SlideShare a Scribd company logo

An overview of the Kubernetes architecture

Igor Sfiligoi
Igor Sfiligoi

This talk provides a 101 introdution to Kubernetes from a user point of view. Aimed at service providers, it was presented at the GPN Annual Meeting 2019. https://conferences.k-state.edu/gpn/

1 of 22
Download to read offline
An overview of the Kubernetes architecture Presented by Igor Sfiligoi, UCSD Workshop at the Great Plains Network Annual Meeting 2019 GPN Annual Meeting 2019 - Kubernetes Architecture 1
Outline • Kubernetes history • Basic building blocks • Provided bells and whistles • Scheduling • User interface GPN Annual Meeting 2019 - Kubernetes Architecture 2
Kubernetes • Now maintained by Cloud Native Computing Foundation https://kubernetes.io Originally created by Google • With very large and active development community Open source • But also available out-of-the-box on all major Clouds (GCP, AWS and Azure) Can be deployed on-prem GPN Annual Meeting 2019 - Kubernetes Architecture 3
Container based • Typically Docker based Containers are the basic building block • Creating custom ones almost trivial Standard images for many applications exist • If state needed, must be held outside Just remember containers are stateless GPN Annual Meeting 2019 - Kubernetes Architecture 4
Container Orchestration • Once you have many containers on many nodes, you need something to manage the whole • This is usually referred to as Orchestration Attribution: https://kubernetes.io GPN Annual Meeting 2019 - Kubernetes Architecture 5
Packing containers into pods The smallest concept is actually the Pod A Pod is a set of containers • Having a single Container in a Pod OK Containers within a Pod are guaranteed to run alongside • And can share (ephemeral) state Pod Container Container https://kubernetes.io/docs/concepts/workloads/pods/pod/ GPN Annual Meeting 2019 - Kubernetes Architecture 6
Packing Pods into Deployments • If it terminates for whatever reason, it is gone A Pod is ephemeral • Initially launches a single Pod (no obvious benefit) • If a Pod is removed, a new Pod is automatically re-submitted A Deployment is persistent • E.g. for load balancing and horizontal scaling A Deployment can also manage multiple replicas Great for service applications https://kubernetes.io/docs/concepts/workloads/controllers/deployment/ GPN Annual Meeting 2019 - Kubernetes Architecture 7
Configuration management • Kubernetes provides an easy mechanism to inject information into the Container images at runtime Most applications need to be configured Three types of information Environment variables Whole files Secrets https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/ https://kubernetes.io/docs/concepts/configuration/secret/ GPN Annual Meeting 2019 - Kubernetes Architecture 8
Linking to external storage • Most applications will need it! External storage essential for persistency • Local storage • Distributed storage, e.g. CEPH, NFS, etc. • Custom filesystems via CSI – e.g. CVMFS Kubernetes provides the necessary hooks at Pod launch time https://kubernetes.io/docs/concepts/storage/volumes/ https://kubernetes-csi.github.io/docs/ GPN Annual Meeting 2019 - Kubernetes Architecture 9
Networking Each container get its own private IP address A Deployment can be registered as a Service • Gets its own IP address and DNS entry • Traffic routes to the Pods in Deployment based on selected policy (e.g. RR) Service can also serve as a NAT • Routing traffic from WAN using the Kubernetes public IPs https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ GPN Annual Meeting 2019 - Kubernetes Architecture 10
Networking Each container get its own private IP address A Deployment can be registered as a Service • Gets its own IP address and DNS entry • Traffic routes to the Pods in Deployment based on selected policy (e.g. RR) Service can also serve as a NAT • Routing traffic from WAN using the Kubernetes public IPs https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ • Unprivileged Pods better for regular users to minimize risk Privileged Pods can get access to the host/public IP • E.g. due to the use of X.509 Useful for Network Servers tied to a specific node GPN Annual Meeting 2019 - Kubernetes Architecture 11
Pod scheduling Kubernetes comes with a pretty decent scheduler Will match Pods to available resources (CPU, Memory, GPU, etc.) • Nodes advertise what is available • Pods specify what they require, may also limit itself to a subset of Nodes • A Pod will start on a Node only if a match can be made There is also a notion of Priorities • If a match for a higher priority Pod cannot be made, the scheduler will kill one or more lower priority Pods to make space for it (if at all possible) https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ GPN Annual Meeting 2019 - Kubernetes Architecture 12
The DaemonSet • E.g. a Monitoring probe Sometimes an application must run on all the nodes • Like a Deployment, but with fixed all-nodes scheduling The DaemonSet automates this https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ GPN Annual Meeting 2019 - Kubernetes Architecture 13
Users and Permissions Kubernetes does not really have a concept of a “User” Permissions are set as part of the Namespace concept • Anyone having access to a Namespace can operate on the objects inside that Namespace • Including creating, monitoring and modifying them Namespace conceptually provides virtual-private Kubernetes clusters • But very little additional restrictions within • And relatively hard coordinating Pods in separate Namespaces https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ GPN Annual Meeting 2019 - Kubernetes Architecture 14
Users and Permissions Kubernetes does not really have a concept of a “User” Permissions are set as part of the Namespace concept • Anyone having access to a Namespace can operate on the objects inside that Namespace • Including creating, monitoring and modifying them Namespace conceptually provides virtual-private Kubernetes clusters • But very little additional restrictions within • And relatively hard coordinating Pods in separate Namespaces PRP Nautilus provides user management as a side concept. https://nautilus.optiputer.net GPN Annual Meeting 2019 - Kubernetes Architecture 15
Driving Kubernetes GPN Annual Meeting 2019 - Kubernetes Architecture 16
YAML Everywhere • Both for creating/configuring Pods/Deployments/Services • And for querying their (detailed) status Most interactions with Kubernetes will involve YAML documents • Describes itself as “a human friendly markup language” • Uses Python-indentation to indicate nesting YAML is actually quite easy to use https://en.wikipedia.org/wiki/YAML GPN Annual Meeting 2019 - Kubernetes Architecture 17
An example YAML file kind: Deployment metadata: name: osg-collector-prp-sdsc namespace: osg labels: k8s-app: osg-collector-prp spec: template: metadata: labels: k8s-app: osg-collector-prp spec: containers: - name: osg-collector-prp image: sfiligoi/prp-osg-pool:collector ports: - containerPort: 9618 volumeMounts: - name: condordata mountPath: /var/lib/condor - name: configpasswd mountPath: /var/lock/condor/pool_password subPath: pool_password readOnly: true volumes: - name: condordata persistentVolumeClaim: claimName: pvc-xcache11-t2-ucsd-edu-persistent-1 - name: configpasswd secret: secretName: osg-pool-sdsc-config items: - key: pool_password path: pool_password defaultMode: 256 GPN Annual Meeting 2019 - Kubernetes Architecture 18
kubectl • kubectl create -f <filename> - Create new object • kubectl get <type> -n <namespace> - Query existing objects • kubectl edit <type> -n <namespace> <id> - Update existing object • kubectl delete -f <filename> - Delete existing object Most often used cmdline tool https://kubernetes.io/docs/reference/kubectl/ GPN Annual Meeting 2019 - Kubernetes Architecture 19
Installing kubectl • Just a static binary • Available for all major platforms (Linux, MacOS, Windows) • Detailed download instructions at https://kubernetes.io/docs/tasks/tools/install-kubectl/ • Can be used over WAN • Just put the config file in ~/.kube/config Get yours from PRP’s Nautilus GPN Annual Meeting 2019 - Kubernetes Architecture 20
The end GPN Annual Meeting 2019 - Kubernetes Architecture 21
Acknowledgents This work was partially funded by US National Science Foundation (NSF) awards CNS-1456638, CNS-1730158, ACI-1540112, ACI-1541349, OAC-1826967, OAC 1450871, OAC-1659169 and OAC-1841530. GPN Annual Meeting 2019 - Kubernetes Architecture 22

