Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Inside of Kubernetes Controller

C174e1ef0c746f53d989b1902b4e674e?s=47 go_vargo
September 27, 2019
Technology
20
8.7k

Inside of Kubernetes Controller

C174e1ef0c746f53d989b1902b4e674e?s=128

go_vargo

September 27, 2019
Tweet

More Decks by go_vargo

See All by go_vargo
Kubernetes Internal #9 - Minikube
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
0
120
気をつけたいKubernetesとの付き合い方 / Happy Kubernetes Life
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
6
2.3k
[CNDT2020]Linux Observability with BPF Performance Tools
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
15
2.8k
Admission Webhookで快適なSecret管理 / Berglas Secret Admission Webhook
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
5
2.8k
[CNDK2019]Production Ready Kubernetesに必要な15のこと / Production Ready Kubernetes 15 Rules
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
38
13k
ゼロから始めるKubernetes Controller / Under the Kubernetes Controller
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
35
10k
コロプラが実践しているSpinnakerを用いたデプロイ戦略 / Deploy Strategy with Spinnaker at Colopl
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
6
3.4k
Improve Docker Image by BuildKit
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
4
1.1k
Debugging for MicroService on Kubernetes
C174e1ef0c746f53d989b1902b4e674e?s=48 govargo
2
390

Other Decks in Technology

See All in Technology
Research Paper Introduction #98 "NSDI 2022 recap"
464d1574ef169d2457c907e77794d973?s=48 cafenero_777
0
190
OSINT/GEOINT ワークショップ 20220514 古橋資料
5314ec2302336bf68c95bdb5b1476227?s=48 furuhashilab
2
230
We’re all on the path of growth 🌱
D16bc1f94b17ddc794c2dfb48ef59456?s=48 mosky
1
360
成長を続ける組織でのSRE戦略:プレモーテムによる信頼性の認識共有 SRE Next 2022
Dccc861c47a9a7bfc7f71a86e1245897?s=48 niwatakeru
7
2.2k
220428event_matsuda_part
E55fbffb4afd0a84d36c945ed68d8c19?s=48 caddi_eng
0
240
AWS CloudShellという推しサービスについて / lt-20220502-jawsug-cli
900328ebf119b493ea46c5a969c6e038?s=48 becominn
0
630
Who owns the Service Level?
93c80c388fe9d8f9df7d030549a0ff0b?s=48 chaspy
5
690
Building smarter apps with machine learning, from magic to reality
7e6a435700dda6cdb22105d601f20892?s=48 picardparis
4
3.1k
Steps toward self-service operations in eureka
71929a476c581dd754e4e1f355ac07d0?s=48 fukubaka0825
0
400
ISUCON で使えるツールを作った
Cb17938137021ead2656d0fe58b7c7b1?s=48 shotakitazawa
0
350
ニフティでSRE推進活動を始めて取り組んできたこと
374e82d9428869942bed1de094a7ca95?s=48 niftycorp
2
180
~スタートアップの人たちに捧ぐ~ 監視再入門 in AWS
Bf5ee9059859ed5d855b5ff4680e63e2?s=48 track3jyo
PRO
30
8.4k

Featured

See All Featured
Streamline your AJAX requests with AmplifyJS and jQuery
9cde37f47e4a800ea081ea42de8d749a?s=48 dougneiner
125
8.5k
Web development in the modern age
465724d73fe3a92c0879fdfb43a3a6f3?s=48 philhawksworth
197
9.3k
Build The Right Thing And Hit Your Dates
016edace78ffe826f2348d1e0c504afd?s=48 maggiecrowley
19
1.1k
Clear Off the Table
Ef32e0b1ac5082450dc8c1fca3a26b5c?s=48 cherdarchuk
79
280k
Easily Structure & Communicate Ideas using Wireframe
0c6fd6a08d0f898159cda7cafcacf07f?s=48 afnizarnur
181
15k
The Invisible Side of Design
B3d6434763caa0ef5dc4b792662c49f7?s=48 smashingmag
289
48k
Rebuilding a faster, lazier Slack
C0b42577cfc2b321be3474618107e933?s=48 samanthasiow
62
7.2k
How GitHub (no longer) Works
78b475797a14c84799063c7cd073962f?s=48 holman
296
140k
XXLCSS - How to scale CSS and keep your sanity
1b8ad785acdd1ce1c99914b1c2a4e10e?s=48 sugarenia
236
1M
The Invisible Customer
4262b9cfacfb6b2c77f23e1d0310cd3e?s=48 myddelton
110
11k
Typedesign – Prime Four
A0517b08532aec8ab2aae3f65d40ad86?s=48 hannesfritz
33
1.3k
Atom: Resistance is Futile
7fa6101cd43067653cf4ac6c7ca54305?s=48 akmur
255
20k

