Kubernetes Architecture

What is Kubernetes?

Kubernetes is an open-source orchestration tool developed by Google. It manages microservices or containerized applications across distributed clusters of nodes/hosts. Kubernetes is also referred to as K8s.

Kubernetes automates the deployment and management of cloud applications using on-prem or cloud platforms like Azure, AWS, OpenStack and more. It distributes workloads across the Kubernetes cluster and automates container networking needs. It allocates storage and persistent volumes to running containers. It scales automatically and continuously maintaining the required state of the applications.

The main objective of Kubernetes is to make managing a fleet of containers easy by providing REST API’s.

Quick overview on Some Kubernetes Components

Nodes: A node may be a virtual or physical machine. Kubernetes runs your workload by placing containers into pods to run on nodes.

Image Registry: Container images are kept in the registry and transferred to nodes by the control plane for execution in container pods.

Pods: A pod encapsulates application containers, storage resources, a unique network ID and other configuration on how to run the containers. It is the smallest unit of K8’s.

Service: A static IP address that is attached to pods in your application, so if a pod dies or is recreated the endpoint for the new pods does not need to be updated. This is because the lifecycle of Pods and Service is not connected. It also acts as a load balancer.

Ingress: Kubernetes Ingress is an API object that provides routing rules to manage access to the services within a Kubernetes cluster. This typically uses HTTPS and HTTP protocols to facilitate the routing. Ingress is the ideal choice for a production environment.

ConfigMap: External configuration of your application.

Secret: Used to store secret data like credentials stored in base64 encoded format.

Volumes: Kubernetes guarantees data is preserved across container restarts. The volume will be removed only when the pod gets destroyed. Also, a pod can have multiple volumes (possibly of different types) associated.

NameSpace: Kubernetes namespaces provides a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces.

Deployment: Kubernetes Deployment is responsible for creating or modifying instances of the pods that hold a containerized application. It is like a blueprint for your application. (Database or stateful applications cannot be replicated with Deployment)

StatefulSet: Used for stateful applications, they make sure that application reads, and writes are synchronized so there are no inconsistencies in the data retrieved.

K8’s Architecture Explained

Kubernetes follows a Client Server architecture. Containers encapsulate an application, so it is portable and easy to deploy. A Kubernetes cluster has one or more control planes and one or more compute/worker nodes. It is loosely coupled for service discovery across a cluster. The control plane has two main responsibilities; It exposes the Kubernetes API through the API server and manages the nodes that make up the cluster for scheduling the start up and shut down of compute nodes.

Kubernetes node Architecture

Nodes are machines like VM’s or physical servers where pods are placed to execute commands.

Every node has an agent called Kubelet, that ensures that the containers registered in the podSpecs are up and running. There is also a network proxy called Kube-proxy on each node that controls the communication between pods and network sessions whether inside or outside a cluster. Finally, the software responsible for running the containerised application is called the Container Runtime like Docker that supports Kubernetes CRI.

Kubernetes Control Plane Architecture

A Kubernetes control plane is the control plane for a Kubernetes cluster.

The kube-apiserver is an API server that exposes the Kubernetes API, which is the communications central. External communications via command line interface (CLI) or other user interfaces (UI) pass to the kube-apiserver and all control planes to node communications which also go through the API server. etcd is the key value store where all data relating to the cluster is stored. It is highly available and consistent since all access to etcd is through the API server. Information in etcd is generally formatted in YAML.

When a new pod is created the kube-scheduler assigns it to the node for execution based on resource requirements, policies, availability and ‘affinity’ specifications regarding geolocation and interference with other workloads. All the controller functions within the Kubernetes cluster are then compiled into a single binary called the kube-controller-manager.

I hope this quick write up helps conceptualize some of the important topics of Kubernetes and its architecture. Kubernetes is very useful in automating operational tasks of container management, helping with easy deployments between environments and relying on the cloud for load functioning apps so developers can focus on more important customer requirements.