Getting Started with k8s Containers

1. Introduction to k8s

1. What is a container

To reduce the waste of physical host resources caused by virtual machines, improve the utilization rate of physical hosts, and provide an isolated running environment for applications as good as virtual machines, people call this lightweight virtual machine a container.

2. Container management tools

Mainly used for container creation, startup, shutdown, deletion, etc.
Management tools:

• docker
• pouch
• LXC、LXD、RKT

3. Container orchestration and deployment tools

Container management tools can complete basic management, and to deal with more complex application deployments in enterprises, container orchestration management tools are required.
Orchestration deployment tools:

• docker three swordsmen (docker machine, docker compose, docker swarm)
• mesos + marathon
• Kubernetes
  is mainly used to manage containerized applications on multiple hosts in the cloud platform. The goal of k8s is to make the deployment of containerized applications simple and efficient, providing a mechanism for application deployment, planning, updating, and maintenance.

2. k8s function and architecture

1. k8s function

It can automatically deploy, expand, and shrink applications.

【1】Automatic packing

Automatic deployment of application containers based on the resource configuration requirements of the application operating environment based on containers

【2】Self-healing (self-healing ability)

• When the container fails, the container will be restarted
• When there is a problem with the deployed noda node, the container will be redeployed and rescheduled
• Shut down a container when it fails a monitoring check
• External services will not be provided until the container is running normally

【4】Horizontal expansion

Through simple instructions, user UI interface or resource usage based on CPU, etc., expand or cut the scale of the application as a container

[5] Service Discovery

Users can realize service discovery and load balancing based on k8s' own capabilities without using additional service discovery mechanisms

【6】Rolling update

According to application changes, one-time or batch updates can be performed on the applications running in the application container

[7] Version rollback

According to the deployment of the application, the application can be run on the application container, and the historical version can be rolled back immediately

【8】Key and configuration management

Keys and application configurations can be deployed and updated without rebuilding the image, similar to hot deployment

【9】Storage Orchestration

• Automatically implement storage system mounting and application, especially for stateful applications to achieve data persistence is very important
• The storage system can come from local directories, storage networks (NFS, Gluster, Ceph, Cinder, etc.), public cloud storage services, etc.

2. Node and Pod support

• Node (node) number support: early 100, now 2000
• POd management support: early 1000, now 150000

3. k8s cluster deployment

1. Classification of application deployment architecture

• Non-central node architecture: GlusterFS
• Central node architecture: HDFS, K8S

2. Role functions of cluster architecture nodes

[1] Three components of the master node

• The k8s control node schedules and manages the cluster and accepts requests from users outside the cluster to operate the cluster
• Master node composition (four components): control plane

1. API Server: Communication
2. Kube-Scheduler: Scheduling distributes pods to nodes (servers) through scheduling algorithms
3. Cluster State Store (ETCD database) / distributed key-value storage
4. Controller Manger Server : Resources

[2] Three components of worker node: user plane

• Cluster working nodes, running user business application container 1
• Worker node composition (three components)
  1. kubelet: a management tool on the worker side, responsible for pod lifecycle, storage, and network management
  2. kube proxy: network proxy, setting the forwarding path, responsible for service discovery (here is the discovery of internal services, and the discovery of external services is ingress), load balancing (4-layer load)
  3. Container Runtime: the software that creates the container

【3】Add-ons

• be - dns
• ingress Controller: Provide external network entry for services (discovery of external services)
  

3. k8s deployment

Validation of cluster availability

kubbectl get node   # 节点状态
kubbectl  get cs    # 集群状态

Four, k8s cluster client kubectl command

# 检查集群是否安装
rpm -qa | grep kubetctl
# 获取kubectl帮助
kubectl --help

Necessary environment for using kubectl commands: cluster link configuration file

Five, k8s cluster resource list file (yaml) file writing method

1. Writing format of YAML file

【1】YAML file introduction

• YAML is still a markup language
• To emphasize that this language is data-centric rather than markup-language-focused
• YAML is a highly readable format for expressing data sequences

[2] Basic syntax of YAML file

• use spaces for indentation
• The number of indentation spaces is not important, as long as the elements of the same level are aligned to the left
• Low version indentation cannot use TAB key, only spaces can be used
• Use # to mark the comment, from this character to the end of the line, it will be ignored by the interpreter

[3] Data structures supported by YAML

• object

1. collection of key-value pairs
2. aka Map/Hash/Dictionary

• array

3. a group in order
4. aka sequence/list

• Scalar
  A single, indivisible value: number, bool, null, time and date.
  In YMAL, strings do not use quotation marks. If there are spaces or special characters in the string, they can be enclosed in single or double quotation marks.

