Kubernetes Architecture Overview

Hey… 🫶 Welcome Back………………….🤞

Kubernetes Architecture Overview

Kubernetes is a powerful platform designed to manage containerized applications across a cluster of machines. It enables automated deployment, scaling, and management of application containers and ensures applications run as expected with minimal manual intervention. Kubernetes achieves this through a set of core components that work together to maintain the desired state of the system.

Image Source : Kubernetes official documentation.

Let’s take a real-time example to explain and better understand the concepts:

Consider a company that manages several applications used by its customers. These applications need to be scalable, reliable, and easy to manage. To achieve this, the company decides to use Kubernetes, which automates the deployment, scaling, and management of containerized applications.

Kubernetes Cluster Overview

The Kubernetes cluster is like the central hub where all the company’s applications run. This cluster consists of worker nodes (which do the heavy lifting by running the applications) and a master node (which orchestrates and manages the entire system).

📌Worker Nodes

The worker nodes in Kubernetes are the machines, whether physical servers or virtual machines, that run the company’s applications inside pods. For instance, the company might run its web servers, databases, and background jobs across several worker nodes, ensuring that everything operates smoothly.

• Kubelet: Each worker node has a kubelet, a small software agent responsible for making sure the applications (containers) run as instructed by the master node. Imagine that a new version of the company’s web server needs to be deployed. The kubelet on each worker node will ensure the web server’s container is updated and runs correctly.
• Container Runtime: Behind the scenes, the container runtime (like Docker or ContainerD) is what pulls the web server’s container image and runs it. If the company needs to scale up, new instances of the web server can quickly be started.
• Kube-proxy: Each node also has a kube-proxy, which manages the network rules to ensure that the different services in the company’s applications can talk to each other. For example, if the web server on one node needs to connect to a database on another node, kube-proxy ensures that the network traffic flows properly.

📌Master Node (Control Plane)

The master node acts as the brain of the Kubernetes cluster. It manages everything, from scheduling applications to be run on worker nodes to ensuring that each part of the system operates as it should.

• API Server: This is the main gateway for interacting with the Kubernetes cluster. Every time the company’s development team makes a change, like deploying a new service, they use a tool like kubectl, which talks to the API server. The API server validates requests, checks the current state of the system, and updates it based on new instructions.
• ETCD: ETCD is like the cluster’s memory. It stores every bit of information about the system, such as what applications are running, their configurations, and more. So, when the company’s development team deploys a new version of their application, this information is stored in ETCD, ensuring consistency and reliability across the system.
• Kube-Scheduler: This component is responsible for deciding where new applications (pods) should run. For example, if the company needs to launch a new instance of its web server, the kube-scheduler looks at all the available worker nodes and chooses the one with enough resources (CPU, memory) to handle the new workload. It also considers any policies like affinity rules that might dictate which node the web server should run on.
• Kube-Controller-Manager: The controller manager is responsible for ensuring that the system remains in the desired state. For instance, if a worker node crashes, the controller manager’s Node Controller will notice and shift the running applications to other nodes. If a specific service needs to maintain a certain number of running instances, the Replication Controller ensures that if one of the web servers crashes, a new one is automatically started.
• Cloud Controller Manager: For companies using cloud providers like AWS or Google Cloud, the Cloud Controller Manager handles cloud-specific tasks. For example, if a virtual machine (node) running on the cloud provider crashes, the cloud controller manager works with the provider’s API to check if the machine has been deleted or can be replaced. It also manages cloud load balancers to ensure external customers can always access the company’s services.

Let’s look into the architecture in detail to understand each component and its role within the system more thoroughly.

📌Worker Nodes

• Function: Worker nodes are the machines (physical or virtual) that actually run the containerized applications. Each worker node hosts one or more pods, which are the smallest deployable units in Kubernetes and encapsulate application containers. The worker nodes handle tasks like running, monitoring, and managing the pods.

Key Components on Worker Nodes:

◼️Kubelet: The kubelet is an agent running on every worker node. Its primary responsibility is to ensure that containers are running in the pods as instructed by the control plane. The kubelet communicates with the API server to receive instructions about which pods to run. It monitors the health of the pods and reports their status back to the master node.

◼️Container Runtime: The container runtime is the software responsible for pulling container images and running containers. Popular container runtimes include Docker, ContainerD, and CRI-O. The kubelet uses the container runtime to manage the containers within the pods.

◼️Kube-proxy: The kube-proxy runs on each node and manages network rules, allowing communication between pods and services. It ensures that network traffic is directed appropriately to the backend pods based on the service definitions.

📌Master Node (Control Plane)

• Function: The master node, also known as the control plane, manages the entire Kubernetes cluster. It is responsible for monitoring the state of worker nodes, scheduling applications (pods) onto worker nodes, and handling cluster-wide configurations. It oversees the overall orchestration of containers within the cluster.

Key Components of the Master Node:

◼️Kube-apiserver:

• The API server acts as the main interface for Kubernetes. It processes and validates all administrative requests (such as those made using kubectl or other tools) and coordinates with other components to maintain the cluster’s desired state.
• The API server is responsible for exposing the Kubernetes API, which is used by other control plane components, external users, and automation systems to interact with the cluster. It also serves as the gateway for communication between internal components.

◼️ETCD:

• ETCD is a distributed, reliable key-value store that holds the entire cluster’s state. This includes information about nodes, pods, configurations, secrets, accounts, roles, and more.
• Every operation and state change in the cluster is recorded in ETCD. For example, when a new pod is deployed or when a node is added, the API server updates this information in the ETCD datastore. The system relies on ETCD to ensure that the desired state of the cluster is persisted and maintained over time.

◼️Kube-scheduler:

• The scheduler is responsible for assigning pods to nodes. When a new pod is created, the scheduler determines the best node for the pod to run on, based on various factors like available resources (CPU, memory), node capacity, and policies such as affinity/anti-affinity rules, taints, and tolerations.
• The scheduler operates in two phases: filtering and scoring. In the filtering phase, it eliminates nodes that do not meet the pod’s requirements (e.g., insufficient resources). In the scoring phase, it ranks the remaining nodes to determine the best fit for the pod. The scheduler then informs the API server about the decision.

◼️Kube-Controller-Manager:

• The Kube Controller Manager is responsible for running various controllers that ensure the desired state of the Kubernetes cluster. While each controller can run as an independent process, Kubernetes simplifies management by compiling them into a single binary and running them as a single process.
• The controller manager continuously monitors the cluster’s state and responds to changes, ensuring that the cluster operates according to the desired configuration. It manages several controllers, each with its own responsibilities.

✔ Types of Controllers:

1. Node Controller: Detects when nodes go down or become unresponsive and responds to maintain cluster availability.
2. Job Controller: Monitors Job objects and creates Pods to complete one-off tasks.
3. EndpointSlice Controller: Manages EndpointSlice objects to link Services with their corresponding Pods.
4. ServiceAccount Controller: Automatically creates default ServiceAccounts for new namespaces to handle access control.
5. Replication Controller: Ensures the specified number of replicas for a Pod are running, creating new Pods if any fail.
6. Deployment Controller: Manages the lifecycle of Deployments, ensuring application updates roll out smoothly across multiple Pods.

◼️Cloud-controller-manager:

• The Cloud Controller Manager is responsible for integrating Kubernetes with cloud provider APIs. It manages cloud-specific control logic, allowing Kubernetes to interact with cloud-based resources like virtual machines and load balancers. Like the Kube Controller Manager, it combines multiple controllers into a single process to reduce complexity.
• The cloud controller manager is optional for clusters that do not run in a cloud environment. It only manages controllers that are relevant to the cloud provider in use.

✔ Types of Controllers with Cloud Dependencies:

1. Node Controller: Works with the cloud provider to detect if a node has been deleted after it stops responding.
2. Route Controller: Sets up network routes in the cloud infrastructure to ensure proper traffic flow.
3. Service Controller: Manages cloud provider load balancers for Kubernetes Services, ensuring external traffic is routed correctly.

When setting up a Kubernetes cluster, there are various approaches that can be taken, each with its own set of procedures and complexities.

One approach involves manually configuring the cluster from scratch. In this method, critical components such as the API server, ETCD, and controller manager must be installed on the master node by the user. This requires not only downloading and configuring the necessary binaries but also setting up ETCD as a service. Additionally, it is crucial to ensure that proper certificates are in place to facilitate secure communication among the different components of the cluster.

Alternatively, Kubernetes can be deployed using tools like kubeadm. This approach streamlines the installation process by automating the deployment of essential components. With kubeadm, the various components of the Kubernetes control plane are deployed as pods within the cluster, significantly simplifying the overall setup. This method also promotes adherence to best practices, ensuring that the cluster is configured in a way that enhances security and performance.

Thank you for exploring this with me! 🫰🫰🫰