Kubernetes (K8s) Architecture

A visual breakdown of the components that make Kubernetes work.

Control Plane (Master Node)

The brain of the cluster. It manages the state of the cluster and makes global decisions.

etcd

A consistent and highly-available key-value store used as Kubernetes' backing store for all cluster data.

  • Stores resources (Pods, Deployments, etc.).
  • Maintains the cluster's desired state.
  • Holds runtime data like logs and events.
API Server

The entry point for all cluster communication (UI, API, CLI). It exposes the Kubernetes API.

  • Validates and processes requests.
  • Stores resource state into etcd.
  • Handles Authentication, Authorization, and Admission Control plugins.
Controller Manager

Watches for changes via the API server and works to move the current cluster state towards the desired state.

  • Replication Controller: Ensures the correct number of pod replicas.
  • Deployment Controller: Manages deployments and rollouts.
  • StatefulSet Controller: Manages Persistent Volume Claims (PVC).
Scheduler

Watches for newly created Pods with no assigned node, and selects a node for them to run on.

  • Filters nodes based on Pod requirements.
  • Scores nodes to find the best fit.
  • Updates the Pod's `.spec.nodeName` field.

Worker Nodes

The machines (VMs, physical servers, etc.) that run your containerized applications.

Kubelet

An agent that runs on each node in the cluster. It makes sure that containers are running in a Pod.

  • Registers the node with the cluster.
  • Communicates with the API server.
  • Manages the state of pods on its node.
  • Works with the container runtime to run containers.
kube-proxy

A network proxy that runs on each node, maintaining network rules and enabling communication.

Modes:

  • userspace (deprecated)
  • iptables (default)
  • ipvs (fastest)
Container Runtime

The software that is responsible for running containers. Kubernetes supports several runtimes.

  • Examples: Docker, containerd, CRI-O.
  • Pulls container images from a registry.
  • Starts and stops containers.

How They Work Together

A simplified flow of creating a new Pod.

kubectl User sends request
API Server Authenticates & validates
etcd Stores desired state
Scheduler Assigns Pod to Node
Kubelet Creates Pod on Node
Controller Monitors state