Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kubernetes Design Principles: Understand the Why

515740717a9ba5d00fb79158c9071097?s=47 Saad Ali
December 14, 2018

Kubernetes Design Principles: Understand the Why

Kubecon Seattle 2018 Talk - https://sched.co/IrkE

Kubernetes is quickly becoming indispensable for managing and deploying workloads on distributed systems across both cloud and on-prem environments.

While most people are now familiar with how to use Kubernetes, few are aware of the “why” behind it? Why does the Kubernetes API look the way it does? Why do Kubernetes components only interact with each other through the Kubernetes API? Why is there a PersistentVolumeClaim object when you could easily reference a volume directly from a pod?

To answer these questions and help you develop a deeper understanding of Kubernetes, this talk exposes the principles underpinning the design of Kubernetes.

515740717a9ba5d00fb79158c9071097?s=128

Saad Ali

December 14, 2018
Tweet

Transcript

  1. Kubernetes Design Principles: Understand the Why

  2. None
  3. None
  4. Node A Node B

  5. Node A Node B Container A

  6. Node A Node B Container A

  7. Kubernetes APIs are declarative rather then imperative.

  8. Before: You: System: You: After: You: System:

  9. You: System: Master: API Server Node A Node B kubectl

    create -f replica.yaml
  10. You: System: Master: API Server Node A Node B kubectl

    create -f replica.yaml apiVersion: apps/v1 kind: ReplicaSet metadata: name: frontend spec: replicas: 1 template: metadata: ... spec: ... containers: - name: nginx image: internal.mycorp.com:5000/mycontainer:1.7.9
  11. You: System: Master: API Server Node A Node B Pod

    A definition
  12. You: System: Master: API Server Node A Node B Pod

    A definition Pod A
  13. None
  14. Master: API Server Node A Node B Pod A definition

    Pod A
  15. Master: API Server Node A Node B Pod A definition

    Pod A
  16. kubectl create -f replica.yaml Master: API Server Node A Node

    B Pod A definition
  17. Master: API Server Node A Node B Pod A definition

  18. Master: API Server Node A Node B Pod A definition

    Pod A
  19. Master: API Server Node A Node B Pod A definition

    Pod A
  20. Master: API Server Node A Node B Pod A definition

    Pod A
  21. The Kubernetes control plane is transparent. There are no hidden

    internal APIs.
  22. Before: Master: Node: Master: After: Master: Node:

  23. Master: API Server Node A Node B Master: Scheduler

  24. Master: API Server Node A Node B Master: Scheduler kubectl

    create pod
  25. Master: API Server Node A Node B Master: Scheduler Pod

    A definition
  26. Master: API Server Node A Node B Master: Scheduler Pod

    A definition node: Node B
  27. Master: API Server Node A Node B Master: Scheduler Pod

    A Pod A definition node: Node B
  28. Master: API Server Node A Node B Master: Scheduler Pod

    A Pod A definition node: Node B kubectl delete pod A
  29. Master: API Server Node A Node B Master: Scheduler Pod

    A
  30. Master: API Server Node A Node B Master: Scheduler

  31. None
  32. None
  33. None
  34. Principle: Obvious solution: Master Node 1 API Server Scheduler Kubelet

    Watch for new Pods, scheduled to this node Docker Daemon Pod A node: Node1 Container for pod1 Fetch Secret Object Watch for new Pods
  35. Meet the user where they are.

  36. Before: After: Master Node 1 API Server Scheduler Kubelet Watch

    for new Pods, scheduled to this node Docker Daemon Pod A node: Node1 Container for pod1 Watch for new Pods Secret volume Fetch Secret file
  37. None
  38. Master Node 1 API Server Scheduler Kubelet Watch for new

    Pods, scheduled to this node Docker Daemon Pod A storage: gcePD1 Fetch Secret Object Watch for new Pods
  39. Master Node 1 API Server Scheduler Kubelet Watch for new

    Pods, scheduled to this node Docker Daemon Pod A storage: gcePD1 node: Node1 Fetch Secret Object Watch for new Pods Schedule PodA to Node1
  40. Master Node 1 API Server Kubelet Watch for new Pods,

    scheduled to this node Docker Daemon Pod A storage: gcePD1 node: Node1 Fetch Secret Object A/D Controller Watch for new Pods w/Volumes Storage Backend Attach gcePD1 to Node1
  41. Master Node 1 API Server Kubelet Watch for new Pods,

    scheduled to this node Docker Daemon Pod A storage: gcePD1 node: Node1 Fetch Secret Object A/D Controller Watch for new Pods w/Volumes Storage Backend Attach gcePD1 to Node1 gcePD1
  42. Master Node 1 API Server Kubelet Watch for new Pods,

    scheduled to this node Docker Daemon Pod A storage: gcePD1 node: Node1 Fetch Secret Object A/D Controller Watch for new Pods w/Volumes Storage Backend Attach gcePD1 to Node1 gcePD1 Container for pod1 Create container Mount volume
  43. Master Node 1 API Server Kubelet Watch for new Pods,

    scheduled to this node Docker Daemon Pod A storage: gcePD1 node: Node1 Fetch Secret Object A/D Controller Watch for new Pods w/Volumes Storage Backend Attach gcePD1 to Node1 gcePD1 Container for pod1 Create container Mount volume
  44. Workload portability

  45. None
  46. Master Node 1 API Server Kubelet Watch for new Pods,

    scheduled to this node Docker Daemon Pod A storage: pvc-a node: Node1 Container for pod1 gcePD1 A/D Controller Watch for new Pods w/Volumes Watch state of container pvc-a storage: pv-1 storageClass: storageClass1 pv-1 storage: gcePD1 StorageClass1 storage: gcePD Cluster admin facing API object User facing API object
  47. Master Node 1 API Server Kubelet Watch for new Pods,

    scheduled to this node Docker Daemon Pod A storage: pvc-a node: Node1 Container for pod1 awsEBS1 A/D Controller Watch for new Pods w/Volumes Watch state of container pvc-a storage: pv-1 storageClass: storageClass1 pv-1 storage: awsEBS1 StorageClass1 storage: awsEBS Cluster admin facing API object User facing API object
  48. None
  49. None
  50. None