Kubernetes - Secret behind pod deletion
What happen when you delete the Pod (or any resources) from cluster?
Here's a step-by-step breakdown of what happens:
Kubectl Command Execution:
You execute the kubectl delete pod <pod-name> command in your terminal or command prompt.
Kubectl Interaction with API Server:
The kubectl tool communicates with the Kubernetes API Server to send the delete request.
It uses the Kubernetes API to interact with the cluster.
API Server Verification:
The API Server receives the delete request. It verifies that the user has the necessary permissions to delete the specified pod by checking the user's credentials and RBAC (Role-Based Access Control) permissions.
Pod Deletion Request Processing:
The API Server processes the pod deletion request and updates the desired state of the pod to indicate that it should be terminated.
The API Server doesn't immediately remove the pod; instead, it marks the pod for deletion.
Controller Manager Monitoring:
The Kubernetes Controller Manager continuously monitors the state of the cluster.
It detects that the desired state of the pod has changed and that the pod should be deleted.
Scheduler Handling:
If the pod is part of a higher-level controller like a ReplicaSet or Deployment, the Scheduler might create replacement pods to maintain the desired number of replicas.
This is to ensure that the application's availability isn't affected during the deletion process.
Kubelet Termination:
The Kubelet running on the node where the pod is located receives the updated pod state indicating deletion.
The Kubelet starts the termination process for the containers in the pod.
Graceful Termination:
The Kubelet sends termination signals (SIGTERM) to the containers in the pod, allowing them to perform any necessary cleanup and graceful shutdown.
The containers are given a certain amount of time to handle termination gracefully.
Termination Timeout:
If a container doesn't respond to the termination signal within a specified timeout, the Kubelet sends a termination signal (SIGKILL) to force the container to stop.
Pod Cleanup:
Once all containers in the pod have been terminated or forcefully stopped, the Kubelet updates the pod's status to indicate that it has been terminated and removes the pod's network namespace and associated resources.
API Server Update:
The Kubelet informs the API Server that the pod has been successfully terminated and removed.
kubectl Feedback:
The API Server response is relayed back to the kubectl tool, which displays relevant information to confirm the successful deletion of the pod.
In summary, the kubectl delete pod command triggers a series of steps involving the Kubernetes control plane components, node-level actions, and API interactions to gracefully terminate and remove the specified pod from the cluster.
When you forcefully delete a pod in Kubernetes, it means you're terminating the pod immediately without giving the containers within the pod a chance to perform graceful shutdown. This is achieved by sending a SIGKILL signal to the pod's containers, forcing them to stop abruptly. Here's what happens behind the scenes when you forcefully delete a pod:
Forceful Deletion Request:
You execute the kubectl delete pod <pod-name> --force command, indicating that you want to forcefully delete the pod.
Kubectl Interaction with API Server:
The kubectl tool communicates with the Kubernetes API Server to send the delete request with the --force flag.
API Server Verification:
The API Server receives the delete request with the --force flag. It verifies that the user has the necessary permissions to forcefully delete the specified pod.
Immediate Termination:
The API Server sends a termination signal (SIGKILL) to all containers within the pod. This signal immediately stops the containers without allowing them to perform any cleanup or graceful shutdown.
Pod Cleanup:
The Kubelet on the node where the pod is located removes the pod's network namespace and associated resources, as well as updates the pod's status to indicate that it has been terminated.
API Server Update:
The Kubelet informs the API Server that the pod has been forcefully terminated and removed.
kubectl Feedback:
The API Server response is relayed back to the kubectl tool, which displays relevant information to confirm the successful forced deletion of the pod.
It's important to note that forcefully deleting a pod might lead to data loss or incomplete transactions within the containers. This approach is typically used when a pod is unresponsive or malfunctioning and cannot be terminated gracefully. In most cases, it's recommended to attempt a graceful deletion first (without the --force flag) to give the containers a chance to shut down properly and perform cleanup actions.
Kindly refer my YouTube Video for more detail on this topic:
Post a Comment