Kubernetes concepts everybody should know
CEO of Amethyst Platform
Kubernetes is a container orchestration platform that revolutionized the tech industry by simplifying the deployment and management of containers. This way, teams can move faster than ever before, develop and put to production microservices without worrying about what runs where.
If you just want the list of concepts, you can skip right next to the concepts section and skip over the first sections where we talk about the problem Kubernetes tackles and some basics about it.
But the first question everybody needs to get an answer to when getting into Kubernetes is "What is a container orchestration platform?"
To deploy containers, each container needs to run on a server, which has limited resource available. Applications that need to serve millions of requests per second need to be scaled horizontally, because you can't scale server vertically forever as there is a physical limit to how much RAM, how many CPU cores and how much traffic can go through a single server. So those applications need to be split into multiple independent services that run on different servers and communicate with each other on the network (most common through HTTP(s) and message queues). But doing this, complicates things a lot: each server has different IPs, each server runs different services and all services need to know how other services can be accessed.
Applications having dynamic resource requirements (traffic spikes, seasonality, even the day-night user cycle) means that you need to add and remove replicas of the same service according to the concurrent user count.
Each horizontal scaling operation means that all other services need to be updated about what services enter the network and what services are getting taken out of it.
A container orchestration platform comes in to aid us with these challenges: they abstract the servers in a single pool of resources and we just tell them what service we need to run and what and they handle finding a server that fits that service and automatically configure their integration with other services.
What about Kubernetes?
Enough talk about the theory, it's time to get to the point and the reason you are here: Kubernetes.
Kubernetes is a platform open sourced by Google that offers seamless container orchestration, is very versatile and extensible and is very robust and stable enough to be used and trusted by a lot of large companies to handle their production traffic.
It has two main components (each one is composed of certain smaller applications, but we won't get too much into detail on this topic right now because it's a more advanced topic): the control plane and the worker plane.
The control plane is the command center of Kubernetes that make sure everything is up-to-date in the cluster and the worker plane handles container lifecycle and make sure the containers are being run.
Next, we will talk about the concepts that makes Kubernetes easier to grasp and get into. These are the building blocks of the platform and they are (in most cases) used to build up other concepts/resources.
Pod- a bunch of containers that need to run together. This is the most low-level compute resource that Kubernetes offers and we will use it to deploy the actual services we need to run. In most cases we will just need to deploy a single container in a pod, but there are some edge-cases where we need multiple containers in a same pod, for example deploying a side-car container that pulls some metrics and/or logs from the main container and forwards them to our monitoring/logging infrastructure.
Service- an networking component that forwards traffic between multiple pods and It allows access to a set of pods under a single name. You can think of it as some kind of DNS-based service discovery.
Deployment- a special kind of resource through which you can configure an application. A deployment is composed from multiple pods that are horizontally scaled. So for each pod, you can specify how many instances of each you need to have up at any point. Based on that, if a pod suddenly dies, Kubernetes, based on the deployment definition will always make sure you have the specified number of replicas available by continuously checking and deploying pods until the ideal number is reached. Another nice feature is that using
Deploymentresources, you can update your applications with zero downtime, as each pod will be updated at a time using a rolling update strategy.
Namespace- an organizational cluster unit that groups resources together, based on a common criteria. It's up to you to partition your resources in namespaces. In some cases, there are resources that can not be shard between components that exist in different namespaces, so in certain situation, using namespaces can also offer some security.
We prefer to have one namespace per application and environment combination.
Secret- resources that offer "pluggable" configuration for your applications. The main difference between them is that
Secretis handled more securely, is stored encrypted and exists in plain for a short period of time when it is being communicated to the worker. Those two resource types can be used to handle configuration in a more centralized manner. You can think of as key-value stores, where you can embed the values inside pods either as environment variables or files.
DaemonSet- is a special kind of deployment that makes sure that you have exactly one replica of a pod running on each node, at any point in time. It is used mainly for node specific utilities such as monitoring and log aggregation on a node level.
There are also two kinds of resources used for batch processing that we think need mentioning:
But they are not widely used as they tend to "pollute" the cluster with leftover resources. We still find them useful
in certain cases though, but we prefer to run our workloads using our own platform,
We hope we helped you have a better grasp of the basics of some of the most important Kubernetes concepts.
We hope you enjoyed this post and you found it useful. If you spot any error, have any suggestions or just want to get in touch, you can reach us at [email protected]
Deploy your applications in minutes
We are setting things up! Leave us an mail address to be the first to find out when we launch!
Or contact us directly at [email protected].
If you want, you can share this post via Twitter