This Administering Kubernetes Clusters course covers the many networking and scheduling objectives of the Certified Kubernetes Administrator (CKA) exam curriculum.
You will learn a range of core practices such as Ninja kubectl skills, the ability to control where pods are scheduled, how to manage resources for long-lasting production environments, and controlling access to applications in a cluster.
This is a 6 part course made up of four lectures. If you are not familiar with Kubernetes, we recommend completing the Introduction to Kubernetes course and the Deploy a Stateless Application in a Kubernetes Cluster Lab before taking this course.
Learning Objectives
- Analyze some pro tips on how to effectively use Kubectl. What you learn here will be useful for administering a cluster and using Kubernetes in general.
- Learn to be able to attract or repel pods from nodes or other pods. You can ensure pods run on nodes where they are intended to run and achieve other objectives such as high-availability by distributing pods across nodes.
- Learn to think about using Kubernetes for the long term when you need to consider how you’ll manage and update resources.
- Learn how to control internal and external access to applications running in a Kubernetes cluster.
Intended Audience
- Anyone that is interested in Kubernetes cluster administration. But many parts of this course appeal to a broader audience of Kubernetes users.
- Individuals that may benefit from taking this course include System Administrators, DevOps Engineers, Cluster Administrators, and Kubernetes Certification Examinees.
Prerequisites
To get the most from this course,
- Have knowledge of the core Kubernetes resources including pods, and deployments.
- Experience using the kubectl command-line tool to work with Kubernetes clusters.
- An understanding of YAML and JSON file formats. You’ll probably already have this skill if you have the prior two. When working with Kubernetes it won’t take long until YAML files make an appearance.
JSONPath Support in Kubernetes: https://kubernetes.io/docs/reference/kubectl/jsonpath/
Logan Rakai: Congratulations. You've reached the end of this course on administering Kubernetes clusters. Let's review what you've learned.
We began this course with some tips on how to be productive with kubectl. We saw how to use the completions command to enable shell completions for kubectl, how to use get to filter output using labels and how to format output. How to use kubectl to generate manifest files for a variety of resources, and how to use kubectl to understand the fields of resources.
We then became acquainted with the different methods for controlling where pods are scheduled in a cluster, starting with DaemonSets. Remember, Daemonsets can generally be thought of as placing one pod on each node in the cluster. Cube proxy is deployed as a DaemonSet and DaemonSets are also useful for logging agents. We saw how it taints on nodes or [pell pods 00:00:49] unless pods have a toleration to counteract the taint. Then we illustrated how note selector and note affinity can attract pods to nodes.
Pod affinity and anti-affinity can be used to retract or repel pods to nodes using the labels of pods already running on nodes. This can be used to spread pods for high availability or keep pods close for performance reasons. We finished up with some special topics, including container resource requests, static pods, and custom schedulers.
Next, we described the three frameworks for managing and updating resources. They are imperative, imperative with configuration files, and declarative with configuration files. We demonstrated each, along with potential pitfalls, and how to migrate from one to another. Remember to not carelessly mix commands that are intended for resource management models other than the one you are committed to.
The previous lesson covered networking topics, including a review of basic networking principles in Kubernetes such as IP per pod, container local host communication, and services to avoid the pitfalls of working directly with pod IPs.
We then dove into more details on the different types of services that are available. They are cluster IP for internal only access, node port to open a port on each node for access to a service, load balancer to leverage a cloud provider's load balancer to grant external access to a Kubernetes service, and external name to access services outside of the cluster using DNS [see 00:02:15] name records.
Then we shifted our attention to ingress resources. Ingresses operate in the application layer of the OSI network stack over HDTP, compared to services that operate in the transport layer over TCP or UDP. Remember that you need to have an ingress controller in the cluster for ingress resources to have any effect. We saw how an ingress can be used to perform path based routing to different services, and they can also be used for SSL termination, load balancing and name based virtual hosting.
We certainly covered a lot of interesting topics for Kubernetes administrators, but the fun doesn't end here. I'd encourage you to try out more Kubernetes content on CloudAcademy. There are several labs that give you hands-on experience with Kubernetes clusters. The Securing Kubernetes Clusters, Troubleshooting in Kubernetes, and Create and Manage a Kubernetes Cluster from Scratch labs all are relevant to Kubernetes administration. The labs are a great place to practice and learn at the same time. But, keep on going after you've completed them. Try things out on your own and try to solve some challenges you can think of. Think back to the pro tips lesson to be as efficient and self-sufficient as possible.
Lastly, please share your feedback so I can find out what you want to see more of, and what you'd rather see less of. I make content for you and try to make it the best that it can be for you. Thanks for taking my course. Now go on and continue down your path to becoming a Kubernetes ninja. Until next time, I'm Logan Rakai with CloudAcademy.
Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.