SlideShare a Scribd company logo

Kubernetes: An Introduction to the Open Source Container Orchestration Platform

M
Michael O'Sullivan

Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It operates on a cluster model with master and worker nodes, allowing for features like self-healing, automated updates, and service discovery. The document provides an overview of its architecture, components, and comparisons with other container orchestration tools like Docker Swarm.

Software
1 of 34
Downloaded 55 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - An Introduction to the Open Source Container Orchestration Platform Cork Open Technologies Michael J. O’Sullivan - @mjjosullivan 17th April 2018
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Before we start... Beware...shipping analogies ahoy!
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - what is it? Kubernetes is an open-source system for automating deployment, scaling, and management of container- ized applications. ▶ Abbreviated as K8S or Kube for short. ▶ Kubernetes is Greek for helmsman or pilot. ▶ Originally developed by Google based on the internal Borg cluster management system, and made available as version 1.0 in 2015. ▶ Now open-source and managed under the Cloud Native Computing Foundation (CNCF). ▶ It is not a container-engine itself - it uses various other container-engines, notably Docker. ▶ Can create Resources (objects) either via CLI (kubectl) or via YAML/JSON files.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - why would I use it? As an orchestration platform, K8S provides features to make the management, maintenance, and life-cycle of containers easier than using a containers-engine alone. ▶ Horizontal scaling of applications accross containers. ▶ Self-healing by redeploying containers that have crashed. ▶ Automated rollout of container updates, and rollbacks if failures detected. ▶ Provides for service discovery across applications with cluster DNS names and IP addresses, and load balancing capabilities with these.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...but what about Docker Swarm? ▶ Both have their pros and cons as a choice of orchestration platform... ▶ Docker Swarm is seen as a simpler platform - provides compatibility with existing Docker APIs, and Docker Compose. ▶ Docker is not strictly open source... ▶ K8S is considered to be more flexible, with more features and multi container-engine support, but is seen as more complex. ▶ K8S backing from hosted platforms such as Google Cloud Platform, and the experience of Google running containers, and it’s open source nature, all contribute to its popularity.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Clusters Containerised-applications are deployed with K8S into highly available Clusters. ▶ Clusters run over several computers called Worker Nodes, that are connected to work as a single unit. ▶ Containerised applications are automatically distributed among the Worker Nodes at deploy time. ▶ A Master Node manages the cluster - coordinating scheduling, scaling, and rolling updates.
Master and Worker Nodes . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Deployments To run a containerised-application in a cluster, a Deployment configuration is used. ▶ The Deployment describes how K8S should create and update application instances. ▶ The K8S Master uses this to schedule the instances onto the Worker Nodes.
Creating a Deployment . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Pods A Pod is an abstraction that represents a group of one or more application containers and shared resources. ▶ Pods are the atomic unit on the Kubernetes platform for scheduling in a Cluster. ▶ Deployments create Pods, with containers running inside those Pods. ▶ The Pods are scheduled on the Worker Nodes, and remain on their assigned Nodes until termination. ▶ Worker Nodes can run several Pods.
Deployments create Pods . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ConfigMaps ConfigMaps decouple configuration from images for container portability... apiVersion: v1 data: game.properties: | enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAS secret.code.allowed=true secret.code.lives=30 ui.properties: | color.good=purple color.bad=yellow allow.textmode=true how.nice.to.look=fairlyNice kind: ConfigMap metadata: creationTimestamp: 2016-02-18T18:52:05Z name: game-config namespace: default resourceVersion: "516" selfLink: /api/v1/namespaces/default/configmaps/game-config uid: b4952dc3-d670-11e5-8cd0-68f728db1985
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Secrets A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. ▶ Saving credentials in a Secret rather than a Pod provides more control over how it is used, and reduces the risk of accidental exposure. ▶ A secret can be used with a Pod in two ways: as files in a mounted Volume, or used by kubelet when pulling images for the Pod.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Describing Secrets $ kubectl get secrets NAME TYPE DATA AGE db-user-pass Opaque 2 51s $ kubectl describe secrets/db-user-pass Name: db-user-pass Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password.txt: 12 bytes username.txt: 5 bytes
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using Secrets in a Pod apiVersion: v1 kind: Pod metadata: name: secret-env-pod spec: containers: - name: mycontainer image: redis env: - name: SECRET_USERNAME valueFrom: secretKeyRef: name: mysecret key: username - name: SECRET_PASSWORD valueFrom: secretKeyRef: name: mysecret key: password restartPolicy: Never
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Worker Nodes The Worker Node above is running several Pods - each Pod runs one or more Containers, and encapsulates resources such as storage volumes. ▶ Each Pod has a Cluster IP address. ▶ Docker-engine is installed and running as the container-engine on the Node. ▶ A kubelet agent is also running on the Node - this is used to talk to the Master Node.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Cluster Storage There are persistent and non-persistent methods for storing data in clusters. ▶ Data can be either stored in the container, or mounted into the container from the Worker Node - this data is non-persistent. ▶ To store persistent data, network file storage (NFS) should be used. ▶ To attach an NFS volume to a Pod, a Persistent Volume Claim (PVC) is specified as part of the Deployment. ▶ A PVC will attach a Persistent Volume (PV) to the cluster, which can be mounted to any Pod.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Services A Service is a logical set of Pods and a policy to access them - they are used to expose your pods to access from outside the cluster
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Services ▶ Cluster IP: Default option. The Service uses an internal IP only accessible within the cluster. ▶ NodePort: A Service is accessed using the IP address of the Worker Node. ▶ LoadBalancer: A Service is accessed using an external LoadBalancer with a seperate extermal IP address. ▶ ExternalName: A Service is accessed using an a name defined in a CNAME record in DNS.
Creating Services . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ingress An Ingress is an API object that manages external access to the services in a cluster, typically via HTTP. Ingress can provide load balancing, SSL termination, and name-based virtual hosting. ▶ The Ingress Object contains rules to specify how external inbound traffic can reach services using URLs. ▶ These rules are defined in an Ingress Resource. ▶ The Ingress Resource is provided to the Ingress Controller, which uses a LoadBalancer to manage incoming traffic against the rules. ▶ Essentially an easy way of combining services exposed via a LoadBalancer, and path matching against URLs for different services!
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ingress Resource apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: foo.bar.com http: paths: - path: /foo backend: serviceName: s1 servicePort: 80 - path: /bar backend: serviceName: s2 servicePort: 80
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Labels Labels are key:value pairs that can be applied to objects to provide logical groupings - labels are then used with selectors to apply logical operations.
Using Labels . . . . . . . . . . . . . . . . . . . .
K8S Architecture The architecture can be viewed in two parts: components that run on a Master Node, and those that run on the Worker Nodes (minions). . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K8S Architecture - Master Nodes ▶ Kube Controller Manager: Runs common controllers for Nodes, Routes, Services, and Volumes. ▶ Cloud Controller Manager: Runs separate processes for KCM controllers that contain cloud-vendor specific implementations. ▶ kube-apiserver: K8S brain - hub of communications between Masters and Workers. Also receives kubectl commands. ▶ etcd: A key:value database that stores all the information for current and desired state of clusters. ▶ kube-scheduler: Based on workload, schedules upon which Worker Nodes that Pods should run.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K8S Architecture - Worker Nodes ▶ kubelet: Effectively the K8S agent running on each node, for communication with the apiserver on the Master - implements Node and Pod APIs, and initialises a Worker. ▶ kube-proxy: A network proxy that is used to implement service backends in K8S, providing appropriate traffic routing to virtual-IPs of backend services via iptables configurations. ▶ Docker: Out of the box, docker-engine is running as the container engine implementation.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helm The package manager for Kubernetes...
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helm - what is it? Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application. ▶ A Helm Chart is in effect a package of different Kubernetes objects (deployments, services, routes, etc.) that can deploy an entire software stack into a cluster with one command. ▶ Developers can write Helm Charts, version them, and then publish them to a repository for sharing with the wider community. ▶ Developers install a Helm Client onto the local machine, and use it to install a Tiller into the target cluster - Tiller both installs and manages Charts in your cluster as Releases.
Helm: Installing and Deploying helm init configures the CLI, and installs Tiller into the cluster. Helm has not only created the Deployment, but also a ConfigMap and two Services! . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Istio An open platform to connect, manage, and secure microservices. A Google - IBM collaborative project.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Istio - what is it? Istio can be used to overlay useful networking fea- tures on top of services deployed with Kubernetes using a service mesh. ▶ It enables load balancing, service-to-service authentication and monitoring without any changes required to the service code. ▶ Istio is built upon the Envoy proxy to mediate traffic between different services. ▶ A sidecar container is deployed into each Pod in the Cluster, and any ingress/egress traffic for the Pod is routed through this sidecar into the service mesh.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Architecture ▶ Pilot: Provides service-discovery, traffic management and routing between sidecars within the Cluster. ▶ Mixer: Responsible for enforcing access control policies over the service mesh, and reporting telemetry metrics. ▶ Istio-Auth: Provides service-to-service and end-user authentication with mutual TLS using built-in identity and credential management.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The End Thank you! Acknowledgements: Alan Panayotov Ruairi Hayes Kubernetes: https://kubernetes.io/ K8S vs. Docker Swarm: https://nickjanetakis.com/blog/ docker-swarm-vs-kubernetes-which-one-should-you-learn Helm: https://helm.sh Helm Minecraft Chart: https://github.com/ kubernetes/charts/tree/master/stable/minecraft Istio: https://istio.io/ Cork Open Technologies Meetup: https://www.meetup.com/Cork-OpenTechnology/ Cork Open Technologies Twitter: https://twitter.com/CorkOpenTech

More Related Content

What's hot (20)

PDF
An Introduction to Kubernetes
Imesh Gunaratne
 
PDF
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
PDF
Kubernetes a comprehensive overview
Gabriel Carro
 
PDF
Rancher 2.0 Technical Deep Dive
LINE Corporation
 
PDF
Introduction to Kubernetes Workshop
Bob Killen
 
PDF
Hands-On Introduction to Kubernetes at LISA17
Ryan Jarvinen
 
PDF
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Edureka!
 
PDF
Kubernetes Introduction
Peng Xiao
 
PDF
Kubernetes: A Short Introduction (2019)
Megan O'Keefe
 
ODP
Kubernetes Architecture
Knoldus Inc.
 
PDF
Introduction to kubernetes
Gabriel Carro
 
PDF
DevJam 2019 - Introduction to Kubernetes
Ronny Trommer
 
PDF
Kubernetes Basics
Eueung Mulyana
 
PDF
An overview of the Kubernetes architecture
Igor Sfiligoi
 
PPTX
Kubernetes for Beginners: An Introductory Guide
Bytemark
 
PPTX
Introduction to kubernetes
Michal Cwienczek
 
PPT
Docker introduction
Phuc Nguyen
 
PDF
Kubernetes - introduction
Sparkbit
 
PPTX
Kubernetes Basics
Antonin Stoklasek
 
PDF
Cluster-as-code. The Many Ways towards Kubernetes
QAware GmbH
 
An Introduction to Kubernetes
Imesh Gunaratne
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
Kubernetes a comprehensive overview
Gabriel Carro
 
Rancher 2.0 Technical Deep Dive
LINE Corporation
 
Introduction to Kubernetes Workshop
Bob Killen
 
Hands-On Introduction to Kubernetes at LISA17
Ryan Jarvinen
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Edureka!
 
Kubernetes Introduction
Peng Xiao
 
Kubernetes: A Short Introduction (2019)
Megan O'Keefe
 
Kubernetes Architecture
Knoldus Inc.
 
