Kubernetes - Fork My Brain

# Kubernetes ![rw-book-cover](https://readwise-assets.s3.amazonaws.com/static/images/article0.00998d930354.png) URL:: https://en.m.wikipedia.org/wiki/Kubernetes Author:: wikipedia.org ## Highlights > Originally designed by [Google](https://en.wikipedia.org/wiki/Google), the project is now maintained by the [Cloud Native Computing Foundation](https://en.wikipedia.org/wiki/Cloud_Native_Computing_Foundation). ([View Highlight](https://read.readwise.io/read/01gyvh9spxz6fvj6va9wpszn5n)) > Kubernetes works with [containerd](https://en.wikipedia.org/wiki/Containerd) and [CRI-O](https://en.wikipedia.org/wiki/Cloud_Native_Computing_Foundation#CRI-O).[[6]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-6) Its suitability for running and managing large cloud-native workloads has led to widespread adoption of it in the data center. T ([View Highlight](https://read.readwise.io/read/01gyvhacbg1594g0wpfqyjr9d1)) > The design and development of Kubernetes was influenced by Google's [Borg](https://en.wikipedia.org/wiki/Borg_(cluster_manager)) cluster manager. Many of its top contributors had previously worked on Borg;[[10]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-borg_paper-10)[[11]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-11) they codenamed Kubernetes "Project 7" after the *Star Trek* ex-[Borg](https://en.wikipedia.org/wiki/Borg) character [Seven of Nine](https://en.wikipedia.org/wiki/Seven_of_Nine)[[12]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-12) and gave its logo a seven-spoked wheel. ([View Highlight](https://read.readwise.io/read/01gyvhb37mfrn5ffnkptwxk0wf)) > Google worked with the [Linux Foundation](https://en.wikipedia.org/wiki/Linux_Foundation) to form the [Cloud Native Computing Foundation](https://en.wikipedia.org/wiki/Cloud_Native_Computing_Foundation) (CNCF)[[14]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-14) and offered Kubernetes as a seed technology ([View Highlight](https://read.readwise.io/read/01gyvhcax6errwsaanrqxcn85m)) > The components of Kubernetes can be divided into those that manage an individual [node](https://en.wikipedia.org/wiki/Node_(networking)) and those that are part of the control plane. ([View Highlight](https://read.readwise.io/read/01gyvhfkjn5dwbzhxr67prbmxg)) > **[etcd](https://en.wikipedia.org/wiki/Etcd)**[[37]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-37) is a persistent, lightweight, distributed, [key-value data store](https://en.wikipedia.org/wiki/Key-value_data_store) that [CoreOS](https://en.wikipedia.org/wiki/CoreOS) has developed. It reliably stores the configuration data of the cluster, representing the overall state of the cluster at any given point of time ([View Highlight](https://read.readwise.io/read/01gyvhhdex24d48a6n4x7ywp8r)) > The **API server** serves the Kubernetes [API](https://en.wikipedia.org/wiki/Application_programming_interface) using [JSON](https://en.wikipedia.org/wiki/JSON) over [HTTP](https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol), which provides both the internal and external interface to Kubernetes.[[35]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-do-intro-35)[[38]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-:1-38) The API server processes and validates [REST](https://en.wikipedia.org/wiki/Representational_state_transfer) requests and updates the state of the [API](https://en.wikipedia.org/wiki/Application_programming_interface) objects in etcd, thereby allowing clients to configure workloads and containers across worker nodes.[[](https://en.wikipedia.org/wiki/Kubernetes#cite_note-39) ([View Highlight](https://read.readwise.io/read/01gyvhj0kgq6vqqvrg12t2ryc9)) > The **scheduler** is the extensible component that selects on which node an unscheduled pod (the basic entity managed by the scheduler) runs, based on resource availability ([View Highlight](https://read.readwise.io/read/01gyvhjm647phtk9hcywzfpypr)) > A **controller** is a reconciliation loop that drives the actual cluster state toward the desired state, communicating with the API server to create, update, and delete the resources it manages (e.g., pods or service endpoints).[[42]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-coreos-replication-controller-42)[[38]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-:1-38) One kind of controller is a Replication Controller, which handles replication and scaling by running a specified number of copies of a pod across the cluster. ([View Highlight](https://read.readwise.io/read/01gyvhk2c4mr79sywfpv5vyfnt)) > The **controller manager** is a process that manages a set of core Kubernetes controllers. ([View Highlight](https://read.readwise.io/read/01gyvhkhdrw9qk8fwfy9sxqtmg)) > A node, also known as a worker or a minion, is a machine where containers (workloads) are deployed. Every node in the cluster must run a container [runtime](https://en.wikipedia.org/wiki/Runtime_system) such as [containerd](https://en.wikipedia.org/wiki/Containerd) ([View Highlight](https://read.readwise.io/read/01gyvhm2f3y87h3j69tqcx83te)) > **Kubelet** is responsible for the running state of each node, ensuring that all containers on the node are healthy. It takes care of starting, stopping, and maintaining application containers organized into pods as directed by the control plane.[[35]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-do-intro-35)[[45]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-45) Kubelet monitors the state of a pod, and if not in the desired state, the pod re-deploys to the same node. Node status is relayed every few seconds via heartbeat messages to the primary. Once the primary detects a node failure, the Replication Controller observes this state change and launches pods on other healthy nodes. ([View Highlight](https://read.readwise.io/read/01gyvhmp9atdfj6mh9xj1p0yv3)) > **Kube-proxy** is an implementation of a [network proxy](https://en.wikipedia.org/wiki/Proxy_server) and a [load balancer](https://en.wikipedia.org/wiki/Load_balancing_(computing)), and it supports the service abstraction along with other networking operation.[[35]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-do-intro-35) It is responsible for routing traffic to the appropriate container based on IP and port number of the incoming request. ([View Highlight](https://read.readwise.io/read/01gyvhn1ggw44w0dwdkjqx09gj)) > A **container** resides inside a pod. The container is the lowest level of a micro-service, which holds the running application, libraries, and their dependencies. ([View Highlight](https://read.readwise.io/read/01gyvhnekgr4da30wh6y3wgxt8)) > In Kubernetes, namespaces are utilized to segregate the resources it handles into distinct and non-intersecting collections ([View Highlight](https://read.readwise.io/read/01gyvhpn64adz951679k03rap9)) > Each pod in Kubernetes is assigned a unique IP address within the cluster, allowing applications to use ports without the risk of conflict. ([View Highlight](https://read.readwise.io/read/01gyvhqbwxt10e5mn1w0kz7ev3)) > in certain scenarios, it may be necessary to deploy a pod on every node in the cluster, which is particularly helpful for use cases involving log collection, ingress controllers, and storage services. This specific type of pod scheduling can be achieved by utilizing DaemonSets.[[](https://en.wikipedia.org/wiki/Kubernetes#cite_note-52) ([View Highlight](https://read.readwise.io/read/01gyvhs0qg97n9jxcs8dw25fef)) > A ReplicaSet's purpose is to maintain a stable set of replica pods running at any given time. As such, it is often used to guarantee the availability of a specified number of identical Pods.[[53]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-53) > The ReplicaSets[[54]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-54) can also be said to be a grouping mechanism that lets Kubernetes maintain the number of instances that have been declared for a given pod. ([View Highlight](https://read.readwise.io/read/01gyvht5tgqrj9kfsy8fww4eec)) > A Kubernetes service is a set of pods that work together, such as one tier of a [multi-tier](https://en.wikipedia.org/wiki/Multitier_architecture) application. ([View Highlight](https://read.readwise.io/read/01gyvhyg1czb9wqff7zcn424sw)) > Volumes > File systems in the Kubernetes container provide [ephemeral storage](https://en.wikipedia.org/wiki/Ephemeral_storage), by default. This means that a restart of the pod will wipe out any data on such containers, and therefore, this form of storage is quite limiting in anything but trivial applications. A Kubernetes Volume[[57]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-57) provides persistent storage that exists for the lifetime of the pod itself. ([View Highlight](https://read.readwise.io/read/01gyvhzdd702gxb1gb05fq77tf)) > A common application challenge is deciding where to store and manage configuration information, some of which may contain sensitive data. Configuration data can be anything as fine-grained as individual properties or coarse-grained information like entire configuration files or JSON / XML documents. Kubernetes provides two closely related mechanisms to deal with this need: "configmaps" and "secrets", both of which allow for configuration changes to be made without requiring an application build. The data from configmaps and secrets will be made available to every single instance of the application to which these objects have been bound via the deployment. A secret and/or a configmap is sent to a node only if a pod on that node requires it. Kubernetes will keep it in memory on that node. Once the pod that depends on the secret or configmap is deleted, the in-memory copy of all bound secrets and configmaps are deleted as well. The data is accessible to the pod through one of two ways: > 1. as environment variables (which will be created by Kubernetes when the pod is started); > 2. available on the container file system that is visible only from within the pod. ([View Highlight](https://read.readwise.io/read/01gyvj0pwrsj58hmbcx9ch6f7s)) > Scaling stateless applications is only a matter of adding more running pods. Stateful workloads are harder, because the state needs to be preserved if a pod is restarted. If the application is scaled up or down, the state may need to be redistributed. Databases are an example of stateful workloads ([View Highlight](https://read.readwise.io/read/01gyvj2n5w7z5fe4xertws027y)) > StatefulSets[[58]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-58) are controllers (see above) that enforce the properties of uniqueness and ordering amongst instances of a pod and can be used to run stateful applications. ([View Highlight](https://read.readwise.io/read/01gyvj219jnndfr2hmwseg2wcj)) --- Title: Kubernetes Author: wikipedia.org Tags: readwise, articles date: 2024-01-30 --- # Kubernetes ![rw-book-cover](https://readwise-assets.s3.amazonaws.com/static/images/article0.00998d930354.png) URL:: https://en.m.wikipedia.org/wiki/Kubernetes Author:: wikipedia.org ## AI-Generated Summary Kubernetes (/ˌk(j)uːbərˈnɛtɪs, -ˈneɪtɪs, -ˈneɪtiːz, -ˈnɛtiːz/, commonly abbreviated K8s[2]) is an open-source container orchestration system for automating software deployment, scaling, and management. ## Highlights > Originally designed by [Google](https://en.wikipedia.org/wiki/Google), the project is now maintained by the [Cloud Native Computing Foundation](https://en.wikipedia.org/wiki/Cloud_Native_Computing_Foundation). ([View Highlight](https://read.readwise.io/read/01gyvh9spxz6fvj6va9wpszn5n)) > Kubernetes works with [containerd](https://en.wikipedia.org/wiki/Containerd) and [CRI-O](https://en.wikipedia.org/wiki/Cloud_Native_Computing_Foundation#CRI-O).[[6]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-6) Its suitability for running and managing large cloud-native workloads has led to widespread adoption of it in the data center. T ([View Highlight](https://read.readwise.io/read/01gyvhacbg1594g0wpfqyjr9d1)) > The design and development of Kubernetes was influenced by Google's [Borg](https://en.wikipedia.org/wiki/Borg_(cluster_manager)) cluster manager. Many of its top contributors had previously worked on Borg;[[10]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-borg_paper-10)[[11]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-11) they codenamed Kubernetes "Project 7" after the *Star Trek* ex-[Borg](https://en.wikipedia.org/wiki/Borg) character [Seven of Nine](https://en.wikipedia.org/wiki/Seven_of_Nine)[[12]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-12) and gave its logo a seven-spoked wheel. ([View Highlight](https://read.readwise.io/read/01gyvhb37mfrn5ffnkptwxk0wf)) > Google worked with the [Linux Foundation](https://en.wikipedia.org/wiki/Linux_Foundation) to form the [Cloud Native Computing Foundation](https://en.wikipedia.org/wiki/Cloud_Native_Computing_Foundation) (CNCF)[[14]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-14) and offered Kubernetes as a seed technology ([View Highlight](https://read.readwise.io/read/01gyvhcax6errwsaanrqxcn85m)) > The