1

Namespace isolated containers(Pod) & Nodes hosting the Pods are part of data plane

kubectl describe pod [pod-name] command talks to API server and provide information like node details, date started, and the troubleshooting events etc...stored in etcd

kubelet's probe from dataplane(on every node) takes care of healthcheck of all containers within pod.

Is replicaset functionality part of control plane?

To ensure the DESIRED state of replica set, which component in control plane probes data plane ?

overexchange
  • 15,768
  • 30
  • 152
  • 347

1 Answers1

2

It is the kube-controller-manager under which kubernetes is running several type of controllers.

The Kubernetes controller manager is a daemon that embeds the core control loops shipped with Kubernetes. In applications of robotics and automation, a control loop is a non-terminating loop that regulates the state of the system. In Kubernetes, a controller is a control loop that watches the shared state of the cluster through the apiserver and makes changes attempting to move the current state towards the desired state. Examples of controllers that ship with Kubernetes today are the replication controller, endpoints controller, namespace controller, and serviceaccounts controller.

kube-controller-manager [flags]

Here is the example --controllers flag showing what all controllers can be controlled by kube-controller-manager , by changing this flag, you may exclude some of the controllers.

kubectl get pod -n kube-system kube-controller-manager-controlplane -o jsonpath='{.spec.containers[*].command}'
["kube-controller-manager","--allocate-node-cidrs=true","--authentication-kubeconfig=/etc/kubernetes/controller-manager.conf","--authorization-kubeconfig=/etc/kubernetes/controller-manager.conf","--bind-address=127.0.0.1","--client-ca-file=/etc/kubernetes/pki/ca.crt","--cluster-cidr=10.244.0.0/16","--cluster-name=kubernetes","--cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt","--cluster-signing-key-file=/etc/kubernetes/pki/ca.key","--controllers=*,bootstrapsigner,tokencleaner","--kubeconfig=/etc/kubernetes/controller-manager.conf","--leader-elect=true","--port=0","--requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt","--root-ca-file=/etc/kubernetes/pki/ca.crt","--service-account-private-key-file=/etc/kubernetes/pki/sa.key","--service-cluster-ip-range=10.96.0.0/12","--use-service-account-credentials=true"]

In the above output you can see that all(*) controllers are selected by default:

--controllers=*

As per documentation, following is the complete list of the controllers working under kube-controller-manager.

--controllers strings Default: "*"

A list of controllers to enable. '*' enables all on-by-default controllers,

'foo' enables the controller named 'foo', '-foo' disables the controller named 'foo'. All controllers: attachdetach, bootstrapsigner, cloud-node-lifecycle, clusterrole-aggregation, cronjob, csrapproving, csrcleaner, csrsigning, daemonset, deployment, disruption, endpoint, endpointslice, endpointslicemirroring, ephemeral-volume, garbagecollector, horizontalpodautoscaling, job, namespace, nodeipam, nodelifecycle, persistentvolume-binder, persistentvolume-expander, podgc, pv-protection, pvc-protection, replicaset, replicationcontroller, resourcequota, root-ca-cert-publisher, route, service, serviceaccount, serviceaccount-token, statefulset, tokencleaner, ttl, ttl-after-finished Disabled-by-default controllers: bootstrapsigner, tokencleaner

P....
  • 17,421
  • 2
  • 32
  • 52
  • For Pod lifecycle, do we have any controller dedicated in control plane? or does kubelet from data plane would suffice to take care of Pod lifecycle? – overexchange Jul 27 '21 at 15:09
  • pods are managed by kubelet, check out interesting read here https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-states – P.... Jul 27 '21 at 15:37
  • How is the term deployment(`kind: Deployment`) different from replicaset? – overexchange Jul 27 '21 at 16:44
  • deployment is having some additions features over replicaset, one of them is upgrade strategies in deployment. you can have the pods under deployment upgraded using rolling or recreate. This is not present in replicaset by itself. Also, when a deployment is created, it automatically create a replicaset. there are more, but this is the high level gist. TLDR, typically replica-set is created by deployments and replicasets are not created standalone. – P.... Jul 27 '21 at 16:52
  • https://stackoverflow.com/questions/37423117/replication-controller-vs-deployment-in-kubernetes – P.... Jul 27 '21 at 17:08