{"id":1645,"date":"2019-04-19T03:23:20","date_gmt":"2019-04-19T03:23:20","guid":{"rendered":"http:\/\/kusuaks7\/?p=1250"},"modified":"2023-08-24T12:07:51","modified_gmt":"2023-08-24T12:07:51","slug":"key-kubernetes-concepts","status":"publish","type":"post","link":"https:\/\/www.experfy.com\/blog\/bigdata-cloud\/key-kubernetes-concepts\/","title":{"rendered":"Key Kubernetes Concepts"},"content":{"rendered":"

Cloud computing, containerization, and container orchestration are the most important trends in DevOps. Whether you’re a data scientist, software developer, or product manager, it’s good to know Docker and Kubernetes basics. Both technologies help you collaborate with others, deploy your projects, and increase your value to employers.<\/p>\n

In this article, we’ll cover essential Kubernetes concepts. There are a lot of Kubernetes terms, which can make it intimidating. I’ll help you make a mental model to speed your understanding of the technology.<\/p>\n

\n

<\/canvas><\/p>\n<\/figure>\n

Orchestrating the movement of shipping containers<\/p>\n

Kubernetes makes a lot more sense if you first know Docker concepts. Check out my Docker guides to learn the fundamentals – Learn Enough Docker to be Useful: Part 1- The Conceptual Landscape<\/a>.<\/p>\n

Then meet back here to learn about orchestrating those Docker containers.<\/p>\n

Kuberwhat?<\/h3>\n

Kubernetes is an open-source platform for managing containerized apps in production. Kubernetes is referred to as K8s for short. I’ll mostly use the term K8s<\/em> going forward, because who doesn’t love efficiency? <\/p>\n

<\/p>\n

K8s is hot. As you can see in the chart below, Google searches for it have grown rapidly in the past five years.<\/p>\n

 <\/p>\n

<\/canvas><\/p>\n

Worldwide search interest for kubernetes<\/em><\/p>\n

Why is K8s so in demand? Kubernetes makes it easier for you to automatically scale your app, reduce downtime, and increase security. No more writing scripts to check, restart, and change the number of Docker containers. Instead, you tell K8s your desired number of containers and it does the work for you. K8s can even automatically scale your containers based on resources used.<\/p>\n

Kubernetes is all about abstracting away complexity. It provides clear points to interface with your app’s development environment.<\/p>\n

K8s doesn’t make a lot of sense for a basic static website that gets a handful of visitors per day. Its use case is for larger apps that might have to scale up and down quickly.<\/p>\n

For large apps, you can use K8s to get the most out of your compute and storage resources. When paired with cloud providers, K8s can save you money. No matter where you run K8s, it should help you save time and reduce DevOps headaches.<\/p>\n

Docker has a competing product named Docker Swarm<\/a> that orchestrates containers. However, it doesn’t have the features and market share that K8s does. While you might think that Docker wouldn’t play nicely with K8s when it has its own offering, the two play extremely well together. I strongly suggest you use K8s to orchestrate your containers.<\/p>\n

\n

<\/canvas><\/p>\n<\/figure>\n

Playing nicely<\/p>\n

Keeping the many K8s abstractions straight can be tricky. I’ll explain how the key parts fit together so you can wrap your head around this powerful platform. Let’s explore key K8s concepts and how they relate to each other.<\/p>\n

First we’ll look at six layers of abstraction and the parts that make them up. Then we’ll look at seven other key K8s API objects.<\/p>\n

The Six Layers of K8s<\/h3>\n

Let’s assume you have an app that is running continuously and doesn’t need to store state.<\/p>\n

<\/p>\n

Kubernetes abstractions for a Deployment. © Jeff Hale 2019<\/span><\/p>\n

Here are the six layers of K8s concepts, starting with the highest-level abstraction.<\/p>\n

    \n
  1. Deployment<\/li>\n
  2. ReplicaSet<\/li>\n
  3. Pod<\/li>\n
  4. Node Cluster<\/li>\n
  5. Node Processes<\/li>\n
  6. Docker Container<\/li>\n<\/ol>\n

    Deployments <\/em>create and manage ReplicaSets, which create and manage Pods, which run on Nodes, which have a container runtime, which run the app code you put in your Docker image. Sounds like the Irish folk song “The Rattlin’ Bog<\/a>”. <\/p>\n

    Here’s a diagram with the Worker Node processes broken out. Let’s dig in a bit.<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    Detailed Kubernetes abstraction Deployment levels. © Jeff Hale 2019<\/p>\n

    The levels shaded blue are higher-level K8s abstractions. The green levels represent Nodes and Node subprocess that you should be aware of, but may not touch.<\/p>\n

    Note that your K8s instances will often have multiple Pods that can run on a single Node.<\/p>\n

    The Docker container contains your application code.<\/p>\n

    ***Grammar interlude***<\/p>\n

    According to K8s own style guide<\/a>, capitalization of API objects such as Pods should<\/i> follow the “same uppercase and lowercase letters that are used in the actual object name.” However, this guideline is often not followed in the docs\u200a—\u200aAPI objects are capitalized or lowercased seemingly randomly.<\/p>\n

    I’m going to follow the style guide’s stated policy in my K8s articles and error on the side of capitalization.<\/p>\n

    ***Grammar interlude over. ***<\/p>\n

    Let’s look at the six levels individually, starting with the highest level of abstraction.<\/p>\n

    Deployment<\/h3>\n

    If you want to make a stateless app that will run continuously, such as an HTTP server, you want a Deployment. Deployments allow you to update a running app without downtime. Deployments also specify a strategy to restart Pods when they die.<\/p>\n

    You can create a Deployment from the command line or a configuration file. I’ll show you both methods in future articles, so follow me<\/a> to make sure you don’t miss them. <\/p>\n

    ReplicaSet<\/h3>\n

    The Deployment creates a ReplicaSet that will ensure your app has the desired number of Pods. ReplicaSets will create and scale Pods based on the triggers you specify in your Deployment.<\/p>\n

    Replication Controllers<\/em> perform the same function as ReplicaSets, but Replication Controllers are old school. ReplicaSets are the smart way to manage replicated Pods in 2019.<\/p>\n

    Pod<\/h3>\n

    The Pod<\/em><\/a> is the basic building block of Kubernetes. A Pod contains a group of one or more containers. Generally, each Pod has one container.<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    Pod<\/p>\n

    Pods handle Volumes, Secrets, and configuration for containers.<\/p>\n

    Pods are ephemeral. They are intended to be restarted automatically when they die.<\/p>\n

    Pods are replicated when the app is scaled horizontally by the ReplicationSet. Each Pod will run the same container code.<\/p>\n

    Pods live on Worker Nodes.<\/p>\n

    Cluster Level<\/h3>\n

    Cluster<\/h4>\n

    A K8s Cluster consists of a Cluster Master <\/em>and Worker Nodes.<\/em><\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    Star Cluster. Credit: NASA, ESA and the Hubble Heritage (STScI\/AURA)-ESA\/Hubble Collaboration<\/a><\/p>\n

    Below is a representation of a Cluster. This diagram emphasizes how multiple Pods can run on a Worker Node and multiple Worker Nodes are governed by a Master.<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    Kubernetes Nodes, Pods, & Containers © Jeff Hale 2019<\/p>\n

    Worker Node<\/h4>\n

    Worker Node<\/em><\/a> <\/em>is <\/em>also referred to as a Node<\/em> for short. <\/em>A Node is an abstraction for a machine\u200a—\u200aeither a physical machine or a virtual machine. Think of a Node as a computer server.<\/p>\n

    One or more Pods run on a single Worker Node.<\/p>\n

    A Pod is never split between two Nodes\u200a—\u200aa Pod’s contents are always located and scheduled together on the same Node.<\/p>\n

    Who’s telling the Worker Nodes what to do? The Master.<\/p>\n

    Cluster Master<\/h4>\n

    The <\/em>Cluster Master<\/em><\/a> <\/em>has a seriously ridiculous number of aliases. It’s also referred to as the Master Node, Kubernetes Master, Cluster Control Plane, Control Plane, <\/em>and <\/em>just Master. <\/em>Whatever you call it, it directs the Worker Nodes. Masters make scheduling decisions, respond to events, implement changes, and monitor the Cluster.<\/p>\n

    Both the Worker Nodes and the Master have subprocess components.<\/p>\n

    Node Processes<\/h3>\n

    Master Components<\/h4>\n

    The Master components are the API<\/em> server (<\/em>aka kube-apiserver)<\/em>, etc d<\/em>, Scheduler <\/em>(aka kube-scheduler), kube-controller-manager, and cloud-controller manager<\/em>. **I added the controller-managers for completeness Apr. 10, 2019**<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    Cluster Master subprocesses<\/p>\n

