Kubernetes Assignment- Sivapothuraju
Sidecars are a feature that enables you to run an additional container within a pod to be used as a watcher or proxy. You use this extra container to direct data to be mounted and exposed to other containers in the pod. For example, sidecars could be used to handle logging or authentication for a primary container. Sidecars are useful when you want to allow related processes within a pod to communicate without modifying the primary container source code.
Helm is a package manager for Kubernetes that you can use to streamline the installation and management of k8s applications. It uses charts composed of a description of the package and templates containing k8s manifest files. You use manifest files in k8s to create, modify, and delete resources.
Helm enables you to create and share reproducible builds of k8s applications. There are many preconfigured charts available with their dependencies included. Helm charts enable you to deploy applications quickly and easily.
Controllers are loops that regulate the state of your system or resources. With custom controllers, you can accomplish tasks that aren’t included with standard controllers. For example, you can dynamically reload application configurations. Custom controllers can be used with native or custom resource types.
Using these controllers can be an easier way to manage deployments than toolchains. Controllers are a single piece of code while toolchains require familiarity with a number of interfaces.
K8s comes with a default scheduler for assigning newly created pods to nodes. If this scheduler doesn’t fit your needs or if you would like to run multiple schedulers, you can create a custom scheduler. For example, you could use custom scheduling to facilitate cloud bursting. Cloud bursting is when you move a workload to the cloud in order to meet higher performance or traffic demands.
Custom schedulers can be useful if you have special pods that you want to be handled separately from the others. You can set schedulers according to preference or requirement. Scheduling can rely on strict matching or inclusion and exclusion lists.
PDB is a feature that enables you to restrict the number of pods in a cluster that you can stop voluntarily. It helps ensure that a minimum number of pods stay active during tasks like maintenance, auto-scaling down, or upgrading.
With PDB, you can prevent application availability or performance from being affected by administrative tasks. An important limit to keep in mind with PDB is that it does not have an effect if a node fails, only when changes are done voluntarily.
Go modules are collections of Go packages you can use to manage your application dependencies. Dependencies are bits of code, libraries or frameworks that your application depends on to run. Kubernetes supports Go modules from v1.15 on.
Modules enable you to use multiple versions of the same dependency package or to use dependencies stored in different environments. You can use modules to ease code sharing between distributed teams and minimize the impact of changes in dependencies.
Taints and Tolerations
Taints and tolerations are a feature that enables you to direct nodes to “attract” or “repel” pods. Taints are assigned to nodes and specify that pods that do not tolerate the taint assigned should not be accepted.
Tolerations are assigned to pods and signal to nodes with matching taints that pods can be accepted. This feature is useful if you need to deploy an application on specific hardware or if you want to dedicate a set of nodes to specific users.
Cluster federation enables you to treat multiple clusters as a single logical cluster, managed through a single control plane. Federation enables clusters running in different locations or environments to be more easily managed. You can use federation to make clusters both highly available and resilient by enabling workloads to be passed between clusters.
You can check the health of pods or applications in k8s by defining probes to be run by a kubelet agent. You can define readiness, liveness, and startup probes, as follows:
Readiness—determine if a container can receive requests. If it fails the pod IP address is removed from any endpoints directing traffic to the pod.
Liveness—determine if a container needs to be restarted. Failure means the container is killed and restarted.
Startup—determine if an application within the container has started. In the case of failure, the container is killed and restarted.
You can customize probes with timeouts, retry attempts, minimum success or failure thresholds, and delayed runtimes.
Feature gates are a functionality in k8s that you can use to turn features on or off on a node, cluster, or platform level. This functionality enables you to safely test features without risking critical components or your production environment.
You can use gates to control alpha, beta, or stable (GA) features. Each feature gate controls only one feature. Alpha features default to off and beta and GA features default to on. For a full list of gates, feature descriptions and statuses
Kubernetes keeps track of your container applications that are deployed into the cloud. It restarts orphaned containers, shuts down containers when they’re not being used, and automatically provisions resources like memory, storage, and CPU when necessary.
It stores the configuration information which can be used by each of the nodes in the cluster. It is a high availability key value store that can be distributed among multiple nodes.
Kubernetes is an API server which provides all the operation on cluster using the API. API server implements an interface, which means different tools and libraries can readily communicate with it. Kubeconfig is a package along with the server side tools that can be used for communication.
responsible for most of the collectors that regulates the state of cluster and performs a task. In general, it can be considered as a daemon which runs in nonterminating loop and is responsible for collecting and sending information to API server.The key controllers are replication controller, endpoint controller, namespace controller, and service account controller. The controller manager runs different kind of controllers to handle nodes, endpoints, etc.
It is a service in master responsible for distributing the workload. It is responsible for tracking utilization of working load on cluster nodes and then placing the workload on which resources are available and accept the workload. In other words, this is the mechanism responsible for allocating pods to available nodes. The scheduler is responsible for workload utilization and allocating pod to new node.
Docker which helps in running the encapsulated application containers in a relatively isolated but lightweight operating environment.
responsible for relaying information to and from control plane service. It interacts with etcd store to read configuration details and wright values. This communicates with the master component to receive commands and work. The kubelet process then assumes responsibility for maintaining the state of work and the node server. It manages network rules, port forwarding, etc.
Kubernetes Proxy Service:
runs on each node and helps in making services available to the external host. It helps in forwarding the request to correct containers and is capable of performing primitive load balancing. It makes sure that the networking environment is predictable and accessible and at the same time it is isolated as well. It manages pods on node, volumes, secrets, creating new containers’ health checkup, etc.