SlideShare a Scribd company logo

Kubernetes: An Introduction to the Open Source Container Orchestration Platform

M
Michael O'Sullivan

Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It operates on a cluster model with master and worker nodes, allowing for features like self-healing, automated updates, and service discovery. The document provides an overview of its architecture, components, and comparisons with other container orchestration tools like Docker Swarm.

Software
1 of 34
Downloaded 55 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - An Introduction to the Open Source Container Orchestration Platform Cork Open Technologies Michael J. O’Sullivan - @mjjosullivan 17th April 2018
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Before we start... Beware...shipping analogies ahoy!
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - what is it? Kubernetes is an open-source system for automating deployment, scaling, and management of container- ized applications. ▶ Abbreviated as K8S or Kube for short. ▶ Kubernetes is Greek for helmsman or pilot. ▶ Originally developed by Google based on the internal Borg cluster management system, and made available as version 1.0 in 2015. ▶ Now open-source and managed under the Cloud Native Computing Foundation (CNCF). ▶ It is not a container-engine itself - it uses various other container-engines, notably Docker. ▶ Can create Resources (objects) either via CLI (kubectl) or via YAML/JSON files.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - why would I use it? As an orchestration platform, K8S provides features to make the management, maintenance, and life-cycle of containers easier than using a containers-engine alone. ▶ Horizontal scaling of applications accross containers. ▶ Self-healing by redeploying containers that have crashed. ▶ Automated rollout of container updates, and rollbacks if failures detected. ▶ Provides for service discovery across applications with cluster DNS names and IP addresses, and load balancing capabilities with these.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...but what about Docker Swarm? ▶ Both have their pros and cons as a choice of orchestration platform... ▶ Docker Swarm is seen as a simpler platform - provides compatibility with existing Docker APIs, and Docker Compose. ▶ Docker is not strictly open source... ▶ K8S is considered to be more flexible, with more features and multi container-engine support, but is seen as more complex. ▶ K8S backing from hosted platforms such as Google Cloud Platform, and the experience of Google running containers, and it’s open source nature, all contribute to its popularity.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Clusters Containerised-applications are deployed with K8S into highly available Clusters. ▶ Clusters run over several computers called Worker Nodes, that are connected to work as a single unit. ▶ Containerised applications are automatically distributed among the Worker Nodes at deploy time. ▶ A Master Node manages the cluster - coordinating scheduling, scaling, and rolling updates.
Master and Worker Nodes . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Deployments To run a containerised-application in a cluster, a Deployment configuration is used. ▶ The Deployment describes how K8S should create and update application instances. ▶ The K8S Master uses this to schedule the instances onto the Worker Nodes.
Creating a Deployment . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Pods A Pod is an abstraction that represents a group of one or more application containers and shared resources. ▶ Pods are the atomic unit on the Kubernetes platform for scheduling in a Cluster. ▶ Deployments create Pods, with containers running inside those Pods. ▶ The Pods are scheduled on the Worker Nodes, and remain on their assigned Nodes until termination. ▶ Worker Nodes can run several Pods.
Deployments create Pods . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ConfigMaps ConfigMaps decouple configuration from images for container portability... apiVersion: v1 data: game.properties: | enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAS secret.code.allowed=true secret.code.lives=30 ui.properties: | color.good=purple color.bad=yellow allow.textmode=true how.nice.to.look=fairlyNice kind: ConfigMap metadata: creationTimestamp: 2016-02-18T18:52:05Z name: game-config namespace: default resourceVersion: "516" selfLink: /api/v1/namespaces/default/configmaps/game-config uid: b4952dc3-d670-11e5-8cd0-68f728db1985
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Secrets A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. ▶ Saving credentials in a Secret rather than a Pod provides more control over how it is used, and reduces the risk of accidental exposure. ▶ A secret can be used with a Pod in two ways: as files in a mounted Volume, or used by kubelet when pulling images for the Pod.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Describing Secrets $ kubectl get secrets NAME TYPE DATA AGE db-user-pass Opaque 2 51s $ kubectl describe secrets/db-user-pass Name: db-user-pass Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password.txt: 12 bytes username.txt: 5 bytes
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using Secrets in a Pod apiVersion: v1 kind: Pod metadata: name: secret-env-pod spec: containers: - name: mycontainer image: redis env: - name: SECRET_USERNAME valueFrom: secretKeyRef: name: mysecret key: username - name: SECRET_PASSWORD valueFrom: secretKeyRef: name: mysecret key: password restartPolicy: Never
