Kubernetes Architecture
Separate control-plane decisions from node execution.
Think of Kubernetes in two layers: the control plane (decisions) and the nodes (execution).
Control plane
- API Server: the single entry point
- etcd: stores cluster state
- Scheduler: picks the target node
- Controller Manager: keeps desired state true
Node components
- kubelet: runs Pod lifecycle
- Container runtime: containerd or CRI-O
- kube-proxy: service forwarding rules
- CNI/CSI: networking and storage plugins
Simple mental map
kubectl -> apiserver -> etcd
|-> scheduler
|-> controllers
nodes: kubelet + runtime + kube-proxy
Once you know these parts, you can tell whether a failure lives in the control plane or on a node.
Practical notes
- Start with a quick inventory:
kubectl get nodes,kubectl get pods -A, andkubectl get events -A. - Compare desired vs. observed state;
kubectl describeusually explains drift or failed controllers. - Keep names, labels, and selectors consistent so Services and controllers can find Pods.
Quick checklist
- The resource matches the intent you described in YAML.
- Namespaces, RBAC, and images are correct for the target environment.
- Health checks and logs are in place before promotion.