Kubernetes
Kubernetes is an open-source platform that automates the lifecycle of containerised applications. It enables you to deploy, manage and scale up or down as needed.
Running managed and supported Kubernetes clusters in the cloud can greatly benefit your organisation. Save time and money on engineering and development. Provide a standardised interface for running containers. Simplify training and encounter a wide pool of talent when recruiting. Not yet ready for the cloud or need to co-locate? Kubernetes can also be run on-premise!
Contact us about launching Kubernetes into your organisation, or providing expert services for your existing clusters.
Architecture
Kubernetes is built on a client-server architecture. The Kubernetes control plane is made up of several components, including the API server, etcd, kube-scheduler, and kube-controller-manager. These components work together to manage the cluster's state and schedule applications across the nodes.
API Server
The API server is the main management interface for Kubernetes. It exposes the Kubernetes API, which is used by clients to interact with the cluster.
etcd
etcd is a key-value store that stores the cluster's state, such as pod and node information.
kube-scheduler
kube-scheduler is responsible for scheduling pods on nodes based on resource requirements and availability.
kube-controller-manager
kube-controller-manager manages the cluster's state, such as scaling up or down replicas.
This may give you the impression that there are lot of moving parts to worry about, but in a vendor-supported cluster, all of these elements are taken care of for you, leaving your organisation free to focus on what matters: shortening the time to deploy its products and services to market and enjoying the stability that comes from a self-healing platform.
Kubernetes Objects
Kubernetes uses a declarative approach to managing applications. You define the desired state of your application using objects, such as pods, services, and deployments. Kubernetes ensures the current state of the application matches the desired state by continuously monitoring and reconciling any differences.
Pods are the smallest unit of deployment in Kubernetes. They represent a single instance of an application and can run one or more containers. They are typically not used outside out of a Deployment, since there is no self-healing, scaling or high-availability.
Deployments manage the lifecycle of pods, such as scaling up or down replicas or rolling out updates.
Services provide a stable IP address and DNS name for a set of pods, allowing them to communicate with each other.
Kubernetes also supports several other objects, such as ConfigMaps, Secrets, and Persistent Volumes, to manage application configurations, sensitive data, and storage requirements. If the wide array of built-in objects do not satisfy your organisation’s requirements, it also possible to create Custom Resource Definitions (CRDs) that can do almost anything imaginable.
Networking
Kubernetes networking is a complex topic, but it is essential to understand how it works to deploy and manage applications effectively. Kubernetes uses a virtual, software-defined network overlay to allow pods to communicate with each other, regardless of the node they are running on. Pod networks can be segregated from the network of the node they are running on, allowing for fine-grained control over ingress and egress.
Kubernetes also provides several networking plugins to implement different network topologies, such as overlay and host networking.
Security
Security is a critical aspect of any platform. Kubernetes provides several security features to protect the cluster from unauthorised access and attacks. Some of these features include Role-Based Access Control (RBAC) to restrict access to resources based on user roles, network policies to enforce network segmentation and access control, and secrets management to securely store and distribute sensitive data.
Kubernetes also provides several security enhancements, such as container image signing and verification, pod security policies to restrict privileged access, and admission controllers to enforce custom security policies during deployment.
Conclusion
Kubernetes is a powerful container orchestration platform that can help you deploy and manage applications at scale. It makes it easy to define and manage complex deployment scenarios. With its built-in networking and security features, Kubernetes is a versatile platform that can be used in a wide range of use cases, but is particularly suitable for running applications with a microservice architecture.