#kubernetes # Architecture ![[Image-03-11-2024.gif]] ## Control Plane The control plane is responsible for maintaining the desired state of the cluster. It is also responsible for node/pod lifecycle management and exposing the cluster API. It has the following key components: 1. kube-apiserver 2. etcd 3. kube-scheduler 4. kube-controller-manager 5. cloud-controller-manager ## Worker Nodes The worker nodes are responsible for running containerized applications. The worker node has the following components: 1. kubelet 2. kube-proxy 3. Container runtime (CRI-O, Docker Engine, Containerd, etc.) > **Important Note:** These components run on the control plane node as well. ## Add-on Components Additionally, there are add-on components we include in the cluster to extend its functionality and make the cluster fully functional for application deployments. Here are some common add-ons commonly used in Kubernetes Clusters 1. Web UI 2. CoreDNS 3. Metrics Server 4. CNI Plugins (Container Network Interface) Given that Kubernetes operates in a distributed environment, Kubernetes ensures this by using **mutual TLS** (mTLS) certificates for authentication, which not only encrypts the communication but also ensures that all components can securely authenticate each other. [source](https://blog.techiescamp.com/)