Skip to main content

IT Theory: Core Components of the Kubernetes Architecture

717 words·
Kubernetes
Table of Contents

This is a basic overview of the main components that build a Kubernetes cluster.

Kubernetes Cluster Main Components
#

Control Plane
#

  • Manages the Kubernetes cluster and the workloads running on them.

  • Includes the Kube-API-Server, Etcd, Kube-Scheduler, and Kube-Controller-Manager.


Controller Node / Control Plane Node
#

  • Physical or virtual machine that runs the components of the control plane.

  • In an high-availability setup multiple controller nodes are running copies of the control plane components (like kube-apiserver, etcd, etc.)


Worker Node
#

  • Runs containerized workloads.

  • Each node is managed by the Kubelet, an agent that receives commands from the control plane.



Control Plane Main Components
#

Kube-APIserver
#

  • The API server is the brain of Kubernetes.

  • Provides an API that serves as the front end of a Kubernetes control plane.

  • All components, users, and external systems talk to it, when they need to interact with Kubernetes (like creating or deleting pods).

  • For example a command via Kubectl goes to the API server: The API server processes it, validates it, and updates the cluster’s state via etcd.


Etcd
#

  • Etcd is a distributed key-value store that contains the cluster’s configuration and state.

  • Etcd stores all the critical data about the Kubernetes cluster, like cluster nodes, pods, roles, policies & secrets.

  • Etcd stores data as key-value pairs. Each piece of information (like a pod or a service) is represented as a key with associated data / the value.


Kube-Scheduler
#

  • Decides where new pods should run in the cluster.

  • When a new pod is created, it is assigned to a node, based on available resources, policies, and constraints.


Kube-Controller-Manager
#

  • Manages the controllers, which are the processes that monitor the state of the cluster and make sure it matches the desired state.

  • For example, the replication controller ensures the right number of pod replicas are running. If one pod fails, it creates a new one.



Worker Node Main Components
#

Note: Depending on the Kubernetes cluster, the following components are also used on the controller nodes.

Container Runtime
#

  • Engine that runs the containers. It pulls the container image and runs it inside an isolated environment.

  • Container Runtime Interface (CRI): Kubernetes uses the CRI to communicate with any compatible container runtime.


Different Container Runtimes:

  • Docker: The most well-known container runtime, also used with the Docker Platform. In the early days of Kubernetes, Docker was the default runtime, but Kubernetes has moved toward a more general solution for container runtimes.

  • Containerd: A lightweight runtime originally developed as part of Docker but now a standalone project. It’s highly compatible with Kubernetes and is often used as a replacement for Docker because of its simplicity and performance.

  • CRI-O: A runtime specifically designed for Kubernetes. It implements the Kubernetes Container Runtime Interface (CRI), making it tightly integrated and optimized for Kubernetes.

  • gVisor: A sandboxed runtime designed for better security, it isolates containers with more protection at the cost of some performance.


Kubelet
#

  • Its job is to make sure containers are running properly.

How it works:

  • It gets it’s instructions from the Kubernetes control plane, like where to run a Pod, it interacts with the container runtime to launch and manage those containers.

  • It constantly monitors the health of the containers and reports back to the control plane.


Kube-Proxy
#

  • Responsible for networking at the Service level

  • Routing traffic to the right pod when a service is accessed.


Container Networking Interface Plugins (CNI)
#

  • Responsible for networking at the Pod level

  • Assignes IP addresses to pods and enabling pods to communicate with each other across nodes.


CNI plugins used in Kubernetes

Cilium:

  • Performs packet filtering, forwarding and load balancing at the kernel level, without needing traditional IP routing or iptables for networking.

  • High performance & primary designed for Kubernetes clusters.

Calico:

  • Uses traditional Linux networking based on IP Routing and iptables for managing container traffic and enforcing network policies.

Note: This are the only ones I have used so far.



Other Kubernetes Components
#

Kubectl
#

  • CLI tool for interacting with the Kubernetes cluster by sending commands to the Kube-Apiserver.

Kubeadm
#

  • Kubeadm is a tool that simplifies the process of setting up a Kubernetes cluster.

Cloud-Controller-Manager
#

  • Used for cloud-based, managed Kubernetes clusters on

  • Interacts with cloud provider (AWS, Azure, GCP,…) to create load balancers, attaching storage and ensuring node health through cloud APIs.