Objects are fundamental aspects of Kubernetes (K8s). To work with K8s, you need to understand how basic objects function. In this article, we’ll explain the purposes of the K8s objects you’ll run into most frequently.
Objects are separated into two categories: Primitives and Controllers.
Primitives are basic objects that represent specific factors and descriptions of an environment. Here are the primitive objects you’ll work with most:
Names and Namespaces
Namespaces are used to separate groups of objects by categories such as user, team or project. Each namespace contains its own objects. Namespaces are scopes for names, and names are unique within each namespace.
Namespaces also serve as a basis of access control, allowing you to grant access rights to multiple teams for different namespaces. Namespaces are also used as resource quotas, limiting the number of resources that can be used within a certain namespace.
To find namespaces, you can request kubectl to retrieve them. It will show all the namespaces in the cluster. You can also run kubectl to see pods running in specific namespaces.
Nodes represent a physical or virtual worker machine where kubelet, kube proxy and Docker run. Nodes may be annotated and labeled to specify workload affinity and constraints. Kubelet registers nodes and consistently sends out keepalive checks to ensure they continue working cohesively together.
A pod is a group of containers. A pod is co-located, co-scheduled and runs on the same node. When the scheduler places a pod on a node, the containers on that node are started. Each pod is assigned a unique, virtual IP address that allows pods to talk to each other over the cluster network.
Pods are immutable, meaning that after you create and start a pod, it cannot be changed or moved. If you need to move a pod, the pod must be stopped, moved to another node, and restarted with the fusion of the new node.
Volume is an abstraction that allows you to present different types of block and file storage and mount them to your containers. Volume supports the following file storage:
- AWS EBS
- Azure block store
Config Maps and Secrets
Config maps and secrets are objects that contain a set of key-value pairs used to configure your application. You can put configuration parameters into a Config Map and map them onto environment variables in your container temporary files.
Secrets pass more critical information like passwords, certificates, private keys and tokens. K8s is very careful about storing this data. In fact, you can ask K8s to encrypt secrets in the database, and it will never be saved aside from its etcd storage on persistent stores.
Services expose pods to the world. They represent a stable endpoint for a group of pods. Services are abstractions that assign a policy to a set of pods that allows access to them. Service is a logical object that is a distributed L3 load balancer with its own single unique IP.
When you create a service object in K8s API, kube proxy reconfigures IP and NF tables on each working node so that they forward requests to the stable IP address of the pod in the set.
In comparison to Primitives, Controllers do not represent a set of changes in the environment, but rather tell K8s that action needs to be taken with a primitive object. Here are the controller objects you’ll work with the most:
DaemonSet creates a pod instance on every node of your cluster. When you add nodes, DaemonSet will automatically start on the new pod.
StatefulSet assigns additional capabilities to a group of pods related to persistent volume management.
Ingress manages incoming traffic. It’s similar to services, but Ingress implements on much higher-level traffic management levels. Ingress and Services work cohesively together, with Ingress working mostly with virtual host names and http paths.
A Job runs a set of one-time jobs in your cluster throughout the pods. When you create a new job, a pod will then implement a set of factions.
Object definitions are usually presented in text form as YAML files. Their definitions always include metadata with:
- Name – unique.
- Labels – searchable and selectable
- Annotations – arbitrary additional information
- Spec – specification of object and specific description
- Status – object status within the cluster
Learning the fundamentals of K8s objects is a continual process.
The more you understand the purpose of each object, the more cohesively you can work to deploy your K8s containers. To learn more about how to use objects to your advantage, contact Kublr, a K8s management platform that allows you to deploy K8s across different environments without sacrificing operational capabilities.
Learn more about Kublr and how it revolutionizes managing Kubernetes clusters today!