Learn k8s basics quickly in 10min

Introduction to Kubernetes

Kubernetes (K8S for short, 8 letters between K and S) is an open source system for automatically deploying, expanding and managing container applications. It combines the containers that make up the application into logical units to facilitate management and service discovery. Kubernetes comes from Google'S 15 years of operation and maintenance experience in production environment, and condenses the best ideas and practices of the community.

Kubernetes has the following features:

  • Service discovery and load balancing: you can use unfamiliar service discovery mechanisms without modifying your application.
  • Storage Orchestration: automatically mount the selected storage system, including local storage.
  • Secret and configuration management: when deploying and updating the configuration of Secrets and applications, it is not necessary to rebuild the container image and expose the secret information in the software stack configuration.
  • Batch execution: in addition to services, Kubernetes can also manage your batch and CI workloads and replace expired containers when desired.
  • Horizontal scaling: scale the application automatically using a simple command, a UI, or based on CPU usage.
  • Automated go live and rollback: Kubernetes will go online step by step for changes to the application or its configuration, and monitor the health of the application to ensure that you will not terminate all instances at the same time.
  • Automatic bin packing: automatically place containers according to resource requirements and other constraints, while avoiding affecting availability.
  • Self repair: restart the failed container, replace and reschedule the container when the node dies, and kill the container that does not respond to the user-defined health check.

Introduction to Minikube

Minikube is a lightweight implementation of Kubernetes, which can create VM S on local computers and deploy simple clusters with only one node. Minikube can be used for Linux, MacOS and Windows systems. The Minikube CLI provides a variety of operations to guide the cluster, including start, stop, view status, and delete.

Kubernetes core concepts

Since Kubernetes has many core concepts, learning them is very helpful to understand the use of Kubernetes, so let's learn these core concepts first.

Node

Kubernetes cluster means that kubernetes coordinates a cluster of highly available computers, and each computer is connected to each other as an independent unit.

A Kubernetes cluster contains two types of resources:

  • Master: responsible for managing the entire cluster. Coordinate all activities in the cluster, such as scheduling applications, maintaining the required status of applications, application expansion, and launching new updates.
  • Node: used to host running applications. It can be a virtual machine or a physical machine. It acts as a working machine in the Kubernetes cluster. Each node has a Kubelet. It manages the node and is the agent for the node to communicate with the Master. The node also has tools for handling container operations, such as Docker or rkt.

image.png

Deployment

Deployment is responsible for creating and updating instances of the application. After the deployment is created, the Kubernetes Master schedules the application instance to each node in the cluster. If the node hosting the instance is closed or deleted, the deployment controller replaces the instance with an instance on another node in the cluster. This provides a self-healing mechanism to solve the problem of machine fault maintenance.

You can use Kubernetes command line interface kubectl to create and manage deployments. Kubectl interacts with the cluster using the Kubernetes API.

image.png

Pod

Pod is equivalent to the concept of logical host and is responsible for hosting application instances. It includes one or more application containers (such as Docker) and some shared resources (shared storage, network, operation information, etc.) of these containers.

image.png

Service

Service is an abstraction layer that defines a logical set of pods and supports external traffic exposure, load balancing and service discovery for these pods.

Although each Pod has a unique IP address, these IPS will not be exposed outside the cluster without service. Service allows your application to receive traffic. Service can also be exposed by marking type in ServiceSpec. The type type is as follows:

  • ClusterIP (default): exposes services on the internal IP of the cluster. This type makes the Service accessible only from within the cluster.
  • NodePort: use NAT to expose the Service on the same port of each selected Node in the cluster. Use < nodeip >: < NodePort > to access the Service from outside the cluster. Is a superset of ClusterIP.
  • LoadBalancer: create an external load balancer (if supported) in the current cloud and assign a fixed external IP to the Service. Is a superset of NodePort.
  • Externalname: expose the Service with any name (specified by externalname in the spec) by returning the CNAME record with this name. Do not use proxy.

image.png

Docker installation

Since the operation of Kubernetes depends on the container runtime (the software responsible for running the container), the more common container runtime includes Docker, containerd and CRI-O. Select Docker here. First install the Docker environment on the Linux server.

