KubeBlocks
BlogsEnterprise
⌘K
​
Blogs
Overview
Quickstart
Architecture

Topologies

Milvus Standalone Cluster
Milvus Cluster

Operations

Lifecycle Management
Vertical Scaling
Horizontal Scaling
Manage Milvus Services
Decommission Milvus Replica

Monitoring

Observability for Milvus Clusters

tpl

  1. Standalone Architecture
    1. Resource Hierarchy
    2. Containers
    3. Limitations
    4. Traffic Routing
  2. Distributed Architecture
    1. Resource Hierarchy
    2. Component Roles
    3. Containers (per Milvus role pod)
    4. High Availability
    5. MixCoord Recovery
    6. Traffic Routing
  3. System Accounts

Milvus Architecture in KubeBlocks

KubeBlocks supports two distinct Milvus deployment architectures:

ArchitectureComponentsUse Case
StandaloneSingle all-in-one Milvus pod + etcd + MinIODevelopment, testing, small vector datasets
DistributedProxy + MixCoord + DataNode + IndexNode + QueryNode + etcd + Pulsar/Kafka + MinIOProduction workloads requiring HA and horizontal scale

Standalone Architecture

Milvus Standalone runs all coordinator and worker roles as goroutines inside a single milvus process. There is no inter-pod communication within the Milvus layer — all work happens in memory within one pod. External storage (etcd and MinIO) is still managed as separate KubeBlocks Components.

Application / Client
Milvus SDK (Python / Go / Java / Node) · gRPC or REST
Connect to {cluster}-milvus:19530
gRPC :19530 / metrics :9091
{cluster}-milvus
ClusterIP · :19530 (gRPC) · :9091 (metrics/health)
selector: all standalone pods
ClusterIP
milvus-standalone-0All-in-One
Container
milvus:19530 (gRPC) · :9091 (metrics)
All coordinator + worker roles run as goroutines within the single milvus process
Embedded Roles
RootCoord
QueryCoord
DataCoord
IndexCoord
QueryNode
DataNode
IndexNode
Proxy
PVC data-0 · local segment cache · 20Gi
metadata + object storage I/O
etcd-0
metadata · collection schemas · segment info
etcd:2379
PVC · 10Gi
minio-0
object storage · vectors · indexes · WAL
minio:9000
PVC · 20Gi
Standalone topologyall roles in one process · ideal for development and single-node deployments
Milvus (all-in-one)
Storage Components (etcd / MinIO)
Persistent Storage

Resource Hierarchy

Cluster  →  Component (etcd)    →  InstanceSet  →  Pod × 1
         →  Component (minio)   →  InstanceSet  →  Pod × 1
         →  Component (milvus)  →  InstanceSet  →  Pod × 1

KubeBlocks provisions the components in order: etcd and minio first (in parallel), then milvus (which reads the etcd and minio endpoints on startup).

Containers

ComponentContainerPortPurpose
milvusmilvus19530 (gRPC), 9091 (metrics/health)All-in-one Milvus process — embeds RootCoord, QueryCoord, DataCoord, IndexCoord, QueryNode, DataNode, IndexNode, and Proxy
etcdetcd2379Metadata storage — collection schemas, segment info, index descriptions
miniominio9000Object storage — vector data, indexes, write-ahead logs

Limitations

Standalone is not highly available:

  • The single milvus pod is a single point of failure
  • No automatic failover — KubeBlocks restarts the pod on crash (pod-level recovery only)
  • etcd and minio are also single replicas by default
  • Cannot be horizontally scaled

For production workloads, use the Distributed topology.

Traffic Routing

ServiceTypePortNotes
{cluster}-milvusClusterIP19530 (gRPC), 9091 (metrics/health)Single entry point for all client traffic

Distributed Architecture

Milvus Distributed separates each functional role into its own independently scalable KubeBlocks Component. The Proxy is the single client entry point; internal components communicate through the MixCoord (unified coordinator) and share state via etcd (metadata), Pulsar or Kafka (log/message queue), and MinIO (object storage).

Application / Client
gRPC  {cluster}-proxy:19530
Metrics/health  {cluster}-proxy:9091
gRPC :19530
Kubernetes Services
{cluster}-proxy
ClusterIP · :19530 gRPC (client) · :9091 metrics/health
Routes all client requests to proxy pods · stateless load balancing
ClusterIP
→ proxy pods
Milvus Pods · Worker Nodes
Access Layer · Proxy
milvus-proxy-0PROXY
proxy
:19530 gRPC (client) · :9091 metrics/health · stateless, horizontally scalable
emptyDir · fully stateless — no PVC required
Coordination Layer · MixCoord (RootCoord + QueryCoord + DataCoord + IndexCoord)
milvus-mixcoord-0MIXCOORD
mixcoord
:9091 metrics/health · single replica · reloads state from etcd on restart · no data on disk
emptyDir · stateless against etcd — no PVC required
Worker Layer · DataNode · IndexNode · QueryNode
milvus-datanode-0DATANODE
datanode
:9091 metrics · receives inserts/deletes · flushes segments to MinIO
emptyDir · WAL buffer only
milvus-indexnode-0INDEXNODE
indexnode
:9091 metrics · builds HNSW / IVF_FLAT indexes · writes to MinIO
emptyDir · tmp build workspace
milvus-querynode-0QUERYNODE
querynode
:9091 metrics · loads segments from MinIO · serves ANN search
emptyDir · segment cache (no PVC)
External Dependencies (serviceRefDeclarations)
MinIO / S3OBJECT STORE
Object Storage
Vectors · indexes · WAL segments · all persistent data
etcdMETADATA
etcd Cluster
Collection schema · segment metadata · cluster topology state
Pulsar / KafkaLOG / MQ
Message Queue
Write-ahead log · inter-component message bus · data consistency
All compute pods are statelesspersistent state lives in MinIO (vectors) · etcd (metadata) · Pulsar (WAL)
Headless service — stable pod DNS for internal component communication; not a client endpoint
Access Layer (Proxy)
Coordination (MixCoord)
Worker Pods
External Storage

Resource Hierarchy

Cluster  →  Component (proxy)     →  InstanceSet  →  Pod × N
         →  Component (mixcoord)  →  InstanceSet  →  Pod × 1
         →  Component (datanode)  →  InstanceSet  →  Pod × N
         →  Component (indexnode) →  InstanceSet  →  Pod × N
         →  Component (querynode) →  InstanceSet  →  Pod × N

etcd, Pulsar/Kafka, and MinIO are not internal Components of the Distributed topology. They are external dependencies — either separately deployed KubeBlocks clusters or external services — declared via three serviceRefDeclarations: milvus-meta-storage (etcd), milvus-log-storage (Pulsar or Kafka), and milvus-object-storage (MinIO).

Component Roles

ComponentRoleScalability
ProxyStateless access layer — authenticates clients, validates requests, routes to the appropriate workerHorizontally scalable
MixCoordUnified coordinator embedding RootCoord + QueryCoord + DataCoord + IndexCoord — manages DDL, segment lifecycle, query assignments, index schedulingSingle replica (stateless against etcd; recovers by reloading from etcd)
QueryNodeLoads sealed segments from MinIO into memory; executes ANN vector searches and scalar filteringHorizontally scalable
DataNodeReceives insert/delete streaming operations; flushes growing segments to MinIO when sealedHorizontally scalable
IndexNodeBuilds HNSW, IVF, and other vector indexes for sealed segments stored in MinIOHorizontally scalable

Containers (per Milvus role pod)

Each role runs a container named after the role itself (plus a setup init container that copies run.sh, merge, and iam-verify into /milvus/tools/ before the main process starts):

ContainerPortPurpose
proxy19530 (gRPC), 9091 (metrics/health)Proxy — client entry point; handles auth, routing, and result aggregation
mixcoord9091 (metrics/health)MixCoord — unified coordinator managing DDL, segment lifecycle, query assignments
datanode9091 (metrics/health)DataNode — receives inserts/deletes and flushes segments to MinIO
indexnode9091 (metrics/health)IndexNode — builds vector indexes for sealed segments
querynode9091 (metrics/health)QueryNode — loads segments from MinIO and executes vector searches

Only the proxy container exposes port 19530 (gRPC) for client traffic. All components expose port 9091 for metrics and health checks — it is not a client-facing REST API endpoint.

High Availability

HA MechanismDescription
Component-level replicationQueryNode, DataNode, and IndexNode can each run multiple replicas; KubeBlocks manages their lifecycle independently
etcd HAWhen etcd is deployed as a 3-node Raft cluster, metadata is durable as long as 2 of 3 nodes are available
MinIO durabilityWhen MinIO is configured with erasure coding, vector data survives drive or node failures
Segment redundancySealed segments persist in MinIO; a restarted QueryNode reloads them from object storage without data loss
MixCoord recoveryMixCoord is stateless against etcd — it reloads all coordinator state from etcd on restart

MixCoord Recovery

MixCoord is the only single-replica component in the Distributed topology. When it crashes, KubeBlocks automatically recovers it without data loss:

  1. MixCoord pod crashes — coordinator functions (DDL, segment lifecycle, query assignments, index scheduling) are temporarily unavailable
  2. KubeBlocks InstanceSet detects the pod failure and schedules a restart
  3. New MixCoord pod starts and reloads all coordinator state from etcd — no data is lost because MixCoord is fully stateless against etcd
  4. Worker nodes reconnect — QueryNode, DataNode, and IndexNode pods reconnect to the restored MixCoord and resume their assigned work
  5. Cluster resumes serving requests through the Proxy

Worker nodes (QueryNode, DataNode, IndexNode) run multiple replicas and tolerate individual pod failures without coordinator involvement — KubeBlocks restarts the failed pod, and MixCoord reassigns its work to healthy replicas.

Traffic Routing

ServiceTypePortSelector
{cluster}-proxyClusterIP19530 (gRPC), 9091 (metrics/health)proxy pods

Client applications (Milvus SDK) connect to the proxy on port 19530 (gRPC). Port 9091 is the metrics/health endpoint — it is not a client-facing REST API. The proxy is the single entry point — it handles authentication, routing, and result aggregation across worker components.

System Accounts

In the Milvus add-on, only the in-cluster MinIO object-storage Component (ComponentDefinition milvus-minio) declares KubeBlocks systemAccounts. Other Milvus stack components in this add-on (for example etcd, milvus, proxy, mixcoord, DataNode, QueryNode, IndexNode) do not define systemAccounts in their ComponentDefinitions. If you use an external object store instead of the bundled MinIO, this managed account does not apply to that store.

For the bundled MinIO component (typically named minio in componentSpecs, for example in standalone topology), KubeBlocks creates one account. Passwords are auto-generated unless overridden at the Cluster level. Credentials are stored in a Secret named {cluster}-minio-account-admin when the component name is minio (substitute your Cluster metadata.name and the MinIO component’s name).

AccountComponent (typical name)RolePurpose
adminminioObject store adminMinIO root credentials; injected into MinIO pods as MINIO_ACCESS_KEY and MINIO_SECRET_KEY for S3-compatible access to buckets used by Milvus

© 2026 KUBEBLOCKS INC