OpenShift vs. Kubernetes
Docker and Kubernetes

What is Kubernetes and why is it used?

January 7, 2024 /

Kubernetes, often abbreviated as K8s, is an open source container orchestration platform designed to automate the deployment, scaling and management of containerized applications. It was originally developed by Google and later incorporated into the Cloud Native Computing Foundation (CNCF). Kubernetes provides a robust and flexible framework for orchestrating containers and enables companies to efficiently manage and scale their applications in dynamic, containerized environments.

What are the problems with manual deployment and the need for container orchestration?

If there are multiple containers, there needs to be a way to deploy and manage them. There should be a way to automatically spawn containers when they crash without the need for manual intervention.
Some cloud providers have their own solution (ECS, etc.), but if you switch to another cloud provider, you have to rewrite the entire configuration.
Kubernetes solves this problem by standardizing container orchestration. If we need to migrate from one provider to another with Kubernetes, we can simply use the same configuration files.

How do Docker and Kubernetes go hand in hand?

Docker is a containerization technology and Kubernetes works with containers. Each instance of a container runs the application. Kubernetes enables high availability by maintaining a fixed number of containers. It does this by creating new containers if one of them crashes. Kubernetes also offers load balancing, service discovery and automatic scaling out of the box.

What is Kubernetes?

Kubernetes is a container orchestration tool that manages clusters of containerized applications. With Kubernetes, the management of microservices has become very easy. Kubernetes automates tasks such as load balancing, automatic scaling and spawning containers when they crash. This makes the high availability of applications a reality.

Kubernetes and distributed systems

Kubernetes is closely related to the principles and challenges of distributed systems, and its design reflects the need to manage applications that span multiple nodes and containers.

Node architecture:

    • Nodes as distributed units:In Kubernetes, nodes represent individual machines within a cluster. These nodes are distributed across a network and work together to run containerized applications. This distribution ensures scalability and fault tolerance.

    Cluster coordination:

    • etcd as a distributed key-value store: The distributed key-value store etcd is the heart of the Kubernetes control plane. It ensures consistent and reliable storage of configuration data and is therefore a crucial component for coordinating activities across the entire cluster.

    Master-slave architecture:

    • Control plane components:Kubernetes follows a master-slave architecture for its control plane. The master node hosts components such as the API server, controller manager and scheduler, which together manage the overall state and orchestration of the cluster. The distributed nature of these components improves fault tolerance.

    Container orchestration:

    • Pods and containers as distributed entities:Pods, the basic entities in Kubernetes, encapsulate one or more containers. These pods can be distributed across multiple nodes, enabling efficient resource utilization and deployment of distributed applications.

    Service discovery and load balancing:

    • Distributed Service Discovery: Kubernetes services provide a way to abstract and expose a set of pods as a network service. This distributed service discovery mechanism allows other pods to seamlessly discover and communicate with services regardless of the nodes they are running on.

    Scaling and load balancing:

    • Horizontal pod autoscaling: Kubernetes supports horizontal scaling by adjusting the number of pod replicas based on resource utilization. This enables the dynamic distribution of workloads across nodes, contributing to efficient resource utilization and load balancing.

    Fault tolerance and self-healing:

    • Automatic replanning:In a distributed system, nodes can fail or become unreachable. Kubernetes addresses this by automatically rescheduling pods to healthy nodes, ensuring that applications remain available and resilient in the event of failures.

    Resource Management:

    • Efficient resource allocation:Kubernetes provides mechanisms to manage and allocate resources such as CPU and memory in the cluster. This ensures that applications run efficiently and resources are allocated as needed.

    Networks in a distributed environment:

    • Overlay networks: Kubernetes uses overlay networks to facilitate communication between pods running on different nodes. This enables seamless networking in a distributed environment and abstracts from the complexity of the underlying infrastructure.

    Consistency and declarative configuration:

    • Declarative configuration management: Kubernetes follows a declarative model where users specify the desired state of the system and Kubernetes ensures that the current state matches the desired state. This approach helps to maintain consistency in a distributed system.

    What Kubernetes is not?

    While Kubernetes is a versatile and powerful container orchestration platform, it’s important to understand what Kubernetes is not:

    Kubernetes cannot manage infrastructure. It can only manage the containers running on the host infrastructure.

    Kubernetes does not take care of the initial setup of the cluster. It only comes into play when the cluster is created by the user.

    Not a traditional virtualization platform:

    • Kubernetes does not offer virtualization at the level of traditional hypervisors. It focuses on orchestrating and managing containers rather than full-fledged virtual machines. While Kubernetes can work with virtualization platforms, it is not a replacement for them.
    • Kubernetes uses container runtimes like Docker to deploy and run containers. It does not replace Docker, but provides an abstraction layer for managing and orchestrating containers. Kubernetes is independent of container runtimes and can interoperate with other runtimes.

    No monitoring or logging solution:

    • While Kubernetes has basic monitoring capabilities through tools like kube-state-metrics and provides integration points for monitoring solutions, it is not a dedicated monitoring or logging platform. External tools such as Prometheus and ELK Stack are often used in conjunction with Kubernetes for these purposes.
    • Kubernetes focuses on orchestrating and managing the deployment and scaling of applications, but is not a configuration management tool like Ansible or Chef. While it allows the declaration of desired states, it is not as comprehensive as dedicated configuration management solutions for all aspects of system configuration.
    • Kubernetes is often compared to PaaS solutions, but it is not a PaaS itself. PaaS platforms abstract more from the underlying infrastructure and are designed to offer more freedom of expression. Kubernetes, on the other hand, provides a flexible and extensible platform that allows users to make more decisions about their application architecture.

    Not a one-size-fits-all solution

      • Although Kubernetes is widely used and can handle a variety of workloads, it may not be the best solution for every use case. For small and simple applications, the overhead of Kubernetes might be unnecessary, and simpler solutions might be better suited.

      Kubernetes is not inherently a security solution

      • While Kubernetes provides features to secure applications, such as role-based access control (RBAC) and network policies, it is not a complete security solution on its own. Additional security measures, such as securing container images and applying best practices, are necessary to ensure a robust security posture.

      Not a panacea for application scalability:

      • Kubernetes supports scalable application deployment, but it does not automatically make applications scalable. Developers need to design their applications with scalability in mind, and scalability considerations should be part of the application architecture.

      Not completely serverless:

      • While Kubernetes can be used to deploy and manage serverless-like architectures with tools like Knative, it is not a fully serverless computing platform like AWS Lambda or Azure Functions. Serverless platforms abstract more infrastructure management tasks than Kubernetes.

      What are advantages and disadvantages of Kubernetes?

      Advantages of Kubernetes:

      Container Orchestration:

      • Advantage:Kubernetes automates the deployment, scaling, and management of containerized applications, providing a unified platform for container orchestration.

      Scalability:

      • Advantage:Kubernetes allows for horizontal scaling, dynamically adjusting the number of containers to handle varying workloads, ensuring efficient resource utilization.

      Portability:

      • Advantage:Applications deployed on Kubernetes are portable across different environments, facilitating consistent deployment in hybrid and multi-cloud scenarios.
      • Advantage:Kubernetes optimizes resource utilization by efficiently packing containers onto nodes, leading to cost savings and improved infrastructure efficiency.

      Service Discovery and Load Balancing:

      • Advantage:Kubernetes Services provide seamless service discovery and load balancing, enabling communication between different sets of pods and distributing traffic efficiently.

      Declarative Configuration:

      • Advantage:Kubernetes uses a declarative model, allowing users to specify the desired state of their applications, simplifying configuration management.

      High Availability:

      • Advantage:Kubernetes ensures high availability by distributing workloads across multiple nodes and automatically recovering from node failures.

      Community and Ecosystem:

      • Advantage:Kubernetes has a vibrant and active community, contributing to a rich ecosystem of tools, plugins, and extensions that enhance its functionality.

      Continuous Integration and Deployment (CI/CD):

      • Advantage:Kubernetes integrates well with CI/CD pipelines, facilitating automated testing, deployment, and rollbacks.

      Security Features:

      • Advantage:Kubernetes provides security features such as Role-Based Access Control (RBAC), network policies, and secrets management, contributing to a robust security posture.
        Disadvantages of Kubernetes:

      Complexity:

      • Disadvantage:Kubernetes has a steep learning curve and can be complex to set up and manage, especially for smaller applications or teams with limited experience.

      Resource Intensive:

      • Disadvantage:Running and maintaining a Kubernetes cluster can be resource-intensive, requiring sufficient hardware and operational expertise.

      Networking Complexity:

      • Disadvantage: Networking in Kubernetes, especially in complex environments, can be challenging to configure and troubleshoot.
      • Disadvantage:For small projects or simple applications, the overhead of implementing and managing Kubernetes might outweigh the benefits.