Introduction to kubernetes
Gabriel Carro
 
DevJam 2019 - Introduction to Kubernetes
Ronny Trommer
 
Kubernetes Basics
Eueung Mulyana
 
An overview of the Kubernetes architecture
Igor Sfiligoi
 
Kubernetes for Beginners: An Introductory Guide
Bytemark
 
Introduction to kubernetes
Michal Cwienczek
 
Docker introduction
Phuc Nguyen
 
Kubernetes - introduction
Sparkbit
 
Kubernetes Basics
Antonin Stoklasek
 
Cluster-as-code. The Many Ways towards Kubernetes
QAware GmbH
 

Similar to Kubernetes: An Introduction to the Open Source Container Orchestration Platform (20)

PDF
Kubernetes Basics - ICP Workshop Batch II
PT Datacomm Diangraha
 
PPT
Kubernetes is a ppt of explanation of kubernet topics
tnmy4903
 
PPTX
01. Kubernetes-PPT.pptx
TamalBanerjee16
 
PDF
Kubernetes intro
Pravin Magdum
 
PDF
Kubernetes: https://youtu.be/KnjnQj-FvfQ
Rahul Malhotra
 
PDF
kubernetes.pdf
crezzcrezz
 
PPTX
Kubernetes intro
Jason Wuertz
 
PPTX
Containers Orchestration using kubernates.pptx
rani marri
 
PPTX
Microsoft, Linux, Open Source, DevOps
Jessica Deen
 
PDF
Managing containers at scale
Smruti Ranjan Tripathy
 
PDF
Running and Managing Kubernetes on OpenStack
Victor Palma
 
PPTX
Introduction: Basic About Kubernetes Cluster
OpikTaufiq1
 
PDF
6 Steps Functionality Hacks To Kubernetes - 2023 Update.pdf
Mars Devs
 
PDF
Kubernetes meetup 101
Jakir Patel
 
PDF
Driving Digital Transformation With Containers And Kubernetes Complete Deck
SlideTeam
 
PPTX
K8s in 3h - Kubernetes Fundamentals Training
Piotr Perzyna
 
PDF
Deploying your first application with Kubernetes
OVHcloud
 
PDF
WSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & Docker
WSO2
 
PPTX
Intro to kubernetes
Elad Hirsch
 
PDF
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam
 
Kubernetes Basics - ICP Workshop Batch II
PT Datacomm Diangraha
 
Kubernetes is a ppt of explanation of kubernet topics
tnmy4903
 
01. Kubernetes-PPT.pptx
TamalBanerjee16
 
Kubernetes intro
Pravin Magdum
 
Kubernetes: https://youtu.be/KnjnQj-FvfQ
Rahul Malhotra
 
kubernetes.pdf
crezzcrezz
 
Kubernetes intro
Jason Wuertz
 
Containers Orchestration using kubernates.pptx
rani marri
 
Microsoft, Linux, Open Source, DevOps
Jessica Deen
 
Managing containers at scale
Smruti Ranjan Tripathy
 
Running and Managing Kubernetes on OpenStack
Victor Palma
 
Introduction: Basic About Kubernetes Cluster
OpikTaufiq1
 
6 Steps Functionality Hacks To Kubernetes - 2023 Update.pdf
Mars Devs
 
Kubernetes meetup 101
Jakir Patel
 
Driving Digital Transformation With Containers And Kubernetes Complete Deck
SlideTeam
 
K8s in 3h - Kubernetes Fundamentals Training
Piotr Perzyna
 
Deploying your first application with Kubernetes
OVHcloud
 
WSO2Con ASIA 2016: Revolutionizing WSO2 App Cloud with Kubernetes & Docker
WSO2
 
Intro to kubernetes
Elad Hirsch
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam
 
Ad

More from Michael O'Sullivan (6)

