Skip to content

Kubernetes core resource concepts

Kubernetes (K8S) is a container orchestration tool used to manage containerized applications across multiple hosts on a cloud platform, aiming to make deployment simple and efficient^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

Core Resources

In Kubernetes, logical concepts are defined as "resources". Each resource possesses specific attributes such as an API version (apiVersion), kind (kind), metadata (metadata), specification (spec), and status (status)^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

Pod

The Pod is the smallest logical unit (atomic unit) that can be run in Kubernetes^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * A single Pod can run multiple containers that share UTS, NET, and IPC namespaces^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * Running multiple containers within one Pod is referred to as the SideCar mode^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

Pod Controllers

Pod controllers serve as templates for launching Pods and ensure they run according to expectations (e.g., replica count, lifecycle, health checks)^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. Common types include: * Deployment * DaemonSet * ReplicaSet * StatefulSet * Job * Cronjob^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]

Name

Every resource requires a unique Name, typically defined within the metadata section^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

Namespace

A Namespace provides a mechanism to isolate resources within the Kubernetes cluster^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * It functions as a virtual cluster within K8S^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * Resource names must be unique within the same namespace, but identical names can exist across different namespaces^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * Default namespaces include default, kube-system, and kube-public^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

Label

Labels are key-value pairs (key=value) used to categorize and manage resource objects^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * They have a many-to-many relationship: one label can apply to multiple resources, and one resource can have multiple labels^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * Annotations are similar to labels but are typically used for non-identifying metadata^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

Label Selector

Label Selectors are used to filter resources based on their labels^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * Equality-based: Equals (=), Not equal (!=)^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * Set-based: In, Not in, Exists^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

Service

A Service acts as a stable external access interface for a group of Pods that provide the same service^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * While Pods receive dynamic IP addresses that are lost upon destruction, the Service provides a stable endpoint^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * It targets specific Pods using Label Selectors^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

Ingress

Ingress operates at Layer 7 (Application Layer) of the OSI model^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]. * Unlike Services, which handle Layer 4 traffic (IP + Port), Ingress can manage traffic based on domain names or URL paths^[400-devops-06-kubernetes-k8s-paas-02-k8s.md].

  • [[Sidecar Pattern]]
  • [[Orchestration]]
  • [[Label Selector]]

Sources

^[400-devops-06-kubernetes-k8s-paas-02-k8s.md]