Kubernetes Components and Architecture
Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It follows a master-worker architecture consisting of multiple components that work together to maintain the desired state of a cluster. Below is an explanation of each component in Kubernetes, along with an architecture diagram and manifest files.
Key Kubernetes Components:
1. Master Node (Control Plane)
The master node is the brain of the Kubernetes cluster. It manages and controls the cluster, making global decisions (e.g., scheduling), detecting and responding to cluster events (e.g., starting up pods), and managing the overall state of the cluster.
The master node consists of the following components:
-
API Server (
kube-apiserver):
The API server is the central management point for Kubernetes. It exposes the Kubernetes API, which is used for communicating with other components of the system. All requests (whether for interacting with pods, nodes, deployments, etc.) are handled by the API server. -
Scheduler (
kube-scheduler):
The scheduler is responsible for selecting which node a newly created pod will run on based on resource availability and constraints defined by the user. It makes the decision to place pods on specific worker nodes. -
Controller Manager (
kube-controller-manager):
The controller manager ensures that the desired state of the cluster is maintained. It manages controllers like the ReplicaSet, Deployment, and Node controllers. The controllers constantly check the state of the cluster and take corrective actions to meet the desired state. -
etcd:
etcd is a distributed key-value store that holds the entire configuration and state of the Kubernetes cluster. It is the source of truth for all cluster data, such as the definitions of nodes, pods, deployments, services, and more. It’s highly available and fault-tolerant.
2. Worker Node
Worker nodes (also called minions) are the machines responsible for running the application workloads in the form of containers. Each node in a Kubernetes cluster contains the following components:
-
Kubelet:
The kubelet is an agent that runs on each worker node. It ensures that containers are running in a pod by communicating with the API server and monitoring the health of the containers. -
Kube Proxy:
Kube Proxy manages the networking and load balancing between pods. It ensures that each pod has network connectivity and routes traffic to the correct backend service. -
Container Runtime:
This is the software responsible for running containers. Examples of container runtimes are Docker, containerd, and CRI-O.
3. Pods
A pod is the smallest and simplest Kubernetes object. It is a single instance of a running process in the cluster, and it can contain one or more containers. All containers in a pod share the same network namespace and storage.
4. Namespaces
Namespaces provide a way to divide cluster resources between multiple users. Namespaces are used for organizing resources within a cluster into logical groups. They are primarily useful in large clusters with many users.
5. Services
A service is an abstraction that defines a set of pods and a policy by which to access them. Services ensure that applications can communicate with each other reliably, regardless of pod lifecycles or IP changes.
6. Deployments
A deployment provides declarative updates for pods and ReplicaSets. It allows you to manage and scale applications running in pods, ensuring that the desired number of replicas is always running.
7. ReplicaSets
ReplicaSets ensure that a specified number of identical pods are running at any given time. A ReplicaSet can be used by a Deployment to maintain the number of replicas.
8. StatefulSets
StatefulSets are similar to ReplicaSets but designed for applications that require persistent storage and stable network identities. These are often used for stateful applications like databases.
9. ConfigMaps and Secrets
- ConfigMap: A way to inject configuration data into pods, which can be used as environment variables, command-line arguments, or configuration files.
- Secret: Stores sensitive data like passwords, OAuth tokens, or ssh keys in an encrypted form.
10. Ingress
Ingress is a collection of rules that allow inbound connections to reach the cluster services. It manages HTTP and HTTPS routes to services.
Kubernetes Architecture Diagram:
Here’s a high-level diagram of the Kubernetes architecture:
lua
Copy code
+--------------------------------------+
| Kubernetes |
| Master Node |
| |
| +----------------------------+ |
| | kube-apiserver | |
| +----------------------------+ |
| | kube-scheduler | |
| +----------------------------+ |
| | kube-controller-manager | |
| +----------------------------+ |
| | etcd | |
+--------------------------------------+
/ \
/ \
/ \
/ \
+------------------+ +------------------+
| Worker Node 1 | | Worker Node 2 |
| | | |
| +-----------+ | | +-----------+ |
| | Kubelet | | | | Kubelet | |
| +-----------+ | | +-----------+ |
| | Kube Proxy| | | | Kube Proxy| |
| +-----------+ | | +-----------+ |
| | Container | | | | Container | |
| | Runtime | | | | Runtime | |
| +-----------+ | | +-----------+ |
+------------------+ +------------------+
Kubernetes Manifest Files
Kubernetes uses manifest files (usually written in YAML or JSON) to declare the desired state of various Kubernetes resources. Below are some key examples of manifest files.
1. Pod Manifest
A simple pod manifest that defines a pod with a single container running Nginx:
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 802. Deployment Manifest
A deployment manifest that creates a Deployment for Nginx with 3 replicas:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
3. Service Manifest
A service manifest to expose the Nginx deployment:
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancer
4. ConfigMap Manifest
A ConfigMap for providing configuration data to a pod:
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-config
data:
nginx.conf: |
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
5. Secret Manifest
A Secret to store sensitive information like a password:
apiVersion: v1
kind: Secret
metadata:
name: db-password
type: Opaque
data:
password: cGFzc3dvcmQ= # This is 'password' encoded in base64
6. Ingress Manifest
An Ingress resource to manage HTTP routing:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-ingress
spec:
rules:
- host: nginx.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-service
port:
number: 80Summary
Kubernetes is a complex system made up of many components that work together to provide a platform for managing containerized applications. The Master Node is responsible for controlling the cluster, while the Worker Nodes run the actual workloads in containers. Resources such as Pods, Services, Deployments, ConfigMaps, and Secrets are defined through YAML manifests that allow for declarative management of the desired state.
By using Kubernetes’ powerful abstractions, you can efficiently deploy, scale, and manage applications in a fault-tolerant and automated manner.