KUBERNETES Murtaza Abbas

“Docker is a set of platform as a service products that use OS-level

virtualization to deliver software in packages called containers”

Purpose:
Its primary focus is to automate the deployment of applications inside
software containers and the automation of operating system level
virtualization on Linux. It's more lightweight than standard Containers
and boots up in seconds. A Docker image contains application code,
libraries, tools, dependencies and other files needed to make an
application run. When a user runs an image
 KUBERNETES

“Kubernetes is a container orchestration system for automating

software deployment, scaling, and management”

History:
Kubernetes is an open-source container orchestration platform that was
first developed by Google in 2014. It was initially created as a result of
the company's experience with managing large-scale containerized
workloads, and it was built on top of the lessons learned from Google's
internal container orchestration system called Borg
 COMPONENTS
• Etcd
• API Server (Kubectl)
• Controller Manager
• Scheduler
• Kubelet
• Container Runtime
• CNI
• Ingress
• Storage
 ETCD

etcd is a distributed key-value store that is used by

Kubernetes to store and retrieve configuration data. It
provides a reliable, highly available way to store critical
information about the state of the Kubernetes cluster
 API SERVER

The API server is the central component of the Kubernetes

control plane. It provides a RESTful API that allows users
and other components to interact with the cluster. It receives
and processes requests from clients, validates them, and
then sends them to the appropriate component for
execution.
 CONTROLLER MANAGER

The Controller Manager is responsible for running the

controllers that manage the state of the cluster. Controllers
are responsible for ensuring that the desired state of the
cluster matches the actual state of the components in the
cluster.
 SCHEDULER

The Scheduler is responsible for scheduling containers onto

nodes in the cluster. It takes into account various factors
such as resource availability, affinity, and anti-affinity when
deciding where to place a container.
THE CONTAINER
NETWORKING INTERFACE
(CNI)
It is a plugin-based networking system that allows
Kubernetes to provide networking capabilities to containers
running on each node in the cluster.

CNI VS Kube Proxy

CNI is used to configure pods and services with an IP, this IP is
then stored in the IP table at the kube-proxy. Routing is hence
handled by the kube-proxy
 STORAGE

Kubernetes provides a variety of storage options for

persistent data, including local storage, network-attached
storage (NAS), and block storage. The storage system is
designed to be pluggable, so that users can choose the best
storage solution for their needs
 INGRESS CONTROLLER

The Ingress Controller is responsible for routing traffic from

outside the cluster to the appropriate service within the
cluster. It works with the API server and the Kubernetes
networking system to provide load balancing and routing
functionality. Its also contains the routing rules for the
services
 INGRESS CONTROLLER

Ingress exposes HTTP and HTTPS routes from outside the cluster
to services within the cluster. Traffic routing is controlled by rules
defined on the Ingress resource
https://
github.com/kubernetes/ingress-nginx/blob/main/docs/exam
ples/rewrite/README.md
 RESOURCE OBJECT IN
KUBERNETES
1. Deployment
The Deployment Controller changes the actual state to the
desired state at a controlled rate. You can define Deployments
to create new ReplicaSets, or to remove existing Deployments
and adopt all their resources with new Deployments
2. ReplicaSet
A replica set contains several data bearing nodes and
optionally one arbiter node. Of the data bearing nodes, one and
only one member is deemed the primary node, while the other
nodes are deemed secondary nodes
3. Pod
Pods are simply the smallest unit of execution in
Kubernetes, consisting of one or more containers
K8S DEPLOYMENT IN ACTION
 PROBE
S
Its a mechanism provided by Kubernetes which helps determine
if applications running within containers are operational. There
are commonly three types of probes:

1. Liveness
2. Readiness
3. Startup
 PROBE
S
Its a mechanism provided by Kubernetes which helps determine
if applications running within containers are operational. There
are commonly three types of probes:

1. Liveness
2. Readiness
3. Startup
Liveness
 SERVICE

The Service API, part of Kubernetes, is an abstraction to help you

expose groups of Pods over a network. Each Service object
defines a logical set of endpoints (usually these endpoints are
Pods) along with a policy about how to make those pods
accessible.

Services provide discovery and routing between pods

K8S SERVICE IN ACTION
HOW KUBERNETES
APPLICATION SERVE THE
USER REQUEST!
 SECRET
A Secret object stores sensitive data such as credentials used by Pods to
access services. For example, you might need a Secret to store the
username and password needed to access a database.