components of Kubernetes can be divided into those that manage an individual [node](https://en.wikipedia.org/wiki/Node_(networking)) and those that are part of the control plane. ([View Highlight](https://read.readwise.io/read/01gyvhfkjn5dwbzhxr67prbmxg)) > **[etcd](https://en.wikipedia.org/wiki/Etcd)**[[37]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-37) is a persistent, lightweight, distributed, [key-value data store](https://en.wikipedia.org/wiki/Key-value_data_store) that [CoreOS](https://en.wikipedia.org/wiki/CoreOS) has developed. It reliably stores the configuration data of the cluster, representing the overall state of the cluster at any given point of time ([View Highlight](https://read.readwise.io/read/01gyvhhdex24d48a6n4x7ywp8r)) > The **API server** serves the Kubernetes [API](https://en.wikipedia.org/wiki/Application_programming_interface) using [JSON](https://en.wikipedia.org/wiki/JSON) over [HTTP](https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol), which provides both the internal and external interface to Kubernetes.[[35]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-do-intro-35)[[38]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-:1-38) The API server processes and validates [REST](https://en.wikipedia.org/wiki/Representational_state_transfer) requests and updates the state of the [API](https://en.wikipedia.org/wiki/Application_programming_interface) objects in etcd, thereby allowing clients to configure workloads and containers across worker nodes.[[](https://en.wikipedia.org/wiki/Kubernetes#cite_note-39) ([View Highlight](https://read.readwise.io/read/01gyvhj0kgq6vqqvrg12t2ryc9)) > The **scheduler** is the extensible component that selects on which node an unscheduled pod (the basic entity managed by the scheduler) runs, based on resource availability ([View Highlight](https://read.readwise.io/read/01gyvhjm647phtk9hcywzfpypr)) > A **controller** is a reconciliation loop that drives the actual cluster state toward the desired state, communicating with the API server to create, update, and delete the resources it manages (e.g., pods or service endpoints).[[42]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-coreos-replication-controller-42)[[38]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-:1-38) One kind of controller is a Replication Controller, which handles replication and scaling by running a specified number of copies of a pod across the cluster. ([View Highlight](https://read.readwise.io/read/01gyvhk2c4mr79sywfpv5vyfnt)) > The **controller manager** is a process that manages a set of core Kubernetes controllers. ([View Highlight](https://read.readwise.io/read/01gyvhkhdrw9qk8fwfy9sxqtmg)) > A node, also known as a worker or a minion, is a machine where containers (workloads) are deployed. Every node in the cluster must run a container [runtime](https://en.wikipedia.org/wiki/Runtime_system) such as [containerd](https://en.wikipedia.org/wiki/Containerd) ([View Highlight](https://read.readwise.io/read/01gyvhm2f3y87h3j69tqcx83te)) > **Kubelet** is responsible for the running state of each node, ensuring that all containers on the node are healthy. It takes care of starting, stopping, and maintaining application containers organized into pods as directed by the control plane.[[35]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-do-intro-35)[[45]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-45) Kubelet monitors the state of a pod, and if not in the desired state, the pod re-deploys to the same node. Node status is relayed every few seconds via heartbeat messages to the primary. Once the primary detects a node failure, the Replication Controller observes this state change and launches pods on other healthy nodes. ([View Highlight](https://read.readwise.io/read/01gyvhmp9atdfj6mh9xj1p0yv3)) > **Kube-proxy** is an implementation of a [network proxy](https://en.wikipedia.org/wiki/Proxy_server) and a [load balancer](https://en.wikipedia.org/wiki/Load_balancing_(computing)), and it supports the service abstraction along with other networking operation.