SlideShare ist ein Scribd-Unternehmen logo

Kubernetes 101 for Beginners

Als PPTX, PDF herunterladen
O
Oktay Esgul

This presentation covers how app deployment model evolved from bare metal servers to Kubernetes World. In addition to theoretical information, you will find free KATACODA workshops url to perform practices to understand the details of the each topics.

Technologie
1 von 76
Kubernetes For Beginners UnrestrictedUnrestricted
Agenda ● Introduction ○ Legacy Systems ○ Docker ○ Docker-Compose ○ Docker-Swarm ○ What isKubernetes? ○ What doesKubernetesdo? ● Architecture ○ MasterComponents ○ NodeComponents ○ Additional Services ○ Kubectl ○ Kube Config ● Concepts ○ Core ○ Workloads ○ Network ○ Storage ○ Configuration ○ Auth and Identity ○ Helm ○ MiniKube ● Behind theScenes ● Deployment fromBeginningto End ● AKS Deployment Demo ○ End to End AKS Deployment
Introduction
Legacy Systems Legacy App Deployment Model on Bare Metal Servers.
Legacy Systems App Deployment on Virtual Machines Overview.
Welcome Docker
Virtual Machines vs Docker Containers
Container:  Containers are an abstraction at the app layer that packages code and dependencies together.  Multiple containers can run on the same machine and share the OS kernel with other containers, each running as isolated processes in user space.  Containers typically take up less space than VMs. Virtual Machines  Virtual machines (VMs) are an abstraction of physical hardware turning one server into many servers.  The hypervisor allows multiple VMs to run on a single machine.  Each VM includes a full copy of an operating system, the application, necessary binaries and libraries - taking up tens of GBs.  VMs can also be slower to boot.
Docker Workshops https://www.katacoda.com/courses/docker/deploying-first-Container https://www.katacoda.com/courses/docker/3 Docker Basics: Dockerize NodeJs:
COMPOSE https://www.katacoda.com/boxboat/courses/df-dev/02-docker-compose Workshop:  Compose is a tool for defining and running multi-container Docker applications.  With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.  Compose is great for development, testing, and staging environments, as well as CI workflows
SWARM https://www.katacoda.com/boxboat/courses/df-ops/01-docker-swarm https://www.katacoda.com/courses/docker-orchestration/getting-started-with-swarm-mode Workshop:  Docker Swarm is a clustering and scheduling tool for Docker containers.  With Swarm, IT administrators and developers can establish and manage a cluster of Docker nodes as a single virtual system.
=
Intro - Whatis Kubernetes? Kubernetes or K8s wasaproject spunout of Googleasaopensource next-gen container scheduler designed with the lessons learned from developing andmanagingBorg andOmega. Kubernetes wasdesignedfromtheground-upasalooselycoupled collection of components centered around deploying, maintaining, and scaling applications.
Intro - What Does Kubernetes do? Kubernetes isthelinuxkernelof distributed systems. Itabstractsawaytheunderlyinghardwareof thenodesandprovides a uniform interface for applicationsto bebothdeployedandconsumethe sharedpool of resources. https://www.katacoda.com/loodse/courses/kubernetes/kubernetes-01-playground Workshop:
Kubernetes Architecture
Architecture Overview Masters -Acts as the primary control plane for Kubernetes. Masters are responsible ataminimumfor runningtheAPI Server, scheduler,andcluster controller. Theycommonly alsomanagestoringcluster state,cloud-provider specific componentsandother cluster essentialservices. Nodes-Are the‘workers’of aKubernetes cluster. They runaminimalagent that manages the node itself, and are tasked with executing workloads as designatedbythemaster.
Architecture Overview
Master Components
Master Components ● Kube-apiserver ● Etcd ● Kube-controller-manager ● Cloud-controller-manager ● Kube-scheduler
kube-apiserver Theapiserverprovides aforward facingRESTinterface into thekubernetes control plane and datastore. All clients, including nodes, users and other applicationsinteract with kubernetes strictly through theAPI Server. It is the true core of Kubernetes acting as the gatekeeper to the cluster by handlingauthenticationandauthorization,requestvalidation,mutation, and admission control in addition to beingthefront-end to thebackingdatastore. kubectl api-resources  to see all api resources
etcd Etcd actsasthecluster datastore;providing astrong,consistent andhighly availablekey-valuestoreusedfor persisting cluster state.
kube-controller-manager The controller-manager is the primary daemon that manages all core componentcontrol loops.Itmonitorsthecluster state viatheapiserverand steersthecluster towardsthedesired state.
cloud-controller-manager The cloud-controller-manager is a daemon that provides cloud-provider specific knowledge andintegration capabilityinto thecorecontrol loop of Kubernetes. The controllers include Node, Route, Service, and add an additional controller to handlePersistentVolumeLabels.
kube-scheduler Kube-scheduler isaverbose policy-rich enginethatevaluatesworkload requirements and attempts to place it on a matching resource. These requirements canincludesuchthings asgeneralhardwarereqs,affinity, anti-affinity, andother customresource requirements.
Node Components
Node Components ● Kubelet ● Kube-proxy ● Containerruntime engine
kubelet Acts as the node agent responsible for managing pod lifecycle on its host. Kubelet understandsYAML containermanifeststhatit canreadfromseveral sources: ● File path ● HTTP Endpoint ● Etcd watchacting onanychanges ● HTTP Servermodeaccepting containermanifestsoverasimpleAPI.
kube-proxy Manages thenetwork rulesoneachnodeandperformsconnection forwarding or loadbalancingfor Kubernetes cluster services. Available ProxyModes: ● Userspace ● iptables ● ipvs(alphain1.8)
Container Runtime With respect to Kubernetes,A containerruntime isaCRI (Container RuntimeInterface) compatible application that executesandmanagescontainers. ● Containerd (docker) ● Cri-o ● Rkt ● Kata(formerlyclearandhyper) ● Virtlet (VM CRI compatible runtime)
