Why does Kubernetes Control Plane have multiple options for communicating with a cluster?

svaraksin · May 9, 2023, 4:18pm

Hi team!

I really want to understand the idea of such a division. The documentation says that we have a few options of communication between CPlane and cluster:

API server to nodes, pods, and services
SSH tunnels
Konnectivity service

Documentation: Communication between Nodes and the Control Plane | Kubernetes

But I don’t quite understand what purpose these options serve?
In my head, I thought that we have an API-server in the control plane and a kubelet on the nodes and that all communication takes place between them over HTTPS.
But, I can assume that in order to connect nodes located in different subnets. But I can be wrong.

I would be grateful for a detailed answer.
Thanks in advance.

thockin · May 9, 2023, 4:34pm

Some installations put control-plane on totally isolated machines (e.g. a different VPC). Some put it on the same VPC. Some run as pods in a shared control-plane cluster.

Making this an API which can be implemented in multiple ways means that there is freedom to figure out what works best for each given case. If it were simpler - if the communication was always one-direction, client->control-plane - it might be easier, but APIs like logs require the opposite.

Topic		Replies	Views
Newbie setup General Discussions	0	466	May 6, 2020
Control Planes in microk8s microk8s loadbalancer	2	2330	September 20, 2023
Kubernetes.io Docs: Requesting clarification General Discussions	0	422	October 23, 2019
Security Impact of Kubernetes API server external IP address proxying Announcements security	1	3882	January 4, 2019
Kubernetes serivce: NodePort and ClusterIP in the same service definition General Discussions development	2	703	September 12, 2018

Why does Kubernetes Control Plane have multiple options for communicating with a cluster?

Related Topics