Below given is detail on this
1. Container Runtime (e.g., containerd, CRI-O, Docker in older setups)
• Actually runs the containers inside Pods.
• Pulls images, starts/stops containers, manages container lifecycle.
2. Kubelet
• The primary Kubernetes agent running on each Node.
• Talks to the API Server to get Pod specs.
• Ensures that the described containers (via Pod specs) are running in the Container Runtime.
• Collects resource usage stats and reports back to the control plane.
• Handles liveness & readiness probes.
3. Kube-proxy
• Handles Service networking on each Node.
• Implements iptables / IPVS rules so traffic to a Service IP gets forwarded to the right Pod.
• Provides basic L4 load balancing.
• Does “intelligent routing” → e.g., if a Pod needs to connect to a DB Service, kube-proxy tries to send traffic to a Pod of the DB that may be local (same node), reducing cross-node networking overhead.
⸻
🔹 Elaborated View
• When the API Server assigns a Pod to a Node:
• The Kubelet gets the PodSpec.
• Kubelet tells the Container Runtime to pull the image and run the container.
• Kube-proxy ensures that when traffic comes to a Service, it gets routed to the Pod correctly, even if it is across Nodes.
• This triad ensures Pods run, stay healthy, and can communicate seamlessly.
⸻
🔹 Communication Flow (Sequence Diagram)
Paste this in Mermaid Live Editor:
sequenceDiagram
participant APIServer as Kubernetes API Server (Control Plane)
participant Kubelet as Kubelet (Node Agent)
participant CR as Container Runtime (containerd / CRI-O)
participant KubeProxy as Kube-proxy (Service Routing)
participant Pod as Pod/Container (App + DB)
APIServer->>Kubelet: Assign PodSpec (App Pod needs to run)
Kubelet->>CR: Pull image & start container
CR->>Kubelet: Container started successfully
Kubelet->>APIServer: Pod status updated (Running)
Note over Kubelet,CR: Kubelet ensures Pod lifecycle <br> (start, monitor, restart if needed)
Pod->>KubeProxy: Request DB Service
KubeProxy->>Pod: Routes to local DB Pod if available
KubeProxy->>OtherNode: Or forwards traffic to DB Pod on another node
OtherNode-->>Pod: Response from DB
Note over KubeProxy,Pod: Kube-proxy provides L4 load balancing <br> and Service-to-Pod resolution
⸻
✅ Summary:
• Kubelet = makes sure containers match what’s declared in API server.
• Container Runtime = actually runs the containers.
• Kube-proxy = makes sure services → pods traffic is routed correctly across nodes, while trying to optimize locality.
⸻
No comments:
Post a Comment