Kubernetes Architecture


 The first step in learning Kubernetes is understanding its high-level architecture.


As we learned in the prerequisites, Kubernetes is a distributed system, which means it consists of multiple components distributed across different servers over a network. These servers can be either virtual machines or bare metal servers.


As a whole, we call it a Kubernetes cluster.


A Kubernetes cluster consists of a control plane and worker nodes.


✅ ๐—–๐—ผ๐—ป๐˜๐—ฟ๐—ผ๐—น ๐—ฃ๐—น๐—ฎ๐—ป๐—ฒ


The control plane is responsible for maintaining the desired state of the cluster. It is also responsible for node/pod lifecycle management and exposing the cluster API. It has the following key components:


- kube-apiserver

- etcd

- kube-scheduler

- kube-controller-manager

- cloud-controller-manager


✅ ๐—ช๐—ผ๐—ฟ๐—ธ๐—ฒ๐—ฟ ๐—ก๐—ผ๐—ฑ๐—ฒ๐˜€


The worker nodes are responsible for running containerized applications. The worker node has the following components:


- kubelet

- kube-proxy

- Container runtime (CRI-O, Docker Engine, Containerd, etc.)


Important Note: These components run on the control plane node as well.


✅  ๐—”๐—ฑ๐—ฑ-๐—ผ๐—ป ๐—–๐—ผ๐—บ๐—ฝ๐—ผ๐—ป๐—ฒ๐—ป๐˜๐˜€


Additionally, there are add-on components we include in the cluster to extend its functionality and make the cluster fully functional for application deployments.


Here are some common add-ons commonly used in Kubernetes Clusters


- Web UI

- CoreDNS

- Metrics Server

- CNI Plugins (Container Network Interface)


Given that Kubernetes operates in a distributed environment,


Kubernetes ensures this by using mutual TLS (mTLS) certificates for authentication, which not only encrypts the communication but also ensures that all components can securely authenticate each other.


In the upcoming posts, I will cover each component and its significance in detail.

Comments

Post a Comment

Popular posts from this blog

Kubernetes API Server Explained

Image
  Kubernetes API Server Explained The  kube-apiserver  is the core component of a Kubernetes cluster, serving as the central hub that exposes the Kubernetes API. It is  designed to be highly scalable , capable of handling a large number of concurrent requests efficiently. End users, and other cluster components, talk to the cluster via the API server. Very rarely monitoring systems and third-party services may talk to API servers to interact with the cluster. So when you use kubectl to manage the cluster, at the backend you are actually communicating with the API server through  HTTP REST APIs . API server uses  gRPC  to talk to the etcd component. All communication between the API server and other components within the cluster is  encrypted using TLS  (Transport Layer Security) to ensure secure access and prevent unauthorized interventions in the cluster's operations. ⚠️ Note : If you're new to Kubernetes, the information below might be chal...
Read more

etcd in Kubernetes: A Quick Guide

Image
  Kubernetes is a complex distributed system that requires a robust and efficient distributed database to function smoothly. This is where etcd comes into play. What is etcd? etcd is the backbone of Kubernetes, acting both as a backend service discovery tool and a key-value database. Often referred to as the  "brain"  of the Kubernetes cluster, etcd is an open-source, strongly consistent, distributed key-value store. But what exactly does that mean? Strong Consistency:  In a distributed system, when an update is made to one node, strong consistency ensures that all other nodes in the cluster are updated immediately. This guarantees that all nodes reflect the same data at any given time. Distributed Nature:  etcd is designed to operate across multiple nodes as a cluster, without compromising on consistency. This distributed architecture ensures that etcd remains highly available and resilient. Key-Value Store:  etcd is a non-relational database that stores d...
Read more

Kubernetes Basics

Beyond YAML: Core IT for Kubernetes When it comes to learning Kubernetes, many people focus on getting the YAML files deployed and think, "Great, it worked. I'm good to go." However, if you want to learn Kubernetes the right way, it's important to have a solid understanding of core IT fundamentals. While it's possible to learn Kubernetes without this knowledge, as DevOps engineers, it's important to go beyond merely deploying YAML files. A comprehensive understanding of the entire system is essential for effective troubleshooting and designing more robust solutions. I'm not saying you can't get by without this foundation, but knowing these areas will give you a significant edge: In this guide, I'll provide a high-level overview of the following core concepts. Containers Distributed system Authentication & Authorization Key Value Store API YAML Service Discovery Networking Basis Linux While it's not possible to cover every topic in detail, y...
Read more