Kubernetes Architecture:
Roles:
1. Master role:
- API server
- Scheduler
- Controller Manager
- etcd
2. Worker role:
- Governor
- Kube-proxy
- Container runtime
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
sudo apt-get update
sudo apt-get install -y docker-ce=18.06.1~ce~3-0~ubuntu
sudo apt-mark hold docker-ce
sudo docker version
Kubeadm, Kubelet, and Kubectl
Bootstrapping the Cluster
On the Kube master node, initialize the cluster
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
When it is done, set up the local kubeconfig
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Verify that the cluster is responsive and that Kubectl is working
kubectl version
The kubeadm init command should output a kubeadm join command containing a token and hash. Copy that command and run it with sudo on both worker nodes. It should look something like this
sudo kubeadm join $some_ip:6443 --token $some_token --discovery-token-ca-cert-hash $some_hash
Verify that all nodes have successfully joined the cluster
loud_user@jubayer1c:~$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
jubayer1c.mylabserver.com NotReady master 8m45s v1.12.7
jubayer2c.mylabserver.com NotReady <none> 94s v1.12.7
jubayer3c.mylabserver.com NotReady <none> 78s v1.12.7
Configuring Networking with Flannel
##Once the Kubernetes cluster is set up, we still need to configure cluster networking in order to make the cluster fully functional#
Run below commands on three nodes:
echo "net.bridge.bridge-nf-call-iptables=1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
Install Flannel in the cluster by running this only on the Master node:
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml
Verify that all the nodes now have a STATUS of Ready
$kubectl get nodes
NAME STATUS ROLES AGE VERSION
jubayer1c.mylabserver.com Ready master 25m v1.12.7
jubayer2c.mylabserver.com Ready <none> 18m v1.12.7
jubayer3c.mylabserver.com Ready <none> 18m v1.12.7
verify that the Flannel pods are up and running. Run this command to get a list of system pods:
$kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-bb49df795-85rqm 1/1 Running 0 35m
coredns-bb49df795-djszq 1/1 Running 0 35m
etcd-jubayer1c.mylabserver.com 1/1 Running 0 34m
kube-apiserver-jubayer1c.mylabserver.com 1/1 Running 0 34m
kube-controller-manager-jubayer1c.mylabserver.com 1/1 Running 0 34m
kube-flannel-ds-amd64-ddtjr 1/1 Running 0 10m
kube-flannel-ds-amd64-pw9bb 1/1 Running 0 10m
kube-flannel-ds-amd64-qng6r 1/1 Running 0 10m
kube-proxy-7t49d 1/1 Running 0 28m
kube-proxy-89dtw 1/1 Running 0 28m
kube-proxy-ztsv7 1/1 Running 0 35m
kube-scheduler-jubayer1c.mylabserver.com 1/1 Running 0 34m
Containers and Pods
POD:
1. smallest building block in kubernetes model
2. Generally one pod equals one container but there can be more containers in a pod
2. Own storage resources and unique IP address in K8 cluster network
Scheduling: when running a container in a node, it is called scheduling. K8 schedules pods to run container, that are part of the pod.
Container:
Create a simple pod running an nginx container
cat << EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- name: nginx
image: nginx
EOF
Get a list of pods and verify that your new nginx pod is in the Running state:
#kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 2m6s
kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-bb49df795-85rqm 1/1 Running 1 5h18m
coredns-bb49df795-djszq 1/1 Running 1 5h18m
etcd-jubayer1c.mylabserver.com 1/1 Running 1 5h17m
kube-apiserver-jubayer1c.mylabserver.com 1/1 Running 1 5h17m
kube-controller-manager-jubayer1c.mylabserver.com 1/1 Running 1 5h17m
kube-flannel-ds-amd64-ddtjr 1/1 Running 1 4h53m
kube-flannel-ds-amd64-pw9bb 1/1 Running 1 4h53m
kube-flannel-ds-amd64-qng6r 1/1 Running 1 4h53m
ube-proxy-7t49d 1/1 Running 1 5h10m
kube-proxy-89dtw 1/1 Running 1 5h11m
kube-proxy-ztsv7 1/1 Running 1 5h18m
kube-scheduler-jubayer1c.mylabserver.com 1/1 Running 1 5h17m
Get more information about your nginx pod:
#kubectl describe pod nginx
Delete the pod:
#kubectl delete pod nginx
Get more information about a specific node
kubectl describe node $node_name
Controller and worker
Controller
Kubernetes API
Other control components
Worker
PODs
Networking in Kubernetes
virtual network across the nodes, which are physically seperated but logically connected.