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Worker Nodes The Worker Node above is running several Pods - each Pod runs one or more Containers, and encapsulates resources such as storage volumes. ▶ Each Pod has a Cluster IP address. ▶ Docker-engine is installed and running as the container-engine on the Node. ▶ A kubelet agent is also running on the Node - this is used to talk to the Master Node.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Cluster Storage There are persistent and non-persistent methods for storing data in clusters. ▶ Data can be either stored in the container, or mounted into the container from the Worker Node - this data is non-persistent. ▶ To store persistent data, network file storage (NFS) should be used. ▶ To attach an NFS volume to a Pod, a Persistent Volume Claim (PVC) is specified as part of the Deployment. ▶ A PVC will attach a Persistent Volume (PV) to the cluster, which can be mounted to any Pod.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Services A Service is a logical set of Pods and a policy to access them - they are used to expose your pods to access from outside the cluster
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Services ▶ Cluster IP: Default option. The Service uses an internal IP only accessible within the cluster. ▶ NodePort: A Service is accessed using the IP address of the Worker Node. ▶ LoadBalancer: A Service is accessed using an external LoadBalancer with a seperate extermal IP address. ▶ ExternalName: A Service is accessed using an a name defined in a CNAME record in DNS.
Creating Services . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ingress An Ingress is an API object that manages external access to the services in a cluster, typically via HTTP. Ingress can provide load balancing, SSL termination, and name-based virtual hosting. ▶ The Ingress Object contains rules to specify how external inbound traffic can reach services using URLs. ▶ These rules are defined in an Ingress Resource. ▶ The Ingress Resource is provided to the Ingress Controller, which uses a LoadBalancer to manage incoming traffic against the rules. ▶ Essentially an easy way of combining services exposed via a LoadBalancer, and path matching against URLs for different services!
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ingress Resource apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: foo.bar.com http: paths: - path: /foo backend: serviceName: s1 servicePort: 80 - path: /bar backend: serviceName: s2 servicePort: 80
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Labels Labels are key:value pairs that can be applied to objects to provide logical groupings - labels are then used with selectors to apply logical operations.
Using Labels . . . . . . . . . . . . . . . . . . . .
K8S Architecture The architecture can be viewed in two parts: components that run on a Master Node, and those that run on the Worker Nodes (minions). . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K8S Architecture - Master Nodes ▶ Kube Controller Manager: Runs common controllers for Nodes, Routes, Services, and Volumes. ▶ Cloud Controller Manager: Runs separate processes for KCM controllers that contain cloud-vendor specific implementations. ▶ kube-apiserver: K8S brain - hub of communications between Masters and Workers. Also receives kubectl commands. ▶ etcd: A key:value database that stores all the information for current and desired state of clusters. ▶ kube-scheduler: Based on workload, schedules upon which Worker Nodes that Pods should run.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K8S Architecture - Worker Nodes ▶ kubelet: Effectively the K8S agent running on each node, for communication with the apiserver on the Master - implements Node and Pod APIs, and initialises a Worker. ▶ kube-proxy: A network proxy that is used to implement service backends in K8S, providing appropriate traffic routing to virtual-IPs of backend services via iptables configurations. ▶ Docker: Out of the box, docker-engine is running as the container engine implementation.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helm The package manager for Kubernetes...
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helm - what is it? Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application. ▶ A Helm Chart is in effect a package of different Kubernetes objects (deployments, services, routes, etc.) that can deploy an entire software stack into a cluster with one command. ▶ Developers can write Helm Charts, version them, and then publish them to a repository for sharing with the wider community. ▶ Developers install a Helm Client onto the local machine, and use it to install a Tiller into the target cluster - Tiller both installs and manages Charts in your cluster as Releases.
Helm: Installing and Deploying helm init configures the CLI, and installs Tiller into the cluster. Helm has not only created the Deployment, but also a ConfigMap and two Services! . . . . . . . . . . . . . . . . . . . .
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Istio An open platform to connect, manage, and secure microservices. A Google - IBM collaborative project.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Istio - what is it? Istio can be used to overlay useful networking fea- tures on top of services deployed with Kubernetes using a service mesh. ▶ It enables load balancing, service-to-service authentication and monitoring without any changes required to the service code. ▶ Istio is built upon the Envoy proxy to mediate traffic between different services. ▶ A sidecar container is deployed into each Pod in the Cluster, and any ingress/egress traffic for the Pod is routed through this sidecar into the service mesh.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Architecture ▶ Pilot: Provides service-discovery, traffic management and routing between sidecars within the Cluster. ▶ Mixer: Responsible for enforcing access control policies over the service mesh, and reporting telemetry metrics. ▶ Istio-Auth: Provides service-to-service and end-user authentication with mutual TLS using built-in identity and credential management.
Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The End Thank you! Acknowledgements: Alan Panayotov Ruairi Hayes Kubernetes: https://kubernetes.io/ K8S vs. Docker Swarm: https://nickjanetakis.com/blog/ docker-swarm-vs-kubernetes-which-one-should-you-learn Helm: https://helm.sh Helm Minecraft Chart: https://github.com/ kubernetes/charts/tree/master/stable/minecraft Istio: https://istio.io/ Cork Open Technologies Meetup: https://www.meetup.com/Cork-OpenTechnology/ Cork Open Technologies Twitter: https://twitter.com/CorkOpenTech

More Related Content

What's hot (20)

PDF
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
PPTX
Kubernetes
Henry He
 
PDF
Introduction to Kubernetes Workshop
Bob Killen
 
PDF
Kubernetes - A Comprehensive Overview
Bob Killen
 
PDF
Kubernetes 101
Winton Winton
 
PDF
Kubernetes Basics
Eueung Mulyana
 
PDF
Kubernetes
erialc_w
 
PDF
Kubernetes architecture
Janakiram MSV
 
PPTX
Kubernetes Basics
Rishabh Kumar
 
PPTX
Kubernetes Basics
Antonin Stoklasek
 
PPTX
Kubernetes for Beginners: An Introductory Guide
Bytemark
 
PDF
DevJam 2019 - Introduction to Kubernetes
Ronny Trommer
 
PPTX
Rancher and Kubernetes Best Practices
Avinash Patil
 
PDF
An Introduction to Kubernetes
Imesh Gunaratne
 
PDF
Evolution of containers to kubernetes
Krishna-Kumar
 
PDF
Introduction to Docker Containers - Docker Captain
Ajeet Singh Raina
 
PDF
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Etsuji Nakai
 
PDF
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Edureka!
 
PDF
Intro to Kubernetes
Joonathan Mägi
 
PPTX
Introduction to Helm
Harshal Shah
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
Kubernetes
Henry He
 
Introduction to Kubernetes Workshop
Bob Killen
 
Kubernetes - A Comprehensive Overview
Bob Killen
 
Kubernetes 101
Winton Winton
 
Kubernetes Basics
Eueung Mulyana
 
Kubernetes
erialc_w
 
Kubernetes architecture
Janakiram MSV
 
Kubernetes Basics
Rishabh Kumar
 
Kubernetes Basics
Antonin Stoklasek
 
Kubernetes for Beginners: An Introductory Guide
Bytemark
 
DevJam 2019 - Introduction to Kubernetes
Ronny Trommer
 
Rancher and Kubernetes Best Practices
Avinash Patil
 
An Introduction to Kubernetes
Imesh Gunaratne
 
Evolution of containers to kubernetes
Krishna-Kumar
 
Introduction to Docker Containers - Docker Captain
Ajeet Singh Raina
 
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Etsuji Nakai
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Edureka!
 
Intro to Kubernetes
Joonathan Mägi
 
Introduction to Helm
Harshal Shah
 

Similar to Kubernetes: An Introduction to the Open Source Container Orchestration Platform (20)

PDF
20161027 hands on-gnocchicloudkitty
Claire Gayan
 
PDF
Istio Up Running Using a Service Mesh to Connect Secure Control and Observe 1...
kecketatyz
 
PDF
Immediate download Kubernetes Best Practices 1st Edition Brendan Burns ebooks...
seinersofhia
 
PDF
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB
 
PDF
The Automation Challenge Kubernetes Operators vs Helm Charts.pdf
Ana-Maria Mihalceanu
 
PDF
Production Kubernetes: Building Successful Application Platforms 1st Edition ...
rosiikjenne
 
PDF
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
ShapeBlue
 
PDF
給 RD 的 Kubernetes 初體驗 (EKS version)
William Yeh
 
PPTX
DevOps with Kubernetes and Helm - Jenkins World Edition
Jessica Deen
 
PDF
Production Kubernetes: Building Successful Application Platforms 1st Edition ...
isleymonwuka
 
PDF
Halifax DevOps - Meet-up - July.19 2017
Kyle Bassett
 
PDF
PDF DevOps with OpenShift 1st Edition Mike Hepburn download
xalanaunnuk
 
PPTX
CloudStack EU user group - CloudStack news
ShapeBlue
 
PDF
The Challenges of building Cloud Native Platforms
Mauricio (Salaboy) Salatino
 
PDF
Kubernetes Up Running Dive Into The Future Of Infrastructure Third Edition 3r...
luvoszugrav
 
PDF
Kubernetes Operators Automating the Container Orchestration Platform 1st Edit...
sigemozareer53
 
PDF
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
SlideTeam
 
PDF
Security as Code: DevSecOps Patterns with AWS Bk Sarthak Das
bauenhegbom
 
PDF
Virtual Kubernetes Clusters on Amazon EKS
Jim Bugwadia
 
PDF
Openstack install-guide-apt-kilo
duchant
 
20161027 hands on-gnocchicloudkitty
Claire Gayan
 
Istio Up Running Using a Service Mesh to Connect Secure Control and Observe 1...
kecketatyz
 
Immediate download Kubernetes Best Practices 1st Edition Brendan Burns ebooks...
seinersofhia
 
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB
 
The Automation Challenge Kubernetes Operators vs Helm Charts.pdf
Ana-Maria Mihalceanu
 
Production Kubernetes: Building Successful Application Platforms 1st Edition ...
rosiikjenne
 
Declarative Kubernetes Cluster Deployment with Cloudstack and Cluster API - O...
ShapeBlue
 
給 RD 的 Kubernetes 初體驗 (EKS version)
William Yeh
 
DevOps with Kubernetes and Helm - Jenkins World Edition
Jessica Deen
 
Production Kubernetes: Building Successful Application Platforms 1st Edition ...
isleymonwuka
 
Halifax DevOps - Meet-up - July.19 2017
Kyle Bassett
 
PDF DevOps with OpenShift 1st Edition Mike Hepburn download
xalanaunnuk
 
CloudStack EU user group - CloudStack news
ShapeBlue
 
The Challenges of building Cloud Native Platforms
Mauricio (Salaboy) Salatino
 
Kubernetes Up Running Dive Into The Future Of Infrastructure Third Edition 3r...
luvoszugrav
 
Kubernetes Operators Automating the Container Orchestration Platform 1st Edit...
sigemozareer53
 
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
SlideTeam
 
Security as Code: DevSecOps Patterns with AWS Bk Sarthak Das
bauenhegbom
 
Virtual Kubernetes Clusters on Amazon EKS
Jim Bugwadia
 
Openstack install-guide-apt-kilo
duchant
 
Ad

More from Michael O'Sullivan (6)

PDF
Developing and Operating Microservice-based Applications on Modern Cloud Plat...
Michael O'Sullivan
 
PDF
IBM Hybrid Cloud Integration UCC Talk, 23rd November 2021 - Cloud Application...
Michael O'Sullivan
 
PPT
IBM Cloud UCC Talk, 8th December 2020 - Cloud Native, Microservices, and Serv...
Michael O'Sullivan
 
PDF
Cloud Native Computing: What does it mean, and is your app Cloud Native?
Michael O'Sullivan
 
PPT
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
Michael O'Sullivan
 
PPT
IBM Cloud UCC Talk, 22nd November 2017
Michael O'Sullivan
 
Developing and Operating Microservice-based Applications on Modern Cloud Plat...
Michael O'Sullivan
 
IBM Hybrid Cloud Integration UCC Talk, 23rd November 2021 - Cloud Application...
Michael O'Sullivan
 
IBM Cloud UCC Talk, 8th December 2020 - Cloud Native, Microservices, and Serv...
Michael O'Sullivan
 
Cloud Native Computing: What does it mean, and is your app Cloud Native?
Michael O'Sullivan
 
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
Michael O'Sullivan
 
IBM Cloud UCC Talk, 22nd November 2017
Michael O'Sullivan
 
Ad

Recently uploaded (20)

PPTX
Platform for Enterprise Solution - Java EE5
abhishekoza1981
 
PDF
HiHelloHR – Simplify HR Operations for Modern Workplaces
HiHelloHR
 
PPTX
MiniTool Power Data Recovery Full Crack Latest 2025
muhammadgurbazkhan
 
PPTX
MailsDaddy Outlook OST to PST converter.pptx
abhishekdutt366
 
PDF
Executive Business Intelligence Dashboards
vandeslie24
 
PPTX
Writing Better Code - Helping Developers make Decisions.pptx
Lorraine Steyn
 
PPTX
Comprehensive Guide: Shoviv Exchange to Office 365 Migration Tool 2025
Shoviv Software
 
PDF
Build It, Buy It, or Already Got It? Make Smarter Martech Decisions
bbedford2
 
PPTX
Human Resources Information System (HRIS)
Amity University, Patna
 
PPTX
A Complete Guide to Salesforce SMS Integrations Build Scalable Messaging With...
360 SMS APP
 
PDF
Revenue streams of the Wazirx clone script.pdf
aaronjeffray
 
PPTX
Java Native Memory Leaks: The Hidden Villain Behind JVM Performance Issues
Tier1 app
 
PDF
Understanding the Need for Systemic Change in Open Source Through Intersectio...
Imma Valls Bernaus
 
PDF
Odoo CRM vs Zoho CRM: Honest Comparison 2025
Odiware Technologies Private Limited
 
PDF
GetOnCRM Speeds Up Agentforce 3 Deployment for Enterprise AI Wins.pdf
GetOnCRM Solutions
 
PDF
Streamline Contractor Lifecycle- TECH EHS Solution
TECH EHS Solution
 
PDF
Powering GIS with FME and VertiGIS - Peak of Data & AI 2025
Safe Software
 
PPTX
Migrating Millions of Users with Debezium, Apache Kafka, and an Acyclic Synch...
MD Sayem Ahmed
 
PDF
Mobile CMMS Solutions Empowering the Frontline Workforce
CryotosCMMSSoftware
 
PPTX
An Introduction to ZAP by Checkmarx - Official Version
Simon Bennetts
 
Platform for Enterprise Solution - Java EE5
abhishekoza1981
 
HiHelloHR – Simplify HR Operations for Modern Workplaces
HiHelloHR
 
MiniTool Power Data Recovery Full Crack Latest 2025
muhammadgurbazkhan
 
MailsDaddy Outlook OST to PST converter.pptx
abhishekdutt366
 
Executive Business Intelligence Dashboards
vandeslie24
 
Writing Better Code - Helping Developers make Decisions.pptx
Lorraine Steyn
 
Comprehensive Guide: Shoviv Exchange to Office 365 Migration Tool 2025
Shoviv Software
 
