Kubernetes For Beginners

Architecture & Components

Image Source: Google
Image Source: Handmade

Master Node: (aka Control Plane)

  • The Master node (Brain) manages the worker nodes (Body) and the Pods in the cluster.
  • Its components are as depicted in the diagram ( ETCD, Kube-apiserver, Kube-scheduler etc )
  • The master makes global decisions about the cluster and they also detect and respond to cluster events like starting up a new pod when a deployment’s field “replicas” is unsatisfied. (replicas dictate the number of identical structures of nodes to be kept at any given point in time)
  • Master components, set up scripts typically start all master components on the same machine, and do not run user containers on this machine for the sake of simplicity.

Worker Node:

  • The worker nodes are the part of the Kubernetes clusters which actually execute the containers and applications on them.
  • These worker nodes have docker containers for each application running on them. There may be a different number of containers running on each node depending on the distribution of the workload.
  • Worker nodes are generally more powerful than master nodes because they have to run hundreds of clusters on them.
  • However, master nodes hold more significance because they manage the distribution of workload and the state of the cluster.
Image Source: Google


  • It is a distributed reliable key-value store(database) that is easy to install, secure, persistence, highly available & fast.
  • Its used to store & retrieve small bit of cluster data which requires fast read & write.
  • Its not a traditional/relational database rather a Key-value format database store.
  • It stores information regarding the cluster i.e., Nodes, PODs, Secrets, Configs, Roles, Accounts etc.
  • Installation — Download Binaries -> Extract -> Run ETCD Service.
  • Default port 2379 & Default client etcdctl.
  • ETCDCTL is the CLI tool used to interact with ETCD.


  • It manages various controllers & it has its own set of responsibilities.
  • It is a process which continuously monitors the state of components & works towards bringing the cluster to desired state.
  • There are ample amount of controllers such as Deployment, Replica set, Endpoint, Job, Node, Namespace etc.
  • Logically, each controller is a separate process, but to reduce complexity, they are all compiled into a single binary and run in a single process.
  • It is similar to our “police department”, which continuously checks the status of the city & takes action to remediate the situation accordingly.


  • It is a primary management component in Kubernetes.
  • The API server is a component of the Kubernetes master node (Control Plane) that exposes the Kubernetes API.
  • It authenticates user, validates requests + retrieves & updates data from ETCD Cluster.
  • kubectl is used to communicate with kube-apiserver or we can invoke api directly by sending a POST method request.


  • It is only responsible for deciding which pod goes on which node.
  • Which get decided on certain criterion ( CPU, Memory etc )
  • Firstly scheduler tries to filter out the nodes that do not fit for pod.
  • Secondly it give priority to nodes having optimal resource usage.
  • REMEMBER “It does not actually place the pod on the nodes”


  • An agent that runs on each node in the cluster & also makes sure that containers are running in a POD. #Informer
  • The kubelet in the worker node, registers the node with the kubernetes cluster.
  • The kubelet continues to monitor the state of the POD and the containers in it and reports to the kube-apiserver on a timely basis.
  • The kubelet doesn’t manage containers which were not created by Kubernetes.


  • kube-proxy is a network proxy that runs on each node in your cluster.
  • Its job is to look for new services and every time a new service is created it creates the appropriate rules on each node to forward traffic to those services to the backend pods.
  • kube-proxy maintains network rules on nodes.
  • These network rules allow network communication to your PODs from network sessions inside or outside of your cluster.
  • One way it does this is using IPTABLES rules.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

AWS | GCP | Cloud Enabler | Cloud Network & Security | CFT | Docker | K8s | Terraform | SysOps | Cricket | Life | Dance | Blog | Share |