SLIDE 1
Kubernetes
Matthias Haeussler Mirna Alaisami
Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview - - PowerPoint PPT Presentation
Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview - - PowerPoint PPT Presentation
Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source platform designed to automate deploying , scaling , and operating application containers . Kubernetes v1.0 was released in 2015. It utilizes
SLIDE 2
SLIDE 3
Overview
3
- Kubernetes is an open-source platform
designed to automate deploying, scaling, and operating application containers.
- Kubernetes v1.0 was released in 2015.
- It utilizes the advantages of
Containerization, Continuous Integration/Delivery, DevOps, Cloud Computing and Microservices.
- It provides much of the simplicity of
PaaS with the flexibility of IaaS, and enables portability across infrastructure providers.
- Docker is the most common container
runtime used in K8s, but it also supports
- ther runtimes.
[1]
SLIDE 4
CaaS Concepts
SLIDE 5
- Provides a complete container environment for deploying and
managing containers, applications and clusters.
- Container Orchestration lies at the heart of container
platforms.
- Focus is on creating the app containers and maintaining them in
the future.
CaaS Concepts
5 [2]
SLIDE 6
Developer Responsibility
SLIDE 7
Developer Responsibility
7 Application Code
Data Store Runtime / Middleware Containers Virtualization Hardware
IaaS
Operating System Application Code Data Store Runtime / Middleware Containers Virtualization Hardware
CaaS
Operating System Application Code Data Store Runtime / Middleware Containers Virtualization Hardware
PaaS
Operating System Application Code Data Store Runtime / Middleware Containers Virtualization Hardware
FaaS
Operating System
K8s Cloud Native Platform Scope
SLIDE 8
K8s Components
SLIDE 9
K8s Componenets
9
Master Node Worker Node Worker Node
A cluster is a logical unit, consisting of one Master node and 1..n Worker nodes.
SLIDE 10
K8s Componenets
10
Master Node Worker Node Worker Node
The Master Node is the server that is responsible for the Kubernetes management tasks.
SLIDE 11
K8s Componenets
11
Master Node Worker Node Worker Node
Worker Nodes are the worker machines and are managed by the master components.
SLIDE 12
K8s Componenets
12
Master Node Worker Node Worker Node
The scheduler's main responsibility is to place the containers on the workers according to various policies, metrics, and resource requirements.
Scheduler
SLIDE 13
K8s Componenets
13
Master Node Worker Node Worker Node
The controller manager is responsible for reconciling the state of the cluster with the desired state, as specified via the API.
Sheduler Controller-manager
SLIDE 14
K8s Componenets
14
Master Node Worker Node Worker Node
The API server exposes a highly-configurable REST interface to all of the Kubernetes resources.
Sheduler Controller-manager API
SLIDE 15
K8s Componenets
15
Master Node Worker Node Worker Node
The kubelet is responsible for communicating with the master services.
Sheduler Controller-manager API Kubelet Kubelet
SLIDE 16
K8s Componenets
16
Master Node Worker Node Worker Node
The Docker engine is the container host that creates and runs Docker containers.
Sheduler Controller-manager API Kubelet Kubelet Docker Docker
SLIDE 17
K8s Componenets
17
Master Node Worker Node Worker Node
The kube-proxy is in charge of managing network connectivity to the containers.
Sheduler Controller-manager API Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
SLIDE 18
K8s Componenets
18
Master Node Worker Node Worker Node
So, in k8s we can enforce what is called "Desired state management“, which means that I can feed the cluster services with specific configuration, and those services will run the configuration as desired in my infrastructure.
Sheduler Controller-manager API Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
SLIDE 19
K8s Basics
Introduction (Usecase)
SLIDE 20
K8s Componenets
20
The desired state exists in the Deployment, which contains the configuration that you feed to the cluster.
Deployments Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
SLIDE 21
K8s Componenets
21
The first fundamental piece inside this deployment is the Pod.
Deployments Pod1 Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
SLIDE 22
K8s Componenets
22
Within a Pod, there can be one or more running Containers.
Deployments Pod1
- ContImg1
- ContImg2
Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
SLIDE 23
K8s Componenets
23
In order to specify how many Pods will be run, a ReplicaSet needs to be defined.
Deployments Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
SLIDE 24
K8s Componenets
24
Deployments Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Pod2
- ContImg3
ReplicaSet -> 2
Let us define another Pod with 2 instances.
Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
SLIDE 25
K8s Componenets
25
Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
Deployment Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Pod2
- ContImg3
ReplicaSet -> 2
Taking the Deployment file and feeding it to the API, the master services will figure out how to schedule the pods on the workers, making sure that the specified number of instances is running.
Deployments Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Pod2
- ContImg3
ReplicaSet -> 2
SLIDE 26
K8s Componenets
26
Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
Deployments Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Pod2
- ContImg3
ReplicaSet -> 2
P1R1 P1R2 P1R3
SLIDE 27
K8s Componenets
27
Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
Deployments Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Pod2
- ContImg3
ReplicaSet -> 2
P1R1 P1R2 P1R3 P2R1 P2R2
SLIDE 28
K8s Componenets
28
Worker Node Worker Node
Kubelet Kubelet Docker Docker Kube-proxy Kube-proxy
Master Node
Sheduler Controller-manager API
Deployments Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Pod2
- ContImg3
ReplicaSet -> 2
P1R1 P1R2 P1R3 P2R1 P2R2
So, at any point in time, the master services are responsible for making sure that the fed configuration is running on the worker nodes.
SLIDE 29
K8s Componenets
29
Worker Node
Kubelet Docker Kube-proxy
Master Node
Sheduler Controller-manager API
Deployments Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Pod2
- ContImg3
ReplicaSet -> 2
P1R1 P1R2 P2R1
Worker Node
Kubelet Docker Kube-proxy P1R3 P2R2
What happens if one worker node is lost?!
SLIDE 30
K8s Componenets
30
Worker Node
Kubelet Docker Kube-proxy
Master Node
Sheduler Controller-manager API
Deployments Pod1
- ContImg1
- ContImg2
ReplicaSet -> 3 Pod2
- ContImg3
ReplicaSet -> 2
P1R1 P1R2 P2R1
The kubelet services will notify us about the changes and the scheduler will instantiate the lost pods again to reach the desired state.
P1R3 P2R2
SLIDE 31
K8s Basics
Pods
SLIDE 32
- A pod is an abstract layer which synthesizes a certain amount of
Docker containers that are meant to run together´.
- It represents the smallest unit of deployment, i.e., a single
instance of an application in Kubernetes, which might consist of either a single container or a small number of containers that are tightly coupled.
- Pods provide two kinds of shared resources for their constituent
containers: networking and storage.
- Containers within a pod share the same IP address, port space,
hostname and storage, and can find each other via localhost.
K8s Basics: Pods
32
runtime app runtime app
SLIDE 33
K8s Basics
Deployments
SLIDE 34
- A deployment is a description of the desired condition of a
particular microservice (number of instances, port forwarding, docker image …)
- ReplicaSets are (usually) combined with pods when defining the
deployment
- A ReplicaSet ensures that a specified number of pod replicas are
running at any given time, thus ReplicaSets enable pods to scale horizontally
K8s Basics: Deployments
34
runtime app runtime app
pod
replica set runtime app runtime app
pod v2
replica set v2 deployment
SLIDE 35
K8s Basics
Services
SLIDE 36
Apps - Deployment
SLIDE 37
Apps – Deployment
37
Dockerfile runtime app app runtime
base container
runtime app
SLIDE 38
Apps – Deployment
38
kubectl run
service/ingress
endpoint
runtime app runtime app
pod
replica set runtime app
pod v2
replica set v2 deployment runtime app
pod v2
SLIDE 39
Apps – Deployment
39
Run it locally on your machine „optional“ Push the image to a registry Deploy your app to the K8s Cluster Expose your app to the internet Scale your deployment manually Scale your deployment automatically Deploy a new version of your app „rolling update“ Package your app into a Docker image
SLIDE 40
Apps – Deployment “Summary”
40
todo Postgres UI postgres.yml todobackend.yml todoui.yml todobackend.service.yml postgres.service.yml todoui.service.yml
- config.yml
SLIDE 41
K8s cluster networking
Intra pod communication
SLIDE 42
K8s Cluster Networking - Intra pod communication
42
- The containers in a Pod share the same IP address and port space, so
they can directly communicate with each other’s port on localhost.
- There is no danger of port collision between different pods, since each
pod has its own IP address, and when a container in the pod uses localhost, it applies to the pod's IP address only.
Pod1 Pod2
IP: 10.10.10.1 IP: 10.10.10.2 Node
Port:1234 Port:1234 Port:8080 Localhost
SLIDE 43
K8s cluster networking
Service ClusterIP
SLIDE 44
- Cross-node pod to pod communication.
- The default Kubernetes ServiceType.
- Gives you a service inside your cluster that other pods (apps)
inside your cluster can access.
- However, there is no external access.
K8s Cluster Networking - Service ClusterIP
44
Service
K8s Cluster
Pod2 Pod3 Pod1
Node1 Node2
SLIDE 45
K8s cluster networking
Service NodePort
SLIDE 46
- Exposes the service with a public IP of Node and a static defined port
(NodePort).
- Enables external traffic to get directly to the NodePort service, such that any
traffic that is sent to the static port is forwarded to the service.
K8s Cluster Networking - Service NodePort
46
Service
K8s Cluster
Pod2 Pod3 Pod1 Traffic
Node1 Node2 Port: 30000 Port: 30000
SLIDE 47
K8s cluster networking
Service LoadBalancer
SLIDE 48
- Exposes the service externally using a cloud provider’s load balancer.
- NodePort and ClusterIP services, to which the external load balancer will
route, are automatically created.
K8s Cluster Networking - Service LoadBalancer
48
Traffic LoadBalancer Service Pod2 Pod3 Pod1
Node1 Node2 K8s Cluster
SLIDE 49
Sources
SLIDE 50
Sources
1. https://i2.wp.com/thepracticalsysadmin.com/wp- content/uploads/2018/05/k8s1.png?ssl=1 2. https://www.slideshare.net/KarlIsenberg/container-
- rchestration-wars-2017-edition
3. https://medium.com/@odedia/comparing-kubernetes-to-pivotal- cloud-foundry-a-developers-perspective-6d40a911f257 4. https://res.cloudinary.com/dukp6c7f7/image/upload/f_auto,fl_los sy,q_auto/s3-ghost/2016/06/o7leok.png 5. https://cdn-images- 1.medium.com/max/1200/1*NMYJ6pN61RsOwzQUDXgg1w.png, https://www.blablacar.com/
50
SLIDE 51
Sources
6. https://www.01net.it/wp- content/uploads/sites/14/2016/04/Huawei-logo-2015.jpg, https://www-file.huawei.com/-/media/corporate/pdf/press- center/media-kit/huawei_fact_sheet_2015_en.pdf 7. https://www.signavio.com/wp-content/uploads/2013/03/Logo- Zalando-WEB1.png?w=480&h=160&zc=2, http://tech.eu/features/339/inside-zalando/ 8. https://istio.io/img/logo.png 9. https://cdn-images- 1.medium.com/max/1200/1*fWtVse6DItxvOBowU85Www.png
51
SLIDE 52
Novatec Consulting GmbH
Dieselstraße 18/1 D-70771 Leinfelden-Echterdingen
- T. +49 711 22040-700
info@novatec-gmbh.de www.novatec-gmbh.de
Senior Managing Consultant
Matthias Haeussler
matthias.haeussler@novatec-gmbh.de Consultant
Mirna Alaisami
Mirna.Alaisami@novatec-gmbh.de