The reason why Kubernetes is cool

This is a creation in Article, where the information may have evolved or changed.

The reason why Kubernetes is cool

Objective

When I first learned it Kubernetes (about 1.5 ago?) I really can't find a reason to pay attention to it.

Uttered, I've been using it Kubernetes for almost three months. About why I think it is very useful, with some ideas, although I am still a beginner, but fortunately, this article can still explain to you, what Kubernetes is the matter.

As I explain to you Kubernetes how interesting it is, I try to avoid using some jargon that is too professional, such as Native Cloud, Orchestration, Container, and Kubernetes. I Kubernetes explained to you mainly from the perspective of an OPS engineer, because my current job is to build and configure the Kubernetes operating environment and let him run normally.

I am not going to discuss such as "should I Kubernetes apply it to the production environment?" "This is not a question that can be explained in one or two words (because" whether it is used in a production environment) is entirely up to you. "

Kubernetes lets you run code directly in your production environment without having to start a new server

My first touch Kubernetes came from a conversation with my colleague Kamal :

• Kamal: Kubernetes You can start a new service with a single command you just need
• Julia: How is that possible?
• Kamal: For example, you just need to write a profile, then apply it, and then you have a run in the production environment
  HTTPService
• Julia: But now if I want to create a new AWS instance of Amazon Cloud service, I need to write a
  manifest, then start the service discovery, configure my load balancer, configure our development software, but also to ensure that the DNS work is working properly, even if the cut is completed smoothly, it will take at least 4 hours of time Ah!
• Kamal: Yeah. Kubernetesyou don't have to do these things anymore, you can start a service in 5 minutes HTTP , and he will run automatically. As long as you have the appropriate space in the cluster to accommodate this service, it can be used directly!
• Julia: I guess there's a lot of holes in it.

The hole in this should be configured, it Kubernetes is really not simple (in my experience), you can view this kubernetes the hard. But at least for now, we don't have to worry about it.

Now, the first cool part is that there is Kubernetes great potential for developers to easily deploy services to production environments. This is really cool, using Kubernetes work, you can really start a new service in 5 minutes with a profile HTTP (including "Start 5 service Programs", "Configure load Balancing", "Configure DNS"), worth knowing.

Kubernetes provides a visual interface for you to manage the code you run

In my opinion, you Kubernetes have to understand before you know it etcd . Well, let's take a look first.etcd
What a thing!

Imagine, today, I'm asking you, "Tell me, what applications are running in the production environment now?" Which hosts are running on? is the service in good condition? Is there a DNS binding? "I'm not clear about your situation, I only know that if it was me, I needed to look at a bunch of servers in different locations, and it took me a little while to figure out and answer these questions, and it was impossible to API get all the information through one.

On Kubernetes , all the states in your cluster: running applications, nodes, DNS names, scheduled tasks, and so on, are stored in a unified database, Kubernetes all of the builds are stateless, and are run through a process:

• etcdread status from, for example: List of applications in node 1th
• Change the state, for example: Start an application in node 1th
• etcdstatus in the update, such as: Set the status of app A to "running"

This means that if you want to answer a question "Hey, in the availability zone, how many are nginx running?" "You just need to query a unified API (Kubernetes), and Kubernetes other builds can be used in this simple API way.

It also means that you can control everything that runs in a simple way Kubernetes . As long as you want, you can do this:

• Execute a complex publishing strategy (deploy a task, wait 5 minutes, deploy 5 or more, wait 3.7 minutes, etc.)
• When a branch is submitted to Github , it automatically starts awebserver
• Monitor all running applications to ensure they each have a reasonable memory on- cgroups line

All you need to do is write a call Kubernetes API to the program (Controller "controllers")

Another cool Kubernetes API thing about it is that you don't have to be limited to Kubernetes some of the management methods you provide, and you can write your own program calls to implement your own customizations Kubernetes API 部署／新建／监测任务 . He allows you to do all the things you need!

Even if all the Kubernetes components are hung up, your app will still run

One of the things that many Kubernetes bloggers have promised at the outset is: "If Kubernetes the API service and other components are hung up, it's okay, your program will continue to run!" "I think it sounds cool in theory, but I'm not sure it's true.

It is true that it has been used for so long!