PDF
Developing and Operating Microservice-based Applications on Modern Cloud Plat...
Michael O'Sullivan
 
PDF
IBM Hybrid Cloud Integration UCC Talk, 23rd November 2021 - Cloud Application...
Michael O'Sullivan
 
PPT
IBM Cloud UCC Talk, 8th December 2020 - Cloud Native, Microservices, and Serv...
Michael O'Sullivan
 
PDF
Cloud Native Computing: What does it mean, and is your app Cloud Native?
Michael O'Sullivan
 
PPT
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
Michael O'Sullivan
 
PPT
IBM Cloud UCC Talk, 22nd November 2017
Michael O'Sullivan
 
Developing and Operating Microservice-based Applications on Modern Cloud Plat...
Michael O'Sullivan
 
IBM Hybrid Cloud Integration UCC Talk, 23rd November 2021 - Cloud Application...
Michael O'Sullivan
 
IBM Cloud UCC Talk, 8th December 2020 - Cloud Native, Microservices, and Serv...
Michael O'Sullivan
 
Cloud Native Computing: What does it mean, and is your app Cloud Native?
Michael O'Sullivan
 
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
Michael O'Sullivan
 
IBM Cloud UCC Talk, 22nd November 2017
Michael O'Sullivan
 
Ad

Recently uploaded (20)

PDF
Why Businesses Are Switching to Open Source Alternatives to Crystal Reports.pdf
Varsha Nayak
 
PDF
Capcut Pro Crack For PC Latest Version {Fully Unlocked} 2025
hashhshs786
 
PDF
vMix Pro 28.0.0.42 Download vMix Registration key Bundle
kulindacore
 
PDF
Understanding the Need for Systemic Change in Open Source Through Intersectio...
Imma Valls Bernaus
 
PPTX
Writing Better Code - Helping Developers make Decisions.pptx
Lorraine Steyn
 
PDF
MiniTool Partition Wizard 12.8 Crack License Key LATEST
hashhshs786
 
PDF
Powering GIS with FME and VertiGIS - Peak of Data & AI 2025
Safe Software
 
PPTX
How Odoo Became a Game-Changer for an IT Company in Manufacturing ERP
SatishKumar2651
 
PPTX
The Role of a PHP Development Company in Modern Web Development
SEO Company for School in Delhi NCR
 
PPTX
How Apagen Empowered an EPC Company with Engineering ERP Software
SatishKumar2651
 
PDF
Efficient, Automated Claims Processing Software for Insurers
Insurance Tech Services
 
PPTX
Java Native Memory Leaks: The Hidden Villain Behind JVM Performance Issues
Tier1 app
 
PPTX
Migrating Millions of Users with Debezium, Apache Kafka, and an Acyclic Synch...
MD Sayem Ahmed
 
PPTX
Perfecting XM Cloud for Multisite Setup.pptx
Ahmed Okour
 
PPTX
Engineering the Java Web Application (MVC)
abhishekoza1981
 
PDF
iTop VPN With Crack Lifetime Activation Key-CODE
utfefguu
 
PPTX
Why Businesses Are Switching to Open Source Alternatives to Crystal Reports.pptx
Varsha Nayak
 
PPTX
Human Resources Information System (HRIS)
Amity University, Patna
 
PDF
GetOnCRM Speeds Up Agentforce 3 Deployment for Enterprise AI Wins.pdf
GetOnCRM Solutions
 
PPTX
MailsDaddy Outlook OST to PST converter.pptx
abhishekdutt366
 
Why Businesses Are Switching to Open Source Alternatives to Crystal Reports.pdf
Varsha Nayak
 
Capcut Pro Crack For PC Latest Version {Fully Unlocked} 2025
hashhshs786
 
vMix Pro 28.0.0.42 Download vMix Registration key Bundle
kulindacore
 
Understanding the Need for Systemic Change in Open Source Through Intersectio...
Imma Valls Bernaus
 
