Getting Cool With Kube (UNDER CONSTRUCTION) by reselbob

Lesson 1 - Overview of Kubernetes Architecture

Kubernetes Architecture

The Control Plane

etcd

etcd is a persistent, lightweight, distributed, key-value data store developed by CoreOS that reliably stores the configuration data of the cluster, representing the overall state of the cluster at any given point of time. Other components watch for changes to this store to bring themselves into the desired state

API Server

The API server is a key component and serves the Kubernetes API using JSON over HTTP, which provides both the internal and external interface to Kubernetes.The API server processes and validates REST requests and updates state of the API objects in etcd, thereby allowing clients to configure workloads and containers across Worker nodes

Scheduler

The scheduler is the pluggable component that selects which node an unscheduled pod (the basic entity managed by the scheduler) runs on, based on resource availability. Scheduler tracks resource use on each node to ensure that workload is not scheduled in excess of available resources. For this purpose, the scheduler must know the resource requirements, resource availability, and other user-provided constraints and policy directives such as quality-of-service, affinity/anti-affinity requirements, data locality, and so on. In essence, the scheduler’s role is to match resource "supply" to workload "demand"

Controller Manager

The controller manager is a process that runs core Kubernetes controllers like DaemonSet Controller and Replication Controller. The controllers communicate with the API server to create, update, and delete the resources they manage (pods, service endpoints, etc.)

The Other Guys

Kubelet

Kubelet is responsible for the running state of each node, ensuring that all containers on the node are healthy. It takes care of starting, stopping, and maintaining application containers organized into pods as directed by the control plane. Kubelet monitors the state of a pod, and if not in the desired state, the pod re-deploys to the same node. Node status is relayed every few seconds via heartbeat messages to the master. Once the master detects a node failure, the Replication Controller observes this state change and launches pods on other healthy nodes

Container

A container resides inside a pod. The container is the lowest level of a micro-service that holds the running application, libraries, and their dependencies. Containers can be exposed to the world through an external IP address.

Kube-proxy

The Kube-proxy is an implementation of a network proxy and a load balancer, and it supports the service abstraction along with other networking operation. It is responsible for routing traffic to the appropriate container based on IP and port number of the incoming request.

cAdvisor

cAdvisor is an agent that monitors and gathers resource usage and performance metrics such as CPU, memory, file and network usage of containers on each node.

To view the control plane artifacts running in your cluster, type or click:

kubectl get pods -n kube-system

Topology

Lesson 2 - Users, Clusters and Contexts

under construction

Step 1: Clear the screen to get an uncluttered view.

clear

Step 2: Confirm that kubectl and minikube are up and running

What a minute or two. It takes a bit of time for minikube to get up and running in the interactive learning environment.

kubectl version

You should see something like this:

Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3", GitCommit:"721bfa751924da8d1680787490c54b9179b1fed0", GitTreeState:"clean", BuildDate:"2019-02-01T20:08:12Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3", GitCommit:"721bfa751924da8d1680787490c54b9179b1fed0", GitTreeState:"clean", BuildDate:"2019-02-01T20:00:57Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}

Get some general information about the current cluster

kubectl cluster-info

Example Output

Kubernetes master is running at https://172.17.0.74:8443
KubeDNS is running at https://172.17.0.74:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

Clusters and Contexts in Kubernetes

A context binds together a user and a cluster. For example, on this machine there is a cluster named minikube and a user named minikube. The context, minikube bind both together.

To view the configuration file that describes the clusters and context to which this machine can access by executing the following kubectl command:

kubectl config view

Example Output

apiVersion: v1
clusters:
- cluster:
    certificate-authority: /root/.minikube/ca.crt
    server: https://172.17.0.74:8443
  name: minikube
contexts:
- context:
    cluster: minikube
    user: minikube
  name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: minikube
  user:
    client-certificate: /root/.minikube/client.crt
    client-key: /root/.minikube/client.key

To view the current context execute the following kubectl command:

kubectl config current-context

If you want to switch to another context, use the the following command, where CONTEXT_NAME is the name of the context

kubectl config use-context CONTEXT_NAME

Lesson 3 - API Resources and K8S Manifests

cd /root/k8s-4-it-pros/day-1/lesson-03-resources-n-manifests

kubectl api-resources

Lesson 4 - Pods

According to Kubernetes:

"A pod (as in a pod of whales or pea pod) is a group of one or more containers (such as Docker containers), with shared storage/network, and a specification for how to run the containers. A pod’s contents are always co-located and co-scheduled, and run in a shared context. A pod models an application-specific “logical host” - it contains one or more application containers which are relatively tightly coupled — in a pre-container world, being executed on the same physical or virtual machine would mean being executed on the same logical host."

There are two ways to create API Resource objects in Kubernetes, imperatively and declaratively. Let's look at each technique

Create a pod with one container imperatively

Imperative creation is done by issuing a command at the command line. For example the following command will create a pod with the name, pinger with a single container. Type or click:

kubectl run --generator=run-pod/v1 pinger --image=reselbob/pinger:v2.1

Let's see if the pod is running by executing the following command. Type or click:

kubectl get pods

Example Output

NAME     READY   STATUS    RESTARTS   AGE
pinger   1/1     Running   0          12s

To delete the pod, type or click:

kubectl delete pod pinger

Create a pod with one container declaratively

Declarative creation is done using a manfiest file. A manifest file describes the resource to create. A manifest file can be in YAML or JSON format. You create a resource declaratively using the command kubectl apply -f MANIFEST_FILE, WHERE MANIFEST_FILE is the path the manifest file. The following command will create a pod based on the settings it the manifest file, simplepod.yaml. Type or click:

kubectl apply -f ./simplepod.yaml

To view the manifest, type or click:

cat ./simplepod.yaml

Pod creation goes through a number of stages. First, Kubernetes needs to find a node where the pod and the containers in the pod can be stored. Then, container manager takes over and gets the container images defined in the manifest file from the container registry. (DockerHub is the default) Finally, the container will spin up to achieve a status of running.

To determine if the containers in a pod are running, type or click:

kubectl get pods

However, be advised sometimes a container will not be able to spin up for one of a variety of reasons. Then you will need to troubleshoot. The first thing to do is to find out information about the pod and get a sense of how events unfolded. To this, you'll use the kubectl describe command. In this case, because we know the name of the pod is, simplepod, type or click:

kubectl describe pod simplepod

To access the shell of the only container in the pod you just created, simplepod, type or click:

kubectl exec -it simplepod -- sh

Run a command in the shell

printenv

To exit the container's shell and go back to the machine prompt, type or click:

exit

Create a pod with two containers declaratively

kubectl apply -f ./complexpod.yaml

To view the manifest, type or click:

cat ./complexpod.yaml

To access the pinger container, which is one of the two containers in the pod, type or click:

kubectl exec -it complexpod --container pinger -- sh

Run a command in the shell

wget -q -O- localhost:3000

To exit the container's shell and go back to the machine prompt, type or click:

exit

Lesson 5 - Deployments

under construction

Lesson 6 - Liveliness

under construction

Lesson 7 - Namespaces

under construction

Lesson 8 - Services

under construction

Services

ClusterIp

NodePort

LoadBalancer

Lesson 9 - Horizontal Pod Autoscaler

under construction

HPA

Lesson 10 - ConfigMaps

under construction

ConfigMap

Lesson 11 - Persistent Volumes

under construction

Lesson 12 - Secrets

under construction

Lesson 13 - Ingress

under construction

Ingress

Lesson 14 - TLS

under construction

Lesson 15 - RBAC

under construction

RBAC

Role

RoleBinding

RBACProcess

Lesson 16 - Helm

under construction

Lesson 17 - kubeadm

under construction

cd <directory>	Change directory
ls	List directory
echo 'contents' > <file>	Write contents to a file
cat <file>	Output contents of file

i	In Command Mode	Change into Insert Mode, you can now insert and edit text in the file
esc	In Insert Mode	Change into Command Mode, you can now execute commands
:wq	In Command Mode	Save and Exit

Welcome!

Getting Cool With Kube (UNDER CONSTRUCTION)

Table of Contents

Congratulations!

You've completed the scenario!

Scenario Rating

You've crossed the finish line!

Steps