Sign In

Curriculum 1: What is Kubectl?

The Control Plane

15 min · 15 XP

The Kubernetes Control Plane

The control plane is the brain of your Kubernetes cluster. Understanding its components helps you make sense of what happens when you run kubectl commands.

Overview

The control plane is a collection of processes that manage the cluster's state. When you run kubectl apply -f deployment.yaml, the control plane receives your request, stores it, and works to make reality match your desired configuration.

The control plane typically runs on dedicated nodes called control plane nodes (previously called master nodes).

API Server (kube-apiserver)

The API server is the front door to the entire cluster. Every interaction with Kubernetes goes through it -- including every kubectl command you run.

# This command talks directly to the API server
kubectl get nodes

The API server:

  • Validates and processes all REST requests
  • Serves as the central communication hub
  • Authenticates and authorizes every request
  • Is the only component that talks directly to etcd

If the API server is down, nothing else works. No kubectl commands, no scheduling, no updates.

etcd

etcd is the cluster's database. It is a distributed key-value store that holds the entire state of your cluster: every Pod definition, every Service, every ConfigMap, every Secret.

Key facts about etcd:

  • It is the single source of truth for the cluster
  • Only the API server reads and writes to it directly
  • It uses the Raft consensus algorithm for reliability
  • Backing up etcd means backing up your entire cluster state

Scheduler (kube-scheduler)

The scheduler decides where to run new Pods. When you create a Deployment, the scheduler looks at:

  • Available resources on each node (CPU, memory)
  • Affinity and anti-affinity rules
  • Taints and tolerations
  • Resource requests and limits
# See which node a pod was scheduled to
kubectl get pod my-pod -o wide

The scheduler assigns Pods to nodes, but it does not run them. That is the job of the kubelet on each node.

Controller Manager (kube-controller-manager)

The controller manager runs a set of controllers that watch the cluster state and work to match reality to your desired configuration. Key controllers include:

  • ReplicaSet controller -- ensures the right number of Pod replicas are running
  • Deployment controller -- manages rollouts and rollbacks
  • Node controller -- monitors node health
  • Job controller -- manages batch workloads

This is the component that detects "you asked for 3 replicas but only 2 are running" and creates the missing Pod.

How They Work Together

Here is what happens when you run kubectl create deployment nginx --image=nginx:

  1. kubectl sends the request to the API server
  2. The API server validates it and stores the Deployment in etcd
  3. The Deployment controller notices the new Deployment and creates a ReplicaSet
  4. The ReplicaSet controller notices it needs to create Pods
  5. The scheduler assigns each Pod to a node
  6. The kubelet on each node pulls the image and starts the container

Key Takeaways

  • The API server is the single entry point for all cluster operations
  • etcd stores all cluster state and is critical to back up
  • The scheduler decides which node runs each Pod
  • Controllers continuously reconcile desired state with actual state
  • These components work together in a loop to keep your cluster healthy