Posted on Sunday July 01, 2018 by Eric Potvin
Before we start, please make sure you read and understand what is a docker container first. This will help you understand better what is kubernetes.
What is Kubernetes?
Kubernetes is a container management solution. It includes several logical layers:
- Development: Agile micro-services development with data and container services
- Continuous Delivery and Integration: Host application on Kubernetes
- Services: containerized application orchestration
- as-a-Service Automation: provisioning, scaling, self-healing, monitoring, logging, etc...
- Infrastructure: public or private cloud & virtualization
Another wat to put this is think Kubernetes as you own Data-center. In your data-center you have racks of servers, which in kubernetes worlds these are called Pods. Each racks (or in this case Pods) contains at least one server, which are called containers.
All about Continuity
Continuous integration (CI) is the practice of merging all developer working copies to a shared mainline several times a day.
This split into two categories:
Source code control
Automatically trigger CI/CD pipeline based on code check-in
For example: Github or Bitbucket
Build and tests
Automated build and tests, including: regression, cycle, functional, security and performance tests.
For example: Jenkins or CircleCi
Continuous deployment is a way to automatically release committed code (that passes automated tests) into a production environment. Therefore, making the new changes instantly visible to the users.
This split into two categories:
Update the repository with latest successful code artifacts and pull newest images.
For example: Artifactory or Docker
Deploy, monitor, and log
Deploy applications to the orchestration, watch and get alerts via monitoring and logging.
For example: Prometheus (monitoring) or EFK (Elasticsearch, Fluentd, Kibana for Logging)
Components of Kubernetes
Kubernetes work with nodes. A node is a worker machine in Kubernetes, previously known as a minion. A node may be a VM or physical machine, depending on the cluster. Each node has the services necessary to run pods and is managed by the master components. The Kubernetes node has the services necessary to run application containers and be managed from the master systems. The services on a node include Docker, kubelet and kube-proxy.
Master components provide the cluster’s control plane. Master components make global decisions about the cluster (for example, scheduling), and detecting and responding to cluster events (starting up a new pod when a replication controller’s "replicas" field is unsatisfied).
Node components run on every node, maintaining running pods and providing the Kubernetes runtime environment.
- Container Runtime
Kubernetes also includes addons Addons are pods and services that implement cluster features. The pods may be managed by Deployments, ReplicationControllers, and so on. Namespaced addon objects are created in the kube-system namespace.
- Web UI (Dashboard)
- Container Resource Monitoring
- Cluster-level Logging
Ecosystem required components
In order to successfully deploy to production your Kubernetes solution, you need to include the following components:
- Kubernetes can be installed on any type of servers. Dedicated, virtual, public or private cloud
- HTTP traffic access control for Kubernetes services
- Interacts with Kubernetes API for state changes
- Applies ingress rules to service load balancer
- Metrics collected on Kubernetes infrastructure and hosted objects
- Typical options: Prometheus, Sysdig, Datadog
- Network overlay for policy and software defined networking
- Network overlays use the Container Network Interface (CNI) standard that
- Software load balancing to each Kubernetes services
- Required management layer for Kubernetes CI/CD and data services
- Mesosphere DC/OS provides intelligent machines as-a-Service automation on any infrastructure
- DC/OS features abstraction, declarative, and immutable management
Private Container Registry
- Registry for an organization’s standard container images
- Require access credentials (from IDM or secrets located in Kubernetes pod)
Logging & Auditing
- Centralized logging for Kubernetes
- Typical options: FluentD, Logstash
- Holds sensitive information such as passwords, OAuth tokens, and ssh keys required for services, developers and operations works with all Kubernetes clusters
- Specific containers used in Kubernetes
- Currently Kubernetes supports Docker
Virtual segmentation of single clusters
A logical grouping of one or more containers that is managed by Kubernetes
Infrastructure fabric of Kubernetes (host of worker and master components)
continuous loop that ensures given number of pods are running
role based access controls for Kubernetes cluster
manages external HTTP traffic to hosted service
manages a ReplicaSet, pod definitions/updates and other concepts
a logical layer that provides IP/DNS/etc. persistence to dynamic pods
Source: mesosphere kubernetes cheatsheet (dead link removed), kubernetes.io