Config File
Default location of the kubeconfig file is
~/.kube/configMEMORY Limits
If the actual MEMORY usage of the container at run time exceeds the limit... The CONTAINER will be killed Pod will remain, the container will therefore attempt th restart.
CPU Limits
If the actual CPU usage of the container at run time exceeds the limit… The CPU will be "clamped” While the container will continue to run.
--- apiVersion: v1 kind: Pod metadata: name: frontend spec: containers: - name: app image: images.my-company.example/app:v4 resources: requests: memory: "64Mi" cpu: "250m" limits: memory: "128Mi" # 1G = 1000M, 1Gi = 1024M cpu: "500m" # 500/1000 of a core (50%) or just "0.5" - name: log-aggregator image: images.my-company.example/log-aggregator:v6 resources: requests: memory: "64Mi" cpu: "250m" limits: memory: "128Mi" cpu: "500m"
Commands to check metrics Note: Enabling the Metrics Server $ k top pod NAME CPU(cores) MEMORY(bytes) po 0m 17Mi $ k top node NAME CPU(cores) CPU% MEMORY(bytes) MEMORY% minikube 239m 3% 991Mi 6%
HPA Horizontal Pod Autoscaling
- This is done using Metrics Server
Readiness and Liveness Probes in Kubernetes
Kubernetes provides two essential mechanisms, readiness and liveness probes, to ensure the health and availability of containers running in a cluster. These probes help Kubernetes determine whether a container is ready to accept traffic and whether it is still alive and functioning properly.
Readiness Probe
A readiness probe is used to indicate whether a container is ready to serve traffic. It is used by Kubernetes to determine when a container is ready to receive requests from services or other containers. By default, a container is considered ready as soon as it starts running. However, in some cases, an application may require additional time to initialize or perform certain tasks before it can handle incoming requests. Readiness probes help handle such scenarios.
A readiness probe can be defined in the pod's configuration file or deployment specification using the
readinessProbe field. It can be configured to perform various types of checks on the container, such as making an HTTP request to a specific endpoint, executing a command inside the container, or simply checking if the container's TCP socket is open on a particular port. If the probe fails, Kubernetes will temporarily remove the container's IP address from the service's load balancer, preventing it from receiving traffic until the probe succeeds.Example readiness probe configuration in a pod's specification:
yamlCopy code apiVersion: v1 kind: Pod metadata: name: myapp-pod spec: containers: - name: myapp-container image: myapp-image ports: - containerPort: 8080 readinessProbe: httpGet: path: /healthz port: 8080 initialDelaySeconds: 10 periodSeconds: 5
In this example, the readiness probe performs an HTTP GET request to the
/healthz endpoint of the container, expecting a successful response (HTTP status code 200). The probe will start after an initial delay of 10 seconds and then be repeated every 5 seconds. If the probe fails, the container will be marked as not ready, and Kubernetes will stop sending traffic to it until the probe succeeds.Liveness Probe
A liveness probe is used to determine whether a container is still running and functioning correctly. It helps Kubernetes detect and recover from situations where a container may be running but not able to handle requests or has entered a faulty state. If a liveness probe fails, Kubernetes will restart the container to ensure that it continues to provide a healthy and reliable service.
Similar to a readiness probe, a liveness probe can be configured in the pod's specification using the
livenessProbe field. It can also perform checks through HTTP requests, command execution, or TCP socket checks to determine the container's health. If the probe fails, Kubernetes will restart the container.Example liveness probe configuration in a deployment specification:
yamlCopy code apiVersion: apps/v1 kind: Deployment metadata: name: myapp-deployment spec: replicas: 3 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: myapp-container image: myapp-image ports: - containerPort: 8080 livenessProbe: httpGet: path: /healthz port: 8080 initialDelaySeconds: 15 periodSeconds: 10
In this example, the liveness probe checks the
/healthz endpoint of the container, just like the readiness probe. It starts after an initial delay of 15 seconds and repeats every 10 seconds. If the probe fails, indicating that the container is not functioning properly, Kubernetes will restart the container to ensure the overall health of the application.Quality of Service (QoS) for Pods in Kubernetes
Quality of Service (QoS) in Kubernetes allows you to define different resource guarantees and priorities for Pods. It ensures critical workloads receive necessary resources and are prioritized over less important tasks.
QoS class of Guaranteed
For a Pod to be given a QoS class of
Guaranteed:- Every Container in the Pod must have a memory limit and a memory request.
- For every Container in the Pod, the memory limit must equal the memory request.
- Every Container in the Pod must have a CPU limit and a CPU request.
- For every Container in the Pod, the CPU limit must equal the CPU request.
QoS class of Burstable
A Pod is given a QoS class of
Burstable if:- The Pod does not meet the criteria for QoS class Guaranteed.
- At least one Container in the Pod has a memory or CPU request or limit.
QoS class of BestEffort
For a Pod to be given a QoS class of
BestEffort, the Containers in the Pod must not have any memory or CPU limits or requests.StateFulSets
A StatefulSet is NOT used for Persistence!
Treating your Pods as "Pets" Sometimes you need a set of pods with known, predictable names ...and you wants clients to be able to call them, by their name.
StateFulSets is just SatateFulName
- In a StatefulSet, the pods will have a predictable name: 0, 1, 2.
- The pods will always start up in sequence.
- Clients can address them by name.
Deployment - You specify a PersistentVolumeClaim that is shared by all pod replicas. In other words, shared volume.
The backing storage obviously must have ReadWriteMany or ReadOnlyMany accessMode if you have more than one replica pod.
StatefulSet - You specify a volumeClaimTemplates so that each replica pod gets a unique PersistentVolumeClaim associated with it. In other words, no shared volume.
Here, the backing storage can have ReadWriteOnce accessMode.
StatefulSet is useful for running things in cluster e.g Hadoop cluster, MySQL cluster, where each node has its own storage.
Example:
Let's consider an example of a replicated database using Kubernetes. Suppose you have a MySQL database that requires replication for high availability and fault tolerance. In this scenario, you have a primary database server that handles write operations and one or more replica servers that synchronize with the primary and handle read operations.
If you choose to use a Deployment for managing your database instances, you would typically define multiple replicas of the MySQL container, each running on separate pods. The Deployment controller would ensure that the desired number of replicas is maintained, and it can handle scaling up or down based on the defined replica count. However, the storage for the database would typically be provisioned using external storage solutions like a network-attached storage (NAS) or a cloud-based storage service.
On the other hand, if you choose to use a StatefulSet for your database, each replica server would be managed as a separate pod, similar to the Deployment approach. However, StatefulSets introduce additional features specifically designed for stateful applications. Each pod in the StatefulSet is assigned a unique and stable network identity, typically in the form of a DNS name, which allows for predictable communication between replicas. Additionally, StatefulSets provide the ability to provision and manage persistent storage volumes for each replica. This means that each replica server can have its own persistent storage volume, ensuring that data is retained even if a pod fails or is rescheduled.
Jobs and CronJobs
Kubernetes jobs and cronjobs are Kubernetes objects that are primarily meant for short-lived and batch workloads. Let’s see in details with in below steps.
Types of Jobs in Kubernetes
There are two types of jobs in Kubernetes, here they are,
- Run to Completion — It runs the Job in parallel by creating one or more pods for the successful completion
apiVersion: batch/v1 kind: Job metadata: name: test-job spec: template: spec: # Pod containers: - name: long-job image: python:rc-slim command: ["python"] args: ["-c", "import time; print('starting'); time.sleep(30); print('done')"] restartPolicy: Never backoffLimit: 2 #Retry limit
- Schedulers (CronJob) — It’s like scheduling tasks in crontab in Linux.
Cron Tab Syntax
┌───────────── minute (0 - 59) │ ┌───────────── hour (0 - 23) │ │ ┌───────────── day of the month (1 - 31) │ │ │ ┌───────────── month (1 - 12) │ │ │ │ ┌───────────── day of the week (0 - 7) (Sunday = 0 or 7) │ │ │ │ │ ┌───────────── command to be executed │ │ │ │ │ │ │ │ │ │ │ │ * * * * * command Here are some common examples: - `* * * * *`: Runs the command every minute. - `0 * * * *`: Runs the command at the start of every hour. - `0 0 * * *`: Runs the command once a day at midnight. - `0 0 * * 1`: Runs the command once a week on Monday at midnight.
apiVersion: batch/v1 kind: CronJob metadata: name: cron-job spec: # CronJob schedule: "* * * * *" jobTemplate: spec: # JOB template: spec: # Pod containers: - name: long-job image: python:rc-slim command: ["python"] args: ["-c", "import time; print('starting'); time.sleep(30); print('done')"] restartPolicy: Never backoffLimit: 2
DaemonSet
A DaemonSet ensures that all (or some) Nodes run a copy of a Pod.
Note: A DaemonSet is similar to a Deployment, but remember to comment out the "#replicas: 1" line.
apiVersion: apps/v1 kind: DaemonSet metadata: name: webapp spec: selector: matchLabels: app: webapp # replicas: 1 template: # template for the pods metadata: labels: app: webapp spec: containers: - name: webapp image: richardchesterwood/k8s-fleetman-webapp-angular:release2 env: - name: SPRING_PROFILES_ACTIVE value: production-microservice
Kubernetes Documentation
Kubernetes is a powerful open-source container orchestration platform designed to automate the deployment, scaling, and management of containerized applications. It was originally developed by Google and is now maintained by the Cloud Native Computing Foundation (CNCF). Here are the key aspects of Kubernetes:
Key Concepts:
- Containerization:
- Kubernetes is built around the concept of containers, which are lightweight, portable, and consistent environments for running applications and their dependencies.
- Nodes:
- A Kubernetes cluster consists of nodes. Nodes can be physical or virtual machines and are divided into two types: master nodes and worker nodes.
- Master Node (Control Plane):
- The master node is responsible for managing the overall state of the cluster.
- Components on the master node include the API server, etcd, controller manager, and scheduler.
- Worker Node:
- Worker nodes, or minions, host the containers that run the actual applications.
- Each worker node has the Kubelet, Kube Proxy, and a container runtime (e.g., Docker) installed.
- Pod:
- The smallest deployable unit in Kubernetes.
- A pod represents a single instance of a running process in a cluster and encapsulates one or more containers.
- KubeCTL autocomplete: Configure autocompletion to kubectl with zsh (github.com)