Kubernetes Architecture

This section explains the architecture and key components of Kubernetes, focusing on how the control plane and worker nodes operate together.

• Control Plane Components:

  • kube-apiserver
  • etcd
  • kube-scheduler
  • kube-controller-manager
  • cloud-controller-manager

• Worker Node Components:

  • kubelet
  • kube-proxy
  • Container Runtime

Note: The diagram below represents the architecture of Kubernetes clusters and components.

Control Plane

• kube-apiserver:

  • The API server is the entry point for all administrative tasks in a Kubernetes cluster. It handles RESTful API requests from users and cluster components.
  • It performs authentication, authorization, and resource management by interfacing with etcd.

• etcd:

  • A highly available and distributed key-value store that stores all cluster data, including the configuration, state, and metadata of Kubernetes objects like pods, services, etc.
  • It ensures that any update made to the cluster is stored and accessible across all control plane components.

• kube-scheduler:

  • The scheduler is responsible for assigning new pods to available nodes. It considers various constraints, like resource requirements and policies, to ensure pods are efficiently placed.

• kube-controller-manager:

  • This component runs the core control loops that watch for changes in cluster state. If the desired state does not match the actual state, it takes corrective action.
  • It manages built-in controllers like Deployment, ReplicaSet, and Job.

• cloud-controller-manager:

  • This controller manages integration with cloud provider APIs (e.g., AWS, GCP). It ensures that resources like load balancers and storage are provisioned based on cloud-specific requirements.

Worker Nodes

• kubelet:

  • The kubelet is the agent that runs on each worker node. It ensures containers are running in pods and reports the node and pod status to the control plane.
  • It interacts with the container runtime to manage containers.

• kube-proxy:

  • Kube-proxy runs on every worker node to manage network rules and ensure proper routing of traffic to pods.
  • It supports communication between different services within the cluster and external traffic.

• Container Runtime:

  • The container runtime, such as containerd or Docker, is responsible for pulling container images and managing the container lifecycle within pods.

Architecture Flow

• User Request: When a user interacts with Kubernetes (e.g., deploying an application), they send a request to the kube-apiserver using kubectl.
• API Server Interaction: The API server processes the request and records changes in etcd. If a new pod needs to be created, the API server passes this information to the scheduler.
• Scheduler Action: The scheduler selects a suitable worker node and assigns the pod to it.
• Node Operations: The kubelet on the selected worker node pulls the container image using the container runtime, starts the pod, and continuously monitors its health.
• Networking: Kube-proxy manages the network rules to ensure the pod is accessible based on the assigned service.

References

• For more detailed explanations, you can refer to the official Kubernetes documentation.
• Credits: Kubernetes Architecture