# Kubernetes Workshop Intro to Kubernetes --- # Agenda - What is Kubernetes? - What does it do? - How does it even work? - Demo - Resources --- # What is Kubernetes? --- A portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. --- # What does it do? --- It allows us to to manage our applications as containers, and orchestrate them by leveraging fancy rules, for example auto-healing, auto-scaling and rolling updates. --- - Provides a runtime environment for containers - Scales and load balances containers - Abstracts away the underlying infrastructure - Monitors and health checks containers - Updates containers - Provides service discovery and exposure --- ## A history - Google project first announced in mid-2014 (was codenamed "Borg" before) - Released and open sourced in 2014 - The name (κυβερνήτης) is greek for "helmsman" or "pilot" - Implemented in Go, and possibly one of the [largest Go projects so far](https://github.com/kubernetes/kubernetes) --- # How does it even work? --- We run a number of components on all the machines which make part of our cluster. These components are Go binaries, and can be run as containers or as services in the underlying operating system. --- ## High level overview  --- ## The Master or Controlplane node ---  kube-apiserver exposes a REST API that users and other components use to communicate with the cluster. ---  ETCD is a distributed KV store where Kubernetes stores all its information: what nodes exist, what resources exist on the cluster, and so on. ---  kube-controller-manager runs a set of processes (controllers) that are responsible for maintaining the state of other kubernetes objects, like Deployments. ---  cloud-controller-manager interacts with the cloud provider (in cloud-based clusters), managing resources such as load balancers and disk volumes. ---  kube-scheduler is responsible for finding the right node where to run particular workloads. It does so by leveraging some pretty complex algorithms. --- ## The Worker node ---  kubelet is an agent running on all nodes. It ensures pods are running. ---  kube-proxy maintains network rules on nodes, and plays a big part in service discovery. ---  --- ## Some extra pieces of trivia - Communication between all components is encrypted - kube-apiserver is the only one communicating with ETCD - A highly available setup would have 3 or 5 controlplane nodes - If for some reason the controlplane node is not available anymore, the nodes and anything deployed on them will keep working --- ## Kubectl To interact with the cluster, we use [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) ``` $ kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-1 Ready master 17h v1.19.4 k8s-2 Ready <none> 17h v1.19.4 k8s-3 Ready <none> 17h v1.19.4 ``` --- ## Kubernetes objects Kubernetes objects are persistent entities in the Kubernetes ecosystem. Such entities represent the state of the cluster, and are written in YAML format. ``` apiVersion: ... kind: ... metadata: name: ... spec: ... ``` --- # Demo 3 VMs provisioned via Vagrant + VBox. These were setup and bootstrapped with [kubeadm](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/). --- ## Example: Expose an nginx webserver --- ## Pods Pods are the smallest deployable units of computing that we can create and manage in Kubernetes. They can run one or more containers. --- ``` # Example of a pod using an nginx image apiVersion: v1 kind: Pod metadata: labels: run: nginx-pod name: nginx-pod spec: containers: - image: nginx:1.17 name: nginx-pod ``` --- ## What's going on under the hood? --- A 'pause' container is an essential container which holds the linux network namespace for the pod. It acts as a parent to any other containers which should be run. Ref: [The Almighty Pause Container](https://www.ianlewis.org/en/almighty-pause-container) --- ## Services This object exposes an application running on a set of Pods as a network service. --- ``` apiVersion: v1 kind: Service metadata: labels: app: nginx-service name: nginx-service spec: ports: - name: http nodePort: 30081 port: 80 protocol: TCP targetPort: 80 selector: run: nginx-pod type: NodePort ``` --- ## What's going on under the hood? --- When setting up Kubernetes, we chose a network plugin (weave) which directly interfaces with Linux' `iptables` rules of all machines. Refs: - [Network Plugins in Kubernetes](https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/) - [Weave](https://www.weave.works/docs/net/latest/concepts/) --- ## Pods and services in the default namespace --- # Closing thoughts --- Pros - Using Kubernetes and its huge ecosystem can improve a team's productivity - Helps making our application more stable/bulletproof - Lots of community and professional support --- Cons - Steep Learning curve - Administration overhead, especially if maintaining own cluster - Not worth it for smaller applications/projects --- # Resources - [kubernetes.io](https://kubernetes.io) - [Cloud Native Devops with Kubernetes](https://www.amazon.com/Cloud-Native-DevOps-Kubernetes-Applications/dp/1492040762/ref=sr_1_1?crid=3F7BFMTNBRUL1&dchild=1&keywords=cloud+native+devops+with+kubernetes&qid=1607864321&sprefix=cloud+native+devops%2Caps%2C267&sr=8-1) - [Kubernetes Up and Running](https://www.amazon.com/Kubernetes-Running-Dive-Future-Infrastructure/dp/1492046531/ref=sr_1_1?dchild=1&keywords=kubernetes+up+and+running&qid=1607864298&sr=8-1) - [CKA course](https://github.com/kodekloudhub/certified-kubernetes-administrator-course) - [The Almighty Pause Container](https://www.ianlewis.org/en/almighty-pause-container) - Chris' very very very good [Kubernetes talk](https://drive.google.com/drive/folders/1-QOQNTuF0O2G8e-PqIKDAsA3B9t85fRL) - [kubeadm](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/) - [k8s demo](https://github.com/micuffaro/k8s_demo) --- ## Next? - Setup a wordpress + mysql deployment - Persistent volumes - Ingress + ingress controllers - Kubernetes CI/CD --- ## The end