What is Kubernetes?

In a nutshell, K8s consists of a master node (multiple masters are also possible) controlling a set of processes (pods) running on a set of nodes (minions). This orchestration is made possible by a collection of system services running on the master and each of the minions, communicating via a shared network:

provisions the K8s API used by other infra-level components as well as external users

manages pod replications ([replication controllers], [deployments], [pet sets] etc) that provide high availability for work units (pods) deployed inside K8s

manages scheduling of pods onto nodes based on resource availability and various other customizable constraints

Flannel is a simple overlay network that fulfills the requirements of Kubernetes.

etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. In Kubernetes, clustered etcd replicates the storage to all master instances in a cluster. This guarantees the high availability of the system.

In Kubernetes, the servers that execute work are referred to as nodes. Node servers require the following components to communicate with the master components.

Each individual node should run a docker service. Docker is used to execute containers in an isolated environment. Docker must be used to configure flannel otherwise it would not create a dedicated subnet to each server.

The main contact point of each node within a cluster group is done through a kubelet service. Kubelet communicates with the master to identify which commands require to be executed and the work to be carried out. The kubelet service is also responsible for maintaining the state of work on minions (node servers).

In order to make services available to external parties, a proxy service is executed. The process forwards requests to appropriate containers and handles load balancing at a primitive level. Generally, it ensures that the network is predictable and isolated.

A pod is the smallest unit of Kubernetes in the object model that can be created or deployed. In simple terms, a pod represents a running process on a cluster.

A pod consists of an application container, storage resources, a network IP and options that govern how the containers should execute. A pod constitutes a unit of deployment which might consist of either a single container or a small number of containers that are tightly coupled.

A ReplicationController guarantees that a specified number of pod replicas are running at any given time. ReplicationController ensures that a pod or a homogeneous set of pods is always available.

A Deployment is a higher level abstract concept that manages ReplicationControllers and provides declarative updates to pods along with other useful features. However IPS uses ReplicationControllers as we need to provide custom update orchestration.

A DeploymentController handles declarative updates for Pods. Deployment controller ensures that the cluster’s actual state reaches the desired state at a controlled rate.

Kubernetes pods are not permanent units. ReplicationControllers create and destroy Pods dynamically. Each Pod get its own IP address and those IP addresses cannot be expected to be stable over time (Since IP addresses are allocated dynamically). This leads to a problem: if some set of Pods provides functionality to other pods inside the cluster, they cannot keep track of each other.

A K8s service defines a set of Pods and a policy that can be used to access them. The set of Pods targeted by a Service is usually determined by a Label Selector. Service abstraction enables decoupling.