庖丁解⽜:controller-
manager
蓝心湄整体概览
+------------------------------------------------
----------+
| Master |
| +-------------------------+ |
| +------->| API Server |<------
--+ |
||||
||
| v +-------------------------+
v |
| +----------------+ ^ +--------------
------+ |
|||||
||做汤圆
|| Scheduler ||| Controller Manager ||
|||||
||
| +----------------+ v +--------------
------+ |
| +----------------------------------------------
--------+ |
||
||
|| Cluster state store ||
||
||
陈浩民狼吻门| +----------------------------------------------
--------+ |
+------------------------------------------------
----------+
在第 3 节《宏观认识:整体架构》中,我们也认识到了
Controller Manager的存在,知道了 Master 是 K8S 是集的
⼤脑,⽽它则是 Master 中最繁忙的部分。为什么这么说?本节我们
⼀同来看看它为何如此繁忙。
注意:Controller Manager实际由kube-controller-
manager和cloud-controller-manager两部分组
成,cloud-controller-manager则是为各家云⼚商提供了⼀个
抽象的封装,便于让各⼚商使⽤各⾃的provide。本⽂只讨论
kube-controller-manager,为了避免混淆,下⽂统⼀使⽤
kube-kube-controller-manager。
kube-controller-manager是什么
⼀句话来讲kube-controller-manager是⼀个嵌⼊了 K8S 核⼼
控制循环的守护进程。
这⾥的重点是
嵌⼊:它已经内置了相关逻辑,可独⽴进⾏部署。我们在第 5
controller-manager的可执⾏⽂件,不过我们使⽤的是
kubeadm进⾏的部署,它会默认使⽤io/kube-
controller-manager的镜像。我们直接来看下实际情况:master $ kubectl -n kube-system describe pods -l component=kube-controller-manager
Name: kube-controller-manager-master
Namespace: kube-system
Priority: 2000000000 PriorityClassName: system-cluster-critical Node: master/172.17.0.35
Start Time: Mon, 10 Dec 2018 07:14:21
+0000
Labels: component=kube-controller-manager
tier=control-plane Annotations:
kubernetes.io/config.hash=c7ed7a8fa5c430410e84970 f8ee7e067
kubernetes.io/config.mirror=c7ed7a8fa5c430410e849 70f8ee7e067
kubernetes.io/config.seen=2018-12-
10T07:14:21.685626322Z
kubernetes.io/config.source=file
scheduler.alpha.kubernetes.io/critical-pod= Status: Running
IP: 172.17.0.35
Containers:
kube-controller-manager:
Container ID:
docker://0653e71ae4287608726490b724c3d064d5f1556d d89b7d3c618e97f0e7f2a533
Image: io/kube-controller-manager-amd64:v1.11.3
Image ID: docker-
pullable://io/kube-controller-manager-amd64@sha256:a6d115bb1c0116036ac6e6e4d504665bc488 79c421a450566c38b3b726f0a123
Port: <none>
Host Port: <none>
Command:
kube-controller-manager
--address=127.0.0.1
--cluster-signing-cert-
file=/etc/kubernetes/
--cluster-signing-key-
file=/etc/kubernetes/pki/ca.key
--
controllers=*,bootstrapsigner,tokencleaner
--kubeconfig=/etc/f
--leader-elect=true
--root-ca-file=/etc/kubernetes/ --service-account-private-key-
file=/etc/kubernetes/pki/sa.key吉野公佳
--use-service-account-credentials=true
State: Running
Started: Mon, 10 Dec 2018 07:14:24
HDZ+0000
Ready: True
Restart Count: 0
Requests:
cpu: 200m
Liveness: http-get
127.0.0.1:10252/healthz delay=15s
timeout=15s period=10s #success=1 #failure=8
Environment: <none>
Mounts:
/etc/ca-certificates from etc-ca-certificates (ro)
/etc/f from kubeconfig (ro)
/etc/kubernetes/pki from k8s-certs (ro)
/etc/ssl/certs from ca-certs (ro)
/usr/libexec/kubernetes/kubelet-
plugins/volume/exec from flexvolume-dir (rw)
/usr/local/share/ca-certificates from usr-local-share-ca-certificates (ro)
/usr/share/ca-certificates from usr-share-ca-certificates (ro)
Conditions:
Type Status
路由器密码忘记了怎么办Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
usr-share-ca-certificates:
Type: HostPath (bare host directory volume)
Path: /usr/share/ca-certificates
HostPathType: DirectoryOrCreate
usr-local-share-ca-certificates:
发布评论