Kubernetes (K8s): Orchestration & Resource Management

Questions and Answers

What is the primary function of Kubernetes?

• Automating deployment, scaling, and management of containerized applications (correct)
• Designing new programming languages
• Managing network infrastructure
• Creating virtual machines

In Kubernetes, what is a node?

• A virtual network
• A single container instance
• A storage volume
• A physical or virtual machine (correct)

Which of the following best describes 'Orchestration' in the context of a multi-host environment?

• The manual configuration of network settings
• The automated coordination, management, and organization of tasks and services (correct)
• The process of data encryption
• The physical layout of server racks

What is the function of 'Resource Management' in a Kubernetes environment?

Coordinated and efficient allocation, scheduling, and control of computational resources (C)

What is a 'container' in the context of Kubernetes?

A standardized unit of software (C)

What underlying infrastructure does the docker provide for clusters?

Docker provides OS for clusters (B)

What is the purpose of grouping containers into logical units?

To facilitate easy management and discovery (A)

What does Native Computing Foundation manage?

Cloud Native Ecosystem (B)

Which of the following is a key difference between Kubernetes and Docker Swarm Mode (DSM)?

Kubernetes is more complex to set up. (B)

What does it mean for Kubernetes to have a 'broader community' compared to Docker Swarm Mode (DSM)?

It benefits from more community support and resources (C)

Which of the following is a declarative deployment?

Objects (C)

What is the purpose of the control plane?

Application/cluster state reconciliation (D)

What Kubernetes component is responsible for managing and scheduling workloads?

The Control Plane (C)

In Kubernetes architecture, what is the role of Worker Nodes?

Running actual workloads in containers (B)

What is 'etcd'?

Consistent and highly-available key value store (C)

What is a primary function of the kube-scheduler component in Kubernetes?

Selecting a node for newly created pods (A)

What is the role of a 'Node controller'?

Noticing when nodes go down (D)

What is a 'replication controller' responsible for?

Maintaining the correct number of pods (C)

What is the primary role of the kubelet in a Kubernetes node?

Local control plane agent, executing and monitoring containers (D)

What is the primary function of kube-proxy?

It implements part of the Service concept (B)

What is the main function of a Container runtime?

Running the containers (D)

What is the meaning of 'Desired State'?

Application you want to run and containers they use (B)

In Kubernetes, what is the role of 'Controllers'?

To manage cluster to match the desired state (B)

What is the function of a Kubernetes object?

A record of intent (B)

In Kubernetes, what do abstractions typically represent?

The state of the system, usually application components (C)

What is the purpose of Kubernetes labels?

To assign metadata and select actions (D)

What is kubectl used for?

Is the tool for object management (C)

What are the State-Focused characteristics?

Define what that system should look like (B)

What is minikube?

A lightweight Kubernetes implementation (A)

What is the function of addons?

Implement cluster features (C)

What is the main purpose of Kubernetes namespaces?

To organize and manage resources within a cluster (A)

What objects need to be unique?

Names need to be unique within namespace (D)

Which kubectl command is use to check available namespace?

kubectl get namespaces (D)

What objects can ConfigMap inject data into?

Containers (C)

What is the main purpose of a ConfigMap in Kubernetes?

To store non-sensitive configuration data (A)

For what use cases are Kubernetes Services designed?

Load balance the requests (A)

In Kubernetes, what is a Service selector used for?

To determine which Pods the Service targets (C)

Which service assign a service inside your cluster that other apps can access?

ClusterIP (D)

What is ExternalName service for?

To reference endpoints OUTSIDE the cluster (A)

What's the domain form?

..svc.cluster.domain. (B)

What is the main advantage of using Kubernetes for containerized applications?

It automates deployment, scaling, and management. (C)

In Kubernetes, what is the role of a 'node'?

A machine where containerized applications run. (A)

What is the purpose of 'orchestration' in the context of multi-host environments?

Automated coordination, management, and organization of tasks and services. (D)

What does 'resource management' in Kubernetes primarily focus on?

The coordinated and efficient allocation, scheduling, and control of resources. (A)

In Kubernetes, what does a 'container' typically encapsulate?

A single application along with its dependencies. (C)

What is the main goal of grouping containers into 'logical units'?

For easier management and discovery of application components. (D)

What is a 'declarative deployment' in Kubernetes?

Describing the desired state of an application or cluster. (D)

What is the function of the Kubernetes control plane?

Managing and scheduling workloads. (B)

In Kubernetes architecture, what executes the actual workloads in the form of containers?

Worker Nodes. (B)

What is stored in etcd?

Cluster state data and object definitions. (B)

What is the kube-scheduler responsible for?

Assigning newly created Pods to Nodes. (D)

What is the primary role of kubelet?

