A Brief Introduction

A Brief IntroductionWhat is Kubernetes?Running Containerized Applications:Managing Configuration and SecretsNetworking with your ApplicationFurther Reading

This is meant to give you a quick big-picture idea of the important parts of Kubernets. You probably don't need it, but it will help you get familiar with the general terminology.

What is Kubernetes?

Kubernetes is an open-sourced platform for managing containerized services. You have a bunch of programs and a bunch of servers. Kubernetes is a system for putting the programs on the servers in a resilient and scalable manner.

There are a lot of existing introductions and tutorials to Kubernetes, but most of them are more complicated than you'll need. See, there's two main parts:

The Control Plane: for internal management of the Kubernetes Cluster
Kubernetes Objects: for running your actual application

You can safely ignore the Control Plane. Kubernetes Objects are the things to create and update in order to deploy your application. We'll be grouping this quick overview into three parts:

Running your container on the cluster: Nodes, Pods and Deployments
Managing configuration and secrets: ConfigMaps and Secrets
Networking and your container: Services and Ingresses

Running Containerized Applications:

In Kubernetes, your servers become a Node cluster. To run a Docker container in the cluster, we wrap the Docker image in a Pod object. A Pod is a way to group one or more containers together with the resources and specs needed for them to run. These include volumes, exposed ports, and resource requirements.

A Pod can be ran on the cluster directly, but is most often managed through a Deployment. Just like it sounds, a Deployment is a way to abstract and control the deployment of Pods. It contains a specification for a Pod, and metadata on how to govern its behaviour. For example, how many Pods to run and how to manage updates.

The image above shows the basic hierarchy: Deployments control Pods, which wrap the containerized programs. Each Deployment may run more than one instance of the same Pod, and these Pods will probably be spread across different Nodes. Each of your programs will be associated with one Deployment.

Managing Configuration and Secrets

Configuration data for a program often changes independent from the program itself, so it's useful to separate it out. Sensitive data often faces the same issue, with the added complication that it should be kept encrypted. Hence, Kubernetes has two structures for holding this data separate from Pods:

ConfigMaps: provide a mapping of key:value pairs
Secrets: provide a mapping of key:value pairs, where the value is encrypted.

These are pretty straightforward. A Pod can access data from these objects in two ways: as environment variables or as files, as long as the access method is established in the Pod's specification.

Networking with your Application

Most programs are only useful when you can make a web connection to them. The basic way to allow this in Kubernetes is to create a Service.

A Service makes a Pod application reachable by linking a cluster IP address to one of the container's internal ports. A Service can be either internal (only accessible from inside the cluster) or external (accessible from anywhere).

Another way to link your Pods to the outside world is with an Ingress, which is kind of like a Service, except a lot more complicated. An Ingress always allows for external traffic, and can also handle a wide range of issues like CORS and SLL termination. You probably won't need to worry about Ingresses.