Sunday, December 29, 2024

Kubernates

Kubernetes Architecture Diagram


Kubernetes architecture is designed to manage and orchestrate containerized applications efficiently. It consists of a Master Node (control plane) and multiple Worker Nodes, along with various components that communicate and collaborate to ensure application reliability, scalability, and high availability.




 

Kubernetes Architecture Overview

1. Master Node (Control Plane)

The master node is responsible for managing the cluster, maintaining the desired state of applications, and scheduling workloads.

Key Components of the Master Node

  1. API Server:

    • Acts as the cluster's front-end.
    • Receives REST API requests from users, tools, and other components.
    • Validates and processes the requests, and updates the cluster's state in etcd.

  2. Scheduler:

    • Assigns work (Pods) to worker nodes based on resource availability, constraints, and policies.
    • Ensures efficient utilization of cluster resources.

  3. Controller Manager:

    • Runs various controllers (control loops) to ensure the desired state of the cluster.
    • Types of controllers:
      • Node Controller: Monitors node health.
      • Replication Controller: Ensures the desired number of pod replicas.
      • Endpoint Controller: Manages service and pod relationships.
      • Service Account Controller: Manages service accounts and API tokens.

  4. etcd:

    • A distributed key-value store used for storing cluster state and configuration data.
    • Provides consistency and high availability for cluster metadata.

2. Worker Node

Worker nodes run application workloads and manage containers. Each worker node is responsible for running Pods.

Key Components of a Worker Node

  1. Kubelet:

    • An agent that runs on each worker node.
    • Ensures containers are running in the desired state as specified by the control plane.
    • Communicates with the API Server.

  2. Container Runtime:

    • Software responsible for running containers (e.g., Docker, containerd, CRI-O).
    • Interfaces with Kubernetes using the Container Runtime Interface (CRI).

  3. Kube Proxy:

    • Manages networking for Pods.
    • Implements network rules to allow communication between Pods and Services.
    • Supports various networking modes (e.g., IP tables or IPVS).

  4. Pod:

    • The smallest deployable unit in Kubernetes, which encapsulates one or more containers, storage resources, and networking.
    • All Pods on a worker node are scheduled by the Master Node.

3. Add-Ons

Additional components that extend Kubernetes functionality:

  • Dashboard: A web UI for managing and monitoring the cluster.
  • DNS: Internal DNS for resolving service names within the cluster.
  • Ingress Controller: Manages HTTP and HTTPS traffic to applications.
  • Monitoring Tools: Tools like Prometheus or Grafana for monitoring.
  • Logging: Centralized logging solutions like Fluentd or Elasticsearch.

Key Concepts

1. Pod

  • The smallest deployable unit in Kubernetes.
  • Encapsulates containers, shared storage, and network.

2. Service

  • Exposes a group of Pods as a network service.
  • Types:
    • ClusterIP (default): Internal access within the cluster.
    • NodePort: External access via a node's IP and a static port.
    • LoadBalancer: External access via a cloud provider's load balancer.

3. Ingress

  • Manages external access to services, usually HTTP/HTTPS.

4. ReplicaSet

  • Ensures a specified number of pod replicas are running at all times.

5. Deployment

  • Manages updates, rollbacks, and scaling of applications.

6. Namespace

  • Logical partitioning for resource isolation and organization.

Benefits of Kubernetes Architecture

  1. High Availability: Redundancy at multiple levels ensures no single point of failure.
  2. Scalability: Automatically scales applications based on demand.
  3. Flexibility: Supports hybrid and multi-cloud deployments.
  4. Self-Healing: Automatically restarts or replaces failed containers.

