Skip to main content

Kubernetes-Update

 



                                                https://kubernetes.io/


Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.

It groups containers that make up an application into logical units for easy management and discovery. Kubernetes builds upon 15 years of experience of running production workloads at Google, combined with best-of-breed ideas and practices from the community.

Latest Verion:- 1.19


Deployment evolution

Kubernetes Objects

Kubernetes defines a set of building blocks ("primitives"), which collectively provide mechanisms that deploy, maintain, and scale applications based on CPU, memory or custom metrics. Kubernetes is loosely coupled and extensible to meet different workloads. This extensibility is provided in large part by the Kubernetes API, which is used by internal components as well as extensions and containers that run on Kubernetes. The platform exerts its control over compute and storage resources by defining resources as Objects, which can then be managed as such. 

The key objects are:

Pods

A pod is a higher level of abstraction grouping containerized components. A pod consists of one or more containers that are guaranteed to be co-located on the host machine and can share resources. The basic scheduling unit in Kubernetes is a pod.

Each pod in Kubernetes is assigned a unique Pod IP address within the cluster, which allows applications to use ports without the risk of conflict.Within the pod, all containers can reference each other on localhost, but a container within one pod has no way of directly addressing another container within another pod; for that, it has to use the Pod IP Address. An application developer should never use the Pod IP Address though, to reference / invoke a capability in another pod, as Pod IP addresses are ephemeral - the specific pod that they are referencing may be assigned to another Pod IP address on restart. Instead, they should use a reference to a Service, which holds a reference to the target pod at the specific Pod IP Address.

A pod can define a volume, such as a local disk directory or a network disk, and expose it to the containers in the pod. Pods can be managed manually through the Kubernetes API, or their management can be delegated to a controller. Such volumes are also the basis for the Kubernetes features of ConfigMaps (to provide access to configuration through the filesystem visible to the container) and Secrets (to provide access to credentials needed to access remote resources securely, by providing those credentials on the filesystem visible only to authorized containers).

Replica Sets

A ReplicaSet’s purpose is to maintain a stable set of replica Pods running at any given time. As such, it is often used to guarantee the availability of a specified number of identical Pods.

They (Replica Sets) can also be said to be a grouping mechanism that lets Kubernetes maintain the number of instances that have been declared for a given pod. The definition of a Replica Set uses a selector, whose evaluation will result in identifying all pods that are associated with it

Services

Simplified view showing how Services interact with Pod networking in a Kubernetes cluster

A Kubernetes service is a set of pods that work together, such as one tier of a multi-tier application. The set of pods that constitute a service are defined by a label selector. Kubernetes provides two modes of service discovery, using environmental variables or using Kubernetes DNS. Service discovery assigns a stable IP address and DNS name to the service, and load balances traffic in a round-robin manner to network connections of that IP address among the pods matching the selector (even as failures cause the pods to move from machine to machine). By default a service is exposed inside a cluster (e.g., back end pods might be grouped into a service, with requests from the front-end pods load-balanced among them), but a service can also be exposed outside a cluster (e.g., for clients to reach front-end pods).

Volumes

Filesystems in the Kubernetes container provide ephemeral storage, by default. This means that a restart of the pod will wipe out any data on such containers, and therefore, this form of storage is quite limiting in anything but trivial applications. A Kubernetes Volume provides persistent storage that exists for the lifetime of the pod itself. This storage can also be used as shared disk space for containers within the pod. Volumes are mounted at specific mount points within the container, which are defined by the pod configuration, and cannot mount onto other volumes or link to other volumes. The same volume can be mounted at different points in the filesystem tree by different containers.

Deployments

Deployments are a higher level management mechanism for replica sets. While the Replication Controller manages the scale of the Replica Set, Deployments will manage what happens to the Replica Set - whether an update has to be rolled out, or rolled back, etc. When deployments are scaled up or down, this results in the declaration of the Replica Set changing - and this change in declared state is managed by the Replication Controller.

 

Kubernetes Componenets:-

Etcd

Etcd is a distributed, consistent key-value store used for configuration management, service discovery, and coordinating distributed work.

When it comes to Kubernetes, etcd reliably stores the configuration data of the Kubernetes cluster, representing the state of the cluster (what nodes exist in the cluster, what pods should be running, which nodes they are running on, and a whole lot more) at any given point of time.

API Server

When you interact with your Kubernetes cluster using the kubectl command-line interface, you are actually communicating with the master API Server component.

The API Server is the main management point of the entire cluster. In short, it processes REST operations, validates them, and updates the corresponding objects in etcd. The API Server serves up the Kubernetes API and is intended to be a relatively simple server, with most business logic implemented in separate components or in plugins.

Controller Manager

The Kubernetes Controller Manager is a daemon that embeds the core control loops (also known as “controllers”) shipped with Kubernetes. Basically, a controller watches the state of the cluster through the API Server watch feature and, when it gets notified, it makes the necessary changes attempting to move the current state towards the desired state. Some examples of controllers that ship with Kubernetes include the Replication Controller, Endpoints Controller, and Namespace Controller.

