Kubernetes


1. Design
=========

API -> Primitives (Building Blocks) for 
1. deploy 
2. maintain 
3. scale 
apps. 

1.1 Pod
=======

* Scheduling unit
* Pod = 1+ co-located containers. and options how container(s) should run
* Pod has unique IP within cluster. 
* Can be managed by Kubernetes API or controller. 
* they share storage, Linux namespace, IP address
* ephemeral and disposable
* States : pending, running, succeeded, failed, CrashLoopBackOff

1.2 Labels, Selectors and namespace
===================================

Labels

* Key-Value pair
* attached to pod and node
* grouping mechanism 

Selectors

1. Equality based selector (= and !=)
2. Set based selector (IN, NOT IN, EXISTS)

Namespace

Multiple virtual cluster backed by same physical cluster. 
To divide cluster resources among multiple user using cluster quota. 
K8S has default namespace


1.3 Controllers
===============

* Manage a set of podes as per "Labels and Selector"
* reconciliation loop drive cluster state from actual to desirable 
* Benefits
1. App Reliability
2. Scalling
3. Load Balancing
E.g 
1. Replication controller: to scale up and down. Maintain correct number of pods. Now it replaces by Deployment Controller and raplicaset. 
2. Deployment controller : Declarative updates (YAML file) for pods and replica set. It updates PodTemplateSpec. So new Replicaset is created with new version of pod. If not OK, rollback to old Replicaset. 
3. Daemonset controller to run 1 pod on 1 node, 
4. Job controller 
5. endpoints controller, joins service and pod together,
6. namespace controller, 
7. service accounts and token controller for access mgmt
8. Node controller to manage worker states.


* Kind of controllers
Replicasets
Deploymnets
DaemonSet
Jobs
Services 


1.4 Services
============

* set of pods works together, E.g. tier in multi-tier
* set defined by labels & selector.
* service discovery by Kubernetes

2. Architecture
===============

* Master-slave

Master node is controlled by kubectl
Kubectl has kubeconfig file that stores : server information, authentication information to access API server
For production, min 3 node cluster. 


2.1 C-plane
===========

2.1.1 etcd
==========

* key value data store
* configuration data of cluster
* represent overall state of cluster
* other components monitors changed at etcd
* it stores : job scheduling info, pod details, storage information etc.

2.1.2 API server
================

* JSON over HTTP
* Validate REST request and update API objects's state at etcd
* so client can configure workloads, containers across the worker nodes

2.1.3 Schedular
===============

* plugable 
* match resource "supploy" to workload "demands"
* select nod to run pod
* inputs
- resource availability
- resource utilization
- resource requirement
- QoS
- afinity requirements
- anti-afinity requirements
- data locality 
- policy
- user specification 

2.1.4 controller manager
========================
* process to run (1) Daemonset controller (2) Replication controller and many more as per section 1.3
* communicate with API server to create, update, delete (1) pod, (2) service end points (3) etc.

2.2 Kubernetes Node
===================

= Worker = Minion 
* run container runtime. e.g Docker and below components

2.2.1 Kubelet (K8S Node Agent) 
=============

* hearbeat for health of node.
* it communicate with API server to see if the pod is to be run on this node. 
* If yes, it executes pod containers via container engine
* it mounts and run pod secrets and volumes. 
* it respond back the pod and node states to API server, after health check ( / master node) 
It used Podspec YAML file, that describe a pod
API Server / HTTP endpoint / File

2.2.2 Kube-proxy
================

* n/w proxy + load balancer
* route to container based on IP + port
* Process on all worker node
* 3 modes
1. User space mode
2. iptables mode
3. ipvs mode



2.2.3 cAdvisor
==============

Agent to collect resource usage. 

2.2.4 container tooling 
=======================

e.g. Docker

2.2.5 supervisord
=================

Restart component, as and when needed. 


Other alternatives
==================

  1. Docker Swarm
  2. Kubernetes To get started : kubernetes.io
  3. Mesos Marathon
  4. Amazon ECS (Amazon EC2 container service)
    1. Task == Pod
    2. It has its own repository. 
    3. Task can be part of CloudFormation stack. Task, Queue, EC2 Volume all together in CloudFormation to start and to cleanup
    4. To get started https://aws.amazon.com/ecs/
  5. AWS Fargate https://aws.amazon.com/fargate
  6. Google Kubernetes Engine (^L = clear = cls at Google Cloud Shell)
  7. Microsoft Azure Kubernetes Services (AKS)
  8. Hashicorp Nomad
  9. Cloud Foundry
  10. Rackspace
  11. Oracle Cloud Infrastructure 
  12. Docker Compose : Single machine. Not for large scale. With one command, "docker compose up" it will bring up : containers, volumes, networks
  13. Rancher
  14. Nomad


To get started : kubernetes.io