1. Introduction To Kubernetes 03
CONTENTS1.2.3.4.5.Introduction to KubernetesKey definitions and concepts03031.What is Kubernetes?032.What therefore is Containerization033.What is a docker container?044.How Kubernetes differs from Docker project?055.What is orchestration?056.Features of orchestration057.Key Features of Kubernetes068.Work Units of Kubernetes079.Components of Kubernetes09Kubernetes Concepts131.Pods142Controllers17Deploying Kubernetes Manually201.Install Docker Engine on Ubuntu322Installing etcd 2.0 on Ubuntu353Installing Addons35Downloading Kubernetes Docker Images411Setting up Kubernetes Cluster412Dockerizing the App463Writing Kubernetes Manifest Files for Sample App524Understanding Kubectl Utility585 Launching and Running Container pods withKubernetes61LinOxide1
6.7.6Kubernetes - App Deployment Flow647Kubernetes – Auto scaling668Destroying Kubernetes Cluster and PodsDeploying Kubernetes with AnsibleProvisioning Storage in Kubernetes1 Kubernetes Persistent Volumes8.9.717280812 Requesting storage833 Using Claim as a Volume844 Kubernetes and NFS855 Kubernetes and iSCSI87Troubleshooting Kubernetes and Systemd Services881Kubernetes Troubleshooting Commands882Networking Constraints983Inspecting and Debugging Kubernetes984Querying the State of Kubernetes1015Checking Kubernetesyaml or json Files1066Deleting Kubernetes Components107Kubernetes Maintenance1091Monitoring Kubernetes Cluster1092Managing Kubernetes with Dashboard1193Logging Kubernetes Cluster1264Upgrading Kubernetes129LinOxide2
1. INTRODUCTION TO KUBERNETESThis chapter will give a brief overview of containers and Kubernetesand how the two technologies play a key role in shifting to DevOpsmethodologies and CI/CD (continuous integration/continuousdeployment) strategies to accelerate innovation and service delivery.2. KEY DEFINITIONS AND CONCEPTSWHAT IS KUBERNETES?In order to fully understand Kubernetes and its significance in theInformation Technology World, a brief look at recent history will be quitebeneficial as you will find out.Virtualization has come a long way in Information Technology whichbegan when there was need to share the resources of a computer amongmany users. As it is known, Computer resources can be pretty expensiveand hence there is a need to utilize whatever you have to the optimuminstead of investing in another expensive venture. In the 1960’s and early1970’s IBM embarked on a journey with the objective of finding ways thatwill make it possible to share computer resources in a robust fashion. Thebreakthrough was the concept of virtualization that made computingcapability costs to plunge remarkably in such proportions that it madeorganizations and individual entities to use computer resources devoid ofowning one. Virtualization has made it possible to improve the utilization ofresources and more importantly a reduction in costs.With the constant development of technology, virtualization has not beenleft behind in the growth cycle. With more innovative solutions on the rise,containerization in the field of technology is the current standard that isimproving efficiency and resource utilization.WHAT THEREFORE IS CONTAINERIZATIONWhen cargo is being shipped from one country to another acrossthe ocean, they are normally placed in different containers for easymanagement. Instead of piling up every product in one huge container,shoes and clothing for instance are placed in different containers withoutLinOxide3
either interfering with each other. The same is applied in computingContainerization. Creating a container is basically putting everythingyou need for your application to work be it libraries, operating systemor any other technology. What has been created can be replicated andwill work in any environment which saves time and makes it easy forother processes to continue without re-installing the same componentsof the container every time you spin a virtual machine. It is a type of astrategy in virtualization that has come about as an alternative to thenative or initial hypervisor-based virtualization. Containerization involvescreating separate containers at the operating system level which makesit possible to share libraries, file systems and other important componentshence saving a lot of space compared to native virtualization whereeach virtual machine had its own components in isolation. There are fewcontainerization technologies that offer containerization tools and APIsuch as Docker Engine, Rkt, LXC, OpenVZ, runC and LXD. After understandingthe key concepts, Kubernetes can thus be easily defined. Below are fewsimilarities and differences between these container technologies.Kubernetes is an active open source project founded by Google to assistsystem developers/administrators orchestrate and manage containersin different kind of environments such as virtual, physical, and cloudinfrastructure. Currently, Kubernetes project is hosted by Cloud NativeComputing Foundation (CNCF).WHAT IS A DOCKER CONTAINER?A docker container is a lightweight software package that includeseverything needed to run it, including its own minimal operating system,run-time resources, and dependencies. Docker ecosystem lies at theheart of the mass adoption and the excitement witnessed in the containerspace. To spin a Specific Docker container, they are developed out ofimages designed to provide a specific capability, for instance a databasesuch as MariaDB, a base operating system or even a web server suchas Apache. These images of Docker are made from file systems that arelayered so that they are capable of sharing common files. Sharing ofcommon files adds the advantage of reducing the usage of disk spaceand speeding up image downloadAs compared to virtual machines, containers are more resource-efficientbecause they do not require hypervisors. In addition, containers have lessmemory footprint and can help organizations avoid high costs and hasslesassociated with server sprawl.LinOxide4