    Let’s briefly look at each one.<\/p>\n

    API Server<\/em><\/strong>\u200a—\u200aExposes the K8s API. It’s the frontend for Kubernetes control. (aka. kube-apiserver) Think hub<\/em>. 
    \netcd\u200a<\/em><\/strong>—\u200aDistributed key-value store for Cluster state data. Think Cluster info<\/em>.
    \nScheduler\u200a<\/em><\/strong>—\u200aSelects the Nodes for new Pods. Good guide     here<\/a>. (aka kube-scheduler) Think matcher<\/em>.
    \nkube-controller-manager <\/em><\/strong>—Process that runs controllers to handle Cluster background tasks. Think Cluster controller<\/em>.
    \ncloud-controller-manager\u200a<\/em><\/strong>—\u200a<\/em>Runs controllers that interact with cloud providers. Think cloud interface<\/em>.<\/p>\n

    Worker Node Components<\/h4>\n

    The Worker Node’s components<\/a> are the kubelet<\/em>, kube-proxy<\/em>, and Container Runtime<\/em>.<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    Worker Node subprocesses<\/p>\n

    kubelet<\/em><\/strong>\u200a—\u200aResponsible for everything on the Worker Node. It communicates with the Master’s API server. Think brain<\/em> for Worker Node.
    \n    kube-proxy<\/em><\/strong><\/a>\u200a—\u200aRoutes connections to the correct Pods. Also performs load balancing across Pods for a Service. Think traffic cop<\/em>.
    \nContainer Runtime<\/em>\u200a<\/strong>—\u200aDownloads images and runs containers. For example, Docker is a Container Runtime. Think Docker<\/em>.<\/p>\n

    Let’s drill down one final level and look at what those Container Runtimes are running. <\/p>\n

    Docker Container Level<\/h3>\n

    Your app needs to be in a container of some sort if you want to run it with K8s. Docker is by far the most common container platform. We’ll assume you’re using it.<\/canvas><\/p>\n

    <\/p>\n

    You’ll specify which Docker image your Pods should use when you create your Deployment. The Container Runtime will download the image and create the containers.<\/p>\n

    K8s doesn’t create containers directly. It creates Pods that hold containers inside them. The containers in a Pod share any configured resources, such as Volume storage.<\/p>\n

    There are five high-level K8s API resources that manage and run Pods: Deployments, StatefulSets, DaemonSets, Jobs, <\/em>and CronJobs<\/em>. These objects are responsible for managing and running the Pods that create and run your containers. Let’s look at these controllers that create and manage continuous processes<\/p>\n

    ReplicaSets, StatefulSets, and DaemonSets<\/h3>\n

    As you’ve seen, a <\/em>ReplicaSet <\/em>creates and manages Pods. If a Pod shuts down because a Node fails, a ReplicaSet can automatically replace the Pod on another Node. You should generally create a ReplicaSet through a Deployment rather than creating it directly, because it’s easier to update your app with a Deployment.<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    A Volume can be attached to a ReplicaSet, but it’s required for a StatefulSet. © Jeff Hale 2019<\/p>\n

    Sometimes your app will need to keep information about its state. You can think of state as the current status of your user’s interaction with your app. So in a video game it’s all the unique aspects of the user’s character at a point in time.<\/p>\n

    For example, the state in the original Super Mario Bros.<\/a> game would include every relevant aspect of the user’s game: what level, what location in that level, big or small, fireballs or no fireballs, how many coins, how many points, and how many lives.<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    What do you do when your app has state you need to keep track of? Use a StatefulSet.<\/p>\n

    StatefulSet<\/h4>\n

    Like a ReplicaSet, a <\/em>StatefulSet<\/em><\/a> <\/em>manages deployment and scaling of a group of Pods based on a container spec. Unlike a Deployment, a StatefulSet’s Pods are not interchangeable. Each Pod has a unique, persistent identifier that the controller maintains over any rescheduling. StatefulSets for good for persistent, stateful backends like databases.<\/p>\n

    The state information for the Pod is held in a Volume associated with the StatefulSet. We’ll discuss Volumes in a bit.<\/p>\n

    DaemonSet<\/h4>\n

    DaemonSets<\/em><\/a> are for continuous process. They run one Pod per Node. Each new Node added to the cluster automatically gets a Pod started by the DaemonSet. DaemonSets are useful for ongoing background tasks such as monitoring and log collection.<\/p>\n

