Skip to content

Instantly share code, notes, and snippets.

@calum-github

calum-github/k8s_notes.md

Last active February 11, 2019 04:46
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save calum-github/65335e00cedb79b61a1703eef90a72f2 to your computer and use it in GitHub Desktop.
Save calum-github/65335e00cedb79b61a1703eef90a72f2 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
k8s_notes.md

K8s notes

Cluster basics

Master

provides an API, Scheduler, UI, controller and a KV store, all information and state is stored in -> etcd

control plane

Worker Nodes

Kubelet (Kubernetes Agent) & Docker Engine communication between workers and master over Kube API kube proxy exists on each node handles network

Objects

Kinds of objects:

  • Pod
  • DaemonSet
  • Deployment
  • Service

Pod

Pod = grouping of an app container/s and shared resources like storage/networking and container run config 1 pod 1 instance. to scale horizontally use replication managed via a controller Somewhat like an oldschool single physical/logical host for an app containers within the pod use the pod's IP address as Controllers - RS replicasets used by a deployment as a way to manage pod create delete and update Defined in a pod.yaml, BUT use a deployment to actually deploy/manage pods.

Containers in a pod, can communication with each other via localhost - sidecar. Example would be a webapp in one container and a web server in another container, which work together as an application within the pod.

Deployment

Deployments are responsible for creating and updating pods Kubernetes will manage the state of those pods based on the definitions provided in the deployment.yaml Deployments can scale up and down to meet demand Deployments can also be rolled back tot an older version or can roll forward (rollout)

Services

Defines a way to access Pods in a consistent way Services find the pod to route traffic to based on the Labels or 'selectors' in the manifest Inside the cluster hey perform load balacing. They can also interact with GKE to create external looad balancers

A service provides service discovery and a vip.

A service is an object/abstraction that defines a service that is provided by a pod or multiple pods names things in DNS, gets virtual IP Cluser Ip or Nodeport routes based on labels enabled access to pods for front end (users) as well as back end (other pods) defined in a services.yaml

Networking

Node has a IP, Pod has a cidr range, pod has an IP within the pod cidr pods cidr network flat, all pods on the node accessible to each other

Volume

kub volume linked to pod, lifecycle that of the pod, not any container within the pod. Namespace lots of different volume type objects available ie nfs awsebs

Namespaces

The point of name spaces or the benefit of namespaces is resource separation A cluster may contain multiple applications. Namespaces can provide resource isolution or separation between the applications on the cluster.

Secrets

Base64 encoded at rest Can be attached to a pod. When attached to a pod, automatically decrypted Secrets can be files or $ENV vars

Ingresses

Allows for a single external (external to the cluster) endpoint to route traffic to multiple applications within the cluster

Context

A context is a grouping of three parameters:

  • Cluster
  • User
  • Namespace
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment