DevOps Tool

Kubernetes

Overview

Kubernetes is the industry standard for container orchestration, providing automated deployment, scaling, and management of large-scale containerized applications as an open-source platform.

Details

Kubernetes (pronounced "koo-ber-net-eez", often abbreviated as K8s) is a container orchestration platform developed and open-sourced by Google in 2014. Built on over 15 years of container operation expertise from Google's Borg system, it's now developed under the Cloud Native Computing Foundation (CNCF). Kubernetes uses declarative configuration to define desired state, with the system automatically maintaining that state. Through abstraction layers like Pods, Services, Deployments, and Namespaces, it efficiently manages complex microservices architectures. Built-in features include auto-scaling, rolling updates, self-healing, service discovery, and load balancing. Widely utilized through managed services like AWS EKS, Google GKE, and Azure AKS, it's in production at major companies including Netflix, Spotify, Airbnb, and The New York Times. Currently established as the de facto standard for container orchestration, Kubernetes serves as core technology for cloud-native application development.

Advantages and Disadvantages

Advantages

• Auto-scaling: Automatic scaling based on demand with HPA and VPA
• High availability: Self-healing and automatic recovery capabilities
• Declarative management: Define and maintain desired state through YAML
• Portability: Multi-cloud and hybrid cloud support
• Rich ecosystem: Integration with CNCF projects
• Standardization: Industry standard status and skill transferability
• Microservices support: Efficient management of complex distributed systems
• Development/operations separation: Clear separation of developer and operator responsibilities

Disadvantages

• Complexity: High learning curve and operational complexity
• Resource consumption: Cluster overhead requirements
• Network configuration: Complexity of CNI, Ingress, and Service Mesh
• Storage management: Design challenges with persistent volumes and StatefulSets
• Security complexity: Complex configuration of RBAC and Pod Security Standards
• Monitoring and logging: Observability challenges in distributed systems
• Version management: Frequent updates and compatibility considerations
• Over-engineering: Excessive for simple applications and small-scale environments

Key Links

• Kubernetes Official Website
• Kubernetes Official Documentation
• Kubernetes GitHub Repository
• CNCF (Cloud Native Computing Foundation)
• kubectl Cheat Sheet
• Kubernetes API Reference

Code Examples

Hello World Pod

# pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: hello-pod
  labels:
    app: hello
spec:
  containers:
  - name: hello-container
    image: nginx:alpine
    ports:
    - containerPort: 80

# Deploy and verify
kubectl apply -f pod.yaml
kubectl get pods
kubectl port-forward hello-pod 8080:80

Deployment (Replica Management)

# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: web-deployment
  labels:
    app: web
spec:
  replicas: 3
  selector:
    matchLabels:
      app: web
  template:
    metadata:
      labels:
        app: web
    spec:
      containers:
      - name: web
        image: nginx:1.24
        ports:
        - containerPort: 80
        resources:
          requests:
            memory: "64Mi"
            cpu: "250m"
          limits:
            memory: "128Mi"
            cpu: "500m"

Service (Network Exposure)

# service.yaml
apiVersion: v1
kind: Service
metadata:
  name: web-service
spec:
  selector:
    app: web
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
  type: LoadBalancer

ConfigMap and Secret

# configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  database.host: "db.example.com"
  database.port: "5432"
  app.properties: |
    debug=true
    log.level=info

---
# secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: app-secret
type: Opaque
data:
  username: dXNlcm5hbWU=  # base64 encoded 'username'
  password: cGFzc3dvcmQ=  # base64 encoded 'password'

Horizontal Pod Autoscaler

# hpa.yaml
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: web-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: web-deployment
  minReplicas: 2
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 70
  - type: Resource
    resource:
      name: memory
      target:
        type: Utilization
        averageUtilization: 80

Ingress (External Exposure)

# ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: web-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
  tls:
  - hosts:
    - example.com
    secretName: example-tls
  rules:
  - host: example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: web-service
            port:
              number: 80

kubectl Basic Operations

# Cluster information
kubectl cluster-info
kubectl get nodes
kubectl get namespaces

# Resource management
kubectl get pods --all-namespaces
kubectl get deployments
kubectl get services
kubectl get ingress

# Application management
kubectl apply -f .                    # Apply all YAML in directory
kubectl delete -f deployment.yaml     # Delete resource
kubectl scale deployment web-deployment --replicas=5

# Debug and troubleshooting
kubectl describe pod <pod-name>       # Detailed information
kubectl logs <pod-name>              # Check logs
kubectl exec -it <pod-name> -- /bin/sh # Container access
kubectl port-forward service/web-service 8080:80

# Monitoring and metrics
kubectl top nodes                     # Node resource usage
kubectl top pods                      # Pod resource usage
kubectl get events --sort-by='.lastTimestamp'