every pod in the network has unique IP address nad they communicate with each other
Create a deployment with two nginx pods:
cat << EOF | kubectl create -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.15.4
ports:
- containerPort: 80
EOF
Create a busybox pod to use for testing:
cat << EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: busybox
spec:
containers:
- name: busybox
image: radial/busyboxplus:curl
args:
- sleep
- "1000"
EOF
Get the IP addresses of your pods:
kubectl get pods -o wide
Get the IP address of one of the nginx pods, then contact that nginx pod from the busybox pod using the nginx pod's IP address:
kubectl exec busybox -- curl $nginx_pod_ip
Kubernetes Architecture and Components
Master node:
etcd : distributed, synchornized data storage for cluster state
kube-apiserver : serves K8 api, prinmary interface for the cluster
kube-controller-manager: bundles some application/components into one package; more like background process
kube-scheduler : schedules pods to run on individual nodes
Each node:
kubelet: communicate between kubelet api and container run time(docker, this case)
*kubelet runs as a service, so it is not seen as a pod
kube-proxy: handles network communication between nodes
Kubernets deployments:
automation of the management of the pods.
scaling
rolling update
self-healing
Create a deployment:
cat <<EOF | kubectl create -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.15.4
ports:
- containerPort: 80
EOF
cloud_user@jubayer1c:~$ kubectl get deployments
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 2 2 2 2 2d19h
nginx-deployment 2 2 2 2 2m17s
cloud_user@jubayer1c:~$ kubectl describe deployment nginx-deployment
Name: nginx-deployment
Namespace: default
CreationTimestamp: Wed, 01 Jan 2020 06:41:09 +0000
Labels: app=nginx
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=nginx
Replicas: 2 desired | 2 updated | 2 total | 2 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nginx
Containers:
nginx:
Image: nginx:1.15.4
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-d55b94fd (2/2 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
coud_user@jubayer1c:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
busybox 1/1 Running 34 2d19h
nginx-d55b94fd-jbpgq 1/1 Running 2 2d19h
nginx-d55b94fd-x42s6 1/1 Running 2 2d19h
nginx-deployment-d55b94fd-nxhqf 1/1 Running 0 15m
nginx-deployment-d55b94fd-pv9mz 1/1 Running 0 15m
Kubernetes services
services allow dynamic access of group of the replica pods. Services create an abstraction layer on top of a replica pods.
Create a NodePort service on top of your nginx pods:
cat << EOF | kubectl create -f -
kind: Service
apiVersion: v1
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30080
type: NodePort
EOF
Get a list of services in the cluster.
kubectl get svc
curl localhost:30080
Roles:
1. Master role:
- API server
- Scheduler
- Controller Manager
- etcd
2. Worker role:
- Governor
- Kube-proxy
- Container runtime
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
sudo apt-get update
sudo apt-get install -y docker-ce=18.06.1~ce~3-0~ubuntu
sudo apt-mark hold docker-ce
sudo docker version
Kubeadm, Kubelet, and Kubectl
Bootstrapping the Cluster
On the Kube master node, initialize the cluster
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
When it is done, set up the local kubeconfig
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Verify that the cluster is responsive and that Kubectl is working
kubectl version
The kubeadm init command should output a kubeadm join command containing a token and hash. Copy that command and run it with sudo on both worker nodes. It should look something like this
sudo kubeadm join $some_ip:6443 --token $some_token --discovery-token-ca-cert-hash $some_hash
Verify that all nodes have successfully joined the cluster
loud_user@jubayer1c:~$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
jubayer1c.mylabserver.com NotReady master 8m45s v1.12.7
jubayer2c.mylabserver.com NotReady <none> 94s v1.12.7
jubayer3c.mylabserver.com NotReady <none> 78s v1.12.7
Configuring Networking with Flannel
##Once the Kubernetes cluster is set up, we still need to configure cluster networking in order to make the cluster fully functional#
Run below commands on three nodes:
echo "net.bridge.bridge-nf-call-iptables=1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
Install Flannel in the cluster by running this only on the Master node:
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml
Verify that all the nodes now have a STATUS of Ready
$kubectl get nodes
NAME STATUS ROLES AGE VERSION
jubayer1c.mylabserver.com Ready master 25m v1.12.7
jubayer2c.mylabserver.com Ready <none> 18m v1.12.7
jubayer3c.mylabserver.com Ready <none> 18m v1.12.7
verify that the Flannel pods are up and running. Run this command to get a list of system pods:
$kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-bb49df795-85rqm 1/1 Running 0 35m
coredns-bb49df795-djszq 1/1 Running 0 35m
etcd-jubayer1c.mylabserver.com 1/1 Running 0 34m
kube-apiserver-jubayer1c.mylabserver.com 1/1 Running 0 34m
kube-controller-manager-jubayer1c.mylabserver.com 1/1 Running 0 34m
kube-flannel-ds-amd64-ddtjr 1/1 Running 0 10m
kube-flannel-ds-amd64-pw9bb 1/1 Running 0 10m
kube-flannel-ds-amd64-qng6r 1/1 Running 0 10m
kube-proxy-7t49d 1/1 Running 0 28m
kube-proxy-89dtw 1/1 Running 0 28m
kube-proxy-ztsv7 1/1 Running 0 35m
kube-scheduler-jubayer1c.mylabserver.com 1/1 Running 0 34m
Containers and Pods
POD:
1. smallest building block in kubernetes model
2. Generally one pod equals one container but there can be more containers in a pod
2. Own storage resources and unique IP address in K8 cluster network
Scheduling: when running a container in a node, it is called scheduling. K8 schedules pods to run container, that are part of the pod.
Container:
Create a simple pod running an nginx container
cat << EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- name: nginx
image: nginx
EOF
Get a list of pods and verify that your new nginx pod is in the Running state:
#kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 2m6s
kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-bb49df795-85rqm 1/1 Running 1 5h18m
coredns-bb49df795-djszq 1/1 Running 1 5h18m
etcd-jubayer1c.mylabserver.com 1/1 Running 1 5h17m
kube-apiserver-jubayer1c.mylabserver.com 1/1 Running 1 5h17m
kube-controller-manager-jubayer1c.mylabserver.com 1/1 Running 1 5h17m
kube-flannel-ds-amd64-ddtjr 1/1 Running 1 4h53m
kube-flannel-ds-amd64-pw9bb 1/1 Running 1 4h53m
kube-flannel-ds-amd64-qng6r 1/1 Running 1 4h53m
ube-proxy-7t49d 1/1 Running 1 5h10m
kube-proxy-89dtw 1/1 Running 1 5h11m
kube-proxy-ztsv7 1/1 Running 1 5h18m
kube-scheduler-jubayer1c.mylabserver.com 1/1 Running 1 5h17m
Get more information about your nginx pod:
#kubectl describe pod nginx
Delete the pod:
#kubectl delete pod nginx
Get more information about a specific node
kubectl describe node $node_name
Controller and worker
Controller
Kubernetes API
Other control components
Worker
PODs
Networking in Kubernetes
virtual network across the nodes, which are physically seperated but logically connected.
every pod in the network has unique IP address nad they communicate with each other
Create a deployment with two nginx pods:
cat << EOF | kubectl create -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.15.4
ports:
- containerPort: 80
EOF
Create a busybox pod to use for testing:
cat << EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: busybox
spec:
containers:
- name: busybox
image: radial/busyboxplus:curl
args:
- sleep
- "1000"
EOF
Get the IP addresses of your pods:
kubectl get pods -o wide
Get the IP address of one of the nginx pods, then contact that nginx pod from the busybox pod using the nginx pod's IP address:
kubectl exec busybox -- curl $nginx_pod_ip
Kubernetes Architecture and Components
Master node:
etcd : distributed, synchornized data storage for cluster state
kube-apiserver : serves K8 api, prinmary interface for the cluster
kube-controller-manager: bundles some application/components into one package; more like background process
kube-scheduler : schedules pods to run on individual nodes
Each node:
kubelet: communicate between kubelet api and container run time(docker, this case)
*kubelet runs as a service, so it is not seen as a pod
kube-proxy: handles network communication between nodes
Kubernets deployments:
automation of the management of the pods.
scaling
rolling update
self-healing
Create a deployment:
cat <<EOF | kubectl create -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.15.4
ports:
- containerPort: 80
EOF
cloud_user@jubayer1c:~$ kubectl get deployments
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 2 2 2 2 2d19h
nginx-deployment 2 2 2 2 2m17s
cloud_user@jubayer1c:~$ kubectl describe deployment nginx-deployment
Name: nginx-deployment
Namespace: default
CreationTimestamp: Wed, 01 Jan 2020 06:41:09 +0000
Labels: app=nginx
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=nginx
Replicas: 2 desired | 2 updated | 2 total | 2 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nginx
Containers:
nginx:
Image: nginx:1.15.4
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-d55b94fd (2/2 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
coud_user@jubayer1c:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
busybox 1/1 Running 34 2d19h
nginx-d55b94fd-jbpgq 1/1 Running 2 2d19h
nginx-d55b94fd-x42s6 1/1 Running 2 2d19h
nginx-deployment-d55b94fd-nxhqf 1/1 Running 0 15m
nginx-deployment-d55b94fd-pv9mz 1/1 Running 0 15m
Kubernetes services
services allow dynamic access of group of the replica pods. Services create an abstraction layer on top of a replica pods.
Create a NodePort service on top of your nginx pods:
cat << EOF | kubectl create -f -
kind: Service
apiVersion: v1
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30080
type: NodePort
EOF
Get a list of services in the cluster.
kubectl get svc
curl localhost:30080
No comments:
Post a Comment