Build It, Buy It, or Already Got It? Make Smarter Martech Decisions
bbedford2
 
Human Resources Information System (HRIS)
Amity University, Patna
 
A Complete Guide to Salesforce SMS Integrations Build Scalable Messaging With...
360 SMS APP
 
Revenue streams of the Wazirx clone script.pdf
aaronjeffray
 
Java Native Memory Leaks: The Hidden Villain Behind JVM Performance Issues
Tier1 app
 
Understanding the Need for Systemic Change in Open Source Through Intersectio...
Imma Valls Bernaus
 
Odoo CRM vs Zoho CRM: Honest Comparison 2025
Odiware Technologies Private Limited
 
GetOnCRM Speeds Up Agentforce 3 Deployment for Enterprise AI Wins.pdf
GetOnCRM Solutions
 
Streamline Contractor Lifecycle- TECH EHS Solution
TECH EHS Solution
 
Powering GIS with FME and VertiGIS - Peak of Data & AI 2025
Safe Software
 
Migrating Millions of Users with Debezium, Apache Kafka, and an Acyclic Synch...
MD Sayem Ahmed
 
Mobile CMMS Solutions Empowering the Frontline Workforce
CryotosCMMSSoftware
 
An Introduction to ZAP by Checkmarx - Official Version
Simon Bennetts
 

Kubernetes: An Introduction to the Open Source Container Orchestration Platform

  • 1. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - An Introduction to the Open Source Container Orchestration Platform Cork Open Technologies Michael J. O’Sullivan - @mjjosullivan 17th April 2018
  • 2. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Before we start... Beware...shipping analogies ahoy!
  • 3. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - what is it? Kubernetes is an open-source system for automating deployment, scaling, and management of container- ized applications. ▶ Abbreviated as K8S or Kube for short. ▶ Kubernetes is Greek for helmsman or pilot. ▶ Originally developed by Google based on the internal Borg cluster management system, and made available as version 1.0 in 2015. ▶ Now open-source and managed under the Cloud Native Computing Foundation (CNCF). ▶ It is not a container-engine itself - it uses various other container-engines, notably Docker. ▶ Can create Resources (objects) either via CLI (kubectl) or via YAML/JSON files.
  • 4. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Kubernetes - why would I use it? As an orchestration platform, K8S provides features to make the management, maintenance, and life-cycle of containers easier than using a containers-engine alone. ▶ Horizontal scaling of applications accross containers. ▶ Self-healing by redeploying containers that have crashed. ▶ Automated rollout of container updates, and rollbacks if failures detected. ▶ Provides for service discovery across applications with cluster DNS names and IP addresses, and load balancing capabilities with these.
  • 5. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...but what about Docker Swarm? ▶ Both have their pros and cons as a choice of orchestration platform... ▶ Docker Swarm is seen as a simpler platform - provides compatibility with existing Docker APIs, and Docker Compose. ▶ Docker is not strictly open source... ▶ K8S is considered to be more flexible, with more features and multi container-engine support, but is seen as more complex. ▶ K8S backing from hosted platforms such as Google Cloud Platform, and the experience of Google running containers, and it’s open source nature, all contribute to its popularity.
  • 6. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Clusters Containerised-applications are deployed with K8S into highly available Clusters. ▶ Clusters run over several computers called Worker Nodes, that are connected to work as a single unit. ▶ Containerised applications are automatically distributed among the Worker Nodes at deploy time. ▶ A Master Node manages the cluster - coordinating scheduling, scaling, and rolling updates.
  • 7. Master and Worker Nodes . . . . . . . . . . . . . . . . . . . .
  • 8. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Deployments To run a containerised-application in a cluster, a Deployment configuration is used. ▶ The Deployment describes how K8S should create and update application instances. ▶ The K8S Master uses this to schedule the instances onto the Worker Nodes.
  • 9. Creating a Deployment . . . . . . . . . . . . . . . . . . . .
  • 10. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Pods A Pod is an abstraction that represents a group of one or more application containers and shared resources. ▶ Pods are the atomic unit on the Kubernetes platform for scheduling in a Cluster. ▶ Deployments create Pods, with containers running inside those Pods. ▶ The Pods are scheduled on the Worker Nodes, and remain on their assigned Nodes until termination. ▶ Worker Nodes can run several Pods.
