Kubernetes

What is Kubernetes(K8S)?

Kubernetes is an open-source container management (orchestration) tool. Its container management responsibilities include container deployment, scaling & descaling of containers & container load balancing.

The needs of Kubernetes in the world for managing containers is as much as the needs of Docker for creating them.

What is Kubernetes used for?

Kubernetes is used to create applications that are easy to manage and deploy anywhere. When available as a managed service, Kubernetes offers you a range of solutions to meet your needs. Here are some common use cases.

1. Increasing development velocity:

Kubernetes helps us to build cloud-native microservices-based apps. It also supports containerization of existing apps, thereby becoming the foundation of application modernization and letting us develop apps faster.

2. Automatic Bin packing:

Kubernetes automatically packages our application and schedules the containers based on their requirements and available resources while not sacrificing availability. To ensure complete utilization and save unused resources, Kubernetes balances between critical and best-effort workloads.

3. Deploying applications anywhere:

Kubernetes is built to be used anywhere, allowing us to run our applications across on-site deployments and public clouds; as well as hybrid deployments in between. So we can run our applications where we need them.

4. Secret & Configuration Management:

Kubernetes can help us to deploy and update secrets and application configuration without rebuilding our image and without exposing secrets in our stack configuration.

5. Running efficient services:

Kubernetes can automatically adjust the size of a cluster required to run a service. This enables us to automatically scale our applications, up and down, based on the demand and run them efficiently.

Kubernetes Architecture

Since Kubernetes implements a cluster computing background, everything works from inside a Kubernetes Cluster. This cluster is hosted by one node acting as the ‘master’ of the cluster, and other nodes as ‘nodes’ that do the actual ‘containerization‘.

Master controls the cluster and the nodes in it. It ensures the execution-only happens in nodes and coordinates the act. Nodes host the containers; in-fact these Containers are grouped logically to form Pods. Each node can run multiple such Pods, which are a group of containers, that interact with each other, for a deployment.

Replication Controller is the Master’s resource to ensure that the requested no. of pods is always running on nodes. A service is an object on Master that provides load balancing across a replicated group of Pods.

Case Study :

The Challenge:

IBM Cloud offers public, private, and hybrid cloud functionality across a diverse set of runtimes from its OpenWhisk-based function as a service (FaaS) offering, managed Kubernetes and containers, to cloud foundary platform as a service (PaaS). These runtimes are combined with the power of the company’s enterprise technologies, such as MQ and DB2, its modern artificial intelligence (AI) Watson, and data analytics services.

Users of IBM Cloud can exploit capabilities from more than 170 different cloud-native services in its catalog, including capabilities such as IBM’s Weather Company API and data services. In the later part of 2017, the IBM Cloud Container Registry team wanted to build out an image trust service.

The Solution:

The work on this new service culminated with its public availability in the IBM Cloud in February 2018. The image trust service, called Portieris, is fully based on the Cloud Native Computing Foundation (CNCF) open source project Notary, according to Michael Hough, a software developer with the IBM Cloud Container Registry team.

Portier is a Kubernetes admission controller for enforcing content trust. Users can create image security policies for each Kubernetes namespace, or at the cluster level, and enforce different levels of trust for different images. Portier is a key part of IBM’s trust story since it makes it possible for users to consume the company’s Notary offering from within their IKS clusters.

The offering is that the Notary server runs in IBM’s cloud, and then Portieris runs inside the IKS cluster. This enables users to be able to have their IKS cluster verify that the image they’re loading containers from contains exactly what they expect it to, and Portieris is what allows an IKS cluster to apply that verification.

The Impact:

IBM’s intention in offering a managed Kubernetes container service and image registry is to provide a fully secure end-to-end platform for its enterprise customers. “Image signing is one key part of that offering, and our container registry team saw Notary as the de facto way to implement that capability in the current Docker and container ecosystem,” Hough says.

The company had not been offering image signing before, and Notary is the tool it used to implement that capability. “We had a multi-tenant Docker Registry with private image hosting,” Hough says. “The Docker Registry uses hashes to ensure that image content is correct, and data is encrypted both in-flight and at rest. But it does not provide any guarantees of who pushed an image. We used Notary to enable users to sign images in their private registry namespaces if they so choose.”

Pokemon Go:– Game backend with Kubernetes

The app backend was written in Java combined with libGDX. The program was hosted on a Java cloud with a Google Cloud Bigtable NoSQL database. And this architecture was built on top of Kubernetes, making it their scaling strategy.

Rapid iteration of pushing updates worldwide was done thanks to MapReduce and in particular Cloud Dataflow for combining data, doing efficient MapReduce shuffles, and for scaling their infrastructure.

The actual challenge: For most big applications like this is horizontal scaling. Horizontal scaling is when we are scaling up our servers for servicing the increasing the number of requests from multiple players and playing environments. But for this game, in particular, vertical scaling was also a major challenge because of the changing environment of players in real-time. And this change also has to be reflected in all the others playing nearby because reflecting the same gaming world to everyone is how the game works. Each individual server’s performance and specs also had to be scaled simultaneously, and this was the ultimate challenge that needed to be taken care of by Kubernetes.

Conclusion: Not only did Kubernetes help in horizontal and vertical scaling of containers, but it excelled in terms of engineering expectations. They planned their deployment for a basic estimate and the servers were ready for a maximum of 5x traffic. However, the game’s popularity rose so much that, they had to scale up to 50x times. Ask engineers from other companies, and 95% of them will respond with their server meltdown stories and how their business went down crashing. But not at Niantic Labs, the developers of Pokemon Go.

The Wrap-Up

I have done my best to give you all a basic idea about Kubernetes and How it Works actually in the simplest way I can.

In the upcoming days I am going to publish lots of articles on different automation Tools and other Technologies, So definitely follow me on Medium.

Here is my LinkedIn profile if u have any queries definitely comment below or DM me on Linkedin

I am tech enthusiast fascinated towards technology and its various disciplines including Big Data, Hadoop, Web Development, Competative Programming,ML,etc.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store