Kubernetes (PaaS on OpenStack)

Hosted Services

• Available Services Page

Login

Via Keycloak with EONERC AD Account on Rancher Dashboard.

Dashboards

• Rancher Dashboard
• Ceph Dashboard

K8S Glossary

Container

Containerized application (usually a single process per Container)

Pod

A set of Containers sharing the same network namespace (one IP per Pod)

Replicaset

A set of Pods running the same application (instances of the same class of application)

PersistentVolumeClaim

Definition of a persistant volume claim, provided by our k8s hosted ceph cluster. There are three classes of storage
    - rook-ceph-block (simple block device based storage, can be used only by a single Container)
    - rook-ceph-bucket (s3 type object storage, can be used by multiple Containers and Pods)
    - rook-cephfs (nfs like storage, can be used by multiple Containers and Pods)
  

Deployment

A definition of a set of Containers forming a Pod and optionally a Replicaset and/or incorporation of PersistentVolumeClaims

Service

A (load balanced) endpoint of the Pod's application which is either of type
    - ClusterIP, reachable inside the k8s cluster (10.43.0.0/16)
    - NodePort, reachable inside OpenStack cluster via any k8s node (192.168.1.0/24)
        also reachable via 137.226.248.61, 137.226.248.62 and 137.226.248.63 (master.acs-infra-k8s.osc.eonerc.rwth-aachen.de)
        for all TCP/UDP services on Ports 30000-32767 inside RWTH Network
  

Ingress

A set of rules that define a virtual hostname and it's proxy connection to a Service (ClusterIP or NodePort).
    Virtual hosts are also provided a let's encrypt certificate.
    DNS names, ip addresses and ports (80 HTTP and 443 HTTPS only) are reachable worldwide and can be formed as subdomains of
    - *.k8s.eonerc.rwth-aachen.de
    - *.k8s.fein-aachen.org
    - *.acs-infra-k8s.osc.eonerc.rwth-aachen.de
    completely automatically.
  

K8S Basic Examples Slides

• k8s-introduction.pdf

K8S Official Documentation

• kubernetes.io

Need Assistance?

Contact Nicolas Berr.