Kubernetes is a Container Orchestration Engine(COE).
Containers are solution for deploying and running application reliably. Containers work as a standardized packages for an application, that includes libraries, executables, tools, settings, all other things that the application depends on.
But just having the application containarized is not enough for a scalable application. Lots of other things that needs to be done to run and manage those containers effeciently and reliably.
Why do we need a container orchestration engine?
Tools like Docker are great for containerizing an application. But these tools are mostly limited to containerizing, building images, and providing isolated runtime environments.
Container orchestration allows us to run container workloads at scale in a production-like environment.
There are many container orchestration tools, like-
- Kubernetes
- Docker Swarm
- Apache Mesos(Marathon)
These orchestration tools are used to manage the lifecycle of containers at a large scale, from their creation to deletion.
Kubernetes(also known as K8s) was built by Google, and is the most popular container orchestration system.
Kubernetes => K8s
Container Orchestration Engine(COE)
COE provides 2 main functionalities-
- Clustering
- Scheduling
Clustering
There is a master server, and there are worker nodes. The master server works as a cluster manager. The workers join the cluster with the help of the master server.
Scheduling
We define the configuration and submit it to the COE, and the COE finds the nodes to schedule the containerized apps.
Here are other responsibilities of the COE-
- Scalability
- Load balancing
- Fault tolerance
- Deployment
Pros and Cons of using Kubernetes
Pros of Kubernetes
Cons of Kubernetes
Component Configuration
To create components (like pods, deployments, etc.) in Kubernetes, we write our configuration in a YAML file. And those configuration follows the same(similar) pattern.
Main/root elements in a Kubernetes component configuration YAML files are –
NOTE
To remember the components of a K8s configuration, just remember-
AKMS
Here is the configuration file for creating a Pod-
# simple-nginx.yml
apiVersion: v1
kind: Pod
metadata:
name: simple-nginx
labels:
app: web
type: ui
tier: frontend
env: staging
spec:
containers:
- name: nginx
image: nginx:1.25-alpine
ports:
- containerPort: 80 NOTE
Labeling is Important
Labels are the way the service identifies the pods.
NOTE
Spec configuration is similar to Docker Compose
Here we have just one container in the Pod.
To run multiple containers, just add the container configuration inside the “containers” array of the “specs“.
Key Kubernetes Concepts
Here is the full list of topics, we are discussing-
- Kubernetes Intorduction – overview and key concepts
- Cluster
- Setup for Development
- Minikube
- Kind(Kubernetes in Docker)
- MicroK8s
- Setup for Production
- kubeadm
- kops
- EKS
- GKE
- AKS
- Auto-scaling (HPA, VPA, Cluster Autoscaler)
- Setup for Development
- Node
- Kubelet
- Kube-proxy
- Container runtime
- Control Plane(Master)
- Kube-apiserver
- etcd
- Kube-scheduler
- Kube-controller-manager
- Pod
- Deployments
- StatefulSets
- DaemonSets
- Jobs
- CronJobs
- Label
- Annotation
- Label Selector
- Replication controller and Replica set
- Service
- ClusterIP
- NodePort
- LoadBalancer
- Headless Services
- Volume
- Configuration and Secrets
- ConfigMaps
- Secrets
- Environment Variables
- Volume Mounts
- Kubernetes Downward API
- Namespace
- Networking
- Network Policies
- DNS
- CNI(Container Network Interface)
- Ingress (Controller and Resources)
- Storage
- Volumes and Volume Types
- Persistent Volumes(PV) and Persistent Volume Claims(PVC)
- StorageClasses and Dynamic Provisioning
- CSI(Container Storage Interface)
- Security
- Authentication and Authorization
- RBAC(Role-Based Access Control)
- Pod Security Policies
- Secret Encryption
- ServiceAccounts
- Logging and Monitoring
- Metrics Server and Resource Usage
- Prometheus and Grafana
- Logging with EFK/ELK Stack
- Liveness and Readiness Probes
- Events and Troubleshooting
- OpenTelemetry
- Helm and Package Management
- Helm Introduction
- Charts, Repositories, Values
- Creating and Managing Helm Charts
- Helmfile / Alternatives (Kustomize, ArgoCD)
- Operators
- Tools
- kubectl Tips and Tricks
- K9s, Lens, Octant
- Skaffold, Tilt, Garden
- Telepresence
Deployment Strategies
These are must-know for CI/CD and zero-downtime delivery:
- Rolling Update (default in Deployments)
- Recreate Strategy
- Blue-Green Deployment
- Canary Deployment
- A/B Testing
- Shadow Deployment
Kubernetes Patterns
- Foundational Patterns
- Init Container Pattern
- Sidecar Pattern
- Ambassador Pattern
- Adapter Pattern
- Work Queue Pattern
- Application Architecture Patterns
- Microservices
- Monolith in a Pod
- Modular Monolith (via multiple containers in a pod)
- Event-driven / Messaging Pattern
- Scalability Patterns
- Pod Disruption Budget
- Cluster Autoscaling Pattern
- Horizontal Pod Autoscaling (HPA)
- Vertical Pod Autoscaler (VPA)
- Circuit Breaker Pattern
- Retry + Timeout Pattern
- Security Patterns
- Least Privilege Access Pattern
- Security Context Pattern
- Immutable Image Pattern
- Ephemeral Containers for Debugging
- GitOps Patterns
- Pull-based deployment
- Environment-based Git branching strategies.
- Declarative Infrastructure Pattern