Components

Node and Pod

Node

Physical or virtual machine in the Kubernetes cluster
Hosts one or more pods

Pod

Smallest deployable unit in Kubernetes
Abstraction layer over a container (e.g., Docker)
- Allows Kubernetes to remain agnostic to container runtime
Pod Types:
- Single-container pod: Most common usage
- Multi-container pod: Used when helper or sidecar containers are required (e.g., logging agent)

Communication

Pods communicate using internal IPs provided by Kubernetes virtual network
IPs are assigned to pods, not containers

Ephemeral Nature

Pods are short-lived and can terminate due to:
- Application crash
- Resource exhaustion on node
When restarted:
- A new pod is created
- A new internal IP is assigned

Service

Purpose

Abstracts and stabilizes pod communication
Provides permanent virtual IPs and DNS names for accessing pods

Types of Services

Internal Service:
- Used for communication between internal components (e.g., app to database)
- Example: Database service within the cluster
External Service:
- Exposes application to external traffic
- Example: Making the app accessible via a browser

Use Case

Prevents the need to track changing pod IPs
Allows stable communication channels

Ingress

Purpose

Manages external access to services via HTTP/HTTPS
Enables:
- Custom domain names
- Secure protocol (HTTPS)
Routes requests to the appropriate service

Example

Without Ingress: http://<Node-IP>:<Port>
With Ingress: https://myapp.mydomain.com

ConfigMap

Purpose

Externalizes non-sensitive application configuration
Avoids hardcoding values inside container images

Use Case

Useful for storing:
- Service URLs
- Feature flags
- Environment-specific values

Benefits

Simplifies deployment updates
No need to rebuild and redeploy container images for configuration changes

Example

Change database service name in ConfigMap instead of rebuilding the app image

Secret

Purpose

Similar to ConfigMap, but for sensitive data
Stores data in Base64 encoded format (not plain text)

Use Case

Used for:
- Passwords
- TLS certificates
- API keys

Integration

Connected to pods via:
- Environment variables
- Mounted volumes as files

Best Practices

Do not store secrets in ConfigMap
Keep credentials separate and secured

Volumes

Purpose

Provides persistent storage for data generated/used by pods

Problem Without Volumes

Pod restart would lead to data loss since pods are ephemeral

Volume Types

Local Volumes:
- Stored on the same node as the pod
Remote/External Volumes:
- Cloud-based or on-premises
- Not managed by Kubernetes, but mounted into pods

Use Case

Persisting:
- Database data
- Application logs

Key Considerations

Kubernetes does not handle:
- Data backup
- Replication
- Storage hardware management
User/admin is responsible for managing data persistence and integrity

Analogy

Think of volumes as external hard drives plugged into the Kubernetes cluster

NextArchitecture

Last updated 28 days ago

Components

Node and Pod

Node

Physical or virtual machine in the Kubernetes cluster
Hosts one or more pods

Pod

Smallest deployable unit in Kubernetes
Abstraction layer over a container (e.g., Docker)
- Allows Kubernetes to remain agnostic to container runtime
Pod Types:
- Single-container pod: Most common usage
- Multi-container pod: Used when helper or sidecar containers are required (e.g., logging agent)

Communication

Pods communicate using internal IPs provided by Kubernetes virtual network
IPs are assigned to pods, not containers

Ephemeral Nature

Pods are short-lived and can terminate due to:
- Application crash
- Resource exhaustion on node
When restarted:
- A new pod is created
- A new internal IP is assigned

Service

Purpose

Abstracts and stabilizes pod communication
Provides permanent virtual IPs and DNS names for accessing pods

Types of Services

Internal Service:
- Used for communication between internal components (e.g., app to database)
- Example: Database service within the cluster
External Service:
- Exposes application to external traffic
- Example: Making the app accessible via a browser

Use Case

Prevents the need to track changing pod IPs
Allows stable communication channels

Ingress

Purpose

Manages external access to services via HTTP/HTTPS
Enables:
- Custom domain names
- Secure protocol (HTTPS)
Routes requests to the appropriate service

Example

Without Ingress: http://<Node-IP>:<Port>
With Ingress: https://myapp.mydomain.com

ConfigMap

Purpose

Externalizes non-sensitive application configuration
Avoids hardcoding values inside container images

Use Case

Useful for storing:
- Service URLs
- Feature flags
- Environment-specific values

Benefits

Simplifies deployment updates
No need to rebuild and redeploy container images for configuration changes

Example

Change database service name in ConfigMap instead of rebuilding the app image

Secret

Purpose

Similar to ConfigMap, but for sensitive data
Stores data in Base64 encoded format (not plain text)

Use Case

Used for:
- Passwords
- TLS certificates
- API keys

Integration

Connected to pods via:
- Environment variables
- Mounted volumes as files

Best Practices

Do not store secrets in ConfigMap
Keep credentials separate and secured

Volumes

Purpose

Provides persistent storage for data generated/used by pods

Problem Without Volumes

Pod restart would lead to data loss since pods are ephemeral

Volume Types

Local Volumes:
- Stored on the same node as the pod
Remote/External Volumes:
- Cloud-based or on-premises
- Not managed by Kubernetes, but mounted into pods

Use Case

Persisting:
- Database data
- Application logs

Key Considerations

Kubernetes does not handle:
- Data backup
- Replication
- Storage hardware management
User/admin is responsible for managing data persistence and integrity

Analogy

Think of volumes as external hard drives plugged into the Kubernetes cluster

NextArchitecture

Last updated 28 days ago