devops

day3: kube controller manager

Published: (December 9, 2025 at 08:34 PM EST)
2 min read
Source: Dev.to

Source: Dev.to

Overview

The Kube Controller Manager runs the various controllers that continuously monitor the state of components in a Kubernetes cluster and work to bring the system to its desired state.

Controllers

A controller is a process that watches the Kubernetes API server for changes and takes action to reconcile the current state with the desired state.

Node Controller

  • Monitors node status via the Kube API server.
  • Checks node heartbeats every 5 seconds.
  • If a heartbeat is missed, the node is marked unreachable after 40 seconds.
  • The node then has 5 minutes to recover; otherwise, pods are evicted and rescheduled onto healthy nodes (if they belong to a ReplicaSet).

ReplicaSet Controller

  • Ensures that the number of pods specified in a ReplicaSet is always maintained.
  • If pods are terminated or become unhealthy, the controller creates new pods to meet the desired replica count.

Packaging

All controllers are bundled into a single binary called the Kubernetes Controller Manager. Installing the manager automatically provides the built‑in controllers (node, replica, deployment, etc.).

Installation

  1. Download the appropriate release from the Kubernetes release page.
  2. Extract the archive.
  3. Run the binary as a system service (e.g., using systemd).
# Example: extract and start the controller manager
tar -xzf kubernetes-server-linux-amd64.tar.gz
sudo cp kubernetes/server/bin/kube-controller-manager /usr/local/bin/
sudo systemctl enable kube-controller-manager
sudo systemctl start kube-controller-manager

kubeadm Deployment

When using kubeadm, the controller manager is deployed as a static pod in the kube-system namespace. The manifest is placed in:

/etc/kubernetes/manifests/kube-controller-manager.yaml

Configuration Options

The controller manager offers numerous flags to customize behavior, such as:

  • --node-monitor-period=5s – interval between node status checks.
  • --node-monitor-grace-period=40s – time to wait before marking a node unreachable.
  • --pod-eviction-timeout=5m – duration before evicting pods from an unreachable node.

These flags can be added to the service definition or the static pod manifest.

Inspecting the Running Manager

If the controller manager is not managed by kubeadm, you can view its service configuration and running processes:

# List the systemd service file (example path)
cat /etc/systemd/system/kube-controller-manager.service
# Check the running process
ps -aux | grep kube-controller-manager

End of notes for day 3.

Back to Blog

Related posts

Read more »

day4: kube scheduler

Overview The Kubernetes scheduler decides which node each pod should run on. It does not place the pods itself; instead, it records the target node for each po...