Understanding Kubernetes

  1. ETCD: strongly consistent, distributed key-value store that provides a reliable way to store data that needs to be accessed by a distributed system or cluster of machines.
  2. API Server: User interaction via rest, UI or CLI (kubectl)
  3. Scheduler: Handling resource management for pod assignment to worker nodes while complying with resource restrictions and constraints.
  1. Kubelet: Control Plane agent
  2. Container Runtime: Scheduling Pod containers
  3. Kube Proxy: Networking proxy for within cluster
  1. init-container: Runs before main container usually does setup for main container
  2. main container: Application process running in the container
  3. sidecar: Runs side-by-side to main container loosely coupled
  1. ServiceAccount: Provides an identity for all the processes that are running in a Pod.
  2. ClusterRole/Role: Contains rules that represent a set of permissions Has to be associated with a ServiceAccount via a ClusterRoleBinding/RoleBinding to take effect. Namespaced and cluster-wide as per the name.
  3. ClusterRoleBinding/RoleBinding — grants the permissions defined in a ClusterRole/Role to the holder of a given ServiceAccount. Namespaced and cluster-wide as per name



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Victor Leung

Victor Leung


I’m a keen traveler to see every country in the world, passionate about cutting edge technologies.