Kubernetes Architecture

Kubernetes follows a client-server architecture that separates management and workload execution into distinct layers. It is composed of a control plane (master node) and one or more worker nodes.

The control plane is typically installed on a single Linux system, while worker nodes are deployed across multiple Linux machines.

The control plane manages the overall cluster state and orchestrates workloads.

The worker nodes execute containerized applications and report their status back to the control plane.

Kubernetes Components Overview
Kubernetes is made up of several key components, each serving a specific purpose. These components fall into two main categories:

Control Plane Components – Responsible for managing the cluster and making global decisions (like scheduling).

Node Components – Responsible for running application workloads (containers and pods).

Control Plane Components
The control plane acts as the “brain” of the Kubernetes cluster, maintaining the cluster’s desired state, scheduling workloads, and responding to events. It runs the following critical services:

1. Kube-API Server The API Server is the entry point for all administrative operations on the cluster.

It exposes the Kubernetes API, serving as the communication hub between the cluster and external tools like kubectl.

All REST requests—such as creating, deleting, or scaling pods—must go through the API Server.

It validates and processes these requests, then forwards them to the appropriate components (e.g., scheduler, controller).

Essentially, it acts as the gateway and gatekeeper of the cluster.

1. Kube-Scheduler The Scheduler assigns newly created pods to nodes based on resource availability and constraints.

It considers multiple factors such as CPU, memory, affinity/anti-affinity rules, and node taints/tolerations.

The goal is to ensure optimal pod placement for performance, efficiency, and fault tolerance.

1. Kube-Controller-Manager The Controller Manager runs various controllers that continuously monitor the cluster’s state and reconcile it with the desired state. Some key controllers include:

Replication Controller – Ensures that the correct number of pod replicas are running.

Node Controller – Monitors node health and updates their status.

Endpoint Controller – Manages endpoint objects that link services and pods.

These controllers maintain the control loops that keep Kubernetes self-healing and stable.

1. etcd etcd is a distributed key-value store used to persist all cluster data, such as configuration details, resource definitions, and cluster state changes.

It acts as the single source of truth for Kubernetes.

If a node fails or restarts, etcd ensures the cluster can recover to its previous state.

Node Components
Worker nodes are where containers actually run. Each node hosts one or more pods, and each pod encapsulates one or more containers.

Every node includes three primary components:

1. Container Runtime
   This is the software responsible for running containers inside pods.
   Common runtimes include Docker, containerd, and CRI-O.
   It pulls container images, starts containers, and manages their execution lifecycle.

2. Kubelet
   The kubelet is the primary agent on each node.

It communicates with the control plane via the API Server.

It ensures that containers are running as specified in the pod manifests.

If a container crashes or fails a health check, kubelet automatically restarts it.

Essentially, kubelet keeps the node aligned with the desired state defined by Kubernetes.

1. Kube-Proxy Kube-proxy handles network communication between services and pods.

It maintains network rules on nodes to enable pod-to-pod and external communication.

It implements service discovery and load balancing by routing traffic to the correct backend pods.

Add-on Plugins
Kubernetes add-ons enhance cluster functionality and are usually deployed as native Kubernetes resources such as DaemonSets or Deployments within the kube-system namespace.

Some commonly used add-ons include:

CoreDNS – Provides DNS-based service discovery within the cluster.

KubeVirt – Enables running and managing virtual machines alongside containers.

ACI (Application Containerization Interface) – Supports cross-environment container integration and portability.

Calico – Offers high-performance, policy-driven networking and security for Kubernetes clusters.

Common Kubectl Commands
Here are some frequently used kubectl commands for interacting with a Kubernetes cluster:

Task Command Description
List all pods kubectl get pods Displays all running pods in the current namespace.
List all nodes kubectl get nodes Shows all nodes that are part of the cluster.
List all services kubectl get services Displays all services running within the cluster.
Summary
In summary, Kubernetes architecture is a modular, scalable, and self-healing system designed to automate container orchestration at scale.

The control plane maintains the cluster’s overall health and desired state.

The worker nodes run the actual workloads.

Add-ons extend functionality, and kubectl serves as the primary interface for cluster management.