CodeNewbie Community 🌱

Neelam
Neelam

Posted on

Kubernetes Design Principles

Kubernetes was developed to accommodate the features needed by distributed systems that are highly accessible like (auto-)scaling the ability to scale, security and portability.

Scalability The HTML0 Scalability Kubernetes offers an horizontal scaling of pods in accordance with the utilization of CPU. Its threshold of CPU use is set by the user and Kubernetes can automatically begin new pods when the threshold is met. For instance, if the minimum threshold for CPU is 70% CPU, but the application's usage is increasing by up to 220% it is likely that 3 additional pods will be created to ensure that the average CPU utilization will be back below 70 percent. If the number of pods is available for the same app, Kubernetes provides the load scaling capacity to distribute the load across all of them. Kubernetes also allows the horizontal scale of Stateful pods such as NoSQL as well as RDBMS databases using Stateful sets. A Stateful set is similar in idea to a deployment however, it guarantees storage to be persistent and reliable, even after an individual pod is removed.

High Accessibility High-Availability Kubernetes provides highly availability at the infrastructure and application level. Replica sets make sure that the required (minimum) amount of replicates in an unstateful pod for the application being used are in operation. Stateful sets play similar functions to stateful pods. On the infrastructure side, Kubernetes supports various distributed storage backends, including AWS EBS, Azure Disk Google Persistent Disk, NFS, and many more. Making a stable, reliable storage layer on top of Kubernetes will ensure the highest level of availability for stateful workloads. Additionally, all of the master elements can be set up to replicate multiple nodes (multi-master) to guarantee higher availability.

Security Security Kubernetes solves security at different levels such as cluster, application and network. The API ends are secured by transportation layer security (TLS). Only authorized users (either services accounts, or normal users) can perform actions within the cluster (via API request). On the application level, secrets in Kubernetes can be stored as sensitive data (such as tokens or passwords) in a cluster (a virtual cluster, if it is you use namespaces or physical elsewhere). It is important to note that secrets can be accessed from any pod within the cluster. The policies of access for network pods can be specified within the configuration. A network policy describes how pods are permitted to communicate with each other as well as with other endpoints of the network.

Portability Portability Kubernetes portability manifests itself in terms of the operating system options (a cluster is able to run on any popular Linux distribution) processor design architectures (either virtual machines , or pure metal) and cloud services (AWS, Azure or Google Cloud Platform) as well as new runtimes for containers, aside from Docker are also added. By utilizing using the idea of federation it also supports workloads in the hybrid (private as well as public cloud) and multi-cloud systems. This can also support fault tolerance for availability zones within one cloud provider.

If you are interested in learning Kubernetes then consider taking Kubernetes Certification.

Top comments (0)