Kubernetes Steps of an API Request
Links: 111 KodeCloud Index
Recommended Reads:  Admission Controllers  
Steps of an API Request¶
- Details on what happens when we submit a request to the k8s API:  
- When we do a k applycommand then the yaml file is converted to JSON by kubectl and then sent to the API server.
- The first component of the API server is the API HTTP Handler.- It is an HTTP server listening for requests.
 
- The second component of the API server is Authentication.- It checks if the user or the service account should be allowed to access the cluster.
 
- The third component of the API server is Authorization (RBAC).- This checks if the user or the service account can list, delete, create resources in the cluster.
- This is where RBAC rules are evaluated.
 
- The fourth component of the API server is Mutation Admission Controller.- It looks at our YAML and modifies/mutates it.
- For example if we forget to add the default storage class to our yaml then the mutation admission controller will add it.
 
- The fifth component of the API server is Schema Validation.- It validates if the resource we have sent has a valid schema. Basically checking if the yaml is valid or not.
 
- The sixth component of the API server is Validation Admission Controller.- It comes in when we try to deploy a pod in a namespace that DOES NOT exist.
 
 
- To read more on validating or mutating admission controller read this.
If we manage to pass the Validation Admission Controller then our yaml file is saved in etcd.
- Examples of custom admission controllers:
References¶
Last updated: 2023-05-11
