Professional Documents
Culture Documents
Himanshu Agrawal
Foreword by Krishna Prasad P
Kubernetes Fundamentals: A Step-by-Step Development and
Interview Guide
Himanshu Agrawal
Pune, India
Acknowledgments�����������������������������������������������������������������������������xxi
Introduction�������������������������������������������������������������������������������������xxiii
Foreword���������������������������������������������������������������������������������������� xxvii
v
Table of Contents
What Is Kubernetes?�������������������������������������������������������������������������������������21
What Is Red Hat’s OpenShift Container Platform?�����������������������������������������21
What Does Being “Cloud-Native” Mean?�������������������������������������������������������22
What Is Serverless?���������������������������������������������������������������������������������������23
Why Use Docker and Kubernetes?����������������������������������������������������������������24
Comparing Key Container Technologies��������������������������������������������������������������25
What Are the Alternatives to Docker?������������������������������������������������������������25
What Are the Alternatives to Kubernetes?�����������������������������������������������������26
How Are Kubernetes and Docker Related?����������������������������������������������������27
How Is Kubernetes Different from Docker Swarm?���������������������������������������27
How Is Kubernetes Different from Red Hat OpenShift,
Google Kubernetes Engine, and Others?�������������������������������������������������������28
Summary������������������������������������������������������������������������������������������������������������28
vi
Table of Contents
vii
Table of Contents
viii
Table of Contents
ix
Table of Contents
x
Table of Contents
xi
Table of Contents
xii
Table of Contents
xiii
Table of Contents
xiv
Table of Contents
xv
Table of Contents
Index�������������������������������������������������������������������������������������������������413
xvi
About the Author
Himanshu Agrawal is an accomplished IT
professional with more than a decade of
experience in designing and implementing
complex solutions with JEE technologies. He
is a technical reviewer for a published book on
JVM and specializes in niche technical areas
such as JVM, Multithreading, TLS, Apache,
and Kubernetes, to name a few. Himanshu
has certifications from prestigious universities
such as Harvard and MIT.
Himanshu is an Oracle Certified Java
Developer, an Oracle Certified Web Component Developer, and certified
by Google Cloud for Architecting with the Google Kubernetes Engine.
Himanshu has also worked on .NET technologies in his early career and is
a Microsoft Certified Professional.
Currently Himanshu works as an Associate Consultant with CGI,
counted among the largest IT and business consulting services firms in
the world. He is a distinguished engineer and a recognized professional
within CGI, having received many quarterly and annual awards. Himanshu
extends his technical expertise to teams primarily in the finance and
telecom domains.
Himanshu actively contributes to online technical communities
including StackOverflow.com. In his spare time, Himanshu enjoys
watching movies and reading books.
xvii
About the Technical Reviewer
Nikhil Jain is an Ansible expert with more
than a decade of DevOps experience. He has
been contributing to and using Ansible since
its inception. He currently works closely with
Ansible engineering.
He is an open-source enthusiast and is part
of the Ansible Pune meetup-organizing team.
He has presented multiple Ansible sessions
at various global and local events. In addition
to automating things using Ansible, he loves
watching sports and is a regular player on the
local cricket team.
xix
Acknowledgments
I would like to thank Apress and its editorial team for giving me the
opportunity to write this book.
A special thanks to Divya Modi, acquisition editor, for working with
me throughout the project. Without her, this book would not have seen
the light of day. Thanks to the book’s production editor, Sowmya Thodur.
Thanks also to the book’s development editor, James Markham, and the
technical reviewer, Nikhil Jain, for their feedback.
I would like to thank God for everything He has given me.
Finally, I would like to thank my parents, my sister, and my Pittar
Baavji, without whom I would not have gotten this far in my life.
xxi
Introduction
This book is a step-by-step development guide designed with an
interview-driven approach. This book will walk you through the breadth
of Kubernetes concepts required to develop, deploy, and manage
applications on Kubernetes, and as you do so, you will be getting ready for
job interviews. Each concept in the book is presented in the form of a Q&A,
with questions being framed exactly as they would be in an interview. This
book can be of great advantage if you are preparing for a job interview that
involves working with Kubernetes.
Specifically, in Chapter 1, “Welcome to The World of Containers!”
you will understand how application development and deployment have
evolved over the decades and led to containerization. We will discuss a
broad range of concepts such as virtualization, hypervisors, microservices,
and more.
In Chapter 2, “Kubernetes Deep Dive,” we will enter the world of
Kubernetes. We will start our discussion with the Kubernetes architecture
and how all its components work together to form a Kubernetes cluster.
