3. Sanallaştırma Temelleri - Types
● Full virtualization: running an unmodified OS,
Parallels, VirtualBox, XEN
● Paravirtualization: running a modified guest
system (kernel), XEN, QEMU, KVM
● OS-level virtualization: enables running an
isolated process (tree), OpenVZ, LXC,
BSD-jails, Linux-VServer, Solaris Zones
● Virtualized Containers, LXC, LXD, Docker
4. Sanallaştırma Temelleri
● Sanal makinalar stateful
● Büyük VM’ler: Depolama VM içinde,
tüm servisler aynı VM içinde,
kocaman vCPU ve vRAM
● Uygulama SLA kuralları VM hayatta
kalsın diye var.
● Dağıtıklık ve fail durumu için eldeki
HA teknolojisine bağlı
● VM’ler kurulumdan sonra CPU ve
RAM bakımından ölçeklenebilir.
● Uygulamalar VM’in crash olması
durumuna göre geliştirilmemiştir.
● Örnek:
Aynı VM üzerinde, database, web
server, frontend app birlikte çalışıyor.
● Uygulamalar dağıtık olmak
üzere tasarlanmıştır. VM’ler
stateless haldedir.
● VM’ler küçüktür.
● Uygulama SLA kuralları tüm
uygulama içindir. Bir VM için
değil.
● Uygulama çok sayıda
instance üzerinde
çalışmaktadır.
● Uygulamanın
ölçeklendirilmesi için anlık
olarak VM eklenebilir.
● Uygulamalar VM’lerin fail
olması durumuna göre
geliştirilmiştir.
PETS CATTLE
20. Hands on Kubernetes
Master: Kubernetes control panel or control plane.
This is where decisions are made about the cluster,
such as scheduling, and detecting/responding to
cluster events. The components of the master can
be run on any node in the cluster. Key components
of the master:
21. API Server — This is the only component of the
Kubernetes control panel with a user-accessible API and
the sole master component that you’ll interact with. The
API server exposes a restful Kubernetes API and
consumes JSON manifest files.
Cluster State&Data Store — Kubernetes uses “etcd.” This
is a strong consistent, and highly-available key value
store that Kubernetes uses for persistent storage of all
API objects. Think of it as the “source of truth” for the
cluster.
Hands on Kubernetes
22. Hands on Kubernetes
Controller Manager — Known as the “kube-controller
manager,” this runs all the controllers that handle routine
tasks in the cluster. These include the Node Controller,
Replication Controller, Endpoints Controller, and Service
Account and Token Controllers. Each of these controllers
works separately to maintain the desired state.
23. Hands on Kubernetes
Scheduler — The scheduler watches for newly-created pods
(groups of one or more containers) and assigns them to
nodes.
Dashboard (optional) — Kubernetes web UI that simplifies
the Kubernetes cluster user’s interactions with the API
server.
24. Kubernetes Worker Nodes
Master handles and manages the cluster, worker nodes run
the containers and provide the Kubernetes runtime
environment. Worker nodes comprise a kubelet. This is the
primary node agent. It watches the API server for pods that
have been assigned to its node. Kubelet carries out tasks
and maintains a reporting backchannel of pod status to the
master node.
Hands on Kubernetes
25. Hands on Kubernetes
Inside each pod there are containers, kubelet runs these via
Docker (pulling images, starting and stopping containers,
etc.). It also periodically executes any requested container
liveness probes. In addition to Docker, RKT is also
supported and the community is actively working to support
OCI.
Another component of worker nodes is kube-proxy. This is
the network brain of the node, maintaining network rules on
the host and performing connection forwarding. It’s also
responsible for load balancing across all pods in the service.
26. Kubernetes Pods
A pod is a group of one or more containers (such as Docker
containers), with shared storage/network. Each pod
contains specific information on how the containers should
be run. Think of pods as a ring-fenced environment to run
containers.
Pods are also a unit for scaling. If you need to scale an app
component up or down, this can be achieved by adding or
removing pods.
Hands on Kubernetes
27. Hands on Kubernetes
It’s possible to run more than one container in a pod (where
each share the same IP address and mounted volumes), if
they’re tightly coupled.