    StatefulSets and DaemonSets are not controlled by a Deployment. Although they are at the same level of abstraction as a ReplicaSet, there is not a higher level of abstraction for them in the current API.<\/p>\n

    Now let’s look at Jobs and CronJobs.<\/p>\n

    Jobs and CronJobs<\/h3>\n

    Job<\/h4>\n

    Job<\/em><\/a> <\/em>is a supervisor for Pods that run a batch process. A Job creates Pods and ensures they do a task by tracking the number of successful Pod completions. Unlike a ReplicaSet, once the process inside the container finishes successfully, the container is not restarted. Use a Job when you want to run a process once.<\/p>\n

    CronJob<\/h4>\n

    If you want to run a Job at regular, specified times (e.g. hourly, daily, or monthly), create a CronJob<\/em><\/a>. <\/em>A CronJob is similar to a Job, but is scheduled to repeat at regular intervals or set times.<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    Time<\/p>\n

    You’ll often need to create a Service to provide consistent access to your ephemeral Pods.<\/p>\n

    Service<\/h3>\n

    A K8s Service<\/em><\/a> creates a single access point for a group of Pods. A Service provides a consistent IP address and port to access underlying Pods. Both external users and internal Pods use Services to communicate with other Pods.<\/p>\n

    Services come in a variety of flavors. Networking with K8s a topic worthy of its own guide. Fortunately, there’s a good one by Sandeep Dinesh<\/a> here<\/a>.<\/p>\n

    Now let’s look at storing data with Volumes and PersistentVolumes.<\/p>\n

    Volumes, PersistentVolumes, and PersistentVolume Claims<\/h3>\n

    Volumes<\/h4>\n

    Volume<\/em><\/a> is a directory that can hold data. A Volume is a component of a Pod, and is not independent of it. A Volume is created in the Pod specification. A Volume cannot be deleted on its own.<\/p>\n

    A Volume is made accessible to all the containers in a Pod. Each container that you want to access the Volume must mount it individually.<\/p>\n

    A K8s Volume outlives any individual containers, but when the enclosing Pod dies, the Volume dies, too. However, the files of some Volume types continue to exist in local or cloud storage, even after the Volume is gone.<\/p>\n

    \n

    <\/canvas><\/p>\n<\/figure>\n

    Volumes<\/p>\n

    A K8s Volume has more functionality than a Docker volume. A Volume can provide access to local disk storage, memory storage, or cloud storage. A Pod can use a combination of them simultaneously.<\/p>\n

    K8s Volume types include empty directories, Worker Node’s filesystems, and cloud provider-specific storage. For example, awsEleasticBlockStore and gcePersistentDisk are provider-specific options for long-term storage. See more in the docs here<\/a>.<\/p>\n

    PersistentVolumes and PersistentVolumeClaims<\/h4>\n

    To help abstract away infrastructure specifics, K8s developed PersistentVolumes<\/em><\/a> <\/em>and PersistentVolumeClaims<\/em>. Unfortunately the names are a bit misleading, because vanilla Volumes can have persistent storage, as well.<\/p>\n

    PersisententVolumes (PV) and PersisentVolumeClaims (PVC) add complexity compared to using Volumes alone. However, PVs are useful for managing storage resources for large projects.<\/p>\n

    With PVs, a K8s user still ends up using a Volume, but two steps are required first.<\/p>\n

      \n
    1. A PersistentVolume is provisioned by a Cluster Administrator (or it’s provisioned dynamically).<\/li>\n
    2. An individual Cluster user who needs storage for a Pod creates a PersistentVolumeClaim <\/em>manifest. It specifies how much and what type of storage they need. K8s then finds and reserves the storage needed.<\/li>\n<\/ol>\n

      The user then creates a Pod with a Volume that uses the PVC.<\/p>\n

      PersistentVolumes have lifecycles independent of any Pod. In fact, the Pod doesn’t even know about the PV, just the PVC.<\/p>\n

      PVCs consume PV resources, analogously to how Pods consume Node resources. Wild!<\/p>\n

      \n

      <\/canvas><\/p>\n<\/figure>\n

      Wild<\/p>\n

      Wrap<\/h3>\n

      I hope you found this introduction to K8s concepts helpful. <\/p>\n

      Let’s recap the K8s concepts we’ve seen. Here are the six levels of abstraction for a Deployment:<\/p>\n