Writing Better Code - Helping Developers make Decisions.pptx
Lorraine Steyn
 
MiniTool Partition Wizard 12.8 Crack License Key LATEST
hashhshs786
 
Powering GIS with FME and VertiGIS - Peak of Data & AI 2025
Safe Software
 
How Odoo Became a Game-Changer for an IT Company in Manufacturing ERP
SatishKumar2651
 
The Role of a PHP Development Company in Modern Web Development
SEO Company for School in Delhi NCR
 
How Apagen Empowered an EPC Company with Engineering ERP Software
SatishKumar2651
 
Efficient, Automated Claims Processing Software for Insurers
Insurance Tech Services
 
Java Native Memory Leaks: The Hidden Villain Behind JVM Performance Issues
Tier1 app
 
Migrating Millions of Users with Debezium, Apache Kafka, and an Acyclic Synch...
MD Sayem Ahmed
 
Perfecting XM Cloud for Multisite Setup.pptx
Ahmed Okour
 
Engineering the Java Web Application (MVC)
abhishekoza1981
 
iTop VPN With Crack Lifetime Activation Key-CODE
utfefguu
 
Why Businesses Are Switching to Open Source Alternatives to Crystal Reports.pptx
Varsha Nayak
 
Human Resources Information System (HRIS)
Amity University, Patna
 
GetOnCRM Speeds Up Agentforce 3 Deployment for Enterprise AI Wins.pdf
GetOnCRM Solutions
 
