Kubernetes Architecture

Sudipa DasSudipa Das
5 min read

Kubernetes work as a cluster. Kubernetes architecture is built around a master-slave model. The master will take care of everything i.e. processing, deployment, scheduling etc. Slavers will work on whatever master will allot them. All the containers will run on slaves and the Master will control them.

Kubernetes mainly has two parts-

  1. Control Plane (Master Node)

  2. Data Plane (Worker Node)

Component of Control Plane (Master node)

i.Kube-API server

ii.ETCD Cluster

iii.Kube-Scheduler

iv.Kube-Controller Manager

Let's discuss what are these components.

KUBE-API SERVER:

This component is the heart of the Kubernetes or core component of Kubernetes. It takes all the requests from the external world. It exposes the Kubernetes API. It is the front end of the Kubernetes control Plane and is used to deploy and execute all the operations in Kubernetes. It is a common gateway for all the commands that execute inside the commands that execute inside the cluster.

It is used to authenticate users, validate requests, Retrieve data, update and communicate with other components of the cluster.

ETCD:

It is a highly distributed key-value store, which is used to store all the information related to nodes, pods, configs, secrets, binding etc. It is only accessible by the Kubernetes API server, as it has sensitive Information. All passwords, and authentication tokens are stored in it. And it is accessible by all the nodes.

Kube-Scheduler:

The scheduler takes care of the scheduling of all processes, dynamic resource Management and manages present and future events on the cluster.

Responsible for scheduling the pods on the nodes. It just decides which pod to place on which node band on the CPU, RAM, and resources on the Node.

Kube-Controller Manager:

The controller manager runs all the controllers on the Kubernetes cluster. It continuously monitors various components of the cluster and works toward managing/restoring to the desired state.

Although each controller is a separate process, but to reduce complexity, all the controllers are compiled into a single process.

They are as follows: Node Controller, Replication Controller, Namespace Controller, service accounts controller etc.

Node Controller: It is responsible for onboarding new nodes to cluster handling situations where nodes become unavailable or get destroyed to keep the application running. it communicates with kube-Apiserver and manages nodes. It generally checks every 5 seconds. If it stops receiving signals from a nod, before marking that node to unreachable it waits for 40 seconds and then marks it as "unreachable". Once it will mark unreachable it waits for 5 minutes to come back up if it doesn't it remoes the PODs assigned to that node and provisions them on the healthy nodes if the PODs are part of the replica set.

Replication Controller: It is responsible for monitoring the status of the replica set and ensuring that desired no. of Pods are available at the required time. If a POD dies it will create another POD.

Component of Data Plane (Worker node)

Container Runtime Engine

You need to install a container Runtime into each node in a cluster so that PODs can run there. Docker is a popular container runtime engine, but Kubernetes supports other runtimes that are compliant with Open Container Initiative, including CRI-O, container-d, and Dockershim. Dockershim has been removed recently as of release 1.24.

kubelet

Each node contains a kubelet, which is a small application that can communicate with the Kubernetes control plane. The kubelet is responsible for ensuring that containers specified in pod configuration are running on a specific node, and manages their lifecycle. It executes the actions commanded by your control plane.

kube-proxy

All compute nodes contain kube-proxy, a network proxy that facilitates Kubernetes networking services. It handles all network communications outside and inside the cluster, forwarding traffic or replying on the packet filtering layer of the operating system. It provides you with networking and load-balancing capabilities. It uses IPtables in Linux Machines.

Kubernetes Components:

Kubernetes has several components that work together to enable the management of containerized workloads. These components include:

*POD

  1. The smallest unit in Kubernetes.

  2. POD is a group of one or more containers that are deployed together on the same host.

  3. A Cluster is a group of nodes.

  4. A Cluster has at least one worker node and a master node.

  5. In Kubernetes, the control unit is the pod, not the containers.

  6. Consist of one or more tightly coupled containers.

  7. POD runs on a node, which is controlled by the master.

  8. Kubernetes only knows about PODS (does not know about individuals container).

  9. Cannot start containers without a POD.

  10. One Pod usually contains one container.

*Replica sets

To prevent users from losing access to the app, the replication controller gives high availabilities.

Help in load balancing and scaling.

*Deployment

Pods deploy single instances of an application.

Deployment allows updating the pod's infrastructure with Replicas, Rolling updates, etc.

*Services

Helps us connect our applications with other applications/databases etc.

Services enable pods to communicate with each other and with the outside world

*ConfigMaps:

A ConfigMap is a Kubernetes resource that is used to store configuration data for an application. It enables the separation of application configuration from the application code, making it easier to manage and update the configuration.

*Secrets:

A Secret is a Kubernetes resource that is used to store sensitive data like passwords, API keys, and certificates. Secrets are encrypted and stored in etcd, ensuring that the sensitive data is secure.

*Kubectl

A command line tool used to communicate with a Kubernetes cluster's control plane.

Creates the live object for the configuration.

If this post was helpful, please follow and click the ๐Ÿ’š button below to show your support.

_ Thank you for reading!

_Sudipa

1
Subscribe to my newsletter

Read articles from Sudipa Das directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Sudipa Das
Sudipa Das

DevOps || Git || Terraform || Cloud | Linux | Shell Scripting | Splunk | Kubernetes | Docker || Jenkins