Kubernetes 101: The Ultimate Guide to Container Orchestration

Kubernetes is an open-source orchestration system for Docker containers, initially developed by Google. It automates the deployment, scaling, and management of containerized applications. Kubernetes ensures the desired state of containers and manages their lifecycle across a cluster of nodes such as

• Start Containers on Specific Nodes.
• Restart Containers when they are Killed.
• Move containers one Node to Another.

Why are Orchestration tools needed?

Kubernetes helps in automating the manual tasks, following can be the issues if orchestrating tools are not used:

Without orchestration tools like Kubernetes, managing containerized applications manually can lead to various issues:

• Inefficient resource utilization
• Lack of automated recovery and scaling
• Complex updates and rollbacks
• Manual handling of configuration and secrets

Key Features of Kubernetes

• Automated Scheduling: Efficiently places containers based on resource requirements and constraints.
• Self-Healing: Restarts failed containers and replaces them as needed.
• Auto Upgrade and Rollback: Manages updates and rollbacks automatically.
• Horizontal Scaling: Scales applications up or down based on demand.
• Storage Orchestration: Manages storage resources for stateful applications.
• Secret & Configuration Management: Securely manages sensitive information and application configuration.

You can Run Kubernetes Anywhere

• On-Premise(Own DataCenter)
• Public Cloud(Google, AWS, Azure, DigitalOcean…)
• Hybrid Cloud

Kubernetes Architecture

Kubernetes follow the Master — Slave(Worker) Node Architecture.

Master Node

The master node is responsible for managing the Kubernetes cluster. It serves as the entry point for all administrative tasks and consists of several key components:

• API Server: Exposes the Kubernetes API. It processes REST commands and updates the cluster’s state in the distributed key-value store (etcd).
• Controller Manager: Manages various controllers that regulate the state of the cluster, ensuring the desired state matches the actual state.
• Scheduler: Assigns tasks to worker nodes based on resource availability and workload requirements.
• etcd: A distributed key-value store that holds the configuration data and state of the cluster.

Worker Node

Worker nodes run the containerized applications and consist of the following components:

• Kubelet: An agent that ensures containers are running in a Pod as expected.
• Kube-Proxy: Manages network rules and load balancing for services on the node.
• Pods: The smallest deployable units, representing a group of one or more containers that share storage and network resources.

Core Kubernetes Components and Their Roles

Pods

Pods are the fundamental units of deployment in Kubernetes, representing a single instance of a running process in the cluster. They can contain one or more containers that share the same network namespace and storage volumes.

Deployments

Deployments provide declarative updates to applications. They manage the desired state of Pods, ensuring the correct number of replicas are running and facilitating rolling updates and rollbacks.

Services

Services in Kubernetes define a logical set of Pods and a policy by which to access them. Services provide stable IP addresses and DNS names, enabling communication between different components of an application.

StatefulSets

StatefulSets manage stateful applications, ensuring each Pod has a unique, persistent identity and stable network identifiers.

DaemonSets

DaemonSets ensure that a copy of a Pod runs on all (or some) nodes in the cluster. They are typically used for logging, monitoring, or other node-specific tasks.

Ingress

Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. It provides load balancing, SSL termination, and name-based virtual hosting.

Hands-On with Kubernetes Using Minikube

Minikube is a tool that allows you to run Kubernetes locally. It creates a single-node Kubernetes cluster inside a VM on your local machine, perfect for development and testing.

Setting Kubernetes with MiniKube

Minikube is used to run Kubernetes locally. The minikube runs a single node kubernetes cluster inside the Linux VMs. Since it’s a single node cluster, we will not use it in production servers.

Setting Up Minikube on Ubuntu

Install Kubectl: The command-line interface for interacting with the Kubernetes cluster.

curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" chmod +x kubectl sudo mv kubectl /usr/local/bin/

Install Minikube:

curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 \ && chmod +x minikube \ && sudo install minikube /usr/local/bin/

