Kubernetes Architecture

Aniket KurkuteAniket Kurkute
4 min read

Table of contents

"Kubernetes is an Orchestration Tool !!"

If you look at its logo, you'll notice a ship's wheel, also known as a 'helm,' which traditionally guides and controls a ship. Similarly, Docker's logo depicts a whale carrying containers on its back (Can be referred to as a Ship that carries containers).

In this analogy, just as a ship's wheel (helm) orchestrates and directs a ship, Kubernetes uses its helm to orchestrate the deployment, scaling, and management of containers. This is why Kubernetes is referred to as an "Orchestration Tool"

Kubernetes Architecture

The Kubernetes architecture is divided into two planes:

  1. The control plane

  2. The worker plane

The Control Plane

Components of control plane (Master):

  • API Server

    The API Server is the main point of contact in the entire Kubernetes architecture. The node components or the worker plane (explained later) will always communicate with the API Server. So, it serves as the central point of contact.

  • etcd cluster

    The etcd cluster is a type of storage that holds the current information of the worker nodes, such as the number of containers running in the pods. It stores this information as key-value pairs and is designed to be highly available.

  • Controller Manager

    The Controller Manager keeps track of the actual state and the desired state of containers in a node. It contacts the API Server to get the current state of a pod. The API Server then forwards this request to the etcd cluster. The etcd cluster returns the required information to the API Server, which then provides it to the Controller Manager. There are multiple components of the controller manager like Node Controller, Route Controller, Service Controller, Volume Controller.

  • Kube Scheduler

    The Kube Scheduler is responsible for executing the actions requested by the Controller Manager. Once the Controller Manager gets the necessary information from the etcd cluster through the API Server and finds that the current state does not match the desired state, it sends a request to the Kube Scheduler to adjust the containers, either by scaling up or down. This request to the Kube Scheduler also goes through the API Server, ensuring there is no direct contact between any components.

The Worker Plane

Components of worker plane (Minion):

  • Pod

    There are various container engines available in the market such as Docker Engine, containerd, Podman, etc. So Kubernetes not being biased towards any one container engine gives us a logical unit for container creation, that logical unit is called Pod. Every container engine is responsible for creating its containers in the pod itself.

  • Kubelet

    Kubetet controls the pods, it controls what is needed in the pod, and what is not (excess containers in case of upscaling). Kubelet interacts with etcd to store the current information of the worker node via the API server. So if Kubelete wants extra container to be spawned in the node, it will connect with the API Server(Control Plane), which will further update the etcd cluster, and then when the controller manager finds the actual state is not equal to the desired one then new containers will be spawned with the help of Kube Scheduler(Control Plane).

  • Kube Proxy

    Kube proxy manages the networking of a node. Each node has its own kube proxy. It maintains a set of network rules on each node, which are updated dynamically as services are added or removed.

    In Kubernetes, containers don't have their own IP addresses; only the pods that hold the containers have IP addresses. In the image above, I showed one pod containing multiple containers. However, in a production environment, each pod usually contains only one container, even though it can handle multiple. This is because the containers in the pods are tightly coupled, and a failure in one container may cause failures in others.

    When a client sends a request through a service, the service forwards the request to the node. The kube proxy on that node intercepts the request, checks the IP tables for the destination endpoint, and routes the request accordingly.

  • Container Engine

    The container engineer works with kubelet, it plays its role while pulling of images, starting and stopping containers, exposing the containers on the port as specified in the manifest files.

Important Points

  1. In Kubernetes, all the things desire by the user is provided through a manifest file(.yml).

  2. A pod is a group of containers, whereas a cluster is a group of nodes.

  3. A cluster has atleast one worker node and a master node.

  4. If you are working on cloud then the controller manager will be Cloud-Controller Manager and if you are working on on-premise or physical hardware then the controller manager will be Kube-Controller Manager.

  5. etcd cluster is not only highly available but is also fast with the capability to handle 10,000 writes per second.

0
Subscribe to my newsletter

Read articles from Aniket Kurkute directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Worker planeKubernetescontainersDockerOrchestrationorchestration-platformcontrol planekubeletkubeproxyarchitectureDiagram

Written by

Aniket Kurkute
Aniket Kurkute