Recommended

Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Eric Gustafson
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with Kubernetes
EastBanc Tachnologies
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
Imesh Gunaratne
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Crevise Technologies
 
Kubernetes 101 for Beginners
Kubernetes 101 for BeginnersKubernetes 101 for Beginners
Kubernetes 101 for Beginners
Oktay Esgul
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Rishabh Kumar
 
Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory Guide
Bytemark
 

Recommended

Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Eric Gustafson
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with Kubernetes
EastBanc Tachnologies
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
Imesh Gunaratne
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Crevise Technologies
 
Kubernetes 101 for Beginners
Kubernetes 101 for BeginnersKubernetes 101 for Beginners
Kubernetes 101 for Beginners
Oktay Esgul
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Rishabh Kumar
 
Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory Guide
Bytemark
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Antonin Stoklasek
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Martin Danielsson
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
VMware Tanzu
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive Overview
Bob Killen
 
01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx
TamalBanerjee16
 
Kubernetes Deployment Strategies
Kubernetes Deployment StrategiesKubernetes Deployment Strategies
Kubernetes Deployment Strategies
Abdennour TM
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for Kubernetes
Carlos E. Salazar
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes Architecture
Knoldus Inc.
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introduction
Sparkbit
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
Ryan Jarvinen
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Winton Winton
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Eueung Mulyana
 
Introduction to helm
Introduction to helmIntroduction to helm
Introduction to helm
Jeeva Chelladhurai
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)
Megan O'Keefe
 
Azure kubernetes service (aks)
Azure kubernetes service (aks)Azure kubernetes service (aks)
Azure kubernetes service (aks)
Akash Agrawal
 
Kubernetes
KubernetesKubernetes
Kubernetes
Henry He
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overview
Gabriel Carro
 
(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview
Bob Killen
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Peng Xiao
 
Cloud-Native Application and Kubernetes
Cloud-Native Application and KubernetesCloud-Native Application and Kubernetes
Cloud-Native Application and Kubernetes
Alex Glikson
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 

More Related Content

What's hot

Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Antonin Stoklasek
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Martin Danielsson
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
VMware Tanzu
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive Overview
Bob Killen
 
01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx
TamalBanerjee16
 
Kubernetes Deployment Strategies
Kubernetes Deployment StrategiesKubernetes Deployment Strategies
Kubernetes Deployment Strategies
Abdennour TM
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for Kubernetes
Carlos E. Salazar
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes Architecture
Knoldus Inc.
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introduction
Sparkbit
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
Ryan Jarvinen
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Winton Winton
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Eueung Mulyana
 
Introduction to helm
Introduction to helmIntroduction to helm
Introduction to helm
Jeeva Chelladhurai
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)
Megan O'Keefe
 
Azure kubernetes service (aks)
Azure kubernetes service (aks)Azure kubernetes service (aks)
Azure kubernetes service (aks)
Akash Agrawal
 
Kubernetes
KubernetesKubernetes
Kubernetes
Henry He
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overview
Gabriel Carro
 
(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview
Bob Killen
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Peng Xiao
 

What's hot (20)

Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive Overview
 
01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx01. Kubernetes-PPT.pptx
01. Kubernetes-PPT.pptx
 
Kubernetes Deployment Strategies
Kubernetes Deployment StrategiesKubernetes Deployment Strategies
Kubernetes Deployment Strategies
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Intro to Helm for Kubernetes
Intro to Helm for KubernetesIntro to Helm for Kubernetes
Intro to Helm for Kubernetes
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes Architecture
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introduction
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Introduction to helm
Introduction to helmIntroduction to helm
Introduction to helm
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)
 
Azure kubernetes service (aks)
Azure kubernetes service (aks)Azure kubernetes service (aks)
Azure kubernetes service (aks)
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overview
 
(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 

Similar to An overview of the Kubernetes architecture

Cloud-Native Application and Kubernetes
Cloud-Native Application and KubernetesCloud-Native Application and Kubernetes
Cloud-Native Application and Kubernetes
Alex Glikson
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
NETWAYS
 
Building Cloud-Native Applications with Kubernetes, Helm and Kubeless
Building Cloud-Native Applications with Kubernetes, Helm and KubelessBuilding Cloud-Native Applications with Kubernetes, Helm and Kubeless
Building Cloud-Native Applications with Kubernetes, Helm and Kubeless
Bitnami
 
From chroot to Docker to Kubernetes
From chroot to Docker to KubernetesFrom chroot to Docker to Kubernetes
From chroot to Docker to Kubernetes
Alex Glikson
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground up
Sander Knape
 
A guide of PostgreSQL on Kubernetes
A guide of PostgreSQL on KubernetesA guide of PostgreSQL on Kubernetes
A guide of PostgreSQL on Kubernetes
t8kobayashi
 
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV ClusterMethod of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
byonggon chun
 
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
Juraj Hantak
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetes
Adam Hamsik
 
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna KumarKubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
CodeOps Technologies LLP
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)
Krishna-Kumar
 
Kubernetes: https://youtu.be/KnjnQj-FvfQ
Kubernetes: https://youtu.be/KnjnQj-FvfQKubernetes: https://youtu.be/KnjnQj-FvfQ
Kubernetes: https://youtu.be/KnjnQj-FvfQ
Rahul Malhotra
 
Modern big data and machine learning in the era of cloud, docker and kubernetes
Modern big data and machine learning in the era of cloud, docker and kubernetesModern big data and machine learning in the era of cloud, docker and kubernetes
Modern big data and machine learning in the era of cloud, docker and kubernetes
Slim Baltagi
 
Webinar- Tea for the Tillerman
Webinar- Tea for the TillermanWebinar- Tea for the Tillerman
Webinar- Tea for the Tillerman
Cumulus Networks
 
Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...
Codemotion
 
Deploy at scale with CoreOS Kubernetes and Apache Stratos
Deploy at scale with CoreOS Kubernetes and Apache StratosDeploy at scale with CoreOS Kubernetes and Apache Stratos
Deploy at scale with CoreOS Kubernetes and Apache Stratos
Chris Haddad
 
Pydata 2020 containers meetup
Pydata 2020 containers meetup Pydata 2020 containers meetup
Pydata 2020 containers meetup
Walid Shaari
 
Windows containers on Kubernetes
Windows containers on KubernetesWindows containers on Kubernetes
Windows containers on Kubernetes
Craig Peters
 
NFV features in kubernetes
NFV features in kubernetesNFV features in kubernetes
NFV features in kubernetes
Kuralamudhan Ramakrishnan
 

Similar to An overview of the Kubernetes architecture (20)

Cloud-Native Application and Kubernetes
Cloud-Native Application and KubernetesCloud-Native Application and Kubernetes
Cloud-Native Application and Kubernetes
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
 
Building Cloud-Native Applications with Kubernetes, Helm and Kubeless
Building Cloud-Native Applications with Kubernetes, Helm and KubelessBuilding Cloud-Native Applications with Kubernetes, Helm and Kubeless
Building Cloud-Native Applications with Kubernetes, Helm and Kubeless
 
From chroot to Docker to Kubernetes
From chroot to Docker to KubernetesFrom chroot to Docker to Kubernetes
From chroot to Docker to Kubernetes
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground up
 
A guide of PostgreSQL on Kubernetes
A guide of PostgreSQL on KubernetesA guide of PostgreSQL on Kubernetes
A guide of PostgreSQL on Kubernetes
 
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV ClusterMethod of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
 
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetes
 
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna KumarKubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)
 
Kubernetes: https://youtu.be/KnjnQj-FvfQ
Kubernetes: https://youtu.be/KnjnQj-FvfQKubernetes: https://youtu.be/KnjnQj-FvfQ
Kubernetes: https://youtu.be/KnjnQj-FvfQ
 
Modern big data and machine learning in the era of cloud, docker and kubernetes
Modern big data and machine learning in the era of cloud, docker and kubernetesModern big data and machine learning in the era of cloud, docker and kubernetes
Modern big data and machine learning in the era of cloud, docker and kubernetes
 
Webinar- Tea for the Tillerman
Webinar- Tea for the TillermanWebinar- Tea for the Tillerman
Webinar- Tea for the Tillerman
 
Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...
 