Start Minikube:

minikube start --memory 4000 --cpus 2

minikube start --memory 4000 --cpus 2
😄  minikube v1.3.1 on Redhat 7.6
💿  Downloading VM boot image ...
minikube-v1.3.0.iso.sha256: 65 B / 65 B [--------------------] 100.00% ? p/s 0s
minikube-v1.3.0.iso: 131.07 MiB / 131.07 MiB [-------] 100.00% 5.73 MiB p/s 23s
🔥  Creating virtualbox VM (CPUs=2, Memory=4000MB, Disk=20000MB) ...
🐳  Preparing Kubernetes v1.15.2 on Docker 18.09.8 ...
💾  Downloading kubeadm v1.15.2
💾  Downloading kubelet v1.15.2
🚜  Pulling images ...
🚀  Launching Kubernetes ... 
⌛  Waiting for: apiserver proxy etcd scheduler controller dns
🏄  Done! kubectl is now configured to use "minikube"

Check the minikube status — minikube status.

minikube status

Interact with the cluster using kubectl command.

Some of the commands to check the k8 cluster status and details.

• kubectl get nodes
• kubectl get pods — all-namespaces
• kubectl get componentstatus
• kubectl get pods

Pods with system namespace will not be displayed. Use the command with — all-namespaces. This will display all the services running under system namespace.

kubectl get pods --all-namespaces
NAMESPACE     NAME                               READY   STATUS    RESTARTS   AGE
kube-system   coredns-5c98db65d4-672sq           1/1     Running   0          2m2s
kube-system   coredns-5c98db65d4-kkz69           1/1     Running   0          2m2s
kube-system   etcd-minikube                      1/1     Running   0          52s
kube-system   kube-addon-manager-minikube        1/1     Running   0          74s
kube-system   kube-apiserver-minikube            1/1     Running   0          71s
kube-system   kube-controller-manager-minikube   1/1     Running   0          66s
kube-system   kube-proxy-7zcl9                   1/1     Running   0          2m2s
kube-system   kube-scheduler-minikube            1/1     Running   0          69s
kube-system   storage-provisioner                1/1     Running   0          2m

Enable Add-ons:

Enable the heapster & ingress addons for the cluster. And check the enabled services for the cluster.

minikube addons enable heapster
minikube addons enable ingress
minikube service list
|----------------------|---------------------------|-----------------------------|
|      NAMESPACE       |           NAME            |             URL             |
|----------------------|---------------------------|-----------------------------|
| default              | kubernetes                | No node port                |
| default              | nginx                     | http://192.168.99.109:32259 |
| kube-system          | heapster                  | No node port                |
| kube-system          | kube-dns                  | No node port                |
| kube-system          | monitoring-grafana        | http://192.168.99.109:30002 |
| kube-system          | monitoring-influxdb       | No node port                |
| kubernetes-dashboard | dashboard-metrics-scraper | No node port                |
| kubernetes-dashboard | kubernetes-dashboard      | No node port                |
|----------------------|---------------------------|-----------------------------|

Now that you’re able to access the K8 cluster.

Core Kubernetes Components and Their Roles

Understanding YAML Structure in Kubernetes

In Kubernetes, resources are defined using YAML (or JSON) files. These files describe the desired state of the resource. Key elements of a YAML file include apiVersion, kind, metadata, and spec. Let's break down these components:

1. apiVersion: Specifies the API version of the Kubernetes resource. This is important as Kubernetes evolves, and different versions might support different features.
2. kind: Specifies the type of Kubernetes resource (e.g., Pod, Deployment, Service).
3. metadata: Provides metadata about the resource, including its name, namespace, and labels. This helps in identifying and organizing resources.
4. spec: Defines the desired state of the resource. This includes specific configurations and settings.

Pods

A Pod is the smallest deployable unit in Kubernetes. Here’s a simple Pod manifest with detailed explanations:

pod.yaml

apiVersion: v1              # Uses the core API group
kind: Pod                   # Specifies that this is a Pod resource
metadata:
  name: my-pod              # Name of the Pod
  labels:                   # Labels to categorize and select the Pod
    app: my-app
spec:                       # Desired state of the Pod
  containers:
  - name: my-container      # Name of the container inside the Pod
    image: nginx:latest     # Docker image to use for the container
    ports:
    - containerPort: 80     # Port on which the container listens

To create this Pod, save the above YAML to a file named pod.yaml and apply it using kubectl:

kubectl apply -f pod.yaml   # Apply the configuration and create the Pod

You can check the status of the Pod with:

kubectl get pods            # Lists all Pods in the default namespace

Deployments

Deployments manage the deployment and scaling of a set of Pods. Here’s an example Deployment manifest:

deployment.yaml

apiVersion: apps/v1         # Uses the apps API group
kind: Deployment            # Specifies that this is a Deployment resource
metadata:
  name: my-deployment       # Name of the Deployment
  labels:
    app: my-app
spec:
  replicas: 3               # Number of Pod replicas
  selector:
    matchLabels:
      app: my-app           # Selector to match the Pods managed by this Deployment
  template:                 # Template for the Pods managed by this Deployment
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx:latest
        ports:
        - containerPort: 80

Apply the Deployment manifest with:

kubectl apply -f deployment.yaml   # Apply the configuration and create the Deployment

Check the status of the Deployment and its Pods with:

kubectl get deployments            # Lists all Deployments in the default namespace
kubectl get pods                   # Lists all Pods in the default namespace

Services

Services expose a set of Pods as a network service. Here’s an example Service manifest:

service.yaml

apiVersion: v1                     # Uses the core API group
kind: Service                      # Specifies that this is a Service resource
metadata:
  name: my-service                 # Name of the Service
spec:
  selector:
    app: my-app                    # Selector to match the Pods to be exposed by this Service
  ports:
  - protocol: TCP
    port: 80                       # Port on which the Service is exposed
    targetPort: 80                 # Port on the Pod to which traffic should be directed
  type: NodePort                   # Exposes the Service on each Node's IP at a static port

Apply the Service manifest with:

kubectl apply -f service.yaml      # Apply the configuration and create the Service

To access the service, you can use the minikube service command which opens the service in your default browser:

minikube service my-service        # Open the service in the default browser

StatefulSets

StatefulSets manage stateful applications and provide unique identities to their Pods. Here’s an example StatefulSet manifest:

statefulset.yaml

apiVersion: apps/v1                # Uses the apps API group
kind: StatefulSet                  # Specifies that this is a StatefulSet resource
metadata:
  name: my-statefulset             # Name of the StatefulSet
spec:
  serviceName: "nginx"             # Name of the Service that governs this StatefulSet
  replicas: 3                      # Number of Pod replicas
  selector:
    matchLabels:
      app: nginx                   # Selector to match the Pods managed by this StatefulSet
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx
        ports:
        - containerPort: 80
  volumeClaimTemplates:            # Template for the PersistentVolumeClaim
  - metadata:
      name: my-storage
    spec:
      accessModes: [ "ReadWriteOnce" ]
      resources:
        requests:
          storage: 1Gi

Apply the StatefulSet manifest with:

kubectl apply -f statefulset.yaml  # Apply the configuration and create the StatefulSet

Check the status with:

kubectl get statefulsets           # Lists all StatefulSets in the default namespace
kubectl get pods                   # Lists all Pods in the default namespace

DaemonSets

DaemonSets ensure that a copy of a Pod runs on all or some nodes in the cluster. Here’s an example DaemonSet manifest:

daemonset.yaml

apiVersion: apps/v1                # Uses the apps API group
kind: DaemonSet                    # Specifies that this is a DaemonSet resource
metadata:
  name: my-daemonset               # Name of the DaemonSet
  labels:
    app: my-app
spec:
  selector:
    matchLabels:
      app: my-app                  # Selector to match the Pods managed by this DaemonSet
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: fluentd:latest      # Docker image to use for the container
        ports:
        - containerPort: 24224     # Port on which the container listens

Apply the DaemonSet manifest with:

kubectl apply -f daemonset.yaml    # Apply the configuration and create the DaemonSet

Check the status with:

kubectl get daemonsets             # Lists all DaemonSets in the default namespace
kubectl get pods                   # Lists all Pods in the default namespace

Ingress

Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Here’s an example Ingress resource:

First, ensure that the ingress controller is enabled in Minikube:

minikube addons enable ingress

Then create an Ingress resource:

ingress.yaml

apiVersion: networking.k8s.io/v1   # Uses the networking API group
kind: Ingress                      # Specifies that this is an Ingress resource
metadata:
  name: my-ingress                 # Name of the Ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: myapp.local              # Hostname for the Ingress rule
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service       # Name of the Service to route traffic to
            port:
              number: 80           # Port on the Service to route traffic to

Apply the Ingress manifest with:

kubectl apply -f ingress.yaml      # Apply the configuration and create the Ingress

To access the service via the Ingress, add the following entry to your /etc/hosts file (requires root privileges):

<minikube_ip> myapp.local

You can get the Minikube IP with:

minikube ip

Then access http://myapp.local in your browser.

