Kubernetes

I am of the opinion that if an IT specialist wants to know and regularly use a server technology, it is ideal to install the server with the technology himself. So let's install Kubernetes and then perform the first deployment.

What is Kubernetes

Kubernetes (K8S for short) is a container management platform that allows you to provide scalability and high availability to your applications. Because Kubernetes is an open-source solution, it has become the defacto standard for running cloud applications. Kubernetes abstracts hardware resources and provides a unified resource management API
Kubernetes implements the principle of declarative configuration. You define the Desired State in YAML files and Kubernetes continuously works to match the Actual State with this specification.

What Kubernetes is good for

Kubernetes comes in handy where you need to scale automatically, provide high availability, and handle access rights for multiple users within a single performance resource. These are exactly the needs that corporations have.
For small businesses, Kubernetes is just another unnecessary overhead.
Medium businesses can benefit from scaling. They won't run Kubernetes themselves, but they will buy Kubernetes infrastructure as a service.

Kubernetes is well suited for running microservice architectures. So you won't just move a typical application to Kubernetes, you'll have more or less work to do. So it's wise to think and evaluate whether you'll actually take advantage of Kubernetes.

One of the prerequisites for using Kubernetes is knowledge of Docker technology and the Linux OS at an advanced level. Because to run applications in Kubernetes, you will need to create docker images and use docker containers. You will also need a good understanding of the Linux operating system and networking to be be able to install Kubernetes on a server and then manage that Linux server with Kubernetes.

History of Kubernetes

Kubernetes originated as an open-source successor to an internal Google system called Borg, which Google has used (and still uses) to orchestrate its massive data centers since the early 2000s.

• In 2014: Google officially announced and released the Kubernetes project (K8s) as open-source.
• In 2015: Version 1.0 was donated to the newly formed CNCF (Cloud Native Computing Foundation).

Today, Kubernetes no longer belongs to Google, but is maintained by the community under the auspices of the Linux Foundation, making it the global standard for cloud applications.

Cluster Architecture

Control Plane (Master)

• kube-apiserver: Gateway for all communication (REST).
• etcd: Distributed key-value database to persist cluster state.
• kube-scheduler: Algorithm to select the optimal node for new Pods.
• kube-controller-manager: Runs processes as Node Controller or Job Controller.

Worker Nodes

• kubelet: The primary agent that executes commands from the Master on a particular machine.
• kube-proxy: Manages network rules (IPtables/IPVS) for routing traffic.
• Container Runtime: The layer that runs containers (e.g. containerd).

Concepts

We can't do without knowledge of concepts, so let's first get familiar with the basic concepts:

Key Abstractions (Objects)

Object	Description
Pod	The smallest atomic unit, a shared network and storage namespace for one or more containers.
Deployment	Controller for stateless applications, provides update strategy (RollingUpdate).
Service	Abstraction for stable network identity (ClusterIP, NodePort, LoadBalancer).
ConfigMap/Secret	Injects configuration and sensitive data into the container environment.

What is a namespace?

Namespace allows you to virtually partition a cluster into multiple parts. A namespace acts as an isolated work environment for different projects or teams.
Hippically, you create a new separate namespace for each new project.

Namespace allows you to:

• Separation: Prevents name conflicts (e.g. multiple "web" applications).
• Quotas: Ability to limit CPU/RAM for a specific team.
• Example: prod, staging, dev.
• Rights: set rights by namespace.

What is Ingress?

Ingress is an intelligent Load Balancer (Layer 7) that controls access from the outside world to applications inside the cluster.

Ingress enables:

• Routing: Routes traffic by URL (domain.cz/api vs domain.cz/web).
• SSL/TLS: Central termination of HTTPS connections. (Certificate management is handled by cert-manager in one place).
• Public IPv4 sharing: Dozens of applications can run behind one public IPv4 address. (Saving public IPv4)

Typically, this task can be provided by Nginx ingress or Treafik ingress

Installing Kubernetes

We have about four main options to install Kubernetes easily:

• Microk8s
• K3s
• K3d
• Minicube

Microk8s vs K3s vs Minikube comparison.
Personally, I anchored for a basic tryout with the K3s. However, for long term (albeit test run) I definitely recommend installing Kubernetes completely manually so that you are in full control of the resulting installation.

Microk8s

MicroK8s is a lightweight, certified Kubernetes distribution from Canonical (the makers of Ubuntu) that is designed to run with minimal resource requirements but with the full power of a great orchestrator.

🚀 Speed and lightweight Installation in under 60 seconds. Minimal RAM and CPU requirements, ideal for Edge and IoT.

🔌 One-click Add-ons Easy activation of features (DNS, Dashboard, GPU, Istio) with a single command.

🛡️ Security and Isolation Runs as a Snap package - isolated from the system with automatic atomic updates.

🔄 High Availability operation MicroK8s supports multi-node cluster operation. That is, automatic replication of the control plane when 3 or more nodes are connected.

MicroK8s is often the most popular way for beginners to install Kubernetes on Linux or other OSes using a virtual PC.

K3S

K3S is Rancher Lab's fully certified minimalist Kubernetes distribution designed for IoT, Edge and CI/CD systems.

📦 One binary Everything you need (including containerd and Flannel) is in one file of about 100 MB.

📉 Low overhead Consumes less than 512 MB of RAM by removing unnecessary code and cloud drivers.

🗄️ SQL instead of etcd Uses lightweight SQLite as the default database, but also supports PostgreSQL or MySQL.

🛠️ Helm Ready Includes the Helm Controller, which allows automatic deployment of manifests and charts after startup.

By default, K3S uses Traefik as "Ingress" and "Proxy". I personally prefer to use NGINX. I have no experience with Traefik, so prefer to use NGINX, which I have experience with. Although from a configuration perspective, you'll have to relearn the notation anyway, since the configuration is done over YAML.

This is how I installed k3s without Treafik:

apt-get install curl iptables
export INSTALL_K3S_EXEC=" --disable=traefik"
curl -sfL https://get.k3s.io | sh -
#start kubernetes services
systemctl status k3s.service
#verify functionality
k3s kubectl get node
kubectl get subs -A

You can then install Nginx as ingress.

Further information:
How to create a k3s cluster with Nginx Ingress controller
How to run k3s in LXC container

K3d

K3d is a lightweight wrapper for running K3s in Docker.

K3d features

🐳 Docker-native Each node of the cluster is a separate Docker container. You just need to have Docker installed.

⚡ Extreme speed It literally takes seconds to create and run an entire multi-node cluster.

💻 Multi-node on a laptop Easily simulate complex topologies (multiple masters and workers) without the need for virtual machines.

🛠️ Great for CI/CD Ideal for automated testing - you create the cluster, test the application, and delete it immediately.

🌐 Hot Reloading Support for local registries and easy port mapping from localhost directly to cluster.

Minicube

Minicube can run with different drivers, so you can run Kubernetes over different technologies.

Specifically, you can use the following technologies to run Kubernetes with Minicube:

• docker
• kvm2
• qemu2
• podman
• virtualbox

How to get started with Minicube

Video tutorials on installing and using Kubernetes for the first time

Video tutorial on how to install Kubenetes using K3s including installing Nginx ingress:

First deploy a simple web application to Kubenetes to verify Kubernetes functionality:

PS: the sample docker image can be run on a server with ARM CPU.

Let's encrypt SSL/TLS certificates using certmanager:

Other services

If you run any applications, you'll need to store data on disk or in a database. How to do it?
A standard and efficient solution to run a database for Kubernetes projects, is to run the database as a standard system service, not in Kubernetes. If it is a storage and you are not using a multi node cluster, the simplest and most efficient solution for storage is to use local storage. Yes, this means you can't scale your application across multiple nodes. Once you have a multi-node cluster, you can use NFS or distributed storage as the storage Longhorn or Ceph but there are others.

Conclusion

Kubernetes is a powerful tool. However, due to the complexity of installation administration and not least the complexity of preparing an application to run in Kubernetes, I recommend that you first consider and discuss with your consultant whether you will actually benefit from Kubernetes.
If you want to run applications in Kubernetes help I am here for you so just contact me and ask for a consultation and then we can start working together.

This article is primarily intended as a guide on how to create a Kubernetes environment for testing purposes. If you need a production run I recommend looking at Kubernetes in more detail and depth or ordering a a Linux server specialist.