Kubernetes Glossary
- Annotations
A storage mechanism for key/value pairs that can be leveraged by tools and libraries.
- Blue / Green Deployment
Blue Green deployment is a technique that reduces downtime and risk by running two identical production environments called Blue and Green. At any time, only one of the environments is live. For example if the Blue environment is currently live, as the new version of the application is ready to go live, the final stages of testing takes place on the non-live environment, in this case Green. Once the deployed Green environment has been fully tested, routing of all incoming requests is then channelled to the Green environment instead of the Blue environment. This leap frog deployment mechanism eliminates downtime due to to application deployment.
- Canary release
A canary release is a new version of an app that is meant to replace the beta version in the future. Only a small fraction of users hit the canary version to see how it behaves before rolling out to all users.
- Cluster
A cluster is a set of machines (physical or VMs) or nodes that are managed by kubernetes.
- ConfigMap
A ConfigMap is used to store configuration that’s used by containers. ConfigMaps can be mapped into a running container as environment variables or files.
- Container
A docker container is a unit of computer software that packages up an application and all its dependencies so that the application runs quickly and reliably in different computing environments. Containers isolate the application from its environment and ensures that it works uniformly regardless of the computing infrastructure.
- Context
A kubernetes context allows us to use
kubectl
to work on more than one cluster. It is a combination of:A kubernetes cluster
Authentication information
The namespace
- Control Plane
The Kubernetes control plane ensures that the actual state of all Kubernetes objects match the desired state.
The control plane for a Kubernetes cluster consists of:
api-server: entry point to control plane
etcd: highly available distributed key/value store
controller manager: checks desired state with current state
scheduler: assigns newly created pods to a node
- DaemonSet
DaemonSets run only a single pod replica on each node, whereas ReplicaSets run pods on any pod in the cluster.
- Deployment
Deployments are a way to create an array of pods, including handling roll-outs of new app versions. The deployment resources sit on top of ReplicaSets which is responsible for pushing out an existing or new version of the app when the new version becomes available. Deployments represent a set of multiple, identical Pods with no unique identities. A Deployment runs multiple replicas of your application and automatically replaces any instances that fail or become unresponsive.
- Edge Router
A router that enforces the firewall policy for your cluster. This could be a gateway managed by a cloud provider or a physical piece of hardware.
- Ingress
An Ingress may be configured to give Services externally reachable URLs, load-balanced traffic, terminate SSL / TLS and offer name based virtual hosting. An Ingress Controller is responsible for fulfilling the Ingress, usually through a load-balancer, though it may also be configured through an edge router or other front-ends to help handle incoming traffic.
- Ingress Controller
An Ingress handles incoming web requests at OSI layer L7 and sometimes L4. It can be configured to give Services externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name based virtual hosting. An Ingress controller is responsible for fulfilling the Ingress, usually with a load balancer, though it may also configure your edge router or additional front ends to help handle the traffic.
- JWT
A JSON Web Token is an internet standard for creating JSON-based access tokens. Kubernetes service accounts uses a signed JWTs for authentication with the API server.
- Labels
Labels are key/value pairs that can be attached to kubernetes objects. It provides the foundation for grouping objects. Labels provide flexibility to label / tag resource in a very flexible manner as grouping requirements changes. Examples of labels are acme.com/app-version=1.0.0, appVersion=1.0.0, bigtom.k8/cluster-service=true.
- Label Selectors
Are used to filter kubernetes objects based on their label and label value. E.g.
$ kubectl get pods --selector="ver=2"
.- Master node
In a Kubernetes cluster, a master node manages the cluster and constitutes the control plane.
These two properties affect how many pods are replaced at once during a Kubernetes Deployment’s rolling update.
maxSurge: Determines how many pod instances are allowed to exist above the desired replica count. The default is 25%.
maxUnavailable: Determines how many pod instances can be unavailable relative to the desired replica count during the update.
- minReadySeconds
Specifies how long in seconds a newly created pod should be allowed to get ready before it is considered as available. If the new pod is not responding to its readiness probe by the time of minReadySeconds, the roll out of the new deployment version will effectively be blocked. See Health Probes
- Namespace
Namespaces are a way to divide the cluster resources between multiple users using Resource Quotas. It effectively separates a physical cluster into multiple virtual clusters. A namespace is used to group and sometimes isolate resources in a Kubernetes cluster. A resource can only belong to one name space.
- Node
A node represents a server, either virtual or physical in a cluster. A Kubernetes cluster contains master nodes and worker nodes.
- nodeSelector
This is a keyword used in a pod definition (Node Selector) to ensure that the pod only runs on pods with the specified label.
- Pod
A pod represents the smallest possible deployable component in Kubernetes consisting of one or more co-located containers. You cannot create your own Pods. They are created by the ReplicaSet.
- Pod Replacement Strategy
The pod replacement strategy can have either one of the following values which decides how new pods in a deployment are created in a roll out.
Recreate
: All existing pods are killed before new ones are created.RollingUpdate
: Creates one pod at a time before removing it’s old replacement pod.
- PV
Persistence Volume are a cluster wide pool of storage managed by an administrator.
- PVC
Persistence Volume Claim allows a pod definition to bind to a Persistence Volume.
- RBAC
Role Based Access Control.
- RepicaSet
A ReplicaSet is used to ensure that a specified number of pods are running at all times. It is defined with fields, including:
a selector that specifies how to identify Pods.
number of replicates indicating how many Pods it should be maintaining
a pod template specifying the data of new Pods it should create
- Resource limits
Specifies the maximum amount or resources that an application can consume in a container. Note that docker does not have a limit to how much computing resources it consumes. Hence it is at the Kubernetes container level where we can put a boundary to this. See Container level Quota
- Resource Quotas
A Namespace Resource Quota provides constraints that limit resource consumption by Namespace. It is a way to divide resources in a shared cluster between groups of users.
- Resource requests
Specifies the minimum amount of resources required to run an application. See Container level Quota
- Selector
A label selector is a grouping for resources. It supports two types of selectors:
equality-based: allows filtering by label keys and values.
set based: allows filtering based on sets of labels.
- Service
A Kubernetes Service that identifies a set of Pods using label selectors. Unless mentioned otherwise, Services are assumed to have virtual IPs only route-able within the cluster network.
- SessionAffinity
This attribute is used in a service yaml to denote that the service proxy should redirect all incoming requests from an incoming client web request to the same pod as before.
- TargetPort
In a Kubernetes yaml file, this denotes the port used by the container. It may also be called a containerPort.
- Worker node
In a Kubernetes cluster, a worker node runs the actual workload as compared to a master node which manages the cluster.