You will also be taken through the history and evolution of Kubernetes.
In Chapter 3, “Fundamental Objects in Kubernetes Clusters,” and
Chapter 4, “Advanced Objects in Kubernetes Cluster,” you will learn about
all the important Kubernetes objects: containers, pods, deployments,
ReplicaSets, and more. We will go into detail about how to work with each
of them to maximize their potential. We will also go through Kubernetes
deployment strategies and concepts related to rollout and rollback.
In Chapter 5, “Objects Important for a Secure Kubernetes Clusters,”
you will learn about Kubernetes objects such as namespaces, jobs, etc.,
that play a pivotal role in creating a secure Kubernetes cluster. You will
xxiii
Introduction
learn how labels, label selectors, and annotations work in Kubernetes. You
will also understand Kubernetes access control mechanisms, covering
authentication, authorization, and admission control.
In Chapter 6, “Networking in Kubernetes,” and Chapter 7, “The
Kubernetes Storage System,” you will learn about two critical components
in any computing ecosystem: networking and storage. We will discuss
Kubernetes services and ingress. We will also go over the various storage
options available in Kubernetes for both normal and confidential data.
In Chapter 8, “Manage Your Kubernetes Cluster Efficiently,” you will
gain an understanding of how to manage a Kubernetes cluster using health
checks, probes, resource quotas, and resource limits. You will also learn
about taints and tolerations.
In Chapter 9, “Docker Overview and Kubernetes Best Practices,” you
will get an overview of Docker. We will also cover some best practices for
using Kubernetes and Docker together.
In Chapter 10, “kubectl: The Command-Line Tool,” you will be
introduced to the kubectl command-line tool. We will also provide a
summary of key kubectl commands.
Over the course of the book, you can expect to learn about the
following:
• How application design and deployment have evolved
over the past decades, including all the related
technologies such as virtualization, hypervisor,
distributed computing, containerization, microservices
architecture, and more
xxiv
Introduction
xxv
Foreword
The technological landscape is evolving at an unprecedented pace. Over
the last three decades, I have seen a lot of advancements and am more
excited and optimistic about technological advancements now than ever.
We are making momentous, responsible progress across the technological
spectrum, from human intelligence to machine learning and artificial
intelligence, manual tasks to automation and RPA, distributed ledgers to
blockchains, on-premise to cloud computing, and so on. They all have one
thing in common: a piece of software, an application, on top of the stack
that requires a container to run on.
Along with these technological advancements, we are also making a
significant shift in application design and deployment strategies. Moving
from a monolithic to a microservices architecture is no longer a choice
but rather a fundamental need, a strategic decision in order to maintain
a competitive edge in a world where scalability and resilience are the
foundations of customer expectations. This is where containerization
comes into play. It is expected that, eventually, all production-grade large
to medium-sized applications will be migrated to a containerized platform.
Kubernetes as the best container orchestrator is almost becoming
cliché. Kubernetes sits in the center of any greenfield or brownfield
application architecture and is changing the way applications are
developed and maintained. Container orchestrators such as Kubernetes
are also critical components of the DevOps architecture. And today we
cannot imagine a production design that is not woven with the fabric
of DevOps. This brings us to our central point: Kubernetes is quickly
becoming an indispensable technology for application development and
deployment, and it is a must-learn for anyone working in the field.
xxvii
Foreword
Krishna Prasad
Vice President Consulting Delivery, CGI
xxviii
CHAPTER 1
2
Chapter 1 Welcome to The World of Containers!
for the server’s resources. A typical solution used for this problem is to
run each application on a different physical server, but running a set of
physical servers is expensive even for big organizations.
Suppose we have four applications and a 5GB physical server (for easy
understanding, we are only considering RAM size). So, to overcome the
problem, we would deploy our application on different physical servers of
1GB each, guaranteeing a fixed set of server resources to each application.
3
Chapter 1 Welcome to The World of Containers!
This is the best and most flexible deployment model because if, at any
point in time, we think that one of our applications needs only 500MB of
server resources, then we can make this adjustment within seconds by
reconfiguring the container to use only 500MB of server resources, thereby
freeing up 500MB of server resources that can then be used somewhere
else. And these adjustments are possible because containers are very
lightweight.
What Is a Hypervisor?
