Class 2 - Kubernetes Architecture Flashcards
Which are the primary components of Kubernetes architecture?
Kubernetes Master
Kubernetes slaves or nodes
What elements does Kubernetes Master have?
etcd
2 types of kube-controller-mananger
kube-api-server
kube-scheduler
What elements does Kubernetes nodes have?
kubelet
kube-proxy
container engine
What is master node?
It is the control plane of entire k8s architecuture. It takes all the decisions. Can be configured on standalone machine. Multiple master are configured in cluster for highly available environment.
As best practice don’t run user container on master node.
Responsibilities of master node?
- Scheduling a pod
- Responding to cluster events
- Detecting pods
- Exposing API
- Controlling and Provisioning
Use of master node components?
1) Cloud Controller Manager
Cloud controller manager is not used by end users like us, but is used by cloud providers which enables them to create VM and load balancer instances in case of managed Kubernetes service. When you create a node, it also creates underlying GCP VM instance and load balancer as well. We may work with cloud controller manager if we are making in house cloud. So in normal situations we will always install kube-controller-manager.
2) Kube Controller Manager
Controller manager takes care of maintaining the state of the cluster. If one replica goes down, then it will bring it up back again. It also controls the worker nodes. So management of pods, management of nodes, management of endpoints (IPs) so that they don’t change until the node is deleted.
3) Kube Scheduler
It manages assignment of worker node to corresponding pod. Suppose you are creating DB container which has requirement of 4CPU and 10 GB memory. Now you might have different configuration nodes. Scheduler will figure out where the resource requirement can be met.
It uses ranking algorithm that gives rank to nodes and based on that node is chosen.
4) etcd Key-Value store
etcd is a data store. It is datastore of k8s. etcd is a highly available datastore. It uses distributed locking for high availability and replication. Datastore stores data in form of key value pair.
5) Kube API server It acts as the front end to the master node. It is at the outside facing edge. Is a way by which Kubernetes exposes a set of APIs. /api /metrics /healthz
Which are two options to interact with Kubernetes cluster i.e. API server?
Either use curl commands to send requests to Kube-API-Server, but that is not feasible for end user to remember all APIs.
Other option is to use “kubectl” it is CLI to interact with Kubernetes cluster.
Who communicates with API server?
kubectl and worker nodes communicate with API server.
How many ports does etcd expose?
etcd uses 2 ports.
etcd cluster internally uses 2379 port
etcd exposes 2380 port for external world.
So kube-api-server will communicate with etcd using 2380 port.
Does Kubernetes provide autoscaling of worker nodes?
No, autoscaling of nodes is not provided by Kubernetes. But autoscaling of pods is very much part of Kubernetes. While a lot of cloud providers do provide autoscaling of nodes.
Use of worker node components?
1) kubelet
Is Agent service that runs on each and every worker node.
It gathers information about health of the nodes and will send information to API server.
It is the entity which creates pods on nodes.
Api server will extract information from spec section in YAML file and will send it to kubelet.
Its the kubelet’s responsibility to download the image and creating the container and running the container and reporting any issues that happen as part of pod lifecycle. Entire lifecycle of pod is reposnsibilty of kubelet.
2) kube-proxy
In kubernetes when you want to expose the pod to other containers or external world. You can’t do it directly. For that we have to create a service resource which has an external IP or port mapping like in case of docker. Then when the service resource receives request, it has to be mapped back to the pod. This is exactly what the use of kube-proxy is. It does TCP and UDP packet forwarding and once service can have multiple pods underneath for high availability.
Service can also load balance between multiple pods.
3) Container engine
This is what will actually run your containers.
What does kubelet work on top of, or depend on?
Kubelet works on top of pod spec. It creates and manages the pods.
Kubernetes uses https encrypted traffic for internal communication. Which certificate will you use self signed or CA authority?
We must only use self signed certificate, when we want to use it for internal cluster.
What is kubeadm?
kubeadm helps you bootstrap a minimum viable Kubernetes cluster that conforms to best practices. With kubeadm, your cluster should pass Kubernetes Conformance tests. Kubeadm also supports other cluster lifecycle functions, such as upgrades, downgrade, and managing bootstrap tokens.
How kubeadm installs Kubernetes? How it treats master and workers?
kubeadm installs worker components kube-proxy and kubelet and docker on all the instances. kubeadm will install master components api-server, controller-manager as pods. So it requires kubelet which has the responsibility of creating the pods on the master node as well.