Kubernetes Architecture
Kubernetes is a container orchestration system designed to automate deployment, scaling, and operations of application containers. Its architecture is divided into several key components and is structured around a control plane and worker nodes.
1. Control Plane Components
The control plane manages the worker nodes and the Pods in the cluster, making global decisions (like scheduling) and responding to cluster events (e.g., restarting a failed Pod).
1.1 API Server
The API server acts as the front end for Kubernetes, providing the interface for users, management devices, and command-line interfaces to interact with the cluster.
1.2 Etcd
Etcd is a distributed, reliable key-value store that stores all data used to manage the cluster. It ensures consistency and handles leader elections during network partitions.
1.3 Scheduler
The scheduler is responsible for distributing workloads across nodes. It assigns newly created Pods to suitable nodes based on resource requirements, constraints, and policies.
1.4 Controllers
The controllers maintain the desired state of the system by making decisions to bring up new Pods when necessary. They monitor the state of the cluster and act when containers or nodes fail.
1.5 Cloud Controller Manager
The Cloud Controller Manager runs the various controllers in Kubernetes as a single process. Some key controllers include:
- Node controller: Handles actions when nodes go down.
- Job controller: Manages one-off tasks and ensures Pods complete them.
- Endpoints controller: Joins Services and Pods by updating the Endpoints object.
- Service Account and Token controllers: Create default accounts and access tokens.
2. Node Components
Worker nodes run the actual applications in the form of Pods and provide the Kubernetes runtime environment. Key components include:
2.1 Kubelet
The Kubelet is an agent that runs on each node, ensuring that the containers are running as specified by the control plane. It constantly communicates with the API server.
2.2 Kube-proxy
The kube-proxy is a network proxy that runs on each node, implementing the Kubernetes Service concept. It manages network rules to allow communication between Pods and external systems.
2.3 Container Runtime
The container runtime is responsible for running containers. Supported runtimes include Docker, containerd, CRI-O, and any implementation of the Kubernetes Container Runtime Interface (CRI).
3. Master vs Worker Node
The master node runs the control plane components like the API server, etcd, and scheduler. It controls the entire Kubernetes cluster.
Worker nodes run application workloads in Pods, managed by the control plane.
4. Kubernetes Components Overview
Control Plane Summary:
- API server: Front end for Kubernetes.
- Etcd: Stores cluster state.
- Scheduler: Distributes workloads.
- Controllers: Ensure the system’s desired state is maintained.
- Cloud Controller Manager: Runs various controllers.
Worker Node Summary:
- Kubelet: Manages Pod lifecycle on each node.
- Kube-proxy: Ensures network communication for Pods.
- Container Runtime: Runs the containers.
5. Imperative vs Declarative Configuration
Kubernetes supports both imperative (manually specifying operations) and declarative (specifying the desired state and letting the system manage it) approaches to managing resources.
6. Microservices in Kubernetes
In a microservices architecture:
- Frontend and backend services are deployed as separate Pods.
- Backend Pods (databases) are often exposed only internally via the
ClusterIPservice. - Frontend Pods (web servers) can be exposed externally using the
NodePortorLoadBalancerservice types.