Kubernetes
Kubernetes (K8s) is an open-source container orchestration platform that automates the deployment, scaling, and management of applications and services across multiple hosts. It was originally designed by Google and is now maintained by the Cloud Native Computing Foundation (CNCF).
K8s provides a framework for containerized applications, allowing them to run and be managed efficiently in a distributed environment. It abstracts away the complexity of infrastructure management, enabling developers to focus on writing and deploying their applications.
At its core, does K8s use a master-worker node architecture. The master node acts as the control plane, managing the cluster and coordinating the scheduling of containers on worker nodes. Each worker node runs a container runtime (like Docker) and hosts the applications and services.
K8s provides advanced features such as container scaling, load balancing, declarative configuration, rolling updates, self-healing, and service discovery. It allows applications to be scaled horizontally, meaning they can be replicated and distributed across multiple nodes to handle increased traffic and ensure high availability.
K8s uses a declarative approach for application deployment, where developers define the desired state of the application in a YAML or JSON configuration file. It continuously monitors the actual state of the containers and ensures they match the desired state, automatically reconciling any discrepancies.
Overall, K8s simplifies the management of containerized applications, making it easier to build, deploy, and scale them across distributed systems, whether on-premises or in the cloud. It has become a leading platform for container orchestration, powering many modern cloud-native applications and microservices architectures.
Manifests
Are written in yaml. Docs for v1.2.
Contexts
Command kubectl |
Description |
---|---|
config get-contexts |
View contexts |
config use-context <context-name> |
Switch context |
config delete-context <context-name> |
Delete context |
Namespaces
A namespace is a virtual cluster that provides a way to divide a physical cluster into multiple virtual clusters.
- The kube-public namespace contains information which can be viewed with the
kubectl cluster-info dump
command. - The kube-system namespace contains information about the Kubernetes system.
- The kube-node-lease namespace contains information about the nodes.
Resource quotas can be set for namespaces.
You can't access most resources from another namespace, exception is services which can be accessed from another namespace: `service-name.namespace-name`.
Resources which can't be put into a namespace:
- Nodes
- PersistentVolumes
kubectl command |
Description |
---|---|
get namespaces |
View namespaces |
get namespaces --show-labels |
View namespaces with labels |
kubens |
View namespaces and see active namespace (install kubens with with brew install kubectx ) |
create namespace <name> |
Create namespace: |
delete namespace <name> |
Delete namespace: |
get all -n <namespace-name> |
View resources in namespace: |
api-resources --namespaced=false |
View resources not in a namespace |
get all --all-namespaces |
View resources in all namespaces |
get resourcequotas |
View resource quotas |
describe resourcequotas <name> |
View resource quota details |
create -f <file> -n <namespace-name> |
Create resource in namespace |
Access
- Role-based access control (RBAC) is used to control access to resources.
Nodes
Master nodes are used to manage the cluster. Worker nodes are used to run applications.
- View nodes: `kubectl get nodes`
Pods
A pod is the smallest unit of deployment in Kubernetes. A pod is a group of one or more containers that share storage and network resources.
- View pods: `kubectl get pods`
- View pods in all namespaces: `kubectl get pods –all-namespaces`
- View logs: `kubectl logs pod [podname]`
- Enter a pod: `kubectl exec -it <pod-name> – /bin/bash`
- Run a command in a pod: `kubectl exec <pod-name> – <command>`
Deployments
A deployment is an abstraction over a pod or a set of pods. It provides a way to declaratively manage pods. ClusterIP is the default service type. It provides a single IP address and DNS name by which pods can be accessed.
- View deployments: `kubectl get deployments`
- Create deployment: `kubectl create deployment <name> –image=<image>`
- Edit deployment: `kubectl edit deployment <name>`
- Delete deployment: `kubectl delete deployment <name>`
- Delete deployment from file: `kubectl delete -f <file>`
- Apply configuration file: `kubectl apply -f <file>`
- Scale deployment: `kubectl scale deployment <name> –replicas=<number>`
- Update deployment: `kubectl set image deployment <name> <container-name>=<image>`
- Rollback deployment: `kubectl rollout undo deployment <name>`
- Pause deployment: `kubectl rollout pause deployment <name>`
- Resume deployment: `kubectl rollout resume deployment <name>`
- View rollout history: `kubectl rollout history deployment <name>`
- View rollout status: `kubectl rollout status deployment <name>`
- View rollout status: `kubectl rollout status deployment <name> –watch`
Replica Sets
Replicaset is managing the replicas of a pod. We typically never work with replica sets directly.
- View replica sets: `kubectl get replicasets`
Services
A service is an abstraction over a set of pods. It provides a single IP address and DNS name by which pods can be accessed. A service can be exposed internally or externally. A service is also a load balancer.
- View services: `kubectl get services`
Ingresses
An ingress is an abstraction over a set of services. It provides a single IP address and DNS name by which services can be accessed. For ingress to work does an ingress controller need to be installed.
- View ingresses: `kubectl get ingresses`
Configuration
Configuration files are used to declaratively manage Kubernetes objects. They have three-four parts:
- apiVersion: version of the Kubernetes API
- metadata: labels, name, namespace
- spec: desired state
- status: created by Kubernetes
## Labels and Selectors Connections are established by using labels and selectors. Labels are key-value pairs that are attached to a deployment. Selectors are used in a service to select a deployment based on labels.
- View labels: `kubectl get pods –show-labels`
ConfigMaps
A config map is a Kubernetes object that stores non-sensitive data in key-value pairs. Config maps are stored in plain text.
Secrets
A secret is a Kubernetes object that stores sensitive data, such as passwords, OAuth tokens, and ssh keys. Secrets are stored in a base64 encoded format.
- Create base 64 encoded string: `echo -n "password" | base64`
- Apply a secret: `kubectl apply -f <file>`
- View secrets: `kubectl get secrets`
- View secret details: `kubectl describe secret <name>`
- Decode a base64 encoded string: `echo -n "cGFzc3dvcmQ=" | base64 –decode`
Volumes
A volume is a directory that is accessible to all containers in a pod.
Persistent Volumes
Persistent volumes (PV) are used to store data in a pod. Persistent volumes are not deleted when a pod is removed. In practice is a PV only an abstraction over an actual storage device.
- Persistent volume claims (PVC) are used to request a persistent volume.
Helm
Minikube
- Start minikube: `minikube start`
- Stop minikube: `minikube stop`
- Delete minikube: `minikube delete`
- View minikube IP: `minikube ip`
- Expose external service (LoadBalancer): `minikube service <name>`
Azure
The Azure CLI is a command-line tool that allows developers and administrators to manage and interact with Azure resources and services. With the Azure CLI, users can manage Azure resources directly from the command line without the need for a graphical interface.
Use the -o table
option with the commands to get output as a table instead of json.
Command az |
Description |
---|---|
extension list |
List extensions |
extension add --name [name] |
Add extension |
provider list |
List resource providers |