Kubernetes has exploded in popularity, with over 90% of global enterprises now using Kubernetes for container orchestration and application deployment according to Cloud Native Computing Foundation. This beginner‘s guide aims to fully cover Kubernetes from the ground up – by the end, you‘ll be well on your way to Kubernetes mastery!
Overview
Kubernetes (aka K8s) is an open source container orchestration platform for automating deployment, scaling and management of containerized applications. In non-technical terms, it makes running complex applications with many moving parts incredibly easy.
While starting out with containers often focuses on individual tools like Docker, as usage scales up it quickly becomes unwieldy to manage hundreds or thousands of container manually across many servers.
Kubernetes provides powerful abstractions to simplify these operational concerns so developers can focus on writing code. Key advantages include:
-
Automated rollouts and rollbacks – Kubernetes progressively rolls out application changes while monitoring health, automatically rolling back if issues emerge.
-
Storage orchestration and data persistence – Simplified abstraction and management of storage systems like disks and cloud volumes attached to running containers.
-
Self healing – Automated restarting of failed containers, replacement of unhealthy containers, and scaling down unavailable application instances.
-
Service discovery and dynamic load balancing – Finding and connecting containers and automatically distributing network traffic for high availability.
-
Seamless horizontal scaling – Programmatically scale applications up and down to meet demand with auto-scaling systems.
-
And much more! – Secret management, batch execution, service binding, declarative management and beyond.
With these operational concerns handled, developers are free to focus their energy on application logic and business value rather than infrastructure maintenance. And with over 5 million developers now leveraging Kubernetes according to recent SlashData research, it‘s clear Kubernetes is the industry standard for shipping containerized applications.
Now let‘s explore Kubernetes architecture and components…
Detailed Architecture Overview
At a high level, a full Kubernetes cluster contains a control plane consisting of master nodes plus application worker nodes:
(Source: Kubernetes.io)
Diving deeper across both:
Kubernetes Control Plane (Master Node Components)
The multi-master node control plane oversees and governs the overall Kubernetes cluster. Key components include:
-
kube-apiserver – Primary management component exposing the Kubernetes API. All components communicate solely via the API server following the "all tubes lead to Rome"
design principle. Provides authentication, validation, admission control, API registration and discovery. -
etcd – Consistent and highly available key-value store used to persistently store all cluster data. Allows Kubernetes to remain resilient in event of failures.
-
kube-scheduler – Watching API server, assigns newly created pods to cluster nodes based on resource availability and scheduling policies. Supports custom schedulers.
-
kube-controller-manager – Collection of core process controllers including replication controller for maintaining correct pods counts, node controller for detecting unhealthy nodes and pod eviction, job controller for batch jobs, etc.
-
cloud-controller-manager – Allows integration with underlying infrastructure of cloud providers like AWS or Azure. Handles routing permission, volume management and on-going credential rotation.
In production environments, Kubernetes control plane nodes should be provisioned with high availability in mind across multiple availability zones to minimize cluster outages from potential physical node failures.
Kubernetes Worker Nodes
Where containerized applications actually execute:
-
kubelet – Key agent that runs on each node in the cluster. Registers node with cluster, watches API server for assignments, executes pods/containers via container runtime, reports status, handles node introspection and lifecycle management.
-
kube-proxy – Network proxy and load balancer running on each node implementing Kubernetes networking model and providing the Service abstraction by routing network traffic across containers and pods based on IP address and ports.
-
Container Runtime – The underlying software required for running containerized applications like Docker, containerd and any OCI compliant runtime.
Worker nodes provide the runtime environment for your business applications and workloads. They can run anywhere from physical servers, VMs both on-prem and the cloud.
Node sizes vary significantly from small single core nodes to powerful multi-core machines packing hundreds of gigabytes of RAM to support demanding applications.
Additionally, given most clusters run multiple applications, namespaces allow logical segregation of resources across node infrastructure.
Now that we understand Kubernetes under the hood, let‘s explore some key abstractions and objects for running applications…
Main Kubernetes Building Blocks
While discussing raw Kubernetes architecture shows what‘s happening behind the scenes, most developers primarily interface with the cluster through high level abstractions. Some key objects include:
Pods – The smallest deployable artifact in Kubernetes. Encapsulates single or tightly coupled containers that operate together on a host. Includes shared namespaces, mounts, network and dependencies required to execute.
Deployments – Declarative state controller that manages a replicated application set. Enforces desired application state including pod replicas, rollouts and rollbacks, self-healing and more.
Services – Logical network set that defines a policy to access a set of pods, providing discovery and load balancing. Exposes pods publicly via stable DNS entry and single IP address.
Volumes – Data disks that live as long as the pods that need them allowing state persistence. Provides data storage abstraction from underlying infrastructure.
ConfigMaps – Externalized configuration mechanism allowing applications to consume configuration information independently from container images. Supports dynamic reconfiguration.