Deploy at scale with CoreOS Kubernetes and Apache Stratos
Deploy at scale with CoreOS Kubernetes and Apache StratosDeploy at scale with CoreOS Kubernetes and Apache Stratos
Deploy at scale with CoreOS Kubernetes and Apache Stratos
 
Pydata 2020 containers meetup
Pydata 2020 containers meetup Pydata 2020 containers meetup
Pydata 2020 containers meetup
 
Windows containers on Kubernetes
Windows containers on KubernetesWindows containers on Kubernetes
Windows containers on Kubernetes
 
NFV features in kubernetes
NFV features in kubernetesNFV features in kubernetes
NFV features in kubernetes
 

More from Igor Sfiligoi

Preparing Fusion codes for Perlmutter - CGYRO
Preparing Fusion codes for Perlmutter - CGYROPreparing Fusion codes for Perlmutter - CGYRO
Preparing Fusion codes for Perlmutter - CGYRO
Igor Sfiligoi
 
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
Igor Sfiligoi
 
Comparing single-node and multi-node performance of an important fusion HPC c...
Comparing single-node and multi-node performance of an important fusion HPC c...Comparing single-node and multi-node performance of an important fusion HPC c...
Comparing single-node and multi-node performance of an important fusion HPC c...
Igor Sfiligoi
 
The anachronism of whole-GPU accounting
The anachronism of whole-GPU accountingThe anachronism of whole-GPU accounting
The anachronism of whole-GPU accounting
Igor Sfiligoi
 
Auto-scaling HTCondor pools using Kubernetes compute resources
Auto-scaling HTCondor pools using Kubernetes compute resourcesAuto-scaling HTCondor pools using Kubernetes compute resources
Auto-scaling HTCondor pools using Kubernetes compute resources
Igor Sfiligoi
 
Speeding up bowtie2 by improving cache-hit rate
Speeding up bowtie2 by improving cache-hit rateSpeeding up bowtie2 by improving cache-hit rate
Speeding up bowtie2 by improving cache-hit rate
Igor Sfiligoi
 
Performance Optimization of CGYRO for Multiscale Turbulence Simulations
Performance Optimization of CGYRO for Multiscale Turbulence SimulationsPerformance Optimization of CGYRO for Multiscale Turbulence Simulations
Performance Optimization of CGYRO for Multiscale Turbulence Simulations
Igor Sfiligoi
 
Comparing GPU effectiveness for Unifrac distance compute
Comparing GPU effectiveness for Unifrac distance computeComparing GPU effectiveness for Unifrac distance compute
Comparing GPU effectiveness for Unifrac distance compute
Igor Sfiligoi
 
Managing Cloud networking costs for data-intensive applications by provisioni...
Managing Cloud networking costs for data-intensive applications by provisioni...Managing Cloud networking costs for data-intensive applications by provisioni...
Managing Cloud networking costs for data-intensive applications by provisioni...
Igor Sfiligoi
 
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory AccessAccelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Igor Sfiligoi
 
Using A100 MIG to Scale Astronomy Scientific Output
Using A100 MIG to Scale Astronomy Scientific OutputUsing A100 MIG to Scale Astronomy Scientific Output
Using A100 MIG to Scale Astronomy Scientific Output
Igor Sfiligoi
 
Using commercial Clouds to process IceCube jobs
Using commercial Clouds to process IceCube jobsUsing commercial Clouds to process IceCube jobs
Using commercial Clouds to process IceCube jobs
Igor Sfiligoi
 
Modest scale HPC on Azure using CGYRO
Modest scale HPC on Azure using CGYROModest scale HPC on Azure using CGYRO
Modest scale HPC on Azure using CGYRO
Igor Sfiligoi
 
Data-intensive IceCube Cloud Burst
Data-intensive IceCube Cloud BurstData-intensive IceCube Cloud Burst
Data-intensive IceCube Cloud Burst
Igor Sfiligoi
 
Scheduling a Kubernetes Federation with Admiralty
Scheduling a Kubernetes Federation with AdmiraltyScheduling a Kubernetes Federation with Admiralty
Scheduling a Kubernetes Federation with Admiralty
Igor Sfiligoi
 
Accelerating microbiome research with OpenACC
Accelerating microbiome research with OpenACCAccelerating microbiome research with OpenACC
Accelerating microbiome research with OpenACC
Igor Sfiligoi
 
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Igor Sfiligoi
 
Porting and optimizing UniFrac for GPUs
Porting and optimizing UniFrac for GPUsPorting and optimizing UniFrac for GPUs
Porting and optimizing UniFrac for GPUs
Igor Sfiligoi
 
Demonstrating 100 Gbps in and out of the public Clouds
Demonstrating 100 Gbps in and out of the public CloudsDemonstrating 100 Gbps in and out of the public Clouds
Demonstrating 100 Gbps in and out of the public Clouds
Igor Sfiligoi
 
TransAtlantic Networking using Cloud links
TransAtlantic Networking using Cloud linksTransAtlantic Networking using Cloud links
TransAtlantic Networking using Cloud links
Igor Sfiligoi
 

More from Igor Sfiligoi (20)

Preparing Fusion codes for Perlmutter - CGYRO
Preparing Fusion codes for Perlmutter - CGYROPreparing Fusion codes for Perlmutter - CGYRO
Preparing Fusion codes for Perlmutter - CGYRO
 
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
 
Comparing single-node and multi-node performance of an important fusion HPC c...
Comparing single-node and multi-node performance of an important fusion HPC c...Comparing single-node and multi-node performance of an important fusion HPC c...
Comparing single-node and multi-node performance of an important fusion HPC c...
 
The anachronism of whole-GPU accounting
The anachronism of whole-GPU accountingThe anachronism of whole-GPU accounting
The anachronism of whole-GPU accounting
 
Auto-scaling HTCondor pools using Kubernetes compute resources
Auto-scaling HTCondor pools using Kubernetes compute resourcesAuto-scaling HTCondor pools using Kubernetes compute resources
Auto-scaling HTCondor pools using Kubernetes compute resources
 
Speeding up bowtie2 by improving cache-hit rate
Speeding up bowtie2 by improving cache-hit rateSpeeding up bowtie2 by improving cache-hit rate
Speeding up bowtie2 by improving cache-hit rate
 
Performance Optimization of CGYRO for Multiscale Turbulence Simulations
Performance Optimization of CGYRO for Multiscale Turbulence SimulationsPerformance Optimization of CGYRO for Multiscale Turbulence Simulations
Performance Optimization of CGYRO for Multiscale Turbulence Simulations
 
Comparing GPU effectiveness for Unifrac distance compute
Comparing GPU effectiveness for Unifrac distance computeComparing GPU effectiveness for Unifrac distance compute
Comparing GPU effectiveness for Unifrac distance compute
 
Managing Cloud networking costs for data-intensive applications by provisioni...
Managing Cloud networking costs for data-intensive applications by provisioni...Managing Cloud networking costs for data-intensive applications by provisioni...
Managing Cloud networking costs for data-intensive applications by provisioni...
 
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory AccessAccelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
 
Using A100 MIG to Scale Astronomy Scientific Output
Using A100 MIG to Scale Astronomy Scientific OutputUsing A100 MIG to Scale Astronomy Scientific Output
Using A100 MIG to Scale Astronomy Scientific Output
 
Using commercial Clouds to process IceCube jobs
Using commercial Clouds to process IceCube jobsUsing commercial Clouds to process IceCube jobs
Using commercial Clouds to process IceCube jobs
 
Modest scale HPC on Azure using CGYRO
Modest scale HPC on Azure using CGYROModest scale HPC on Azure using CGYRO
Modest scale HPC on Azure using CGYRO
 
Data-intensive IceCube Cloud Burst
Data-intensive IceCube Cloud BurstData-intensive IceCube Cloud Burst
Data-intensive IceCube Cloud Burst
 
Scheduling a Kubernetes Federation with Admiralty
Scheduling a Kubernetes Federation with AdmiraltyScheduling a Kubernetes Federation with Admiralty
Scheduling a Kubernetes Federation with Admiralty
 
Accelerating microbiome research with OpenACC
Accelerating microbiome research with OpenACCAccelerating microbiome research with OpenACC
Accelerating microbiome research with OpenACC
 
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
 
Porting and optimizing UniFrac for GPUs
Porting and optimizing UniFrac for GPUsPorting and optimizing UniFrac for GPUs
Porting and optimizing UniFrac for GPUs
 
