Mastering Kubernetes: Core Architecture and Principles Explained

Kubernetes (K8S) is an open‑source container orchestration platform that automates deployment, scaling, and management of applications.

Originally developed by Google and later donated to the CNCF, it has become the de‑facto standard in the cloud‑native ecosystem.

Architecture

K8S adopts a master‑node (control‑plane/worker) architecture.

The Master node (Control Plane) acts as the "brain" of the cluster, handling management and scheduling. The Node (Worker) runs the actual containerized workloads, acting as the "hands and feet".

Core Components

1. API Server – the central front‑end that all internal and external components (e.g., kubectl, kubelet) must contact to interact with the cluster. It provides a RESTful API, handles authentication, authorization, admission control, and notifies other components of state changes.

2. Scheduler – decides on which Node each Pod should run by filtering, scoring, and binding.

3. Controller Manager – runs various control loops (e.g., node controller, replication controller, endpoint controller). For example, the Deployment Controller ensures the desired number of Pod replicas are always maintained.

4. etcd – a distributed consistent key‑value store that persists the cluster state (all API objects) using the Raft consensus algorithm.

5. kubelet – the primary agent on each Node that communicates with the API Server, receives Pod specifications, and ensures the containers run and stay healthy.

6. kube‑proxy – a network proxy that manages network rules on each Node, routing Service requests to the appropriate backend Pods and providing load balancing.

7. Container Runtime – the engine that actually runs containers (e.g., Docker, containerd, CRI‑O). Kubelet relies on it to create, start, and stop containers.

Workflow

Users submit application configurations via kubectl or directly to the API Server.

The Master components (Scheduler, Controller Manager) make scheduling decisions and store the desired state in etcd.

Kubelet on the Worker Nodes executes the tasks, starts Pods, and reports status back to the API Server.

Kube‑proxy handles service discovery and load balancing, ensuring Pods are reachable.