any given time.

Desired State

• The state of a cluster to run target worload properly
• A desired state is defined by configuration files made up of manifests, which are JSON or YAML files that declare the type of application to run and how many replicas are required to run a healthy system
• The cluster’s desired state is defined with the Kubernetes API

Example: thermostat
When you set the temperature, that’s telling the thermostat about your desired state. The actual room temperature is the current state. The thermostat acts to bring the current state closer to the desired state, by turning equipment on or off.

Desired State in K8s
In Kubernetes, controllers are control loops that watch the state of your cluster, then make or request changes where needed. Each controller tries to move the current cluster state closer to the desired state.

Deployment

• Provides declarative management for Pods and Replica Sets
• Deployments own and manage their ReplicaSets
• See:
  • https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
  • https://www.redhat.com/en/topics/containers/what-is-kubernetes-deployment

Dashboard

• Dashboard is a general purpose, web-based UI for Kubernetes clusters
• It allows users to manage and troubleshoot applications running in the cluster, as well as the cluster itself

kubectl

• Kubernetes provides a command-line tool called kubectl to manage your cluster
• You use kubectl to send commands to the cluster’s control plane, or fetch information about all Kubernetes objects via the API server

Manifest File

• Configuration file (Manifest file)
  • Blueprint for creating Pods
  • Declarative
  • Used to achieve desired state
• JSON or YAML file

Namespace

• Kubernetes supports multiple virtual clusters backed by the same physical cluster. These virtual clusters are called namespaces
• A K8s namespace is a logical clusters within physical cluster