Shulou(Shulou.com)06/03 Report--

Author | Shengdong, an after-sales technical expert at Aliyun

Guide: when we try to understand how K8s cluster works, the controller (Controller) must be a difficulty. This is because there are many controllers, the specific implementation is very different, and the implementation of the controller uses some obscure mechanisms, which are difficult to understand. However, we can't bypass the controller because it is the "brain" of the cluster. In today's article, the author analyzes the design process of a simple refrigerator to help readers understand the generation, function and implementation of the cluster controller.

Big picture of core components of K8s cluster

The following figure shows the core components of K8s cluster, including database etcd, scheduler Scheduler, cluster entry API Server, controller Controller, service agent kube-proxy and kubelet that directly manages specific business containers.

These components can be logically divided into three parts:

The core component etc database; the entry component API Server; other components that operate directly on etcd, the "other components" here can be classified because they can all be seen as controllers of the cluster.

Today we are going to talk about the principle of cluster controller.

Controller principle

Although the controller is a complex component in the K8s cluster, the controller itself is no stranger to us. The washing machines, refrigerators and air conditioners we use every day all rely on the controller to work properly. In the controller principle section, we understand the principle of K8s cluster controller by thinking about the design process of a simple refrigerator.

A simple refrigerator

The refrigerator consists of five components: a box, a refrigeration system, a lighting system, a thermostat and a door.

The refrigerator has only two functions:

When someone opens the refrigerator door, the light in the refrigerator will turn on automatically; when someone presses the thermostat, the refrigeration system will adjust the temperature in the refrigerator according to the temperature setting.

Unified entrance

For the refrigerator above, we can simply abstract into two parts: a unified operator and all the components of the refrigerator.

Here, users can operate the refrigerator only through the entrance. This entrance provides the user with two interfaces: opening and closing the door and adjusting the thermostat. When the user executes the two interfaces, the entrance adjusts the status of the refrigerator door and the thermostat respectively.

But there is a problem here, that is, through these two interfaces, users can neither turn on the lights inside the refrigerator, nor adjust the temperature of the refrigerator.

Controller

The controller is created to solve the above problems. The controller is a bridge between the user's operation and the correct state of the various components of the refrigerator:

When the user opens the door, the controller observes the change of the door. It turns on the light in the refrigerator for the user. When the user presses the thermostat, the controller observes the temperature set by the user. It manages the refrigeration system for the user and adjusts the temperature in the refrigerator.

Controller Manager

The refrigerator has a lighting system and a cooling system, so it is obviously a more reasonable choice for us to implement a controller for each component than a controller that manages two components. At the same time, we implement a controller manager to maintain all these controllers to ensure that these controllers work properly.

SharedInformer

The controller and controller manager above look pretty good. But when the function of the refrigerator increases, a lot of new controllers are bound to be added. These controllers need to monitor the state changes of the components they care about all the time through the entrance of the refrigerator. For example, the lighting system controller needs to monitor the status of the refrigerator door at all times. When a large number of controllers constantly communicate with the entrance, it will increase the pressure on the entrance.

At this time, we hand over the monitoring of the state change of refrigerator components to a new module, SharedInformer.

As the agent of the controller, SharedInformer monitors the state changes of the refrigerator components for the controller, and notifies the corresponding controllers of the changes in the states of different components according to the preferences of the controller. Through optimization, such SharedInformer can greatly relieve the pressure on the entrance of the refrigerator.

ListWatcher

SharedInformer facilitates the monitoring of refrigerator components by the controller, and the core function of this mechanism is, of course, to actively obtain the status of components and passively receive notifications of changes in the state of components. Taken together, these two functions are ListWatcher.

Assuming that SharedInformer and the refrigerator entrance communicate through the http protocol, then http block coding (chunked transfer encoding) is a good choice to implement ListWatcher. The controller sends a query to the refrigerator entrance via ListWatcher and then waits. When the refrigerator component changes, the entrance notifies the controller through a block http response. When the controller sees the chunked response, it thinks that the response data has not been sent yet, so it will continue to wait.

Give examples to illustrate

From the evolution of a simple refrigerator, we have learned the significance of the controller, the role it plays, and the way it is implemented. Now let's go back to the K8s cluster. K8s cluster implements a large number of controllers, and in the foreseeable future, new functional controllers will continue to appear, and some old controllers will be gradually eliminated.

At present, we are more commonly used controllers, such as Pod controller, Deployment controller, Service controller, Replicaset controller and so on. Some of these controllers are implemented and managed by the kube controller manager manager, while route controllers and service controllers are implemented by cloud controller manager.

The reason for the emergence of cloud controller manager is that in different cloud environments, the implementation of some controllers will vary greatly due to different cloud vendors and cloud environments. This type of controller is divided and implemented separately by cloud vendors based on cloud controller manager.

Here we take the route controller and service controller implemented by Aliyun K8s cluster cloud controller manager as examples to briefly explain the working principle of K8s controller.

Service controller

First, the user requests API Server to create a service of type LoadBalancer, and API Server receives the request and writes the details of the service to the etcd database. This change was observed by the service controller. The service controller understands that LoadBalancer-type services require a SLB as the service entry and several endpoints as the service backend in addition to the service records stored inside the etcd. So the service controller requests SLB's cloud openapi and API Server respectively to create SLB resources on the cloud and endpoints resources in the cluster.

Routing controller

In the chapter of cluster network, we mentioned that when a node joins a K8s cluster, the cluster needs to add a route to the VPC routing table to build the trunk road from the newly added node to the Pod network. And this is what the routing controller does. The process by which the routing controller does this is very similar to that of the service controller above, and I will not repeat it here.

Concluding remarks

Basically, the controller of K8s cluster actually plays the role of cluster brain. With the controller, the K8s cluster has the opportunity to get rid of machinery and passivity and become an automatic, intelligent and useful system.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.