Published on

Kubernetes 基本概念 | K8S

Authors
  • avatar
    Name
    Shelton Ma
    Twitter

Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications

Concepts

Pods and Workloads, Services, Storage, Configuration, Security, Policies, Schedule, Eviction, Preemption, Administration

Kubernetes ecosystem includes public cloud providers, frameworks, management, tools, monitoring and logging, security, and load balancing.

Architecture

The kubelet is an agent that runs on each worker node in the cluster. It is responsible for ensuring that containers are running in a Pod as expected. It communicates with the Kubernetes control plane to receive instructions (such as starting, stopping, or restarting containers) and reports the status of the containers back to the control plane.

kubernetes objects

Kubernets objects are persistent entities, their main fields are Object spec and Status

Namespaces help in isolating groups of resources within a single cluster

Pods represent a process or an instance of an app running in a cluster

A Service in Kubernets is a REST object that provides policies for accessing the Pods and cluster

ClusterIP is the default and most common Service type and provides interservice communication within the cluster

An extension of ClusterIP Service, a NodePort Service, creates and routes the income requests automatically to the ClusterIP Service

An extension of NodePort Service, an External Load Balancer creates NodePort and ClusterIP Service automatically

Ingress is an API object that, when combined with a controller, provides routing rules to manage external users' access to multiple services in a Kubernetes cluster

In Kubernetes, external access to cluster services is overseen by Ingress, consisting of two core components: the Ingress API object and the Ingress controller

You can use an External name to create a Service that represents external storage and enables Pods from different namespaces to talk to each other

A Job creates pods and tracks the pod completion process, Jobs are retried until completed

ReplicaSets, Deployments, DaemonSet, StatefulSet

Deployments provide updates for Pods and ReplicaSets, should be used for stateless applications

Using a DaemonSet ensures that there is at least one instance of the Pod on all your Nodes

ReplicaSets create and manage horizontally scaled running Pods, can manage pods and ensure a specified number of replicas are running.

A StatefulSet manages stateful applications, manages Pod deployment and scaling, maintains a sticky identity for each Pod request, and provides persistent storage volumes for your workloads

Kubernetes Antipatterns

  1. Avoid baking configuration in container images
  2. Separate application and infrastructure deployment
  3. Eliminate specific order in deployment
  4. Set memory and CPU limits for pods problem
  5. Avoid pulling the latest tag in production problem
  6. Segregate production and non-production workloads problem
  7. Refrain from ad-hoc deployments with kubectl edit/patch problem
  8. Implement health checks with liveness and readiness probes problem
  9. Prioritize secret handling and use vault problem
  10. Use controllers and avoid running multiple processes per container problem
Discuss on TwitterView on GitHub