MailsDaddy Outlook OST to PST converter.pptx
abhishekdutt366
 

Kubernetes: An Introduction to the Open Source Container Orchestration Platform

  • 1. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - An Introduction to the Open Source Container Orchestration Platform Cork Open Technologies Michael J. O’Sullivan - @mjjosullivan 17th April 2018
  • 2. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Before we start... Beware...shipping analogies ahoy!
  • 3. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - what is it? Kubernetes is an open-source system for automating deployment, scaling, and management of container- ized applications. ▶ Abbreviated as K8S or Kube for short. ▶ Kubernetes is Greek for helmsman or pilot. ▶ Originally developed by Google based on the internal Borg cluster management system, and made available as version 1.0 in 2015. ▶ Now open-source and managed under the Cloud Native Computing Foundation (CNCF). ▶ It is not a container-engine itself - it uses various other container-engines, notably Docker. ▶ Can create Resources (objects) either via CLI (kubectl) or via YAML/JSON files.
  • 4. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - why would I use it? As an orchestration platform, K8S provides features to make the management, maintenance, and life-cycle of containers easier than using a containers-engine alone. ▶ Horizontal scaling of applications accross containers. ▶ Self-healing by redeploying containers that have crashed. ▶ Automated rollout of container updates, and rollbacks if failures detected. ▶ Provides for service discovery across applications with cluster DNS names and IP addresses, and load balancing capabilities with these.
  • 5. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...but what about Docker Swarm? ▶ Both have their pros and cons as a choice of orchestration platform... ▶ Docker Swarm is seen as a simpler platform - provides compatibility with existing Docker APIs, and Docker Compose. ▶ Docker is not strictly open source... ▶ K8S is considered to be more flexible, with more features and multi container-engine support, but is seen as more complex. ▶ K8S backing from hosted platforms such as Google Cloud Platform, and the experience of Google running containers, and it’s open source nature, all contribute to its popularity.
  • 6. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Clusters Containerised-applications are deployed with K8S into highly available Clusters. ▶ Clusters run over several computers called Worker Nodes, that are connected to work as a single unit. ▶ Containerised applications are automatically distributed among the Worker Nodes at deploy time. ▶ A Master Node manages the cluster - coordinating scheduling, scaling, and rolling updates.
  • 7. Master and Worker Nodes . . . . . . . . . . . . . . . . . . . .
  • 8. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Deployments To run a containerised-application in a cluster, a Deployment configuration is used. ▶ The Deployment describes how K8S should create and update application instances. ▶ The K8S Master uses this to schedule the instances onto the Worker Nodes.
  • 9. Creating a Deployment . . . . . . . . . . . . . . . . . . . .
  • 10. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Pods A Pod is an abstraction that represents a group of one or more application containers and shared resources. ▶ Pods are the atomic unit on the Kubernetes platform for scheduling in a Cluster. ▶ Deployments create Pods, with containers running inside those Pods. ▶ The Pods are scheduled on the Worker Nodes, and remain on their assigned Nodes until termination. ▶ Worker Nodes can run several Pods.
  • 11. Deployments create Pods . . . . . . . . . . . . . . . . . . . .
  • 12. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ConfigMaps ConfigMaps decouple configuration from images for container portability... apiVersion: v1 data: game.properties: | enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAS secret.code.allowed=true secret.code.lives=30 ui.properties: | color.good=purple color.bad=yellow allow.textmode=true how.nice.to.look=fairlyNice kind: ConfigMap metadata: creationTimestamp: 2016-02-18T18:52:05Z name: game-config namespace: default resourceVersion: "516" selfLink: /api/v1/namespaces/default/configmaps/game-config uid: b4952dc3-d670-11e5-8cd0-68f728db1985
  • 13. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Secrets A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. ▶ Saving credentials in a Secret rather than a Pod provides more control over how it is used, and reduces the risk of accidental exposure. ▶ A secret can be used with a Pod in two ways: as files in a mounted Volume, or used by kubelet when pulling images for the Pod.
  • 14. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Describing Secrets $ kubectl get secrets NAME TYPE DATA AGE db-user-pass Opaque 2 51s $ kubectl describe secrets/db-user-pass Name: db-user-pass Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password.txt: 12 bytes username.txt: 5 bytes
  • 15. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using Secrets in a Pod apiVersion: v1 kind: Pod metadata: name: secret-env-pod spec: containers: - name: mycontainer image: redis env: - name: SECRET_USERNAME valueFrom: secretKeyRef: name: mysecret key: username - name: SECRET_PASSWORD valueFrom: secretKeyRef: name: mysecret key: password restartPolicy: Never
  • 16. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Worker Nodes The Worker Node above is running several Pods - each Pod runs one or more Containers, and encapsulates resources such as storage volumes. ▶ Each Pod has a Cluster IP address. ▶ Docker-engine is installed and running as the container-engine on the Node. ▶ A kubelet agent is also running on the Node - this is used to talk to the Master Node.
  • 17. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Cluster Storage There are persistent and non-persistent methods for storing data in clusters. ▶ Data can be either stored in the container, or mounted into the container from the Worker Node - this data is non-persistent. ▶ To store persistent data, network file storage (NFS) should be used. ▶ To attach an NFS volume to a Pod, a Persistent Volume Claim (PVC) is specified as part of the Deployment. ▶ A PVC will attach a Persistent Volume (PV) to the cluster, which can be mounted to any Pod.
