Welcome to part five in our deep dive into Kubernetes. If you’ve been following the series, this is where we unravel the brain and muscle of a Kubernetes cluster — the control plane and worker nodes — and explain how everything fits together.
Whether you’re a hands-on DevOps engineer or just getting into Kubernetes, this breakdown will help clarify the “why” and “how” behind Kubernetes orchestration.
🧠 The Big Picture Link to heading
Kubernetes architecture can be distilled into two main layers:
- Control Plane (Master Node) — Orchestrates everything.
- Worker Node — Executes workloads (pods/containers).
Each of these runs as a node — typically a virtual or physical machine — with its own role in cluster operations.
🧰 Quick Primer Link to heading
Before diving in:
Pods are the smallest deployable unit in Kubernetes.
A pod can run one or multiple tightly coupled containers.
Also, we use kubectl, the Kubernetes CLI, to interact with clusters.
🎛️ Control Plane Components Link to heading
The control plane is like the brain of the Kubernetes cluster — it manages the state, decisions, and coordination of workloads. Think of it as the conductor of the orchestration symphony.
Here’s what makes it tick:
1. API Server Link to heading
- The entry point to your cluster.
- Receives and processes all requests (
kubectl, CI/CD, controllers). - Authenticates, validates, and forwards instructions.
- Talks directly to
etcd(no one else does).
2. Scheduler Link to heading
- Watches for unscheduled pods.
- Matches pods to appropriate nodes based on CPU, memory, affinity/anti-affinity, etc.
- Think of it as the placement brain.
3. Controller Manager Link to heading
- Runs a set of background controllers (e.g., NodeController, ReplicationController).
- Watches cluster state and tries to reconcile it with the desired state.
- For example: if a pod dies, this is what makes sure it gets recreated.
4. etcd Link to heading
- A highly available key-value store.
- Stores all cluster state, config, secrets, node info, etc.
- Only the API server talks to etcd.
⚙️ Worker Node Components Link to heading
Worker nodes are where the actual container magic happens — pods run here, do the work, and scale up/down based on what the control plane tells them.
1. Pods Link to heading
- Wrap one or more containers.
- Containers inside a pod share the same network namespace and storage volumes.
- Smallest deployable unit in Kubernetes.
2. Kubelet Link to heading
- The agent on each worker node.
- Talks to the API server.
- Enforces pod specs: creates, starts, monitors, and removes pods.
- Reports back status to the control plane.
3. Kube-proxy Link to heading
- Handles networking and service routing inside the node.
- Maintains iptables/ipvs rules so that pods can communicate across nodes.
- Ensures load balancing for services.
🔁 How It All Interacts (Request Lifecycle) Link to heading
Let’s trace what happens when an admin uses kubectl to create a pod:
- Request goes to the API server.
- API server authenticates and validates the request.
- If it’s a pod creation:
- API server writes the pod spec to
etcd.
- API server writes the pod spec to
- The Scheduler sees a pending pod, selects a suitable node, and tells the API server.
- API server forwards this to the Kubelet on the selected worker node.
- Kubelet creates the pod, then confirms back to API server.
- API server updates
etcd, and responds to the user with success. - For read requests (e.g.,
kubectl get pods), the API server simply queriesetcdand returns the data.
🧩 Final Thoughts Link to heading
This is the bare minimum you need to grok Kubernetes architecture. Over time, as you work with deployments, config maps, ingress, and autoscalers, this understanding will form your foundation.
Kubernetes can seem complex, but at its core, it’s a well-oiled machine of loosely coupled components that talk via clear APIs.
Thanks for reading — in the next post, we’ll start exploring advanced topics like Controllers, ReplicaSets, and Deployments in more detail.
Stay sharp and keep shipping 🚀