Image source: Kubernetes.io

K8s — Cluster Architecture:

Follows client-server architecture

Master installed on one machine and the nodes on separate machines

Master:

Master components provide the cluster’s control plane.

Makes global decisions about the cluster

Detect and respond to cluster events

Components of master:

Etcd

Stores the configuration information (used by each node in the cluster) Provides highly available key value store (distributed among multiple nodes) Accessible only by API server (contains sensitive information)

API server

Exposes the Kubernetes API Front end for the K8s control plane Designed to scale horizontally (i.e by deploying more instances) Can run several instances of kube-apiserver and balance traffic between those instances

Controller Manager

Component on the master that runs controllers Each controller is a separate process and to reduce the complexity they are all compiled into a single binary and run in a single process

Controllers include:

Node controller: Notices and responds when nodes go down

Replication controller: maintains the correct number of pods for every replication controller object in the system

Endpoints controller: populates the Endpoint object (ie joins services & pods)

Service Account & Token controllers: create default accounts and API access tokens for new namespaces

Scheduler

Watches for newly created pods which doesn’t have node assigned, and selects a node for them to run on Scheduling decisions are based on individual and collective resource requirements, hardware/software/policy constraints, inter-workload interference and deadlines, affinity and anti-affinity specifications, data locality

Node:

Node components run on every node, maintaining running pods and providing the Kubernetes runtime environment

Components of Node:

Kubelet:

Agent that runs on each node in the cluster (makes sure that containers are running in a pod) It ensures that the containers described in the configurations are running and healthy Doesn’t manage containers which were not created by K8s

Kube Proxy:

Network proxy runs on each node in the cluster (implementing part of the k8s service concept) Maintains network rules on nodes to allow network communication to Pods from network sessions inside or outside of the cluster Uses OS packet filtering layer if there is one and available otherwise, forwards the traffic itself

Container Runtime: