Kubernetes - Kubernetes Cluster

Kubernetes | Kubernetes Cluster

Notes
Installing Kubernetes
Kubernetes Cluster
Kubernetes DNS Service
Kubernetes Proxy: kube proxy
Kubernetes Web UI (Dashboard)

Notes
Please visit these pages for more details about Kubernetes:
https://kubernetes.io/docs/concepts/overview/components/
https://kubernetes.io/docs/concepts/cluster-administration/
https://kubernetes.io/docs/concepts/cluster-administration/proxies/
https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/
https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/
Installing Kubernetes
To install Kubernetes using MiniKube: Install MiniKube

To install Kubernetes using Docker Desktop (Windows - WSL 2): Install Docker Desktop (WSL 2) and Enable Kubernetes

Amazon Elastic Kubernetes Service (EKS): https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html

Microsoft Azure Kubernetes Service (AKS): https://docs.microsoft.com/en-us/azure/aks/

Google Kubernetes Engine (GKE): https://cloud.google.com/kubernetes-engine/docs
Kubernetes Cluster
kubectl is the Kubernetes command-line tool that can be used to interact with the Kubernetes API server.

Cloud providers also provide their own command-line interfaces (CLIs):
- AWS Command Line Interface ("aws"): https://aws.amazon.com/cli/
- Azure Command-Line Interface ("az"): https://docs.microsoft.com/en-us/cli/azure/
- Cloud SDK Command Line Tools ("gcloud"): https://cloud.google.com/sdk
The following "kubectl" commands are run on a Kubernetes cluster installed on Docker Desktop (Windows - WSL 2).

To print the version of the cluster (Kubernetes API server) and the "kubectl" tool:
$ kubectl version --short Client Version: v1.19.7 Server Version: v1.19.7
To List the nodes of the cluster:
$ kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME docker-desktop Ready master 15d v1.19.7 192.168.65.4 <none> Docker Desktop 5.4.10-microsoft-standard-WSL2 docker://20.10.6
Depending on your installation you might see at least one node with the role "master" (the control plane: kube-apiserver, etcd) and eventually a list of worker nodes (where the containers are scheduled).