A virtual machine is an emulation of a physical computer, and a hypervisor
is software that creates and runs VMs. A hypervisor virtualizes a host
system’s hardware by emulating CPU, memory, and networking resources
so that these resources can be divided and several virtual machines can be
created from them. Since the hypervisor provides hardware virtualization,
each virtual machine can have a different operating system.
Primarily, hypervisors are of two types: type-1 and type-2. Figure 1-2
shows a graphical depiction of type-1 and type-2 hypervisors.
4
Chapter 1 Welcome to The World of Containers!
5
Chapter 1 Welcome to The World of Containers!
What Is Virtualization?
Virtualization is a broad concept that means creating a virtual representation
of something. In the world of IT, virtualization is a technology that allows
us to virtualize computing resources such as servers, networks, storage,
etc. By hardware virtualization, we get virtual machines (VMs). Two core
entities in the concept of virtualization are hypervisors and virtual machines.
Hypervisors were already discussed in the previous section, and virtual
machines are nothing but byproducts of hypervisors.
• Virtualization of server
• Virtualization of storage
• Virtualization of network
• Virtualization of data
• Virtualization of desktop
6
Chapter 1 Welcome to The World of Containers!
7
Chapter 1 Welcome to The World of Containers!
master, managing all other worker nodes, while in the case of a distributed
system, there is no such master node. This master node of the centralized
system can result in a cascading failure of nodes, and since this master
node is absent in the distributed system, there is no single point of failure,
making distributed systems very resilient.
In simple words, having a distributed system or design just means
that your system is designed in such a way that there is no single point of
failure.
Cloud computing, the microservices architecture, and
containerization, in some way or another, are all practical examples of
distributed systems.
8
Chapter 1 Welcome to The World of Containers!
9
Chapter 1 Welcome to The World of Containers!
Peer-to-Peer
The peer-to-peer architecture eliminates the roles of client and server
because, in this architecture, there is no separate node that performs the
role of a server and there is no separate node that performs the role of a
client; any node can have the role of a client or a server.
The peer-to-peer architecture is the closest form of a decentralized
system. In peer-to-peer architecture, since any node can play the role of a
server or client, the scalability of peer-to-peer architecture is the highest.
Blockchain and instant messaging are the best examples of a peer-to-peer
architecture.
10
Chapter 1 Welcome to The World of Containers!
11
Chapter 1 Welcome to The World of Containers!
provider, and the client gets an environment for developing and delivering
applications. In SaaS, the client gets on-demand access to ready-to-use
applications over the Internet.
What Is Containerization?
Containerization is a form of virtualization, because they both allow for full
isolation of applications from underlying infrastructure so that they can
be operational in different types of environments. With containerization,
we can bundle all of the components of an application needed to run the
code into a single lightweight executable called a container and run it in an
isolated user space on the same shared operating system.
The idea of containerization and process isolation has been around
for a long time, but the architectural shift to microservices and the release
of the open-source Docker Engine accelerated the widespread adoption
of this idea. Another major reason for the widespread adoption of
containerization is that it makes the application totally portable. Once we
have packaged all the components of an application into a single container
image, we can run this image in any environment as long as there is a
container runtime in that environment. The way the JVM makes the Java
platform independent, similarly containerization makes applications
“write once and run anywhere.”
There are many use cases for containerization, but the most popular
ones are microservices and multicloud deployment.
12
Chapter 1 Welcome to The World of Containers!
13
Chapter 1 Welcome to The World of Containers!
14
Chapter 1 Welcome to The World of Containers!
15
Chapter 1 Welcome to The World of Containers!
16
Chapter 1 Welcome to The World of Containers!
18
Chapter 1 Welcome to The World of Containers!
19
Chapter 1 Welcome to The World of Containers!
What Is Docker?
Docker is an open-source platform that allows you to develop, run, and
ship containerized applications. Simply put, Docker is a container runtime
that enables you to package all your application code along with its
dependencies (external as well as system) into an image and then create
containers by running the image.
A container runtime is a piece of software that knows how to run a
container from a container image. Docker is one of the most popular
container runtimes. There are other popular container runtimes, such as
the following:
20
Chapter 1 Welcome to The World of Containers!
What Is Kubernetes?
Kubernetes allows you to deploy, scale, and manage containerized
applications in a regulated and automated manner. Simply put,
Kubernetes is a container orchestrator. Within the technical community,
Kubernetes is also referred to as K8s. Using container runtimes like
Docker, you can package your code, dependent libraries, and runtime into
an image and run it to create containers, but containers are transient; if
your container crashes, you will need to ensure that another container
is created automatically, so these are the kinds of things that a container
orchestrator like Kubernetes does. Kubernetes also enables you to do
resource management, group the containers to create clusters, etc.
There are many technologies and projects that are built on Kubernetes,
for example, Kubeflow. The Kubeflow project aims to simplify the overall
design, portability, and scalability of machine learning (ML) workflow
deployments on Kubernetes.
21
Another random document with
no related content on Scribd:
This section includes the Spider-crabs and related genera, in which
the carapace is triangular, with the apex in front formed by a
sharply-pointed rostrum. There are two chief series, the one
comprising the Spider-crabs, with much elongated walking legs, e.g.
the huge Maia squinado of European seas, the yet more enormous
Macrocheira kämpferi from Japan, supposed to be the largest
Crustacean in existence, and sometimes spanning from outstretched
chela to chela as much as eleven feet, and the smaller forms, such as
Inachus, Hyas, and Stenorhynchus, which are so common in
moderate depths off the English coasts. The other series is
represented by genera like Lambrus (Fig. 133), in which the legs are
not much elongated, but the chelipedes are enormous.
The Spider-crabs do not burrow, and their respiratory mechanism
is simple; but since they are forms that clamber about among weeds,
etc., upon the sea-bottom, they often show remarkable protective
resemblances to their surroundings, which are not found in the
burrowing Cyclometopa. Alcock[156] gives a good account and figure
of Parthenope investigatoris, one of the short-legged Oxyrhyncha,
the whole of whose dorsal surface is wonderfully sculptured to
resemble a piece of the old corroded coral among which it lives.
But besides this, the long-legged forms, such as Inachus, Hyas,
etc., have the habit of planting out Zoophytes, Sponges, and Algae
upon their spiny carapaces, so that they literally become part and
parcel of the organic surroundings among which they live. It may,
perhaps, be wondered what are the enemies which these armoured
Crustacea fear. Predaceous fish, such as the Cod, devour large
quantities of Crabs, which are often found in their stomachs; and
Octopuses of all sorts live specially upon Crabs, which they first of all
paralyse by injecting them with the secretion of poison-glands
situated in their mouth. The poison has been recently found by Dr.
Martin Henze at Naples to be an alkaloid, minute quantities of
which, when injected into a Crab, completely paralyse it. When the
Crab is rendered helpless the Octopus cuts out a hole in the carapace
with its beak, and sucks all the internal organs, and then leaves the
empty shell.
Many of the Oxyrhyncha are found in the abysses; among them are
Encephaloides armstrongi (Fig. 132), dredged by Alcock from below
the 100–fathom line in the Indian Ocean, which has the gill-
chambers (G) greatly swollen and enlarged to make up for the
scarcity of oxygen in these deep regions.
Fam. 1. Maiidae.—The
chelipedes are not much larger
than the other legs, but are very
mobile. Orbits incomplete. A very
large family, including all the true
Spider-crabs, very common in the
Atlantic and Mediterranean
littoral. Inachus, Pisa, Hyas,
Stenorhynchus, Maia,
Encephaloides (Fig. 132).
Fam. 2. Parthenopidae.—
The chelipedes are much larger
than the other legs. Orbits
complete. Lambrus (Fig. 133),
Parthenope.
Fig. 132.—Encephaloides armstrongi, Fam. 3.
× 1. The long walking legs are omitted. Hymenosomatidae. The
C, Great chela; G, one of the greatly carapace is thin and flat; the
swollen gill-chambers. (After Alcock.) chelipedes are neither very long
Tribe 5. Catometopa.
These Crabs resemble the Cyclometopa in general appearance, but
the carapace is very square in outline, and its margins are never so
well provided with spines as in the Cyclometopa. The position of the
male genital openings is peculiar, since they lie upon the sternum,
and are connected with the copulatory appendages upon the
abdomen by means of furrows excavated in the sternum. The
Catometopa are either littoral or shallow water forms, or else they
live entirely on land. The Grapsidae are marine Crabs, Pachygrapsus
marmoratus (Fig. 134) at Naples being exceedingly common on
rocks at high-water mark, over which it scuttles at a great rate; in the
Mediterranean it takes the place of our common Garcinus maenas,
which is not found there.
Among the land genera are
Ocypoda, Gelasimus, and
Gecarcinus of tropical lagoons
and coastal swamps. Ocypoda
often occurs in vast crowds in
these regions, and digs burrows
in the sand.
Gelasimus (Fig. 135) is
remarkable for the enormous size
of one of the chelipedes, generally
Fig. 134.—Dorsal view of Pachygrapsus
the right, in the male, which may
marmoratus, × ⅓. (From an original actually exceed in size the rest of
drawing prepared for Professor the body. It is not known what
Weldon.) purpose this organ serves in the
various species. In Gelasimus it is
supposed that the male stops up
the mouth of the burrow with it when he and the female are safely
inside. It is also used as a weapon in sexual combats with other
males; but Alcock, from observations made in the Indian Ocean,
believes that the males use it for exciting the admiration of the
females in courtship, as the huge chela is bright red in colour, and
the males brandish it about before the females as if displaying its
florid beauty.
The species of Ocypoda are exclusively terrestrial, and cannot live
for a day in water. The gills have entirely disappeared, and the
branchial chambers are converted into air-breathing lungs with
highly vascular walls, the
entrances into which are situated
as round holes between the bases
of the third and fourth pairs of
walking legs. As their name
implies, they can run with
astonishing rapidity, and they
seem to be always on the alert,
directing their eyes, which are
placed on exceedingly long stalks,
in all directions.
Some of the Grapsidae, e.g.
Aratus pisonii, are partially
adapted for life on land. Fritz
Müller, in his Facts for Darwin,
alludes to this creature as “a
charming lively crab which
ascends mangrove bushes and
gnaws their leaves.” The carapace
can be elevated and depressed
posteriorly, apparently by means
of a membranous sac, which can
be inflated by the body-fluids.
This Crab retains its gills and can
breathe under water in the
ordinary way.
A great many other
Catometopa are land-crabs; but
we may specially mention the
genus Gecarcinus, related to the Fig. 135.—Gelasimus annulipes, × 1. A,
marine Grapsidae, which has Female; B, male. (After Alcock.)
representatives in the West Indies
and West Africa. The Crabs of this genus may live in sheltered
situations several miles from the sea, but in spring the whole adult
population rushes down in immense troops to the shore, where
breeding and spawning take place; and when this is completed they
migrate back again to the land. The young pass through the normal
larval stages in the sea and then migrate inland.[157]
Fam. 1. Carcinoplacidae.—The carapace is rounded and
broader than long, usually with toothed front margin. The orbits and
eyes are normal, and not much enlarged. Geryon, in the deep littoral
of the northern hemisphere. Euryplax, Panoplax, etc., in the
American coastal waters. Typhlocarcinus, etc., in the Indo-Pacific.
Fam. 2. Gonoplacidae.—The carapace is square, with the
antero-lateral corners produced into spines. The orbits are
transversely widened, and the eye-stalks long. Gonoplax, widely
distributed in the littoral zone. G. rhomboides in British and
European seas.
Fam. 3. Pinnotheridae.—Carapace round, with indistinct
frontal margin. Orbits and eyes very small, often rudimentary. The
members of this family live symbiotically or parasitically in the shells
of living Bivalve Molluscs, corals, and wormtubes in all seas except
the Arctic. Pinnotheres pisum is fairly commonly met with off the
English coasts in the mantle-cavity of Cardium norwegicum.
Fam. 4. Grapsidae.[158]—Carapace square, the lateral margins
either strictly parallel or slightly arched. The orbits and eyes are
moderately large, but the eye-stalks are not much lengthened.
Littoral, fresh-water, and land. Pachygrapsus marmoratus (Fig.
134), the common shore-crab of the Mediterranean. Sesarma, with
fresh-water and land representatives in the tropics of both
hemispheres. Cyclograpsus, marine in the tropical littoral.
Fam. 5. Gecarcinidae.—Carapace square, but much swollen in
the branchial region. Orbits and eyes moderately large. Typically
land forms, which only occasionally visit the sea or fresh water.
Cardisoma is a completely circumtropical genus, with species in
tropical America, West and East Africa, and throughout the Indo-
Pacific. Gecarcinus in West Indies and West Africa.
Fam. 6. Ocypodidae.—Carapace square or rounded, generally
without teeth on the lateral margins. The orbits transversely
lengthened, eye-stalks usually very long. The members of this family
generally inhabit the mud-flats and sands of tropical coasts; in the
southern hemisphere they extend far into the temperate regions.
Macrophthalmus, with numerous species, in Indo-Pacific.
Gelasimus (Fig. 135), in the tropics of both hemispheres. Ocypoda,
with similar distribution.
CHAPTER VII
REMARKS ON THE DISTRIBUTION OF
MARINE AND FRESH-WATER CRUSTACEA
A. Marine.
B. Fresh-Water.[164]