Production Kubernetes

1. Abstract

With the intention of building a deep understanding of kubernetes in the wild, will be going for an end to end read of the book that is freely hosted by VMware (link available in the resources section in the Kubernetes node).

This is an advanced technical read. Testing out an approach described here in the reading node.

2. C1: A Path to Production

2.1. Chapter Objective

  • chart out the considerations one needs when looking to deploy with kubernetes.

2.2. Overarching Capabilities

  • workload distribution across hosts
  • declarative, customizable API for cluster interaction
  • cli access to the API via kubectl
  • pull in current state into a provided desired state
  • exposing interfaces to enable pluggable networking, storage, etc

2.3. What does kubernetes solve?

  • given the capabilities, kubernetes enables production grade container orchestration.

2.4. Core Components

2.4.1. API Server

  • interaction that allows mutating the cluster state
  • the cluster state maintenance is done via a key-value store (etcd)

2.4.2. Kubelet

  • communicates with the API server to report the status of a node and schedule the necessary workloads
  • each work node has a kubelet
  • messages are passed through an intermediate load balancer

2.4.3. Controller Manager

  • set of controllers packaged in a single binary
  • upon request for a desired state, this is responsible for mutation (CRUD) of the resources necessary for the acheiving the said state.

2.4.4. Scheduler

  • determines the optimal node (decision via filtering and scoring) where a workload should be scheduled

2.4.5. Kube Proxy

  • implements kubernetes services, providing virtual IPs routable to backend pods.
  • done by a packet filtering mechanism such iptables or ipvs.
  • each work node has a corresponding kube proxy

2.5. Beyond Orchestration

  • instead of just providing management of the pods, kubernetes also facilities internal communication via services like virtual IPs (see kube proxy).
  • most other services are implemented as plugins and not as a part of the core kubernetes components (Ingress, Network Policy, for instance)
Tags::compute:arch:book: