Skip to main content

Kubernetes directory structure and process on Control Plane / Master

Kubernetes directory structure and process on Control Plane / Master:

Kubelet environment file - /var/lib/kubelet/kubeadm-flags.env
Kubelet configuration file - /var/lib/kubelet/config.yaml
Certificate directory folder - /etc/kubernetes/pki
Kube config directory - /etc/kubernetes
admin config file - /etc/kubernetes/admin.conf
kube config file - /etc/kubernetes/kubelet.conf
control manager config file - /etc/kubernetes/controller-manager.conf
scheduler config file - /etc/kubernetes/scheduler.conf
Manifest directory - /etc/kubernetes/manifests
Cluster store - /etc/kubernetes/manifests
/etc/kubernetes/manifests/etcd.yaml 
/etc/kubernetes/manifests/kube-apiserver.yaml 
/etc/kubernetes/manifests/kube-controller-manager.yaml 
/etc/kubernetes/manifests/kube-scheduler.yaml
/etc/kubernetes/pki:

Has following key, crt files and one directory for etcd
apiserver.crt apiserver.key ca.crt  front-proxy-ca.crt front-proxy-client.key
apiserver-etcd-client.crt  apiserver-kubelet-client.crt  ca.key  front-proxy-ca.key      sa.key
apiserver-etcd-client.key  apiserver-kubelet-client.key  etcd    front-proxy-client.crt  sa.pub
/etc/kubernetes/pki/etcd:
Has following files
ca.crt  ca.key  healthcheck-client.crt  healthcheck-client.key  peer.crt  peer.key  server.crt  server.key

Containerd directory : /var/lib/containerd
Installation create pods

  • kube-apiserver
  • kube-controller-manager
  • kube-scheduler
kube-system Namespace - store kubeadm-config, kubelet-config-1.18
kube-public Namespace - cluster-info
Token: 2folj8.j7pq6glnjuy

K8s APISERVER process:
kube-apiserver --advertise-address=<ControlPlane_IP_Address>
--allow-privileged=true --authorization-mode=Node,RBAC --client-ca-file=/etc/kubernetes/pki/ca.crt
--enable-admission-plugins=NodeRestriction --enable-bootstrap-token-auth=true
--etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
 --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key --etcd-servers=https://127.0.0.1:2379
 --insecure-port=0 --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
 --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key
 --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
 --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt
 --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key
 --requestheader-allowed-names=front-proxy-client
 --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
 --requestheader-extra-headers-prefix=X-Remote-Extra-
 --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User
 --secure-port=6443 --service-account-key-file=/etc/kubernetes/pki/sa.pub
 --service-cluster-ip-range=10.96.0.0/12 --tls-cert-file=/etc/kubernetes/pki/apiserver.crt
 --tls-private-key-file=/etc/kubernetes/pki/apiserver.key
K8s SCHEDULER process:
kube-scheduler --authentication-kubeconfig=/etc/kubernetes/scheduler.conf
--authorization-kubeconfig=/etc/kubernetes/scheduler.conf --bind-address=127.0.0.1
--kubeconfig=/etc/kubernetes/scheduler.conf --leader-elect=true
K8s CONTROl-MANAGER process:
kube-controller-manager --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
--authorization-kubeconfig=/etc/kubernetes/controller-manager.conf --bind-address=127.0.0.1
--client-ca-file=/etc/kubernetes/pki/ca.crt --cluster-name=kubernetes
--cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt --cluster-signing-key-file=/etc/kubernetes/pki/ca.key
--controllers=*,bootstrapsigner,tokencleaner --kubeconfig=/etc/kubernetes/controller-manager.conf
--leader-elect=true --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
--root-ca-file=/etc/kubernetes/pki/ca.crt --service-account-private-key-file=/etc/kubernetes/pki/sa.key
--use-service-account-credentials=true
K8s etcd process:
etcd --advertise-client-urls=https://<ControlPlane_IP_Address>:2379
--cert-file=/etc/kubernetes/pki/etcd/server.crt --client-cert-auth=true --data-dir=/var/lib/etcd
--initial-advertise-peer-urls=https://<ControlPlane_IP_Address>:2380
--initial-cluster=
<ControlPlane_HostName>=https://<ControlPlane_IP_Address>:2380
--key-file=/etc/kubernetes/pki/etcd/server.key
--listen-client-urls=https://127.0.0.1:2379,https://<ControlPlane_IP_Address>:2379
--listen-metrics-urls=http://127.0.0.1:2381 --listen-peer-urls=https://<ControlPlane_IP_Address>:2380
--name=
<ControlPlane_HostName> --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
--peer-client-cert-auth=true --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
--peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt --snapshot-count=10000
--trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
K8s KUBELET process:
/usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf
--config=/var/lib/kubelet/config.yaml --cgroup-driver=cgroupfs --network-plugin=cni
--pod-infra-container-image=k8s.gcr.io/pause:3.2
K8s KUBE-PROXY process:
/usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=<ControlPlane_Hostname>