HOW KUBERNETES DIFFERS FROM DOCKER PROJECT?Docker project aims at defining a container format, building andmanaging individual containersWHAT IS ORCHESTRATION?In order to implement certain applications, many containers need to bespinned and managed. In order to optimize this process, the deploymentof these containers can be automated. This is especially beneficial if thereis a growth in the number of hosts. This automation process is calledorchestration.FEATURES OF ORCHESTRATIONPreparing and equipping hostsInstantiating a set of desired containersMaintaining failed containers for example through rescheduling themMerging containers together through interfaces that have been agreeduponExposing services to machines outside of the clusterDocker has several orchestration tolls such as Kubernetes, Docker Machineand Docker swam among others. Kubernetes is one of the most featurerich orchestration tools and is widely used.After building the container image you want with Docker, you can useKubernetes or others to automate deployment on one or more computenodes in the cluster. In Kubernetes, interconnections between a set ofcontainers are managed by defining Kubernetes services. As demand forindividual containers increases or decreases, Kubernetes can start moreor stop some container pods as needed using its feature called replicationcontroller.Kubernetes gives you a capability to easily add new features to yourapplication, manage system resources and ship your applications fromdevelopment to production effortlessly. It has a flexible plugin-architectureand provides a convenient pathway to a hybrid cloud implementation.To conclude this section, many organizations favor the KubernetesLinOxide5
framework because it is highly portable and provides a smooth migrationpath for legacy applications. Although containers will never be and are notdesigned to be the single solution to all enterprise workloads, they are asmart way to accelerate development, deployment, and scaling of cloudnative workloads with the help of tools like Kubernetes.KEY FEATURES OF KUBERNETES ExtensibilityThis is the ability of a tool to allow an extension of its capacity/capabilitieswithout serious infrastructure changes. Users can freely extend and addservices. This means users can easily add their own features such assecurity updates, conduct server hardening or other custom features. PortabilityIn its broadest sense, this means, the ability of an application to bemoved from one machine to the other. This means package can runanywhere. Additionally, you could be running your application on googlecloud computer and later along the way get interested in using IBMwatson services or you use a cluster of raspberry PI in your backyard. Theapplication-centric nature of Kubernetes allows you to package your apponce and enjoy seamless migration from one platform to the other. Self-healingKubernetes offers application resilience through operations it initiates suchas auto start, useful when an app crash, auto-replication of containersand scales automatically depending on traffic. Through service discovery,Kubernetes can learn the health of application process by evaluating themain process and exit codes among others. Kubernetes healing propertyallows it to respond effectively. Load balancingKubernetes optimizes the tasks on demand by making them availableand avoids undue strain on the resources. In the context of Kubernetes, wehave two types of Load balancers – Internal and external load balancer.The creation of a load balancer is asynchronous process, informationabout provisioned load balancer is published in the Service’s status.loadBalancer.LinOxide6
Traffic coming from the external load balancer is directed at the backendpods. In most cases, external load balancer is created with user-specifiedload balancer IP address. If no IP address is specified, an ephemeral IP willbe assigned to the load balancer. Automated deployment and even replication of containersWORK UNITS OF KUBERNETES/ ClusterThese are the nodes or the collection of virtual machines or baremetal servers which provide the resources that Kubernetes uses to runapplications. PodsPods are the smallest units of Kubernetes. A pod can be a single or a groupof containers that work together. Generally, pods are relatively tightlycoupled. A canonical example is pulling and serving some files as shown inthe picture below.It doesn’t make sense to pull the files if you’re not serving them and itdoesn’t make sense to serve them if you haven’t pulled them.LinOxide7
Application containers in a pod are in an isolated environment withresource constraints. They all share network space, volumes, cgroups andLinux namespaces. All containers within a pod share an IP address andport space, hence they can find each other via 127.0.0.1 (localhost). Theycan as well communicate with each other via standard inter-processcommunications, e.g. SystemV semaphores/POSIX shared memory. Sincethey are co-located, they are always scheduled together.When pods are being created, they are assigned a unique ID (UID), andscheduled to run on nodes until they are terminated or deleted. If a nodedies, pods that were scheduled to that node are deleted after a timeoutperiod. LabelsThese are key/value pairs attached to objects like pods. When containersneed to be managed as a group, they are given tags called labels.This can allow them to be exposed to the outside to offer services. Areplication