I've been through some etcd of the hang-out situations, but:

• All programs are running as usual
• No other new cascading events occur (of course, you cannot deploy new programs or commit changes, and scheduled tasks will stop running)
• When all the problems are fixed, the cluster will re-collect the previously lost information

This, of course, also means that if you etcd hang up and then a running program crashes or another error occurs, etcd he won't be able to handle the problem automatically until it restarts.

Kubernetes's design helps it not be easily broken by bugs

Like any other software, Kubernetes there will be bug . For example, the controller in our cluster now has a memory leak problem, and the scheduler often crashes. Bugof course not a good thing, but using it down, I found Kubernetes that the design helped it reduce a lot of potential in the core components bug .

If you restart any of the builds, it will happen:

• etcdread all the relevant state data from the
• Start performing some of the necessary actions based on the current state (scheduled applications, garbage collection, scheduling tasks, deployment daemons, and so on)

Because all of the builds don't keep their state in memory, you can restart the component at any time, which usually avoids some bug of the occurrences.

For example, your control management component has a memory leak problem, because the control management component is stateless, you can restart it intermittently, such as once an hour, and do not produce any other bad chain reaction at all. Another example is that our scheduler is out bug , and he sometimes drops some programs and never dispatches them. You can reduce this problem by restarting the scheduler every 10 minutes. (We didn't do it because we fixed this bug , but you can do it.)

So I think that I can trust Kubernetes the design, and believe it can ensure that even if the core components of the problem, but also to maintain the continuity of the cluster state. And in general, I think the quality of the software is gradually increased over time, and now have a state and need you to operate, only etcd .

There's state nothing more to say about me, I think the only problem you need to solve is 备份／恢复 etcd (unless your application is written to permanent storage). I think this makes Kubernetes the operation a lot easier.

Deploying a newly released component system on Kubernetes

Suppose you want to deploy a newly released scheduled task system! In other ways, it would be a ton of work. However, Kubernetes it is quite simple to deploy a new scheduled task system on a release! (It's still just a publishing system)

At first I read the Kubernetes Timing Task controller code, I was really happy, because his code is very simple. Click here to read Cronjob_controller.go, the main logic code is more than 400 lines of go code.

The main tasks of the scheduled Task Manager are:

• Every 10 seconds:

  • List Scheduled tasks that exist
  • Check each task to see if it needs to run
  • If you need to run, create a new task object that needs to be dispatched and then be executed by another Kubernetes controller component
  • Clear tasks that have been completed
  • Repeat

KubernetesModel is quite restrictive (he is such a pattern: resources are defined in etcd , the controller is then updated by reading these resources etcd ), and I think that the relevant options and restrictive models will make it easier for you to Kubernetes develop your own publishing system in the framework.

Kamal sent me the idea that "it's Kubernetes a good platform to write your own publishing system" and not just "a Kubernetes publishing system that you can use," which I think is interesting. He has a prototype placed Github on the system to run a HTTP service for every branch your push to GitHub. It took him two weeks, as if there were only 800 lines of go code, which made my eyes shine!

Kubernetes can make you do some magical things.

I said from the start that "it's unbelievable that you Kubernetes can do a lot of amazing things, you just need to use a configuration file to string up a lot of parts and processes, which is true!"

Why I say " Kubernetes not so Simple" is because Kubernetes there are a lot of parts, to learn how to configure a highly available Kubernetes cluster requires a lot of work. For example, I find that he has given me a lot of abstract interfaces, I need to understand how these interfaces are implemented at the bottom, so that I can debug faster and write better configurations. I like to learn new things, so this does not make me feel unhappy or anything else, I just think, this understanding is very important!

A more practical example of "I can't just rely on these abstract interfaces". I struggled to learn the network knowledge of Linux in order to allow me to confidently configure Kubernetes the network, certainly better than I totally do not understand the network. It's going to be fun, but it's also time-consuming. Later I might write about Kubernetes the difficulty and joy of configuring the network.

In addition, I wrote a 2000-word blog post about the Kubernetes CA different configuration items that must be learned in the configuration, about Kubernetes certificate authentication.

I think some Kubernetes system management software, such as Gke (Google's Kubernetes product), may be a bit simpler because he makes a lot of default settings for the user, But I haven't tried any of them.