About Me ● Advisory Software Engineer @ IBM ● Part of Open Source Technology Team in IBM Digital Business Group ● Work on Kubernetes and other Cloud Native Computing Foundation (CNCF) projects ● @cmluciano_ on Twitter
Summary of Problems ○ Capacity management during peak times ○ Scheduling for unpredictability ○ Reliable upgrades ○ Deploying the same way every time ○ Allow the machines to monitor and fix themselves
Kubernetes Master Components ● Etcd ○ Backing datastore for K8s ○ Stores all cluster related information ● Kube-apiserver ○ From end API server for Kubernetes that exposes the Kube API to clients ● Kube-controller-manager ○ Runs Kube controllers that perform routine tasks like populating endpoints, tracking nodes that appear and leave, etc ● Kube-scheduler ○ Watches for new pod creations that are not running and finds a node for them to run on
Kubernetes Node Components ● Kubelet ○ Collects all resources and detail on a given worker node and exposes them for scheduling ○ Also takes care of the pod lifecycle which includes mounting volumes, downloading dependencies, etc. ● Kube-proxy ○ Maintains network rules and connection forwarding ■ Normally done through IPtables ● Container Runtime ○ Rkt ○ Docker ● Supervisord ○ Babysits the kubelet as systemd would
Container ● Basic building block ● Should contain one process or application ● Ex. https://gist.github.ibm.com/cmluciano/b52e3764b3bdcb826ae37b039d9f b2be
Pod ● Collection of containers ○ Can store things in a pod specific scratch space ○ Can talk to each other over localhost ○ Scheduled to a node as a group ● Ex. https://gist.github.ibm.com/cmluciano/b52e3764b3bdcb826ae37b039d9fb2 be
ReplicaSet ● Schedules new pods based on desired number ● Takes care of babysitting your pods and recreating whenever necessary ● Should be grouped together with labels as a selector ● Should most likely be used through a deployment ● Ex. https://gist.github.ibm.com/cmluciano/b52e3764b3bdcb826ae37b039d9fb2be
Service ● Collect multiple pods together into related groupings based on labels ● RS front-end communicates with RS backend to create service X ● Creates an IP that represents the whole service and load balances appropriately
IBM Cloud Kubernetes ● Native K8s APIs ● Fully managed HA installation ● IBM Cloud LoadBalancer ● Support for Ingress ● IBM Cloud registry ● Container security scanning ● Ease access to other IBM Cloud services like Watson and Compose.io