Wednesday, April 25, 2018

Kubernetes - Core Components


Kubernetes Components - As we already know k8 is a combination of multiple components. The description of the Kubernetes components below breaks them into these three groupings. The components that run on master nodes, the components that run on all nodes and the components that run scheduled onto the cluster.

The major components include,

Master Node or control plane - Etcd , Api Server , Scheduler  , Container runtime and Controller
Worker Node - Pods , Kubelet , Kube-proxy , Container runtime and CNI Implemented Network like flannel,Weave etc,  Image Registry
AddOns Components

The Architecture of kubernetes looks,






With multiple components in K8, it can be hard on how they talk to each other. In this article we will see what each component does in detail and also see how they talk to each other.

Every Component in K8 talks to Api Server. No Component talks to the Etcd other than Api Server. All Communication from Control Plane to worker nodes will happen only from Api Server. The communication between each component happens by a Rest based calls.

Before going in deep understanding of the components, let's get the status of the components running,

[root@manja17-I13330 kubenetes-config]# kubectl get po -o custom-columns=POD:metadata.name,NODE:spec.nodeName --sort-by spec.nodeName -n kube-system
POD                                                                  NODE
kubernetes-dashboard-7d5dcdb6d9-s967p           manja17-i13330
weave-net-rz5bh                                               manja17-i13330
kube-apiserver-manja17-i13330                         manja17-i13330
kube-controller-manager-manja17-i13330           manja17-i13330
kube-scheduler-manja17-i13330                         manja17-i13330
kube-proxy-dcnmw                                            manja17-i13330
etcd-manja17-i13330                                        manja17-i13330
kube-proxy-js69w                                             manja17-i14021
weave-net-255pb                                              manja17-i14021
kube-proxy-ww4s5                                            manja17-i14022
kube-dns-86f4d74b45-fvrtb                                manja17-i14022
heapster-5b748fbdc5-cxtsq                                manja17-i14022
weave-net-w582l                                               manja17-i14022

Note - All the components of K8 run under the  Kube-system name space. In the above
Manja17-i13330 is master
Manja17-i14021 and manja17-i14022 are nodes

Let’s  see the status of the components using,
[root@manja17-I13330 ~]# kubectl get componentstatuses
NAME                       STATUS    MESSAGE              ERROR
scheduler                 Healthy     ok
controller-manager   Healthy     ok
etcd-0                      Healthy    {"health": "true"}

Let’s start digging the Components,
ETCD - etcd is a distributed key-value store written in golang that provides a way to store data across a cluster of machines. The name “etcd’ originated from 2 parts, the unix “/etc” location storing configuration data for a single system and “d”istributed systems.
Etc is for storing configuration data for a single machine where as etcd is for storing configuration data that belong to the distributed systems.
Kubernetes stores configuration data into etcd for service discovery and cluster management; etcd's consistency is crucial for correctly scheduling and operating services. The Kubernetes API server persists cluster state into etcd. It uses etcd's watch API to monitor the cluster and roll out critical configuration changes.
kube-apiserver - Kube-apiserver is the very core component of the kubernetes. This is the front end for kubernetes exposing the kube api.
                                  
When you try to create a pod or deployment using the kubectl command , the kubectl command makes a call to the kube-apiserver with details. kube-apiserver then check who you are and also make sure your access level in the current namespace.
kube-apiserver also make sure to check the validity of the manifest file ( kubectl apply -f pod.yml) and if everything is fine , this will then write that to the etcd server.
kube-apiserver is the only one who can talk to the etcd server. Other Kubernetes components watch certain API endpoints that are relevant to them, based on endpoint they act accordingly. No other component can talk to the etcd , they have to talk using HTTP connections to the kube-apiserver.  

kube-scheduler - Component is responsible for scheduling pods on nodes. When we try to create a Pod, the scheduler assigns a node to the pod using information available. The information includes available resources, restrictions like quality of services , affinity rules, data locality , hardware & software and policy constraints.
The same can be done by a kubernetes admin who can enforce node selection to a pod using the NodeSelectors which determine which node a Pod should run. We can write our own Scheduler algorithm if the default one does not work.
kube-controller-manager - The kube-controller-manager is a daemon process container multiple controller. All these controllers are shipped in a single binary in kubernetes.
All that controller does is watch for events. The controller watch the events by watching some API endpoints from kube-apiserver. A controller watches the shared state of the cluster through kube-apiserver and makes changes attempting to move the cluster current state to the desired state.
a few examples of the controllers are deployment controller, node controller, job controller and namespace controller etc.
A Node controller watchs for all node status if they are up or down. a Daemon set controller watchs for the DaemonSet configuration and will create pod on every machine with that pod configuration.

No comments :

Post a Comment