Alan Zhan Blog

Live for nothing, or die for something

It’s finally time to dive deep into Kubernetes. Since Kubernetes is built with Go, I’ve already done some in-depth research on Go beforehand. I won’t be covering Docker and container technology here since I’ve already studied those extensively. If you’d like to see that content, let me know! From here on, I’ll be writing a series of articles focused on Kubernetes.

Kubernetes

What is Kubernetes (K8s)? K8s is the abbreviation for Kubernetes — because there are eight letters between “K” and “s.” It’s Google’s open-source container cluster management system, the open-source version of Google’s years of large-scale container management technology called Borg. Its main features include:

  • Container-based application deployment, maintenance, and rolling updates.
  • Load balancing and service discovery.
  • Cross-machine and cross-region cluster scheduling.
  • Auto-scaling.
  • Stateless and stateful services.
  • Plugin mechanism for extensibility.

Imperative VS Declarative

  • Imperative: An imperative system specifies explicit steps to solve a problem, complete a task, or achieve a goal. This approach explicitly tells the system to execute a specific command and expects a desired result. Think of a TV remote commanding the TV.
  • Declarative: A declarative system focuses on what to do, not how to do it. You only describe what goal to achieve, and the system handles how to get there. Think of an AC remote controlling the air conditioner.

You might wonder — aren’t I learning Kubernetes? Why are we discussing this? It’s because Kubernetes is built as a declarative system. We won’t go deep into the pros and cons of imperative vs. declarative here, but feel free to explore that on your own.

Core Objects

  • Pod: Describes an application instance, including image address, resource requirements, etc. The most core object in Kubernetes and the secret weapon connecting applications to infrastructure.
  • Namespace: The basic unit of resource isolation. Think of it as a directory structure in a filesystem or a namespace in a programming language.
  • Node: An abstraction of a compute node, describing resource abstraction, health status, etc.
  • Service: How applications are published as services — essentially declarations for load balancing and DNS services.

Pod

The word “Pod” means a seed pod. Why this name? Because a pod wraps multiple seeds together, making them a unit.

  • A Pod is a tightly coupled group of containers that share PID, IPC, Network, and UTS namespaces. It’s the basic scheduling unit in Kubernetes.
  • Pods are designed to support multiple containers sharing network and filesystem within a single Pod, enabling simple and efficient service composition through inter-process communication and file sharing.
  • Different containers within the same Pod can share resources:
    • Shared network namespace
    • Shared storage via Volume mounts
    • Shared Security Context

Namespace

A Namespace is an abstract collection of resources and objects, used to divide system objects into different groups or user groups.

Common resources like Pods, Services, Replication Controllers, and Deployments belong to a namespace (default is “default”), while Nodes and PersistentVolumes do not belong to any namespace.

Node

In the Kubernetes world, a Node typically represents a physical or virtual machine used to run Pods. To manage Pods, each Node must run at least a container runtime, kubelet, and kube-proxy. Nodes can be divided into master nodes and worker nodes.

  • Master node: Kubernetes’ command center, responsible for managing all nodes. It contains the following important components:
    • kube-apiserver
      • Manages all APIs needed by Kubernetes.
      • Acts as the communication bridge between nodes.
      • Handles request authentication and authorization in Kubernetes.
    • etcd
      • A powerful, stable, highly available key/value store used by Kubernetes for persistent storage of all API objects.
    • kube-controller-manager
      • Runs all controllers that handle routine cluster tasks, including Node Controller, Replication Controller, etc.
      • Controller manager monitoring and update attempts all go through kube-apiserver.
    • kube-scheduler
      • Monitors newly created Pods and assigns them to nodes.
  • Worker node:
    • kubelet
      • The node’s manager, responsible for managing the state of all Pods on the node and communicating with the master.
    • kube-proxy
      • The node’s messenger, responsible for updating the node’s iptables so other objects in the Kubernetes cluster can learn the latest state of Pods on this node.
    • Container Runtime
      • The runtime that can execute containers, e.g., Docker.

Service

A Service is an abstraction of an application service. It provides load balancing and service discovery for applications through labels. The IPs and ports of Pods matching the labels form endpoints, and kube-proxy is responsible for load balancing service IPs to these endpoints.

Each Service is automatically assigned a cluster IP (a virtual address accessible only within the cluster) and a DNS name. Other containers can access the service through this address or DNS without needing to know the details of the underlying containers.

Conclusion

Today I’ve shared the basic components and foundational knowledge of Kubernetes. If you’re interested, feel free to install Kubernetes on your own. I’ll continue with a series of articles, so stay tuned!

Feel free to leave a comment on my blog. Your feedback motivates me to keep writing. Thank you for reading, and let’s grow together to become better versions of ourselves.

References

avatar

Senior Software Developer

FEATURED TAGS
algorithm docker dockerfile dynamic-programing gc golang index invest kubernetes leetcode leetcode-easy leetcode-hard leetcode-medium mongodb reading tech terraform