🤔 Understanding kubernetes components: Kubernetes for beginners
We will explore various kubernetes components like pod, services, ingress, volumes etc in quick blogpost.
🖥️ Nodes
Lets first see from top, we may have multiple machines in a single kubernetes cluster, also known as nodes.
These can be physical or virtual machines
There will be 2 types of machines/nodes
- Master nodes
- Slave/worker node
📦 Pods
Pods are smallest unit of kubernetes cluster. Pods are basically an abstraction over container.
Its create a layer above container so interaction with container is replaced with just pods.
One pod can have one or more container running but, a Pod is meant to have only one conainer.
So here is the level how it looks.
Virtual machines(Node) -> Pod -> 1x container
One node can have multiple pod, for example
- my-app pod which may consist of application code
- my-db pod which may consist of database
Here is summery
In kubernetes node, each pod gets its own internal IP address out of the box(not container).
- So each pod can communicate with each other with IP address.
- Pods can die easily due to any issue within application, its resource requirement or any other reason, Kubernetes replaces these pods with new pods all the time.
- When new pods are created, it gets its own IP address.
- Which may hinder connection between pods since IP will not be same anymore.
To address this case, another Kubernetes components called service is used.
🛜 Service
Service is basically a static/permanent IP address that gets attached to each pod.
- You can assume it as abstraction layer above IP addresses.
- Lifecycle of pod and service is not connected
- So whenever a pod gets replaced, its service(static IP) still be available to all other pods thus maintaining consistent connection with pods
Since we would want to access these application running in pods in our browser, but we don’t want all the services open to the world, like we would want port 80 from my-app to be open but my-db pod should not be open externally.
To manage such case, there is another kubernetes components called
🔌 Ingress
Ingress is independent service in node, which controls access to the services. Assume this as internal firewall of the node, so ingress will have say port open or expose for my-app and rest all services/ports are protected.
Here is how it looks with ingress
my-app will use endpoints of my-db or database to connect, like hostname, username, password.
usually these details are available in application’s config file or environment variable files, but if we suppose changed db password or endpoint, we needed to deploy app again with updated password in application file
This require creating of image, updating container in pod and so on and till that time, application might gets unavailable.
To address this issue, we have another components of kubernetes called
📝 ConfigMap
ConfigMap components provides an external configuration to your application.
this can contain, database endpoint, username, password ports etc.
So next time if we suppose need to change the database_name, we just need to update the same in ConfigMap and not in application.
config map stores such information in key=value pairs in plaintext format, Putting database password or any similar sensitive information is not safe option in plaintext, kubernetes have another components for the same and that is
🔐 Secret
Secret is just like configMap, it use to store sensitive data. Secret store data in base64 encoded form instead of plaintext.
All passwords, keys, tokens, we should store in secret
It works like configMap, we can use values from secret in our application.
In addition to this, if the db-app gets crash or rebooted, which contains data, the data will be lost, we want our database or log data to be persistedd for long term, to achieve this, we have another components in kubernetes called:
💾 Volumes
Volume components basically attaches physical storage to your pods, it can be local storage, hard drive on same server, or different server/machine outside of kubernetes cluster, or any external storage based on network or cloud.
So if the db pods gets restarted or re-created, all the data is stored in external storage which is connected to pod using volume components.
Thats it, we have looked into all basic components of kubernetes and here is quick summery:
Node: Machine where where kubernetes are running, nodes can be Master node or worker node.
Pod: Smallest unit of kubernetes, this contain a running container. It provides abstraction level to interact with container.
Services: Services are attached to pod but are not connected to its lifecycle, services provide static internal IP address so that pods can communicate with each other even after multiple replacement
Ingress: Assume it as network interface of node and firewall for all the pods, it controls and manages which pods/ports will be open from node to external world to access application.
configMap: This components used to store configuration data for the application which is independent of application itself, so any change in config data can be adjusted here without application being re-built or re-deployed
Secret: Secret are just like configMap but instead of storing configuration data in plaintext, it used base64 encoding. It is used to store sensitive information like, passwords, keys, tokens etc.
Volumes: Provide connectivity of pod to the external storage system, be it local hard drive, non-cluster storage or cloud storage, this make sure, data is persisted even if the entire kubernetes cluster crashed.
Data storage is quite tricky in kubernetes specially to manage data, storing it, managing its lifecycle, Atomicity, and consistency, in next Article, we will take a look how database deplyment is performed and what are best practices.
Next Read: Understanding deployments and StatefulSet: Kubernetes for beginners
