Kubernetes for Cloud-Native Environments

Agenda
• Kubernetes
✓Introduction
✓Architecture
✓Components
✓Hands-On Demo

Kubernetes
• Open source container orchestration tool
• Developed by Google
• Helps manage containerized applications
Official definition of Kubernetes:

Why Kubernetes?
• What Problems does Kubernetes solve?
• What are the tasks of an orchestration tool?

Why Kubernetes?
• Trend from Monolithic arch to Micro-Services arch
Need for container orchestration tool
App App
App
App
App
Micro Service A
Micro Service B
Micro Service C
Micro Service E
Micro Service D
Mod 1 Mod 2
Mod 3 Mod 4
App
Monolithic

Kubernetes - Features
• High Availability or no downtime
• Scalability or high performance
• Disaster recovery – backup and restore
What features do orchestration tools offer?

Kubernetes - Architecture
Node Node Node
Control Plane
Primary “node” agent

Kubernetes - Processes
API Server: Entry-point to K8s cluster
Control
Plane
CLI
API
UI
API SERVER

Control
Plane
Controller Manager
Scheduler
Controller manager: keeps track of whats
happening in the cluster
Scheduler: ensure pods placement
API SERVER
30% used 70% used

Control
Plane
Controller Manager
Scheduler
API SERVER
etcd
etcd: Kubernetes backing store

Virtual Network: creates one unified machine
Control
Plane
Controller Manager
Scheduler
API SERVER
etcd
Virtual Network

Kubernetes – Master Redundancy
Control Plane Nodes
Handful of master processes
Control
Plane
Controller Manager
Scheduler
API SERVER
etcd
Worker Nodes
Higher workload
Much bigger and more resources

Kubernetes – Master Redundancy
Control Plane Nodes
Handful of master processes
Much more important
Worker Nodes
Higher workload
Much bigger and more resources
Control
Plane
Controller Manager
Scheduler
API SERVER
etcd
Control
Plane
Controller Manager
Scheduler
API SERVER
etcd

Kubernetes Components
• Pod
• Service
• Ingress
• ConfirgMap
• Secret
• Deployment
• StatefulSet

Pod
• Smallest unit of Kubernetes
• Abstraction over container
• Usually 1 application per pod
• Each pod gets its own IP address
• New IP address on re-creation
Node
IP
IP
MY-APP

Service
• Permanent IP address
• Lifecycle of Pod and Service not connected
Node
IP
SERVICE
MY-APP

Service
http://node-ip:port
App should be accessible through browser
Node
IP
SERVICE
MY-APP
EXTERNAL SERVICE
DB SERVICE

Service
Node
IP
SERVICE
MY-APP
EXTERNAL SERVICE
DB SERVICE
http://db-service-ip:port
INTERNAL SERVICE

Service
http://124.89.101.2:8080
Node
IP
SERVICE
MY-APP
EXTERNAL SERVICE
DB SERVICE
http://db-service-ip:port
INTERNAL SERVICE

Ingress
http://my-app.com
Node
IP
SERVICE
MY-APP
INGRESS
DB SERVICE
INGRESS

Component?
Database URL usually in the built application!!
Node
IP
SERVICE
MY-APP
DB SERVICE
INGRESS
Pull it in to the Pod
Push it to repo
Re-Build
Mongo-DB

ConfigMap
ConfigMap is for non-confidential data only!
Database URL usually in the built application!!
Node
IP
SERVICE
MY-APP
DB SERVICE
ConfigMap
Mongo-DB
Mongo-user
Mongo-pwd
DB_URL = Mongo-DB
Map map = new HashMap<>();
map.put(“DB_URL”, “http://mongoDB.jswsteel.vasind.bits.edu”);
map.put(“WS_EndPoint”, “http://weatherforecastingdata.gov.in”);
map.put(“NumberOfThreadsAllowed”, 10);

Secret
Used to store secret data
Reference Secret in Deployment
Node
IP
SERVICE
MY-APP
DB SERVICE
ConfigMap
Mongo-DB
Mongo-user
Mongo-pwd
DB_URL = Mongo-DB
Secret
DB_USER = mongo-user
DB_PWD = mongo pwd

Vol
Storage on local machine
Or remote, outside the K8s cluster
PS: Kubernetes does not manage data persistence
Storage
Node
IP
SERVICE
MY-APP
DB
SERVICE
INGRESS
Vol
remote
local

Deployment??
Node
IP
SERVICE
MY-APP
EXTERNAL SERVICE
DB SERVICE

Deployment??
Permanent IP
Load balancer
Node
IP
SERVICE
MY-APP
EXTERNAL SERVICE
DB
SERVICE
Node
IP
SERVICE
MY-APP

Deployment
Blueprint for “MY-APP” Pods
Create “Deployments”
Node
IP
SERVICE
MY-APP
DB
SERVICE
Node
IP
SERVICE
MY-APP

Deployment
DB can not be replicated via Deployment
Node
IP
SERVICE
MY-APP
DB
SERVICE
Node
IP
SERVICE
MY-APP
DB

StatefulSet
For Stateful apps
Node
IP
SERVICE
MY-APP
DB
SERVICE
Node
IP
SERVICE
MY-APP
DB

Deployment for Stateless apps
StatefulSet for StateFUL apps or databases
Node
IP
SERVICE
MY-APP
DB
SERVICE
Node
IP
SERVICE
MY-APP
DB

Kubernetes - Configuration
• JSON
• YAML
Control
Plane
CLI
API
UI
API SERVER

Kubernetes - Configuration
• Declarative
• Is == Should
Control
Plane
CLI
API
UI
API SERVER
Controller Manager
Controller Manager checks:
Desired state == actual state?

Kubernetes Configuration
• Each Configuration file has 3 parts:
• Metadata
• Specification
• Status
Deployment Service

• Metadata
• Specification
• Status
Deployment Service
Attributes of
“Spec” are specific
to the “kind”

• Metadata
• Specification
• Status : K8s updates the state continously
Deployment Desired? Vs Actual?

Control
Plane
Controller Manager
Scheduler
API SERVER
etcd
Where does K8s get this status data?
etcd: Kubernetes backing store
Provides the Status information

Production Cluster
• Multiple Master and Worker nodes
• Separate Virtual or Physical machines

Test/Local Cluster Setup
• Master and Node processes run on One machine
• Minikube
• Micro K8s

mongo-configmap.yaml and mongo-secret.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mongo-config
data:
mongo-url: mongo-service
apiVersion: v1
kind: Secret
metadata:
name: mongo-secret
type: Opaque
data:
mongo-user: bW9uZ291c2Vy
mongo-password: bW9uZ29wYXNzd29yZA==

Mongo.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mongo-deployment
labels:
app: mongo
spec:
replicas: 1
selector:
matchLabels:
app: mongo
template:
metadata:
labels:
app: mongo
spec:
containers:
- name: mongodb
image: mongo:5.0
ports:
- containerPort: 27017
env:
- name: MONGO_INITDB_ROOT_USERNAME
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-user
- name: MONGO_INITDB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-password
---
apiVersion: v1
kind: Service
metadata:
name: mongo-service
spec:
selector:
app: mongo
ports:
- protocol: TCP
port: 27017
targetPort: 27017

Webapp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: webapp-deployment
labels:
app: webapp
spec:
replicas: 1
selector:
matchLabels:
app: webapp
template:
metadata:
labels:
app: webapp
spec:
containers:
- name: webapp
image: nanajanashia/k8s-demo-app:v1.0
ports:
- containerPort: 3000
env:
- name: USER_NAME
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-user
- name: USER_PWD
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-password
- name: DB_URL
valueFrom:
configMapKeyRef:
name: mongo-config
key: mongo-url
---
apiVersion: v1
kind: Service
metadata:
name: webapp-service
spec:
type: NodePort
selector:
app: webapp
ports:
- protocol: TCP
port: 3000
targetPort: 3000
nodePort: 30100

• Kubectl get node
• Kubectl apply –f mongo-configmap.yaml
• Like wise apply – mongo-secret.yaml, mongo.yaml, webapp.yaml
• Kubectl get deployments
• Kubectl get pods
• Kubectl get services
• Kubectl get all
• Kubectl describe service webapp-service
• Kubectl delete service <service-name>
• Kubectl delete deployment <deployment-name>
• Kubectl delete configmap <configmap name>
• Kubectl delete secret <secret-name>
Use private IP of any of the nodes to access the app!!

Kubernetes for Cloud-Native Environments

More Related Content

Similar to Kubernetes for Cloud-Native Environments (20)

Recently uploaded (20)

Kubernetes for Cloud-Native Environments