Enforces the desired state of the pod. (D)

What is the role of a Container runtime?

Running containers. (B)

What does the term 'Desired State' refer to in Kubernetes?

How the cluster should look and function. (B)

What is the role of 'Controllers' in maintaining the 'Desired State'?

Attempting to move current state to match desired state.. (C)

What is the general purpose of a Kubernetes object?

It represents the state of the application's component. (A)

What do Kubernetes abstractions typically represent?

Application's components. (B)

What is the use of labels in Kubernetes?

For organizing objects. (C)

What is kubectl?

The Kubernetes CLI tool. (D)

What is the general function of Kubernetes addons?

Implement cluster features. (D)

Why are Kubernetes namespaces used?

To organize and manage resources. (C)

Within a single namespace, what needs to be unique?

Resources names among themselves. (A)

What command lists available namespaces?

kubectl get namespaces (C)

What is the main feature of ConfigMaps in Kubernetes?

Store non-sensitive configuration data separate from application code. (D)

What can ConfigMaps be injected into?

Containers. (B)

Kubernetes Services are primarily used by which entities to access your application?

Designed for the endpoints in your your cluster. (A)

What do Kubernetes Service selectors primarily define?

Which Pods are targeted by a Service. (A)

Which Kubernetes Service type assigns a service inside your cluster that other applications can access?

ClusterIP. (A)

What is the purpose of the ExternalName service in Kubernetes?

Provides a way to reference external endpoints. (C)

What is the correct format for domain names?

<Stateful Name>-<ordinal>.<service name>.<namespace>.svc.cluster.local. (B)

What does Kubernetes automate in addition to deployment and scaling?

Application management (A)

What is the Kubernetes term are multiple machines referred to as?

Nodes (D)

In Kubernetes, what does grouping containers into logical entities facilitate?

Easier management and discovery (B)

What is a characteristic of Kubernetes relative to Docker Swarm regarding community support?

Broader community support (A)

What happens during Desired State reconciliation?

The cluster state is constantly monitored and corrected to match desired state (D)

In Kubernetes, what are the worker machines responsible for?

Running containerized workloads (A)

What watches for newly created pods without an assigned node?

kube-scheduler (B)

What is a key function of the Node controller?

Monitoring node status and reacting to node failures (A)

What does a Kubernetes object represent?

A desired state for the cluster or its workloads (B)

Why are Kubernetes labels used?

Organizing and selecting Kubernetes objects (B)

What does Kubernetes ConfigMaps allow you to do?

Separate configuration from application code (C)

What are Kubernetes Services designed primarily to do?

Enable network access to applications (D)

What does the Kubernetes Service selector define?

Pods to which the service directs traffic (D)

For internal cluster communications, which Kubernetes Service type should you use?

ClusterIP (D)

What is the correct structure of a domain?

example.com (A)

What is the primary benefit of using Kubernetes for managing containerized apps?

Simplified scalability and management (C)

Within a Kubernetes namespace, what type of object name needs to be unique?

Resource names (D)

Flashcards

Orchestration

Automated coordination, management, and organization of tasks across multiple distributed computing nodes.

Resource Management

Coordinated and efficient allocation, scheduling, and control of resources across multiple computational nodes.

Kubernetes (K8s)

An open-source system for automating deployment, scaling, and management of containerized applications.

Routing Rules

Describes how external HTTP/HTTPS traffic is routed to services.

Name-based virtual hosting

A technique used by web servers to host multiple websites on a single IP address.

maxSurge

The number of Pods that can run above the desired number of replicas during an update.

maxUnavailable

Controls how many Pods can be unavailable (not running or ready) during a rolling update.

Controller

Is a process that watches the shared state of the cluster and moves the current state towards the desired state.

Kube-apiserver

Exposes the Kubernetes API and is the front end for the Kubernetes control plane.

etcd

Consistent and highly-available key value store that holds object definitions.

kube-scheduler

Watches for newly created containers with no assigned node, and selects a node to run them on.

Kubelet

Local control plane agent that executes and monitors containers.

Kube-proxy

Network proxy that implements part of the Service concept.

PersistentVolume

A low-level storage resource that is created by a cluster administrator.

PersistentVolumeClaim

A request for storage.

StorageClass

A way for users to request storage resources without knowing the details of the underlying storage infrastructure.

Kubernetes Service

An abstraction that defines a logical set of identical pods and a policy to access them.

ClusterIP

Is the default Kubernetes service. It gives you a service inside your cluster that other apps inside your cluster can access

NodePort

Extends the ClusterIP service by exposing a port on every node's IP.

ExternalName

Used to reference endpoints OUTSIDE the cluster.

kube-dns

Minikube provides an implementation of a dns.