      Persistent Storage Challenges:

      • Disadvantage:Managing persistent storage in Kubernetes can be complex, and achieving stateful application behavior may require additional considerations.

      Version Compatibility:

      • Disadvantage:Compatibility issues can arise when upgrading Kubernetes or related components, requiring careful planning and testing.

      Limited Windows Support:

      • Disadvantage:Kubernetes’ support for Windows containers is still evolving, and certain features may have limitations compared to Linux containers.

      Steep Learning Curve:

      • Disadvantage: Kubernetes requires users to understand its concepts and architecture thoroughly, making it challenging for beginners.

      Initial Setup Complexity:

      • Disadvantage: Setting up the initial Kubernetes cluster can be complex, requiring careful configuration and attention to detail.

      Not a Solution for All Workloads:

      • Disadvantage: Kubernetes may not be the best fit for all use cases, particularly for simpler applications or environments with specific constraints.

      Kubernetes architecture?

      Kubernetes has a distributed architecture that consists of a master node and multiple worker nodes, also known as minions or just nodes. The master node is responsible for managing the overall state of the cluster, while the worker nodes execute the tasks assigned by the master. Here’s an overview of the key components in the Kubernetes architecture:

      Master Node Components:

      API Server:

      • Description:Acts as the front end for the Kubernetes control plane. It exposes the Kubernetes API, which users, other parts of Kubernetes, and external components interact with to manage the cluster.
      • Functionality:Validates and processes REST requests, updates etcd, and communicates with other components to fulfill requests.

      etcd:

      • Description:Consistent and highly-available key-value store used as Kubernetes’ backing store for all cluster data.
      • Functionality:Stores the configuration data, allowing the entire cluster to be in sync. The distributed nature of etcd enhances the fault tolerance of the system.

      Controller Manager:

      • Description:Watches the state of the cluster through the API server and makes changes to bring the current state closer to the desired state.
      • Functionality:Implements controllers for different resources, ensuring that the correct number of replicas are running, handling node failures, etc.

      Scheduler:

      • Description:Watches for newly created Pods with no assigned node and selects a node for them to run on.
      • Functionality:Considers factors like resource constraints, quality of service requirements, and affinity/anti-affinity specifications when making placement decisions.

      Node Components:

      Kubelet:

      • Description:An agent that runs on each node in the cluster. It ensures that containers are running in a Pod.
      • Functionality:Communicates with the API server, manages containers, and reports the node’s health status.

      Kube Proxy:

      • Description:Maintains network rules on nodes. It reflects services as defined in the Kubernetes API on each node.
      • Functionality:Handles network communication to and from the containers in its node.

      Container Runtime:

      • Description:The software responsible for running containers. Docker is a popular choice, but Kubernetes supports other runtimes like containerd or cri-o.
      • Functionality:Pulls container images, runs containers, and manages container lifecycle on the node.

      Kubernetes objects

      Pods:

      • Description:The smallest deployable units in Kubernetes. A Pod represents a single instance of a running process in a cluster. It can contain one or more containers that share the same network namespace and storage.

      ReplicaSets:

      • Description:Ensures a specified number of replicas (Pods) are running at all times. It helps in scaling the number of Pods up or down and is often used to maintain high availability.

      Deployments:

      • Description:Provides declarative updates to applications. It allows you to describe the desired state of a system and automatically manages the deployment and scaling of Pods, as well as rolling updates to new versions.

      Services:

      • Description:An abstraction that defines a logical set of Pods and a policy by which to access them. Services enable network communication between different sets of Pods, even if the Pods are on different nodes.

      Namespaces:

      • Description:Provides a way to divide cluster resources into multiple virtual clusters. It helps in organizing and isolating resources within a cluster.

      ConfigMaps:

      • Description:A resource for storing configuration data in key-value pairs. ConfigMaps can be used to separate configuration from application code, allowing for easier management and updates.

      Secrets:

      • Description:Similar to ConfigMaps but designed for storing sensitive information such as passwords, API keys, and tokens. Secrets are base64 encoded and can be mounted into Pods.

      ServicesAccount:

      • Description:Defines a set of permissions for Pods to access other resources in the cluster. It is often used to control access to the Kubernetes API.

      Persistent Volumes (PVs) and Persistent Volume Claims (PVCs):

      • Description:PVs represent physical storage resources in the cluster, while PVCs are requests for those resources by Pods. They provide a way to decouple storage management from Pod management.

      StatefulSets:

      • Description:Manages the deployment and scaling of a set of Pods with unique, stable network identities. It is useful for stateful applications that require stable network identities and persistent storage.

      DaemonSets:

      • Description:Ensures that all (or some) Nodes run a copy of a Pod. It is often used for running system daemons like log collectors on every node.

      Job and CronJob:

      • Description:Objects for running batch processes or jobs in the cluster. Jobs run to completion, while CronJobs are used for running Jobs at specified intervals.

      HorizontalPodAutoscaler (HPA):

      • Description:Automatically adjusts the number of Pods in a Deployment or ReplicaSet based on observed CPU utilization or custom metrics.

      Ingress:

      • Description:Manages external access to services in a cluster, typically handling external HTTP/S traffic.

      Network Policies:

      • Description:Defines how Pods are allowed to communicate with each other and with other network endpoints.

      Implicit and Explicit deployments

      1. Implicit Deployments:

      In a Kubernetes context, implicit deployments could refer to scenarios where the deployment of certain resources or changes to the cluster occurs automatically based on some predefined conditions. This can include:

      Autoscaling:

      • In Kubernetes, Horizontal Pod Autoscaler (HPA) allows for automatic scaling of the number of pods in a deployment based on observed metrics (e.g., CPU usage). This can be considered an implicit deployment as the scaling happens automatically without direct user intervention.

      Controller Reconciliation:

      • Controllers like Deployments or ReplicaSets continuously monitor the state of the cluster and automatically reconcile the actual state with the desired state. When there are changes or discrepancies, these controllers take actions to bring the system back to the desired state. This can be seen as an implicit deployment triggered by changes in the declared configuration.

      2. Explicit Deployments:

      kubectl Apply:

      Explicit deployments, on the other hand, involve manual or user-initiated actions to deploy or update resources in the Kubernetes cluster. Examples include:

      – Users explicitly deploy resources using the kubectl apply command, providing YAML or JSON files that describe the desired state of the deployment. This manual intervention is considered explicit.

      Deployment Rollouts:

      – Users may trigger explicit deployment updates by using commands like kubectl rollout to manage the rollout of new versions or updates to a deployment. This involves user-initiated actions to control the deployment process explicitly.

      Creation of Resources:

      • When users manually create resources like Pods, Services, or ConfigMaps, it’s an explicit deployment, as it requires user intervention.

      Key kubernetes commands

      1. Cluster Info:
        Display cluster information:
        kubectl cluster-info
      2. Nodes:
        Show information about nodes in the cluster:
        kubectl get nodes
      3. Pods:
        List all pods in the default namespace:
        kubectl get pods
        Get detailed information about a specific pod:
        kubectl describe pod <pod_name>
        Create or apply a pod configuration:
        kubectl apply -f <pod_configuration.yaml>
        Delete a pod:
        kubectl delete pod <pod_name>
      4. Services:
        List all services in the default namespace:
        kubectl get services
        Get detailed information about a specific service:
        kubectl describe service <service_name>
      5. Deployments:
        List all deployments in the default namespace:
        kubectl get deployments
        Scale a deployment:
        kubectl scale deployment <deployment_name> --replicas=<desired_replica_count>
        Perform a rolling update:
        kubectlsetimage deployment/<deployment_name> <container_name>=<new_image>
      6. ConfigMaps and Secrets:
        Create or update a ConfigMap from a file:
        kubectl create configmap <configmap_name> --from-file=<path/to/config/files>
        Create or update a Secret from literal values:
        kubectl create secret generic <secret_name> --from-literal=<key1=value1> --from-literal=<key2=value2>
      7. Namespaces:
        List all namespaces:
        kubectl get namespaces
        Create a new namespace:
        kubectl create namespace <namespace_name>
      8. Logs:
        View logs from a specific pod:
        kubectl logs <pod_name>
        Stream logs from a pod in real-time:
        kubectl logs -f <pod_name>
      9. Exec into a Pod:
        Open a shell inside a running pod:
        kubectlexec-it <pod_name> -- /bin/sh
      10. Role-Based Access Control (RBAC):
        List roles:
        kubectl get roles
        Describe a role:
        kubectl describe role <role_name>
        List role bindings:
        kubectl get rolebindings
        Describe a role binding:
        kubectl describe rolebinding <rolebinding_name>

      You May Also Like

      Docker multistage build

      Docker Multistage Build: A Complete Guide

      January 19, 2025
      Docker multistage build

      Docker Security: Best Practices for Secure Container Deployment

      May 1, 2024
      gRPC

      Kubernetes Microservices: Simplifying Container Orchestration

      June 26, 2024