Kubernetes and Container Orchestration 101 - Computer Stuff They Didn't Teach You #11

Hello friends, I'm Scott Hanselman. This is another episode of

computer

science things

they

weren't taught. I invite you to come back if you've just appeared in this video and need to make sure you understand what I talked about. in episode 8,

container

s, so to explain Docker, I talked about the purpose of a

container

and why a container is different from a virtual machine and then I encourage you to watch episode 10, what is the cloud? It talks about the physical aspects of things with the cloud context, so we are building concepts on top of each other, this video is about

kubernetes

and

kubernetes

101, there are many kubernetes videos available, many tutorials, you can find kubernetes in five minutes and you can find take this kubernetes workshop for two weeks and I do 80 hours of study, choose the one that makes you happy and the one that works for you.

I'm going to do my best in one unedited take to explain to you how I think about container

orchestration

and explain why. You should care if you should care and we'll do a lot of demos to try to understand it. Okay, so again I want to remind you to go back and watch the containers episode and the cloud episode to understand why. Containers are useful, so if you have a physical machine, whether it's a giant

computer

or a Raspberry Pi, or you have a bunch of Raspberry Pis, a bunch of computers working together,

orchestration

is like musical instruments in an orchestra, this one plays and this one. one plays and each has different responsibilities maybe this runs the shopping cart and this runs the product catalog and gosh we need four or three of these to run the product catalog and two of these to do the caching and this will do the shopping cart and we can make decisions about the responsibilities to make sure our application runs successfully, that's the general idea around orchestration now, in the past, applications were put on a giant machine, a big ball of mud style architecture, which is good, sometimes

they

call it a monolith, sometimes it is. the simplest thing you can do and if you want it to run better you want it to run faster just turn the knob up to 11 you get more memory you get more hard drives you get more processors and scale um you can also scale Do what I did with this Raspberry Pi cluster and say: well, I don't want one machine, I want 10 machines and they will all work well together.

Kubernetes allows you to grab containers that I showed you before you just run them. do your own thing, you can come and go as you please and assign responsibilities, sign requirements and build your own orchestra. Okay, let's take a look at this just to remind ourselves, assuming you're coming from the previous episode where we talked about Docker. I made a I called it test and I named it latest and it was a container that I could just run the command line in, let's say that's what they call a microservice, maybe I would have web application number one and I want three of them in the web 2. and web 3 and I want to have different what happens if an application crashes what happens if an application is using too much memory what do we want to do that's where you go from a container to a container orchestrator now Kubernetes introduces a lot of confusion words and a lot of confusing concepts.

I want to do my best to express it to you this way. Basically, I'll just draw a drawing and do it in draw.io similar to how we did it before. so we'll start here with something like master, sometimes people use the word cluster master, the head of kubernetes and then we'll have nodes. The node is basically a work machine. Now the interesting thing and where things get complicated is that a worker machine can be physical or virtual, it's a unit of worker machine, okay, and that node within that node, go and do this, it's what's called a module.

I'm going to take these and I'm going to ask myself. how to put the text at the top there i want to align the top that's not what i want i want the text at the top thank you inside these there is a pod now a pod like if you are currently in quarantine a pod is a group of people that you know and hang out with, so you get together with your friends or your family because you're hiding from the virus, let's say these are our friends, we're going to put those containers together, we're going to group them together. up so everyone stays together right here and then these people here will just duplicate that will be nice and easy.

Oops, here we go, this core group talks to these other worker machines and coordinates. This is just an example, but the point here is that there is a director, this cluster manager, this director of our orchestra, is talking to these worker machines and some worker machines may have one container and some may have three or five, You don't know, we have no way of knowing because we are going to establish a series of rules that decide how these things come and go and that is the flexibility and elasticity of these things, for example, it could be Black Friday at Christmas and Suddenly everyone wants to get into the shopping cart, so we're going to need to make a ton of containers and make them work together or maybe we're going to need multiple pods and make another whole working machine so we can scale, you can scale, you can scale, it's We might miss a container that is misbehaving and keeps taking up too much memory, so when you fill it up we want to give it a good whack and then get a new one that will do the right thing, we can do all those things, remember this container just does its thing. work comes and goes container orchestration is the act of creating an application through collaboration like a group project at school we will all know what our job is and we will all work together and try to do our job so write some things down and make sure this is clear, so we have a node as a worker, we have a pod which is a group of containers, now a pod and also check out the containers, the IP addresses that the containers need. the storage that those campaign containers are going to need to do their

stuff

and just other information and other information that exists there, but the container is the unit of work is the unit of work is the doer, okay, the doer, oops , only I can! write when no one is looking, but when there are people here it's confusing, so now I can name these pods and I could say well, hey, this is the front-end pod and this is the back-end pod and this is the one that makes the shopping cart do everything. kind of

stuff

like that, what we did, I went here, I'm on Windows, you might be on a Mac or Linux, it doesn't matter, I'm using wsl, the Windows subsystem for Linux, and I've installed Docker Desktop, okay? and Docker.

The desktop sets up a lot of things for us and makes our lives easier, especially on Windows, so in this example we can see that there are no containers running. I am connected to docker. You can do this on Windows as well and docker desktop has this very Well, enable Kubernetes so feel free to go to Google to find out how to install Docker for Windows and install Kubernetes, but in the end just configure wsl 2 install Docker, Check that box and wait a few minutes and you'll be in a pretty good place. and that's how I got this place here now in this folder.

I have a .net service. A c-sharp service. I have a node service. I can go into the my.net service if I wanted to and I could go and build that service from a Docker image very similar to what we did before, so now I've done that and tagged it as my.net service. Then you could run it if you wanted to run it correctly on port 3000. and inside the container it's listening on port 80. You would give it a name, run it and it would work great. I could do the same with my node service. Remember I have a .net service and a node service.

And if? those are examples of services that I want to put in my kubernetes those containers I want to be part of this experience, that would mean turning them into containers inside pods that live inside my larger cluster, my kubernetes cluster, so the way that kubernetes does things is a bit confusing in my opinion, some people think it's quite elegant. I find it a little confusing because they use something called yaml and yaml means another markup language, so if you're familiar with json it's basically one way. to express name-value pairs and hierarchical data, so name-value name-value you can google and learn about this stuff, but it's just a descriptor.

It's a computer. I want things to look like this. I want a pod. I'm going to call him Happy Little. pod and it will contain some containers, the image will be my.net service, now this one is very important, this image polling policy says to just look in my container registry or my public container registry or maybe one configured if It is not like this. present locally because I am doing local development, it is important that I keep it if it is not present because otherwise it will try to find the my.net service somewhere in the cloud, so we will use the local one that we listen on the port. 80 and this is an example of the power of Kubernetes where I can go and say hey, I don't want you to use more than this amount of CPU and this amount of memory and think about your limits and your requests.

I'm applying artificial restrictions. The container doesn't know it exists and that's great, so Kubernetes in practice is used for things like running these containers by creating pods. I can make identical pods. What I can do is run something called cube puddle. Sometimes people say cube control. cube driver, your cube hug is the way most people say it, but regardless, I'm going to run this command line here and have it ask questions about my cluster information. You will get this when you install Kubernetes and it runs. Docker, so you can see here, Kubernetes is running on this premises.

This is our local computer here on this port and it has this interesting API. Here I can go and look at it. It will probably tell me that I'm prohibited from using it because I'm not an authorized user, we'll talk a little bit about how to access that, but what I want to do I'm going to take that yaml file, that pod.net, that's this one here, let's make a pod . in kubernetes and remember it's going to be one of these pods with a bunch of containers inside and if we ask to hug right now, hey, do you have any pods?

It's like no, no, I don't have ponds, come on. to say cube cuddle create and then we're going to say here's the file, we're going to say pod.net and then it says hey, happy, the little pod is created, we have another one for our node app, which is also a totally little app. different language, okay, containers don't care, I created both, now I'm going to say get capsules and you can see I have two probabilities running, I ordered one, I got one, here's how old they are, they're only a few seconds old and they're doing their own thing so they run inside pods and in this case we have just one container each which is interesting and we ask some questions about these pods and see what it wants to tell me about them.

I can see an internal IP. address which I can't access right now and see what is running in docker, that desktop or desktop is running, for me I can see that it is not very old, it has not been restarted which means it is not a sick module that is having problems now. I only have one of each of these, but I may want to have more. All we've done so far is, I told you we did it in the Docker video. We made a container. What if I wanted replicas? I wanted clones of my containers.

To add three of them, I'm going to make a happy little replica set for my little application here with three replicas and I want three different copies of the.net service in there, so this is a descriptor of what I want. t a programming language is a declaration is a bill of lading is a gimme this I'm going to say come on and believe we can also say apply apply is interesting because create says do this make a new one and apply says no I don't know if it exists or not, just I want to make sure it gets done, so do it if you have to or change it, it doesn't matter here, we're going to do our replica set now, when I say odds, I'm going to see the beginning of some things here, but if I go and say describe, not just get, but I want a lot of information, I'm going to say describe this little set of replicas, tell me about this, you know, look at those three recurring desired replicas. everyone listening together suddenly I made this I made the equalizer the software equivalent to this maybe not the full six but I made three I made three dot net containers they don't know they were created this way that's roughly the separation of responsibilities the containers do their job they do their job and they don't reset they don't even know who they're talking to they don't trust anyone they're just, you know, kittens doing their thing here even though we're starting to round up that pack, the cat pack and having the orchestrator do that job and that's really interesting.

You see those other groups we did about two minutes ago are still doing their job. In fact, that description command is really interesting because I can go and let's saydescribe the capsule, you could ask questions about the capsules themselves, see what's going on inside, hey, here we go, I'm going to make this a little bit smaller, we have our strange one and we'll see who controls it who is the container. It's how many limits you have and finding information. Now I'm doing this from the command line. There are a lot of cool panels and graphical interfaces and things that will allow you to find out what's going on in a simple way.

What you will see in docker in docker for windows are just the running pods, but these have ridiculous long names, they are all generated names, this tells me that a bunch of things are running, but I'll use the command line cube cuddle or I. You could optionally install the Kubernetes dashboard would be a way to see that now it's a little confusing when you do these things, particularly in Kubernetes, that IP addresses get really confusing. I'm going to have to make a video about IP addresses because that's not the IP address of my computer, we have to understand software based networking and we see that it's not exposed to the outside so I don't have a way to talk to them yet and this is a Kubernetes deployment issue. group together like a kind of dotted line around like this, okay, I went like this, can I make a dotted line?

Do this, let's change its style, see if we can do that, here you have the dotted line, so it's not real and everyone lives inside. a computer within a computer it's like your computer has one of these inside and I can't access any of them they are not automatically exposed to the outside if I want to see them I need to make a hole I need to draw a circle around these or a square and I need to say you know these pods are a service or these pods are a service so I can label them, I can name them, I can say shopping cart on the front and back, I can say well those are in this port and those are in that port, I could even name them like I have a dns domain name service on the internet and I can go to hanselman.com.

You can have an internal dns managed by kubernetes, so I can say that http slash shopping cart doesn't mean anything to the outside internet, but internally it would allow me to write code that could say talk to this API, talk to that interface. programming and get information from that shopping cart from that product catalog internally, I don't have to think about IP addresses. I don't have to put anything in the settings. I can just say I want to talk to the shopping cart and maybe there's one or maybe five. The configuration manages it so I can change the shape of my service.

I can balance it and expose it. do it any way you want right now, what do we have? We have this service and we have these pods, but if I were to say: do we have any implementation? Do we have any idea how these services should be expressed? The only service we have. It's kubernetes itself, so there are a couple of ways I can do it: I can create another yaml file and express a service. What I'm going to do is just lay out our little hello world. Oops like a node port. actually I'm going to do, I skipped a step, here we go, I'm going to do a deployment, I'm going to say make this application consist of these containers and then I'm going to expose its port to the outside, so we'll say you control a bucket, you hug, there's a lot of controversy about how people want their stuff to be referred to, I don't really care if you call it whatever makes you happy, here we go, we just said, hey, make this service note that that one said unchanged because I did it I. quick, here we go and then let's look at our implementations, aha, now we're talking, that's interesting, okay, so let's do our description, remember that trick, we describe this and we're going to describe the happy little hello world, I think we have to put the word implementation in front.

Come on, this tells me about this implementation, so I might as well have a development test. I could have my practice and the one the developers used, the one we used for production. You can decide these things and again, does our service know anything about this? suddenly I'm playing my instrument doing the best I can as part of a larger orchestra and that's why we call these things uh container orchestrators. I think of it as herding cats, so you can think of it as herding, managing or orchestrating, inducing. It's totally up to you, but the concepts are the same, so now we have this, but now when I jumped the gun, remember when I said I'm going to expose that deployment and make it now available to the outside, well, that's interesting, it HE.

I have a service if I say cube cuddle get service now look this is the largest kubernetes cluster which is interesting because kubernetes itself is just a bunch of containers. The funny thing about this is if you make this call, cube cuddle you get everything, look at that. I see my service, my implementation, but what are all these other things? Well, I live in the default, my container lives in the default namespace. Kubernetes is hiding things from me. What is Kubernetes? There are a lot of other containers that are doing a lot of other jobs all together. it's not an orchestrator, it's not a director, it's a whole group of them and they all have different responsibilities, they may have responsibilities for storage, networking, DNS lookup, they're different things, so if my container goes away, there's someone inside Kubernetes which is responsible for bringing me back to life or making a clone and making sure I'm still running the dashboard if you were to install the Kubernetes dashboard, which itself would be an application, it would be a container, it would be a module that you could activate and be able to see. but I don't see that it just says get everything, I don't need to worry about that stuff, so kubernetes is a series of containers that manage all this kind of stuff, all we've done is create our happy little service. we have exposed it to the outside world.

We've done a little port mapping. Port mapping is interesting because my container could be listening on port 80 and then my pod could be listening and I need to make sure my traffic is my TCP traffic. flows smoothly as it is routed from one place to another, you have to think about input and output supports, so where port 31914 on the inside is on the outside and port 80 on the inside there are a lot of networks on the You should think, so be careful. prepared for that, one of the things is that I may want to access my ports.

We haven't actually seen our application run yet. Well, Kubernetes has an API that you can access, but to do that you have to tell the proxy what traffic to allow that traffic, so I'd love to access localhost 8001 here and see that traffic. I need to go and type cuddle proxy and now it will be listening when I do this, now I see all the different things, all the apis. ask questions about kubernetes like version I see my version my information here and I see all my pods when I was typing cube cuddle let me show a little trick I'm using the Windows terminal here I'm going to go and type vertical lit panel let me make another panel here we're going to keep our proxy running and here in Windows and in Windows terminal we're going to say get pods where that information comes from that information comes from here that's cool, here's our pod, here's our application, all expressed in a nice javascript json , a kind of API.

I can see my little pods, what my pod names were, I think we had little.netpod, here let's see what it's doing, look at that, but we haven't actually seen the app running yet, so I can type, I can say slash proxy and look hey I'm a.net core app working a little now that the app isn't running on port 8001. What's happening is when we said tube cuddle proxy we poked a hole in our reality here we take this square that we have around our entire kubernetes, what we did was say, hey, I need to access this whole opaque square that represents my kubernetes installation, I need you to go and punch a hole at the top and I want to make sure I can access it. to it through port 8001 and we're proxying the traffic, which means you talk on port 8001 and it says, "Okay, I'll come and tell you." tell him for you I'm acting as your proxy you tell me I'll tell him it'll be transparent trust me I won't change the traffic or anything so now I can do it happy little.net pod happy little node pod here's a node app working a little like this that I have a node module, I have a dot net module, you're just hanging out with cats and dogs that live together, mass hysteria, but now what could I do?

Could you perhaps expound on that? Let's go ahead and Split our panels again and this time we'll do a horizontal split. This is the Windows terminal. You can get this from the Windows Store. I'm pressing Ctrl Shift P to bring up that panel that allows me to change things. Make videos on that if you're interested, so now I'm going to type Tube Cuddle and say: Hey, can we temporarily make a deeper hole instead of a proxy? I really want to access that service that I want to see. exactly what's going on let's go ahead and do this let's put it on port 81 locally and we'll forward it to port 80 inside that will be temporary and look it actually says the orbit from there will hang there but now I'm on localhost , so now I should be able to go to localhost localhost 81 now I can see the main that.net application on port 81.

If I press control c and it disappears, we have lost port 81. There are a lot of interesting things. Networking happens when you do this kind of work, and again, you can see these things by asking Kubernetes questions, like cluster information, and you can get the Kubernetes dashboard and see different ways to express these things, the coolest controls. , the most interesting, uh. forgive me uh in my opinion the commands in kubernetes when you're playing with cuddle are describe that's one and then explain and then you've been watching me this whole time use get to get information about these things and you'll remember we were getting information about pods about coming back here about nodes about clusters there are other things in kubernetes that I haven't had time to talk about because this is just a few minute video all of these things are just vocabulary words that you have to lose to learn, but the Los Kubernetes fundamentals are that it runs containers, manages their lifetime and lifecycle, and does its job by creating pods.

You typically have one container per pod, but you can have multiple; then you can deploy one pod to replace another, so you can have rolling deployment updates where version one goes away, version two stays, you can slowly drain traffic from one pod and increase traffic on another one you have, you can configure traffic and network any way you want so you can talk to different pods with each other now this is a lot, it's a lot of information, but the fundamentals are the same: you run a container, you do a job and you do it well, then you run n number of Windows Linux virtual physical containers, it doesn't matter give them restrictions, you give them memory, you get the CPU for them, you give them storage, you set up networks around them, you make sure they can talk to each other and you do the best you can.

The things that are challenging about Kubernetes are a lot of vocabulary. It's hard to remember how Yaml, another markup language, works. There is a lot of text at work. If you learn, Kubernetes won't hurt you. I think in the future a lot of this will be hidden from you and you won't have to worry. You'll just deploy your app and your app will just work, but it's a really interesting technology that a lot of people are excited about right now and I think it's on top of the concepts that we've been learning here. that this is a pretty good episode about computer science things they never taught you, subscribe and you can help me by telling your friends about these and other episodes.