And many more including namespaces, ingress, jobs, storage classes and beyond that construct the Kubernetes application model!
These high level abstractions simplify infrastructure management by allowing developers to declare the desired application state, with Kubernetes handling all the complexity of actual deployment and reconciliation.
For example, developers declare applications via deployments, including parameters like container images, replicas and storage volumes while Kubernetes handles actually scheduling containers, mounting storage, configuring networking/service discovery, scaling and more across the cluster.
Let‘s see this in action by installing Kubernetes locally and deploying our first application…
Installing your First Cluster with Minikube
To get hands-on Kubernetes experience quickly, we‘ll leverage minikube to install a simple single node cluster on our local machine:
Step 1) Ensure your machine has 2 CPU cores + 2GB RAM and install dependencies:
- Hypervisor like VirtualBox
- kubectl command line tool
Step 2) Install minikube itself:
curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 \
&& chmod +x minikubeStep 3) Start your cluster:
minikube startAnd just like that you‘ve got Kubernetes running locally!
We can verify it‘s up by querying pods:
kubectl get pods -ALet‘s deploy our first application next…
Deploying and Exploring a Sample App
To demonstrate Kubernetes in action, we‘ll deploy the common "Hello World" example application.
We‘ll explore the various objects that compose this deployment including pods, deployments and services:
Hello World Kubernetes YAML
First, save the below as hello.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-app
labels:
app: hello
spec:
replicas: 3
selector:
matchLabels:
app: hello
template:
metadata:
labels:
app: hello
spec:
containers:
- name: hello
image: mcr.microsoft.com/azuredocs/containerapps-helloworld:latest
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: hello-service
spec:
selector:
app: hello
ports:
- port: 80
type: LoadBalancer This defines a deployment that manages pods running the hello image, and a service for networking access to those pods.
Deploy the Application
Launch via kubectl:
kubectl apply -f hello.yaml This showcases the declarative model – rather than running imperative commands, we declare the end-state and Kubernetes reconciles current state to desired state.
Verify deployment creates 3 pods replicaset:
kubectl get pods Access the Application
Retrieve the public cluster IP for the deployed service:
minikube service hello-service --urlVisiting that URL in your browser will display the welcome message from the Hello World app running in pods managed by Kubernetes!
This example demonstrated core Kubernetes object primitives like deployments and services to launch and expose applications. But Kubernetes can do so much more from zero-downtime rolling updates, scaling, batch job processing, storage management and far beyond.
Now that we have a taste of Kubernetes, let‘s look beyond local development…
Kubernetes in Production
While minikube makes easy to start small, production Kubernetes leverages clusters spanning many physical machines and cloud instances.
Some key areas to consider for production-grade reliable Kubernetes include:
Sizing and Scaling – Right sizing Kubernetes nodes from small to extra large based on application demands and accurately auto-scaling clusters to meet fluctuations in traffic.
Availability and Resilience – Spreading applications across racks, data centers and cloud regions for maximum uptime.
Networking and Service Mesh – Enabling connectivity across nodes along with powering service discovery and resilient communication.
Storage and Data – Expanding ephemeral container storage with networked filesystems, cloud volumes and databases.
Security and Access Control – Locking down access with role based access control, secrets encryption, network policies, auditing trails and admission control.
Observability – Insights into performance, logs, metrics and traces via aggregated dashboards and visualization.
Automation – Streamlining and standardizing deployment, configuration and infrastructure management following GitOps methodology and declarative infrastructure-as-code techniques.
And much more! The Kubernetes ecosystem has exploded over the years with a galaxy tools and capabilities across all facets.
Many organizations opt to leverage managed Kubernetes offerings from public cloud vendors like AWS, Google Cloud and Microsoft Azure that reduce operational overhead by automating infrastructure management, resilience, scaling, upgrades and more.
But whether relying on managed services or manually administrating on-prem data centers, Kubernetes empowers developers to focus on applications while underpinning infrastructure simply fades to the background.
Charting your Kubernetes Course
Hopefully this comprehensive beginner‘s guide provided everything you need to start your Kubernetes journey! Here are some recommendations for continuing your education:
- Official Kubernetes Documentation – Fantastically detailed and constantly evolving docs from the source.
- Kubernetes by Example – Free book with end-to-end walkthroughs ideal for ramping skills.
- KodeKloud – Step-by-step video course for Kubernetes mastery.
- Play with Kubernetes Training – Guided hands-on simulations right in your browser.
- Certified Kubernetes Administrator – Professional certification administered by Cloud Native Computing Foundation.
Here at the start of your Kubernetes journey, the best thing you can do is get hands-on experience with real projects. Even simple practice deployments will quickly reinforce the declarative model for managing modern applications.
Internalize these patterns and take your newfound skills to deploy actual applications. Before you know it, Kubernetes will simply fade away into the background serving your workload needs so you can focus on writing code rather than managing infrastructure.
Godspeed on your cloud native quest and happy shipping containers!
