Oliver Knapp Somerford Associates

Getting Started with Kubernetes

Author: Oliver Knapp
Release Date: 20/02/2024

What is Kubernetes?

Join me to uncover the value that can be obtained from Kubernetes when getting started, discussing what it actually is, how it can be used, and also, as the name suggests, how you can begin to use it to drive value. Before going any further though, it is important to establish what exactly Kubernetes, commonly referred to as K8s, is.

Containers

In order to understand Kubernetes it is important to first understand that in the modern computing world there is a high usage and dependency on containerisation. That is, using software to group application resources together, including their environments and files, so that they can virtually run anywhere and have dependencies and resources managed. This allows for ease of use and movement of the application or software across any environment, such as moving an app out of a test environment and into a prod environment. Containers also facilitate a higher level of security for software as security can be built directly into the pipeline.

A good way of looking at containers would be to equate them to virtual machines, although more lightweight. They are a package which have their own OS and everything they need to run independently and serve the purpose of a single application. This in essence allows for them to serve their role as a portable application host which can be used across your infrastructure as you need it and serves to facilitate the development pipeline which best suits your business.

However, due to the nature of containers, there are more complexities than normal software operation, as such, there is a need for container orchestration. This means a method for managing all of your containers across your environments (which for a large company would be a lot of containers) and ensuring that all of them are running optimally and are managed effectively. This is where Kubernetes comes into play.

Getting Started with Kubernetes - Virtual Machines

Kubernetes

Now we know the basis of why there is a need for container managing and orchestration, we can take a look at the most popular tool for doing so, Kubernetes.

But what exactly is Kubernetes?

Well, as previously mentioned, Kubernetes serves as a tool which is used to manage your containers, including features which allow you to deploy and operate them centrally. It is an open source platform originally built on google cloud and released in 2014. It aims to make your life in containers as easy and hassle free as possible. This is done through automating the orchestration and optimising the time and resource attribution.

This automation encompasses built in commands which allow for the deployment of applications and rolling out changes to them and also the scaling of said applications in order to fit the bespoke requirements of your infrastructure. It is important to remember however that Kubernetes is not a tool which builds applications or provides application level services, it is an automation management tool.

Once your organisation is utilising Kubernetes, there are many different tools and companies who work with Somerford, with products which can take advantage of this. From the security perspective in analysing data with Lacework FortiCNAPP or Splunk Enterprise Security, or in an observability sense through Netskope.

What can it actually do?

Kubernetes main aim is to provide a framework for running and managing your containers, taking care and automating your scaling.

Some of its key features are:

• Service discovery and load balancing Kubernetes can allow for access to a container using its DNS name or IP address and if traffic to a container is high, it can load balance and distribute the network traffic to ensure the deployment is stable.
• Automated rollouts and rollbacks You can set a state which you want your containers to be in and Kubernetes will ensure that the containers are always at that state such as automating Kubernetes to create new containers with adopted resources.
• Automatic Resource Allocation You can define parameters within Kubernetes so that it allocates a certain amount of RAM and CPU to each container and make the best use of your resources.
• Self-healing and health monitoring Kubernetes restarts containers that fail, replaces containers, kills containers that don't respond to your user-defined health check. Not only this but Kubernetes continuously monitors the health of your services and ensures that your containerised environment is running optimally.
• Horizontal scaling Scale your application up and down with a simple command, with a UI, or automatically based on CPU usage.

These are some of the most important features, however there are many more. For a full run down, head to the Kubernetes website.

What tools use Kubernetes?

As mentioned previously, Somerford partners with many different vendors whose products can take full advantage of Kubernetes and use it to drive more value for the customer. A prime example of this would be products which use your data to give you an overview of the security of your environments.

Within a machine learning tool such as Lacework FortiCNAPP, Kubernetes is given its own bespoke section providing insights into not only the Kubernetes deployment itself, but also using this to enrich the security health of your environment through insights which give a combined overview. Splunk can also bring in Kubernetes data, and seamlessly index it alongside the rest of your environments data, thus giving you a more detailed and thorough repository of data to search on and allow for the insights gained from this data to be more impactful and the context to be further enriched.

Deploying Kubernetes

So let's imagine that you have multiple containerised applications and are needing a tool which lets you manage them and have more control. You opt for Kubernetes, good choice! But how would you go about getting started?

Kubernetes defines establishing operation as 6 main steps as can be seen below:

Getting Started with Kubernetes - Cluster to App

Although we will only focus on the first 2 as these are the main points of focus when first establishing your environment with a kubernetes framework.

There are quite a few methods for initially setting up Kuberenetes due to the range of distributions which are on offer, however these boil down to a key decision, either using the more involved official setup which utilises Kubeadm, or a packaged solution such as K3s or MicroK8s. For the latter options installation can be as simple as running commands on the CLI of your machines and doing the relevant configuration to your chosen distribution.

The official method requires the downloading and installation of the aforementioned Kubeadm and a container runtime on all hosts, then the following of the instructions found on the official website, for the function of this blog they won’t be regurgitated.

Key terms & concepts

Before proceeding and playing around with your newly managed containerised environment, it's probably best to understand some of the terms and concepts used within Kubernetes.

• Nodes are how Kubernetes refers to the physical machines which make your clusters, they run the containers, each cluster has an advertised maximum of 5000 nodes.
• Namespaces are how Kubernetes refers to groups of resources and they allow for the differentiation of your containers, each namespace is unique and the same name can’t be used multiple times.
• A pod is the compute unit in K8s, they can be a single or multiple containers and are used for a single purpose such as an API and it’s database. Most of the time they map directly to a container.
Services are how pods are exposed to the network and allow for them to be accessed and changed
• Within Kubernetes a Job is an object which makes a set of pods and waits for them to be finished, after which the job is marked as complete. They allow for the running of ad-hoc tasks within your clusters
• Secrets are sensitive data which is put into your cluster such as certificates or passwords, they can be supplied to pods or mounted on a volume
• DaemonSets are objects which are used to replicate pods to nodes in your cluster, they are more often used in the context of running long life background processes which are consistent across nodes such as log collecting or monitoring.

Conclusion

To conclude, Kubernetes is a container management tool which allows for you to have complete control over your containerised applications. Through the use of automation and other key features aiming to make your life easier Kubernetes becomes an invaluable tool for any containerised environment. And due to its nature of being an easy to operate open source tool it is no wonder it has become the most popular container orchestration tool on the market, being recognised by many other products and vendors as a key data source and integrations with some of the biggest data tools being available.

Not only this but getting set up and running is a simple process which can be easily facilitated in house. Once set up, we saw how there are countless tools, facilitated by Somerford, which can utilise and allow you to draw even more value from Kubernetes, from security to observability.

More Resources like this one:

Introduction to Lacework FortiCNAPP — Data-Driven Security Platform for the Cloud | Demo & Tutorial

Secure Your Entire Cloud From One Place
With Lacework FortiCNAPP & Somerford Associates

Interested in Kubernetes?

Get in touch and we can support you!
Scroll to Top