Controllers
Controllers (also known as operators) are watch-loops which each maintain a specific resource. They execute on the control plane nodes. Core controllers are compiled in to the Controller Manager, and additional controllers can be implemented via CRDs. Each controller is a reconciliation loop: continually monitoring the desired and actual states of the cluster to identify and execute changes to bring the two in line.
- Watch state, either via watch mechanism or polling.
- Determine and perform operations to reconcile the current state with the desired state.
- Resolve deltas via the API Server.
Controller Manager
The Controller Manager is made up of two components:
kube-controller-manager
runs the core controllers. There's only one instance per cluster.cloud-controller-manager
was farmed out to enable easier implementation of integrations with the host cloud platform environment at the vendor's own pace.
Admission
Admission controllers intercept write requests to the Kubernetes API server after authentication and authorisation but before an object is persisted. There are two types of admission controller, and some controllers are both types:
MutatingAdmissionWebhook
run first, and can modify admitted objects.ValidatingAdmissionWebhook
run later, and can reject admitted objects.
A rejection from any admission controller rejects the request.
Admission controllers are enabled with the API server's --enable-admission-plugins
switch. Controllers enabled by default can be disabled with --disable-admission-plugins
. The list of plugins enabled by default can be obtained from the help output:
kube-apiserver -h | grep enable-admission-plugins
DaemonSet
DaemonSet allows running a copy of the specified pod on all, or all matching, nodes. It's commonly used for cluster components and monitoring/maintenance agents.
StatefulSet
Allows management of stateful applications, providing unique network names, persistent storage and ordered operations for scaling and rolling updates.
Job
Facilitates batch workloads, creating one or more pods and ensures a defined number of them terminate successfully.
CronJob
Runs a Job on a defined schedule.
Node
Monitors the up/down state of nodes and resources running on them.
Service
Manages the creation and deletion of load balancers.
Endpoint
Manages the endpoints for Kubernetes services based on the configured selectors and readiness states of pods.
Children
Backlinks