Kubernetes Architecture and Components, Kubernetes Installation and Configurations
#TrainwithShubham #KubeWeekchallenge
What is Kubernetes
Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. It has a large, rapidly growing ecosystem. Kubernetes services, support, and tools are widely available.
The name Kubernetes originates from Greek, meaning helmsman or pilot. K8s as an abbreviation results from counting the eight letters between the "K" and the "s". Google open-sourced the Kubernetes project in 2014. Kubernetes combines over 15 years of Google's experience running production workloads at scale with best-of-breed ideas and practices from the community.
Traditional deployment era: Early on, organizations ran applications on physical servers. There was no way to define resource boundaries for applications in a physical server, and this caused resource allocation issues. For example, if multiple applications run on a physical server, there can be instances where one application would take up most of the resources, and as a result, the other applications would underperform. A solution for this would be to run each application on a different physical server. But this did not scale as resources were underutilized, and it was expensive for organizations to maintain many physical servers.
Virtualized deployment era: As a solution, virtualization was introduced. It allows you to run multiple Virtual Machines (VMs) on a single physical server's CPU. Virtualization allows applications to be isolated between VMs and provides a level of security as the information of one application cannot be freely accessed by another application.
Virtualization allows better utilization of resources in a physical server and allows better scalability because an application can be added or updated easily, reduces hardware costs, and much more. With virtualization, you can present a set of physical resources as a cluster of disposable virtual machines.
Each VM is a full machine running all the components, including its operating system, on top of the virtualized hardware.
Container deployment era: Containers are similar to VMs, but they have relaxed isolation properties to share the Operating System (OS) among the applications. Therefore, containers are considered lightweight. Similar to a VM, a container has its filesystem, the share of CPU, memory, process space, and more. As they are decoupled from the underlying infrastructure, they are portable across clouds and OS distributions.
Containers have become popular because they provide extra benefits, such as:
Agile application creation and deployment: increased ease and efficiency of container image creation compared to VM image use.
Continuous development, integration, and deployment: provides for reliable and frequent container image build and deployment with quick and efficient rollbacks (due to image immutability).
Dev and Ops separation of concerns: Create application container images at build/release time rather than deployment time, thereby decoupling applications from infrastructure.
Observability: not only surfaces OS-level information and metrics but also application health and other signals.
Environmental consistency across development, testing, and production: runs the same on a laptop as it does in the cloud.
Cloud and OS distribution portability: runs on Ubuntu, RHEL, CoreOS, on-premises, on major public clouds, and anywhere else.
Application-centric management: raises the level of abstraction from running an OS on virtual hardware to running an application on an OS using logical resources.
Loosely coupled, distributed, elastic, liberated micro-services: applications are broken into smaller, independent pieces and can be deployed and managed dynamically – not a monolithic stack running on one big single-purpose machine.
Resource isolation: predictable application performance.
Resource utilization: high efficiency and density.
Why you need Kubernetes and what it can do
Containers are a good way to bundle and run your applications. In a production environment, you need to manage the containers that run the applications and ensure that there is no downtime. For example, if a container goes down, another container needs to start. Wouldn't it be easier if this behavior was handled by a system?
That's how Kubernetes comes to the rescue! Kubernetes provides you with a framework to run distributed systems resiliently. It takes care of scaling and failover for your application, provides deployment patterns, and more. For example, Kubernetes can easily manage a canary deployment for your system.
Kubernetes provides you with:
Service discovery and load balancing Kubernetes can expose a container using the DNS name or using their IP address. If traffic to a container is high, Kubernetes can load balance and distribute the network traffic so that the deployment is stable.
Storage orchestration Kubernetes allows you to automatically mount a storage system of your choice, such as local storage, public cloud providers, and more.
Automated rollouts and rollbacks You can describe the desired state for your deployed containers using Kubernetes, and it can change the actual state to the desired state at a controlled rate. For example, you can automate Kubernetes to create new containers for your deployment, remove existing containers and adopt all their resources to the new container.
Automatic bin packing You provide Kubernetes with a cluster of nodes that it can use to run containerized tasks. You tell Kubernetes how much CPU and memory (RAM) each container needs. Kubernetes can fit containers onto your nodes to make the best use of your resources.
Self-healing Kubernetes restarts containers that fail, replace containers, kills containers that don't respond to your user-defined health check, and don't advertise them to clients until they are ready to serve.
Secret and configuration management Kubernetes lets you store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys. You can deploy and update secrets and application configuration without rebuilding your container images, and without exposing secrets in your stack configuration.
What Kubernetes is not
Kubernetes is not a traditional, all-inclusive PaaS (Platform as a Service) system. Since Kubernetes operates at the container level rather than at the hardware level, it provides some generally applicable features common to PaaS offerings, such as deployment, scaling, and load balancing, and lets users integrate their logging, monitoring, and alerting solutions. However, Kubernetes is not monolithic, and these default solutions are optional and pluggable. Kubernetes provides the building blocks for building developer platforms but preserves user choice and flexibility where it is important.
Kubernetes:
Does not limit the types of applications supported. Kubernetes aims to support an extremely diverse variety of workloads, including stateless, stateful, and data-processing workloads. If an application can run in a container, it should run great on Kubernetes.
Does not deploy source code and does not build your application. Continuous Integration, Delivery, and Deployment (CI/CD) workflows are determined by organization cultures and preferences as well as technical requirements.
Does not provide application-level services, such as middleware (for example, message buses), data-processing frameworks (for example, Spark), databases (for example, MySQL), caches, or cluster storage systems (for example, Ceph) as built-in services. Such components can run on Kubernetes, and/or can be accessed by applications running on Kubernetes through portable mechanisms, such as the Open Service Broker.
Does not dictate logging, monitoring, or alerting solutions. It provides some integrations as proof of concept and mechanisms to collect and export metrics.
Does not provide nor mandate a configuration language/system (for example, Jsonnet). It provides a declarative API that may be targeted by arbitrary forms of declarative specifications.
Does not provide nor adopt any comprehensive machine configuration, maintenance, management, or self-healing systems.
Additionally, Kubernetes is not a mere orchestration system. It eliminates the need for orchestration. The technical definition of orchestration is the execution of a defined workflow: first, do A, then B, then C. In contrast, Kubernetes comprises a set of independent, composable control processes that continuously drive the current state towards the provided desired state. It shouldn't matter how you get from A to C. Centralized control is also not required. This results in a system that is easier to use and more powerful, robust, resilient, and extensible.
Kubernetes Architecture
When you deploy Kubernetes, you get a cluster.
A Kubernetes cluster consists of a set of worker machines, called nodes, that run containerized applications. Every cluster has at least one worker node.
The worker node(s) host the pods that are the components of the application workload. The control panel manages the worker nodes and the Pods in the cluster. In production environments, the control plane usually runs across multiple computers and a cluster usually runs multiple nodes, providing fault tolerance and high availability.
Container Runtime Interface
You can use docker for running containers in container services for Kubernetes. Docker is the tool used to run containers. Containerd is used to pull images from registries, manage them and give them to lower-level runtime(Host).
CRI- O
The Container Runtime interface implements Kubernetes, it is an alternative to Containers.
ETCD
It contains all the information related to nodes, pods, configs, secrets, roles, bindings, etc. It is a key-value database. ETCD cli- It is used to interact with the etcd server.
Kube API Server
It is used to authenticate users, validate requests, retrieve data, update ETCD communicate with other components of the cluster.
Kube-Controller Manager
Continuously manages various components of the cluster and works towards managing/restoring to the desired state.
Node Controller
Communicates with Kube API Server and manages nodes every 5 seconds. Checks again for 40 seconds and then if it is not available it will mark it as unreachable. After 5 minutes it relaces the node.
Replication Controller
It is responsible for monitoring the status of the replica set and ensuring that desired number of pods are available at all times.
CronJob, deployment controller, Persistent volume protection, binder, etc are included in the Kube Controller manager.
Kube Scheduler
It is responsible for scheduling the pods on the nodes. It decides which pod to be placed in which node based on the CPU, RAM, and Resources on the Node. Kublet places the nodes after the scheduler decides. The right container or pod is sent to the right node.
Kubelet
It is on the worker node and registers the node with the pod. Monitors the states of pods and reports it to the Kube API Server. We need to install Kubelet on worker nodes.
Kube Proxy
The pod network will allow pods to connect/communicate with each other by Pod IP. It will have IP Tables rule for each service running on Kube Proxy which runs on each node and helps in connecting with the pods from outside.
Pods
Kubernetes doesn't deploy containers directly and it is encapsulated in pods. It is the smallest object which you can create in Kubernetes. A new pod is created in case we need to scale our application. The new node is added to the cluster in case further scaling is needed.
Kubernetes-Installation
Let's learn the commands for the installation of Kubernetes using Kubeadm
Pre-requisites
1.sudo apt-get update
2 sudo apt-get update -y
3 sudo apt-get install docker.io
4 sudo systemctl start docker
5 sudo systemctl enable docker
This is a command used in Linux systems to download and install the Kubernetes archive signing key into the system's keyring.
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
Downloading the signing key and updating the system along with installing the Kubeadm, kubectl and kubelet. Also entering into root user.
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update -y
sudo apt install kubeadm=1.20.0-00 kubectl=1.20.0-00 kubelet=1.20.0-00 -y
sudo su
Output:-
Inside root
Hereafter initializing Kubernetes all its components mentioned in the architecture are downloaded like etcd, API server etc...
kubeadm init
The export command for using the cluster if you are inside the root user.
export KUBECONFIG=/etc/kubernetes/admin.conf
Connecting the worker node through CNI Network: Weave Net
kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml
kubeadm token create --print-join-command
kubectl get nodes
After configuring the worker node run Ngnix server and check in worker node
kubectl get nodes
Worker Node
Prerequisites in worker node
1 sudo apt-get update
2 sudo apt-get update -y
3 sudo apt-get install docker.io
4 sudo systemctl start docker
5 sudo systemctl enable docker
6 sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
7 echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
8 sudo apt-get update -y
9 sudo apt install kubeadm=1.20.0-00 kubectl=1.20.0-00 kubelet=1.20.0-00 -y
10 sudo su
Inside the root- here the Ip address will be changed accordingly also here we are attaching version 5
1 kubeadm reset pre-flight checks
2 kubeadm join 172.31.84.208:6443 --token nqzdbq.muk46aeob8vejegz --discovery-token-ca-cert-hash sha256:6231736dbfc8c9d3547e2178cc8f090cdba6f86ac6f33d6601273af1e92e3124 --v=5 #For version 5 of docker
3 docker ps
Output:
For only commands, please refer:-
https://github.com/tomboy98/DevOps/blob/master/Kubernetes-version-5-installation-guide