Besides, the Controller Manager performs lifecycle functions such as namespace creation and lifecycle, event garbage collection, terminated-pod garbage collection, cascading-deletion garbage collection, node garbage collection, etc.

Scheduler

The Scheduler watches for unscheduled pods and binds them to nodes via the /binding pod subresource API, according to the availability of the requested resources, quality of service requirements, affinity and anti-affinity specifications, and other constraints. Once the pod has a node assigned, the regular behavior of the Kubelet is triggered and the pod and its containers are created (see the pod creation flow on API Server section: steps 4 to 11).

Competitors:

  • Docker Swarm
  • Azure Kubernetes Service (AKS)
  • Red Hat Open Shift Container Platform
  • Google Kubernetes Engine (GKE)
  • Amazon Elastic Kubernetes Service (EKS)

 Please Follow below for Kubernetes Cluster Installation Steps

 https://gitlab.com/Azam-devops/kubernetes

Commands:-
To check all nodes
kubectl get nodes


To check details of the Nodes 

kubectl describe nodes

To check more information about nodes
kubectl get nodes -o wide

To check no. of pods created 

kubectl get pods

To check details of the pod
kubectl describe pods

To check more information about pods
kubectl get pods -o wide

To check replicatset 

kubectl get replicaset

To check details of replicaset
kubectl describe replicaset

To check more details about replicaset
kubectl get replicaset -o wide

To create a pod with yaml file
kubectl create -f pod-definition.yml

To create replicaset with yaml file
kubectl create -f replicaset-definition.yml

To create deployment with yaml file 

kubectl create -f  deployment-definition.yml  


To create deployment with --record to track change cause

kubectl create -f  deployment-definition.yml --record


To list all deployments 

kubectl get deployments

To check details about deployments
kubectl describe deployment 

To check more details about deployments
kubectl get deployments -o wide

To check all objects & its properties in K8a Cluster
kubectl get all


How to create a namespace in Kubernetes

https://kubernetes.io/docs/tasks/administer-cluster/namespaces/

 

How to add a secret in Kubernetes

https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/


RollBack & Update:

** Update the deployment.yml file & run again

Update the deployment:-
(Use --record flag at the end of the command to record the change cause)

kubectl apply -f deployment-definition.yml --record

kubectl rollout status deployment/name_of_your_deployment

kubectl rollout history deployment/name_of_your_deployment

StrategyType:           RollingUpdate/Recreate

How to update a particular image version in a deployment file:-

Use an imperative command

kubectl set image deployment "your_deployment_name" your_container_name=nginx:1.12 --record

kubectl rollout status deployment/name_of_your_deployment

kubectl rollout history deployment/name_of_your_deployment

kubectl get deployment 

kubectl describe deployment 

kubectl get replicaset

kubectl describe replicaset

After update we can also Rollback

kubectl rollout undo deployment/name_of_your_deployment

kubectl rollout status deployment/name_of_your_deployment

kubectl rollout history deployment/name_of_your_deployment

kubectl get deployment 

kubectl describe deployment 

kubectl get replicaset

kubectl describe replicaset 

Using other Imperative Commands:-

To deploy a deployment without parameters

kubectl run nginx --image=nginx

To Update the deployment

kubectl set image deployment your_deployment_name your_container_name=nginx:1.12 --record

above command will by default create a deployment & along with it a replicaset & a pod

Follow below link to deploy nginx server on K8s cluster for kore imperative commands

https://www.tecmint.com/deploy-nginx-on-a-kubernetes-cluster/

Types of Services: 

Cluster IP

A ClusterIP service is the default Kubernetes service. It gives you a service inside your cluster that other apps inside your cluster can access. There is no external access.


NodePort

A NodePort service is the most primitive way to get external traffic directly to your service. NodePort, as the name implies, opens a specific port on all the Nodes (the VMs), and any traffic that is sent to this port is forwarded to the service.


LoadBalancer

A LoadBalancer service is the standard way to expose a service to the internet. On GKE, this will spin up a Network Load Balancer that will give you a single IP address that will forward all traffic to your service.

Ingress

Unlike all the above examples, Ingress is actually NOT a type of service. Instead, it sits in front of multiple services and act as a “smart router” or entrypoint into your cluster.

You can do a lot of different things with an Ingress, and there are many types of Ingress controllers that have different capabilities.

The default GKE ingress controller will spin up a HTTP(S) Load Balancer for you. This will let you do both path based and subdomain based routing to backend services. For example, you can send everything on foo.yourdomain.com to the foo service, and everything under the yourdomain.com/bar/ path to the bar service.


Deployment Types & their Version
=================
Kind              Version 
POD                  v1
Service              v1
ReplicaSet        apps/v1
Deployment      apps/v1
=================


Steps to configure kubectl client on Linux
=============
Install aws cli on jenkins agent
>> It will already be there on aws image we used while creating the jenkins agent 

Configure aws cli
>> aws configure
Please follow below link to dynamically pass credentials to jenkins pipeline

https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-jenkins.html

https://docs.cloudbees.com/docs/cloudbees-jenkins-enterprise/latest/references/aws-cli

https://coralogix.com/log-analytics-blog/ci-cd-tutorial-how-to-deploy-an-aws-jenkins-pipeline/


Configure jenkins agent(client) for eks kube.config file with aws command
>> aws eks update-kubeconfig  --region us-east-2   --name myeks
install & configure kubectl

Install kubectl tool (Please always check latest versions & update below commands)
>> curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/kubectl

Install kubectl verify command 
>> curl -o kubectl.sha256 https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/kubectl.sha256

Verify kubectl binary
>> openssl sha1 -sha256 kubectl

Permission
>> chmod +x ./kubectl

Configure user home dir & set env path
>> mkdir -p $HOME/bin && cp ./kubectl $HOME/bin/kubectl && export PATH=$PATH:$HOME/bin

>> echo 'export PATH=$PATH:$HOME/bin' >> ~/.bashrc

Check & verify
>> kubectl version --short --client

Ref:- 

https://gitlab.com/andromeda99/maven-project/-/blob/dev-maven-ansible-docker-K8s/Jenkinsfile

==============================================

Types of Volumes in Kubernetes & its usage & configuration: -

https://kubernetes.io/docs/concepts/storage/volumes/#nfs

Mounting Persistent Volumes with AWS EBS on single node cluster:-


https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/

https://www.tecmint.com/install-a-kubernetes-cluster-on-centos-8/

https://www.tecmint.com/deploy-nginx-on-a-kubernetes-cluster/

https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html

https://eksworkshop.com/beginner/040_dashboard/connect/

https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/

https://medium.com/google-cloud/kubernetes-nodeport-vs-loadbalancer-vs-ingress-when-should-i-use-what-922f010849e0

https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-jenkins.html

https://docs.cloudbees.com/docs/cloudbees-jenkins-enterprise/latest/references/aws-cli

https://coralogix.com/log-analytics-blog/ci-cd-tutorial-how-to-deploy-an-aws-jenkins-pipeline/


Comments

Post a Comment

Popular posts from this blog

Jenkins

Pre-requisites 1. Install a Webserver https://gitlab.com/Azam-devops/webserver/-/blob/main/README.md Code for index.html https://gitlab.com/Azam-devops/webserver 2. Maven Code https://gitlab.com/Azam-devops/imperial-maven-project 1. Install & configure Jenkins Automation Server on Linux Vm. 2. Go through at some of the important options in Jenkins. 3. Manage Jenkins. 4. Plugins 5. Global Tools Configuration. 6. Credentials 7. Users 8. Slave Nodes 9. Configuring CI pipeline using Gitlab. 10. Configuring standalone CICD pipeline using. 11. Automating the CICD pipeline. 12. Jenkins log 13. Introduction to Jenkins file. 14. Basic groovy syntax & file formation. 15. Launching a Pipeline using Jenkins file. 3. DevOps Architecture Description of above DevOps plan. Create Maven based source code in Gitlab. Create a Jenkins job which will execute below stages. Checkout code from Gitlab Build/compile the source code using Maven as a build tool. scan the code virtually. Test...
Post a Comment
Read more

Docker In Details

  Course Contents:- 1. Overview of Docker 2. Difference between Virtualization & Containerization 3. Installation & Configuration of Docker Runtime on Linux & Windows 4. Practice on Docker commands 5. launch a Webserver in a container 6. Launch public & official images of application like Jenkins, Nginx, DB etc.. 7. Launch a base OS Container 8. How to save changes inside the container & create a fresh image(commit) 9. How to ship image & container from one hardware to another. 10. How to remove stop/rm multiple container/images 11. Docker Registry 12. Docker Networking       Check current docker network                  Docker Network Bridge                     Docker Network Weaving                  Launch our own Docker Cluster with our defined Network             ...
Post a Comment
Read more

Ansible

  Ansible is an open-source software provisioning, configuration management, and application-deployment tool. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows. It includes its own declarative language to describe system configuration. Ansible was written by Michael DeHaan and acquired by Red Hat in 2015. Ansible is agentless, temporarily connecting remotely via SSH or Windows Remote Management (allowing remote PowerShell execution) to do its tasks. Platform support Control machines have to be a Linux/Unix host (for example SUSE Linux Enterprise, Red Hat Enterprise Linux, Debian, CentOS, macOS, BSD, Ubuntu, and Python 2.7 or 3.5 is required. Managed nodes, if they are Unix-like, must have Python 2.4 or later. For managed nodes with Python 2.5 or earlier, the python-simplejson package is also required. Since version 1.7, Ansible can also manage Windows nodes. In this case, native PowerShell remoting supported by the WS-Managemen...
Post a Comment
Read more

Basic Linux Commands

  Linux Command Cheat Sheet Hello All, Below are the most common commands used in a day to day life of  linux user. if you are new to linux i will recommend you to go through all of the commands.  this commands will help you to troubleshoot linux issues.   Command Description ls Lists all files and directories from present working directory ls-R Lists files in sub-directories ls-a to list down hidden files. ls-al Lists files and directories with complete details like permissions, size, owner cd or cd ~ To go back to home directory cd .. Move one level up cd To change to a particular directory cd / Move to the root directory cat > filename Creates a new file cat filename Displays the content of a file cat file...
Post a Comment
Read more