Kubernetes | Kubernetes Cluster
  1. Notes
  2. Kubernetes Nodes
  3. Kubernetes DNS Service
  4. Kubernetes Proxy: kube proxy
  1. Notes
    See these pages for more details about Kubernetes:
    https://kubernetes.io/docs/concepts/overview/components/
    https://kubernetes.io/docs/concepts/cluster-administration/
    https://kubernetes.io/docs/concepts/cluster-administration/proxies/
    https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/
    https://kubernetes.io/docs/tasks/debug/debug-cluster/

    To install Kubernetes using Docker Desktop (Windows - WSL 2): Install Docker Desktop (WSL 2) and Enable Kubernetes

    Amazon Elastic Kubernetes Service (EKS): https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html

    Microsoft Azure Kubernetes Service (AKS): https://learn.microsoft.com/en-us/azure/aks/

    Google Kubernetes Engine (GKE): https://cloud.google.com/kubernetes-engine/docs
  2. Kubernetes Nodes
    To List the nodes of the cluster:
    $ kubectl get nodes -o wide
    NAME             STATUS   ROLES           AGE   VERSION   INTERNAL-IP    EXTERNAL-IP   OS-IMAGE         KERNEL-VERSION                       CONTAINER-RUNTIME
docker-desktop   Ready    control-plane   9h    v1.32.2   192.168.65.3   <none>        Docker Desktop   5.15.167.4-microsoft-standard-WSL2   docker://28.0.4
    Depending on your installation you might see at least one node with the role "master" (the control plane: kube-apiserver, etcd) and eventually a list of worker nodes (where the containers are scheduled).

    To get information about a node:
    $ kubectl get nodes docker-desktop -o yaml
    apiVersion: v1
kind: Node
metadata:
  annotations:
    kubeadm.alpha.kubernetes.io/cri-socket: unix:///var/run/cri-dockerd.sock
  labels:
    beta.kubernetes.io/arch: amd64
    beta.kubernetes.io/os: linux
    kubernetes.io/arch: amd64
    kubernetes.io/hostname: docker-desktop
    kubernetes.io/os: linux
  name: docker-desktop
spec: {}
...
    To describe a node:
    $ kubectl describe nodes docker-desktop
    Name:               docker-desktop
Roles:              control-plane
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=docker-desktop
                    kubernetes.io/os=linux
Annotations:        kubeadm.alpha.kubernetes.io/cri-socket: unix:///var/run/cri-dockerd.sock
...
    The commands above show information about the node (hostname, processor, OS, ...), its capacity (CPU, memory, ...), the Pods running on it (their names, CPU/Memory requests and limits), the total allocated resources (CPU/Memory requests and limits), the conditions of the pressure on the disk and the memory, and the version of some system components is also printed (Linux Kernel, Container Runtime, Kubelet, ...).

    To show the resources usage in the cluster:
    $ kubectl top nodes
    NAME             CPU(cores)   CPU(%)   MEMORY(bytes)   MEMORY(%)
docker-desktop   188m         0%       3880Mi          12%
    If the metric server is not installed, you will get this error: "error: Metrics API not available".
    For more details see: Kubernetes Metrics Server

    To show the resources usage by the pods:
    $ kubectl top pods
    NAME          CPU(cores)   MEMORY(bytes)
hello-nginx   0m           21Mi
    To print the events in the cluster:
    $ kubectl get events
    LAST SEEN   TYPE      REASON      OBJECT              MESSAGE
1m          Normal    Pulling     pod/hello-busybox   Pulling image "busybox:latest"
...
  3. Kubernetes DNS Service
    If you have installed Docker Desktop, you will see that Kubernetes is using CoreDNS DNS server.

    The DNS server is used as the internal Kubernetes DNS service (cluster DNS) that provides naming and discovery for all Kubernetes Services that are created in the cluster.

    The CoreDNS is running as a Kubernetes Deployment (replicas of Pods) and has a Service (acts as a load balancer for the DNS server).

    The CoreDNS server components run in the "kube-system" namespace (can be filtered with the label "k8s-app=kube-dns").

    To see the CoreDNS Deployment:
    $ kubectl get deployments -n kube-system -l k8s-app=kube-dns -o wide
    NAME      READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS   IMAGES                                    SELECTOR
coredns   2/2     2            2           9h    coredns      registry.k8s.io/coredns/coredns:v1.11.3   k8s-app=kube-dns
    To see the CoreDNS Pods:
    $ kubectl get pods -n kube-system -l k8s-app=kube-dns -o wide
    NAME                       READY   STATUS    RESTARTS   AGE   IP          NODE             NOMINATED NODE   READINESS GATES
coredns-668d6bf9bc-mjgnv   1/1     Running   0          9h    10.1.0.26   docker-desktop   <none>           <none>
coredns-668d6bf9bc-mrs79   1/1     Running   0          9h    10.1.0.27   docker-desktop   <none>           <none>
    To see the CoreDNS Service (kube-dns):
    $ kubectl get services -n kube-system -l k8s-app=kube-dns -o wide
    NAME       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE   SELECTOR
kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   9h    k8s-app=kube-dns
    Let's install dnsutils utility to help debuging the DNS name resolution for services:
    $ kubectl apply -f https://k8s.io/examples/admin/dns/dnsutils.yaml
    pod/dnsutils created
    Check that Pod was created properly:
    $ kubectl get pod dnsutils
    NAME       READY   STATUS    RESTARTS   AGE
dnsutils   1/1     Running   0          56s
    First let's validate that the DNS resolution is working correctly.
    The nslookup command can be used to resolve the "kubernetes" Service of the API Server (you should get something like the following):
    $ kubectl exec -i -t dnsutils -- nslookup kubernetes
    Server:  10.96.0.10 <- The IP address of the Kubernetes DNS
Address: 10.96.0.10#53

Name:    kubernetes.default.svc.cluster.local <- The FQDN of the "kubernetes" Service
Address: 10.96.0.1 <- The clusterIP of the "kubernetes" Service
    Let's check the "/etc/resolv.conf" file (the search path and name server should look like the following):
    $ kubectl exec dnsutils -- cat /etc/resolv.conf
    nameserver 10.96.0.10 <- Kubernetes DNS IP address (kube-dns Service ClusterIP)
search default.svc.cluster.local svc.cluster.local cluster.local <- Kubernetes DNS search domains
options ndots:5
    The "nameserver" (DNS IP address) and "search" (DNS search domains) are saved in the "/etc/resolv.conf" file of all containers.
  4. Kubernetes Proxy: kube proxy
    kube-proxy is a network proxy that runs on each node in the Kubernetes cluster. It routes network traffic (from inside or outside of the Kubernetes cluster) to Pods of load-balanced services.

    The CoreDNS is running as a Kubernetes DaemonSet in the "kube-system" namespace (can be filtered with the label "k8s-app=kube-proxy").

    To see the "kube proxy" DaemonSet and its Pod:
    $ kubectl get all -n kube-system -l k8s-app=kube-proxy -o wide
    NAME                   READY   STATUS    RESTARTS   AGE   IP             NODE             NOMINATED NODE   READINESS GATES
pod/kube-proxy-4xt54   1/1     Running   0          10h   192.168.65.3   docker-desktop   <none>           <none>

NAME                        DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE   CONTAINERS   IMAGES                               SELECTOR
daemonset.apps/kube-proxy   1         1         1       1            1           kubernetes.io/os=linux   10h   kube-proxy   registry.k8s.io/kube-proxy:v1.32.2   k8s-app=kube-proxy
© 2025  mtitek