Demonstrating 100 Gbps in and out of the public Clouds
Demonstrating 100 Gbps in and out of the public CloudsDemonstrating 100 Gbps in and out of the public Clouds
Demonstrating 100 Gbps in and out of the public Clouds
 
TransAtlantic Networking using Cloud links
TransAtlantic Networking using Cloud linksTransAtlantic Networking using Cloud links
TransAtlantic Networking using Cloud links
 

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 

An overview of the Kubernetes architecture

  • 1. An overview of the Kubernetes architecture Presented by Igor Sfiligoi, UCSD Workshop at the Great Plains Network Annual Meeting 2019 GPN Annual Meeting 2019 - Kubernetes Architecture 1
  • 2. Outline • Kubernetes history • Basic building blocks • Provided bells and whistles • Scheduling • User interface GPN Annual Meeting 2019 - Kubernetes Architecture 2
  • 3. Kubernetes • Now maintained by Cloud Native Computing Foundation https://kubernetes.io Originally created by Google • With very large and active development community Open source • But also available out-of-the-box on all major Clouds (GCP, AWS and Azure) Can be deployed on-prem GPN Annual Meeting 2019 - Kubernetes Architecture 3
  • 4. Container based • Typically Docker based Containers are the basic building block • Creating custom ones almost trivial Standard images for many applications exist • If state needed, must be held outside Just remember containers are stateless GPN Annual Meeting 2019 - Kubernetes Architecture 4
  • 5. Container Orchestration • Once you have many containers on many nodes, you need something to manage the whole • This is usually referred to as Orchestration Attribution: https://kubernetes.io GPN Annual Meeting 2019 - Kubernetes Architecture 5
  • 6. Packing containers into pods The smallest concept is actually the Pod A Pod is a set of containers • Having a single Container in a Pod OK Containers within a Pod are guaranteed to run alongside • And can share (ephemeral) state Pod Container Container https://kubernetes.io/docs/concepts/workloads/pods/pod/ GPN Annual Meeting 2019 - Kubernetes Architecture 6
  • 7. Packing Pods into Deployments • If it terminates for whatever reason, it is gone A Pod is ephemeral • Initially launches a single Pod (no obvious benefit) • If a Pod is removed, a new Pod is automatically re-submitted A Deployment is persistent • E.g. for load balancing and horizontal scaling A Deployment can also manage multiple replicas Great for service applications https://kubernetes.io/docs/concepts/workloads/controllers/deployment/ GPN Annual Meeting 2019 - Kubernetes Architecture 7
  • 8. Configuration management • Kubernetes provides an easy mechanism to inject information into the Container images at runtime Most applications need to be configured Three types of information Environment variables Whole files Secrets https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/ https://kubernetes.io/docs/concepts/configuration/secret/ GPN Annual Meeting 2019 - Kubernetes Architecture 8
  • 9. Linking to external storage • Most applications will need it! External storage essential for persistency • Local storage • Distributed storage, e.g. CEPH, NFS, etc. • Custom filesystems via CSI – e.g. CVMFS Kubernetes provides the necessary hooks at Pod launch time https://kubernetes.io/docs/concepts/storage/volumes/ https://kubernetes-csi.github.io/docs/ GPN Annual Meeting 2019 - Kubernetes Architecture 9
  • 10. Networking Each container get its own private IP address A Deployment can be registered as a Service • Gets its own IP address and DNS entry • Traffic routes to the Pods in Deployment based on selected policy (e.g. RR) Service can also serve as a NAT • Routing traffic from WAN using the Kubernetes public IPs https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ GPN Annual Meeting 2019 - Kubernetes Architecture 10
  • 11. Networking Each container get its own private IP address A Deployment can be registered as a Service • Gets its own IP address and DNS entry • Traffic routes to the Pods in Deployment based on selected policy (e.g. RR) Service can also serve as a NAT • Routing traffic from WAN using the Kubernetes public IPs https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ • Unprivileged Pods better for regular users to minimize risk Privileged Pods can get access to the host/public IP • E.g. due to the use of X.509 Useful for Network Servers tied to a specific node GPN Annual Meeting 2019 - Kubernetes Architecture 11