controller defined next gives the same label to all containersdeveloped from its templates. Labels make it easy for administration andmanagement of services.Labels are attached to objects at creation time and can be modified atany time. Each set of key/value must be unique for a given object. Unlikenames and UIDs, labels do not provide uniqueness, hence many objectscan carry the same label(s).The client or user identifies a set of objects using a label selector. The labelselector can be defined as the core grouping primitive in Kubernetes.Note: Within a namespace, there should be no overlap of the labelcollectors that belong to two controllers. ServicesA service is an abstraction that defines a logical set of pods and accesspolicy. Services include load balancers services for other containers. Podsperforming a similar function are grouped together and represent oneentity. If a certain process or application needs a service, a single accesspoint grants it a scalable backend which can be easily replicated makingLinOxide8
it optimum and fast. Service can be defined as an abstraction on top of anumber of pods.A Kubernetes service deployment has, at least, two parts. A replicationcontroller and a service. The replication controller defines how manyinstances should be running, the Container image to use, and a name toidentify the service. Additional options can be utilized for configuration anddiscovery. Replication ControllerA Replication Controller ensures that a specified number of pod replicasare running at any one time. It defines pods that are to be scaledhorizontally. Pods that have been completely defined are provided astemplates which are then added with what the new replication shouldhave. It is the responsibility of Replication controller to make sure that apod or a homogeneous set of pods is always up and available.Replication Controller supervises multiple pods across multiple nodes.Pods are automatically replaced, deleted or terminated if they fail. As anexample, pods are re-created on a node after disruptive maintenancesuch as a kernel upgrade. If the number of pods is too few, ReplicationController starts more pods. If there are too many pods, extra pods areterminated.COMPONENTS OF KUBERNETESThe diagram on the next page gives a representation of the componentsdiscussed above.Figure 1: Kubernetes ArchitectureLinOxide9
Each of these Kubernetes components and how they work is covered inthe next table. Note that it’s broken into two parts – Kubernetes Master andKubernetes Node. For Kubernetes Node to function in coordination withmaster services, there exist control plane within the Master Node.Kubernetes MasterComponentkubectlEtcdFunction of each componentThis is a command line interface whichenables you to run commands againstKubernetes cluster(s) Each command that you run with kubectlperforms an operation on one or moreresources. Examples of resource types are jobs, nodes,pods, services, endpoints e.t.c This is a highly available distributed keyvalue store that’s used to store sharedconfigurations and for service discoveryKubernetes uses etcd to store its API objectsand as an interface to register watchers onspecific nodes for reliableFor high availability and durability inproduction environments, you need to runetcd as a multi-node clusterIt is recommended to run etcd as a clusterof odd members (n/2) 1, where n is thenumber of nodes. For any odd-sized cluster,adding one node will always increase thenumber of nodesAn etcd cluster needs a majority of nodes, aquorum, to agree on updates to the clusterstate. necessary for quorumYou can also run etcd cluster in front of aload balancer.LinOxide10
kube-apiserver kube-controller-manager kube-schedulerThis service provides an API fororchestrating Kubernetes cluster It provides the frontend to the sharedstate of the cluster and services all RESToperations against the cluster.The kube-controller-manager serviceregulates the state of Kubernetes cluster. It does the watching of cluster’s sharedstate through the using apiservercomponent/service. It ensures cluster is operating within thedesired stateKube-scheduler does the management ofpods lifecycle. This includes deployment ofconfigured pods, deletion and termination. Is also gathers resources information fromall cluster Nodes. It works closely with controller managerto deploy Kubernetes objects in the clusterdepending on the resources available. Cloud-controller-manager This was introduced in 1.6 release versionof Kubernetes It is the future of integrating Kuberneteswith any cloud This is to enable cloud providers developtheir own features independently from thecore Kubernetes cycles. The cloud-controller manager providedin the core Kubernetes utilize same cloudlibraries as kube-controller-manager As of v1.8, the cloud controller managercan implement service controller,route controller, node controller de11
Table 1: Kubernetes Master ServicesKubernetes NodeComponentKube-proxyKubeletRoleThis service acts as a network proxy and doesload balancing of service running on a singleworker node. Kube-proxy usually runs on each node in thecluster. It watches the master for Service andEndpoints addition/removal and does loadbalancing through simple UDP, TCP streamforwarding and round-robin across a set ofbackend services without the clients knowinganything about Kubernetes or Services orPods. Kube-proxy is also responsible forimplementing a form of virtual IP for servicesof types other than ExternalName. This is the primary node agent running oneach node in the cluster It gets the configuration of a pod in YAML/JSON format from the apiserver and ensurethat the containers described in thoseconfigurations are running and in healthystate. It doesn’t manage containers which werecreated outside Kubernetes SupervisordSupervisor is a client/server system that allowsits users to monitor and control a number ofprocesses on UNIX-like operating systems. In Kubernetes, supervisord make surecontainer engine and kubelet are always inrunning state. Container Engine –Rkt, docker, e.t.cThese runs the configured pods on workernodes It does downloading of container images andacts as runtime environment for containersTable 2: Kubernetes Node Components LinOxide12
Kubernetes Concepts Pods ControllersDeploying Kubernetes Manually Install Docker Engine on UbuntuInstalling Kubernetes on UbuntuInstalling etcd 2.0 on UbuntuInstalling AddonsDownloading Kubernetes Docker ImagesKubernetes ConceptsTo fully understand Kubernetes operations, you’ll need a good foundationon the basics of pods and controllers. We’ll refer to the diagram belowwhile explaining these concepts.LinOxide13
PodsIn Kubernetes, a Pod is the smallest deployable object. It is the smallestbuilding unit representing a running process on your cluster. A Pod canrun a single container or multiple containers that need to run together.A Pod can also be defined as a group of containers that share resourceslike file systems, kernel namespaces, and an IP address.A pod encapsulates the following pieces-Application container; single or many containersA unique network IP address; each pod has an IP addressStorage resources; All containers in a pod share same storageOptions governing how containers should runA single instance of an application is Pod. This instance of an applicationcan be run on a single container or on a small number of containersthat share resources and are tightly coupled. Pods support a number ofcontainer runtime environments though docker is the most common inKubernetes.There are two models of running pods in Kubernetes: One container per pod - This is the most common model used inKubernetes. In this case, a pod is a wrapper around a single container.Kubernetes then manage pods instead of directly interacting withindividual containers. Multiple containers per pod: In this model, a pod encapsulates anapplication that runs on a multiple co-located containers that shareresources and are tightly coupled. These co-located containers mightform one container that serves files from a shared volume to the publicwhile one container tracks and updates changes of these files.When talking about pods in Kubernetes, there are different types ofcontainers that you need to know:LinOxide14
Sidecar containers- These are containers which assist the main container. Theytake main container better in its functionalities.From this diagram, the sidebar container does
Docker has several orchestration tolls such as Kubernetes, Docker Machine and Docker swam among others. Kubernetes is one of the most feature-rich orchestration tools and is widely used. After building the container image you want with Docker, you can use Kubernetes or others to automate deployment on one or more compute nodes in the cluster.
The top Kubernetes environments are Minikube (37%), on-prem Kubernetes installations (31%), and Docker Kubernetes (29%). On-prem Kubernetes installation increased to 31% from 23% last year. Packaging Applications What is your preferred method for packaging Kubernetes applications? Helm is still the most popular tool for packaging Kubernetes
Kubernetes support in Docker for Desktop 190 Pods 196 Comparing Docker Container and Kubernetes pod networking 197 Sharing the network namespace 198 Pod life cycle 201 Pod specification 202 Pods and volumes 204 Kubernetes ReplicaSet 206 ReplicaSet specification 207 Self-healing208 Kubernetes deployment 209 Kubernetes service 210
Configuring Kubernetes to run Oracle Programs on Certain Kubernetes Nodes Using Generic Kubernetes Features To leverage these Kubernetes features to limit Oracle licensing requirements for Oracle Programs to certain Kubernetes nodes within a Kubernetes clusters, you should perform the following steps using kubectl and YAML editing tools: 1.
Kubernetes and Canonical This reference architecture based on Canonical's Charmed Kubernetes. Canonical commercially distributes and supports the pure upstream version of Kubernetes. Ubuntu is the reference operating system for Kubernetes deployments, making it an easy way to build Kubernetes clusters.
Kubernetes integration in Docker EE What the community and our customers asked for: Provide choice of orchestrators Make Kubernetes easier to manage Docker Dev to Ops user experience with Kubernetes Docker EE advanced capabilities on Kubernetes Kubernetes management on multiple Linux distributions, multiple clouds and Windows
Kubernetes Engine (GKE), Amazon Elastic Container Service for Kubernetes (EKS) or Azure Kubernetes Service (AKS). B. Install, run, and manage Kubernetes on an IaaS platform such as Amazon EC2, Azure, Google Cloud or DigitalOcean. C. Install, run, and manage Kubernetes on infrastructure you own, either on bare metal or on a private cloud .
Kubernetes manages the container traffic and performance. It is patched inside Helm charts to streamline installing and managing Kubernetes applications. Kubernetes advantages Using Kubernetes to orchestrate containers provides the following advantages: Manages related and distributed components across various infrastructures
Basics of Kubernetes 2.1 Labs Exercise 2.1: View Online Resources Visit kubernetes.io With such a fast changing project, it is important to keep track of updates. The main place to find documentation of the current version is https://kubernetes.io/. 1.Open a browser and visit the https://kubernetes.io/ website.
