Kubernetes is an open-source container orchestration tool that offers scalability, no software downtime, and disaster recovery like backups and restores. It is also peculiar for its automated deployment features and comprehensive management of containerized applications like Docker, contained, and CRI-O, to name a few, in all or any environment, for example, on-premises, hybrid, and Cloud environments.
Kubernetes Architecture
The Cluster has One Master Node, which can be running on either a Docker Container or a Virtual Machine, depending on preference. The master Node is connected to Worker Nodes (it has multiple Worker Nodes )—Node1, Node2, and Node3—where applications are running.
In each Node, a kubelet process is running, allowing the execution of tasks on each worker node (running application processes)and excellent cluster Communication among nodes. Each Node has multiple Docker containers with different applications running on them.
In the Controller Node, several Kubernetes processes run, which helps manage the Cluster effectively. The processes include;
- API server—This is also a container. It is the entry point to the Kubernetes Cluster (where Kubernetes clients will communicate), either the user interface using the Kubernetes Dashboard, API using Scripts, or CLI using automation.
- Controller Manager – It keeps track of activities in the Cluster, such as container restart or repair.
- Scheduler – scheduling containers on different node-assigning process tasks to worker nodes based on workload.
- etcd – stores configuration data and holds current status data for each Node and container of each Node. Backup snapshots are from etcd for recovery.
Kubernetes Components
A web application and a Database make a complete Kubernetes component.
- The Pod is the smallest unit in Kubernetes, an abstraction over a container that creates a running environment or layer on top of a container. One main Application runs in a pod. Each Pod has its IP address, which can communicate with each other like DB + WebApp.
- The service has a static IP address attached to each Pod (WebApp pod and DB Pod); however, the IP address does not change when the Pod restarts or has been restored. The Pod and service are not connected.
- Ingress helps applications be accessible through a browser, thus creating an external service that opens communication from external sources. However, it is best to make an Internal Service to avoid exposure to databases online, which often is specified when creating http://nodeIPaddress:port or http://192.168.1.13:27017, but with Ingress, it forwards IP to services, thus having a secured protocol with a domain name “https://myWebApp.com”
- ConfigMap is a DB endpoint used to communicate with a Database URL. The database URL is in the built Application; it is an external configuration of your Application with a database user and password that connects to Pod.
- Secret stores credentials of the Pod like Username and Password, SSL certificates, and its stored base64 code format for security purposes and connect to Pod
- -Data Storage — Attached is an external physical HDD on a local machine or remote
- Deployment – A clone of the Application connects to the same service, and a service serves as a load balancer.
For a second replica, define a blueprint for Pods to specify how many replicas you want to run; the blueprint is the Deployments.
Database replica can’t be deployed because it is stateful.
- Stateful sets are mainly used for databases and stateful applications.
- Daemon set
Kubernetes Configurations
Goes through API SERVER: UI, API, CLI
Kubernetes configurations are a key part of managing containerized applications. These configurations are defined through YAML or JSON files and help describe the desired state of your application, including deployments, services, storage, and more.
Common Kubernetes configurations
1. Pod Configuration
apiVersion: v1
kind: Pod
metadata:
name: my-pod
labels:
app: my-app
spec:
containers:
- name: my-container
image: nginx:latest
ports:
- containerPort: 80
2. Deployment Configuration
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
labels:
app: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: nginx:latest
ports:
- containerPort: 80
3. Service Configuration
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
selector:
app: my-app
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancer
4. ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
data:
app.properties: |
key1=value1
key2=value2
5. Secret
Secret is used to manage sensitive information like passwords and API keys
apiVersion: v1
kind: Secret
metadata:
name: my-secret
type: Opaque
data:
username: dXNlcg== # base64-encoded
password: cGFzc3dvcmQ= # base64-encoded6. Ingress
Ingress manages HTTP and HTTPS traffic to services
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress
spec:
rules:
- host: myapp.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-service
port:
number: 807.PersistentVolume (PV) and PersistentVolumeClaim (PVC)
PersistentVolume
apiVersion: v1
kind: PersistentVolume
metadata:
name: my-pv
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data
PersistentVolumeClaim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: my-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 500Mi