Containerd processes: Several Docker containerd processes.
containerd-shim -namespace moby -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/moby/01a30ed6cf52f098168ff18b0fc4ef5f5a87fd7923e075cb25e74326a2c4095c \
-address /run/containerd/containerd.sock -containerd-binary /usr/bin/containerd
-runtime-root /var/run/docker/runtime-runc

K8s Networking processes:
WEAVE Launch Script:
/bin/sh /home/weave/launch.sh
WEAVER:
/home/weave/weaver --port=6783 --datapath=datapath --name=a6:95:c6:85:a6:ef --host-root=/host
--http-addr=127.0.0.1:6784 --metrics-addr=0.0.0.0:6782 --docker-api= --no-dns
--db-prefix=/weavedb/weave-net --ipalloc-range=10.32.0.0/12 --nickname=
<ControlPlane_Hostname>
--ipalloc-init consensus=0 --conn-limit=200 --expect-npc
Kube Utils:
/home/weave/kube-utils -run-reclaim-daemon -node-name=
<ControlPlane_Hostname> -peer-name=a6:95:c6:85:a6:ef
-log-level=debug
WEAVE NPC:
/usr/bin/weave-npc

Kubernetes process on Node:

WEAVE Launch Script:
/bin/sh /home/weave/launch.sh

WEAVER:
 /home/weave/weaver --port=6783 --datapath=datapath --name=3e:ad:e3:5c:0a:67 --host-root=/host --http-addr=127.0.0.1:6784 --metrics-addr=0.0.0.0:6782 --docker-api= --no-dns --db-prefix=/weavedb/weave-net --ipalloc-range=10.32.0.0/12 --nickname=<Node_HostName> --ipalloc-init consensus=1 --conn-limit=200 --expect-npc <ControlPlane_IP_Address>
 Kube Utils:
 /home/weave/kube-utils -run-reclaim-daemon -node-name=<Node_HostName> -peer-name=3e:ad:e3:5c:0a:67 -log-level=debug
 

 

Comments

Popular posts from this blog

MySQL InnoDB cluster troubleshooting | commands

Cluster Validation: select * from performance_schema.replication_group_members; All members should be online. select instance_name, mysql_server_uuid, addresses from  mysql_innodb_cluster_metadata.instances; All instances should return same value for mysql_server_uuid SELECT @@GTID_EXECUTED; All nodes should return same value Frequently use commands: mysql> SET SQL_LOG_BIN = 0;  mysql> stop group_replication; mysql> set global super_read_only=0; mysql> drop database mysql_innodb_cluster_metadata; mysql> RESET MASTER; mysql> RESET SLAVE ALL; JS > var cluster = dba.getCluster() JS > var cluster = dba.getCluster("<Cluster_name>") JS > var cluster = dba.createCluster('name') JS > cluster.removeInstance('root@<IP_Address>:<Port_No>',{force: true}) JS > cluster.addInstance('root@<IP add>,:<port>') JS > cluster.addInstance('root@ <IP add>,:<port> ') JS > dba.getC...

MySQL slave Error_code: 1032 | MySQL slave drift | HA_ERR_KEY_NOT_FOUND

MySQL slave Error_code: 1032 | MySQL slave drift: With several MySQL, instance with master slave replication, I have one analytics MySQL, environment which is larger in terabytes, compared to other MySQL instances in the environment. Other MySQL instances with terabytes of data are running fine master, slave replication. But this analytics environment get started generating slave Error_code :1032. mysql> show slave status; Near relay log: Error_code: 1032; Can't find record in '<table_name>', Error_code: 1032; handler error HA_ERR_KEY_NOT_FOUND; the event's master log <name>-bin.000047, end_log_pos 5255306 Near master section: Could not execute Update_rows event on table <db_name>.<table_name>; Can't find record in '<table_name>', Error_code: 1032; Can't find record in '<table_name>', Error_code: 1032; handler error HA_ERR_KEY_NOT_FOUND; the event's master log <name>-bin.000047, end_l...

InnoDB cluster Remove Instance Force | Add InnoDB instance

InnoDB cluster environment UUID is different on node: To fix it stop group replication, remove instance (use force if require), add instance back Identify the node which is not in sync: Execute following SQL statement on each node and identify the node has different UUID on all nodes. mysql> select * from mysql_innodb_cluster_metadata.instances; Stop group replication: Stop group replication on the node which does not have same UUID on all nodes. mysql > stop GROUP_REPLICATION; Remove instances from cluster: Remove all secondary node from the cluster and add them back if require. $mysqlsh JS >\c root@<IP_Address>:<Port_No> JS > dba.getCluster().status() JS > dba.getCluster () <Cluster:cluster_name> JS > var cluster = dba.getCluster("cluster_name"); JS >  cluster.removeInstance('root@<IP_Address>:<Port_No>'); If you get "Cluster.removeInstance: Timeout reached waiting......" JS > cluster.removeInstance(...