Kubernetes Configuration Synchronization Mechanism
Synchronization Mechanism
The configuration synchronization process of Kubernetes can be divided into two stages: Initialization Stage and Synchronization Stage.
Initialization Stage: When OpenResty Edge Admin just starts, it initializes the Kubernetes configuration monitoring manager. In the scenario of starting multiple Edge Admin instances, only the Edge Admin that gets the lock will monitor the Kubernetes configuration.
Synchronization Stage: The listener manager will regularly start the listener, each Kubernetes cluster will start two listeners (for example, in the case of three Kubernetes clusters, there will be six listeners), which will listen to the related events of
/api/v1/watch/servicesand/api/v1/watch/endpointsand process them.
Event Processing
Currently, we support processing the following events:
Endpoint Addition Event
Event Type:
ADDEDTriggering Time:
- When connecting to the Kubernetes watch interface for the first time.
- When exposing the deployment (creating service), for example, using the command
kubectl expose deployment/test-hello.
Event Handling: Edge Admin will update the upstream node information corresponding to the pod on Kubernetes.
Event Source:
/api/v1/watch/endpointsEvent Example:
{ "type": "ADDED", "object": { "apiVersion": "v1", "kind": "Endpoints", "metadata": { "name": "test-hello", "namespace": "default", ... }, ... } }
Endpoint Modification Event
Event Type:
MODIFIEDTriggering Time:
- When scaling up or down the pod, this event will be triggered.
- When deleting the deployment, for example, using the command
kubectl delete deployment test-hello.
Event Handling: Edge Admin will update the upstream node information corresponding to the pod on Kubernetes.
Event Source:
/api/v1/watch/endpointsEvent Example:
{ "type": "MODIFIED", "object": { "apiVersion": "v1", "kind": "Endpoints", "metadata": { "name": "test-hello", "namespace": "default", ... }, ... } }
Service Addition Event
Event Type:
ADDEDTriggering Time: This event will be triggered after adding the service.
Event Handling: Edge Admin will add the corresponding DNS record.
Event Source:
/api/v1/watch/servicesEvent Example:
{ "type": "ADDED", "object": { "kind": "Service", "metadata": { "name": "test-hello", "resourceVersion": "3686", "namespace": "default", ... }, "apiVersion": "v1", "spec": { "selector": { "app": "test-hello" }, "ports": [ { "port": 80, "protocol": "TCP", "nodePort": 30476, "targetPort": 80 } ], "clusterIPs": [ "10.68.181.72" ], ... } } }
Service Modification Event
Event Type:
MODIFIEDTriggering Time: This event will be triggered after modifying the service, for example using the command
kubectl edit svc test-hello.Event Handling: Edge Admin will modify the corresponding DNS record.
Event Source:
/api/v1/watch/servicesEvent Example:
{ "type": "MODIFIED", "object": { "kind": "Service", "metadata": { "name": "test-hello", "namespace": "default", ... }, "apiVersion": "v1", "spec": { "selector": { "app": "test-hello" }, "clusterIP": "10.68.181.72", "ports": [ { "port": 80, "name": "http", "protocol": "TCP", "nodePort": 30476, "targetPort": 80 }, { "port": 88, "name": "http2", "protocol": "TCP", "nodePort": 30478, "targetPort": 88 } ], "clusterIPs": [ "10.68.181.72" ], ... } } }
Service Deletion Event
Event Type:
DELETETriggering Time: This event will be triggered after deleting the service.
Event Handling: Edge Admin will delete the corresponding DNS record.
Event Source:
/api/v1/watch/servicesEvent Example:
{ "type": "DELETED", "object": { "kind": "Service", "metadata": { "name": "test-hello", "namespace": "default", ... }, "apiVersion": "v1", "status": { "loadBalancer": [] }, "spec": { "selector": { "app": "test-hello" }, "clusterIP": "10.68.217.25", "ports": [ { "port": 81, "protocol": "TCP", "nodePort": 31183, "targetPort": 81 } ], "clusterIPs": [ "10.68.217.25" ], ... } } }
Error Code Explanation
During the configuration synchronization process, there may be listening errors or event handling failures. Here are explanations of all error codes:
| Error Code | Key | Description |
|---|---|---|
| 1 | ERR_WORKER_EXITING | The worker process is exiting |
| 2 | ERR_CONFIG_DELETE | Kubernetes configuration has been deleted |
| 3 | ERR_CONFIG_UPDATE | Kubernetes configuration has been updated |
| 4 | ERR_NOT_MASTER | The current process is not the master |
| 5 | ERR_MAX_RUNTIME | Reading response body from Kubernetes cluster timed out |
| 6 | ERR_PARSE_DOMAIN | Failed to parse Kubernetes cluster domain |
| 7 | ERR_CONNECT_FAILED | Failed to connect to Kubernetes cluster |
| 8 | ERR_SSL_HANDSHAKE | SSL handshake with Kubernetes cluster failed |
| 9 | ERR_REQUEST_URI | Failed to send request to Kubernetes cluster |
| 10 | ERR_REQUEST_DENIED | Request was denied by Kubernetes cluster |
| 11 | ERR_REQUEST_STATUS | Kubernetes cluster returned an unexpected response status code (not 200) |
| 12 | ERR_READ_BODY | Failed to read response body from Kubernetes cluster |
Frequently Asked Questions
What is the delay of Kubernetes configuration synchronization?
Events in Kubernetes will be processed in a merged way, with a merging window of 1 second, so the configuration synchronization usually has a delay of about 1 second. For example, if Edge Admin receives two pod change event notifications from the same deployment within 1 second, Edge Admin will combine the two notifications and make one configuration change after 1 second.
Will Kubernetes configuration be fully synchronized?
When starting the watcher, you will immediately receive the
ADDEDtype events of service and endpoint in the Kubernetes cluster, and then fully synchronize the corresponding configuration.Will changes to Kubernetes pod result in release records in Edge Admin?
Due to the frequent changes in Kubernetes, Edge Admin does not record release logs, but there will be audit logs.
When will watchers be added and deleted?
After adding the Kubernetes configuration to Edge Admin, the watcher will be restarted regularly to prevent coroutine resource leakage. After deleting the Kubernetes configuration from Edge Admin, the corresponding watcher will be recycled.
If the configuration does not change, will the received events still be processed?
When Edge Admin receives an event from the Kubernetes cluster, it will compare the related configurations. If the configuration does not change, it will not update the upstream, etc.