Kube proxy

Kube Proxy

Routes traffic on each node based on its iptables and changes in Services
Usually system level installed

What

What is Kube-proxy in Kubernetes?

Kube-proxy is a network proxy that runs on each node in a Kubernetes cluster. It maintains network rules on nodes, allowing network communication to your Pods from network sessions inside or outside of the cluster.

Why

Why does Kube-proxy need to watch for changes?

Kube-proxy needs to watch for changes to ensure it has up-to-date information about Services and Endpoints, which is necessary to correctly route traffic to the appropriate Pods.

How

How does Kube-proxy watch for changes?

Kube-proxy watches for changes using the Kubernetes API. Specifically, it watches for changes to Service and Endpoints resources.

API Watch: Kube-proxy establishes a watch on the Kubernetes API server for updates to Services and Endpoints.
Reconcile: When a change is detected, Kube-proxy reconciles the current state with the desired state.
Update Rules: Kube-proxy updates the network rules on the node to ensure that traffic is routed correctly.

Process Details:

Watch Services and Endpoints: Kube-proxy subscribes to updates from the Kubernetes API server. When a Service or Endpoints object is added, updated, or deleted, kube-proxy receives a notification.
Sync Rules: Based on the changes, kube-proxy updates the IP tables or IPVS rules to ensure that traffic to the Service is directed to the correct Pods.
Maintain Network Rules: Kube-proxy continuously monitors and maintains these rules to reflect the current state of the cluster.

How to verify Kube-proxy is watching for changes?

You can check the logs of the kube-proxy to see if it is receiving updates and applying changes.

Example command:

kubectl logs -n kube-system <kube-proxy-pod-name>

This command will show logs from the kube-proxy Pod, where you can see entries indicating it is processing updates to Services and Endpoints.

When

When does Kube-proxy apply updates?

Kube-proxy applies updates whenever there are changes to Services or Endpoints. This can happen due to:

Pod addition or removal: When Pods are started or stopped, or their labels change.
Service creation, update, or deletion: When Services are created, modified, or deleted.
Node changes: When nodes are added or removed from the cluster, affecting routing.

#Kubernetes #KubeProxy #Networking #ServiceDiscovery #ClusterManagement #DevOps #ContainerOrchestration #NetworkingController