[[35]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-do-intro-35) It is responsible for routing traffic to the appropriate container based on IP and port number of the incoming request. ([View Highlight](https://read.readwise.io/read/01gyvhn1ggw44w0dwdkjqx09gj)) > A **container** resides inside a pod. The container is the lowest level of a micro-service, which holds the running application, libraries, and their dependencies. ([View Highlight](https://read.readwise.io/read/01gyvhnekgr4da30wh6y3wgxt8)) > In Kubernetes, namespaces are utilized to segregate the resources it handles into distinct and non-intersecting collections ([View Highlight](https://read.readwise.io/read/01gyvhpn64adz951679k03rap9)) > Each pod in Kubernetes is assigned a unique IP address within the cluster, allowing applications to use ports without the risk of conflict. ([View Highlight](https://read.readwise.io/read/01gyvhqbwxt10e5mn1w0kz7ev3)) > in certain scenarios, it may be necessary to deploy a pod on every node in the cluster, which is particularly helpful for use cases involving log collection, ingress controllers, and storage services. This specific type of pod scheduling can be achieved by utilizing DaemonSets.[[](https://en.wikipedia.org/wiki/Kubernetes#cite_note-52) ([View Highlight](https://read.readwise.io/read/01gyvhs0qg97n9jxcs8dw25fef)) > A ReplicaSet's purpose is to maintain a stable set of replica pods running at any given time. As such, it is often used to guarantee the availability of a specified number of identical Pods.[[53]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-53) > The ReplicaSets[[54]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-54) can also be said to be a grouping mechanism that lets Kubernetes maintain the number of instances that have been declared for a given pod. ([View Highlight](https://read.readwise.io/read/01gyvht5tgqrj9kfsy8fww4eec)) > A Kubernetes service is a set of pods that work together, such as one tier of a [multi-tier](https://en.wikipedia.org/wiki/Multitier_architecture) application. ([View Highlight](https://read.readwise.io/read/01gyvhyg1czb9wqff7zcn424sw)) > Volumes > File systems in the Kubernetes container provide [ephemeral storage](https://en.wikipedia.org/wiki/Ephemeral_storage), by default. This means that a restart of the pod will wipe out any data on such containers, and therefore, this form of storage is quite limiting in anything but trivial applications. A Kubernetes Volume[[57]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-57) provides persistent storage that exists for the lifetime of the pod itself. ([View Highlight](https://read.readwise.io/read/01gyvhzdd702gxb1gb05fq77tf)) > A common application challenge is deciding where to store and manage configuration information, some of which may contain sensitive data. Configuration data can be anything as fine-grained as individual properties or coarse-grained information like entire configuration files or JSON / XML documents. Kubernetes provides two closely related mechanisms to deal with this need: "configmaps" and "secrets", both of which allow for configuration changes to be made without requiring an application build. The data from configmaps and secrets will be made available to every single instance of the application to which these objects have been bound via the deployment. A secret and/or a configmap is sent to a node only if a pod on that node requires it. Kubernetes will keep it in memory on that node. Once the pod that depends on the secret or configmap is deleted, the in-memory copy of all bound secrets and configmaps are deleted as well. The data is accessible to the pod through one of two ways: > 1. as environment variables (which will be created by Kubernetes when the pod is started); > 2. available on the container file system that is visible only from within the pod. ([View Highlight](https://read.readwise.io/read/01gyvj0pwrsj58hmbcx9ch6f7s)) > Scaling stateless applications is only a matter of adding more running pods. Stateful workloads are harder, because the state needs to be preserved if a pod is restarted. If the application is scaled up or down, the state may need to be redistributed. Databases are an example of stateful workloads ([View Highlight](https://read.readwise.io/read/01gyvj2n5w7z5fe4xertws027y)) > StatefulSets[[58]](https://en.wikipedia.org/wiki/Kubernetes#cite_note-58) are controllers (see above) that enforce the properties of uniqueness and ordering amongst instances of a pod and can be used to run stateful applications. ([View Highlight](https://read.readwise.io/read/01gyvj219jnndfr2hmwseg2wcj))