k8s Practice: Controller

Environmental description:

host name Operating System Version ip docker version kubelet version To configure Remarks
master Centos 7.6.1810 Docker 18.09.6 V1.14.2 2C2G Remarks
node01 Centos 7.6.1810 Docker 18.09.6 V1.14.2 2C2G Remarks
node02 Centos 7.6.1810 Docker 18.09.6 V1.14.2 2C2G Remarks


The deployment of k8s cluster is detailed in: Centos 7.6 Deploys k8s(v1.14.2) Cluster
See k8s Learning Materials for more details: Basic concepts, kubectl commands and data sharing


I. Kubernetes Core Components

1. Overview of Core Components

Kubernetes consists of the following core components:

  • etcd saves the state of the whole cluster.
  • apiserver provides the only access to resource operation, and provides authentication, authorization, access control, API registration and discovery mechanisms.
  • controller manager is responsible for maintaining the status of the cluster, such as fault detection, automatic expansion, rolling updates, etc.
  • Schduler is responsible for resource scheduling, scheduling Pod to the corresponding machine according to the scheduled scheduling strategy.
  • kubelet is responsible for maintaining the life cycle of containers, as well as managing Volume (CVI) and Network (CNI).
  • Container runtime is responsible for image management and the real operation of Pod and container (CRI);
  • kube-proxy is responsible for providing service discovery and load balancing within the cluster for Service

Deployment process

2. View Core Components

Kubelet is the only component that has been running as a regular system component. It runs other components as pod s.

2.1 Check Kubelet

Both master and node nodes can be viewed

[root@master ~]# systemctl status kubelet

2.2 View other components

[root@master ~]# kubectl get po -o custom-columns=POD:metadata.name,NODE:spec.nodeName --sort-by spec.nodeName -n kube-system


This article focuses on the core component controller manager
Short view of resources:

[root@master ~]# kubectl api-resources 

Controller Manager

1. Introduction

_Controller Manager is composed of kube-controller-manager and cloud-controller-manager. It is the brain of Kubernetes. It monitors and maintains the status of the whole cluster through apiserver, such as fault detection, automatic expansion, rolling update, and ensures that the cluster is in the expected working state.

cloud-controller-manager is only needed when Cloud Provider is enabled in Kubernetes to cooperate with the control of cloud service providers, such as Node Controller, Route Controller and Service Controller.

2. Principles

_Controller Manager is the management and control center within the Kubernetes cluster. It is responsible for the management, automatic deployment and health monitoring of Node, Pod, service endpoint, service, resource quota, namespace, service account and other resources in the Kubernetes cluster. It also performs automatic repair for abnormal resources to ensure the collection. The resources of the group are always in the expected working state. For example, when a Node unexpectedly crashes, Controller Manager will automatically deploy Pod copies on the original right-hand node by selecting other nodes in the cluster according to the resource scheduling strategy.
_Controller Manager is a collection of controllers, including Replication Controller, Deployment Controller, RelicaSet, StatefulSet Controller, Daemon Controller, CronJob Controller, Node Controller, Resourcequota Controller, Namespace Controller, Service Account Controller, Token Controller. Controller, Service Controller and Endpoint Controller are the core managers of these controllers. Generally speaking, intelligent systems and automated systems often use a control system to constantly correct the state of the system. In Kubernetes cluster, the core working principle of each controller is that each controller checks the running state of the system through API server, and tries to modify the system state from "existing state" to "expected state".

Replication Controller

1. Introduction

Replication Controller continuously monitors the running pod list to ensure that the number of pods always matches its label selector. Replication Controller consists of three parts:

  • Label selector (label selector) to determine which pod s are in Replication Controller scope
  • Replica count (number of replicas), specifying the number of pod s to run
  • pod template(pod template), used to create new copies of pod

2. Create Replication Controller

[root@master ~]# more nginx-rc.yaml 
apiVersion: v1
kind: ReplicationController    #Type Replication Controller
  name: nginx        #Name of Replication Controller
  replicas: 3        #Number of pod instances
  selector:          #pod selector
    app: nginx
  template:          #pod template
        app: nginx
      - name: nginx
        image: nginx

3. Check Replication Controller

[root@master ~]# kubectl get rc
[root@master ~]# kubectl describe rc nginx 

4. Expansion and contraction

Extension can be achieved by modifying the pod template and direct command

Capacity expansion

[root@master ~]# kubectl edit rc nginx 

Shrinkage capacity

[root@master ~]# kubectl scale rc nginx --replicas=4

5. Delete pod

[root@master ~]# kubectl delete po nginx-2twcf

Delete pod nginx-2 twcf and find that the pod is deleted while k8s automatically adds a pod nginx-vtmt4, which also confirms the previous introduction that Replication Controller will continuously monitor the running pod list to ensure that the number of pods always matches its label selector.

6. Delete Replication Controller

[root@master ~]# kubectl delete rc nginx 

Deleting Replication Controller deletes all pods it manages, and if you want to retain pods, you can add the parameter "--cascade = false"

7. Labels

7.1 New Label

[root@master ~]# kubectl label po nginx-28d4k env=prod

7.2 Check labels

[root@master ~]# kubectl get po --show-labels 

7.3 Change Label

[root@master ~]# kubectl label po nginx-28d4k app=test --overwrite

Changing the label of app=nginx will make the pod no longer match the label selector of Replication Controller, leaving only two matching pods. Replication Controller will start a new pod nginx-64w44 and restore the total number to three.


1. Introduction

ReplicaSet behaves exactly the same as Replication Controller, but the pod selector is more expressive. It is a new generation of Replication Controller and will be completely replaced (Replication Controller will eventually be discarded).

2. Create ReplicaSet

[root@master ~]# more httpd-rs.yaml 
apiVersion: apps/v1    #api version
kind: ReplicaSet
  name: httpd 
  replicas: 3
      - key: app        #The label is app
        operator: In    #In: The value of Label must match one of the specified values
         - httpd        #The label value is httpd
  template:             #replicaset template
        app: httpd 
      - name: httpd 
        image: httpd 

The main improvement of ReplicaSet over ReplicationController is its more expressive label selector, and its pod selector is more expressive.

3. Check ReplicaSet

[root@master ~]# kubectl get rs
[root@master ~]# kubectl describe rs httpd 

4. Delete ReplicaSet

[root@master ~]# kubectl delete rs httpd

Similarly, if you want to keep pod, you can add parameters -- cascade=false


1. Introduction

Deployment provides declarative updates for Pod and Replica Set (the next generation of Replication Controller). You just need to describe what you want in Deployment, and Deployment controller will help you change the actual state of Pod and Replica Set to your target state. You can define a new Deployment, or you can create a new one to replace the old one.
Typical application scenarios for Deployment include:

  • Define Deployment to create Pod and ReplicaSet
  • Rolling upgrade and rollback applications
  • Expansion and Compression
  • Suspend and continue Deployment

2. Deployment practice

Deployment related operations are detailed in: k8s Practice (3): pod Common Operations

VI. Daemon Set

1. Introduction

Unlike Replication Controller and ReplicaSet running and deploying a specific number of pods on the Kubemetes cluster, DaemonSet can only run one copy per Node. If the node is offline, DaemonSet will not recreate pods elsewhere. When a new node is added to the cluster, DaemonSet will immediately deploy a new pod reality. Case. If someone unintentionally deletes a pod, it also creates a new pod from the configured pod template.


DaemonSet guarantees that a container copy is run on each Node and is often used to deploy some cluster log, monitoring, or other system management applications. Typical applications include:

  • Log collection, such as fluentd, logstash, etc.
  • System monitoring, such as Prometheus Node Exporter, collectd, New Relic agent, Gangliagmond, etc.
  • System programs, such as kube-proxy, kube-dns, glusterd, ceph, etc.

This paper takes filebeat as an example to practice.

2. Create DaemonSet

[root@master ~]# more filebeat-ds.yaml 
apiVersion: apps/v1
kind: DaemonSet
  name: filebeat-ds
    app: filebeat
      app: filebeat
        app: filebeat
      name: filebeat
      - name: filebeat
        image: ikubernetes/filebeat:5.6.5-alpine
        - name: REDIS_HOST
          value: db.ilinux.io:6379
        - name: LOG_LEVEL
          value: info
[root@master ~]# kubectl apply -f filebeat-ds.yaml 
daemonset.apps/filebeat-ds created

3. Check DaemonSet

[root@master ~]# kubectl get ds
[root@master ~]# kubectl describe ds filebeat-ds 
[root@master ~]# kubectl get po -o wide 

view log

4. Update DaemonSet

[root@master ~]# kubectl set image daemonsets filebeat-ds filebeat=ikubernetes/filebeat:5.6.6-alpine

DaemonSet updates image s by deleting and creating

5. Roll back DaemonSet

5.1 Query History Version

[root@master ~]# kubectl rollout history ds filebeat-ds 

5.2 Query for details of a historical version

[root@master ~]# kubectl rollout history ds filebeat-ds --revision=1
[root@master ~]# kubectl rollout history ds filebeat-ds --revision=2

5.3 rollback

[root@master ~]# kubectl rollout undo ds filebeat-ds --to-revision=1

5.4 View the DaemonSet status

[root@master ~]# kubectl rollout status ds/filebeat-ds
daemon set "filebeat-ds" successfully rolled out
[root@master ~]# kubectl describe ds filebeat-ds |grep Image
    Image:      ikubernetes/filebeat:5.6.5-alpine

6. Delete DaemonSet

[root@master ~]# kubectl delete ds filebeat-ds 
daemonset.extensions "filebeat-ds" deleted

VII. Job

1. Introduction

From the point of view of the running form of programs, we can divide Pod into two categories: long-running services (http server, daemon, mysql) and one-time tasks (such as parallel data computing, testing, batch processing, etc.). Replication Controller, ReplicaSet and DaemonSet create pods that run for long periods of time, while Job creates pods that are one-time services.

2. Create job s

[root@master ~]# more job.yaml 
apiVersion: batch/v1    #The api version is batch/v1
kind: Job
  name: pi
      - name: pi
        image: perl
        command: ["perl",  "-Mbignum=bpi", "-wle", "print bpi(2000)"]
      restartPolicy: Never    #If the setup container fails and does not restart, the new pod will be created directly.
  backoffLimit: 4    #Limit the number of new pod s, default 6
[root@master ~]# kubectl apply -f job.yaml 
job.batch/pi created

3. View job s

[root@master ~]# kubectl get job
[root@master ~]# kubectl get po -o wide 

View job Running Results

[root@master ~]# kubectl logs pi-g2499 

The job is to find the circumference accurate to 2000 bits.

4. Parallel job

[root@master ~]# more multi-job.yaml 
apiVersion: batch/v1
kind: Job
  name: multi-job
  completions: 10    #Set the total number of successful Pod s completed by Job
  parallelism: 2    #Number of parallel executions of pod
        app: multi-job
      restartPolicy: OnFailure    #Restart after setup container failed
      - name: busybox
        image: busybox
[root@master ~]# kubectl apply -f multi-job.yaml 
job.batch/multi-job created

Run two job s at a time, and the number of pod s running is 10

5. Cronjob

New cronjob

[root@master ~]# more cronjob.yaml 
apiVersion: batch/v1beta1 
kind: CronJob
  name: hello
  schedule: "*/1 * * * *"
          - name: hello
            image: busybox
            - /bin/sh
            - -c
            - date; echo Hello from the Kubernetes cluster
          restartPolicy: OnFailure
[root@master ~]# kubectl apply -f cronjob.yaml 
cronjob.batch/hello created

View cronjob

[root@master ~]# kubectl get cronjobs
[root@master ~]# kubectl get job --watch

A job is generated every minute.

6. Delete job s

[root@master ~]# kubectl delete job pi multi-job
[root@master ~]# kubectl delete cronjobs hello


All scripts and configuration files in this article have been uploaded to github: https://github.com/loong576/k8s-Controller.git

Keywords: Linux Nginx Kubernetes kubelet Docker

Added by genesysmedia on Wed, 07 Aug 2019 13:33:31 +0300