Skip to main content

1.2 Kubernetes Resources and Architecture

Kubernetes Architecture Overview

Kubernetes follows a master-worker architecture, with a master node controlling the worker nodes where containers are deployed. It is designed to automate the deployment, scaling, and management of containerized applications. Understanding the architecture of Kubernetes is crucial for managing its resources effectively.

Key Components of Kubernetes Architecture:

  1. Master Node: The master node controls the cluster, managing the scheduling of workloads and maintaining the desired state.

    • API Server: The Kubernetes API server is the main management point for the Kubernetes cluster. It processes REST operations and validates them.
    • etcd: A key-value store that stores cluster state and configuration data.
    • Scheduler: Responsible for assigning Pods to nodes based on available resources and constraints.
    • Controller Manager: Manages various controllers that ensure the cluster is in the desired state (e.g., node controller, replication controller).

  2. Worker Nodes: Worker nodes run the applications in containers. They report to the master node and provide the necessary compute resources.

    • Kubelet: Ensures that containers are running as defined in the PodSpec. It communicates with the master node.
    • Kube-proxy: Maintains network rules on nodes and enables communication between Pods across different nodes.
    • Container Runtime: Executes the containerized applications (e.g., Docker, containerd).

Kubernetes Resources

Kubernetes resources are the fundamental building blocks of the Kubernetes system. They represent the state of objects in the cluster, such as Pods, Services, ConfigMaps, and more.

1. Pod:

A Pod is the smallest deployable unit in Kubernetes. It can contain one or more containers and shares storage and networking among those containers.

  • Example: A Pod might contain an application container (e.g., a web server) and a sidecar container (e.g., a logging agent).

    apiVersion: v1
    kind: Pod
    metadata:
      name: my-pod
    spec:
      containers:
      - name: nginx
        image: nginx:latest

2. Deployment:

A Deployment defines the desired state for Pods and automatically manages their lifecycle, including scaling and updating them.

  • Example: A Deployment might define that 3 replicas of a web server should always be running.

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: my-deployment
    spec:
      replicas: 3
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: nginx:latest

3. Service:

A Service is an abstraction that defines how to access a set of Pods. It ensures reliable communication between different Pods by load balancing and service discovery.

  • Types of Services:

    • ClusterIP: Exposes the service on an internal IP within the cluster.
    • NodePort: Exposes the service on the same port on each selected node in the cluster.
    • LoadBalancer: Exposes the service externally using a cloud provider’s load balancer.
    apiVersion: v1
    kind: Service
    metadata:
      name: my-service
    spec:
      selector:
        app: nginx
      ports:
        - protocol: TCP
          port: 80
          targetPort: 80
      type: ClusterIP

4. ConfigMap:

A ConfigMap allows you to decouple configuration artifacts from the application, making it easier to manage application settings.

apiVersion: v1
kind: ConfigMap
metadata:
  name: my-config
data:
  config.json: |
    {
      "key": "value"
    }

5. Secret:

A Secret stores sensitive data, such as passwords and API tokens, in an encrypted format to be consumed by Pods.

apiVersion: v1
kind: Secret
metadata:
  name: my-secret
data:
  password: cGFzc3dvcmQ=

How Kubernetes Resources Work Together

In a typical Kubernetes application, various resources interact to ensure that the application runs smoothly and scales as needed. For instance, a Deployment ensures that a specific number of Pods are running, while a Service allows those Pods to be accessed by users or other applications. Configuration settings are managed through ConfigMaps, and sensitive data like credentials are handled using Secrets.

Example:

In this example, a web server application is deployed using a Deployment, exposed via a Service, and configured with a ConfigMap. Secrets are used to store sensitive data like database passwords.

apiVersion: v1
kind: Pod
metadata:
  name: my-web-server
spec:
  containers:
  - name: web
    image: nginx:latest
    ports:
    - containerPort: 80
  envFrom:
  - configMapRef:
      name: web-config
  - secretRef:
      name: db-secret

In this setup:

  • The Pod runs a containerized web server.
  • The ConfigMap provides configuration details.
  • The Secret stores sensitive data such as database credentials.

Conclusion

Kubernetes resources and architecture work together to provide a scalable, resilient, and flexible platform for running containerized applications. By understanding how resources like Pods, Services, and Deployments interact within the Kubernetes architecture, you can effectively manage applications and ensure their availability and performance in a production environment.

In the next section, we will delve deeper into the Kubernetes API and how it serves as the interface for interacting with these resources.