This is the new buzz word in the Technology space and it definitely needs a good head-around for any new starter to digest what is it and why it is and beyond that., how it does actually ? — Being a newbie myself, I thought it’s a good idea to put some simple thoughts / pictures to explain with easy texts and phrases.
Hope that justifies what I’m trying to do.
Let’s jump start and learn Kubernetes aka K8S :)
Why Do I need K8S ?
Consider any Monolithic software application in which all the components and different tiers are combined in to one single box. It looks very simple and solid at a smaller scale right?. But think of a larger scale which demands more flexibility, expansion and performance — It’s hard to serve those requirements being with Monolithic approach for a longer term. From the flexibility point of view and also from any management, maintenance and availability perspective, it’s a tough challenge for any developer/organisation to deal with. As it’s in a single box, all these <different> components are very tightly coupled which delays not only development timelines but also add lot of complexities in case if you want to do any update / upgrade and maintain etc, at a very fast pace.
Containers & Dockers came to Rescue Us
More details can be read here about Containers and Dockers. As this section is focussed on Kubernetes, let’s delve in to it but ensure you read and understand about Containers and Dockers before proceeding further!
When the scale is massive and agility is A Must — You need to deal with many containers, you need something to manage and maintain those containers which can handle these *mandatory day-to-day requirements automatically rather than a manual intervention which is tedious and also troublesome. Kubernetes is ‘that Open-source Tool/Framework’ which handles the Container Management as well as Container Orchestration and in a nutshell — it takes care of all of these operational responsibilities.
Rather than going right in to the K8S architecture, I would like to take a different approach to make the reader digest — Let’s start with the K8S Cluster
K8S Cluster [Ref — Fig.1] — It consists of one Master Node and no. of worker Nodes. These nodes can be physical computers or virtual computers depending on the cluster configuration and set up.
Note — In case of ‘high availability’, you need to go for multiple Master Nodes — High Availability is another great topic for the discussion and we’ll talk about it in another post in details but in simple terms it is the ability to provide your applications / services to the end-users without any hick-ups.
Master Node [Ref — Fig.2] — It primarily consists of a ‘Control Plane’ and etcd components. Control Plane internally holds the below components for a specific purpose. Let me explain now:
It is responsible for ensuring the desired state of the entire cluster like what kind of applications are running and container images to use. This component takes the instructions or directions from the administrator and delegates those to the virtual machines or worker nodes
This is the service which exposes Kubernetes APIs to the external world and is the central for In-and-out communications. Either via CLI<kubectl> or UI, the external communications comes to the API-Server and also all the communications within and across the Cluster uses this service
It is used to store all the configuration data in the kay-value format. This is fundamentally highly available and consistent as it gets accessed through the API-Server. It is critical to have a backup plan for this type of data store
Known as Kube-Scheduler. It is responsible for tracking the resource available capacity and ensures newly created Pods are assigned to Nodes. This looks at the total capacity requirements and ensures neither over-resourced nor under-resourced all the time and balances the workloads
This helps to link the cluster in to the Cloud provider’s API. This isolates the components that interact with the Cloud and the components that just solely interact with the cluster. In case if cluster is completely running on-premises, then that cluster will not have a Cloud controller manager as there is nothing isolate from the Cloud or Cloud components but otherwise it plays a critical role
Logically, each controller in Kubernetes is a separate process but to reduce the complexity, they are all compiled in to a single binary to run in a single process. It has several components such as Node Controller — Responsible for dealing with nodes, Job Controller — Based on job objects creates Pods for task completion, Endpoints Controller — helps joining the Services and Pods & Service Account and Token Controllers — deals these things for new namespaces
Worker Node [Ref — Fig.3] — A Node is a typical worker machine in Kubernetes hence it is called ‘Worker Node/s’
All the Nodes get managed by the Master and each Node can have multiple Pods inside it run-ing individual containers. The master node automatically handles the scheduling of pods across the node/s in the cluster
Based on the scaling requirements, master nodes takes care of ensuring the no. of pods availability in each of the worked nodes
Each Worker Nodes primarily holds below items:
In simple terms, this handles the network rules on each Node which ensures the network communication from the inside or outside of the cluster to the pods in the node. It uses the packet filtering layer if available else just the forwards the traffic in to the node for affective communication towards the pods
It is an agent running on each nodes to ensure that the containers are in running condition inside the pods. This service takes the information from the control plane <Master Node’s component> and from etcd for configuration details and ensures the expectations are maintained within the Node/s. Based on the configuration requirements, it either launches or destroys the containers inside the pods
PODs [Ref — Fig.4] — POD is the smallest deployable object unit of the entire Kubernetes system. It contains one or more containers running inside it and they share an IP address, IPC, hostname and other resources.
Generally Pod holds the tightly coupled containers together as an example one container might be representing the application and the other might be that feeds the data in to the application.
As we understood the individual components in brief., let’s look at the bigger picture as the ‘K8S Architecture’ which shows how it connects to the external world through the Cloud LoadBalancer
Hope this blog gives some simple insight about K8S overall for easy understanding. I know this is a bit complicated topic to understand but take your own time to understand and re-read to digest thoroughly.
Next Time, I’m planning to come up with a blog about ‘K8S Security Overview’ and also thinking about different Cloud Security related blogs.
Stay tuned till then..
This is my very first blog., and feel free to provide your feedback in comments…happy to learn and improve as I move forward :)
and many more….