Kubernetes kubelet manages pod core process

Let's see pod worker Details of our work .

kubelet Its own synloop, Is to monitor pod The state of change , This pod The state of changes is one by one pod Of update, Or is it add event , After receiving these events , It will save the event updateoption Inside , So different worker, stay kubelet There are multiple worker, Every worker Will get these from the queue pod List of change events .

And then for each pod, It's going to execute sync pod The operation of ,sync pod The most important behavior inside is computepodactions, That is for this pod What kind of behavior , It will compare the container processes that are already running on the current node , Then judge and say , If pod It's new I'll just create, If pod It's already there , For instance, delete event , Then I should delete , If it is an update event , Then I have to judge the running container process and your current pod Is it a match , For example, if its hash value changes , Then I will rebuild , This is it. computepodactions The things that were done .

After it is finished, it needs to pass cri The interface of , Go to create These processes , perhaps kill These processes .

There is also a component on the right called pleg, It's mainly pod lifecycle event An aggregator of , Namely pod After running , The left part above is used to manage pod Life cycle of , After management pod How to report the status of , So it's through pleg Components to report .

It's in pleg One is maintained in the component pod cache, It has a local cache , This pleg Will go regularly container runtime Send one inside list The operation of , To get the current node pod List of , Running pod detailed list , Then here we will put all currently running pod State in pleg It's a meeting here , from pleg adopt pod lifecycle event Send back and report to apiserver,apiserver That end knows this node All above the node pod The state of .

If contained runtime No response , that relist Will fail ,relist Failure , Then these statuses cannot be reported , Then the final status cannot be reported , that kubernets You will think that there is something wrong with your whole node .

therefore runtime Itself does not respond , Then this node will become abnormal .

And that is bug, Exit the container gc Didn't do a good job , There are tens of thousands of exit container There? ,pleg Go with runtime relist these container When , He will traverse all the containers that have exited , It will take a very long time , It cannot return the list of all containers in time , Did not return within the specified time , So the whole pleg The operation of timed out , Then the state of the whole node will change .