Introduction to MKE

Introduction to MKE

Mirantis Kubernetes Engine (MKE) is a containerized application that serves to simplify the deployment, configuration, and monitoring of your applications at scale.

Centralized cluster management

With Docker, you can join up to thousands of physical or virtual machines together to create a container cluster that allows you to deploy your applications at scale. MKE extends the functionality provided by Docker to make it easier to manage your cluster from a centralized place.

You can manage and monitor your container cluster using a graphical UI.

Deploy, manage, and monitor

With MKE, you can manage from a centralized place all of the computing resources you have available, like nodes, volumes, and networks.

You can also deploy and monitor your applications and services.

Built-in security and access control

MKE has its own built-in authentication mechanism and integrates with LDAP services. It also has role-based access control (RBAC), so that you can control who can access and make changes to your cluster and applications.

MKE integrates with Mirantis Secure Registry (MSR) so that you can keep the Docker images you use for your applications behind your firewall, where they are safe and can’t be tampered with.

You can also enforce security policies and only allow running applications that use Docker images you know and trust.

Use through the Docker CLI client

Because MKE exposes the standard Docker API, you can continue using the tools you already know, including the Docker CLI client, to deploy and manage your applications.

For example, you can use the docker info command to check the status of a cluster that’s managed by MKE:

docker info

This command produces the output that you expect from MKE:

Containers: 38
Running: 23
Paused: 0
Stopped: 15
Images: 17
Server Version: 19.03.13
...
Swarm: active
NodeID: ocpv7el0uz8g9q7dmw8ay4yps
Is Manager: true
ClusterID: tylpv1kxjtgoik2jnrg8pvkg6
Managers: 1
…

Once the MKE instance is deployed, developers and IT operations no longer interact with Mirantis Container Runtime directly, but interact with MKE instead.

MKE leverages the clustering and orchestration functionality provided by Docker.

A swarm is a collection of nodes that are in the same Docker cluster. Nodes in a Docker swarm operate in one of two modes: manager or worker. If nodes are not already running in a swarm when installing MKE, nodes will be configured to run in swarm mode.

When you deploy MKE, it starts running a globally scheduled service called ucp-agent. This service monitors the node where it’s running and starts and stops MKE services, based on whether the node is a manager or a worker node.

If the node is a:

  • Manager: the ucp-agent service automatically starts serving

    all MKE components, including the MKE web UI and data stores used by MKE. The ucp-agent accomplishes this by deploying several containers on the node. By promoting a node to manager, MKE automatically becomes highly available and fault tolerant.

  • Worker: on worker nodes, the ucp-agent service starts serving

    a proxy service that ensures only authorized users and other MKE services can run Docker commands in that node. The ucp-agent deploys a subset of containers on worker nodes.

MKE internal components

The core component of MKE is a globally scheduled service called ucp-agent. When you install MKE on a node, or join a node to a swarm that’s being managed by MKE, the ucp-agent service starts running on that node.

Once this service is running, it deploys containers with other MKE components, and it ensures they keep running. The MKE components that are deployed on a node depend on whether the node is a manager or a worker.

Note

Regarding OS-specific component names, some MKE component names depend on the node’s operating system. For example, on Windows, the ucp-agent component is named ucp-agent-win.