Kubernetes is made of a cluster of nodes. There are two possible roles for nodes in Kubernetes – control plane nodes and worker nodes. The control plane nodes control the Kubernetes cluster, schedulingthe workloads, listening to requests, and other aspects that help run your workloads and make the cluster function. They typically form the brain of the cluster.
On the other hand, the worker nodes are the powerhouses of the Kubernetes cluster and provide raw computing for running your container workloads.
Kubernetes architecture follows the client-server model via an API server. Any interaction, including internal interactions between components, happens via the Kubernetes API server. Therefore, the Kubernetes API server is known as the brain of the Kubernetes control plane.
There are other components of Kubernetes as well, but before we delve into the details, let’s look at the following diagram to understand the high-level Kubernetes architecture:
Figure 5.1 – Kubernetes cluster architecture
The control plane comprises the following components:
- API server: As discussed previously, the API server exposes a set of APIs for external and internal actors to interact with Kubernetes. All interactions with Kubernetes happen via the API server, as evident from the preceding diagram. If you visualize the Kubernetes cluster as a ship, the API server is the ship’s captain.
- Controller manager: The controller manager is the ship’s executive officer and is tasked with ensuring that the captain’s orders are followed in the cluster. From a technical perspective, the controller manager reads the current and desired states and takes all actions necessary to move the current state to the desired state. It contains a set of controllers that interact with the Kubernetes components via the API server as and when needed. Some of these are as follows:
- Node controller: This watchesfor when the node goes down and responds by interacting with the Kube scheduler via the Kube API server to schedule the pods to a healthy node.
- Replication controller: Thisensures that the correct amount of container replicas defined by replication controller objects in the cluster exist.
- Endpoints controller: These assist in providing endpoints to your containers via services.
- Service account and token controllers: These create default accounts and tokens for new namespaces.
- Cloud controller manager: This is anoptional controller manager that you would run if you run Kubernetes in a public cloud, such as AWS, Azure, or GCP. The cloud controller manager interacts with the cloud provider APIs to provision resources such as persistent disks and load balancers that you declare in your Kubernetes configuration.