Kubernetes

Configure Your Kubernetes Cluster on Ubuntu/Debian with kubectl

George Whittaker — Thu, 30 Nov 2023 17:00:00 +0000

Introduction

Kubernetes has revolutionized the way we think about deploying, scaling, and operating application infrastructures. For those using Ubuntu or Debian systems, mastering Kubernetes management is crucial. In this article, we dive deep into the world of Kubernetes, focusing on the use of kubectl, the command-line interface that allows you to run commands against Kubernetes clusters. Whether you're a beginner or an experienced professional, this guide aims to enhance your Kubernetes management skills on Ubuntu/Debian platforms.

Getting Started with Kubernetes and kubectl

Installing Kubernetes on Ubuntu/Debian

Before delving into kubectl, it's essential to have Kubernetes installed. Follow these steps:

Update Your System: Ensure your system is up-to-date with the latest packages:
sudo apt update && sudo apt upgrade -y
Install Required Packages: Certain packages like apt-transport-https are necessary:
sudo apt install apt-transport-https ca-certificates curl
Add Kubernetes Signing Key:
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
Add Kubernetes Repository:
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
Install Kubernetes:
sudo apt update && sudo apt install kubelet kubeadm kubectl
Disable Swap: Kubernetes doesn’t work with swap memory, disable it:
sudo swapoff -a

Setting up kubectl on Ubuntu/Debian

After installing Kubernetes, it's time to set up kubectl:

Install kubectl: If not already installed during the Kubernetes setup, install it using:
sudo apt install kubectl
Verify Installation: Check the version to ensure it's correctly installed:
kubectl version --client

Basic Concepts of Kubernetes

Understanding Kubernetes architecture is key. Here's a brief overview of essential components:

Pods: The smallest deployable units created and managed by Kubernetes.
Nodes: A node may be a VM or a physical machine, depending on the cluster.
Services: An abstract way to expose an application running on a set of Pods.
Deployments: Manages the creation and update of Pods.

Configuring kubectl for Cluster Management

To manage a cluster, configure kubectl:

Go to Full Article

Demystifying Kubernetes Operators: Creation, Benefits, and Use Cases

George Whittaker — Tue, 11 Apr 2023 16:00:00 +0000

by George Whittaker

Introduction

Kubernetes is a powerful container orchestration platform that automates the deployment, scaling, and management of containerized applications. As Kubernetes continues to evolve, one of the concepts that has gained significant traction is the Kubernetes Operator. Operators extend the functionality of Kubernetes and provide a way to automate complex tasks, allowing users to manage applications and resources more efficiently. In this article, we will delve into the world of Kubernetes Operators, explore how they can be created, and examine their benefits and use cases.

Understanding Kubernetes Operators

What are Kubernetes Operators?

Kubernetes Operators are software extensions that enable automated management of complex applications and resources within a Kubernetes cluster. Operators encapsulate both the operational logic and domain-specific knowledge required to manage specific applications or services.

Operators are built using the Kubernetes custom resource definition (CRD) and custom controllers. A CRD defines a new resource type in the cluster, while the custom controller is responsible for watching and reconciling the state of the custom resource based on the desired state specified by the user. Together, these components provide a declarative way to manage applications and resources.

Why Use Kubernetes Operators?

Kubernetes Operators offer several benefits:

Automation: Operators automate complex operational tasks, such as backup, scaling, and configuration management, reducing manual intervention and human error.
Extensibility: Operators extend the capabilities of Kubernetes, allowing for the management of custom resources and services.
Consistency: Operators provide a consistent and standardized approach to managing applications across different environments.
Domain-Specific Knowledge: Operators encapsulate expert knowledge about the application or service they manage, making it accessible to users who may not be experts in that domain.

Creating a Kubernetes Operator

Steps to Build an Operator

Creating a Kubernetes Operator involves the following steps:

Go to Full Article

How to Build an Enterprise Kubernetes Strategy

LJ Staff — Mon, 22 Jul 2019 04:27:42 +0000

How to Build an Enterprise Kubernetes Strategy LJ Staff Sun, 07/21/2019 - 23:27

In today’s emerging cloud-native environments, Kubernetes is everywhere.

Organizations love Kubernetes because it helps significantly increase the agility and efficiency of their software development teams, enabling them to reduce the time and perils associated with putting new software into production. Information technology operations teams love Kubernetes because it helps boost productivity, reduce costs and risks, and moves organizations closer to achieving their hybrid cloud goals.

Simply put, Kubernetes makes it easier to manage software complexity. As enterprise applications become more complex, development and operations (DevOps) teams need a tool that can orchestrate that complexity. They need a way to launch all the services dependent on these applications, making sure the applications and services are healthy and can connect to one Another.

Containers have dramatically risen in popularity because they provide a consistent way to package application components and their dependencies into a single object that can run in any environment. By packaging code and its dependencies into containers, a development team can use standardized units of code as consistent building blocks. The container will run the same way in any environment and can start and terminate quickly, allowing applications to scale to any size.

In fact, development teams are using containers to package entire applications and move them to the cloud without the need to make any code changes. Additionally, containers can make it easier to build workflows for applications that run between on-premises and cloud environments, enabling the smooth operation of almost any hybrid environment.

You may download this special Kubernetes ebook here.

Rancher Labs has written an ebook about this subject and they’re sharing it with Linux Journal readers. Topics include:

The Dangers of Too Many Good Things
Understanding Your Organization’s Current Kubernetes Adoption 4
Where Will You Be Running Kubernetes in Five Years?
Who Should Own the Kubernetes Strategy?
Centralized vs Decentralized Kubernetes Management
Containerization and Kubernetes Will Disrupt Some of Your Other Plans
Our Organization is Heavily Investing in Cloud Computing
We Are Investing in Hyper-Converged Infrastructure as Part of a Data Center Upgrade
We Are Trying to Modernize Our Existing Applications to Improve Security and Stability
We Need to Cut Our Infrastructure/Cloud Spending
Preparing Your Teams for Broader Kubernetes Adoption
Evaluating Container Management Platforms and Delivering Kubernetes- as-a-Service
Kubernetes Distribution, Cluster Provisioning and Lifecycle Management
Multi-Cluster Kubernetes Management
User Management and Delegated Administration
Policy Management
User Experience and the Entire Cloud Native Stack
Kubernetes Security and Audit
Open Source, SaaS, and Support
A Few Final Thoughts
Appendix A — Case Study: How Life Sciences Leader Illumina Implemented an
Enterprise Kubernetes Strategy
A Complex Puzzle with Many Parts
Connecting All the Pieces with Rancher and Kubernetes
How Rancher and Kubernetes Can Work for Any Organization

You may download this special Kubernetes ebook here.

Bringing the Benefits of Linux Containers to Operational Technology

Pavan Singh — Wed, 22 May 2019 12:30:00 +0000

by Pavan Singh

Linux container technology was introduced more than a decade ago and has recently jumped in adoption in IT environments. However, the OT (operational technology) environments, typically made up of heterogenous embedded systems, have lagged in the adoption of container technologies, due to both the unique technology requirements and the business models that relied on proprietary systems. In this article, I explore recent innovation in open-source offerings that are enabling the use of containers in OT use cases, such as industrial control systems, IoT gateways, medical devices, Radio Access Network (RAN) products and network appliances.

Enterprise IT leaders have adopted “cloud-native” computing architectures because of the innovation velocity and cost benefits derived by the approach. To leverage containers, developers segment applications into modular micro-services that enable flexible development and deployment models. These micro-services are then deployed as containers where the service itself is integrated with the required libraries and functions. On containerization, these application components have small footprints and fast speeds of deployment. The applications become highly portable across compute architectures due to the abstraction away from the hardware and the operating system.

The benefits of flexibility and the modularity offered by container-based architectures are fully realized when leveraged in conjunction with higher-level orchestration systems that can manage the containers throughout their entire lifecycle. Kubernetes, the leading open-source orchestration system for containers, has gained a lot of traction over the last few years. Initially developed by Google, the Kubernetes project is now maintained by the Cloud Native Compute Foundation (CNCF). CNCF is dedicated to reducing the friction around the adoption of cloud-native technologies and brings to bear a few key cloud-native projects, such as Kubernetes, Prometheus and Envoy. This is an example of an open-source organization that has fostered collaboration among the entire value chain – developers, end-users and vendors. Today’s CNCF membership includes significant technology brands, such as Amazon, Cisco, Google, Microsoft, Oracle, SAP and many others.

Containers and other cloud-native paradigms were initially developed with IT environments in mind. And as these technologies have matured and the capability of the cloud-native technologies increased, the OT decision-makers have taken notice. And as more developers get access to container technology, they are going through a journey of their own, albeit one that is different from the journey of the IT developers over the last decade.

Go to Full Article

Kubernetes Identity Management: Authentication

Marc Boorshtein — Mon, 22 Apr 2019 11:30:00 +0000

by Marc Boorshtein

You've deployed Kubernetes, but now how are you going to get it into the hands of your developers and admins securely?

Kubernetes has taken the world by storm. In just a few years, Kubernetes (aka k8s) has gone from an interesting project to a driver for technology and innovation. One of the easiest ways to illustrate this point is the difference in attendance in the two times KubeCon North America has been in Seattle. Two years ago, it was in a hotel with less than 20 vendor booths. This year, it was at the Seattle Convention Center with 8,000 attendees and more than 100 vendors!

Just as with any other complex system, k8s has its own security model and needs to interact with both users and other systems. In this article, I walk through the various authentication options and provide examples and implementation advice as to how you should manage access to your cluster.

What Does Identity Mean to Kubernetes?

The first thing to ask is "what is an identity?" in k8s. K8s is very different from most other systems and applications. It's a set of APIs. There's no "web interface" (I discuss the dashboard later in this article). There's no point to "log in". There is no "session" or "timeout". Every API request is unique and distinct, and it must contain everything k8s needs to authenticate and authorize the request.

That said, the main thing to remember about users in k8s is that they don't exist in any persistent state. You don't connect k8s to an LDAP directory or Active Directory. Every request must ASSERT an identity to k8s in one of multiple possible methods. I capitalize ASSERT because it will become important later. The key is to remember that k8s doesn't authenticate users; it validates assertions.

Service Accounts

Service accounts are where this rule bends a bit. It's true that k8s doesn't store information about users. It does store service accounts, which are not meant to represent people. They're meant to represent anything that isn't a person. Everything that interacts with something else in k8s runs as a service account. As an example, if you were to submit a very basic pod:


apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app: myapp
spec:
  containers:
  - name: myapp-container
    image: busybox
    command: ['sh', '-c', 'echo Hello Kubernetes!
     ↪&& sleep 3600']

And then look at it in k8s after deployment by running kubectl get pod myapp-pod -o yaml:

Go to Full Article

Everything You Need to Know about Containers, Part III: Orchestration with Kubernetes

Petros Koutoupis — Wed, 28 Nov 2018 12:30:00 +0000

by Petros Koutoupis

A look at using Kubernetes to create, deploy and manage thousands of container images.

If you've read the first two articles in this series, you now should be familiar with Linux kernel control groups (Part I), Linux Containers and Docker (Part II). But, here's a quick recap: once upon a time, data-center administrators deployed entire operating systems, occupying entire hardware servers to host a few applications each. This was a lot of overhead with a lot to manage. Now scale that across multiple server hosts, and it increasingly became more difficult to maintain. This was a problem—a problem that wasn't easily solved. It would take time for technological evolution to reach the moment where you are able to shrink the operating system and launch these varied applications as microservices hosted across multiple containers on the same physical machine.

In the final part of this series, I explore the method most people use to create, deploy and manage containers. The concept is typically referred to as container orchestration. If I were to focus on Docker, on its own, the technology is extremely simple to use, and running a few images simultaneously is also just as easy. Now, scale that out to hundreds, if not thousands, of images. How do you manage that? Eventually, you need to step back and rely on one of the few orchestration frameworks specifically designed to handle this problem. Enter Kubernetes.

Kubernetes

Kubernetes, or k8s (k + eight characters), originally was developed by Google. It's an open-source platform aiming to automate container operations: "deployment, scaling and operations of application containers across clusters of hosts". Google was an early adopter and contributor to the Linux Container technology (in fact, Linux Containers power Google's very own cloud services). Kubernetes eliminates all of the manual processes involved in the deployment and scaling of containerized applications. It's capable of clustering together groups of servers hosting Linux Containers while also allowing administrators to manage those clusters easily and efficiently.

Kubernetes makes it possible to respond to consumer demands quickly by deploying your applications within a timely manner, scaling those same applications with ease and seamlessly rolling out new features, all while limiting hardware resource consumption. It's extremely modular and can be hooked into by other applications or frameworks easily. It also provides additional self-healing services, including auto-placement, auto-replication and auto-restart of containers.

Go to Full Article

FOSS Project Spotlight: BlueK8s

Tom Phelan — Fri, 16 Nov 2018 13:00:00 +0000

by Tom Phelan

Deploying and managing complex stateful applications on Kubernetes.

Kubernetes (aka K8s) is now the de facto container orchestration framework. Like other popular open-source technologies, Kubernetes has amassed a considerable ecosystem of complementary tools to address everything from storage to security. And although it was first created for running stateless applications, more and more organizations are interested in using Kubernetes for stateful applications.

However, while Kubernetes has advanced significantly in many areas during the past couple years, there still are considerable gaps when it comes to running complex stateful applications. It remains challenging to deploy and manage distributed stateful applications consisting of a multitude of co-operating services (such as for use cases with large-scale analytics and machine learning) with Kubernetes.

I've been focused on this space for the past several years as a co-founder of BlueData. During that time, I've worked with many teams at Global 2000 enterprises in several industries to deploy distributed stateful services successfully, such as Hadoop, Spark, Kafka, Cassandra, TensorFlow and other analytics, data science, machine learning (ML) and deep learning (DL) tools in containerized environments.

In that time, I've learned what it takes to deploy complex stateful applications like these with containers while ensuring enterprise-grade security, reliability and performance. Together with my colleagues at BlueData, we've broken new ground in using Docker containers for big data analytics, data science and ML/DL in highly distributed environments. We've developed new innovations to address requirements in areas like storage, security, networking, performance and lifecycle management.

Now we want to bring those innovations to the Open Source community—to ensure that these stateful services are supported in the Kubernetes ecosystem. BlueData's engineering team has been busy working with Kubernetes, developing prototypes with Kubernetes in our labs and collaborating with multiple enterprise organizations to evaluate the opportunities (and challenges) in using Kubernetes for complex stateful applications.

To that end, we recently introduced a new Kubernetes open-source initiative: BlueK8s. The BlueK8s initiative will be composed of several open-source projects that each will bring enterprise-level capabilities for stateful applications to Kubernetes.

Go to Full Article

An Interview with Heptio, the Kubernetes Pioneers

Petros Koutoupis — Mon, 30 Jul 2018 11:30:00 +0000

by Petros Koutoupis

I recently spent some time chatting with Craig McLuckie, CEO of the leading Kubernetes solutions provider Heptio. Centered around both developers and system administrators, Heptio's products and services simplify and scale the Kubernetes ecosystem.

Petros Koutoupis: For all our readers who have yet to hear of the remarkable things Heptio is doing in this space, please start by telling us, who is Craig McLuckie?

Craig McLuckie: I am the CEO and founder of Heptio. My co-founder, Joe Beda, and I were two of the three creators of Kubernetes and previously started the Google Compute Engine, Google's traditional infrastructure as a service product. He also started the Cloud Native Computing Foundation (CNCF), of which he is a board member.

PK: Why did you start Heptio? What services does Heptio provide?

CL: Since we announced Kubernetes in June 2014, it has garnered a lot of attention from enterprises looking to develop a strategy for running their business applications efficiently in a multi-cloud world.

Perhaps the most interesting trend we saw that motivated us to start Heptio was that enterprises were looking at open-source technology adoption as the best way to create a common platform that spanned on-premises, private cloud, public cloud and edge deployments without fear of vendor lock-in. Kubernetes and the cloud native technology suite represented an incredible opportunity to create a powerful "utility computing platform" spanning every cloud provider and hosting option, that also radically improves developer productivity and resource efficiency.

In order to get the most out of Kubernetes and the broader array of cloud native technologies, we believed a company needed to exist that was committed to helping organizations get closer to the vibrant Kubernetes ecosystem. Heptio offers both consultative services and a commercial subscription product that delivers the deep support and the advanced operational tooling needed to stitch upstream Kubernetes into modern enterprise IT environments.

PK: What makes Heptio relevant in the Container space?

Go to Full Article

FOSS Project Spotlight: Pydio Cells, an Enterprise-Focused File-Sharing Solution

Italo Vignoli — Fri, 13 Jul 2018 14:20:00 +0000

by Italo Vignoli

Pydio Cells is a brand-new product focused on the needs of enterprises and large organizations, brought to you from the people who launched the concept of the open-source file sharing and synchronization solution in 2008. The concept behind Pydio Cells is challenging: to be to file sharing what Slack has been to chats—that is, a revolution in terms of the number of features, power and ease of use.

In order to reach this objective, Pydio's development team has switched from the old-school development stack (Apache and PHP) to Google's Go language to overcome the bottleneck represented by legacy technologies. Today, Pydio Cells offers a faster, more scalable microservice architecture that is in tune with dynamic modern enterprise environments.

In fact, Pydio's new "Cells" concept delivers file sharing as a modern collaborative app. Users are free to create flexible group spaces for sharing based on their own ways of working with dedicated in-app messaging for improved collaboration.

In addition, the enterprise data management functionality gives both companies and administrators reassurance, with controls and reporting that directly answer corporate requirements around the General Data Protection Regulation (GDPR) and other tightening data protection regulations.

Pydio Loves DevOps

In tune with modern enterprise DevOps environments, Pydio Cells now runs as its own application server (offering a dependency-free binary, with no need for external libraries or runtime environments). The application is available as a Docker image, and it offers out-of-the-box connectors for containerized application orchestrators, such as Kubernetes.

Also, the application has been broken up into a series of logical microservices. Within this new architecture, each service is allocated its own storage and persistence, and can be scaled independently. This enables you to manage and scale Pydio more efficiently, allocating resources to each specific service.

The move to Golang has delivered a ten-fold improvement in performance. At the same time, by breaking the application into logical microservices, larger users can scale the application by targeting greater resources only to the services that require it, rather than inefficiently scaling the entire solution.

Built on Standards

The new Pydio Cells architecture has been built with a renewed focus on the most popular modern open standards:

Go to Full Article

Kubernetes, Four Years Later, and Amazon Redefining Container Orchestration

Petros Koutoupis — Wed, 06 Jun 2018 19:35:09 +0000

by Petros Koutoupis

Well, here we are. Kubernetes turns four years old this month—technically, on June 7, 2018—the very same platform that brings users and data center administrators scalable container technologies. Its popularity has skyrocketed since its initial introduction by Google. Celebrating the project’s birthday is not the only thing making the headlines today. Amazon recently announced the general availability of its Elastic Container Services for Kubernetes (EKS), accessible via Amazon Web Services (AWS).

Once upon a time, it wasn’t a simple task to orchestrate and manage containers in the cloud. Up until this recent EKS announcement, it was up to the administrator to spin up a virtual machine through an Elastic Cloud Compute (EC2) service, run Kubernetes on top of a traditional Linux server installation in EC2 and rely on other AWS moving components to host the container image registry. The entire process was very involved. Not any more!

The excitement doesn’t end there. Companies like Heptio (co-founded by the folks who gave us Kubernetes, Craig McLuckie and Joe Beda) have positioned themselves to enhance the user experience around the Kubernetes technology by producing products and services to simplify and scale the Kubernetes ecosystem. The Heptio Kubernetes Subscriptions (HKS) package offerings help users run Kubernetes in AWS EKS, EC2 or on-premises.

Visit Amazon's EKS product page and Heptio's company website to learn more.

Go to Full Article