Introduction of Kubernetes

The popularity of microservice frameworks makes services more and more refined and more and more services become available, posing great challenges to release and management. The birth of Docker provides a good foundation for resource management and control of microservices. Containerization can solve the deployment of different language environments, high portability, cross-platform deployment, etc. However, Docker is not so convenient for the orchestration of container services, because Docker lacks this aspect, and Kubernetes was born. Kubernetes is a portable and extensible open source platform for managing containerized workloads and services, which can promote declarative configuration and automation.

Using Kubernetes brings those conveniences

  • Rapid Deployment of Applications
  • It is easy to scale horizontally or vertically
  • Release new app versions seamlessly
  • Resource utilization maximization
  • The application stops and restarts automatically

Kubernetes characteristics

  • Portable: support public cloud, private cloud, hybrid cloud, multi-cloud
  • Extensible: modular, plug-in, can be mounted, can be combined
  • Automation: Automatic deployment, automatic restart, automatic replication, and automatic scaling/expansion

Why is Kubernetes needed and what can it do?

Containers are a great way to package and run applications. In a production environment, you need to manage the containers in which your applications are running and ensure that there is no downtime. For example, if one container fails, you need to start another container. Would it be easier if the system handled this behavior?

That’s how Kubernetes came to the rescue! Kubernetes provides you with a framework for running distributed systems flexibly. Kubernetes will accommodate your scaling requirements, failover, deployment patterns, and more.

Kubernetes offers you:

  • Service discovery and load balancing: Kubernetes can expose containers using DNS names or their own IP addresses. If there is a lot of traffic to the container, Kubernetes can load balance and distribute network traffic to make the deployment stable.
  • Store layout: Kubernetes allows you to automatically mount the storage system of your choice, such as local storage, public cloud provider, etc.
  • Automatic deployment and rollback: You can use Kubernetes to describe the desired state of a deployed container, which can change the actual state to the desired state at a controlled rate. For example, you can automate Kubernetes to create new containers for your deployment, remove existing containers, and use all of their resources for the new container.
  • Container Resource QuotaKubernetes allows you to specify the CPU and memory (RAM) required for each container. When the container specifies resource requests, Kubernetes can make better decisions to manage the container’s resources.
  • self-healing: Kubernetes restarts containers that fail, replaces containers, kills containers that do not respond to user-defined health checks, and does not notify clients until the service is ready.
  • Key and configuration management: Kubernetes allows you to store and manage sensitive information such as passwords, OAuth tokens, and SSH keys. You can deploy and update the key and application configuration without recreating the container image and without exposing the key in the stack configuration.
  • The configuration fileKubernetes can use ConfigMap to store configurations.

Kubernetes basic resource definition and understanding

Everything is a resource, everything can be described, everything can be managed.

NameSpaces

Namespaces. In a Kubernetes cluster, you can create multiple “virtual clusters” with namespaces, which can be completely isolated from each other, or you can somehow allow services in one namespace to access services in other namespaces.

Deployment

Deployment provides a declarative definition method for Pod and ReplicaSet to replace ReplicationController for easy application management. Typical application scenarios include:

  • Define Deployment to create Pod and ReplicaSet
  • Rolling updates and rolling back applications
  • Capacity expansion and reduction
  • Suspend and continue Deployment

Service

Kubernetes Service defines an abstraction: a logical grouping of pods, and a policy to access them — often referred to as microservices. This set of pods can be accessed by a Service, usually through a Label Selector.

Ingress

Ingress is an entry point from outside the Kubernetes cluster to access services inside the cluster. Such as the official maintenance of Ingress Nginx. Ingress Traefik, Ingress HaProxy, etc.

Pod

Pod is the smallest and simplest unit you can create and deploy in Kubernetes. Pod represents the process running in the cluster.

Pods encapsulate application containers (and in some cases several containers), store separate network IP addresses, and manage policy options for how the containers operate. A Pod represents a unit of deployment: an instance of an application in Kubernetes, which may consist of one or more containers grouped together to share resources.

ConfigMap

The ConfigMap API resource is used to store key-value pair configuration data, which can be used in pods or used to store configuration data for system components such as controllers. While ConfigMap is similar to Secrets, ConfigMap makes it easier to handle strings that don’t contain sensitive information. Note: ConfigMaps is not a substitute for properties profiles. ConfigMaps is only used as a reference to multiple properties files. You can think of it as the /etc directory in Linux, which is used to store configuration files.

Secret

Secret solves the configuration problem of sensitive data such as passwords, tokens, and keys without exposing these sensitive data to images or Pod specs. Secret can be used as a Volume or as an environment variable.

Secret comes in three types:

  • Service Account: used to access Kubernetes API, by Kubernetes is automatically created, and will automatically be mounted to the Pod/run/secrets/Kubernetes IO/serviceaccount directory;
  • Opaque: Base64 encoded Secret, used to store passwords, keys, etc.
  • kubernetes.io/dockerconfigjson: is used to store authentication information of the private Docker Registry.

PV and PVC

For continuous data storage, Pod, container destruction, all data will be destroyed, if you want to preserve data, here you need to use PV storage volume, PVC storage volume declaration.

PVC is often used in Deployment for data persistence. You also need to understand the concept of Volume to implement persistent storage.

Volume

The lifetime of files on container disks is short, which makes running important applications in containers problematic. First, when the container crashes, Kubelet will restart it, but the files in the container will be lost-the container will restart in a clean state (the original state of the image). Second, when you run multiple containers simultaneously in a Pod, you typically need to share files between those containers. Volume abstraction in Kubernetes solves these problems nicely.

Labels and Selectors

Labels and selectors. The Selector function is used to label each container, and then each controller matches the container by Selector and manages it. For example, Deployment or Service matches the corresponding Pod in this way.

readme

The above just introduces Kubernetes several commonly used resource concepts and functions, specific introduction can refer to Kubernetes official documents.

Refer to the link

  • https://kubernetes.io/docs/home/
  • https://jimmysong.io/kubernetes-handbook
  • https://www.jianshu.com/p/b5b9041e8d7b

This article is published by YP station!