Kubernetes Components Explained
Control Plane Components
????????-??????????????????: kube-apiserver: API Management - Front-end for the control plane.
????????: Data Storage - Stores all cluster data.
????????-??????????????????: Workload Allocation - Decides where to run unscheduled Pods.
????????-????????????????????-??????????????: State Monitoring & Recovery - Ensures the actual state matches the desired state.
??????????-????????????????????-??????????????: Cloud Interaction - Manages interaction between cluster and underlying cloud provider.
Worker Node Components
??????????????: Node Management - Ensures containers are running in a Pod.
????????-??????????: Network Proxy - Maintains network rules on nodes.
?????????????????? ??????????????: Container Execution - Runs containers.
Add-on Components
?????? ????????????: (Container Network Interface): Network Management - Provides container networking.
??????????????: Service Discovery - Acts as the DNS server within the cluster.
?????????????? ????????????: Performance Monitoring - Collects and stores resource usage data.
?????? ????: (Kubernetes Dashboard): User Interface - Provides a web-based interface for managing the cluster.
Various ways to connecting to the Kubernetes Cluster :
Connecting to the Kubernetes API server can be accomplished through various methods, each catering to different use cases and scenarios. Here are some of the ways you can connect to the Kubernetes API server.
[1] Direct HTTP/HTTPS Requests: Generally used by dev & qa teams with tools like curl, where authentication is done either via token or certs. This is also a good client for automation runs.
[2] kubectl Command-Line Tool: Used by common users, auth is done via kubeconfig file. Not a good client for automation, as the request & response timing is high.
[3] Client Libraries: Most of the applications that interact with k8s use this mechanisims. All most all the majour programing languages have support for k8s clients. Best choice for k8s developers.
[4] API Server Proxy: Kubernetes includes a built-in proxy feature that can be started using the kubectl proxy command. This creates a local proxy server that forwards requests to the API server, allowing you to access the API server through your browser. I love this for my development & testing.
???????????????????? ???????????? ??????????????
We will look at Kubernetes native objects in two parts. Here is part 01.
?? ??????: Deployment Unit - Running a single-instance, e.g., Nginx web server
?? ??????????????: Networking - Exposing a set of pods to other pods within the cluster. e.g., Exposing a set of Redis server pods.
?? ????????????: Storage - Storing database files for a MySQL server running in a pod.
?? ??????????????????: Workload Isolation - Segregating apps/teams/projects in a dedicated/shared cluster. e.g., Different namespaces for apps or stages like development, testing, and production.
?? ????????????????????: Replication - Running five replicas of a web server application. e.g. Nginx server with multiple replicas for load balancing.
?? ????????????????????: Management - Uses Replicaset + Rolling out a new version of a web server application. e.g. Upgrading from Nginx version 1.19 to 1.20.
领英推荐
?? ??????????????????????: State Management - Scaling a distributed database like Cassandra. e.g. Cassandra cluster with multiple nodes.
?? ??????????????????: Node Operation - Running a log collection daemon on every node. e.g. Fluentd or Filebeat for log collection.
?? ??????: Task Execution - Processing a large compute job using several workers. e.g. A data processing job using Apache Spark.
?? ??????????????: Scheduled Tasks - Running a batch job at specific times. e.g. A nightly backup job.
?? ????????????: Sensitive Data - Storing the password for a database. e.g. MongoDB password.
?? ??????????????????: Configuration - Storing the configuration for a web server. e.g. Nginx configuration file.
?? ??????????????: External Access - Exposing a web application to the internet. e.g. A web application running on Apache.
?? ??????????????????????????: Network Rules - Defining how pods communicate with each other. e.g. Allowing traffic from a specific IP range or between namespace (or) pods with specific labels.
?? ???????????????????? ?????? ???????????????????? (??????): Scalability - Automatically scaling a web server application based on CPU usage. e.g. An auto-scaling Nginx deployment.
?? ???????????????????????????????? (????): Persistent Storage - Providing a file system for a MongoDB database pod.
?? ?????????????????????????????????????????? (??????): Storage Request - Requesting storage for a PostgreSQL database pod.
?? ????????????????????????????: Network endpoint Points - Storing IP addresses for a service. e.g., IP addresses of pods running an Nginx server.
?? ????????????????????????????: Authentication - Giving a pod the necessary permissions to interact with the Kubernetes API.
?? ????????/??????????????????????: Authorization - Granting read access to pods in a specific namespace.
???????????????????? ???????????? ??????????????
????????????: Namespace Scopped Permissions
??E.g., a developer/service account has a role that allows updates to pods in the development namespace.
??????????????????????????: Clusterwide-permissions
??E.g., a cluster administrator/service account has a ClusterRole that allows node maintenance tasks such as rebooting or upgrading nodes.
????????????????????????????: Pod Prioritization
??E.g., a payment processing Pod has a PriorityClass that ensures it gets scheduled before less critical workloads.
??????????????????????????????????????????: Availability - A PodDisruptionBudget ensures at least three are always running for a service with five replicas.
??E.g., an API service with a PodDisruptionBudget to maintain availability during voluntary disruptions.
????????????????????????: Resource Constraints
??Eg., A policy set to restrict each container in a specific namespace to a maximum of 2 CPU cores and 2GB of memory.
????????????????????????????: Usage Limits
??E.g., A ResourceQuota that limits the "dev" namespace to a maximum of 10 GB of memory and 4 vCPUs.
??????????????????????????????: Storage-provisioning?
??Eg., Configuring fast-storage volumes with SSDs for databases and slow-storage volumes with HDDs for log processing. When creating PVs, storage class has to be mentioned if required.
??????????????????????????: Contianer Runtime-specification
Eg: A Pod specification that requires a gVisor as the container runtime.
????????????????????????????????????????????????????: Extendability
??E.g., a CRD to manage a new type of resource, such as a MongoDB instance, managed by a MongoDB Operator.