• Home
  • LLMs
  • Docker
  • Kubernetes
  • Java
  • All
  • About
Kubernetes | Kubernetes Cluster
  1. Notes
  2. Kubernetes Nodes
  3. Kubernetes DNS Service
  4. Kubernetes Proxy: kube proxy

  1. Notes
    See these pages for more details about Kubernetes:
    https://kubernetes.io/docs/concepts/overview/components/
    https://kubernetes.io/docs/concepts/cluster-administration/
    https://kubernetes.io/docs/concepts/cluster-administration/proxies/
    https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/
    https://kubernetes.io/docs/tasks/debug/debug-cluster/

    To install Kubernetes using Docker Desktop (Windows - WSL 2): Install Docker Desktop (WSL 2) and Enable Kubernetes

    Amazon Elastic Kubernetes Service (EKS): https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html

    Microsoft Azure Kubernetes Service (AKS): https://learn.microsoft.com/en-us/azure/aks/

    Google Kubernetes Engine (GKE): https://cloud.google.com/kubernetes-engine/docs
  2. Kubernetes Nodes
    To List the nodes of the cluster:
    $ kubectl get nodes -o wide
    NAME             STATUS   ROLES           AGE   VERSION   INTERNAL-IP    EXTERNAL-IP   OS-IMAGE         KERNEL-VERSION                       CONTAINER-RUNTIME
    docker-desktop   Ready    control-plane   9h    v1.32.2   192.168.65.3   <none>        Docker Desktop   5.15.167.4-microsoft-standard-WSL2   docker://28.0.4
    Depending on your installation you might see at least one node with the role "master" (the control plane: kube-apiserver, etcd) and eventually a list of worker nodes (where the containers are scheduled).

    To get information about a node:
    $ kubectl get nodes docker-desktop -o yaml
    apiVersion: v1
    kind: Node
    metadata:
      annotations:
        kubeadm.alpha.kubernetes.io/cri-socket: unix:///var/run/cri-dockerd.sock
      labels:
        beta.kubernetes.io/arch: amd64
        beta.kubernetes.io/os: linux
        kubernetes.io/arch: amd64
        kubernetes.io/hostname: docker-desktop
        kubernetes.io/os: linux
      name: docker-desktop
    spec: {}
    ...
    To describe a node:
    $ kubectl describe nodes docker-desktop
    Name:               docker-desktop
    Roles:              control-plane
    Labels:             beta.kubernetes.io/arch=amd64
                        beta.kubernetes.io/os=linux
                        kubernetes.io/arch=amd64
                        kubernetes.io/hostname=docker-desktop
                        kubernetes.io/os=linux
    Annotations:        kubeadm.alpha.kubernetes.io/cri-socket: unix:///var/run/cri-dockerd.sock
    ...
    The commands above show information about the node (hostname, processor, OS, ...), its capacity (CPU, memory, ...), the Pods running on it (their names, CPU/Memory requests and limits), the total allocated resources (CPU/Memory requests and limits), the conditions of the pressure on the disk and the memory, and the version of some system components is also printed (Linux Kernel, Container Runtime, Kubelet, ...).

    To show the resources usage in the cluster:
    $ kubectl top nodes
    NAME             CPU(cores)   CPU(%)   MEMORY(bytes)   MEMORY(%)
    docker-desktop   188m         0%       3880Mi          12%
    If the metric server is not installed, you will get this error: "error: Metrics API not available".
    For more details see: Kubernetes Metrics Server

    To show the resources usage by the pods:
    $ kubectl top pods
    NAME          CPU(cores)   MEMORY(bytes)
    hello-nginx   0m           21Mi
    To print the events in the cluster:
    $ kubectl get events
    LAST SEEN   TYPE      REASON      OBJECT              MESSAGE
    1m          Normal    Pulling     pod/hello-busybox   Pulling image "busybox:latest"
    ...
  3. Kubernetes DNS Service
    If you have installed Docker Desktop, you will see that Kubernetes is using CoreDNS DNS server.

    The DNS server is used as the internal Kubernetes DNS service (cluster DNS) that provides naming and discovery for all Kubernetes Services that are created in the cluster.

    The CoreDNS is running as a Kubernetes Deployment (replicas of Pods) and has a Service (acts as a load balancer for the DNS server).

    The CoreDNS server components run in the "kube-system" namespace (can be filtered with the label "k8s-app=kube-dns").

    To see the CoreDNS Deployment:
    $ kubectl get deployments -n kube-system -l k8s-app=kube-dns -o wide
    NAME      READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS   IMAGES                                    SELECTOR
    coredns   2/2     2            2           9h    coredns      registry.k8s.io/coredns/coredns:v1.11.3   k8s-app=kube-dns
    To see the CoreDNS Pods:
    $ kubectl get pods -n kube-system -l k8s-app=kube-dns -o wide
    NAME                       READY   STATUS    RESTARTS   AGE   IP          NODE             NOMINATED NODE   READINESS GATES
    coredns-668d6bf9bc-mjgnv   1/1     Running   0          9h    10.1.0.26   docker-desktop   <none>           <none>
    coredns-668d6bf9bc-mrs79   1/1     Running   0          9h    10.1.0.27   docker-desktop   <none>           <none>
    To see the CoreDNS Service (kube-dns):
    $ kubectl get services -n kube-system -l k8s-app=kube-dns -o wide
    NAME       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE   SELECTOR
    kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   9h    k8s-app=kube-dns
    Let's install dnsutils utility to help debuging the DNS name resolution for services:
    $ kubectl apply -f https://k8s.io/examples/admin/dns/dnsutils.yaml
    pod/dnsutils created
    Check that Pod was created properly:
    $ kubectl get pod dnsutils
    NAME       READY   STATUS    RESTARTS   AGE
    dnsutils   1/1     Running   0          56s
    First let's validate that the DNS resolution is working correctly.
    The nslookup command can be used to resolve the "kubernetes" Service of the API Server (you should get something like the following):
    $ kubectl exec -i -t dnsutils -- nslookup kubernetes
    Server:  10.96.0.10 <- The IP address of the Kubernetes DNS
    Address: 10.96.0.10#53
    
    Name:    kubernetes.default.svc.cluster.local <- The FQDN of the "kubernetes" Service
    Address: 10.96.0.1 <- The clusterIP of the "kubernetes" Service
    Let's check the "/etc/resolv.conf" file (the search path and name server should look like the following):
    $ kubectl exec dnsutils -- cat /etc/resolv.conf
    nameserver 10.96.0.10 <- Kubernetes DNS IP address (kube-dns Service ClusterIP)
    search default.svc.cluster.local svc.cluster.local cluster.local <- Kubernetes DNS search domains
    options ndots:5
    The "nameserver" (DNS IP address) and "search" (DNS search domains) are saved in the "/etc/resolv.conf" file of all containers.
  4. Kubernetes Proxy: kube proxy
    kube-proxy is a network proxy that runs on each node in the Kubernetes cluster. It routes network traffic (from inside or outside of the Kubernetes cluster) to Pods of load-balanced services.

    The CoreDNS is running as a Kubernetes DaemonSet in the "kube-system" namespace (can be filtered with the label "k8s-app=kube-proxy").

    To see the "kube proxy" DaemonSet and its Pod:
    $ kubectl get all -n kube-system -l k8s-app=kube-proxy -o wide
    NAME                   READY   STATUS    RESTARTS   AGE   IP             NODE             NOMINATED NODE   READINESS GATES
    pod/kube-proxy-4xt54   1/1     Running   0          10h   192.168.65.3   docker-desktop   <none>           <none>
    
    NAME                        DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE   CONTAINERS   IMAGES                               SELECTOR
    daemonset.apps/kube-proxy   1         1         1       1            1           kubernetes.io/os=linux   10h   kube-proxy   registry.k8s.io/kube-proxy:v1.32.2   k8s-app=kube-proxy
© 2025  mtitek