You can create the Secret by passing the raw data in the command, or
by storing the credentials in files that you pass in the command

You can either create secret directly from command line or By

using the yaml file

“kubectl create secret generic db-user-pass \

--from-literal=username=admin \
--from-literal=password='S!B\*d$zDsb=‘”
SECRET

kubectl exec -i -t secret-test-pod

-- /bin/bash

ls /etc/secret-volume

Output: password username

K8’S STRATEGIES

There are three common types of strategies:

1. Rolling Update Deployment

2. Blue/Green Deployment
3. Canary Deployment
ROLLING UPDATE
DEPLOYMENT
The rolling update uses a readiness probe to check if a new pod is ready, before
starting to scale down pods with the old version. If there is a problem, you can
stop an update and roll it back, without stopping the entire cluster.

To perform a rolling update, simply update the image of your pods using
kubectl set image. This will automatically trigger a rolling update.

MaxSurge specifies the maximum number of pods the Deployment is allowed

to create at one time. You can specify this as a whole number (e.g. 5), or as a
percentage of the total required number of pods (e.g. 10%, always rounded up
to the next whole number). If you do not set MaxSurge, the implicit, default
value is 25%.

MaxUnavailable specifies the maximum number of pods that are allowed to be

unavailable during the rollout. Like MaxSurge, you can define it as an absolute
ROLLING UPDATE
DEPLOYMENT
ROLLING UPDATE
DEPLOYMENT
Blue/Green Deployment

A blue/green deployment is a change management strategy for

releasing software code. Blue/green deployments, which may also
be referred to as A/B deployments require two identical hardware
environments that are configured exactly the same way. While
one environment is active and serving end users, the other
environment remains idle.
Blue/Green Deployment
Blue/Green Deployment
First prepared infrastructure then change the routing in service load balancer
CANARY DEPLOYMENT

They are a way to release updates to a shifting percentage of the

total user base. What’s alluring about that is that when new code
isn’t really ready to reach production, due to undetected bugs
during the testing phase, performance issues, or other factors, it’ll
only affect a small percentage of the users before being detected
and rolled back
CANARY DEPLOYMENT
CANARY DEPLOYMENT
K8’S WEB ADMIN
CONSOLE
• There are multiple third party web admin console available
(Licensed and Open source both). Following are the most
famous K8’s Admin consoles:
• Octant
• Kubernetes Dashboard
• Lens
• Promethes (Monitering and Metrics tool)
K8’S ON CLOUD/LOCAL
INFRASTRUCTURE
• EKS (Elastic Kubernetes service)
• AKS (Azure Kubernetes Service)
• GKE (Google Kubernetes Engine)
• Openshift (Redhat)
• Legacy Way (Manual create Kubernetes cluster)
WHAT'S LEFT TO
DISCUSS!
• ConfigMap
• Load Balancer Service
• job
• volumeattachments
• Etcd
• Complex Networking/Routing
• CI/CD
• Kubernetes Commands
(https://kubernetes.io/docs/reference/kubectl/cheatsheet/)
 K8’S PRO’S
1. Scalability
Kubernetes is designed to be highly scalable, and can easily
manage large-scale container deployments across multiple nodes
2. Portability
Kubernetes supports multiple cloud providers and on-premises
data centers, making it a highly portable platform
3. Resilience
Kubernetes provides many features for ensuring high
availability and resiliency, such as automatic failover, self-healing, and
rolling updates
4. Flexibility
Kubernetes provides a wide range of configuration options and
integrations, making it highly flexible and customizable
5. Community
Kubernetes has a large and active community of developers and
users who contribute to its ongoing development and support
 K8’S CON’S
1. Complexity
Kubernetes is a highly complex system, and can be
challenging to set up and configure for beginners
2. Learning curve
Due to its complexity, there is a steep learning curve for
getting started with Kubernetes, and it may require a significant
investment in time and resources to become proficient
3. Additional infrastructure
Kubernetes requires additional infrastructure and
resources to run, which can add to the overall cost of deploying
containerized applications
4. Maintenance
Like any complex system, Kubernetes requires ongoing
maintenance and updates to ensure it remains secure and stable
LEARN K8’S
https://kubernetes.io/
Udemy
Pluralsight
Youtube
Google

Install “minikube” OR “Docker Desktop” and start playing with

kubernetes on your local machine
K8’S CONCLUSION
Overall, Kubernetes provides many benefits for deploying and
managing containerized applications, but it may not be the best
choice for every use case. Organizations considering using
Kubernetes should carefully evaluate its pros and cons and
consider factors such as their available resources, expertise, and
application requirements before making a decision.