Professional Documents
Culture Documents
Himanshu Agrawal
Foreword by Krishna Prasad P
Kubernetes Fundamentals: A Step-by-Step Development and
Interview Guide
Himanshu Agrawal
Pune, India
Acknowledgments�����������������������������������������������������������������������������xxi
Introduction�������������������������������������������������������������������������������������xxiii
Foreword���������������������������������������������������������������������������������������� xxvii
v
Table of Contents
What Is Kubernetes?�������������������������������������������������������������������������������������21
What Is Red Hat’s OpenShift Container Platform?�����������������������������������������21
What Does Being “Cloud-Native” Mean?�������������������������������������������������������22
What Is Serverless?���������������������������������������������������������������������������������������23
Why Use Docker and Kubernetes?����������������������������������������������������������������24
Comparing Key Container Technologies��������������������������������������������������������������25
What Are the Alternatives to Docker?������������������������������������������������������������25
What Are the Alternatives to Kubernetes?�����������������������������������������������������26
How Are Kubernetes and Docker Related?����������������������������������������������������27
How Is Kubernetes Different from Docker Swarm?���������������������������������������27
How Is Kubernetes Different from Red Hat OpenShift,
Google Kubernetes Engine, and Others?�������������������������������������������������������28
Summary������������������������������������������������������������������������������������������������������������28
vi
Table of Contents
vii
Table of Contents
viii
Table of Contents
ix
Table of Contents
x
Table of Contents
xi
Table of Contents
xii
Table of Contents
xiii
Table of Contents
xiv
Table of Contents
xv
Table of Contents
Index�������������������������������������������������������������������������������������������������413
xvi
About the Author
Himanshu Agrawal is an accomplished IT
professional with more than a decade of
experience in designing and implementing
complex solutions with JEE technologies. He
is a technical reviewer for a published book on
JVM and specializes in niche technical areas
such as JVM, Multithreading, TLS, Apache,
and Kubernetes, to name a few. Himanshu
has certifications from prestigious universities
such as Harvard and MIT.
Himanshu is an Oracle Certified Java
Developer, an Oracle Certified Web Component Developer, and certified
by Google Cloud for Architecting with the Google Kubernetes Engine.
Himanshu has also worked on .NET technologies in his early career and is
a Microsoft Certified Professional.
Currently Himanshu works as an Associate Consultant with CGI,
counted among the largest IT and business consulting services firms in
the world. He is a distinguished engineer and a recognized professional
within CGI, having received many quarterly and annual awards. Himanshu
extends his technical expertise to teams primarily in the finance and
telecom domains.
Himanshu actively contributes to online technical communities
including StackOverflow.com. In his spare time, Himanshu enjoys
watching movies and reading books.
xvii
About the Technical Reviewer
Nikhil Jain is an Ansible expert with more
than a decade of DevOps experience. He has
been contributing to and using Ansible since
its inception. He currently works closely with
Ansible engineering.
He is an open-source enthusiast and is part
of the Ansible Pune meetup-organizing team.
He has presented multiple Ansible sessions
at various global and local events. In addition
to automating things using Ansible, he loves
watching sports and is a regular player on the
local cricket team.
xix
Acknowledgments
I would like to thank Apress and its editorial team for giving me the
opportunity to write this book.
A special thanks to Divya Modi, acquisition editor, for working with
me throughout the project. Without her, this book would not have seen
the light of day. Thanks to the book’s production editor, Sowmya Thodur.
Thanks also to the book’s development editor, James Markham, and the
technical reviewer, Nikhil Jain, for their feedback.
I would like to thank God for everything He has given me.
Finally, I would like to thank my parents, my sister, and my Pittar
Baavji, without whom I would not have gotten this far in my life.
xxi
Introduction
This book is a step-by-step development guide designed with an
interview-driven approach. This book will walk you through the breadth
of Kubernetes concepts required to develop, deploy, and manage
applications on Kubernetes, and as you do so, you will be getting ready for
job interviews. Each concept in the book is presented in the form of a Q&A,
with questions being framed exactly as they would be in an interview. This
book can be of great advantage if you are preparing for a job interview that
involves working with Kubernetes.
Specifically, in Chapter 1, “Welcome to The World of Containers!”
you will understand how application development and deployment have
evolved over the decades and led to containerization. We will discuss a
broad range of concepts such as virtualization, hypervisors, microservices,
and more.
In Chapter 2, “Kubernetes Deep Dive,” we will enter the world of
Kubernetes. We will start our discussion with the Kubernetes architecture
and how all its components work together to form a Kubernetes cluster.
You will also be taken through the history and evolution of Kubernetes.
In Chapter 3, “Fundamental Objects in Kubernetes Clusters,” and
Chapter 4, “Advanced Objects in Kubernetes Cluster,” you will learn about
all the important Kubernetes objects: containers, pods, deployments,
ReplicaSets, and more. We will go into detail about how to work with each
of them to maximize their potential. We will also go through Kubernetes
deployment strategies and concepts related to rollout and rollback.
In Chapter 5, “Objects Important for a Secure Kubernetes Clusters,”
you will learn about Kubernetes objects such as namespaces, jobs, etc.,
that play a pivotal role in creating a secure Kubernetes cluster. You will
xxiii
Introduction
learn how labels, label selectors, and annotations work in Kubernetes. You
will also understand Kubernetes access control mechanisms, covering
authentication, authorization, and admission control.
In Chapter 6, “Networking in Kubernetes,” and Chapter 7, “The
Kubernetes Storage System,” you will learn about two critical components
in any computing ecosystem: networking and storage. We will discuss
Kubernetes services and ingress. We will also go over the various storage
options available in Kubernetes for both normal and confidential data.
In Chapter 8, “Manage Your Kubernetes Cluster Efficiently,” you will
gain an understanding of how to manage a Kubernetes cluster using health
checks, probes, resource quotas, and resource limits. You will also learn
about taints and tolerations.
In Chapter 9, “Docker Overview and Kubernetes Best Practices,” you
will get an overview of Docker. We will also cover some best practices for
using Kubernetes and Docker together.
In Chapter 10, “kubectl: The Command-Line Tool,” you will be
introduced to the kubectl command-line tool. We will also provide a
summary of key kubectl commands.
Over the course of the book, you can expect to learn about the
following:
• How application design and deployment have evolved
over the past decades, including all the related
technologies such as virtualization, hypervisor,
distributed computing, containerization, microservices
architecture, and more
xxiv
Introduction
xxv
Foreword
The technological landscape is evolving at an unprecedented pace. Over
the last three decades, I have seen a lot of advancements and am more
excited and optimistic about technological advancements now than ever.
We are making momentous, responsible progress across the technological
spectrum, from human intelligence to machine learning and artificial
intelligence, manual tasks to automation and RPA, distributed ledgers to
blockchains, on-premise to cloud computing, and so on. They all have one
thing in common: a piece of software, an application, on top of the stack
that requires a container to run on.
Along with these technological advancements, we are also making a
significant shift in application design and deployment strategies. Moving
from a monolithic to a microservices architecture is no longer a choice
but rather a fundamental need, a strategic decision in order to maintain
a competitive edge in a world where scalability and resilience are the
foundations of customer expectations. This is where containerization
comes into play. It is expected that, eventually, all production-grade large
to medium-sized applications will be migrated to a containerized platform.
Kubernetes as the best container orchestrator is almost becoming
cliché. Kubernetes sits in the center of any greenfield or brownfield
application architecture and is changing the way applications are
developed and maintained. Container orchestrators such as Kubernetes
are also critical components of the DevOps architecture. And today we
cannot imagine a production design that is not woven with the fabric
of DevOps. This brings us to our central point: Kubernetes is quickly
becoming an indispensable technology for application development and
deployment, and it is a must-learn for anyone working in the field.
xxvii
Foreword
Krishna Prasad
Vice President Consulting Delivery, CGI
xxviii
CHAPTER 1
2
Chapter 1 Welcome to The World of Containers!
for the server’s resources. A typical solution used for this problem is to
run each application on a different physical server, but running a set of
physical servers is expensive even for big organizations.
Suppose we have four applications and a 5GB physical server (for easy
understanding, we are only considering RAM size). So, to overcome the
problem, we would deploy our application on different physical servers of
1GB each, guaranteeing a fixed set of server resources to each application.
3
Chapter 1 Welcome to The World of Containers!
This is the best and most flexible deployment model because if, at any
point in time, we think that one of our applications needs only 500MB of
server resources, then we can make this adjustment within seconds by
reconfiguring the container to use only 500MB of server resources, thereby
freeing up 500MB of server resources that can then be used somewhere
else. And these adjustments are possible because containers are very
lightweight.
What Is a Hypervisor?
A virtual machine is an emulation of a physical computer, and a hypervisor
is software that creates and runs VMs. A hypervisor virtualizes a host
system’s hardware by emulating CPU, memory, and networking resources
so that these resources can be divided and several virtual machines can be
created from them. Since the hypervisor provides hardware virtualization,
each virtual machine can have a different operating system.
Primarily, hypervisors are of two types: type-1 and type-2. Figure 1-2
shows a graphical depiction of type-1 and type-2 hypervisors.
4
Chapter 1 Welcome to The World of Containers!
5
Chapter 1 Welcome to The World of Containers!
What Is Virtualization?
Virtualization is a broad concept that means creating a virtual representation
of something. In the world of IT, virtualization is a technology that allows
us to virtualize computing resources such as servers, networks, storage,
etc. By hardware virtualization, we get virtual machines (VMs). Two core
entities in the concept of virtualization are hypervisors and virtual machines.
Hypervisors were already discussed in the previous section, and virtual
machines are nothing but byproducts of hypervisors.
• Virtualization of server
• Virtualization of storage
• Virtualization of network
• Virtualization of data
• Virtualization of desktop
6
Chapter 1 Welcome to The World of Containers!
7
Chapter 1 Welcome to The World of Containers!
master, managing all other worker nodes, while in the case of a distributed
system, there is no such master node. This master node of the centralized
system can result in a cascading failure of nodes, and since this master
node is absent in the distributed system, there is no single point of failure,
making distributed systems very resilient.
In simple words, having a distributed system or design just means
that your system is designed in such a way that there is no single point of
failure.
Cloud computing, the microservices architecture, and
containerization, in some way or another, are all practical examples of
distributed systems.
8
Chapter 1 Welcome to The World of Containers!
9
Chapter 1 Welcome to The World of Containers!
Peer-to-Peer
The peer-to-peer architecture eliminates the roles of client and server
because, in this architecture, there is no separate node that performs the
role of a server and there is no separate node that performs the role of a
client; any node can have the role of a client or a server.
The peer-to-peer architecture is the closest form of a decentralized
system. In peer-to-peer architecture, since any node can play the role of a
server or client, the scalability of peer-to-peer architecture is the highest.
Blockchain and instant messaging are the best examples of a peer-to-peer
architecture.
10
Chapter 1 Welcome to The World of Containers!
11
Chapter 1 Welcome to The World of Containers!
provider, and the client gets an environment for developing and delivering
applications. In SaaS, the client gets on-demand access to ready-to-use
applications over the Internet.
What Is Containerization?
Containerization is a form of virtualization, because they both allow for full
isolation of applications from underlying infrastructure so that they can
be operational in different types of environments. With containerization,
we can bundle all of the components of an application needed to run the
code into a single lightweight executable called a container and run it in an
isolated user space on the same shared operating system.
The idea of containerization and process isolation has been around
for a long time, but the architectural shift to microservices and the release
of the open-source Docker Engine accelerated the widespread adoption
of this idea. Another major reason for the widespread adoption of
containerization is that it makes the application totally portable. Once we
have packaged all the components of an application into a single container
image, we can run this image in any environment as long as there is a
container runtime in that environment. The way the JVM makes the Java
platform independent, similarly containerization makes applications
“write once and run anywhere.”
There are many use cases for containerization, but the most popular
ones are microservices and multicloud deployment.
12
Chapter 1 Welcome to The World of Containers!
13
Chapter 1 Welcome to The World of Containers!
14
Chapter 1 Welcome to The World of Containers!
15
Chapter 1 Welcome to The World of Containers!
16
Chapter 1 Welcome to The World of Containers!
18
Chapter 1 Welcome to The World of Containers!
19
Chapter 1 Welcome to The World of Containers!
What Is Docker?
Docker is an open-source platform that allows you to develop, run, and
ship containerized applications. Simply put, Docker is a container runtime
that enables you to package all your application code along with its
dependencies (external as well as system) into an image and then create
containers by running the image.
A container runtime is a piece of software that knows how to run a
container from a container image. Docker is one of the most popular
container runtimes. There are other popular container runtimes, such as
the following:
20
Chapter 1 Welcome to The World of Containers!
What Is Kubernetes?
Kubernetes allows you to deploy, scale, and manage containerized
applications in a regulated and automated manner. Simply put,
Kubernetes is a container orchestrator. Within the technical community,
Kubernetes is also referred to as K8s. Using container runtimes like
Docker, you can package your code, dependent libraries, and runtime into
an image and run it to create containers, but containers are transient; if
your container crashes, you will need to ensure that another container
is created automatically, so these are the kinds of things that a container
orchestrator like Kubernetes does. Kubernetes also enables you to do
resource management, group the containers to create clusters, etc.
There are many technologies and projects that are built on Kubernetes,
for example, Kubeflow. The Kubeflow project aims to simplify the overall
design, portability, and scalability of machine learning (ML) workflow
deployments on Kubernetes.
21
Another random document with
no related content on Scribd:
bleus, verts, rouges, jaunes et violets. Je m’enhardissais jusqu’à
entrer dans le chœur, où je soulevais le couvercle de l’harmonium
dont jouait le frère Théodore. Je regardais les touches blanches et
noires, les registres sur lesquels étaient écrits des noms tels que
Bourdon, Clairon, Flûte, Clarinette, Hautbois. Je n’allais pourtant
point jusqu’à souffler du pied ni appuyer du doigt sur une touche : il
me semblait que l’église se serait écroulée pour m’ensevelir sous
ses ruines si j’avais eu l’audace de profaner un instrument dont
pouvait seul s’approcher un homme de la science du frère Théodore.
J’aimais les cérémonies religieuses, non par piété, mais par une
sorte de sentiment de la poésie que je ne pourrais définir. Ces
chants d’église me plaisaient, toujours graves, qu’ils fussent tristes
ou joyeux ; parfois j’aspirais vaguement à devenir un grand
organiste, dans le genre du frère Théodore.
V