Above image is kubernetes official image from k8s offficial website. Lets redesign the kubernetes architecture components in such a way that we can get the deep architecture knowledge. Below image is designed with the following assumptions:
- We can use AWS cloud provider service.
- Kubernetes worker nodes can be deployed in EC2 Instance.
Kubernetes architecture can be devided into following parts:
A. Control plane
B. Worker Nodes
A. Control plane:
Control plane also called as Master nodes. Control plane decides how container can manage and orchestrate in the k8s cluster. It has following components:
- Kube-api Server
- Kube-Scheduler
- ETCD
- kube-controller Manager
- Cloud-controller Manager
Lets see each component one by one.
1. Kube-api Server:
- It is crucial components of control plane.
- It acts as a frontend interface of kubernetes control plane.
- It exposes the Kubernetes API, which allows users, administrators, and other components to interact with the Kubernetes cluster.
- Various operations such as creating or managing pods, services, namespaces etc are carried out through the kube-api Server.
- It is designed in such a way that it can scale horizontally. You can run several instances of kube-api server and balance traffic between those instances.
- Factors taken into an account while scheduling decisions includes are as follows:
- Individual and collective resource requirements
- Hardware/software/policy constraints
- Affinity and anti-affinity specifications
- Data locality
- Inter-workload interference
- Deadlines
2. Kube-scheduler:
- This component is responsible for scheduling pods onto available nodes within the cluster.
- It plays a critical role in optimizing resource utilization and ensuring that pods are placed on appropriate nodes based on various factors and policies.
- kube-scheduler is a “single point of truth” for pod scheduling decisions.
- Once it schedules a pod to a specific node, it updates the Kubernetes API server with this information, which ensures that all components of the cluster have consistent knowledge about the pod’s location.
3. ETCD:
- It serves as a distributed key-value store used to store all kubernetes backing store data.
- It is responsible for storing and managing the configuration data and the state of the Kubernetes cluster.
- It is an Seprate database used to ensure high availability, consistency, and reliability of cluster-wide information.
- It ensures that the entire cluster maintains a consistent view of its configuration and state, thereby enabling the reliable and scalable operation of the platform.
4. Kube-controller Manager:
- It runs the controller process
- It is one of the core components that make up the Kubernetes control plane
- It is designed to be highly available and runs as a set of independent processes on the master node(s) of the Kubernetes cluster.
- Each controller runs as a separate goroutine, making it scalable and efficient.
- Controller Manager continuously monitors the state of the cluster, makes necessary adjustments to ensure the desired state is achieved, and helps maintain the system’s overall health and stability.
Some of the essential controllers managed by the Controller Manager include:
- ReplicaSet Controller
- Deployment Controller
- StatefulSet Controller
- DaemonSet Controller
- Job Controller: Watches for Job objects that represent one-off tasks, then creates Pods to run those tasks to completion.
- CronJob Controller
- Namespace Controller
- Node controller: Responsible for noticing and responding when nodes go down
- ServiceAccount controller: Create default ServiceAccounts for new namespaces.
Above list of node controller is not the full list. Please check the official documentation.
5. Cloud controlled Manager:
- It is control plane compoents that embeds the cloud-specific control logic.
- The cloud control manager links your k8s cluster to cloud provider APIs.
- It separates out the components that interact with that cloud platform from components that only interact with your cluster.
- It only runs controllers that are specific to your cloud provider.
For Example, If we use AWS cloud Provider to setup kubernetes service on AWS then cloud-controlled manager runs the controller which is only required for AWS cloud Provider.
The following controllers can have cloud provider dependencies:
- Node controller: For checking the cloud provider to determine if a node has been deleted in the cloud after it stops responding
- Route controller: For setting up routes in the underlying cloud infrastructure
- Service controller: For creating, updating and deleting cloud provider load balancers
B. Worker Node:
1. Kubelet:
- It is an agent running on each node.
- It is responsible for interacing with the k8s master to manage containers and pod scheduled on that node.
- It ensures that the containers specified in the pods are running and healthy.
2. Container Runtime (CRI):
- It is responsible for pulling container images from a container registry and running the containers based on the specifications defined in the pod.
- Â It is responsible for managing the execution and lifecycle of containers within the Kubernetes environment.
- It supports CRI runtime such as cri-containerd, CRI-O, rktlet, frakti, singularoty-cri. (k8s official runtume list)
3. Kube-Proxy:
- kube-proxy is a network proxy that runs on each node in your cluster.
- It is responsible for managing network communications between services and pods within the cluster.
- It maintains network rules on nodes. These network rule allow network communication to your pods from network sessions inside or outside of your cluster and forwards traffic to the appropriate destination.
C: Add-Ons
- DNS: all Kubernetes clusters should have cluster DNS to resolve name of the containers
inside master node as all the above components is containers inside master node - Web UI: web-based UI for Kubernetes clusters. It allows users to manage and troubleshoot applications running in the cluster, as well as the cluster itself.
D. Other Components:
Kubectl:
kubectl is a command-line tool used to interact with Kubernetes clusters. It serves as the primary
interface for developers, administrators, and users to manage and control Kubernetes resources. With
kubectl, we can perform various operations on Kubernetes clusters, such as deploying applications,
scaling resources, debugging, and more.
Kubectl uses the Kubernetes API to communicate with the cluster, so it requires network connectivity to
the cluster’s API server.