commit 76b1896223c2f432a5a64873dc0c9cbddae3a443
parent 7d212061a6c3576524ede818e30d3c0afbeb03df
Author: Alex Balgavy <alex@balgavy.eu>
Date: Wed, 12 Jan 2022 14:53:09 +0100
Update software containerisation notes
Diffstat:
5 files changed, 100 insertions(+), 0 deletions(-)
diff --git a/content/softcont-notes/_index.md b/content/softcont-notes/_index.md
@@ -3,3 +3,7 @@ title = 'Software Containerisation'
+++
# Software Containerisation
1. [Introduction](introduction)
+2. [Kubernetes architecture](kubernetes-architecture)
+3. [Pods and containers](pods-and-containers)
+4. [Workload resources and controllers](workload-resources-and-controllers)
+5. [YAML syntax](yaml-syntax)
diff --git a/content/softcont-notes/kubernetes-architecture.md b/content/softcont-notes/kubernetes-architecture.md
@@ -0,0 +1,32 @@
++++
+title = 'Kubernetes architecture'
++++
+## Kubernetes architecture
+Control plane
+- 1-3+ master nodes: do not run user workloads directly, but manage the cluster
+- kube-apiserver: exposes Kubernetes API
+- etcd: storage of key-value pairs for Kubernetes config
+- kube-scheduler: selects node on which to run new pods
+- kube-controller-manager: runs controller processes (Node, Replication, Endpoints, Service Account & Token controllers)
+- cloud controller manager: connects cluster to cloud provider's API
+
+Worker nodes
+- node/worker/minion: executes user workloads
+- kubelet: ensures that pods are running in node as declared by their specs
+- kube-proxy: network proxy, maintains network rules on nodes
+- pods: groups of containers that share storage/net resources
+
+You interact with Kubernetes using `kubectl`.
+Kubectl config is in `~/.kube/config`.
+
+Nodes:
+- runs kubelet agent, kube-prxy pod, and network pod
+ - allows cluster manage pods that run on node
+- network pod: not by default via `kubeadm`, but Calico in `microk8s`
+
+Namespaces:
+- used to create virtual clusters (avoid name conflicts, restrict resource usage, establish quotas, add policies)
+- K8s creates objects in `default` namespace
+- K8s components run in separate namespace -- `kube-system`
+- new namespaces can be created with `kubectl create namespace <name>`
+- cannot be nested. persistent volumes and nodes are not in a namespace.
diff --git a/content/softcont-notes/pods-and-containers.md b/content/softcont-notes/pods-and-containers.md
@@ -0,0 +1,20 @@
++++
+title = 'Pods and Containers'
++++
+## Pods and Containers
+Pod: smallest unit you can deploy to Kubernetes cluster
+- generally contains single container
+- may contain multiple containers that are strictly related: share same net and storage resources
+- may contain one or more init containers, used to initialize application
+
+On the command line, run a pod with:
+
+```sh
+kubectl run --image <image-name> <pod-name> --port=<port-on-container-ip> --hostport=<port-on-host-ip>
+```
+
+Pod lifecycle has phases:
+1. Pending: cluster accepted pod, not all containers running yet.
+2. Running: pod bound to node, all containers created, at least one running/starting/restarting.
+3. - Succeeded: containers terminated successfully, will not restart.
+ - Failed: all containers terminated, at least one with error.
diff --git a/content/softcont-notes/workload-resources-and-controllers.md b/content/softcont-notes/workload-resources-and-controllers.md
@@ -0,0 +1,33 @@
++++
+title = 'Workload resources and controllers'
++++
+## Workload resources and controllers
+Instead of running individual pods, you create workload resources that manage set of pods based on a declared desired state.
+
+When you submit workload resource, K8s control plane configures corresponding controller.
+Controllers run control loops, where controller periodically makes sure that status of resource corresponds to declared desired state.
+
+Most Kubernetes objects have two fields:
+- spec: desired object state
+- status: current object state
+
+Deployment: suitable for stateless apps, like web servers. can have one or more containers.
+- you can scale a deployment with `kubectl edit`, or `kubectl scale deployment <name> --replicas=n`
+- autoscaling can happen based on conditions, e.g. `kubectl autoscale deployment <name> --min=7 --max=8 --cpu-percent=60`
+ - this creates a HorizontalPodAutoscaler (hpa).
+
+ReplicaSet: maintains desired number of instances of a pod defined by a template
+- in general you can instead specify desired number of replicas in a Deployment
+
+DaemonSet: ensures pods run on each node of the cluster, even if nodes added at later time
+- for example, to collect a log on each node of the cluster. one tool for that is Fluentd
+
+Job: ensures that specific task completes even if pod that should run the task fails
+- if a node where the pod is running fails, the scheduler launches the pod on another noe
+- can run pods sequentially or in parallel
+
+CronJob: causes pod to execute at specific times determined by `schedule` parameter (like `cron`)
+
+Garbage Collector: responsible for deleting objects when their parent no longer exists
+- in foreground: parent marked for deletion, then all objects with `blockOwnerDeletion: true` are deleted, then the parent is deleted
+- in background: first parent deleted, then all children found and deleted.
diff --git a/content/softcont-notes/yaml-syntax.md b/content/softcont-notes/yaml-syntax.md
@@ -0,0 +1,11 @@
++++
+title = 'YAML syntax'
++++
+## YAML syntax
+Indentation is structure, with spaces (usually 2).
+Comments use `#`.
+
+Elements of sequence of scalars (strings, numbers) are a list starting with dash.
+Maps are `key: value`.
+
+Long literals can be written with multiple lines that preserve newlines (`|`) or get folded and replaced by space (`>`).
