KUBERNETES IS AN ORCHESTRATOR FOR CONTAINERS:\\ Hierarchy: **Cluster > Node > Pod** \\ + private worker nodes {{:network_stuff:k8s_cartoon.png?=200|}} * Container engine (podman(rhel, lxc or docker) runs the containers * k8s orchestrates them K8s is a container orchestrator, designed for creating clusters and hosting pods, its networking model meets exactly those needs. The service mesh (or network layer) ensures that communication between different services that live in containers is reliable and secure.\\ The state of the is stored in a distributed databased [https://matthewpalmer.net/kubernetes-app-developer/articles/how-does-kubernetes-use-etcd.html#:~:text=Kubernetes%20uses%20etcd%20to%20store,cluster%20read%20and%20write%20data.|etcd ]] (not relational, is distributed key/value store used by the master node or controller to keep the state of the machine it is controlling). * [[https://blogs.cisco.com/cloud/service-mesh-for-network-engineers]] * This is the [[https://kubernetes.io/docs/reference/glossary/?fundamental=true|GLOSSARY]]for kubernetes terms: * **Cluster**: Consists of one master machine and multiple worker machines or nodes. The master coordinates between all the nodes * **Node**: just servers, connected to each other normally with (sdn) network * the devops guy deploys a network overlay on the above ^ normally with a single 'kubectl' command (eg: vxlan overlay) * k8s install a 'kubelet' in each node to orchestrate it into clusters * kproxy: using iptables * **Pod**: A pod runs a group of container that has common properties and can be orchestrated to scale up/down. (very coarse comparison is that the pod is like a "server" in the sense that groups related processes) * what stays static among the ephemeral pod states: * service node port (nat) * service cluster ip (internal, from pod to pod) * service load balancer (external IP address, cluster exposed) \\ Deployment-object > replicaSet (that crates..) > pods\\ 'service object/abstraction' k8s allows for the pod to keep the same virtual IP in the microservice. : \\ A simple way of seeing this train is with: ! in minikube kubectl run mynode # this creates a deployment object a replica set and pods kubectl expose ---- **KUBERNETES NETWORKING**:\\ {{ :network_stuff:kubernetes_networking_deep_dive.pdf |}} * Networking via: * (CNI) like Nuage or Flannel, **weave** [[https://www.weave.works/docs/net/latest/kubernetes/kube-addon/|weave]] or the more recent standard ''isco'' * low level abstraction (aci) * service mesh: * [[https://istio.io/|Istio]] {{:network_stuff:k8s-ingress-ctrls.jpeg?400|}} ---- \\ * k8s in the cloud * In AWS: EKS[[https://aws.amazon.com/kubernetes/]] (not to confuse with ESK (Elastic Search) * In OCI: OKE [[https://docs.cloud.mycompany2.com/en-us/iaas/Content/ContEng/Concepts/contengprerequisites.htm]] * Lots of interesting kubernetes information for OCI but also generally applicable [[https://docs.cloud.mycompany2.com/en-us/iaas/Content/ContEng/Concepts/contengprerequisites.htm#regional-availability|HERE]] \\ kubectl get endpoints # endpoint is an ip:port. Usually, you'd let a service manage endpoints (one EP per pod the service routes traffic to) kubectl get svc # List all services. Services enable a loose coupling between dependent Pods. A Service is defined using YAML kubectl get pods -n datanado-dev -l app=datanado-qubole-service kubectl get pods -n audplat-prod # -n Shorthand for --namespace. For example, if you’d like to list all the Pods in a specific kubectl get rs -n audplat-prod # get the current ReplicaSets deployed kubectl get ing ---- MINIKUBE:\\ Install minikube: * Download fc31 iso: [[https://dl.fedoraproject.org/pub/fedora/linux/releases/31/Workstation/x86_64/iso/|External Link]] $ minikube start --memory=4096 --vm-driver=kvm2 $ minikube status minikube type: Control Plane host: Running kubelet: Running apiserver: Running kubeconfig: Configured $ kubectl get all # $ kubectl get pods -o wide NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.96.0.1 443/TCP 59m $ kubectl create deployment nginx --image=nginx