Kubernetes

Kubernetes (K8s) is an open-source container orchestration platform originally designed by Google and now maintained by CNCF. It automates deployment, scaling, and management of containerized applications.

Architecture

                         ┌─────────────────────────────────────────┐
                         │            Control Plane                │
                         │                                        │
  kubectl / API ────────►│  ┌──────────┐  ┌───────────────────┐   │
                         │  │ kube-api  │  │       etcd        │   │
                         │  │  server   │──│  (cluster state)  │   │
                         │  └────┬─────┘  └───────────────────┘   │
                         │       │                                 │
                         │  ┌────┴──────────┐  ┌───────────────┐  │
                         │  │   scheduler   │  │  controller   │  │
                         │  │               │  │   manager     │  │
                         │  └───────────────┘  └───────────────┘  │
                         └──────────────┬──────────────────────────┘
                                        │
                    ┌───────────────────┬┴──────────────────┐
                    ▼                   ▼                    ▼
            ┌──────────────┐   ┌──────────────┐    ┌──────────────┐
            │   Worker 1   │   │   Worker 2   │    │   Worker N   │
            │              │   │              │    │              │
            │  kubelet     │   │  kubelet     │    │  kubelet     │
            │  kube-proxy  │   │  kube-proxy  │    │  kube-proxy  │
            │  container   │   │  container   │    │  container   │
            │   runtime    │   │   runtime    │    │   runtime    │
            │              │   │              │    │              │
            │ ┌──┐ ┌──┐   │   │ ┌──┐ ┌──┐   │    │ ┌──┐ ┌──┐   │
            │ │P1│ │P2│   │   │ │P3│ │P4│   │    │ │P5│ │P6│   │
            │ └──┘ └──┘   │   │ └──┘ └──┘   │    │ └──┘ └──┘   │
            └──────────────┘   └──────────────┘    └──────────────┘

Components

Control Plane

Component

Description

kube-apiserver

REST API entry point for all cluster operations, handles authentication, authorization, and admission control

etcd

Distributed key-value store for all cluster state and configuration data

kube-scheduler

Watches for newly created Pods with no assigned node, selects a node based on resource requirements, affinity, taints/tolerations

kube-controller-manager

Runs controller loops: Node, ReplicaSet, Deployment, Job, ServiceAccount, etc.

cloud-controller-manager

Integrates with cloud provider APIs for nodes, routes, load balancers, and volumes

Worker Node

Component

Description

kubelet

Agent on each node, ensures containers are running in Pods as declared by the API server

kube-proxy

Maintains network rules (iptables/IPVS) for Service abstraction, handles ClusterIP/NodePort/LoadBalancer routing

Container Runtime

Runs containers via CRI interface (containerd, CRI-O)

Core Resources

Resource

Description

Pod

Smallest deployable unit, one or more containers sharing network/storage

Deployment

Manages ReplicaSets for stateless workloads, supports rolling updates and rollbacks

StatefulSet

Manages stateful workloads with stable network IDs and persistent storage

DaemonSet

Ensures a Pod runs on all (or selected) nodes

Job / CronJob

Runs tasks to completion / on a schedule

Service

Stable network endpoint for a set of Pods (ClusterIP, NodePort, LoadBalancer, ExternalName)

Ingress

HTTP/HTTPS routing rules, TLS termination, virtual hosting

ConfigMap / Secret

Inject configuration and sensitive data into Pods

PersistentVolume (PV) / PersistentVolumeClaim (PVC)

Storage abstraction and provisioning

Namespace

Logical isolation for resources within a cluster

ServiceAccount / RBAC

Identity and access control for Pods and users

HPA / VPA

Horizontal and Vertical Pod Autoscalers

NetworkPolicy

Pod-level firewall rules (requires CNI plugin support)

Deployment Methods

kubeadm

The official cluster bootstrapping tool.

# Initialize control plane
kubeadm init \
  --pod-network-cidr=10.244.0.0/16 \
  --apiserver-advertise-address=<MASTER_IP> \
  --kubernetes-version=v1.31.0

# Set up kubeconfig
mkdir -p $HOME/.kube
cp /etc/kubernetes/admin.conf $HOME/.kube/config

# Install CNI plugin (e.g., Calico)
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.28.0/manifests/calico.yaml

# Join worker nodes
kubeadm join <MASTER_IP>:6443 --token <TOKEN> --discovery-token-ca-cert-hash sha256:<HASH>

Managed Kubernetes

Cloud-managed control planes with provider integrations:

Provider

Service

CLI

AWS

EKS

eksctl create cluster

Google Cloud

GKE

gcloud container clusters create

Azure

AKS

az aks create

Alibaba Cloud

ACK

aliyun cs CreateCluster

Lightweight / Local

Tool

Use Case

k3s

Lightweight production-ready distribution (single binary, ~70MB)

kind

Kubernetes-in-Docker for CI/CD and local testing

minikube

Local single-node cluster for development

k0s

Zero-friction Kubernetes distribution

Infrastructure as Code

# Terraform + EKS example
terraform apply -target=module.eks

# Kubespray (Ansible-based)
ansible-playbook -i inventory/mycluster/hosts.yaml cluster.yml

kubectl Quick Reference

# Cluster info
kubectl cluster-info
kubectl get nodes -o wide
kubectl top nodes

# Workload management
kubectl create deployment nginx --image=nginx:1.27 --replicas=3
kubectl expose deployment nginx --port=80 --type=ClusterIP
kubectl scale deployment nginx --replicas=5
kubectl rollout status deployment/nginx
kubectl rollout undo deployment/nginx

# Debugging
kubectl get pods -A -o wide
kubectl describe pod <pod-name>
kubectl logs <pod-name> -f --previous
kubectl exec -it <pod-name> -- /bin/sh
kubectl events --for pod/<pod-name>

# Resource management
kubectl apply -f manifest.yaml
kubectl diff -f manifest.yaml
kubectl delete -f manifest.yaml
kubectl get all -n <namespace>

# Config and context
kubectl config get-contexts
kubectl config use-context <context-name>
kubectl config set-context --current --namespace=<ns>

Deep Dives

Kubernetes Network — Container networking, Service implementation (iptables/IPVS), and flannel CNI
Kubernetes RBAC — RBAC authorization with Role, ClusterRole, and ServiceAccount
Kubeadm Deploy — Deploy Kubernetes cluster with kubeadm and containerd on Ubuntu
Kube Eventer — Collect cluster events with kube-eventer and send to Kafka/Telegram

Reference:
Official Website
Repository
Kustomize
kubectl Cheat Sheet
kubeadm

PreviousScheduling & Orchestration NextKubernetes Network

Last updated 11 days ago

hashtagArchitecture

hashtagComponents

hashtagControl Plane

hashtagWorker Node

hashtagCore Resources

hashtagDeployment Methods

hashtagkubeadm

hashtagManaged Kubernetes

hashtagLightweight / Local

hashtagInfrastructure as Code

hashtagkubectl Quick Reference

hashtagDeep Dives

Architecture

Components

Control Plane

Worker Node

Core Resources

Deployment Methods

kubeadm

Managed Kubernetes

Lightweight / Local

Infrastructure as Code

kubectl Quick Reference

Deep Dives