Pods are deployed on a single node and have a definite
lifecycle. They can be pending, running, succeeding, or
failing, but once gone, they are never brought back to life. If
a pod dies, a replication controller or other controller must
be used to create a new one.
28. Pods — A description of a set of containers that need to run
together.
Services — An object that describes a set of pods that
provide a useful service. Services are typically used to
define clusters of uniform pods.
Persistent Volumes — A Kubernetes abstraction for
persistent storage. Kubernetes supports many types of
volumes, such as NFS, Ceph, GlusterFS, local directory, etc.
Hands on Kubernetes
29. Namespaces — This is a tool used to group, separate, and
isolate groups of objects. Namespaces are used for access
control, network access control, resource management, and
quoting.
Ingress rules — These specify how incoming network traffic
should be routed to services and pods.
Network policies — This defines the network access rules
between pods inside the cluster.
Hands on Kubernetes
30. ConfigMaps and Secrets — Used to separate configuration
information from application definition.
Controllers — These implement different policies for
automatic pod management. There are three main types:
1. Deployment — Responsible for maintaining a set of running pods of the
same type.
2. DaemonSet — Runs a specific type of pod on each node based on a
condition.
3. StatefulSet — Used when several pods of the same type are needed to run
in parallel, but each of the pods is required to have a specific identity.
Hands on Kubernetes
31. Hands on Kubernetes
● Kubernetes simultaneously runs and controls a set of
nodes on virtual or physical machines.
● This is achieved by running agents on each node.
● The agent talks to the master via the same API used to
send the blueprint to Kubernetes.
● The agent registers itself in the master, providing
Kubernetes with information about the nodes.
● Reading through the API, the agent determines which
containers are required to run on the corresponding node
and how they are to be configured.
32. Hands on Kubernetes
● The master node runs several Kubernetes components.
● Together, these make all control decisions about which
container needs to be started on which node and how it
should be configured.
● In addition, the master and agent may interact with a
cloud provider and manage additional cloud resources
such as load balancers, persistent volumes, persistent
block storage, network configuration, and number of
instances.
33. Hands on Kubernetes
● The master can be a single instance running Kubernetes
components or a set of instances to ensure high
availability.
● A master can also serve (in certain configurations) as a
node to run containers, although this is not
recommended for production.
★ Don’t run heavy duty databases in Kubernetes
★ Choose wisely your load balancer.
34. Minikube
Download the kubectl command-line tool:
● Linux (amd64):
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s
https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linu
x/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/
● OSX (amd64):
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s
https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/dar
win/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/
● Verify that kubectl is installed and working:
$ kubectl version
35. Minikube
Use native virtualization, or install VirtualBox
Download minikube and add it to your $PATH
● Linux:
curl -Lo minikube
https://storage.googleapis.com/minikube/releases/v0.17.1/minikube-linux-amd
64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
● OS X:
curl -Lo minikube
https://storage.googleapis.com/minikube/releases/v0.17.1/minikube-darwin-a
md64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
● Run a basic test of the system:
$ minikube start
$ kubectl get nodes
36. Minikube
Clean up your minikube environment
Stop the current minikube VM:
$ minikube stop
Delete the VM:
$ minikube delete
37. Hands on Kubernetes
$ kubectl config use-context minikube #Use multiple kubernetes clusters.
$ kubectl config get-contexts #Check the contexts
$ kubectl config set-context your_cluster_address #set kubi cluster
$ kubectl get secrets #get secrets
$ kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never #start
container
$ kubectl get pod python-worker --watch #see the container
$ kubectl exec -it python-worker -- /bin/bash #login to this container
40. Hands on Kubernetes
Q: If Pods are ephemeral how can I persist my container data across container
restarts?
A: Kubernetes supports the concept of Volumes so you can use a Volume type
that is persistent.
Q: Do I create Pods manually, what if I want to create a few copies of the same
container do I have to create each one individually?
A: Replication Controller to rollout multiple copies using a Pod template
Q: If Pods are ephemeral and their IP address might change if they get restarted
how can I reliability reference my backend container from a frontend container?
A: Use a Service