  • 11. Deployments create Pods . . . . . . . . . . . . . . . . . . . .
  • 12. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ConfigMaps ConfigMaps decouple configuration from images for container portability... apiVersion: v1 data: game.properties: | enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAS secret.code.allowed=true secret.code.lives=30 ui.properties: | color.good=purple color.bad=yellow allow.textmode=true how.nice.to.look=fairlyNice kind: ConfigMap metadata: creationTimestamp: 2016-02-18T18:52:05Z name: game-config namespace: default resourceVersion: "516" selfLink: /api/v1/namespaces/default/configmaps/game-config uid: b4952dc3-d670-11e5-8cd0-68f728db1985
  • 13. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Secrets A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. ▶ Saving credentials in a Secret rather than a Pod provides more control over how it is used, and reduces the risk of accidental exposure. ▶ A secret can be used with a Pod in two ways: as files in a mounted Volume, or used by kubelet when pulling images for the Pod.
  • 14. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Describing Secrets $ kubectl get secrets NAME TYPE DATA AGE db-user-pass Opaque 2 51s $ kubectl describe secrets/db-user-pass Name: db-user-pass Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password.txt: 12 bytes username.txt: 5 bytes
  • 15. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using Secrets in a Pod apiVersion: v1 kind: Pod metadata: name: secret-env-pod spec: containers: - name: mycontainer image: redis env: - name: SECRET_USERNAME valueFrom: secretKeyRef: name: mysecret key: username - name: SECRET_PASSWORD valueFrom: secretKeyRef: name: mysecret key: password restartPolicy: Never
  • 16. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Worker Nodes The Worker Node above is running several Pods - each Pod runs one or more Containers, and encapsulates resources such as storage volumes. ▶ Each Pod has a Cluster IP address. ▶ Docker-engine is installed and running as the container-engine on the Node. ▶ A kubelet agent is also running on the Node - this is used to talk to the Master Node.
  • 17. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Cluster Storage There are persistent and non-persistent methods for storing data in clusters. ▶ Data can be either stored in the container, or mounted into the container from the Worker Node - this data is non-persistent. ▶ To store persistent data, network file storage (NFS) should be used. ▶ To attach an NFS volume to a Pod, a Persistent Volume Claim (PVC) is specified as part of the Deployment. ▶ A PVC will attach a Persistent Volume (PV) to the cluster, which can be mounted to any Pod.
  • 18. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Services A Service is a logical set of Pods and a policy to access them - they are used to expose your pods to access from outside the cluster
  • 19. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Services ▶ Cluster IP: Default option. The Service uses an internal IP only accessible within the cluster. ▶ NodePort: A Service is accessed using the IP address of the Worker Node. ▶ LoadBalancer: A Service is accessed using an external LoadBalancer with a seperate extermal IP address. ▶ ExternalName: A Service is accessed using an a name defined in a CNAME record in DNS.
  • 20. Creating Services . . . . . . . . . . . . . . . . . . . .
  • 21. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ingress An Ingress is an API object that manages external access to the services in a cluster, typically via HTTP. Ingress can provide load balancing, SSL termination, and name-based virtual hosting. ▶ The Ingress Object contains rules to specify how external inbound traffic can reach services using URLs. ▶ These rules are defined in an Ingress Resource. ▶ The Ingress Resource is provided to the Ingress Controller, which uses a LoadBalancer to manage incoming traffic against the rules. ▶ Essentially an easy way of combining services exposed via a LoadBalancer, and path matching against URLs for different services!
  • 22. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ingress Resource apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: foo.bar.com http: paths: - path: /foo backend: serviceName: s1 servicePort: 80 - path: /bar backend: serviceName: s2 servicePort: 80
  • 23. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Labels Labels are key:value pairs that can be applied to objects to provide logical groupings - labels are then used with selectors to apply logical operations.
  • 24. Using Labels . . . . . . . . . . . . . . . . . . . .
  • 25. K8S Architecture The architecture can be viewed in two parts: components that run on a Master Node, and those that run on the Worker Nodes (minions). . . . . . . . . . . . . . . . . . . . .
  • 26. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K8S Architecture - Master Nodes ▶ Kube Controller Manager: Runs common controllers for Nodes, Routes, Services, and Volumes. ▶ Cloud Controller Manager: Runs separate processes for KCM controllers that contain cloud-vendor specific implementations. ▶ kube-apiserver: K8S brain - hub of communications between Masters and Workers. Also receives kubectl commands. ▶ etcd: A key:value database that stores all the information for current and desired state of clusters. ▶ kube-scheduler: Based on workload, schedules upon which Worker Nodes that Pods should run.
  • 27. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . K8S Architecture - Worker Nodes ▶ kubelet: Effectively the K8S agent running on each node, for communication with the apiserver on the Master - implements Node and Pod APIs, and initialises a Worker. ▶ kube-proxy: A network proxy that is used to implement service backends in K8S, providing appropriate traffic routing to virtual-IPs of backend services via iptables configurations. ▶ Docker: Out of the box, docker-engine is running as the container engine implementation.
  • 28. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helm The package manager for Kubernetes...
  • 29. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helm - what is it? Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application. ▶ A Helm Chart is in effect a package of different Kubernetes objects (deployments, services, routes, etc.) that can deploy an entire software stack into a cluster with one command. ▶ Developers can write Helm Charts, version them, and then publish them to a repository for sharing with the wider community. ▶ Developers install a Helm Client onto the local machine, and use it to install a Tiller into the target cluster - Tiller both installs and manages Charts in your cluster as Releases.
  • 30. Helm: Installing and Deploying helm init configures the CLI, and installs Tiller into the cluster. Helm has not only created the Deployment, but also a ConfigMap and two Services! . . . . . . . . . . . . . . . . . . . .
  • 31. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Istio An open platform to connect, manage, and secure microservices. A Google - IBM collaborative project.
  • 32. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Istio - what is it? Istio can be used to overlay useful networking fea- tures on top of services deployed with Kubernetes using a service mesh. ▶ It enables load balancing, service-to-service authentication and monitoring without any changes required to the service code. ▶ Istio is built upon the Envoy proxy to mediate traffic between different services. ▶ A sidecar container is deployed into each Pod in the Cluster, and any ingress/egress traffic for the Pod is routed through this sidecar into the service mesh.
  • 33. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Architecture ▶ Pilot: Provides service-discovery, traffic management and routing between sidecars within the Cluster. ▶ Mixer: Responsible for enforcing access control policies over the service mesh, and reporting telemetry metrics. ▶ Istio-Auth: Provides service-to-service and end-user authentication with mutual TLS using built-in identity and credential management.
  • 34. Kubernetes - An Introduction to the Open Source Container Orchestration Platform Michael J. O’Sullivan - @mjjosullivan Introduction Kubernetes: What and Why Clusters Structure Nodes Deployments Pods Configurations and Secrets Worker Node Structure Storage Services Labels Architecture Helm What is it? Installing and Deploying Istio What is it? Installation and Use Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The End Thank you! Acknowledgements: Alan Panayotov Ruairi Hayes Kubernetes: https://kubernetes.io/ K8S vs. Docker Swarm: https://nickjanetakis.com/blog/ docker-swarm-vs-kubernetes-which-one-should-you-learn Helm: https://helm.sh Helm Minecraft Chart: https://github.com/ kubernetes/charts/tree/master/stable/minecraft Istio: https://istio.io/ Cork Open Technologies Meetup: https://www.meetup.com/Cork-OpenTechnology/ Cork Open Technologies Twitter: https://twitter.com/CorkOpenTech