The API Server serves as the cluster gateway and is the entry point for all external user commands to the cluster.
The API Server acts as a gatekeeper for authentication, ensuring that only authenticated and authorized requests get through to the cluster.
The API Server is the only one who can change information in the ETCD-cluster.
0.The Curl command is initiated by the user to create a pod.
1. The Kube-API Server checks authentication and authorization.
2.The Kube-API Server validates the request.
3 and 4.The Kube-API Server creates the config of the new POD in the ETCD Cluster.
5. The scheduler regularly verifies the ETC Cluster and sees that something has changed: A new pod with no node assigned. The scheduler finds (taking constraints in account) a worker node to run this pod on and passes this information to the Kube-API Server. The Kube-APIServer now adds this information to the ETCD Cluster.
6. The Kube-APIServer passes this information now to the kubelet of the appropriate worker node. The kubelet creates the pod on the worker node and passes the status info of the new pod to the API-Servr who updates the ETCD-Cluster with this information as well.
PS: In the image rkt and docker are used as container runtime engines. These are old out of fashion now.
Containerd is much more often now.