Cluster Information

kubectl cluster-info                     # View cluster info
kubectl get nodes                        # List nodes in the cluster
kubectl get componentstatuses            # Check cluster components' health

Namespaces

kubectl get namespaces                   # List all namespaces
kubectl create namespace <name>          # Create a namespace
kubectl delete namespace <name>          # Delete a namespace
kubectl config set-context --current --namespace=<name>  # Set default namespace

Pods

kubectl get pods                         # List all pods in the current namespace
kubectl get pods -n <namespace>          # List pods in a specific namespace
kubectl describe pod <pod-name>          # Detailed information about a pod
kubectl logs <pod-name>                  # View logs of a pod
kubectl exec -it <pod-name> -- /bin/bash # Access a pod's shell
kubectl delete pod <pod-name>            # Delete a pod
kubectl get pods --field-selector=status.phase=Running  # List running pods

Deployments

kubectl get deployments                  # List deployments
kubectl describe deployment <name>       # Detailed deployment information
kubectl apply -f deployment.yaml         # Apply a deployment configuration
kubectl scale deployment <name> --replicas=<count>  # Scale a deployment
kubectl rollout restart deployment/<name>  # Restart deployment pods
kubectl edit deployment <name>
kubectl delete deployment <name>         # Delete a deployment

Services

kubectl get services                     # List all services
kubectl describe service <name>          # Detailed service information
kubectl expose deployment <name> --type=NodePort --port=8080  # Expose a deployment
kubectl apply -f service.yaml            # Apply a service configuration
kubectl delete service <name>            # Delete a service

ConfigMaps & Secrets

kubectl get configmaps                   # List all ConfigMaps
kubectl create configmap <name> --from-literal=key=value  # Create a ConfigMap
kubectl describe configmap <name>        # Detailed ConfigMap information
kubectl delete configmap <name>          # Delete a ConfigMap

kubectl get secrets                      # List all Secrets
kubectl create secret generic <name> --from-literal=key=value  # Create a Secret
kubectl describe secret <name>           # Detailed Secret information
kubectl delete secret <name>             # Delete a Secret

Ingress

kubectl get ingress                      # List all Ingress rules
kubectl apply -f ingress.yaml            # Apply an Ingress configuration
kubectl delete ingress <name>            # Delete an Ingress

YAML File Templates

Pod YAML

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
  labels:
    app: my-app
spec:
  containers:
  - name: my-container
    image: nginx
    ports:
    - containerPort: 80

Deployment YAML

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx
        ports:
        - containerPort: 80

Service YAML

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
  type: NodePort

Ingress YAML

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              number: 80

Advanced Commands

Config & Resources

kubectl get all                          # Get all resources in the namespace
kubectl top nodes                        # Show resource usage of nodes
kubectl top pods                         # Show resource usage of pods
kubectl apply -f <file>                  # Apply configuration from a file
kubectl edit <resource> <name>           # Edit a resource interactively
kubectl delete -f <file>                 # Delete resources defined in a file

Debugging

kubectl describe <resource> <name>       # Detailed info about a resource
kubectl logs <pod-name>                  # Fetch logs from a pod
kubectl logs <pod-name> -c <container>   # Logs for a specific container
kubectl exec -it <pod-name> -- <command> # Run commands inside a container
kubectl get events                       # View cluster events

Rollouts

kubectl rollout status deployment/<name>    # Check rollout status
kubectl rollout undo deployment/<name>      # Rollback to a previous version




at No comments:
Subscribe to: Posts (Atom)

Security Certificates

  1. Cryptography Basics Understand Key Concepts : Encryption, decryption, hashing, and digital signatures. Key terms: confidentiality, inte...

  • MicroServices
     Micro Service 12 Factor The Twelve-Factor App is a methodology for building software-as-a-service apps Codebase : One codebase tracked in v...
  • Authentication & Authorization
    Key words   Knowledge Factor Possession Factor Inherence Factor All individual factors are not secure, because if any factor comprimise. So,...
  • AWS
      What is IAM rules. Lambda Pros / Cons [ColdStart Latency]. How many ways we can invoke a lambda SQS VS SNS S3 usage and different types of...