Service DNS resolution

Pods exposed by a Service have the following DNS resolution available. ...svc.

Declarative service model

K8s uses a declarative approach to let you define the desired state of the various services in your application stack

Desired State Reconciliation

the controller plane constantly monitors the cluster state and reconciles any differences between the actual state and your expressed desired state.

Cluster State

When we talk about cluster state, we mean 1. the state of the nodes that constitute the cluster and 2. the state of all applications running within the cluster.

Study Notes

Topic Subtitle

• Kubernetes groups containers that constitute an application together into logical units for easy management and discovery
• The focus is not on single containers, but objects with different granularities within them
• Kubernetes includes objects and API extensions where you can customize to manage new things

What is Orchestration?

• Orchestration refers to the automated coordination
• It is the management, and organization of tasks and services across multiple distributed computing nodes
• It ensures these components work together to achieve a desired functionality or workflow

What is Resource Management?

• It refers to the coordinated and efficient allocation, scheduling, and control of resources
• Resources include CPU time, memory, storage, and network bandwidth across multiple computational nodes.

What is Kubernetes (K8s)?

• (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications
• Containerized applications run across multiple machines referred to as nodes
• K8s builds upon 15+ years of experience running production workloads with ideas and best practices from the community
• K8s uses docker for clusters of machines and abstracts away the underlying infrastructure, OS for clusters
• K8s has a cloud-native ecosystem that is managed by the Cloud Native Computing Foundation

Important Note

• In this presentation, workload and application are are synonymous

K8s vs Docker Swarm Mode (DSM)

• K8s is more complex than Docker Swarm to setup
• K8s is a CNCF project with a broader community, and it is production-ready
• K8s has a steeper learning curve
• K8s is able to work with multiple container runtimes

Kubernetes Features that DSM Does Not

• Scheduler
• Stateful sets
• etc

Docker Swarm Features

• DSM has limited fault tolerance
• DSM integrates smoothly with the Docker CLI and Docker Compose

Kubernetes Scaling

• K8s provides autoscaling at the container and even the node level, while DSM scaling is only manual

Kubernetes API

• K8s has general and extensible API

Two Types of State

• K8s has a declarative service model lets you define the desired state of the various services in your application stack
• K8s monitors the cluster state and reconciles differences between the actual state and your expressed desired state

Kubernetes Technical Functionalities

• Manage different types of workloads for flexibility
• Includes multi-host Networking, Service Discovery, and Load Balancing
• Includes automatic Workload Placement for efficiency
• Implements auto-remediation for fault tolerance, resilience and reliability
• Horizontal and Vertical Scaling for elasticity
• Improved security
• A/B and Canary Deployments for testing

Kubernetes Architecture

• Implements manager-worker architecture
• The Control Plane (manager) is responsible for managing the state of the Kubernetes cluster, scheduling workloads, and handling the overall orchestration
• Worker Nodes (workers) run the actual workloads in the form of containers.
• A Kubernetes cluster is a collection of machines, called nodes, running containers
• The Control Plane Node(s) manage the Worker Nodes and everything that happens within the cluster
• Multiple Control Plane Nodes are used to ensure high-availability and failover capability of the cluster

Kube API Server

• Exposes the Kubernetes API and is the front end for the Kubernetes control plan
• Horizontally scalable

Etcd

• Consistent an highly available key value store that holds object definitions
• Backing store for all cluster data

Kube Scheduler

• It watches for newly created containers with no assigned node to select a node for them to run on, by considering
• Individual and collective resource requirements Hardware and software policy constraints Affinity and anti-affinity specifications

Controller Manager

• Runs controller processes
• Each controller is its own process
• Controller's include: node controller, replication controller and service account/token controllers

Cloud Controller

• Embeds cloud-specific control logic
• Links the cluster into the cloud provider's API, and separates out the components that interact with that cloud platform

Kubelet

• Node component that has the local, control plane agent that executes and monitors containers
• Responsible for workload management

Kube Proxy:

• Node component for Network proxy that implements part of the Service concept
• Creates and maintains network rules on nodes

High Level Kubernetes Tasks

• It makes global decisions about the cluster as well as detecting and responding to cluster and application events
• Control Plane components make the cluster’s current state match the desired state by reacting to events
• Automatically starting or restarting containers or pods
• Scaling the number of replicas of a given application or nodes

Terminology

• Desired state == what you want to run, what container images they use, the number of replicas, what network and disk resources you want to make available, and more
• Users describe the cluster’s desired state via textual descriptions or declarative model Controllers - will automatically manage your cluster to match the desired state

Kubernetes Objects - Abstractions

• Kubernetes objects represent the state of the system and is usually an application's component
• They have volume, a name-space and a node as part of the base objects
• Common elements support any type of workload through higher level abstractions that include: deployment,stateful set, daemon set, replica set and jobs

Key Aspect of Kubernetes Objects

• Kubernetes objects are a record of intent
• Once created, the Kubernetes system will constantly work to ensure that object exists
• By creating an object, tell k8s that you want your cluster's workload to look like and that is your cluster's desired state

Pod

• Basic execution unit of any Kubernetes application, and the smallest and simplest unit in the Kubernetes object model that you create or deploy
• Represents processes/components running on the cluster
• Composed by either a single container or a small number of containers that are tightly coupled and that share resources
• A Pod encapsulates an application’s container (or multiple ones), storage resources, a unique network IP, and options that govern how the container(s) should run

Kubernetes Declarative Model

• The declarative model is a way to describe an object
• It is where you define what the system should look like
• K8s ensures that the cluster matches this state regardless of the current state

Kubernetes Key Tool: Kubectl

• supports 3 kinds of managed objects
  • imperative commands, declarative object configuration and YML, JSON manifest files
• Includes a Kind for Pod, Deployment, Replication Controller, Job, Service
• Includes labels for key values tagged to deployable objects
• Selectable through actions and other declarations
• Specification declares pod configuration that might include fields managed by k8s

Idempotency

• Re-applying the same configuration file does not cause unnecessary changes if the cluster already matches the desired state

Version Control Friendly

• Declarative configurations are written in files, which can be version-controlled, enabling consistent management and tracking of changes, making it automation ready

Minikube Functionalities

• Implements with a local Kubernetes cluster on macOS, Linux, and Windows
• Best tool for local K8S application development and that supports all features that fit
• Runs with support for standard features

Kubernetes Preliminary Steps

• Start minikube with minikube start
• Get list of nodes with kubectl get nodes
• Get the list of available addons with minikube addons list
• Enable Kubernetes Dashboard with minikube addons enable dashboard
• Open the dashboard with minikube dashboard --url
• then, navigate to the dashboard url and check the available namespace with kubectl get namespaces

Kubernetes Addons

• The Addons use Kubernetes resources to implement cluster features
• Resources for addons belong within the kube-system namespace, such as:
• DNS to launch a DNS Pod and Service to resolve DNS names
• A web UI dashboard that allows users to manage and troubleshoot applications and the cluster itself
• Cluster level logging that is responsible saves container logs to a central log store

Kubernetes NameSpaces

• They use Kubernetes resources to implement cluster features, and belong located in the kube-system namespace. Some include:
  • DNS: Which Kubernetes uses to to launch a DNS Pod and Service on the cluster, and configures the kubelets to tell individual containers to use the DNS Service's IP to resolve DNS names
  • A Web UI Dashboard, that allow users to manage and troubleshoot applications running in the cluster, as well as the cluster itself
  • And Cluster-level Logging, that is responsible for saving container logs to a central log store with search/browsing interface
• The namespaces provide a scope for applications where Names of resources need to be unique within a namespace, but not across namespaces.

Common NameSpaces:

• the default Namespace
• Any default is for any object without a namespace
• Then, Kube-system acts as the home for objects and resources created by Kubernetes itself
• All objects can be handled through the kube node-lease, which is a special namespace that is readable by all users and is reserved for cluster bootstrapping and configuration.

Exercise 1: Create First Pod

• Start the process by running kubectl run my-pod --image=miciav/hello-go:1.0.0
• Make sure the program worked properly by listing it with, kubectl get pods
• You can also open up an instance the shell from inside the pod, by calling it with kubectl exec -it my-pod -- sh
• Now expose the pod port to the host system with, kubectl port-forward my-pod 8080:8180 and visit in a web browser 127.0.0.1 port, NOTE This is only for debugging and developing purposes To remove, call it with the command: kubectl delete pod my-pod

Declarative Model With Kubernetes

• Start with entering a directory
• Run it: kubectl apply -f 00_es01_nginx_pod.yml
• Use the same command as above to visualize what is going on through: watch kubectl get pods nginx and then kubectl describe pods nginx
• To view the contents open a file or use kubectl exec nginx to print out the environment variables
• Call port forward to have it working in our local system

Update Pod and Create Configuration by using

• kubectl create configmap nginx-data --from-file index.html
• Make sure it works properly by calling it by describing it describe configmaps nginx-data
• Delete a configuration you don't need by, calling with kubectl delete configmaps nginx-data

Description

Kubernetes is an open-source system that automates the deployment, scaling, and management of containerized applications. It groups containers into logical units for easy management and discovery, focusing on objects with different granularities. Kubernetes also includes objects and API extensions for customized management.