Transcript

  1. Inside of Kubernetes Controller 2019/09/27 Kubernetes Meetup Tokyo #23 Operator

    Deep Dive

  2. Who am I Name: Kenta Iso(@go_vargo) Job: Infrastructure Engineer Kubernetes

    Lover Mission: Make Kubernetes environment Improve 2 CKA & CKAD

  3. Purpose & Target ɾPeople who know Kubernetes Resources can understand

    Controller mechanism(include Implement). ɾKubernetes Controller Concept ɾKubernetes Controller mechanism, inside Controller Implement ɾComponents support Kubernetes Controller = Controller’s High Level Layer ~ Low Level Layer Target Purpose

  4. Not Targeting ɾKubernetes Custom Controller + CRD Detail ※ However,

    Understanding controller mechanism Helps you to build custom controller. ɾFramework & SDK for Kubernetes Custom Controller e.g. KubebuilderɺOperator SDK controller-runtime, controller-tools Not Target

  5. Note Book Review Blog(Japanese): https://go-vargo.hatenablog.com/entry/2019/08/05/201546 This slide is impressed by

    Programming Kubernetes. Programming Kubernetes 
 Published by O’Reilly Media, Inc. ʮProgramming KubernetesʯAuthor: Stefan Schimanski, Michael Hausenblas Chap1~2: Kubernetes Concept, API Object Chap3: client-go Chap4: CRD Chap5: code-generator Chap6~7: Custom Controller Chap8~9: Custom API Server, CRD Advanced https://programming-kubernetes.info/

  6. Agenda ɾ What is Kubernetes Controllerʁ ɾ Control Loop(Reconciliation Loop)

    ɾController Library & Components ɾClient-Go - Informer - WorkQueue ɾController’s Cycle, Main Logic ɾController Summary - Reference

  7. What is Kubernetes Controllerʁ ʙ High Level Architecture ʙ

  8. .BTUFS 8PSLFS 8PSLFS 8PSLFS Kubernetes Architecture Master Node Worker Node

  9. Kubernetes High Level Architecture .BTUFS 8PSLFS FUDE DMPVEDPOUSPMMFS NBOBHFS /PEF

    $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ DPOUSPMMFS NBOBHFS BQJTFSWFS TDIFEVMFS /PEF $POUBJOFS 3VOUJNF LVCFMFU /PEF $POUBJOFS 3VOUJNF LVCFMFU DMPVE LVCF QSPYZ LVCF QSPYZ

  10. Kubernetes Architecture Kubernetes is Distributed Architecture & Distributed Components Master:

    AuthɾAuthz, Resource(API Object) Management, Container Scheduling: General management Worker: Container Execution

  11. .BTUFS 8PSLFS FUDE DMPVEDPOUSPMMFS NBOBHFS /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF

    QSPYZ DPOUSPMMFS NBOBHFS BQJTFSWFS TDIFEVMFS /PEF $POUBJOFS 3VOUJNF LVCFMFU /PEF $POUBJOFS 3VOUJNF LVCFMFU DMPVE LVCF QSPYZ LVCF QSPYZ Kubernetes High Level Architecture

  12. api-server / controller-manager api-server: api-server receives API Object’s CREATEɾUPDATEɾDELTE (CRUD)requests

    and execute requests. Executed Object data is persisted to etcd(DataStore). ※ component which accesses to etcd is only api-server controller-manager: Controller manages Resource(like Deployment, Service…). controller-manager is a group of multiple controllers.

  13. controller-manager controller-manager: multiple controllers in one binary %FQMPZNFOU 3FQMJDB4FU %BFNPO4FU

    4FSWJDF +PC $SPO+PC &OEQPJOU 4UBUFGVM4FU ʜ

  14. 3FQMJDB4FU $POUSPMMFS LJOE3FQMJDB4FU NFUBEBUB OBNFYYYYYY TQFD ʜ 3FTPVSDF  3FTPVSDF

     3FTPVSDF ʜ 3FTPVSDF / .BOBHFT $POUSPM-PPQ .BOJGFTU ControllerͱResource Controller manages Resource FH3FQMJDB4FU$POUSPMMFS

  15. 3FQMJDB4FU $POUSPMMFS Controller and Resource One Controller manages one Resource

    3FQMJDB4FU 1PE %FQMPZNFOU $POUSPMMFS %FQMPZNFOU NBOBHF DSFBUF NBOBHF DSFBUF Reference: OwnerReference https://kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ There is mechanism called byʮownerReferenceʯwhich parent resource tags child resource. When parent resource is deleted, child resource is deleted by Garbage Collection(GC).

  16. Control Loop (Reconciliation Loop)

  17. "DUVBM4UBUF $POUSPM-PPQ %FTJSFE4UBUF 3FBESFBMSFTPVSDFT $IBOHFJOUFSOBMFYUFSOBMSFTPVSDFT PCTFSWF BOBMZ[F "DU Controller’s Concept

    Concept: Control Loop(Reconciliation Loop)

  18. Control Loop(Reconciliation Loop) Controller Loop is Controller’s Concept. ※This is

    called by Reconciliation Loop Controller Loop Flow: 1. Read Resource Actual State 2. Change Resource State to Desired State 3. Update Resource Status Declarative API realize immutable Infrastructure by Control Loop. Loop

  19. 3FQMJDBT ReplicaSet Control Loop Example 3FQMJDBT 3FQMJDB4FU $POUSPMMFS 3FQMJDB4FU $POUSPMMFS

    0CTFSWF %FTJSFE4UBUF "DUVBM4UBUF "DU

  20. ReplicaSet Apply ʙ Container Execution LJOE3FQMJDB4FU NFUBEBUB OBNFYYYYYY TQFD ʜ

    .BOJGFTU 6TFS .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS TDIFEVMFS ,VCFDUMBQQMZGNBOJGFTUZBNM †"QQMZ3FQMJDB4FU3FTPVSDF 3FQMJDB4FU $POUSPMMFS ᶃ3FQMJDB4FUJT$SFBUFE

  21. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS $POUSPM-PPQ ᶄ3FQMJDB4FU$POUSPMMFSEFUFDUT3FQMJDB4FUDSFBUJPO ᶄ`&NQUZ1PEJTDSFBUFEXIJDIEPFTO`U IBWF4QFDOPEF/BNFCZ$POUSPMMFS DSFBUF ˞/PUZFUEFMJWFSFEUP8PSLFS/PEF ReplicaSet Apply ʙ Container Execution

  22. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS ᶅ4DIFEVMFSEFUFDUT1PEDSFBUJPO queue ᶅ`4DIFEVMFSFORVFVFTUPTDIFEVMJOH RVFVFCFDBVTFQPE4QFDOPEF/BNF JTFNQUZ ReplicaSet Apply ʙ Container Execution

  23. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS ᶆLVCFMFUBMTPEFUFDUT1PEDSFBUJPO queue ᶆ`LVCFMFUTLJQTCFDBVTF QPE4QFDOPEF/BNFJTFNQUZ skip ReplicaSet Apply ʙ Container Execution

  24. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS ᶇ4DIFEVMFSQPQT1PEGSPNRVFVF queue ᶇ`4DIFEVMFTQPEUPOPEFXIJDI DBOCFUPBTTJHOUP schedule ᶇ`6QEBUFTQPE4QFDOPEF/BNF 6QEBUF TQFDOPEF/BNF ReplicaSet Apply ʙ Container Execution

  25. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS queue ᶈLVCFMFUEFUFDUT1PEVQEBUF ᶈ`LVCFMFUTUBSUTVQDPOUBJOFS ReplicaSet Apply ʙ Container Execution

  26. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS queue ᶉLVCFMFUTFOETSFRVFTUUPBQJTFSWFS  BOEBQJTFSWFSVQEBUFTQPE4UBUVT TUBUVTDPOEJUJPOT ReplicaSet Apply ʙ Container Execution

  27. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS queue /PXTVQQPTFUIFDPOUBJOFSEJFEGPSTPNFSFBTPO ReplicaSet Apply ʙ Container Execution

  28. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS queue 1PE`T5FSNJOBUJOH TUBUVTDPOEJUJPOT ReplicaSet Apply ʙ Container Execution ᶊLVCFMFUTFOETSFRVFTUUPBQJTFSWFS  BOEBQJTFSWFSVQEBUFTQPE4UBUVT

  29. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS queue 1PE`T5FSNJOBUJOH ᶋ3FQMJDB4FU$POUSPMMFSEFUFDUT 1PEVQEBUF EFMFUF ᶋ`3FQMJDB4FU$POUSPMMFSEFMFUFT1PE ReplicaSet Apply ʙ Container Execution

  30. .BTUFS 8PSLFS FUDE /PEF $POUBJOFS 3VOUJNF LVCFMFU LVCF QSPYZ BQJTFSWFS

    TDIFEVMFS 3FQMJDB4FU $POUSPMMFS queue 3FDPODJMF ᶌ3FQMJDB4FU$POUSPMMFS3FDPODJMF JOPSEFSUPCFDPNF%FTJSFE4UBUF $POUSPMMFSSFDSFBUF1PE EFMFUF "OETP -PPQUIJTʜ ᶄʙᶌSFQFBU ReplicaSet Apply ʙ Container Execution

  31. Appendix) Source Code ᶄ https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go#L487 ᶅ https://github.com/kubernetes/kubernetes/blob/v1.16.0/pkg/scheduler/eventhandlers.go#L436 ᶆ https://github.com/kubernetes/kubernetes/blob/v1.16.0/pkg/kubelet/config/apiserver.go#L33 ᶇ

    https://github.com/kubernetes/kubernetes/blob/v1.16.0/pkg/scheduler/scheduler.go#L535 ᶈ https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/kubelet/kuberuntime/kuberuntime_manager.go#L803 ᶉ https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/kubelet/kubelet.go#L1527 ᶊ https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/kubelet/kubelet.go#L2006 ᶋ https://github.com/kubernetes/kubernetes/blob/v1.16.0/pkg/controller/replicaset/replica_set.go#L535 ᶌ https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go#L487

  32. Controller and Components Each Component’s Responsibility ɾapi-server: Resource CRUD ɾscheduler:

    Resource Scheduling ɾkubelet: Container starts up ɾcontroller: Reconcile Resource Each component concentrates on its responsibilities. = There is no Orchestra conductor who controls the whole and gives instructions.

  33. Controller and Harmony In Kubernetes, each component works cooperatively… Do

    not mean Even if component is not commanded, the whole consistency is maintained. So… Let’s think of each component as a Single Controller. Each Controller concentrates on running each Control Loop. As a result, Strangely, you can see that Kubernetes is in harmony as a whole.

  34. Kubernetes is jazz improv Kubernetes is not an Orchestration. As

    jazz improv, by players(Controllers) concentrating on each plays(Control Loop), the whole is consisted of. Kubernetes is more jazz improv than orchestration. Joe Beda https://blog.heptio.com/core-kubernetes-jazz-improv-over-orchestration-a7903ea92ca Co-founder Core Kubernetes: Jazz Improv over Orchestration

  35. Why Controller executes Control Loop? When we think why Controller

    executes Control Loop, ʮEventʯis key factor. ※ e.g. Added, Modified, Deleted, Error… For Kubernetes, which consists of distributed components, Event is very important. It flows between each component. Reference: Events, the DNA of Kubernetes There are two way of how we think event triggers ɾEdge-driven Triggers ɾLevel-driven Triggers https://www.mgasch.com/post/k8sevents/

  36. Appendix) Edge vs. Level https://hackernoon.com/level-triggering-and-reconciliation-in-kubernetes-1f17fe30333d Reference: Level Triggering and Reconciliation

    in Kubernetes Edge-driven Triggers Level-driven Triggers Trigger when event occurs Trigger when in a specific state up down low high low

  37. In order to think that why controller executes control loop,

    we suppose Kubernetes takes Procedure process, not Reconcile. LJOEYYYYYYYYY NFUBEBUB OBNFYYYYYY TQFD ʜ Actual Kubernetes Assumption Reconcile Procedure Why Controller executes Control Loop?

  38. If Controller is Procedure $VSSFOUOVNCFS PG3FQMJDBT   ˢ 4DBMF6Q

     ˢ 4DBMFEPXO Controller takes Procedure process, the events are triggered as Edge-driven-trigger. This seems like no problem, but there are weaknesses. &WFOU

  39. If there is no Reconcile   When there is

    temporary network outage or bug, Event information is lost. 0VUBHF &WFOU $VSSFOUOVNCFS PG3FQMJDBT ˢ 4DBMF6Q ˢ 4DBMFEPXO

  40. Resync Interval and Reconcile    Controller Reconcile every

    time Resync Interval. So that Controller can bring the state closer to desired state. SFTZODJOUFSWBM &WFOU Kubernetes = Edge-driven Trigger + Level-driven Trigger 0VUBHF $VSSFOUOVNCFS PG3FQMJDBT ˢ 4DBMF6Q ˢ 4DBMFEPXO

  41. Components which support Controller ʙ Middle Level Architecture ʙ

  42. Terminology Kind: Kind is the kind of API Object(e.g. Deployment,

    Service) 
 Resource: Resource is used in the same meaning as Kind. This is used as HTTP Endpoint. Resource is expressed in lower case and plural form (e.g. pods, services) Object: An entity of created API Object. This is persisted in etcd.

  43. Library under the Controller client-go Informer Lister WorkQueue api-machinery runtime.Object

    Scheme code-generator Library Component Out of range to explain

  44. Appendix) Custom Controller SDK Kubebuilder Informer Framework Component Lister Operator

    SDK Library (High Level) controller-runtime controller-tools Library (Low Level) client-go api-machinery etc… Scheme runtime.Object WorkQueue etc…

  45. client-go: Kubernetes official client Library This is used to Kubernetes

    development api-machinery: Kubernetes API Object & Kubernetes API like Object Library e.g. conversion, decode, encode, etc… Controller manages API Object, so this is needed. code-generator: Informer, Lister, clientset, DeepCopy source code generator This is used to Custom Controller development mainly. Library under the Controller