2. Implement resource list description method through YAML file

【1】Common fields

• version: version, str type
• kind: resource type, str type
• metadata: metadata object/resource object, object
• metadata.name: resource object name, str
• metadata.namespace: resource object namespace, str
• Spec: Define resource objects in detail, resource object description, object

Six, k8s cluster namespace (namespace)

1 Introduction

• Namespaces
• Role: In the case of multi-tenancy, resource isolation is realized
• Belong to logical isolation
• Belongs to management boundaries
• Not part of the network boundary
• Resource quotas can be made for each namespace

2. View

kubect get namesapce

illustrate:

• default : pods created by users are in this namespace by default
• kune-public : Accessible to all users. Include unauthenticated users
• kube-node-lease : kubernetes cluster node lease status
• kube-system : the kubernetes cluster is in use

3. create

【1】Create by command

kubectl create namespace test

输出： 
namespace/test created

[2] Created through the resource list

1.准备资源清单文件
cat 01-create-ns.yam1

apiVersion: V1
kind: Namespace
metadata:
  name；demons1
  
2. 应用资源清单文件
kubectl apply -f 01-create-ns.yam1

3. 验证是否创建成功
kubectl get namespace

4. delete

[1] Delete directly through kubectl (not recommended)

kubectl get namespace
kubectl delete namespace test

【2】Use the kubectl command to delete the application resource list file (recommendation)

kubectl get namespace
cat 01-create-ns.yam1
kubectl delete -f 01-create-ns.yam1

Seven, k8s cluster core concept pod

Containers cannot be directly managed in k8s. The smallest scheduling unit in a k8s cluster is pod, so pods should be used to run application containers

1. Concept

• The smallest unit that can be scheduled in k8s
• A pod is a collection of containers

2. View Pods

kubectl get pod
kubectl get pods
kubectl get pods --namespace default

3. Create Pods

[1] Write a file for creating a pod resource list

4. Pod access (not recommended)

知道pod的IP地址
curl 172.xx.xx.xx

5. Pod deletion method

[1] Delete directly through kubectl (not recommended)

 kubectl delete pods pod1

【2】Use the kubectl command to delete the application resource list file (recommendation)

kubectl delete -f 02-create-pod.yam1

Eight, k8s cluster core concept controller (controller)

Understand the pod deletion method, and find that pod deletion is very simple and easy to misuse. Therefore, another concept Controller (controller) is introduced to monitor the pod status in a loop in the k8s cluster. If the pod is found to be deleted, it will restart Pull up a pod and keep the pod in the state the user expects.

1. Controller role

• controller
• Used to monitor the resources running on the application
• When there is a problem with the pod, the pod will be pulled up again to achieve the state expected by the user

2. Controller classification

Common pod controllers: coveralls in type, called RC controllers

• Deployment: Declarative update controller for deploying stateless applications. A higher level package for RS. , providing richer deployment-related functions.
  Advantages: the backend can be infinitely expanded
• ReplicaSet (RS): The replica set controller is used to expand or cut the replica size of the pod, and is used to publish stateless applications. Dynamically update the number of POD copies, and select which pods to take effect through the selector.
• StatefulSet: a stateful replica set, used to publish stateful applications . Advantages: continuous stability, IP
  can be kept unchanged . Main features: stable persistent storage, stable network logo, orderly deployment and orderly expansion, orderly contraction and orderly deletion Composition: Headless Service (DNS management for stateful services), volumeClaimTemplate (template for creating persistent volumes)
  
  
• DaemonSet: Run a copy on each Node of the k8s cluster to publish applications such as monitoring or log collection and install it
  on each node
• Job: Run a one-time job task
• CronJob: Run periodic job tasks

3. The role of the Deplyment controller

• It has the functions of online deployment, rolling upgrade, creating a copy, rolling back to a previous version (successful/stable), etc.

4. Create a Depliyment controller type application method

[1] Created through the kubectl command line (not recommended)

[2] Create a resource list file through the kubectl command (recommended)

5. Delete the Depliyment controller type application method

It is not recommended to delete the POD with the controller type directly. If it must be deleted, please delete the application name of the controller. (After deleting the pod directly, the POD will be pulled up again)

[1] Created through the kubectl command line

# 查看应用：
kubectl get depliyment.apps
# 删除应用;
kubectl delete depliyment.apps nginx-app

【2】Create application resource list file through kubectl command

Nine, k8s cluster core concept service

1. service concept

• not an entity service
• It is an iptables or ipva forwarding rule

2. Service role

• Provide the pod client with access to the POD method through the service, that is, the client accesses the pod entry
• The service is associated with the pod through the pod label

3. service type

• ClusterIP: By default, a virtual IP that can be accessed within the cluster is assigned, which can only be accessed internally
• NodePort: assign a port on each Node as an external access entry
• LoadBalancer: Work on a specific Cloud Provider (eg: Google Cloud, AWS, Openstack)
• ExternalName: Indicates that services outside the cluster are introduced into the cluster, that is, pods inside the cluster communicate with services outside the cluster

4. service parameters

• port: the port used to access the service
• targetPort: container port in Pod
• NodePort: Through Node, external network users can access services in the k8s cluster

5. Service creation method

[1] Created through the kubectl command line (not recommended)

The service created by default is of type ClusterIP

# 1.创建Deploment类型应用
# 2.验证应用创建情况
get
# 3.创建service
kubectl expose deployment.apps nginx.app1 --typr=ClusterIP --tarrget-poet=80 --port=80
# 4. 查看service
kubectl get service

[2] Create a resource list file through the kubectl command (recommended)

6. Service delete method

[1] Created through the kubectl command line (not recommended)

kubectl delete service nginx-app1

【2】Use the kubectl command to create a resource list file (recommended)