This topic is weighed 19% on exam

Understand the Kubernetes API primitives.

Understand the Kubernetes cluster architecture.

  • https://kubernetes.io/docs/concepts/overview/components/
  • Kubernetes Architecture 101 https://www.youtube.com/watch?v=zeS6OyDoy78
  • A Technical Overview of Kubernetes https://www.youtube.com/watch?v=WwBdNXt6wO4

  • Cluster split into
    • Control Plane
      • etc distributed persistent storage
        • everything stored under /registry
        • ETCDCTL_API=2 etcdctl ls /registry
        • ETCDCTL_API=3 etcdctl get /registry –prefix=true
      • api server
        • Provides CRUD (Create, read, update, delete) interface for querying and modifying the cluster state over RESTful API and stores the data in etcd
        • Validates objects and stores them in etcd
        • notifies kubelet that object scheduled (e.g. pod)
      • scheduler
        • e.g. wait for newly created pods through API server’s watch mechanism and assign a node to each new pod that doesn’t already have a node set
        • doesn’t instruct selected node to run pod
        • all it does is update pod definition through API server
        • finds acceptable nodes for a pod through list of check and then selects best node for the pod
        • multiple schedulers can be used and pods specify which to use with schedulerName
      • controller manager
        • controllers are enabled by API server to observe changes to deployed resources
        • controllers inside controller manager make sure actual state of system converges towards desired state
        • List of controllers include:
          • replication manager
          • replicaset,daemonset, and job controllers
          • deployment controller
          • node controller
          • persistentvolume controller
          • etc.etc.etc.
        • controllers watch API for changes to the resource they control and perform operations for each change
        • run reconciliation loop which reconciles actual state with desired state
        • controllers operate on API object through API server but don’t communicate with kubelets directly or issue any instructions to them. They update a resource in API server and let other components do their jobs
    • (worker) nodes
      • kubelet
        • watches on node for resource scheduled , creates and runs the object (pod containers)
        • responsible for everything running on worker node
        • initial job is to register the node it’s running on by creating a node resource in API server
        • continuously monitor API server for pods that have been scheduled to the node and start pod’s containers
        • tells the configured containers runtime (docker, rkt, etc) to run container from specific container image
        • constantly monitors running containers and reports their status, events, and resource consumption to API server
        • runs container liveness probes and restarts containers when probes fail
        • terminates containers when pod is deleted from API server and notifies server that pod has terminated
        • runs pods based on pod manifests it gets from API server
        • can run pods based on pod manifest files in local directory. This is to run containerized version of control plane components as pods
        • livenessProbe failure? kubelet restarts
      • kube-proxy
        • make sure clients can connect to the services you define through API
        • make sure connections to the service IP and port end up at one of the pods backing that service
        • configures iptables rules to redirect packets
        • container runtime (docker, rkt, or other)
    • Add-on components
      • DNS server
        • use API server’s watch mechanism to observe changes to services and endpoints and updates its DNS records with each change
      • Dashboard
      • Ingress Controller
        • runs reverse proxy server and keeps it configured according to the ingress, service, adn endpoints resources defined in the cluster
        • observe these resource changes and change proxy servers config every time one of them changes
        • forward traffic to service’s pod directly instead of going through the service ip
        • preservation of client IP when external clients connect through
      • Heapster
      • CNI
kubernetes chain of events

Understand Services and other network primitives.