  • 18. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Services A Service is a logical set of Pods and a policy to access them - they are used to expose your pods to access from outside the cluster
  • 19. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Services ▶ Cluster IP: Default option. The Service uses an internal IP only accessible within the cluster. ▶ NodePort: A Service is accessed using the IP address of the Worker Node. ▶ LoadBalancer: A Service is accessed using an external LoadBalancer with a seperate extermal IP address. ▶ ExternalName: A Service is accessed using an a name defined in a CNAME record in DNS.
  • 20. Creating Services . . . . . . . . . . . . . . . . . . . .
  • 21. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ingress An Ingress is an API object that manages external access to the services in a cluster, typically via HTTP. Ingress can provide load balancing, SSL termination, and name-based virtual hosting. ▶ The Ingress Object contains rules to specify how external inbound traffic can reach services using URLs. ▶ These rules are defined in an Ingress Resource. ▶ The Ingress Resource is provided to the Ingress Controller, which uses a LoadBalancer to manage incoming traffic against the rules. ▶ Essentially an easy way of combining services exposed via a LoadBalancer, and path matching against URLs for different services!
  • 22. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ingress Resource apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: foo.bar.com http: paths: - path: /foo backend: serviceName: s1 servicePort: 80 - path: /bar backend: serviceName: s2 servicePort: 80
  • 23. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Labels Labels are key:value pairs that can be applied to objects to provide logical groupings - labels are then used with selectors to apply logical operations.
  • 24. Using Labels . . . . . . . . . . . . . . . . . . . .
  • 25. K8S Architecture The architecture can be viewed in two parts: components that run on a Master Node, and those that run on the Worker Nodes (minions). . . . . . . . . . . . . . . . . . . . .
  • 26. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K8S Architecture - Master Nodes ▶ Kube Controller Manager: Runs common controllers for Nodes, Routes, Services, and Volumes. ▶ Cloud Controller Manager: Runs separate processes for KCM controllers that contain cloud-vendor specific implementations. ▶ kube-apiserver: K8S brain - hub of communications between Masters and Workers. Also receives kubectl commands. ▶ etcd: A key:value database that stores all the information for current and desired state of clusters. ▶ kube-scheduler: Based on workload, schedules upon which Worker Nodes that Pods should run.
  • 27. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K8S Architecture - Worker Nodes ▶ kubelet: Effectively the K8S agent running on each node, for communication with the apiserver on the Master - implements Node and Pod APIs, and initialises a Worker. ▶ kube-proxy: A network proxy that is used to implement service backends in K8S, providing appropriate traffic routing to virtual-IPs of backend services via iptables configurations. ▶ Docker: Out of the box, docker-engine is running as the container engine implementation.
  • 28. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helm The package manager for Kubernetes...
  • 29. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helm - what is it? Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application. ▶ A Helm Chart is in effect a package of different Kubernetes objects (deployments, services, routes, etc.) that can deploy an entire software stack into a cluster with one command. ▶ Developers can write Helm Charts, version them, and then publish them to a repository for sharing with the wider community. ▶ Developers install a Helm Client onto the local machine, and use it to install a Tiller into the target cluster - Tiller both installs and manages Charts in your cluster as Releases.
  • 30. Helm: Installing and Deploying helm init configures the CLI, and installs Tiller into the cluster. Helm has not only created the Deployment, but also a ConfigMap and two Services! . . . . . . . . . . . . . . . . . . . .
  • 31. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Istio An open platform to connect, manage, and secure microservices. A Google - IBM collaborative project.
  • 32. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Istio - what is it? Istio can be used to overlay useful networking fea- tures on top of services deployed with Kubernetes using a service mesh. ▶ It enables load balancing, service-to-service authentication and monitoring without any changes required to the service code. ▶ Istio is built upon the Envoy proxy to mediate traffic between different services. ▶ A sidecar container is deployed into each Pod in the Cluster, and any ingress/egress traffic for the Pod is routed through this sidecar into the service mesh.
  • 33. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Architecture ▶ Pilot: Provides service-discovery, traffic management and routing between sidecars within the Cluster. ▶ Mixer: Responsible for enforcing access control policies over the service mesh, and reporting telemetry metrics. ▶ Istio-Auth: Provides service-to-service and end-user authentication with mutual TLS using built-in identity and credential management.
  • 34. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The End Thank you! Acknowledgements: Alan Panayotov Ruairi Hayes Kubernetes: https://kubernetes.io/ K8S vs. Docker Swarm: https://nickjanetakis.com/blog/ docker-swarm-vs-kubernetes-which-one-should-you-learn Helm: https://helm.sh Helm Minecraft Chart: https://github.com/ kubernetes/charts/tree/master/stable/minecraft Istio: https://istio.io/ Cork Open Technologies Meetup: https://www.meetup.com/Cork-OpenTechnology/ Cork Open Technologies Twitter: https://twitter.com/CorkOpenTech