Kubenetes Notes - csvsoft/googlecloud GitHub Wiki
- kube-apiserver A component that exposes K8S API
- kube-scheduler components that watch newly created pods with NO nodes assigned, and select nodes to run them on.
- kube-controller-manager
- replication-controller
- Node controller
- Endpoints Controller
- Service Account & Token Controllers
- cloud-controller-manager interacts with underlying cloud provider
- kubelet A K8S agent that runs on the node to make sure pods are running on that node.
- kube-proxy A network proxy that runs on the node, it is responsible for request forwarding.
- containter-runtime The runtime for running containers such as Docker, rktlet,containerd
Addon are pods and services that implements cluster features, examples:
- DNS Server
- DashBoard UI
- Container Resource Monitoring
- Cluster-Level Logging
A Pod represents an application instance that is running in the kubernetes cluster.
- It is the smallest and simplest model that you can create and deploy
- It encapsulates the applications container(s)
- A set of storage resources(volumes)
- Unique IP address
- Options on how to run the container
- A Pod’s contents are always co-located and co-scheduled, and run in a shared context
- One pod may contain one or more tightly-coupled containers(advance use case)
- It could have multiple replications created by controllers
Pod templates are pod specifications which are included in other objects. Pod controllers will take the templates and create live pods.
NameSpace provides a way of grouping kubernetes resources, which is being used to provide virtual k8s clusters. Initial Namespaces
- Default
- Kube-system
- kube-public
*** Not all resources are in namespace, node, storage volume are not namespaced ** View namespace
kubectl get namespaces
Set namespace for a request
kubectl --namespace=<yournamespace> run nginx --image=nginx
# Set namespace permnantly for context
kubectl config set-context <context> --namespace=<yournamespace>
kubectl config view
## Check resources namespaced or not
kubectl api-resources --namespaced=<true|false>
Labels are name value pairs that are attached to objects, they are used to specify identifying attributes that are meaningful to users. The motivation is that is enable users to map their own organizational structures onto system objects in a loosely coupled fashion, without requiring clients to store these mappings.
apiVersion: v1
kind: Pod
metadata:
name: label-demo
labels:
environment: production
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80Label selector is used to identify a set of objects, selector operator
- =
- !=
- in
- notin
nodeSelector:
partition in (customerA, customerB),environment!=qakubectl get pods -l environment=production,tier=frontend
kubectl get pods -l 'environment in (production,qa)'Annotations is the metadata that could be attached to kubenetese objects.
apiVersion: v1
kind: Pod
metadata:
name: annotations-demo
annotations:
imageregistry: "https://hub.docker.com/"
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80Field selectors let you select Kubernetes resources based on the value of one or more resource fields.
Supported field selectors vary by K8S resource types.
All resource types support the
- metadata.name
- metadata.namespace.
kubectl get pods,deployments --fieldSelector 'metadata.name=redis, metadata.namespace!=default'A node is a worker machine in Kubernetes, it is a VM or physical machine, a node is not inherently created by Kube rnetes: it is created externally by cloud providers Node status:
- Addresses: name, internalIP, externalIP
- Conditions
- Capacity and allocatable
- Info
- connect to cluster in goole cloud CLI
gcloud container clusters get-credentials ignite-cluster-1 --zone us-central1-a --project vernal-tracer-229402- Get nodes in the cluster
kubectl get nodes
- Get RBAC
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin --user [YOUR_email_address]
# create name space
kubectl create -f ignite-namespace.yaml