Access the Kubernetes Dashboard:

To access the Kubernetes dashboard using a web browser, you typically need to follow these steps:

Start the Kubernetes Dashboard: If you haven’t already deployed the Kubernetes dashboard, you can do so by running the following command:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml

Access the Dashboard: After deploying the dashboard,

Get the Access Token: To authenticate with the dashboard, you’ll need to retrieve an access token. You can obtain the token by running the following command in a separate terminal window
Create the following configuration and save it as dashboard-admin.yaml file. Note that indentation matters in the YAML files, which should use two spaces in a regular text editor.

nano dashboard-admin.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

Once set, save the file and exit the editor.

Then deploy the admin user role with the next command.

kubectl apply -f dashboard-admin.yaml

You should see a service account and a cluster role binding created.

serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created

Using this method doesn’t require setting up or memorising passwords, instead, accessing the dashboard will require a token.

Get the admin token using the command below.

 kubectl create token admin-user -n kubernetes-dashboard

This command retrieves the access token for the admin-user service account.

you can access it using kubectl port-forwarding:

kubectl proxy

Running kubectl proxy — This will create dashboard

Access the Dashboard URL: Once you have the access token, you can access the Kubernetes dashboard URL by navigating to the following address in your web browser

http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

This URL will redirect you to the Kubernetes dashboard login page.

Sign in dashboard with Token. Voila !

Accessing Resources: Once logged in, you can navigate through different Kubernetes resources using the dashboard interface.

Stopping the dashboard

User roles that are no longer needed can be removed using the delete method.

kubectl delete -f dashboard-admin.yaml
kubectl delete -f dashboard-read-only.yaml

Likewise, if you want to disable the dashboard, it can be deleted just like any other deployment.

kubectl delete -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml

The dashboard can then be redeployed at any time following the same procedure as before.

Deploying a Website Using Kubernetes and Nginx

In the this part of tutorial, we will explore how to utilize Kubernetes to deploy a website using Nginx and manage it with the Kubernetes dashboard.

Deploy Nginx web server public image. Image will gets download from DockerHub if not locally available. And expose the pod to access it from browser.

Deploying Nginx

Create an Nginx Deployment:

kubectl create deployment nginx --image=nginx --port=80

Expose the Deployment and Access the Nginx Service:

kubectl expose deployment nginx --type NodePort --port 80
minikube service nginx

minikube service nginx will launch the web browser to test the service.

Summary

In this blog, we explored about Kubernetes and how we can utilise minikube to manages conatiner and ingress for different services.

But wait, there’s more to explore!

In upcoming articles, I’ll delve into exciting topics like Ansible, Helm charts, and beyond. Your feedback and questions are invaluable, so feel free to share as I continue this learning adventure. Stay curious, and let’s keep building amazing things! 🚀

Thank You for reading

Please give 👏🏻 Claps if you like the blog.

Made with ❤️by Vaibhav Hariramani

• If you enjoyed this, follow me on Medium for more
• Follow me on Kaggle for more content!
• Let’s connect on LinkedIn
• Interested in collaborating?
• Check out my website.
• Check out my other website.

Don’t forget to tag us

if you find this blog beneficial for you don’t forget to share it with your friends and mention us as well. And Don’t forget to share us on Linkedin, instagram, facebook , twitter, Github

More Resources

To learn more about these Resources you can Refer to some of these articles written by Me:-

• Medium
• geeky Traveller
• Blogs
• Youtube
• Email: vaibhav.hariramani01@gmail.com

Do Checkout My other Blogs

Do find time check out my other articles and further readings in the reference section. Kindly remember to follow me so as to get notified of my publications.

AKS

Deploying Azure Kubernetes Service (AKS) with Terraform

GEEKY TRAVELLER — Face Detection

Vaibhav’s Blog

Do Checkout My Youtube channel

GHUMMAKKAD BAWA

GEEKY BAWA

Follow me

on Linkedin, instagram, facebook , twitter, Github

Happy coding ❤️ .