  • Install Yum utils:

yum install -y yum-utils device-mapper-persistent-data lvm2
  • Add docker warehouse location for yum source:

yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
  • To install Docker:

yum install docker-ce
  • Start Docker:

systemctl start docker

Minikube installation

  • First, we need to download the binary installation package of Minikube and install:

curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube
  • Then start Minikube with the following command:

minikube start
  • If you use root, you will not be able to start and the following message will be prompted. That is because Minikube is not allowed to start with root permission. You need to create a non root account and start again;

* minikube v1.16.0 on Centos 7.6.1810
* Automatically selected the docker driver
* The "docker" driver should not be used with root privileges.
* If you are running minikube within a VM, consider using --driver=none:
*   https://minikube.sigs.k8s.io/docs/reference/drivers/none/

X Exiting due to DRV_AS_ROOT: The "docker" driver should not be used with root privileges.
  • Here, a macro user belonging to the docker user group is created and switched to this user;

# Create user
useradd -u 1024 -g docker macro
# Set user password
passwd macro
# Switch users
su macro
  • Start Minikube with minikube start command again. After successful startup, the following information will be displayed:

* To pull new external images, you may need to configure a proxy: https://minikube.sigs.k8s.io/docs/reference/networking/proxy/
* Preparing Kubernetes v1.20.0 on Docker 20.10.0 ...
  - Generating certificates and keys ...
  - Booting up control plane ...
  - Configuring RBAC rules ...
* Verifying Kubernetes components...
* Enabled addons: default-storageclass, storage-provisioner
* kubectl not found. If you need it, try: 'minikube kubectl -- get pods -A'
* Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default

Use of Kubernetes

Create cluster

Through Minikube, we can create a single Node K8S cluster. The cluster management Master and the Node responsible for running applications are deployed on this Node.

  • View the version number of Minikube:

minikube version

minikube version: v1.16.0
commit: 9f1e482427589ff8451c4723b6ba53bb9742fbb1
  • Check the version number of kubectl. Kubectl will be installed directly for the first time:

minikube kubectl version
 Copy code

Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.0", GitCommit:"af46c47ce925f4c4ad5cc8d1fca46c7b77d13b38", GitTreeState:"clean", BuildDate:"2020-12-08T17:59:43Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.0", GitCommit:"af46c47ce925f4c4ad5cc8d1fca46c7b77d13b38", GitTreeState:"clean", BuildDate:"2020-12-08T17:51:19Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}
  • If you want to use the kubectl command directly, you can copy it to the / bin directory:

# Find the location of the kubectl command
find / -name kubectl
# After finding it, copy it to the / bin directory
cp /mydata/docker/volumes/minikube/_data/lib/minikube/binaries/v1.20.0/kubectl /bin/
# Use the kubectl command directly
kubectl version
  • View cluster details:

kubectl cluster-info

Kubernetes control plane is running at https://192.168.49.2:8443
KubeDNS is running at https://192.168.49.2:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
  • Looking at all nodes in the cluster, you can find that Minikube has created a single Node simple cluster:

kubectl get nodes

NAME       STATUS   ROLES                  AGE   VERSION
minikube   Ready    control-plane,master   46m   v1.20.0

Deploy application

Once you run the K8S cluster, you can deploy containerized applications on it. By creating a Deployment object, you can command K8S how to create and update an instance of the application.

  • Specify an application image and create a Deployment. Here, create an Nginx application:

kubectl create deployment kubernetes-nginx --image=nginx:1.10
  • When creating a Deployment, K8S will generate the following operations:

    • Select an appropriate Node to deploy the application;
    • Deploy the application to the Node;
    • Redeploy the application when the application closes abnormally or is deleted.
  • View all deployments:

kubectl get deployments

NAME                  READY   UP-TO-DATE   AVAILABLE   AGE
kubernetes-nginx      1/1     1            1           21h
  • We can create a proxy through the kubectl proxy command, so that we can directly access the K8S API through the exposed interface. Here, we call the interface to query the K8S version;

[macro@linux-local root]$ kubectl proxy
Starting to serve on 127.0.0.1:8001
[root@linux-local ~]# curl http://localhost:8001/version
{
  "major": "1",
  "minor": "20",
  "gitVersion": "v1.20.0",
  "gitCommit": "af46c47ce925f4c4ad5cc8d1fca46c7b77d13b38",
  "gitTreeState": "clean",
  "buildDate": "2020-12-08T17:51:19Z",
  "goVersion": "go1.15.5",
  "compiler": "gc",
  "platform": "linux/amd64"
}

View application

By operating the Pod running the application, you can view the container log or execute commands inside the container.

  • View the status of all pods in K8s:

kubectl get pods

NAME                                   READY   STATUS             RESTARTS   AGE
kubernetes-nginx-78bcc44665-8fnnn      1/1     Running            1          21h
  • View the detailed status of the Pod, including IP address, occupied port, use image and other information;

kubectl describe pods

Name:         kubernetes-nginx-78bcc44665-8fnnn
Namespace:    default
Priority:     0
Node:         minikube/192.168.49.2
Start Time:   Tue, 05 Jan 2021 13:57:46 +0800
Labels:       app=kubernetes-nginx
              pod-template-hash=78bcc44665
              version=v1
Annotations:  <none>
Status:       Running
IP:           172.17.0.7
IPs:
  IP:           172.17.0.7
Controlled By:  ReplicaSet/kubernetes-nginx-78bcc44665
Containers:
  nginx:
    Container ID:   docker://31eb1277e507ec4cf8a27b66a9f4f30fb919d17f4cd914c09eb4cfe8322504b2
    Image:          nginx:1.10
    Image ID:       docker-pullable://nginx@sha256:6202beb06ea61f44179e02ca965e8e13b961d12640101fca213efbfd145d7575
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Wed, 06 Jan 2021 09:22:40 +0800
    Last State:     Terminated
      Reason:       Completed
      Exit Code:    0
      Started:      Tue, 05 Jan 2021 14:24:55 +0800
      Finished:     Tue, 05 Jan 2021 17:32:48 +0800
    Ready:          True
    Restart Count:  1
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-dhr4b (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  default-token-dhr4b:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-dhr4b
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                 node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:          <none>
Copy code
  • Set the name of the pod as an environment variable to make it easier to use $pod later_ Name to apply the name of the Pod:

export POD_NAME=kubernetes-nginx-78bcc44665-8fnnn
  • To view the log printed by Pod:

kubectl logs $POD_NAME
  • Use exec to execute commands in the Pod container. Here, use env command to view environment variables:

kubectl exec $POD_NAME -- env
 Copy code

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=kubernetes-nginx-78bcc44665-8fnnn
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
KUBERNETES_SERVICE_HOST=10.96.0.1
KUBERNETES_SERVICE_PORT=443
KUBERNETES_SERVICE_PORT_HTTPS=443
KUBERNETES_PORT=tcp://10.96.0.1:443
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP_PORT=443
NGINX_VERSION=1.10.3-1~jessie
HOME=/root
  • Enter the container and execute the bash command. If you want to exit the container, you can use the exit command:

kubectl exec -ti $POD_NAME -- bash

Public exposure application

The default Pod cannot be accessed externally by the cluster. You need to create a Service and expose the port before it can be accessed externally.

  • Create a Service to expose the kubernetes nginx Deployment:

kubectl expose deployment/kubernetes-nginx --type="NodePort" --port 80
  • View the status of all services in K8S:

kubectl get services
 Copy code

NAME               TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes         ClusterIP   10.96.0.1        <none>        443/TCP        5h16m
kubernetes-nginx   NodePort    10.105.177.114   <none>        80:31891/TCP   5s
  • View the details of the Service. You can get the ports exposed to the outside through the NodePort attribute;

kubectl describe services/kubernetes-nginx

Name:                     kubernetes-nginx
Namespace:                default
Labels:                   app=kubernetes-nginx
Annotations:              <none>
Selector:                 app=kubernetes-nginx
Type:                     NodePort
IP Families:              <none>
IP:                       10.106.227.54
IPs:                      10.106.227.54
Port:                     <unset>  80/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  30158/TCP
Endpoints:                172.17.0.7:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>
  • Through the CTRL command, you can access the Nginx service through the Minikube IP:NodePort IP. At this time, the Nginx home page information will be printed;

curl $(minikube ip):30158

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Use of labels

By adding labels to resources, you can easily manage resources (such as Deployment, Pod, Service, etc.).