  • 12. Pod scheduling Kubernetes comes with a pretty decent scheduler Will match Pods to available resources (CPU, Memory, GPU, etc.) • Nodes advertise what is available • Pods specify what they require, may also limit itself to a subset of Nodes • A Pod will start on a Node only if a match can be made There is also a notion of Priorities • If a match for a higher priority Pod cannot be made, the scheduler will kill one or more lower priority Pods to make space for it (if at all possible) https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ GPN Annual Meeting 2019 - Kubernetes Architecture 12
  • 13. The DaemonSet • E.g. a Monitoring probe Sometimes an application must run on all the nodes • Like a Deployment, but with fixed all-nodes scheduling The DaemonSet automates this https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ GPN Annual Meeting 2019 - Kubernetes Architecture 13
  • 14. Users and Permissions Kubernetes does not really have a concept of a “User” Permissions are set as part of the Namespace concept • Anyone having access to a Namespace can operate on the objects inside that Namespace • Including creating, monitoring and modifying them Namespace conceptually provides virtual-private Kubernetes clusters • But very little additional restrictions within • And relatively hard coordinating Pods in separate Namespaces https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ GPN Annual Meeting 2019 - Kubernetes Architecture 14
  • 15. Users and Permissions Kubernetes does not really have a concept of a “User” Permissions are set as part of the Namespace concept • Anyone having access to a Namespace can operate on the objects inside that Namespace • Including creating, monitoring and modifying them Namespace conceptually provides virtual-private Kubernetes clusters • But very little additional restrictions within • And relatively hard coordinating Pods in separate Namespaces PRP Nautilus provides user management as a side concept. https://nautilus.optiputer.net GPN Annual Meeting 2019 - Kubernetes Architecture 15
  • 16. Driving Kubernetes GPN Annual Meeting 2019 - Kubernetes Architecture 16
  • 17. YAML Everywhere • Both for creating/configuring Pods/Deployments/Services • And for querying their (detailed) status Most interactions with Kubernetes will involve YAML documents • Describes itself as “a human friendly markup language” • Uses Python-indentation to indicate nesting YAML is actually quite easy to use https://en.wikipedia.org/wiki/YAML GPN Annual Meeting 2019 - Kubernetes Architecture 17
  • 18. An example YAML file kind: Deployment metadata: name: osg-collector-prp-sdsc namespace: osg labels: k8s-app: osg-collector-prp spec: template: metadata: labels: k8s-app: osg-collector-prp spec: containers: - name: osg-collector-prp image: sfiligoi/prp-osg-pool:collector ports: - containerPort: 9618 volumeMounts: - name: condordata mountPath: /var/lib/condor - name: configpasswd mountPath: /var/lock/condor/pool_password subPath: pool_password readOnly: true volumes: - name: condordata persistentVolumeClaim: claimName: pvc-xcache11-t2-ucsd-edu-persistent-1 - name: configpasswd secret: secretName: osg-pool-sdsc-config items: - key: pool_password path: pool_password defaultMode: 256 GPN Annual Meeting 2019 - Kubernetes Architecture 18
  • 19. kubectl • kubectl create -f <filename> - Create new object • kubectl get <type> -n <namespace> - Query existing objects • kubectl edit <type> -n <namespace> <id> - Update existing object • kubectl delete -f <filename> - Delete existing object Most often used cmdline tool https://kubernetes.io/docs/reference/kubectl/ GPN Annual Meeting 2019 - Kubernetes Architecture 19
  • 20. Installing kubectl • Just a static binary • Available for all major platforms (Linux, MacOS, Windows) • Detailed download instructions at https://kubernetes.io/docs/tasks/tools/install-kubectl/ • Can be used over WAN • Just put the config file in ~/.kube/config Get yours from PRP’s Nautilus GPN Annual Meeting 2019 - Kubernetes Architecture 20
  • 21. The end GPN Annual Meeting 2019 - Kubernetes Architecture 21
  • 22. Acknowledgents This work was partially funded by US National Science Foundation (NSF) awards CNS-1456638, CNS-1730158, ACI-1540112, ACI-1541349, OAC-1826967, OAC 1450871, OAC-1659169 and OAC-1841530. GPN Annual Meeting 2019 - Kubernetes Architecture 22