What are the core concepts in Kubernetes? Kubernetes, aka K8s, is the current de facto container orchestration platform providing a robust set of tools for automating deployment, scaling, and management of containerized applications. If you are getting started with Kubernetes, it is important to understand its core concepts and building blocks that enables you to create, deploy, and manage your containerized applications.
Table of Contents
What are the core concepts in Kubernetes?
To unlock the full potential of Kubernetes, let’s explore some of its core concepts.
In a Kubernetes cluster, a node is a virtual or a physical machine on which Kubernetes application run. A Node can be a Master Node, which controls the Kubernetes cluster or a Worker Node, which hosts containerized application.
A Pod is the smallest deployable unit in Kubernetes and represents a group of one or more containers. Pods share same storage, same network resources (IP addresses and ports) and information on how to run each containers. Worker nodes host Pods. Each Pod runs on a specific node until they are terminated or deleted.
This is a Kubernetes object which is responsible for ensuring that a specific number of Pod replicas are running at any given time in the Kubernetes cluster. They can be used to scale the cluster down or scale it up. ReplicaSet has a Pod template that defines how a new Pod should be created when one fails. Similarly, it has a replica count which defines how many Pods should run concurrently in a node.
A Deployment is a Kubernetes object that manages ReplicaSets and provides declarative updates to Pods in a cluster. Using Deployments to manage RS is the recommended way rather than using RS directly. Deployments can be used to rollout ReplicaSets, define the state of the Pods, rollback to earlier deployment state if need be, efficiently scale the number of replica Pods, pause rollout of a deployment, cleanup ReplicaSets that are not needed.
StatefulSet is a Kubernetes API object that manages the deployment and scaling of stateful applications. It guarantees the order and uniqueness of the Pods. Stateful applications are applications that maintain their own internal state such as unique network identifiers, persistent data, e.t.c. Examples include databases.
A DaemonSet is a Kubernetes object which ensures that a Pod is running on all or some nodes in the cluster. Typical use cases of DaemonSet include running cluster wide storage daemons, monitoring and log collection daemons.
A Job is used to manage the execution of a batch jobs in Kubernetes cluster. Jobs can be used to run one-off tasks or periodic jobs, such as backups or database migrations.
CronJob is used to perform regular scheduled tasks such as backups, report generation, e.t.c.
Kubernetes Service is a Kubernetes object that exposes Pods over a network so that they can be accessible in the cluster. They can assign Pods unique IP address and a DNS name. Some of the Kubernetes publishing services include;
- ClusterIP: Exposes a service on an internal IP that is ONLY accessible within the cluster.
- NodePort: Exposes a service via a specific port bind to a node IP thus allows the service to be accessed from outside the cluster by using any node’s IP address and the NodePort value.
- LoadBalancer: Exposes the service externally using a cloud provider’s load balancer.
- ExternalName: used when you need to access individual pods directly without using a load-balanced service. It allows you to create a DNS record for the pods, which can be used to connect to them directly.
Ingress is a Kubernetes API object that manages external access to the services in a cluster via HTTP/HTTPS. An Ingress may be configured to give Services externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. Ingress achieves all these through the use of
A Volume is a directory that can be used to store data that is accessible to the containers. Containers in a Pod share the same data volume. It is also possible to use volumes to share data between multiple Pods. There exists
ephemeral volume types which have a lifetime of a pod and
persistent volumes which stores the data beyond the lifetime of a pod.
In Kubernetes, namespaces provides a way to logically divide and organize Kubernetes cluster into virtual sub-clusters. The use of namespaces comes in handy when a cluster is used by many users spread across multiple teams, or projects. By default, Kubernetes ships with four default namespaces namely;
- kubernetes-dashboard (ONLY ships with minikube)
You can get a list of Kubernetes namespaces using the command
kubectl get namespace.
For production environments, it is recommended to create your own custom namespaces rather than using the default namespaces. When you create a namespace, do not prefix it with
kube– as this is reserved for use with default system Kubernetes namespaces.
This is an API object in Kubernetes that stores non sensitive configuration data in key-value pairs outside the container images thus making an application portable. Configurations stored on a ConfigMap are the kind that changes frequently depending on the environment. They can be made available to the Pods via environment variables, supplied in a command line or even stored in volumes as configuration files.
Secret is Kubernetes object that is used to store sensitive information such as passwords, keys or tokens that can be consumed by a Kubernetes Pod. The difference between Secret and ConfigMap is that the former is used to store confidential data. Secret while being stored on etcd are unencrypted and thus anyone with access to etcd data store can access them.
While the above explains the most common Kubernetes concepts, there exists huge number of other Kubernetes concepts. Read more on Kubernetes concepts page.
That brings us to the end of our tutorial on What are the core concepts in Kubernetes.