Getty Images/iStockphoto
Get started with Kubernetes Cloud Controller Manager
Kubernetes Cloud Controller Manager is an optional tool used to manage cluster resources. Learn how it works, why you may want to use it and the basics for getting started.
There are scenarios where it's advantageous to allow Kubernetes to interact in specialized ways with specific cloud providers or other infrastructure platforms. For example, the ability to use an infrastructure provider's own APIs to manage nodes or set up load balancers can help Kubernetes to manage cluster resources more efficiently.
This is why Kubernetes offers Cloud Controller Manager, an optional feature that achieves deeper integration between Kubernetes and specific public or private cloud platforms that support Controller Manager.
In this tip, gain a better understanding of what Cloud Controller Manager is, how it compares to Kubernetes Controller Manager and how to get started.
What is Cloud Controller Manager in Kubernetes?
Cloud Controller Manager allows Kubernetes to manage some cluster resources using infrastructure providers' own APIs. The following are other controllers within the tool:
- Node controller. Updates Node objects when new servers are created in your cloud infrastructure.
- Route controller. Configures routes for communication between containers on different nodes in your Kubernetes cluster.
- Service controller. Interacts with the provider's APIs to set up load balancers and other infrastructure components when a Service resource needs them.
Cloud Controller Manager makes it possible to build a native interface between Kubernetes and the third-party APIs of infrastructure providers -- those include public and private providers that can host Kubernetes. For example, to deploy an infrastructure provider's managed load-balancing service for use within a Kubernetes cluster, start within Kubernetes using Cloud Controller Manager. Or use Cloud Controller Manager to manage VMs from an infrastructure provider that serve as nodes within the Kubernetes cluster. This is possible provided your cloud platform supports this feature within Cloud Controller Manager.
To take advantage of Cloud Controller Manager -- in order to integrate Kubernetes with a specific infrastructure platform -- the platform must support the Kubernetes cloud provider interface. All of the major public clouds offer this support. Private cloud platforms, like OpenStack, and any other infrastructure provider or platform can implement its own cloud provider interface to achieve compatibility with Cloud Controller Manager.
Cloud Controller Manager vs. Kubernetes Controller Manager
Much of the functionality that is now available through Cloud Controller Manager was implemented directly within Kubernetes Controller Manager, a core component of the Kubernetes control plane. To access the functionality, specify a cloud platform to use when starting Kubernetes Controller Manager.
However, with this approach, the code responsible for platform-specific integrations was baked into Kubernetes itself. This was inefficient because different infrastructure providers offer different APIs and features that can interface with Kubernetes. It didn't make sense to maintain all that code as a core part of Kubernetes when only some Kubernetes users required it. For example, Kubernetes integrations with AWS are only valuable for people who run Kubernetes clusters using AWS infrastructure.
By breaking out these integrations into Cloud Controller Manager, Kubernetes developers offer a way for users to deploy the integrations when they want them without requiring them to be available in all Kubernetes environments by default.
The shift to Cloud Controller Manager means that platform-specific Kubernetes integrations can now be managed "out of tree" because they rely on code that users can optionally deploy when they run Kubernetes without it being a requirement, whereas before they were "in tree" because they were part of the core Kubernetes code.
Who should use Cloud Controller Manager?
While Cloud Controller Manager is an optional Kubernetes component and is not required, it can simplify the administration of certain parts of the infrastructure that supports your Kubernetes clusters. You can manage resources within Kubernetes using your infrastructure provider's native APIs, rather than setting up those resources separately.
For example, with Cloud Controller Manager, you can create a load balancer for Kubernetes via a third-party managed load-balancing service. Likewise, Cloud Controller Manager can automatically detect network routes between nodes that are no longer in use and then delete them to save infrastructure resources.
How do I get started with Cloud Controller Manager?
To deploy Cloud Controller Manager, ensure that you don't specify the --cloud-provider flag when starting Kubernetes Controller Manager or Kubernetes API Server. If you do, Kubernetes uses the older, in-tree cloud provider interface, which Cloud Controller Manager replaces.
Next, deploy the Cloud Controller Manager binary within your cluster. The most common way to do this is to run it as a DaemonSet on a control plane node using a configuration like the following:
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
k8s-app: cloud-controller-manager
name: cloud-controller-manager
namespace: kube-system
spec:
selector:
matchLabels:
k8s-app: cloud-controller-manager
template:
metadata:
labels:
k8s-app: cloud-controller-manager
spec:
serviceAccountName: cloud-controller-manager
containers:
- name: cloud-controller-manager
# for in-tree providers we use registry.k8s.io/cloud-controller-manager
# this can be replaced with any other image for out-of-tree providers
image: registry.k8s.io/cloud-controller-manager:v1.8.0
command:
- /usr/local/bin/cloud-controller-manager
- --cloud-provider=azure
This code tells Kubernetes to run a container based on an image --registry.k8s.io/cloud-controller-manager:v1.8.0 -- that provides the Cloud Controller Manager binary. It also tells Kubernetes to use the Azure cloud provider interface. It is possible to change this option to any supported interface.