  46. Component under Controller Detail of each component will be described

    later. Informer: Watch an Object Event and stores data to in-memory-cache Lister: Getter object data from in-memory-cache WorkQueue: Queue which store Control Loop item runtime.Object: API Object Interface Scheme: Associate Go Type with Kubernetes API Out of range to explain

  47. client-go Informer ʙ Low Level Architecture ʙ

  48. client-goͱInformer client-go Informer Library Component Reflector DeltaFIFO Indexer Store Lister

  49. Informer Informer watches Object Event(Added, Updated, Deleted…) When controller inquiries

    object status to api-server every time to monitor Object changes, api-server is high loaded. ὎ Informer stores object data to in-memory-cache. By Controller referring to cache, this problem is solved. $POUSPMMFS $POUSPMMFS *OGPSNFS in-memory-cache watch watch

  50. Appendix) Informer Sample Code func main() { ... clientset, err

    := kubernetes.NewForConfig(config) // Create InformerFactory informerFactory := informers.NewSharedInformerFactory(clientset, time.Second*30) // Create pod informer by informerFactory podInformer := informerFactory.Core().V1().Pods() // Add EventHandler to informer podInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: func(new interface{}) { log.Println("Added") }, UpdateFunc: func(old, new interface{}) { log.Println("Updated") }, DeleteFunc: func(old interface{}) { log.Println("Deleted") }, }) // Start Go routines informerFactory.Start(wait.NeverStop) // Wait until finish caching with List API informerFactory.WaitForCacheSync(wait.NeverStop) // Create Pod Lister podLister := podInformer.Lister() // Get List of pods _, err = podLister.List(labels.Nothing()) … } https://github.com/govargo/kubecontorller-book-sample-snippet/blob/master/02/podinformer/podinformer.go

  51. Appendix) Shared Informer When we use Informer, we don’t use

    Informer itself. Instead we use Shared Informer. Shared Informer shares same Resource in single binary. %FQMPZNFOU 3FQMJDB4FU %BFNPO4FU 4FSWJDF +PC ʜ 4IBSFE*OGPSNFSTIBSFEDBDIFGPSTBNFSFTPVSDF kube-controller-manager

  52. https://github.com/kubernetes/sample-controller/blob/master/docs/controller-client-go.md Reference: Informer and WorkQueue Overview

  53. 3FqFDUPS %FMUB'*'0 RVFVF -JTU8BUDI JONFNPSZDBDIF 4UPSF *OEFYFS -JTUFS (FUPS-JTU FH

    DPSFW1PE (FUPS-JTU 3FRVFTU *OGPSNFS )BOEMF%FMUBT Detail of Informer

  54. 3FqFDUPS %FMUB'*'0 RVFVF ᶃ-JTU"OE8BUDI JONFNPSZDBDIF 4UPSF *OEFYFS *OGPSNFS )BOEMF%FMUBT Detail

    of Informer ~Cache Flow~

  55. 3FqFDUPS %FMUB'*'0 RVFVF ᶄ1PQ JONFNPSZDBDIF 4UPSF *OEFYFS *OGPSNFS )BOEMF%FMUBT 8BUDI

    Detail of Informer ~Cache Flow~

  56. 3FqFDUPS %FMUB'*'0 RVFVF ᶅ)BOEMF%FMUB JONFNPSZDBDIF 4UPSF *OEFYFS *OGPSNFS )BOEMF%FMUBT 8BUDI

    Detail of Informer ~Cache Flow~

  57. 3FqFDUPS %FMUB'*'0 RVFVF ᶆJOEFYFS"EE JONFNPSZDBDIF 4UPSF *OEFYFS *OGPSNFS )BOEMF%FMUBT 8BUDI

    Detail of Informer ~Cache Flow~

  58. 3FqFDUPS %FMUB'*'0 RVFVF JONFNPSZDBDIF 4UPSF *OEFYFS *OGPSNFS )BOEMF%FMUBT 8BUDI ᶅ)BOEMF%FMUB

    ᶄ1PQ Detail of Informer ~Cache Flow~

  59. 3FqFDUPS %FMUB'*'0 RVFVF JONFNPSZDBDIF 4UPSF *OEFYFS *OGPSNFS )BOEMF%FMUBT 8BUDI ᶆJOEFYFS"EE

    Detail of Informer ~Cache Flow~

  60. 3FqFDUPS %FMUB'*'0 RVFVF JONFNPSZDBDIF 4UPSF *OEFYFS *OGPSNFS )BOEMF%FMUBT 8BUDI -JTUFS

    (FUPS-JTU 3FRVFTU Detail of Informer ~Cache Flow~

  61. 3FqFDUPS %FMUB'*'0 RVFVF JONFNPSZDBDIF 4UPSF *OEFYFS *OGPSNFS )BOEMF%FMUBT 8BUDI JOEFYFS(FU#Z,FZ

    PS JOEFYFS-JTU -JTUFS (FUPS-JTU 3FRVFTU Detail of Informer ~Cache Flow~

  62. Appendix) Informer cache Source Code ᶃ https://github.com/kubernetes/client-go/blob/release-13.0/tools/cache/reflector.go#L188 ᶄ https://github.com/kubernetes/client-go/blob/release-13.0/tools/cache/controller.go#L153 ᶅ

    https://github.com/kubernetes/client-go/blob/release-13.0/tools/cache/shared_informer.go#L455 ᶆ https://github.com/kubernetes/client-go/blob/release-13.0/tools/cache/shared_informer.go#L464

  63. Informer and Component Informer: Watch an Object Event and stores

    data to in-memory-cache Reflector: ListAndWatch api-server DeltaFIFO: FIFO Queue which enqueue object data temporarily Indexer: Getter / Setter for in-memory-cache Store: in-memory-cache Lister: Getter object data from in-memory-cache via Indexer

  64. client-go WorkQueue ʙ Low Level Architecture ʙ

  65. client-goͱWorkQueue client-go WorkQueue Library Component RateLimitingQueue DelayedQueue …

  66. WorkQueue WorkQueue is another queue different from DeltaFIFO. WorkQueue is

    used in order to store item of Contrl Loop. Reconcile will be executed as many times as the number stored in WorkQueue. Pure Controller enqueues item to WorkQueue when Event occurs. Event $POUSPMMFS Added Updated Deleted WorkQueue

  67. Appendix) WorkQueue Sample Code func main() { ... clientset, err

    := kubernetes.NewForConfig(config) // Create InformerFactory informerFactory := informers.NewSharedInformerFactory(clientset, time.Second*30) // Create pod informer by informerFactory podInformer := informerFactory.Core().V1().Pods() // Create RateLimitQueue queue := workqueue.NewRateLimitingQueue(workqueue.DefaultControllerRateLimiter()) // shutdown when process ends defer queue.ShutDown() // Add EventHandler to informer podInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: func(old interface{}) { var key string var err error if key, err = cache.MetaNamespaceKeyFunc(old); err != nil { runtime.HandleError(err) return } queue.Add(key) log.Println("Added: " + key) }, UpdateFunc: func(old, new interface{}) { … }, DeleteFunc: func(old interface{}) { … }, }) … } https://github.com/govargo/kubecontorller-book-sample-snippet/blob/master/02/workqueue/enqueuePod.go

  68. 3FqFDUPS %FMUB'*'0 RVFVF -JTU8BUDI 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS

    8PSL2VFVF 1SPDFTT *UFN $POUSPMMFS-PHJD *OGPSNFS &WFOU)BOEMFS Detail of WorkQueue

  69. 3FqFDUPS %FMUB'*'0 RVFVF 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS 8PSL2VFVF

    1SPDFTT *UFN *OGPSNFS &WFOU)BOEMFS &WFOU -JTU8BUDI $POUSPMMFS-PHJD Detail of WorkQueue ~Enqueue~

  70. 3FqFDUPS %FMUB'*'0 RVFVF 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS 8PSL2VFVF

    1SPDFTT *UFN *OGPSNFS &WFOU)BOEMFS ᶃ8BUDI $POUSPMMFS-PHJD Detail of WorkQueue ~Enqueue~

  71. 3FqFDUPS %FMUB'*'0 RVFVF 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS 8PSL2VFVF

    1SPDFTT *UFN *OGPSNFS &WFOU)BOEMFS 8BUDI ᶄ1PQ $POUSPMMFS-PHJD Detail of WorkQueue ~Enqueue~

  72. 3FqFDUPS %FMUB'*'0 RVFVF 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS 8PSL2VFVF

    1SPDFTT *UFN *OGPSNFS &WFOU)BOEMFS 8BUDI ᶅ "EE'VOD 6QEBUF'VOD %FMFUF'VOD $POUSPMMFS-PHJD Detail of WorkQueue ~Enqueue~

  73. 3FqFDUPS %FMUB'*'0 RVFVF 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS 8PSL2VFVF

    1SPDFTT *UFN *OGPSNFS &WFOU)BOEMFS 8BUDI namesapce/name e.g. default/nginx ᶆXPSLRVFVF"EE $POUSPMMFS-PHJD Detail of WorkQueue ~Enqueue~

  74. 3FqFDUPS %FMUB'*'0 RVFVF 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS 8PSL2VFVF

    1SPDFTT *UFN *OGPSNFS &WFOU)BOEMFS 8BUDI ᶅ "EE'VOD 6QEBUF'VOD %FMFUF'VOD $POUSPMMFS-PHJD Detail of WorkQueue ~Enqueue~

