Skip to content

Kubernetes components overview

k8s-components.png

Kubernetes is a popular open-source container orchestration platform that is commonly used for managing containerized applications. It automates various tasks such as deploying, scaling, and managing containerized applications. In this blog post, we will provide an overview of the main components of Kubernetes.

Kubernetes Components

Master Node Components

The master components of Kubernetes are responsible for managing the overall state of the cluster. It orchestrates the deployment and scaling of containerized applications. The master components include:

API Server

The API server is the central management entity of Kubernetes. It serves all the RESTful API calls that are made to the cluster. It is responsible for validating and processing API requests and updating the state of the cluster.

etcd

etcd is a distributed key-value store that is used to store the configuration data of the cluster. It is used as the backing store for all cluster data.

Controller Manager

The controller manager is responsible for managing various controllers that regulate the state of the cluster. It ensures that the desired state of the cluster matches the actual state.

Scheduler

The scheduler is responsible for scheduling the deployment of containers on the worker nodes. It selects the best node for a given pod and ensures that the required resources are available before scheduling the pod.

Worker Node Components

The node components run on each worker node in the cluster. They are responsible for managing the containers and the associated resources on the node. The node components include:

Kubelet

Kubelet is the primary agent that runs on each worker node. It is responsible for managing the state of the containers running on the node. It communicates with the API server to receive instructions on which containers to run and ensures that the containers are healthy.

kube-proxy

kube-proxy is responsible for managing the network connectivity between different pods and services in the cluster. It ensures that each pod can communicate with other pods and external services.

Container Runtime

The container runtime is responsible for running the containers. Kubernetes supports various container runtimes, including Docker, containerd, and CRI-O.

Component name Control plane, worker node, or client
Kubeadm Admin tool
Kube-apiserver Control plane (master node)
Etcd Control plane (master node)
Kube-scheduler Control plane (master node)
Kube-controller-manager Control plane (master node)
Kubelet Worker node
Kube-proxy Worker node
Container Engine Worker node
kubectl Client

Interacting with the API server

  • CLI: kubectl
  • API: https://kubernetes.io/docs/concepts/overview/kubernetes-api

Basic usage of kubectl & kubeadm

kubectl create
kubectl get
kubectl apply
kubectl describe
kubectl exec
kubectl run

kubeadm config
kubeadm init
kubeadm join
kubeadm reset

Frequently used API Resources Shortname

NAME SHORTNAMES
configmaps cm
endpoints ep
events ev
namespaces ns
nodes no
persistentvolumeclaims pvc
persistentvolumes pv
pods po
replicationcontrollers rc
serviceaccounts sa
services svc
daemonsets ds
deployments deploy
replicasets rs
cronjobs cj
networkpolicies netpol
podsecuritypolicies psp