  • View the labels contained in the Deployment;

kubectl describe deployment

Name:                   kubernetes-nginx
Namespace:              default
CreationTimestamp:      Tue, 05 Jan 2021 13:57:46 +0800
Labels:                 app=kubernetes-nginx
Annotations:            deployment.kubernetes.io/revision: 1
Selector:               app=kubernetes-nginx
Replicas:               1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        0
RollingUpdateStrategy:  25% max unavailable, 25% max surge
  • Query Pod through Label:

kubectl get pods -l app=kubernetes-nginx

NAME                                READY   STATUS    RESTARTS   AGE
kubernetes-nginx-78bcc44665-8fnnn   1/1     Running   1          21h
  • Query Service through Label:

kubectl get services -l app=kubernetes-nginx

NAME               TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes-nginx   NodePort   10.106.227.54   <none>        80:30158/TCP   4m44s
  • Add Label to Pod:

kubectl label pod $POD_NAME version=v1
  • To view the details of Pod, you can view the Label information:

kubectl describe pods $POD_NAME

Name:         kubernetes-nginx-78bcc44665-8fnnn
Namespace:    default
Priority:     0
Node:         minikube/192.168.49.2
Start Time:   Tue, 05 Jan 2021 13:57:46 +0800
Labels:       app=kubernetes-nginx
              pod-template-hash=78bcc44665
              version=v1
  • Query Pod through Label:

kubectl get pods -l version=v1
  • To delete a service through Label:

kubectl delete service -l app=kubernetes-nginx

NAME               TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes         ClusterIP   10.96.0.1       <none>        443/TCP        30h

Visual management

Dashboard is a web-based K8S user interface. You can use dashboard to deploy container applications to K8S clusters, troubleshoot container applications, and manage cluster resources.

  • View the Minikube built-in plug-in. By default, the Dashboard plug-in is not enabled:

minikube addons list

|-----------------------------|----------|--------------|
|         ADDON NAME          | PROFILE  |    STATUS    |
|-----------------------------|----------|--------------|
| dashboard                   | minikube | disabled     |
| default-storageclass        | minikube | enabled ✅   |
|-----------------------------|----------|--------------|
  • To enable the Dashboard plug-in:

minikube addons enable dashboard
  • When you open the Dashboard, the management page will not be opened through the -- url parameter, and you can get the access path on the console:

minikube dashboard --url

* Verifying dashboard health ...
* Launching proxy ...
* Verifying proxy health ...
http://127.0.0.1:44469/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
  • To access the Dashboard from the outside, you need to use kubectl to set the proxy, - address as your server address;

kubectl proxy --port=44469 --address='192.168.5.94' --accept-hosts='^.*' &
  • To access the server from the outside, you need to open the firewall port;

# Switch to root
su -
# Open port
firewall-cmd --zone=public --add-port=44469/tcp --permanent
# service iptables restart 
firewall-cmd --reload
  • You can access the Dashboard at the following address:

http://192.168.5.94:44469/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
  • View the resource status information in the K8S cluster:

image.png

  • Create K8S resources through yaml script:

image.png

  • View the status information of all pods in K8S. You can view the container log and execute internal commands through more buttons.

image.png

summary

When our application needs to be deployed on multiple physical machines, the traditional approach is to deploy one physical machine at a time. If we use K8S, we can consider these physical machines as a cluster. We only need to deploy applications to the cluster through K8S, and we don't need to care about the deployment details of physical machines. At the same time, K8S provides functions such as horizontal capacity expansion, automatic packing and automatic repair, which greatly reduces the workload of application cluster deployment.



Author: stay up late without overtime
Link: https://www.jianshu.com/p/8930396ee364
Source: Jianshu
The copyright belongs to the author. For commercial reprint, please contact the author for authorization, and for non-commercial reprint, please indicate the source.

Tags: Operation & Maintenance Docker Kubernetes

Posted on Sat, 30 Oct 2021 22:27:31 -0400 by kol090