To get information about a node:
$ kubectl get nodes docker-desktop -o yaml apiVersion: v1 kind: Node metadata: annotations: kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock # ... more items labels: beta.kubernetes.io/arch: amd64 # ... more items name: docker-desktop spec: {} status: addresses: - address: 192.168.65.4 type: InternalIP - address: docker-desktop type: Hostname allocatable: cpu: "4" ephemeral-storage: "200000000000" hugepages-2Mi: "0" memory: 10Gi pods: "110" capacity: cpu: "4" ephemeral-storage: 100Gi hugepages-2Mi: "0" memory: 20Gi pods: "110" conditions: - lastHeartbeatTime: "2021-06-06T20:07:54Z" lastTransitionTime: "2021-05-28T22:06:09Z" message: kubelet has sufficient memory available reason: KubeletHasSufficientMemory status: "False" type: MemoryPressure # ... more items daemonEndpoints: kubeletEndpoint: Port: 10250 images: - names: - docker/desktop-kubernetes@sha256:07.... - docker/desktop-kubernetes:kubernetes-v1.19.7-cni-v0.8.5-critools-v1.17.0-debian sizeBytes: 284815363 # ... more items nodeInfo: architecture: amd64 bootID: 11111111-1111-1111-1111-111111111111 containerRuntimeVersion: docker://20.10.6 kernelVersion: 5.4.10-microsoft-standard-WSL2 kubeProxyVersion: v1.19.7 kubeletVersion: v1.19.7 machineID: 11111111-1111-1111-1111-111111111111 operatingSystem: linux osImage: Docker Desktop systemUUID: 11111111-1111-1111-1111-111111111111
To describe a node:
$ kubectl describe nodes docker-desktop Name: docker-desktop Roles: master Labels: beta.kubernetes.io/arch=amd64 #... Annotations: kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock node.alpha.kubernetes.io/ttl: 0 volumes.kubernetes.io/controller-managed-attach-detach: true Taints: <none> Unschedulable: false Lease: HolderIdentity: docker-desktop AcquireTime: <unset> Conditions: Type Status LastHeartbeatTime LastTransitionTime Reason Message ---- ------ ----------------- ------------------ ------ ------- MemoryPressure False Sun, 06 Jun 2021 16:08:54 -0400 Fri, 28 May 2021 18:06:09 -0400 KubeletHasSufficientMemory kubelet has sufficient memory available DiskPressure False Sun, 06 Jun 2021 16:08:54 -0400 Fri, 28 May 2021 18:06:09 -0400 KubeletHasNoDiskPressure kubelet has no disk pressure PIDPressure False Sun, 06 Jun 2021 16:08:54 -0400 Fri, 28 May 2021 18:06:09 -0400 KubeletHasSufficientPID kubelet has sufficient PID available Ready True Sun, 06 Jun 2021 16:08:54 -0400 Fri, 28 May 2021 18:06:12 -0400 KubeletReady kubelet is posting ready status Addresses: InternalIP: 192.168.65.4 Hostname: docker-desktop Capacity: cpu: 4 ephemeral-storage: 20Gi hugepages-2Mi: 0 memory: 20Gi pods: 110 Allocatable: cpu: 4 ephemeral-storage: 100000000000 hugepages-2Mi: 0 memory: 10Gi pods: 110 System Info: Machine ID: 11111111-1111-1111-1111-111111111111 System UUID: 11111111-1111-1111-1111-111111111111 Boot ID: 11111111-1111-1111-1111-111111111111 Kernel Version: 5.4.10-microsoft-standard-WSL2 OS Image: Docker Desktop Operating System: linux Architecture: amd64 Container Runtime Version: docker://20.10.6 Kubelet Version: v1.19.7 Kube-Proxy Version: v1.19.7 Non-terminated Pods: (15 in total) Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE --------- ---- ------------ ---------- --------------- ------------- --- kube-system coredns-f9fd979d6-47lqp 100m (1%) 0 (0%) 70Mi (0%) 170Mi (0%) 15d # ... more items Allocated resources: (Total limits may be over 100 percent, i.e., over-committed.) Resource Requests Limits -------- -------- ------ cpu 850m (10%) 0 (0%) memory 340Mi (1%) 340Mi (1%) ephemeral-storage 0 (0%) 0 (0%) hugepages-2Mi 0 (0%) 0 (0%) Events: <none>
The commands show information about the node (hostname, processor, OS, ...), its capacity (CPU, memory, ...), the Pods running on it (their names, CPU/Memory requests and limits), the total allocated resources (CPU/Memory requests and limits), the conditions of the pressure on the disk and the memory, and the version of some system components is also printed (Linux Kernel, Container Runtime, Kubelet, ...).
Kubernetes DNS Service
If you have installed Docker Desktop, you will see that Kubernetes is using CoreDNS DNS server.
The DNS server is used as the internal Kubernetes DNS service (cluster DNS) that provides naming and discovery for all Kubernetes Services that are created in the cluster.

The CoreDNS is running as a Kubernetes Deployment (replicas of Pods) and has a Service (acts as a load balancer for the DNS server).
CoreDNS server components run in the "kube-system" namespace (can be filtered with the label "k8s-app=kube-dns").

To see the CoreDNS Deployment:
$ kubectl get deployments -n kube-system -l k8s-app=kube-dns -o wide NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR coredns 2/2 2 2 13d coredns k8s.gcr.io/coredns:1.7.0 k8s-app=kube-dns
To see the CoreDNS Pods:
$ kubectl get pods -n kube-system -l k8s-app=kube-dns -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES coredns-f9fd979d6-47lqp 1/1 Running 4 13d 10.1.0.109 docker-desktop <none> <none> coredns-f9fd979d6-lk72n 1/1 Running 4 13d 10.1.0.110 docker-desktop <none> <none>
To see the CoreDNS Service (kube-dns):
$ kubectl get services -n kube-system -l k8s-app=kube-dns -o wide NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 13d k8s-app=kube-dns
Let's install dnsutils utility to help debuging the DNS name resolution for services:
$ kubectl apply -f https://k8s.io/examples/admin/dns/dnsutils.yaml pod/dnsutils created
Check that Pod was created properly:
$ kubectl get pod dnsutils NAME READY STATUS RESTARTS AGE dnsutils 1/1 Running 0 56s
First let's validate that the DNS resolution is working correctly.
The nslookup command can be used to resolve the "kubernetes" Service of the API Server (you should get something like the following):
$ kubectl exec -i -t dnsutils -- nslookup kubernetes Server: 10.96.0.10 <- The IP address of the Kubernetes DNS Address: 10.96.0.10#53 Name: kubernetes.default.svc.cluster.local <- The FQDN of the "kubernetes" Service Address: 10.96.0.1 <- The clusterIP of the "kubernetes" Service
Let's check the "/etc/resolv.conf" file (the search path and name server should look like the following):
$ kubectl exec dnsutils -- cat /etc/resolv.conf nameserver 10.96.0.10 <- Kubernetes DNS IP address (kube-dns Service ClusterIP) search default.svc.cluster.local svc.cluster.local cluster.local <- Kubernetes DNS search domains options ndots:5
The "nameserver" (DNS IP address) and "search" (DNS search domains) are saved in the "/etc/resolv.conf" file of all containers.
Kubernetes Proxy: kube proxy
kube-proxy is a network proxy that runs on each node in the Kubernetes cluster. It routes network traffic (from inside or outside of the Kubernetes cluster) to Pods of load-balanced services.

The CoreDNS is running as a Kubernetes DaemonSet in the "kube-system" namespace (can be filtered with the label "k8s-app=kube-proxy").

To see the "kube proxy" DaemonSet and its Pod:
$ kubectl get all -n kube-system -l k8s-app=kube-proxy -o wide NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR daemonset.apps/kube-proxy 1 1 1 1 1 kubernetes.io/os=linux 15d kube-proxy k8s.gcr.io/kube-proxy:v1.19.7 k8s-app=kube-proxy NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod/kube-proxy-kmnmm 1/1 Running 4 15d 192.168.65.4 docker-desktop <none> <none>
Kubernetes Web UI (Dashboard)
Please see more details about Kubernetes Web UI (Dashboard) in these pages:
Docker Desktop: Kubernetes Web UI (Dashboard)
MiniKube: Kubernetes Web UI (Dashboard)

Kubernetes Web UI (Dashboard) components run in the "kubernetes-dashboard" namespace (can be filtered with the label "k8s-app=kubernetes-dashboard").

To see the Kubernetes Web UI (Dashboard) components:
$ kubectl get all -n kubernetes-dashboard -l k8s-app=kubernetes-dashboard -o wide NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/kubernetes-dashboard ClusterIP 10.101.99.76 <none> 443/TCP 7d9h k8s-app=kubernetes-dashboard NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR deployment.apps/kubernetes-dashboard 1/1 1 1 7d9h kubernetes-dashboard kubernetesui/dashboard:v2.2.0 k8s-app=kubernetes-dashboard NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod/kubernetes-dashboard-76577bd7bb-22mzj 1/1 Running 0 7d9h 10.1.0.145 docker-desktop <none> <none> NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR replicaset.apps/kubernetes-dashboard-76577bd7bb 1 1 1 7d9h kubernetes-dashboard kubernetesui/dashboard:v2.2.0 k8s-app=kubernetes-dashboard,pod-template-hash=76577bd7bb
To access the Web UI (Dashboard), open your favorite browser and copy paste the URL:
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/:

The Dashboard page should look similar to the following: