Mastering Kubernetes Architecture: Core Components, Networking, and Scaling

Overview

Kubernetes is an open‑source platform for automating container operations such as deployment, scheduling, and scaling across node clusters.

Key Functions

Automated container deployment and replication.

Real‑time elastic scaling of container workloads.

Container orchestration with built‑in load balancing.

Core Components

kubectl : Command‑line client, the entry point for interacting with the system.

kube‑apiserver : Exposes a REST API serving as the control entry.

kube‑controller‑manager : Executes background tasks like node status, pod counts, and service‑pod associations.

kube‑scheduler : Assigns newly created pods to appropriate nodes based on resource availability.

etcd : High‑availability, strongly consistent key‑value store for configuration sharing and service discovery.

kube‑proxy : Runs on each node to handle pod network proxying, periodically fetching service info from etcd.

kubelet : Node‑level agent that receives pod assignments, manages containers, and reports status to the apiserver.

DNS (optional) : Provides DNS records for each Service, enabling pods to resolve services via DNS.

Service Discovery Layers

Kubernetes supports two service discovery mechanisms:

Environment variables injected into pods at creation (limited by creation order).

Cluster DNS (e.g., KubeDNS) created via add‑on for dynamic service name resolution.

Pod Shared Resources

Pods share five resources among their containers:

PID namespace – shared process IDs.

Network namespace – shared IP address and port range.

IPC namespace – shared SystemV IPC or POSIX message queues.

UTS namespace – shared hostname.

Volumes – shared storage defined at the pod level.

CNI Plugins

Common Container Network Interface (CNI) plugins enable diverse networking models. Six widely used plugins are illustrated in the accompanying diagram.

Load Balancing Layers

Four‑layer (L4) load balancing uses IP + port, while seven‑layer (L7) load balancing relies on application‑level data such as URLs. Ingress, based on L7, provides a unified external entry point, often implemented with Nginx.

Isolation Dimensions

Kubernetes scheduling must consider isolation from coarse to fine granularity, spanning multiple layers of the infrastructure.

Network Model Principles

The network model follows four basic principles, three network requirements, one architectural principle, and one IP principle, ensuring each pod has a unique IP and that all pods reside in a flat, directly reachable network space.

IP Address Categories

IP addresses are classified into classes A‑E, plus special ranges such as 0.0.0.0, 127.0.0.1, multicast addresses, link‑local (169.254.x.x), and private address spaces (10.x.x.x, 172.16‑31.x.x, 192.168.x.x).

1.0.0.0-126.255.255.255   # Class A, default mask /8 (255.0.0.0)

128.0.0.0-191.255.255.255 # Class B, default mask /16 (255.255.0.0)

192.0.0.0-223.255.255.255 # Class C, default mask /24 (255.255.255.0)

224.0.0.0-239.255.255.255 # Class D, multicast

240.0.0.0-255.255.255.255 # Class E, research use

Original source: CSDN article