Additional Services Kube-dns-Provides cluster wide DNS Services.Servicesareresolvable to <service>.<namespace>.svc.cluster.local. Heapster - Metrics Collector for kubernetes cluster, usedbysomeresources suchastheHorizontal Pod Autoscaler. (required for kubedashboardmetrics) Kube-dashboard -A generalpurpose webbasedUIfor kubernetes.
Kubectl kubectl [command] [TYPE] [NAME] [flags] command: operation to perform (verb) TYPE: the resource type to perform the operation on NAME:Specifies the name of the resource flags:optional flags https://www.katacoda.com/courses/kubernetes/kubectl-run-containers Workshop:
$KUBECONFIG • Multiple configurations files as a list of paths • KUBECONFIG • Append new configurations temporarily https://github.com/ahmetb/kubectx KUBECTX:
https://www.katacoda.com/boxboat/courses/kubernetes-basic/module-2 Workshops: https://www.katacoda.com/loodse/courses/kubernetes/kubernetes-03-cluster- setup App Deployment: KubeAdm
Kubernetes Concepts
Kubernetes Concepts - Core Cluster - A collection of hoststhat aggregate their available resources including cpu,ram,disk, andtheir devicesinto ausablepool. Master - The master(s)represent acollection of components that makeupthecontrol planeof Kubernetes. These components are responsible for all cluster decisions including both schedulingandresponding to cluster events. Node - A singlehost,physicalor virtual capableof runningpods.A nodeismanagedbythe master(s),andat aminimumrunsboth kubelet andkube-proxyto beconsidered part of the cluster. Namespace- A logical cluster or environment. Primarymethodof dividing acluster or scopingaccess.
Concepts - Core(cont.) Label- Key-valuepairs that areusedto identify, describe andgrouptogetherrelated setsof objects.Labelshaveastrict syntaxandavailable characterset.* Annotation - Key-value pairs that contain non-identifying information or metadata. Annotations donot havethethesyntaxlimitations aslabels andcancontainstructured or unstructureddata. Selector - Selectors uselabels to filter or select objects. Bothequality-based(=,==,!=)or simplekey-valuematchingselectorsaresupported. * https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#syntax-and-character-set
Labels: app:nginx tier:frontned Annotations description: “nginxfrontend” Selector: app:nginx tier:frontend Labels, and Annotations, and Selectors
Concepts - Workloads Pod- A podisthesmallestunit of workormanagementresourcewithin Kubernetes.Itis comprised of one or more containers that share their storage, network, and context (namespace, cgroupsetc). ReplicationController - Method of managingpodreplicasandtheir lifecycle. Their scheduling,scaling,anddeletion. ReplicaSet- Next GenerationReplicationController. Supportsset-basedselectors. Deployment - A declarativemethodof managingstatelessPods andReplicaSets. Provides rollback functionalityinaddition to moregranularupdatecontrol mechanisms.
Deployment Contains configuration of how updates or ‘deployments’ should be managed in addition to thepodtemplateusedto generate theReplicaSet. ReplicaSet Generated ReplicaSet fromDeployment spec. https://www.katacoda.com/boxb oat/courses/kf1/03-deployments Workshop:
Concepts - Workloads (cont.) StatefulSet - A controller tailored to managingPods thatmustpersistormaintainstate.Pod identityincluding hostname,network,andstoragewill bepersisted. DaemonSet - Ensuresthat all nodesmatchingcertain criteria will run aninstance of a supplied Pod. Idealfor cluster wide services suchaslog forwarding, orhealth monitoring.
StatefulSet ● Attaches to ‘headeless service’ (notshown)nginx. ● Podsgivenunique ordinalnamesusingthepattern <statefulset name>-<ordinalindex>. ● Createsindependent persistentvolumesbasedon the‘volumeClaimTemplates’.
DaemonSet ● Bypasses defaultscheduler ● Schedulesasingle instanceonevery host while adheringto tolerancesandtaints. https://www.katacoda.com/reselbob/scenario s/k8s-daemonset-w-node-affinity Workshop:
Concepts – Network
Networking - FundamentalRules 1) All Pods cancommunicate with all other Pods withoutNAT 2) All nodescancommunicatewith all Pods (andvice-versa)without NAT. 3) TheIPthataPod seesitself asisthesameIPthatothersseeit as.
Networking - FundamentalsApplied Containers in apodexist within thesamenetwork namespaceandsharean IP;allowingfor intrapod communicationoverlocalhost. Podsaregivenacluster uniqueIPfor thedurationof its lifecycle,butthepods themselvesarefundamentallyephemeral. Services aregivenapersistentcluster uniqueIPthatspansthePods lifecycle. External Connectivity isgenerally handedbyanintegrated cloud provider or other externalentity (loadbalancer)
Networking -CNI Networking within Kubernetes is plumbed via the Container Network Interface(CNI),aninterface betweenacontainerruntime andanetwork implementation plugin. Compatible CNI Network Plugins: ● Calico ● Cillium ● Contiv ● Contrail ● Flannel ● GCE ● kube-router ● Multus ● OpenVSwitch ● OVN ● Romana ● Weave
Concepts - Network Service - Servicesprovide amethodof exposing andconsuming L4 Pod network accessible resources. Theyuselabel selectorsto mapgroupsof podsandports to acluster-unique virtual IP. Ingress - An ingresscontroller is theprimarymethodof exposing acluster service (usually http) to the outside world. These are load balancers or routers that usually offer SSL termination,name-basedvirtualhostingetc.
Service ● Acts astheunified methodof accessingreplicated pods. ● Four majorServiceTypes: ○ CluterIP-Exposesserviceonastrictly cluster-internal IP(default) ○ NodePort-Serviceis exposedoneachnode’sIPonastatically definedport. ○ LoadBalancer -Works in combination with acloudproviderto exposeaserviceoutsidethecluster onastatic externalIP. ○ ExternalName -usedto referencesendpointsOUTSIDE thecluster byprovidingastatic internally referencedDNSname. https://www.katacoda.com/boxboat/courses/kf2/01-services Workshop:
Ingress Controller ● Deployedasapodtooneormorehosts ● Ingresscontrollers areanexternal controller with multipleoptions. ○ Nginx ○ HAproxy ○ Contour ○ Traefik ● Specificfeaturesandcontroller specific configuration is passed through annotations. https://www.katacoda.com/boxboat/courses/kf2/03-ingress Workshop:
Concepts - Storage Volume - Storagethat istied to the Pod Lifecycle, consumablebyoneor more containerswithin thepod. PersistentVolume- A PersistentVolume (PV)represents astorageresource. PVs are commonly linked to abacking storageresource,NFS,GCEPersistentDisk, RBD etc.andare provisionedaheadof time.Their lifecycle ishandledindependently fromapod. PersistentVolumeClaim - A PersistentVolumeClaim(PVC)is arequest for storagethat satisfiesaset of requirements insteadof mappingto astorageresourcedirectly.Commonly usedwith dynamicallyprovisionedstorage. StorageClass - Storageclassesareanabstractionontopof anexternal storageresource. These will include a provisioner, provisioner configuration parameters as well as a PV reclaimPolicy. https://www.katacoda.com/courses/kubernetes/storage-introduction Workshop:
Concepts -Configuration ConfigMap - Externalized data stored within kubernetes that can be referenced as a commandlineargument,environment variable,or injected asafile into avolumemount.Ideal for separatingcontainerizedapplication fromconfiguration. Secret- Functionallyidenticalto ConfigMaps, but stored encoded asbase64,andencrypted at rest (ifconfigured).
ConfigMaps andSecrets ● CanbeusedinPod Config: ○ Injectedasafile ○ Passedasanenvironmentvariable ○ Usedasacontainercommand(requirespassing asenvvar) https://www.katacoda.com/javajon/courses/kubernetes-fundamentals/configmap-secret Workshop:
Concepts - Auth and Identity (RBAC) [Cluster]Role - Roles contain rules that act asaset of permissions that apply verbs like “get”, “list”,“watch” etc over resources that arescopedto apiGroups.Roles arescopedto namespaces, andClusterRolesareapplied cluster-wide. [Cluster]RoleBinding - Grant thepermissionsasdefined in a[Cluster]Role to oneor more “subjects”whichcanbeauser,group,orservice account. ServiceAccount- ServiceAccounts provide aconsumableidentity for podsor external servicesthatinteractwith thecluster directly andarescopedto namespaces. https://www.katacoda.com/boxboat/courses/kf2/04-misc Workshop:
[Cluster]Role ● Permissions translate to url path. With “”defaultingto core group. ● Resourcesactasitemstherole shouldbegrantedaccessto. ● Verbsaretheactionstherole canperform onthereferenced resources.
[Cluster]RoleBinding ● Canreference multiplesubjects ● Subjectscanbeof kind: ○ User ○ Group ○ ServiceAccount ● roleRef targetsasinglerole only.
What is HELM • Package manager • Like yum, apt but for Kubernetes • Search and reuse or start from scratch • Lifecycle Management • Create • Install • Upgrade/Rollback • Delete • Status • Versioning • Benefits • Repeatability • Reliability • Multiple environment • Ease collaboration • Manage Complexity
Kubernetes Cluster Helm Components • Helm Client • Command-line client • Interacts with Tiller Server • Local chart development • Tiller Server • In-cluster • Listens to the Helm client • Interacts with Kubernetes APIServer • Manages the lifecycle Helm Client TillerServer gRPC Kubernetes API Server REST https://www.katacoda.com/javajon/c ourses/kubernetes-pipelines/helm Workshop:
MINIKUBE https://www.katacoda.com/javajon/courses/kubernetes-fundamentals/minikube
Behind The Scenes
Deployment From Beginning toEnd
Kubectl 1)Kubectlperformsclient side validationonmanifest(linting). 2)Manifestispreparedandserialized creating aJSON payload.
APIserver Request Loop 3)Kubectl authenticatesto apiserverviax509,jwt, http authproxy,otherplugins,or http-basic auth. 4)Authorization iteratesoveravailableAuthZ sources:Node,ABAC, RBAC,or webhook. 5)AdmissionControlchecksresourcequotas, othersecurityrelatedchecksetc. 6)Requestisstoredinetcd. 7)Initializersaregiven opportunityto mutate requestbeforethe objectispublished. 8)Requestispublishedonapiserver.
Deployment Controller 9)Deployment Controller isnotified of thenew Deployment viacallback. 10)Deployment Controller evaluatescluster stateand reconciles the desired vs current state and forms a request for thenewReplicaSet. 11)apiserver request loopevaluatesDeployment Controllerrequest. 12)ReplicaSet ispublished.
ReplicaSet Controller 13)ReplicaSetController isnotified of thenewReplicaSet viacallback. 14)ReplicaSet Controller evaluates cluster state and reconciles thedesiredvscurrentstateandformsarequest for thedesiredamountof pods. 15)apiserver request loopevaluatesReplicaSet Controllerrequest. 16)Podspublished, andenter ‘Pending’ phase.
Scheduler 17)Schedulermonitorspublished podswith no ‘NodeName’ assigned. 18)Appliesschedulingrulesandfilters to find a suitablenodeto host thePod. 19)Schedulercreatesabinding of Pod to Node and POSTs toapiserver. 20)apiserver request loopevaluatesPOST request. 21)Pod statusisupdatedwith nodebinding andsets status to‘PodScheduled’.
Kubelet -PodSync 22)Thekubelet daemononeverynodepollstheapiserver filtering for podsmatchingits own‘NodeName’; checkingits currentstate with thedesiredstatepublished throughtheapiserver. 23)Kubelet will thenmovethroughaseries of internal processesto prepare the pod environment. This includes pulling secrets, provisioningstorage,applyingAppArmorprofiles andothervarious scaffolding. During this period,it will asynchronouslybePOST’ing the ‘PodStatus’ to the apiserver through the standard apiserver request loop.
Pause and Plumbing 24)Kubelet thenprovisionsa‘pause’containerviathe CRI (Container RuntimeInterface). The pausecontainer actsastheparent containerfor thePod. 25)The network is plumbed to the Pod via the CNI (Container Network Interface),creating aveth pair attached to the pause container and to acontainer bridge (cbr0). 26)IPAM handledbytheCNI plugin assignsanIPto the pausecontainer.
Kubelet - Create Containers 24)Kubelet pullsthecontainerImages. 25)Kubelet first creates andstartsanyinit containers. 26)Oncetheoptional init containerscomplete,the primarypodcontainersarestarted.
Pod Status 27)Ifthere areanyliveless/readiness probes,theseareexecuted beforethe PodStatus isupdated. 28)Ifall completesuccessfully,PodStatusis set to readyandthecontainer has startedsuccessfully. ThePodisDeployed!
END to END AKS DEMO
Questions?
Resources: 1. https://www.slideshare.net/BobKillen?utm_campaign=profiletracking&ut m_medium=sssite&utm_source=ssslideview 2. https://www.katacoda.com/ 3. https://kubernetes.io/
Kubernetes 101 for Beginners

Empfohlen

Kubernetes PPT.pptx
Kubernetes PPT.pptxKubernetes PPT.pptx
Kubernetes PPT.pptxssuser0cc9131
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewBob Killen
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Crevise Technologies
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introductionSparkbit
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes BasicsRishabh Kumar
 

Empfohlen

Kubernetes PPT.pptx
Kubernetes PPT.pptxKubernetes PPT.pptx
Kubernetes PPT.pptxssuser0cc9131
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewBob Killen
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Crevise Technologies
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introductionSparkbit
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes BasicsRishabh Kumar
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes Adnan Rashid
 
Kubernetes
KubernetesKubernetes
Kuberneteserialc_w
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionEric Gustafson
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Helm.pptx
Helm.pptxHelm.pptx
Helm.pptxSISTechnologies
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Megan O'Keefe
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for KubernetesCarlos E. Salazar
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes BasicsEueung Mulyana
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRaffaele Di Fazio
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionMartin Danielsson
 
Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideBytemark
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installationRobert Bohne
 
Rancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveRancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveLINE Corporation
 
What Is Helm
What Is Helm What Is Helm
What Is HelmAMELIAOLIVIA2
 
An overview of the Kubernetes architecture
An overview of the Kubernetes architectureAn overview of the Kubernetes architecture
An overview of the Kubernetes architectureIgor Sfiligoi
 
Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Krishna-Kumar
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionPeng Xiao
 
(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive OverviewBob Killen
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Jacopo Nardiello
 
Kubernetes acomprehensiveoverview
Kubernetes acomprehensiveoverviewKubernetes acomprehensiveoverview
Kubernetes acomprehensiveoverviewAnkit Shukla
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overviewGabriel Carro
 

Weitere ähnliche Inhalte

Was ist angesagt?

K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes Adnan Rashid
 
Kubernetes
KubernetesKubernetes
Kuberneteserialc_w
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionEric Gustafson
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Megan O'Keefe
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for KubernetesCarlos E. Salazar
 
Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideBytemark
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installationRobert Bohne
 
Rancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveRancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveLINE Corporation
 
An overview of the Kubernetes architecture
An overview of the Kubernetes architectureAn overview of the Kubernetes architecture
An overview of the Kubernetes architectureIgor Sfiligoi
 
Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Krishna-Kumar
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionPeng Xiao
 
(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive OverviewBob Killen
 

Was ist angesagt? (20)

K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals Training
 
CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
 
Helm.pptx
Helm.pptxHelm.pptx
Helm.pptx
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for Kubernetes
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory Guide
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installation
 
Rancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveRancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep Dive
 
What Is Helm
What Is Helm What Is Helm
What Is Helm
 
An overview of the Kubernetes architecture
An overview of the Kubernetes architectureAn overview of the Kubernetes architecture
An overview of the Kubernetes architecture
 
Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 

Ähnlich wie Kubernetes 101 for Beginners

Kubernetes acomprehensiveoverview
Kubernetes acomprehensiveoverviewKubernetes acomprehensiveoverview
Kubernetes acomprehensiveoverviewAnkit Shukla
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overviewGabriel Carro
 
08 - kubernetes.pptx
08 - kubernetes.pptx08 - kubernetes.pptx
08 - kubernetes.pptxRanjithM61
 
Kubernetes presentation
Kubernetes presentationKubernetes presentation
Kubernetes presentationGauranG Bajpai
 
Containers kuberenetes
Containers kuberenetesContainers kuberenetes
Containers kuberenetescsegayan
 
Kubernetes for Java developers
Kubernetes for Java developersKubernetes for Java developers
Kubernetes for Java developersRobert Barr
 
Getting started with google kubernetes engine
Getting started with google kubernetes engineGetting started with google kubernetes engine
Getting started with google kubernetes engineShreya Pohekar
 
Kubernetes From Scratch .pdf
Kubernetes From Scratch .pdfKubernetes From Scratch .pdf
Kubernetes From Scratch .pdfssuser9b44c7
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 introTerry Cho
 
Introduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud NativeIntroduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud NativeTerry Wang
 
KubernetesPPT.pptx
KubernetesPPT.pptxKubernetesPPT.pptx
KubernetesPPT.pptxRyuzaki360
 
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...Anant Corporation
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with ComponentsAjeet Singh
 
Best Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBest Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBlueData, Inc.
 

Ähnlich wie Kubernetes 101 for Beginners (20)

Kubernetes acomprehensiveoverview
Kubernetes acomprehensiveoverviewKubernetes acomprehensiveoverview
Kubernetes acomprehensiveoverview
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overview
 
08 - kubernetes.pptx
08 - kubernetes.pptx08 - kubernetes.pptx
08 - kubernetes.pptx
 
Kubernetes presentation
Kubernetes presentationKubernetes presentation
Kubernetes presentation
 
Containers kuberenetes
Containers kuberenetesContainers kuberenetes
Containers kuberenetes
 
Containers kuberenetes
Containers kuberenetesContainers kuberenetes
Containers kuberenetes
 
Container Orchestration using kubernetes
Container Orchestration using kubernetesContainer Orchestration using kubernetes
Container Orchestration using kubernetes
 
Containers kuberenetes
Containers kuberenetesContainers kuberenetes
Containers kuberenetes
 
Kubernetes for Java developers
Kubernetes for Java developersKubernetes for Java developers
Kubernetes for Java developers
 
Getting started with google kubernetes engine
Getting started with google kubernetes engineGetting started with google kubernetes engine
Getting started with google kubernetes engine
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
Kubernetes From Scratch .pdf
Kubernetes From Scratch .pdfKubernetes From Scratch .pdf
Kubernetes From Scratch .pdf
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 intro
 
Introduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud NativeIntroduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud Native
 
KubernetesPPT.pptx
KubernetesPPT.pptxKubernetesPPT.pptx
KubernetesPPT.pptx
 
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
 
Intro to Kubernetes
Intro to KubernetesIntro to Kubernetes
Intro to Kubernetes
 
Best Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBest Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker Containers
 

Kürzlich hochgeladen

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 

Kürzlich hochgeladen (20)

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 

Kubernetes 101 for Beginners

  • 2. Agenda ● Introduction ○ Legacy Systems ○ Docker ○ Docker-Compose ○ Docker-Swarm ○ What isKubernetes? ○ What doesKubernetesdo? ● Architecture ○ MasterComponents ○ NodeComponents ○ Additional Services ○ Kubectl ○ Kube Config ● Concepts ○ Core ○ Workloads ○ Network ○ Storage ○ Configuration ○ Auth and Identity ○ Helm ○ MiniKube ● Behind theScenes ● Deployment fromBeginningto End ● AKS Deployment Demo ○ End to End AKS Deployment
  • 4. Legacy Systems Legacy App Deployment Model on Bare Metal Servers.
  • 5. Legacy Systems App Deployment on Virtual Machines Overview.
  • 7. Virtual Machines vs Docker Containers
  • 8. Container:  Containers are an abstraction at the app layer that packages code and dependencies together.  Multiple containers can run on the same machine and share the OS kernel with other containers, each running as isolated processes in user space.  Containers typically take up less space than VMs. Virtual Machines  Virtual machines (VMs) are an abstraction of physical hardware turning one server into many servers.  The hypervisor allows multiple VMs to run on a single machine.  Each VM includes a full copy of an operating system, the application, necessary binaries and libraries - taking up tens of GBs.  VMs can also be slower to boot.
  • 10. COMPOSE https://www.katacoda.com/boxboat/courses/df-dev/02-docker-compose Workshop:  Compose is a tool for defining and running multi-container Docker applications.  With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.  Compose is great for development, testing, and staging environments, as well as CI workflows
  • 11. SWARM https://www.katacoda.com/boxboat/courses/df-ops/01-docker-swarm https://www.katacoda.com/courses/docker-orchestration/getting-started-with-swarm-mode Workshop:  Docker Swarm is a clustering and scheduling tool for Docker containers.  With Swarm, IT administrators and developers can establish and manage a cluster of Docker nodes as a single virtual system.
  • 12. =
  • 13.
  • 14. Intro - Whatis Kubernetes? Kubernetes or K8s wasaproject spunout of Googleasaopensource next-gen container scheduler designed with the lessons learned from developing andmanagingBorg andOmega. Kubernetes wasdesignedfromtheground-upasalooselycoupled collection of components centered around deploying, maintaining, and scaling applications.
  • 15. Intro - What Does Kubernetes do? Kubernetes isthelinuxkernelof distributed systems. Itabstractsawaytheunderlyinghardwareof thenodesandprovides a uniform interface for applicationsto bebothdeployedandconsumethe sharedpool of resources. https://www.katacoda.com/loodse/courses/kubernetes/kubernetes-01-playground Workshop:
  • 17. Architecture Overview Masters -Acts as the primary control plane for Kubernetes. Masters are responsible ataminimumfor runningtheAPI Server, scheduler,andcluster controller. Theycommonly alsomanagestoringcluster state,cloud-provider specific componentsandother cluster essentialservices. Nodes-Are the‘workers’of aKubernetes cluster. They runaminimalagent that manages the node itself, and are tasked with executing workloads as designatedbythemaster.
  • 20. Master Components ● Kube-apiserver ● Etcd ● Kube-controller-manager ● Cloud-controller-manager ● Kube-scheduler
  • 21. kube-apiserver Theapiserverprovides aforward facingRESTinterface into thekubernetes control plane and datastore. All clients, including nodes, users and other applicationsinteract with kubernetes strictly through theAPI Server. It is the true core of Kubernetes acting as the gatekeeper to the cluster by handlingauthenticationandauthorization,requestvalidation,mutation, and admission control in addition to beingthefront-end to thebackingdatastore. kubectl api-resources  to see all api resources
  • 22. etcd Etcd actsasthecluster datastore;providing astrong,consistent andhighly availablekey-valuestoreusedfor persisting cluster state.
  • 23. kube-controller-manager The controller-manager is the primary daemon that manages all core componentcontrol loops.Itmonitorsthecluster state viatheapiserverand steersthecluster towardsthedesired state.
  • 24. cloud-controller-manager The cloud-controller-manager is a daemon that provides cloud-provider specific knowledge andintegration capabilityinto thecorecontrol loop of Kubernetes. The controllers include Node, Route, Service, and add an additional controller to handlePersistentVolumeLabels.
  • 25. kube-scheduler Kube-scheduler isaverbose policy-rich enginethatevaluatesworkload requirements and attempts to place it on a matching resource. These requirements canincludesuchthings asgeneralhardwarereqs,affinity, anti-affinity, andother customresource requirements.
  • 27. Node Components ● Kubelet ● Kube-proxy ● Containerruntime engine
  • 28. kubelet Acts as the node agent responsible for managing pod lifecycle on its host. Kubelet understandsYAML containermanifeststhatit canreadfromseveral sources: ● File path ● HTTP Endpoint ● Etcd watchacting onanychanges ● HTTP Servermodeaccepting containermanifestsoverasimpleAPI.
  • 29. kube-proxy Manages thenetwork rulesoneachnodeandperformsconnection forwarding or loadbalancingfor Kubernetes cluster services. Available ProxyModes: ● Userspace ● iptables ● ipvs(alphain1.8)
  • 30. Container Runtime With respect to Kubernetes,A containerruntime isaCRI (Container RuntimeInterface) compatible application that executesandmanagescontainers. ● Containerd (docker) ● Cri-o ● Rkt ● Kata(formerlyclearandhyper) ● Virtlet (VM CRI compatible runtime)
  • 31. Additional Services Kube-dns-Provides cluster wide DNS Services.Servicesareresolvable to <service>.<namespace>.svc.cluster.local. Heapster - Metrics Collector for kubernetes cluster, usedbysomeresources suchastheHorizontal Pod Autoscaler. (required for kubedashboardmetrics) Kube-dashboard -A generalpurpose webbasedUIfor kubernetes.
  • 32. Kubectl kubectl [command] [TYPE] [NAME] [flags] command: operation to perform (verb) TYPE: the resource type to perform the operation on NAME:Specifies the name of the resource flags:optional flags https://www.katacoda.com/courses/kubernetes/kubectl-run-containers Workshop:
  • 33. $KUBECONFIG • Multiple configurations files as a list of paths • KUBECONFIG • Append new configurations temporarily https://github.com/ahmetb/kubectx KUBECTX:
  • 36. Kubernetes Concepts - Core Cluster - A collection of hoststhat aggregate their available resources including cpu,ram,disk, andtheir devicesinto ausablepool. Master - The master(s)represent acollection of components that makeupthecontrol planeof Kubernetes. These components are responsible for all cluster decisions including both schedulingandresponding to cluster events. Node - A singlehost,physicalor virtual capableof runningpods.A nodeismanagedbythe master(s),andat aminimumrunsboth kubelet andkube-proxyto beconsidered part of the cluster. Namespace- A logical cluster or environment. Primarymethodof dividing acluster or scopingaccess.
  • 37. Concepts - Core(cont.) Label- Key-valuepairs that areusedto identify, describe andgrouptogetherrelated setsof objects.Labelshaveastrict syntaxandavailable characterset.* Annotation - Key-value pairs that contain non-identifying information or metadata. Annotations donot havethethesyntaxlimitations aslabels andcancontainstructured or unstructureddata. Selector - Selectors uselabels to filter or select objects. Bothequality-based(=,==,!=)or simplekey-valuematchingselectorsaresupported. * https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#syntax-and-character-set
  • 39. Concepts - Workloads Pod- A podisthesmallestunit of workormanagementresourcewithin Kubernetes.Itis comprised of one or more containers that share their storage, network, and context (namespace, cgroupsetc). ReplicationController - Method of managingpodreplicasandtheir lifecycle. Their scheduling,scaling,anddeletion. ReplicaSet- Next GenerationReplicationController. Supportsset-basedselectors. Deployment - A declarativemethodof managingstatelessPods andReplicaSets. Provides rollback functionalityinaddition to moregranularupdatecontrol mechanisms.
  • 40. Deployment Contains configuration of how updates or ‘deployments’ should be managed in addition to thepodtemplateusedto generate theReplicaSet. ReplicaSet Generated ReplicaSet fromDeployment spec. https://www.katacoda.com/boxb oat/courses/kf1/03-deployments Workshop:
  • 41. Concepts - Workloads (cont.) StatefulSet - A controller tailored to managingPods thatmustpersistormaintainstate.Pod identityincluding hostname,network,andstoragewill bepersisted. DaemonSet - Ensuresthat all nodesmatchingcertain criteria will run aninstance of a supplied Pod. Idealfor cluster wide services suchaslog forwarding, orhealth monitoring.
  • 42. StatefulSet ● Attaches to ‘headeless service’ (notshown)nginx. ● Podsgivenunique ordinalnamesusingthepattern <statefulset name>-<ordinalindex>. ● Createsindependent persistentvolumesbasedon the‘volumeClaimTemplates’.
  • 43. DaemonSet ● Bypasses defaultscheduler ● Schedulesasingle instanceonevery host while adheringto tolerancesandtaints. https://www.katacoda.com/reselbob/scenario s/k8s-daemonset-w-node-affinity Workshop:
  • 45. Networking - FundamentalRules 1) All Pods cancommunicate with all other Pods withoutNAT 2) All nodescancommunicatewith all Pods (andvice-versa)without NAT. 3) TheIPthataPod seesitself asisthesameIPthatothersseeit as.
  • 46. Networking - FundamentalsApplied Containers in apodexist within thesamenetwork namespaceandsharean IP;allowingfor intrapod communicationoverlocalhost. Podsaregivenacluster uniqueIPfor thedurationof its lifecycle,butthepods themselvesarefundamentallyephemeral. Services aregivenapersistentcluster uniqueIPthatspansthePods lifecycle. External Connectivity isgenerally handedbyanintegrated cloud provider or other externalentity (loadbalancer)
  • 47. Networking -CNI Networking within Kubernetes is plumbed via the Container Network Interface(CNI),aninterface betweenacontainerruntime andanetwork implementation plugin. Compatible CNI Network Plugins: ● Calico ● Cillium ● Contiv ● Contrail ● Flannel ● GCE ● kube-router ● Multus ● OpenVSwitch ● OVN ● Romana ● Weave
  • 48. Concepts - Network Service - Servicesprovide amethodof exposing andconsuming L4 Pod network accessible resources. Theyuselabel selectorsto mapgroupsof podsandports to acluster-unique virtual IP. Ingress - An ingresscontroller is theprimarymethodof exposing acluster service (usually http) to the outside world. These are load balancers or routers that usually offer SSL termination,name-basedvirtualhostingetc.
  • 49. Service ● Acts astheunified methodof accessingreplicated pods. ● Four majorServiceTypes: ○ CluterIP-Exposesserviceonastrictly cluster-internal IP(default) ○ NodePort-Serviceis exposedoneachnode’sIPonastatically definedport. ○ LoadBalancer -Works in combination with acloudproviderto exposeaserviceoutsidethecluster onastatic externalIP. ○ ExternalName -usedto referencesendpointsOUTSIDE thecluster byprovidingastatic internally referencedDNSname. https://www.katacoda.com/boxboat/courses/kf2/01-services Workshop:
  • 50. Ingress Controller ● Deployedasapodtooneormorehosts ● Ingresscontrollers areanexternal controller with multipleoptions. ○ Nginx ○ HAproxy ○ Contour ○ Traefik ● Specificfeaturesandcontroller specific configuration is passed through annotations. https://www.katacoda.com/boxboat/courses/kf2/03-ingress Workshop:
  • 51. Concepts - Storage Volume - Storagethat istied to the Pod Lifecycle, consumablebyoneor more containerswithin thepod. PersistentVolume- A PersistentVolume (PV)represents astorageresource. PVs are commonly linked to abacking storageresource,NFS,GCEPersistentDisk, RBD etc.andare provisionedaheadof time.Their lifecycle ishandledindependently fromapod. PersistentVolumeClaim - A PersistentVolumeClaim(PVC)is arequest for storagethat satisfiesaset of requirements insteadof mappingto astorageresourcedirectly.Commonly usedwith dynamicallyprovisionedstorage. StorageClass - Storageclassesareanabstractionontopof anexternal storageresource. These will include a provisioner, provisioner configuration parameters as well as a PV reclaimPolicy. https://www.katacoda.com/courses/kubernetes/storage-introduction Workshop:
  • 52. Concepts -Configuration ConfigMap - Externalized data stored within kubernetes that can be referenced as a commandlineargument,environment variable,or injected asafile into avolumemount.Ideal for separatingcontainerizedapplication fromconfiguration. Secret- Functionallyidenticalto ConfigMaps, but stored encoded asbase64,andencrypted at rest (ifconfigured).
  • 53. ConfigMaps andSecrets ● CanbeusedinPod Config: ○ Injectedasafile ○ Passedasanenvironmentvariable ○ Usedasacontainercommand(requirespassing asenvvar) https://www.katacoda.com/javajon/courses/kubernetes-fundamentals/configmap-secret Workshop:
  • 54. Concepts - Auth and Identity (RBAC) [Cluster]Role - Roles contain rules that act asaset of permissions that apply verbs like “get”, “list”,“watch” etc over resources that arescopedto apiGroups.Roles arescopedto namespaces, andClusterRolesareapplied cluster-wide. [Cluster]RoleBinding - Grant thepermissionsasdefined in a[Cluster]Role to oneor more “subjects”whichcanbeauser,group,orservice account. ServiceAccount- ServiceAccounts provide aconsumableidentity for podsor external servicesthatinteractwith thecluster directly andarescopedto namespaces. https://www.katacoda.com/boxboat/courses/kf2/04-misc Workshop:
  • 55. [Cluster]Role ● Permissions translate to url path. With “”defaultingto core group. ● Resourcesactasitemstherole shouldbegrantedaccessto. ● Verbsaretheactionstherole canperform onthereferenced resources.
  • 56. [Cluster]RoleBinding ● Canreference multiplesubjects ● Subjectscanbeof kind: ○ User ○ Group ○ ServiceAccount ● roleRef targetsasinglerole only.
  • 57. What is HELM • Package manager • Like yum, apt but for Kubernetes • Search and reuse or start from scratch • Lifecycle Management • Create • Install • Upgrade/Rollback • Delete • Status • Versioning • Benefits • Repeatability • Reliability • Multiple environment • Ease collaboration • Manage Complexity
  • 58. Kubernetes Cluster Helm Components • Helm Client • Command-line client • Interacts with Tiller Server • Local chart development • Tiller Server • In-cluster • Listens to the Helm client • Interacts with Kubernetes APIServer • Manages the lifecycle Helm Client TillerServer gRPC Kubernetes API Server REST https://www.katacoda.com/javajon/c ourses/kubernetes-pipelines/helm Workshop:
  • 62.
  • 64. APIserver Request Loop 3)Kubectl authenticatesto apiserverviax509,jwt, http authproxy,otherplugins,or http-basic auth. 4)Authorization iteratesoveravailableAuthZ sources:Node,ABAC, RBAC,or webhook. 5)AdmissionControlchecksresourcequotas, othersecurityrelatedchecksetc. 6)Requestisstoredinetcd. 7)Initializersaregiven opportunityto mutate requestbeforethe objectispublished. 8)Requestispublishedonapiserver.
  • 65. Deployment Controller 9)Deployment Controller isnotified of thenew Deployment viacallback. 10)Deployment Controller evaluatescluster stateand reconciles the desired vs current state and forms a request for thenewReplicaSet. 11)apiserver request loopevaluatesDeployment Controllerrequest. 12)ReplicaSet ispublished.
  • 66. ReplicaSet Controller 13)ReplicaSetController isnotified of thenewReplicaSet viacallback. 14)ReplicaSet Controller evaluates cluster state and reconciles thedesiredvscurrentstateandformsarequest for thedesiredamountof pods. 15)apiserver request loopevaluatesReplicaSet Controllerrequest. 16)Podspublished, andenter ‘Pending’ phase.
  • 67.
  • 68. Scheduler 17)Schedulermonitorspublished podswith no ‘NodeName’ assigned. 18)Appliesschedulingrulesandfilters to find a suitablenodeto host thePod. 19)Schedulercreatesabinding of Pod to Node and POSTs toapiserver. 20)apiserver request loopevaluatesPOST request. 21)Pod statusisupdatedwith nodebinding andsets status to‘PodScheduled’.
  • 69. Kubelet -PodSync 22)Thekubelet daemononeverynodepollstheapiserver filtering for podsmatchingits own‘NodeName’; checkingits currentstate with thedesiredstatepublished throughtheapiserver. 23)Kubelet will thenmovethroughaseries of internal processesto prepare the pod environment. This includes pulling secrets, provisioningstorage,applyingAppArmorprofiles andothervarious scaffolding. During this period,it will asynchronouslybePOST’ing the ‘PodStatus’ to the apiserver through the standard apiserver request loop.
  • 70. Pause and Plumbing 24)Kubelet thenprovisionsa‘pause’containerviathe CRI (Container RuntimeInterface). The pausecontainer actsastheparent containerfor thePod. 25)The network is plumbed to the Pod via the CNI (Container Network Interface),creating aveth pair attached to the pause container and to acontainer bridge (cbr0). 26)IPAM handledbytheCNI plugin assignsanIPto the pausecontainer.
  • 71. Kubelet - Create Containers 24)Kubelet pullsthecontainerImages. 25)Kubelet first creates andstartsanyinit containers. 26)Oncetheoptional init containerscomplete,the primarypodcontainersarestarted.
  • 72. Pod Status 27)Ifthere areanyliveless/readiness probes,theseareexecuted beforethe PodStatus isupdated. 28)Ifall completesuccessfully,PodStatusis set to readyandthecontainer has startedsuccessfully. ThePodisDeployed!
  • 73. END to END AKS DEMO

Hinweis der Redaktion

  1. Container: Containers are an abstraction at the app layer that packages code and dependencies together. Multiple containers can run on the same machine and share the OS kernel with other containers, each running as isolated processes in user space. Containers typically take up less space than VMs. (Source: Docker.com) Virtual Machine Virtual machines (VMs) are an abstraction of physical hardware turning one server into many servers. The hypervisor allows multiple VMs to run on a single machine. Each VM includes a full copy of an operating system, the application, necessary binaries and libraries - taking up tens of GBs. VMs can also be slower to boot.(Source: Docker.com)
  2. https://www.katacoda.com/courses/docker/deploying-first-Container https://www.katacoda.com/courses/docker/3
  3. https://www.katacoda.com/boxboat/courses/df-dev/02-docker-compose
  4. https://www.katacoda.com/boxboat/courses/df-ops/01-docker-swarm
  5. Kubernetes