From this article, you will learn the basic concepts of Kubernetes so you can have a modern, safe and reliable production infrastructure in the cloud without handling all the hassle of old DevOps solutions.

Why we use Kubernetes at RisingStack, and why you should start learning it?

When our clients ask us to create a highly available distributed system, we usually recommend Kubernetes, because it's easy to use and even though it has a steep initial learning curve, it's still a lot more simple than other competing orchestration engines.

(FYI, you can reach out to us if your company needs help with Kubernetes at [email protected])

Kubernetes works perfectly with Node apps because it's based on Docker, so you can run any kind of application with it.

What is Kubernetes?

Kubernetes (commonly referred to as K8s) is an orchestration engine for container technologies such as Docker and rkt that is taking over the DevOps scene in the last couple of years. It is already available on Azure and Google Cloud as a managed service.

Kubernetes can speed up the development process by making easy, automated deployments, updates (rolling-update) and by managing our apps and services with almost zero downtime. It also provides self-healing. Kubernetes can detect and restart services when a process crashes inside the container. Kubernetes is originally developed by Google, it is open-sourced since its launch and managed by a large community of contributors.

Any developer can package up applications and deploy them on Kubernetes with basic Docker knowledge.

Words you need to know get started with Kubernetes

Kubectl:

  • a CLI tool for Kubernetes

kubernetes-kubectl

Master Node:

  • The main machine that controls the nodes
  • Main entrypoint for all administrative tasks
  • It handles the orchestration of the worker nodes

kubernetes-master-node

Worker Node:

  • It is a worker machine in Kubernetes (used to be known as minion)
  • This machine performs the requested tasks. Each Node is controlled by the Master Node
  • Runs containers inside pods
  • This is where the Docker engine runs and takes care of downloading images and starting containers

kubernetes-worker-node

Kubelet:

  • Primary node agent
  • Ensures that containers are running and healthy

kubernetes-kubelet

So far our explanatory figures were not entirely correct. Kubernetes does not schedule containers directly, but Pods which describes how to run one or multiple containers simultaneously.

Kubernetes Pod:

  • A Pod can host multiple containers and storage volumes
  • Pods are instances of Deployments (see Deployment)
  • One Deployment can have multiple pods
  • With Horizontal Pod Autoscaling, Pods of a Deployment can be automatically started and halted based on CPU usage
  • Containers within the same pod have access to shared volumes
  • Each Pod has its unique IP Address within the cluster
  • Pods are up and running until someone (or a controller) destroys them
  • Any data saved inside the Pod will disappear without a persistent storage

kubernetes-pod-new

Deployment:

  • A deployment is a blueprint for the Pods to be create (see Pod)
  • Handles update of its respective Pods.
  • A deployment will create a Pod by it’s spec from the template.
  • Their target is to keep the Pods running and update them (with rolling-update) in a more controlled way.
  • Pod(s) resource usage can be specified in the deployment.
  • Deployment can scale up replicas of Pods.

kubernetes-deployment

Secret:

  • A Secret is an object, where we can store sensitive informations like usernames and passwords.
  • In the secret files, values are base64 encoded.
  • To use a secret, we need to refer to the secret in our Pod.
  • Or we can put it inside a volume and mount that to the container.
  • Secrets are not encrypted by default. For encryption we need to create an EncryptionConfig.

You can read more about encryption here

Service:

  • A service is responsible for making our Pods discoverable inside the network or exposing them to the internet
  • A Service identifies Pods by its LabelSelector

There are 3 types of services:

ClusterIP:
- The deployment is only visible inside the cluster
- The deployment gets an internal ClusterIP assigned to it
- Traffic is load balanced between the Pods of the deployment

Node Port:
- The deployment is visible inside the cluster
- The deployment is bound to a port of the Master Node
- Each Node will proxy that port to your Service
- The service is available at http(s)://:/
- Traffic is load balanced between the Pods of the deployment

Load Balancer:
- The deployment gets a Public IP address assigned
- The service is available at http(s)://:<80||42>/
- Traffic is load balanced between the Pods of the deployment

What do we need to get started with Kubernetes?

Kubernetes with Docker

We will need Docker. You can download it here. I recommend installing the Stable version. With the following commands you can make sure Docker is working correctly:

$ docker --version
$ docker run hello-world

Set up Azure to work with Kubernetes on OSX:

  1. If you don't have homebrew, install it first
 $ /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
  1. Make sure Python 3 or later is installed
 $ python -v

If Python is not installed on your system you can download it from their website.

  1. Install Azure-CLI
 $ brew update && brew install azure-cli
 # if the installer is unable to find Python packages
 $ brew link --overwrite python3
  1. Login to Azure

Run the following command and you will get an URL and Authentication code.

 $ az login

The URL will direct you to a page in your browser where you’ll need to enter the code you got. If the login process is successful, you will see a JSON object in your terminal with information of your account.

  1. Enable service providers

You need to enable Azure Service providers to create a cluster.

 $ az provider register -n Microsoft.Network
 $ az provider register -n Microsoft.Storage
 $ az provider register -n Microsoft.Compute
 $ az provider register -n Microsoft.ContainerService
  1. Create a resource group

Azure resources are deployed and managed by resource groups. When you create a new resource group, you need to give it a name and specify the resource group’s location.

 $ az group create --name <resource_group_name> --location <location>
 # locations: eastus, westeurope, centralus, canadacentral, canadaeast
  1. Create AKS cluster

The following command will create a cluster with one node.

 $ az aks create --resource-group resource_group_name --name cluster_name --node-count 1 --generate-ssh-keys
 # this process could take several minutes
 # the command will return with a JSON containing information of the cluster
  1. Connect to the cluster

First you need to install the kubernetes CLI tool, then pass your cluster’s credentials to kubectl.

 # install the kubectl CLI
 $ az aks install-cli
 # pass your AKS Cluster credentials to kubectl
 $ az aks get-credentials --resource-group resource_group_name --name cluster_name

To test whether kubectl has successfully connected to the cluster, run:

 $ kubectl get nodes

If it’s okay, the response should be something like this:

NAME              STATUS    ROLES     AGE       VERSION
aks-nodepool1-0   Ready     agent     1m       v1.7.9

Using Kubernetes on Google Cloud Platform (GCP) on OSX:

  1. Make sure Python 2.7 or later is installed
  $ python -v

If Python is not installed on your system you can download it from their website.

  1. Download the desired Cloud SDK for your OS from here.

  2. Run the install.sh script from the extracted archive.

  3. Restart your terminal.

  4. Install kubectl with the following command:

$ gcloud components install kubectl
  1. If it's the first time you use kubectl on GCP, please complete the setup process with gcloud init. This will guide you through the setup of your user locally, so you can use Google Cloud Platform via your local shell.

  2. To start working with Kubernetes, you need to create a cluster and set the default cluster for gcloud and pass your cluster credentials to kubectl.

# creating the cluster
$ gcloud container clusters create CLUSTER_NAME
# setting the default cluster
$ gcloud config set container/cluster CLUSTER_NAME
# pass cluster credentials to kubectl
$ gcloud container clusters get-credentials CLUSTER_NAME

Test if it's successfully connected to the cluster:

 $ kubectl get nodes

Handy kubectl commands you might need in the future

Switch between GKE & AKS

Whenever you set up a connection to a cluster, context is created. Therefore, it doesn’t matter which cloud provider these clusters reside at. You can easily switch from one cluster to another and you don’t need to bother whether it is your local minikube, an azure, gcp, openshift, or any other cluster.

# get available contexts
$ kubectl config get-contexts
# switch to one
$ kubectl config use-context CONTEXT_NAME
# get the current context
$ kubectl config view
# display the current context
$ kubectl config current-context

If don’t use zsh yet, I really recommend downloading it, and setting up one of the oh-my-zsh themes. My personal favorite is the spaceship theme. It is one of the themes that gives you information about the python/node/go version you are currently using, and the k8s context you are currently connected to. It looks something like this:

14:40:29 in folder on  git_branch [?] on 🐳 docker_version at ☸️ kube_current_context

More on getting started with Kubernetes

That’s it for the first step of using Kubernetes. Feel free to reach out to me in the comment section in case you don’t understand something.

To learn more on how to handle services properly stay tuned for the next episode of our series, which will be about managing your cluster as a demilitarized zone, by having an API gatweay in front of it.

(PS: Feel free to ping us if your company needs help with Kubernetes at [email protected])