Getting started with kubernetes
Last updated
Last updated
Kubenetes mini editions perfect as your first playground or
Install Virtualbox from
Install minikube
Review installation has been successfully. minikube start, minikube status or minikube stop.
Install kubectl I use homebrew
kubectl allows us to manage local Kubernetes clusters like the minikube cluster, or remote clusters deployed in the cloud. It is generally installed before installing and starting minikube, but it can also be installed after the cluster bootstrapping step.
Minikube embarks a web UI. Start it by typing
This command starts the UI and automatically opens a browser window to it.
We can also proxy it to the machine where kubectl is running with the following command:
Proxying means also we have a safe connection with minikube. We can thus access the api directly:
We want to access the API with curl by using an authentication token:
We need a Bearer token to access the API. The token is generated by the api server on the master node. We now create it and store it into a variable like this:
We need the api server IP address:
Verify that these two command return the same url then run the curl command.
list the available addons with
install them with minikube addons enable <addon-name>
etcd: a key-value store. Only the API Server is able to communicate with the etcd data store.
etcdctl: command line tool for the key-value store.
kubeadm: bootstrapping tool
worker node: running environment (container) for client applications. Requires a container runtime
kubelet: agent running on each node and communicates with the control plane components from the master node. In order to connect to interchangeable container runtimes, kubelet uses a shim application which provides a clear abstraction layer between kubelet and the container runtime. The CRI implements two services: ImageService and RuntimeService.
kube-proxy is the network agent which runs on each node responsible for dynamic updates and maintenance of all networking rules on the node.
Kubernetes can be installed using different cluster configurations. Installation types are:
All-in-One Single-Node Installation In this setup, all the master and worker components are installed and running on a single-node. While it is useful for learning, development, and testing, it should not be used in production. Minikube is an installation tool originally aimed at single-node cluster installations.
Single-Master and Multi-Worker Installation In this setup, we have a single-master node running a stacked etcd instance. Multiple worker nodes can be managed by the master node.
Single-Master with Single-Node etcd, and Multi-Worker Installation In this setup, we have a single-master node with an external etcd instance. Multiple worker nodes can be managed by the master node.
Multi-Master and Multi-Worker Installation In this setup, we have multiple master nodes configured for High-Availability (HA), with each master node running a stacked etcd instance. The etcd instances are also configured in an HA etcd cluster and, multiple worker nodes can be managed by the HA masters.
Multi-Master with Multi-Node etcd, and Multi-Worker Installation In this setup, we have multiple master nodes configured in HA mode, with each master node paired with an external etcd instance. The external etcd instances are also configured in an HA etcd cluster, and multiple worker nodes can be managed by the HA masters. This is the most advanced cluster configuration recommended for production environments.
As the Kubernetes cluster's complexity grows, so does its hardware and resources requirements. While we can deploy Kubernetes on a single host for learning, development, and possibly testing purposes, the community recommends multi-host environments that support High-Availability control plane setups and multiple worker nodes for client workload.
The objects describe:
which apps are running
to which nodes they are deployed
the resources they consume
the policies attahced to them (like fault tolerance, restart/upgrade policy)
Pods: holds conteners (apps), either a single app or multi-container. They are the smallest unit in kubernetes.
Cluster: groups pods together
Label: holds meta information of a pod as a key-value pair.
ReplicationControllers: ensures that a specified number of pod replicas are running at any given time. Is a pod get killed or has a disfunction, the replica set will ask for a new replicate to ensure the desired amount of pods are always available.
Deployment: provides declarative updates to Pods and ReplicaSets.
namespaces: groups different nodes together in a secure group. Namespaces are one of the most desired features of Kubernetes. By default the following namespaces are created:
list all namespaces
Every pod created without a specific namespace will be assigned to default. kube-system holds the kubernetes control agents, kube-public is accessible by everyone, kube-node-lease holds nodes with heartbeat data.
To access and manage Kubernetes resources or objects in the cluster, we need to access a specific API endpoint on the API server. Each access request goes through the following access control stages:
Authentication: Logs in a user.
Authorization: Authorizes the API requests submitted by the authenticated user.
Admission Control: Software modules that validate and/or modify user requests based.
To access ths cluster kubectl needs the master node endpoint and appropriate credentials to be able to securely interact with the API server running on the master node. While starting Minikube, the startup process creates, by default, a configuration file, config, inside the .kube directory (often referred to as the ), which resides in the user's home directory. The configuration file has all the connection details required by kubectl. By default, the kubectl binary parses this file to find the master node's connection endpoint, along with credentials. Multiple kubeconfig files can be configured with a single kubectl client. To look at the connection details, we can either display the content of the ~/.kube/config file (on Linux) or run the following command:
curl