API Resources

kubectl api-resources --sort-by name -o wide
NAME SHORTNAMES APIVERSION NAMESPACED KIND
bindings v1 TRUE Binding
componentstatuses cs v1 FALSE ComponentStatus
configmaps cm v1 TRUE ConfigMap
endpoints ep v1 TRUE Endpoints
events ev v1 TRUE Event
limitranges limits v1 TRUE LimitRange
namespaces ns v1 FALSE Namespace
nodes no v1 FALSE Node
persistentvolumeclaims pvc v1 TRUE PersistentVolumeClaim
persistentvolumes pv v1 FALSE PersistentVolume
pods po v1 TRUE Pod
podtemplates v1 TRUE PodTemplate
replicationcontrollers rc v1 TRUE ReplicationController
resourcequotas quota v1 TRUE ResourceQuota
secrets v1 TRUE Secret
serviceaccounts sa v1 TRUE ServiceAccount
services svc v1 TRUE Service
mutatingwebhookconfigurations admissionregistration.k8s.io/v1 FALSE MutatingWebhookConfiguration
validatingwebhookconfigurations admissionregistration.k8s.io/v1 FALSE ValidatingWebhookConfiguration
customresourcedefinitions crd,crds apiextensions.k8s.io/v1 FALSE CustomResourceDefinition
apiservices apiregistration.k8s.io/v1 FALSE APIService
controllerrevisions apps/v1 TRUE ControllerRevision
daemonsets ds apps/v1 TRUE DaemonSet
deployments deploy apps/v1 TRUE Deployment
replicasets rs apps/v1 TRUE ReplicaSet
statefulsets sts apps/v1 TRUE StatefulSet
tokenreviews authentication.k8s.io/v1 FALSE TokenReview
localsubjectaccessreviews authorization.k8s.io/v1 TRUE LocalSubjectAccessReview
selfsubjectaccessreviews authorization.k8s.io/v1 FALSE SelfSubjectAccessReview
selfsubjectrulesreviews authorization.k8s.io/v1 FALSE SelfSubjectRulesReview
subjectaccessreviews authorization.k8s.io/v1 FALSE SubjectAccessReview
horizontalpodautoscalers hpa autoscaling/v2 TRUE HorizontalPodAutoscaler
cronjobs cj batch/v1 TRUE CronJob
jobs batch/v1 TRUE Job
certificatesigningrequests csr certificates.k8s.io/v1 FALSE CertificateSigningRequest
leases coordination.k8s.io/v1 TRUE Lease
bgpconfigurations crd.projectcalico.org/v1 FALSE BGPConfiguration
bgppeers crd.projectcalico.org/v1 FALSE BGPPeer
blockaffinities crd.projectcalico.org/v1 FALSE BlockAffinity
caliconodestatuses crd.projectcalico.org/v1 FALSE CalicoNodeStatus
clusterinformations crd.projectcalico.org/v1 FALSE ClusterInformation
felixconfigurations crd.projectcalico.org/v1 FALSE FelixConfiguration
globalnetworkpolicies crd.projectcalico.org/v1 FALSE GlobalNetworkPolicy
globalnetworksets crd.projectcalico.org/v1 FALSE GlobalNetworkSet
hostendpoints crd.projectcalico.org/v1 FALSE HostEndpoint
ipamblocks crd.projectcalico.org/v1 FALSE IPAMBlock
ipamconfigs crd.projectcalico.org/v1 FALSE IPAMConfig
ipamhandles crd.projectcalico.org/v1 FALSE IPAMHandle
ippools crd.projectcalico.org/v1 FALSE IPPool
ipreservations crd.projectcalico.org/v1 FALSE IPReservation
kubecontrollersconfigurations crd.projectcalico.org/v1 FALSE KubeControllersConfiguration
networkpolicies crd.projectcalico.org/v1 TRUE NetworkPolicy
networksets crd.projectcalico.org/v1 TRUE NetworkSet
endpointslices discovery.k8s.io/v1 TRUE EndpointSlice
events ev events.k8s.io/v1 TRUE Event
flowschemas flowcontrol.apiserver.k8s.io/v1beta3 FALSE FlowSchema
prioritylevelconfigurations flowcontrol.apiserver.k8s.io/v1beta3 FALSE PriorityLevelConfiguration
ingressclasses networking.k8s.io/v1 FALSE IngressClass
ingresses ing networking.k8s.io/v1 TRUE Ingress
networkpolicies netpol networking.k8s.io/v1 TRUE NetworkPolicy
runtimeclasses node.k8s.io/v1 FALSE RuntimeClass
poddisruptionbudgets pdb policy/v1 TRUE PodDisruptionBudget
clusterrolebindings rbac.authorization.k8s.io/v1 FALSE ClusterRoleBinding
clusterroles rbac.authorization.k8s.io/v1 FALSE ClusterRole
rolebindings rbac.authorization.k8s.io/v1 TRUE RoleBinding
roles rbac.authorization.k8s.io/v1 TRUE Role
priorityclasses pc scheduling.k8s.io/v1 FALSE PriorityClass
csidrivers storage.k8s.io/v1 FALSE CSIDriver
csinodes storage.k8s.io/v1 FALSE CSINode
csistoragecapacities storage.k8s.io/v1 TRUE CSIStorageCapacity
storageclasses sc storage.k8s.io/v1 FALSE StorageClass
volumeattachments storage.k8s.io/v1 FALSE VolumeAttachment

Components at a glance

Kubernetes-Primitives.png

Network at a glance

pod-network.png

Reference

  • Kubernetes – An Enterprise Guide (Marc Boorshtein, Scott Surovich)
  • Certified Kubernetes Administrator (CKA) Study Guide (Benjamin Muschko)
  • https://argo-cd.readthedocs.io/en/stable/understand_the_basics/
Small world. Big idea!
  • Welcome to visit the knowledge base of SRE and DevOps!
  • License under CC BY-NC 4.0
  • No personal information is collected
  • Made with Material for MkDocs and generative AI tools
  • Copyright issue feedback me#imzye.com, replace # with @
  • Get latest SRE news and discuss on Discord Channel