Scribd
Upload
22 views159 pages

Buoi 20 02 Kubernetes-Architecture-slides

The document provides an overview of Kubernetes architecture, detailing its components such as Masters, Nodes, Pods, and Services. It explains the roles of various elements like the API server, kubelet, and kube-proxy, as well as the declarative model for managing desired states. Additionally, it highlights the importance of deployments and stable networking within Kubernetes clusters.

Uploaded by

huynhanthai31
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
22 views159 pages

Buoi 20 02 Kubernetes-Architecture-slides

The document provides an overview of Kubernetes architecture, detailing its components such as Masters, Nodes, Pods, and Services. It explains the roles of various elements like the API server, kubelet, and kube-proxy, as well as the declarative model for managing desired states. Additionally, it highlights the importance of deployments and stable networking within Kubernetes clusters.

Uploaded by

huynhanthai31
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 159

Kubernetes

Architecture
Big Picture View
Masters
Overvie Nodes
w Pods

Services

Deployments

The API and API

Server Recap
Up Next:
Kubernetes: Big Picture
Overview
Kubernetes: Big Picture
Overview
Tea
m
Tea
m
Tea
m

Manage
r
(coach)
Tea
m

RW HM
CH
S RB
Manage LW
r
(coach) CH AM
LB
S
S GK
1
S S
2 3
S S

Tea
m
AM

LW RW

Manage HM
r
(coach)
CH CH
LB RB

S
1 GK
S S
2 3
HTTPS HTTPS

Search Auth

K/V store MySQL

Log Load
balancer
Load
balancer

HTTPS
HTTPS

Auth

Search
Log

K/V store
MySQL
Load
balancer

HTTPS
HTTPS

Auth

Search Log

Node 1

Node 2

Node 3 K/V store


MySQL
K8s cluster
K8s cluster

k k

KV

apiserver{
k k
}

k k
K8s cluster

k k

KV

apiserver{
k k
}

k k
K8s cluster

k k

KV
<app>
apiserver{
k k
}

<YAML>
k k
Up
Next:
Masters
Master
s
Master
s
Also known as
head nodes
or the
control plane
Multi-master H/A control plane

Failure domain Failure domain Failure domain


A B C
H/A

Sweet spot
Desig
n

Follower Follower Leader
Hosted K8s control plane
Hosted K8s control plane

Performance
Availability
Updates/Upgrades
API Server Flags

Hidden

Exposed

Highly available API


Endpoint
K8s cluster

Cluster ops User/business apps


kube-apiserve
r KV

{}

Fe
kube-apiserve
r• Front-end to the KV
control plane

• Exposes the API


(REST)
apiserver{}
• Consumes JSON/YAML
Fe
Cluster
Store
• Persists cluster state Cluster store
and config KV

• Based on
etcd
• Performance is apiserver{}
critical
• Have recovery plans Fe
in place
Kube-controller-manager
• Controller of controllers Cluster store
• Node controller KV
• Deployment controller Controllers
• Endpoints/EndpointSlice
controller…
apiserver{}
• Watch loops
Fe
• Reconciles observed state
with desired state
Kube-scheduler
• Watches API Server for Cluster store
new work tasks KV
Scheduler Controllers

• Assigns work to cluster


nodes
• Affinity/Anti-affinity apiserver{}
• Constraints
• Taints Fe
• Resources…
Cluster store
KV
Scheduler Controllers

$kubectl apiserver{}

Fe
Up
Next:
Nodes
Nodes
k
Fe
k
Kubelet
• Main Kubernetes
agent
• Registers node with cluster
• Watches API Server for
k
work tasks (Pods)
Fe
• Executes Pods
• Reports back to Masters
Container runtime
• Can be
Docker
• Pluggable: Container
Runtime Interface (CRI)
k
• Docker, containerd, CRI-O, Fe
Kata…
• Low-level container intelligence
Kube-proxy

• Networking component
• Pod IP k
addresses

Fe
Kube-proxy

Stable Name and


IP
Kube-proxy
• Networking component k
• Pod IP addresses
• Basic Fe
load-balancing
k
k
Fe
k Kubelet
Main K8s agent

Container runtime
Docker, containerd, CRI-O, k
more…
Kube-proxy
Vital role in networking Fe
Nodeless Kubernetes
Pods run on cloud’s hosted container back-end
Up Next:
The Declarative Model & Desired
State
The Declarative Model and Desired
State
Declarative
model
Describe what you
want (desired state)
in a manifest
file
KV
Manifest