  75. 3FqFDUPS %FMUB'*'0 RVFVF 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS 8PSL2VFVF

    1SPDFTT *UFN *OGPSNFS &WFOU)BOEMFS 8BUDI ᶆXPSLRVFVF"EE $POUSPMMFS-PHJD Detail of WorkQueue ~Enqueue~

  76. 3FqFDUPS %FMUB'*'0 RVFVF 3FTPVSDF &WFOU )BOEMFS JONFNPSZDBDIF TUPSF *OEFYFS 8PSL2VFVF

    1SPDFTT *UFN *OGPSNFS &WFOU)BOEMFS 8BUDI ᶇXPSLRVFVF(FU $POUSPMMFS-PHJD Detail of WorkQueue ~Dequeue~

  77. Appendix) Informer enqueue Source Code ᶃ https://github.com/kubernetes/client-go/blob/master/tools/cache/reflector.go#L267 ᶄ https://github.com/kubernetes/client-go/blob/release-13.0/tools/cache/controller.go#L153 ᶅ


    https://github.com/kubernetes/client-go/blob/release-13.0/tools/cache/controller.go#L198 https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go#L153 ※ ReplicaSet Controllerͷ৔߹ ᶆ https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go#L417 ※ ReplicaSet Controllerͷ৔߹ ᶇ https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go#L438 ※ ReplicaSet Controllerͷ৔߹

  78. Appendix) Informer Resync Period Resync Period is option of InformerFactory.

    Informer watches object events to api-server. After Resync Period has passed, no matter what event has occurred, UpdateFunc is called back. As a result, Reconcile is executed again. ※This time, Resync refers in-memory-cache(not api-server). Resync(cache sync) and Relist(list from api-server) is different. informer.Start SFTZODQFSJPE List Watch Event Reflector Added Updated Updated Added AddFunc UpdateFunc AddFunc UpdateFunc Handler

  79. Controller’s Cycle Main Logic

  80. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS 8PSL2VFVF Controller’s Cycle Let’s

    confirm Reconcile flow. Informer + WorkQueue + Controller $POUSPMMFS $POUSPMMFS.BJO-PHJD

  81. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI 8PSL2VFVF ʲAssumptionʳ There

    is two pod in etcd. Update Event occurs from here. Controller’s Cycle

  82. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS 6QEBUF XBUDI 8PSL2VFVF Controller’s

    Cycle

  83. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI BEE'VOD VQEBUF'VOD EFMFUF'VOD

    ᶄ 8PSL2VFVF Controller’s Cycle

  84. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI ᶅXPSL2VFVF"EE 8PSL2VFVF Controller’s

    Cycle

  85. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI ᶅXPSL2VFVF"EE 8PSL2VFVF Controller’s

    Cycle

  86. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI ᶆXPSL2VFVF(FU 8PSL2VFVF Controller’s

    Cycle

  87. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI ᶆXPSL2VFVF(FU 8PSL2VFVF Controller’s

    Cycle

  88. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI ᶇ4ZOD)BOEMFS 3FDPODJMF 8PSL2VFVF

    Controller’s Cycle

  89. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI ᶈXPSL2VFVF'PSHFU ᶉXPSL2VFVF%POF When

    Reconcile finished successfully 5IF*UFNPG$POUSPM-PPQJTSFNPWFE GSPN8PSL2VFVFDPNQMFUFMZ 8PSL2VFVF Controller’s Cycle

  90. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI ᶇ`XPSL2VFVF"EE3BUF-JNJUFE When Reconcile

    ends with Error $POUSPMMFSSFRVFVFJUFNUP8PSL2VFVF "OE3FDPODJMFXJMMCFFYFDVUFEBHBJO 8PSL2VFVF Controller’s Cycle

  91. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS XBUDI ᶇ`XPSL2VFVF"EE3BUF-JNJUFE 8PSL2VFVF Controller’s

    Cycle When Reconcile ends with Error $POUSPMMFSSFRVFVFJUFNUP8PSL2VFVF "OE3FDPODJMFXJMMCFFYFDVUFEBHBJO

  92. *OGPSNFS 1SPDFTT *UFN 3FTPVSDF &WFOU )BOEMFS (Left Side of this

    slide) Every time an event occurs, items continue to store in WorkQueue. (Right Side of this slide) Controller processes items in WorkQueue and executes Reconcile. This loop continues endlessly until the Controller stops. 8PSL2VFVF Controller’s Cycle

  93. Controller’s Basic Strategy Read from In-memory-cache. Write to api-server. ※

    However if we update object in cache directly, it is very difficult to guarantee its consistency. So, we use DeepCopy(get clone data), when we update object. e.g. kubernetes/pkg/controller/replicaset/replica_set.go rs = rs.DeepCopy() newStatus := calculateStatus(rs, filteredPods, manageReplicasErr) // Always updates status as pods come up or die. updatedRS, err := updateReplicaSetStatus(rsc.kubeClient.AppsV1(). ὎ ReplicaSets(rs.Namespace), rs, newStatus) https://github.com/kubernetes/kubernetes/blob/release-1.15/pkg/controller/replicaset/replica_set.go#L611

  94. XPSLFS XPSLFS QSPDFTT/FYU8PSL*UFN TZOD)BOEMFS Controller’s Main Logic worker: Endless Loop

    of processNextWorkItem processNextWorkItem: Operate WorkQueue(Get, Add) and Call Reconcile Logic syncHandler: This is equal to Reconcile Logic Add TZOD)BOEMFS Update Delete Event Reconcile Reconcile regardless of Event Type

  95. Appendix) ReplicaSet Controller Soure Code worker: processNextWorkItem: syncReplicaSet: XPSLFS XPSLFS

    QSPDFTT/FYU8PSL*UFN TZOD3FQMJDB4FU https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go#L432 https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go#L437 https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go#L562 ReplicaSet Controller Kubernetes v1.16

  96. Appendix) Sync of in-memory-cache and etcd Informer synchronizes object data

    from etcd to in-memory-cache. You may think whether in-memory-cache data is different from data of etcd. It’s no problem. Object has resourceVersion.
 If resourceVersion of etcd and in-memory-cache is different, Error occurs when Controller updates object state. Controller requeue and Reconcile until Reconcile finishes successfully. Rv2 Rv1 Update Rv2 version too old Requeue Reconcile (retry)

  97. Terminology(review) Informer: Watch Object Event, and store object data to

    in-memory-cache Add items of Control Loop to WorkQueue via EventHandler Lister: Getter object data from in-memory-cache via Indexer WorkQueue: Queue which store items of Control Loop This items is target of Reconcile Logic. If error has occurs when Reconcile ends, Controller requeue item to WorkQueue. And Controller executes Reconcile again.

  98. Controller Summary

  99. Controller Summary ɾController realizes declarative API by Control Loop (Reconciliation

    Loop) ɾKubernetes has distributed component. Event associates each component. ɾclient-go, apimachinery, code-generator are Library for Controller. ɾInformer has two important role. ᶃ Store object data to in-memory-cache ᶄ Add items to WorkQueue via EventHandler ɾItems which are stored in WorkQueue is processed by Reconcile.

  100. Step up to Deep Dive ɾSample Controller ɾKubernetes/Kubernetes - Deployment

    Controller - ReplicaSet Controller ɾMake Custom Controller(+ CRD) Kubebuilder: https://book.kubebuilder.io/ Operator SDK: https://github.com/operator-framework/operator-sdk Link: https://github.com/kubernetes/sample-controller mkdir -p $GOPATH/src/k8s.io && cd $GOPATH/src/k8s.io && git clone https://github.com/kubernetes/sample-controller.git export GO111MODULE=on go build -o sample-controller . ./sample-controller -kubeconfig $HOME/.kube/config https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/deployment/deployment_controller.go https://github.com/kubernetes/kubernetes/blob/release-1.16/pkg/controller/replicaset/replica_set.go

  101. Thank you

  102. Reference

  103. Reference ɾWeb Article - https://kubernetes.io/docs/concepts/architecture/nodes/ - https://kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-api-machinery/controllers.md -

    A deep dive into Kubernetes controllers (https://engineering.bitnami.com/articles/a-deep-dive-into-kubernetes-controllers.html) - Core Kubernetes: Jazz Improv over Orchestration (https://blog.heptio.com/core-kubernetes-jazz-improv-over-orchestration-a7903ea92ca) - Events, the DNA of Kubernetes(https://www.mgasch.com/post/k8sevents/) ɾPresentation(Japanes) - Kubernete Meetup Tokyo #18 - Kubebuilder/controller-runtime ೖ໳ (https://www.slideshare.net/pfi/kubernete-meetup-tokyo-18-kubebuildercontrollerruntime) - KubernetesͷιʔείʔυϦʔσΟϯάೖ໳ (https://speakerdeck.com/smatsuzaki/kubernetesfalsesosukodorideinguru-men) ɾBook - Programming Kubernetes (https://programming-kubernetes.info/)

  104. Reference ɾRepository - Kubernetes(https://github.com/kubernetes/kubernetes) - Sample Controller(https://github.com/kubernetes/sample-controller) - client-go(https://github.com/kubernetes/client-go) -

    apimachinery(https://github.com/kubernetes/apimachinery) - codegenerator(https://github.com/kubernetes/code-generator) - what-happens-when-k8s(https://github.com/jamiehannaford/what-happens-when-k8s)