Understanding Kubernetes - Part 2.

Tebogo Mahlomoja

Kubernetes Control Plane

Kubernetes operates as a distributed system with multiple collaborating components dedicated to upholding the cluster's intended state. At its foundation lie the control plane components, pivotal in overseeing and governing the cluster's functionalities. Leveraging Kubernetes' distributed framework enables seamless collaboration among these components across various nodes, ensuring robustness through high availability and fault tolerance measures.

To put it into perspective, when managing a data center, you handle an array of infrastructure elements like servers, switches, routers, firewalls, and load balancers at the hardware level. The challenge lies in exposing this infrastructure to developers and consumers without granting administrative access. Kubernetes serves as a solution by abstracting this complex infrastructure into an accessible API, effectively opening it up for utilization by anyone without necessitating direct administrative privileges.

Distributed Nature of Kubernetes

Kubernetes operates in a distributed manner, meaning its components are spread across multiple nodes within the cluster. This distribution ensures fault tolerance and high availability by preventing a single point of failure. Each control plane component runs on multiple nodes, and when one node fails, another node automatically takes over its responsibilities.

  1. API-driven interaction: Kubernetes offers an API that abstracts the details of individual servers, networking devices, and other infrastructure components. Users can interact with the Kubernetes API to manage applications, containers, storage, networking, and other resources without needing direct access to underlying hardware.
  2. Resource encapsulation: Kubernetes encapsulates infrastructure resources into higher-level objects like Pods, Services, Deployments, and ConfigMaps. These abstracted objects hide the complexity of the underlying infrastructure, allowing users to focus on defining the desired state of their applications rather than worrying about hardware specifics.
  3. Role-Based Access Control (RBAC): Kubernetes provides RBAC, enabling administrators to define granular access policies. This allows them to control who can perform which actions on various resources within the Kubernetes cluster. With RBAC, developers and consumers can access only the specific resources they need, ensuring security and minimizing potential risks.
  4. Service exposure and networking: Kubernetes abstracts networking complexities by providing Services, which act as an abstraction for network endpoints. Developers can expose their applications using Services without needing to manage individual load balancers or networking configurations.

Control Loops and Reconciliation

Control Loops

Kubernetes employs control loops to maintain the desired state of the cluster continuously. These control loops are continuously running processes within each controller that perform reconciliation—comparing the actual state of the cluster with the desired state and taking necessary actions to converge them.

Reconciliation Process

  1. Observation: Controllers watch the cluster's current state by querying the API Server for the desired configuration.

  2. Comparison: The observed state is compared against the desired state specified in the configuration.

  3. Decision Making: If there are any discrepancies between the observed and desired states, the controller makes decisions to reconcile the differences.

  4. Action: The controller takes appropriate actions to bring the actual state in line with the desired state, either by creating, deleting, or updating resources.

Example of Reconciliation

Consider the ReplicaSet controller, responsible for maintaining a specified number of identical pods. If it observes fewer pods than the desired count:

  • Observation: The controller checks the actual number of pods.
  • Comparison: Compares this count with the desired count specified in the ReplicaSet.
  • Decision Making: Recognizes the shortfall and decides to create more pods.
  • Action: Initiates the creation of additional pods to meet the desired count.

Conclusion

The control plane components of Kubernetes work collaboratively in a distributed environment, ensuring the cluster's stability, fault tolerance, and adherence to the desired state. Through control loops and reconciliation processes, Kubernetes maintains the system's health by continuously monitoring and adjusting its components, thereby enabling a resilient and self-healing infrastructure for containerized applications.

You should also read: