Chintan Boghara

Understanding Kubernetes Architecture: Key Components and Their Roles

A Comprehensive Guide to Mastering Kubernetes for Scalable and Reliable Application Management

Chintan Boghara's photo
Chintan Boghara
·

5 min read

Understanding Kubernetes Architecture: Key Components and Their Roles

Table of contents

Kubernetes (K8s) is a powerful open-source platform that automates the deployment, scaling, and management of containerized applications. Its architecture is modular, with different components working together to create a scalable, reliable, and flexible system for managing workloads. This document explores the main components of Kubernetes, their roles, and how they interact to keep a Kubernetes cluster running smoothly.

Master Node Components

The master node is the control center of Kubernetes, responsible for managing the cluster's state. It includes components that handle scheduling, coordination, and overall orchestration of the cluster.

a. API Server (kube-apiserver)

  • Purpose: The API server acts as the frontend for the Kubernetes control plane.

  • Role: It offers a RESTful interface to interact with the cluster, enabling communication between users, components, and external systems.

  • Usage: It manages authentication, validation, and processing of API requests, which are stored in etcd for managing the cluster's state.

b. etcd

  • Purpose: A distributed key-value store that holds the cluster's state and configuration.

  • Role: Serves as the single source of truth for the cluster.

  • Usage: Stores all data related to the cluster, including information on nodes, pods, configurations, and more.

c. Controller Manager (kube-controller-manager)

  • Purpose: Runs controllers that manage the state of the cluster.

  • Role: Ensures that the desired state of the cluster matches the actual state by performing tasks like scaling and self-healing.

  • Controllers:

    • Node Controller: Monitors the status of nodes.

    • Replication Controller: Ensures the correct number of pod replicas are running.

    • Endpoint Controller: Manages the endpoint objects for services.

    • Service Account & Token Controllers: Manage access tokens and service accounts.

d. Scheduler (kube-scheduler)

  • Purpose: Assigns workloads (pods) to nodes in the cluster.

  • Role: Chooses the best node for a pod based on resource availability, affinity/anti-affinity rules, and other policies.

  • Usage: Ensures balanced resource use and follows deployment constraints.

Diagram illustrating a Kubernetes architecture. It features a Control Plane with etcd, API Server, Controller Manager, and Scheduler. The Worker Node has Kubelet, which interfaces with Docker for container runtime. Images are pulled from an Image Store.

Node Components

Worker nodes are responsible for running the actual application workloads. Each worker node has components that help communicate with the master node and manage containerized applications.

a. Kubelet

  • Purpose: An agent running on each node that ensures containers are running as expected.

  • Role: Communicates with the API server and manages containers through the container runtime.

  • Usage: Regularly reports the node’s status to the master and ensures the desired state of pods on the node.

b. Container Runtime

  • Purpose: Software responsible for running containers.

  • Role: Supports containerized applications by managing their lifecycle.

  • Examples: Docker, containerd, CRI-O.

c. Kube-proxy

  • Purpose: A network proxy running on each node that manages networking rules.

  • Role: Helps communication between pods and services both inside and outside the cluster.

  • Usage: Maintains network rules to let services connect to endpoints (pods) and supports load balancing.

Cluster Add-ons

These are optional components that enhance the functionality of Kubernetes clusters.

a. DNS (CoreDNS)

  • Purpose: Provides DNS services within the cluster.

  • Role: Facilitates service discovery by translating service names into IP addresses.

  • Usage: Automatically resolves service-name.namespace.svc.cluster.local URLs.

b. Dashboard

  • Purpose: A web-based UI for managing Kubernetes clusters.

  • Role: Offers an intuitive interface for monitoring, troubleshooting, and managing resources.

  • Usage: Allows users to visualize workloads, nodes, and cluster health.

c. Ingress Controller

  • Purpose: Manages external access to services within the cluster.

  • Role: Facilitates HTTP and HTTPS routing to services.

  • Usage: Implements load balancing, SSL termination, and virtual hosting.

d. Monitoring Tools

  • Examples: Prometheus, Grafana.

  • Purpose: Monitor cluster performance and resource utilization.

  • Role: Collect metrics, visualize data, and trigger alerts.

e. Logging Tools

  • Examples: Fluentd, Elasticsearch, Kibana.

  • Purpose: Aggregate and manage logs from pods and nodes.

  • Role: Centralize logging for easier troubleshooting and debugging.

Networking in Kubernetes

Networking is a key part of Kubernetes, making sure that pods, services, and external systems can connect with each other. Kubernetes networking relies on these concepts:

a. Pod-to-Pod Communication

  • All pods in a cluster can communicate with each other without needing NAT.

b. Service Networking

  • Services make pod workloads accessible both inside and outside the cluster.

c. Network Policies

  • Set rules for pod communication to improve security and compliance.

Security Components

a. Role-Based Access Control (RBAC)

  • Purpose: Manages access permissions for users and services.

  • Role: Ensures secure access to cluster resources.

b. Secrets

  • Purpose: Stores sensitive information like passwords and API keys.

  • Role: Provides secure and encrypted storage for credentials.

c. Pod Security Policies (PSPs)

  • Purpose: Enforce security rules on pods.

  • Role: Restrict privileged containers and define allowed capabilities.

Cluster Maintenance and Management

a. kubectl

  • Purpose: A CLI tool for interacting with Kubernetes clusters.

  • Usage: Perform administrative tasks like scaling, updating, and troubleshooting.

b. Helm

  • Purpose: A Kubernetes package manager.

  • Role: Simplifies application deployment using reusable charts.

c. Operators

  • Purpose: Automate complex application lifecycle management.

  • Role: Extend Kubernetes functionality for specific use cases.

How Components Work Together

  1. A user deploys an application by submitting a YAML manifest to the API server.

  2. The API server validates and stores the configuration in etcd.

  3. The scheduler assigns the workload to an appropriate node.

  4. The controller manager ensures the desired state is maintained.

  5. Kubelet on the node starts the required containers using the container runtime.

  6. Kube-proxy manages networking, enabling communication between pods and services.

  7. Add-ons like monitoring and logging tools offer insights into cluster operations.

Kubernetes has a modular and flexible architecture, making it easy to manage complex workloads. Knowing the components and their roles is essential for managing, troubleshooting, and optimizing Kubernetes clusters. By using these components well, organizations can create a scalable and reliable infrastructure for their applications.

References

  1. Kubernetes Official Documentation – Comprehensive documentation covering all aspects of Kubernetes, including architecture, components, and operations.

    https://kubernetes.io/docs/home/

  2. Kubernetes Components Overview – A detailed guide on the key components of Kubernetes and how they interact.

    https://kubernetes.io/docs/concepts/overview/components/

  3. CoreDNS in Kubernetes – Learn how CoreDNS provides DNS services in Kubernetes clusters.

    https://coredns.io/

  4. Prometheus and Grafana for Kubernetes Monitoring – A tutorial on setting up Prometheus and Grafana for monitoring Kubernetes clusters.

    https://prometheus.io/docs/prometheus/latest/getting_started/

    https://grafana.com/docs/grafana/latest/getting-started/

  5. Kubernetes Networking Guide – A deep dive into Kubernetes networking, including pod communication, services, and network policies.

    https://kubernetes.io/docs/concepts/cluster-administration/networking/

DevopsCloudDevSecOpsSREPlatform Engineering Kuberneteskubernetes architecture