Kubernetes Architecture
目录
Node
master
- distribute application to worker nodes.
- self healing. it monitors running status of pod which hosts application, it starts a new pod if existing pod is down.
- manage connectivity of cluster network.
worker
- run task.
Node components
Architecture Diagrams
Cluster
Worker Node
| type | component |
|---|---|
| master | api server |
| master | controller manager |
| master | scheduler |
| master | etcd |
| worker | kubelet |
| worker | container runtime |
Explanations
API Server
- Main management point of the cluster. All the other components must go through the API Server to work with the cluster state.
- The API Server is also responsible for the authentication and authorization
Controller Manageer
- It is a daemon that embeds the core control loops shipped with Kubernetes
- It watches the state of the cluster through the API Server and makes changes attempting to move the current state towards the desired state. Such as replication controller, endpoints controller, namespace controller, and serviceaccounts controller.
Scheduler
- It watches for unscheduled pods and binds them to nodes according to the availability of the requested resources.
etcd
- Distributed reliable key value storage system based on raft protocal.
kubelet
- A worker node agent monitoring node and pod status and communicating with master.
kube-proxy
- it enbles communication among pods.
Service
- When requesting a service, it find ip and port from endpoint, then redirect request to the pod.
- Service dynamically monitoring Endpoint since pods(ip:port collection) in Endpoint will be increased/descreased dynamically according to HPA.
EndPoint
- When creating a service with labels, an endpoint with the same name as service will be created automatically. EndPoint won't be created if service doesn't have label.
- Endpoint is a collection of pods' ip and port used by service performing load balance.
Pod
- Containers in the same pod communicate with each other using localhost.
- Containers in the same pod cannot define the same port since all containers are in the same network environment.
container runtime
- kubelet delegate operations against pod to container runtime, container runtime is responsible for managing pods.
kube proxy
- Monitor changes of Service and Endpoint
- Maintains routes from service to pod according to endpoint.
Calico
- Assign IP to pod.
Sequence of creating pod
- kubectl writes to the API Server.
- API Server validates the request and persists it to etcd.
- etcd notifies back the API Server.
- API Server invokes the Scheduler.
- Scheduler decides where to run the pod on and return that to the API Server.
- API Server persists it to etcd.
- etcd notifies back the API Server.
- API Server invokes the Kubelet in the corresponding node.
- Kubelet talks to the Docker daemon using the API over the Docker socket to create the container.
- Kubelet updates the pod status to the API Server.
- API Server persists the new state in etcd.
Course
- Kubelet and Kube-Proxy are necessary for master