Desired apiserver{}
state

Fe
KV

apiserver{}

Fe
kind: Kitchen
spec:
type: New
location: Rear
style: OpenPlan
heating:
type: Underfloor
medium: Water
windows:
type: FloorToCeiling
aspect: South
doors:
type: FireDoor
accessTo: Garage
island: Yes
roofGarden: Yes

apiVersion: apps/v1
kind: Deployment
metadata:
name: test
spec:
replicas: 6
selector:
matchLabels: Declarative
app: ps-test (Declaring what you want)
template:
spec:
containers:
- name: c1
image: web1:1.3
ports: 8080
- containerPort
...
name: web
Desired state: 3
replicas: 3
Observed state:
...
3

Web Web Web


name: web
Desired state: 3
replicas: 3
Observed state:
...
3

Web Web
name: web
Desired state: 3
replicas: 3
Observed state:
...
2

Web Web
name: web
Desired state: 3
replicas: 3
Observed state:
...
2

Web Web Web


name: web
Desired state: 3
replicas: 3
Observed state:
...
3

Web Web Web


apiserver{}
name: web apiserver{}
replicas: 3
...
apiserver{}
apiserver{}

Web
apiserver{}

Web Web
apiserver{}

Web Web Web


apiserver{}
Desired state: 3
Observed state:
3

Web Web Web


apiserver{}
Desired state: 3
Observed state:
3

Watch
loops

Web Web Web


Up Next:
The Mighty Pod
The Mighty Pod
Virtual Machine Container Pod

Atomic units of scheduling


<app>
<hlpr> <app>
<hlpr> <app>
<hlpr> <app>

Kubernetes for Developers:


Integrating Volumes and Using Multi-container Pods
[S h a r e d e x e c u t i o n e n v]
Shared
access

[S h a r e d e x e c u t i o n e n v]
Shared
access

[S h a r e d e x e c u t i o n e n v]
8080 9090

10.0.0.17

8080 9090
8080 9090

localhost
8080 9090

localhost
Shared
access Network access

Tightly coupled Loosely coupled


When two containers (app When two containers (app
absolutely need don’t
services) to services) absolutely need
share vols, memory etc. to share resources
Shared
access Network access

Tightly coupled Loosely coupled


When two containers (app When two containers (app
absolutely need don’t
services) to services) absolutely need
share vols, memory etc. to share resources
Scaling
App ContaMinesrh
Container
Net

App Container Mesh Container

Main app ctr Helper ctr


App Container Mesh Container

Pod scheduled to single node

Fe
Phase: Phase: Phase: succeeded/failed
pending running
<app>
<app>
Annotations
Labels
Policies
Resources

Co-scheduling containers

Up Next:
Stable Networking with
Services
Stable Networking with
Services
<app>

10.0.0.5
<app>

10.0.0.7
5
<app>

10.0.0.7
<app>

10.0.0.7
<app> <app> <app> <app> <app>

10.0.0. 10.0.0. 10.0.0. 10.0.0.1 10.0.0.1


7 8 9 0 1
<app> <app> <app>

10.0.0. 10.0.0. 10.0.0.


7 8 9

10.0.0. 10.0.0. 10.0.0. 10.0.0.1


7 8 9 0
<app> <app> <app> <app>
App/
client

10.0.0. 10.0.0. 10.0.0. 10.0.0.1


7 8 9 0
<app> <app> <app> <app>
Unreliable Pod IPs

10.0.0. 10.0.0. 10.0.0. 10.0.0.1


7 8 9 0
<app> <app> <app> <app>
Unreliable Pod IPs

10.0.0. 10.0.0. 10.0.0. 10.0.0.1


7 8 9 0
<app> <app> <app> <app>
web web

Stable name and


IP

Load balancing

10.0.0. 1100..00
8 ..00..19
<app> 0 <app>
web web

Stable name and


IP

Load balancing

10.0.0. 10.0.0. 1100..00 10.0.0.1


7 8 ..00..19 1
<app> <app> 0 <app> <app>
web web

Stable name and


IP

Load balancing

1100..00 1100..00 10.0.0.1 10.0.0.1


..00..17 ..00..18 15
4
2 <app> 3 <app> 0 <app> <app>
Labels Labels are very simple and very
powerful!
web web

Stable name and


IP 10.0.0.9
0
pro pod <app>
d
pro
be
Load balancing1.3 d
be
1.3

10.0.0.1 10.0.0.1 10.0.0.1 10.0.0.1


2 3 4 5
<app> <app> <app> <app>

pro pro pro pro


d d d d
be be be be
1.3 1.3 1.3 1.3
web web

Stable name and


IP
pro
d
be
1.3

Load balancing

10.0.0.2 10.0.0.1 10.0.0.1 10.0.0.2


0 3 4 1
pod <app> <app> <app> pod <app>

pro pro pro pro


d d d d
be be be be
1.4 1.3 1.3 1.4
web web

Stable name and


IP
pro
d
be
1.4

Load balancing

10.0.0.2 10.0.0.1 10.0.0.1 10.0.0.2


0 3 4 1
pod <app> <app> <app> pod <app>

pro pro pro pro


d d d d
be be be be
1.4 1.3 1.3 1.4
web web

Stable name and


IP
pro
d
be
1.4

Load balancing

10.0.0.2 10.0.0.1 10.0.0.1 10.0.0.2


0 3 4 1
pod <app> <app> <app> pod <app>

pro pro pro pro


d d d d
be be be be
1.4 1.3 1.3 1.4
Only sends traffic to healthy Pods
Can do session affinity
Can send traffic to endpoints outside the cluster
Can do TCP and UDP
Up Next:
Game-changing
Deployments
Game-changing
Deployments
Advanced features

No advanced features <app>

Infrastructure Masters & Nodes


Stateless Stateful apps…
apps

One instance on every Time-based short-lived jobs


node
Deployment Controller/Reconciliation
loop
Watches API Server for new
Deployments
Implements them
observed state
Constantly compares with
desired state
Control plane

Cluster
store

apiserver{}
Control plane

Cluster
store

4
apiserver{}
Control plane

Cluster
4 store

4
apiserver{}
Control plane

Cluster
4 store

4
apiserver{}

Node 1 Node 2 Node 3 Node 4


Control plane

Cluster
4 store

4
Desired state
V apiserver{}
Observed state

Node 1 Node 2 Node 3 Node 4


Control plane
DEFCON
Cluster
1
4 store

4
Desired state
V apiserver{}
Observed state

pod

Node 1 Node 2 Node 3 Node 4


Control plane
DEFCON
Cluster
5
4 store

4
Desired state
V apiserver{}
Observed state
You/me

Node 1 Node 2 Node 3 Node 4


Manages updates, rollbacks…

Replica count, self-healing, previous


versions…

Labels, annotations, co-scheduling…

<app>
Control plane

Cluster
store

apiserver{}
Control plane

Cluster
store
Desired
state

apiserver{}
Control plane

Cluster
Desired
store
state

Desired
state

apiserver{}
Control plane

Cluster
Desired
store
state
Desired
state

apiserver{}

Node 1 Node 2 Node 3 Node 4


Control plane

Cluster
Desired
store
state

Desired
state
Desired state
V apiserver{}
Observed state

Node 1 Node 2 Node 3 Node 4


Up Next:
The K8s API and API
Server
The K8s API and API
Server
Atomic unit of scheduling Replica count

Updates and rollbacks Stable network abstraction


K8s cluster

{ API
}
api


K8s cluster

{ API
} (catalog)
api


K8s cluster

{ API
} (catalog)
api

Networking


K8s cluster

{ API
} (catalog)
api

Networking

Stateful apps


K8s cluster

{ API
} (catalog)
api


K8s cluster

{ API
} (catalog)
api
K8s cluster

{ API
} (catalog)
api

Deployment object definition


• API sub-group: [apps/v1]
• replicas (integer)
• minReadySeconds (integer)
• progressDeadlineSeconds (integer)
• paused (boolean)
• revisionHistoryLimit (integer)
• selector (LabelSelector)
• strategy (DeploymentStrategy)
• template (PodTemplateSpec)
K8s cluster

{ API
} (catalog)
api

HTTP methods/verbs
apiserver{} $ kubectl
REST
HTTPS


K8s cluster

{ API
} (catalog)
api

core workloads/apps

HTTP methods/verbs
apiserver{} $ kubectl
storage.k8s.io networking.k8s.io REST
HTTPS

More…
Up Next:
Epic Recap
Epic Recap
Tea
m
Tea
m
Tea
m

Manage
r
(coach)
Tea
m

RW HM
CH
S RB
Manage LW
r
(coach) CH AM
LB
S
S GK
1
S S
2 3
S S

Tea
m
AM

LW RW

Manage HM
r
(coach)
CH CH
LB RB

S
1 GK
S S
2 3
K8s cluster

Control plane Worker nodes


K8s cluster

Control plane Worker nodes

H/A Masters Nodes


K8s cluster

Control plane Worker nodes

Gateway to API { { {
Nodes
} } }
api api api
Cluster store
(state)
Scheduler (assigns

work) Controllers (watch

loops)
H/A Masters
K8s cluster

Control plane Worker nodes

Gateway to API { { { k k k k Main K8s agent

} } } Container runtime
api api api
Cluster store
(state) Kube-proxy (networking)

Scheduler (assigns work)


Nodes
Controllers (watch loops)

H/A Masters
K8s cluster

Control plane

Worker nodes

{ { {
} } }
api api api

k k k k

H/A Masters Nodes


Up Next:
Getting
Kubernetes

You might also like