| Resource Type | Purpose | Minimal YAML Example |
|---|---|---|
| Pod | The smallest and simplest Kubernetes object. Represents a single instance of a running process in a cluster. | yaml<br>apiVersion: v1<br>kind: Pod<br>metadata:<br> name: my-pod<br>spec:<br> containers:<br> - name: my-container<br> image: nginx<br> |
| Deployment | Provides declarative updates for Pods and ReplicaSets. | yaml<br>apiVersion: apps/v1<br>kind: Deployment<br>metadata:<br> name: my-deployment<br>spec:<br> replicas: 3<br> selector:<br> matchLabels:<br> app: myapp<br> template:<br> metadata:<br> labels:<br> app: myapp<br> spec:<br> containers:<br> - name: my-container<br> image: nginx<br> ports:<br> - containerPort: 80<br> |
| Service | Exposes a set of Pods as a network service. | yaml<br>apiVersion: v1<br>kind: Service<br>metadata:<br> name: my-service<br>spec:<br> selector:<br> app: myapp<br> ports:<br> - protocol: TCP<br> port: 80<br> targetPort: 9376<br> |
| ConfigMap | Provides a way to inject configuration data into Pods. | yaml<br>apiVersion: v1<br>kind: ConfigMap<br>metadata:<br> name: my-configmap<br>data:<br> key: value<br> |
| Secret | Stores sensitive information, such as passwords, OAuth tokens, and ssh keys. | yaml<br>apiVersion: v1<br>kind: Secret<br>metadata:<br> name: my-secret<br>type: Opaque<br>data:<br> key: dmFsdWU=<br> |
| Ingress | Manages external access to services, typically HTTP. | yaml<br>apiVersion: networking.k8s.io/v1<br>kind: Ingress<br>metadata:<br> name: my-ingress<br>spec:<br> rules:<br> - host: my-app.example.com<br> http:<br> paths:<br> - path: /<br> pathType: Prefix<br> backend:<br> service:<br> name: my-service<br> port:<br> number: 80<br> |
| PersistentVolume | Provides storage resources to be used by Pods. | yaml<br>apiVersion: v1<br>kind: PersistentVolume<br>metadata:<br> name: my-pv<br>spec:<br> capacity:<br> storage: 1Gi<br> accessModes:<br> - ReadWriteOnce<br> persistentVolumeReclaimPolicy: Retain<br> hostPath:<br> path: /mnt/data<br> |
| PersistentVolumeClaim | Requests storage resources for Pods. | yaml<br>apiVersion: v1<br>kind: PersistentVolumeClaim<br>metadata:<br> name: my-pvc<br>spec:<br> accessModes:<br> - ReadWriteOnce<br> resources:<br> requests:<br> storage: 1Gi<br> |
| StatefulSet | Manages the deployment and scaling of a set of Pods, and provides guarantees about the ordering and uniqueness of these Pods. | yaml<br>apiVersion: apps/v1<br>kind: StatefulSet<br>metadata:<br> name: my-statefulset<br>spec:<br> serviceName: "nginx"<br> replicas: 3<br> selector:<br> matchLabels:<br> app: nginx<br> template:<br> metadata:<br> labels:<br> app: nginx<br> spec:<br> containers:<br> - name: nginx<br> image: nginx<br> ports:<br> - containerPort: 80<br> volumeClaimTemplates:<br> - metadata:<br> name: my-pvc<br> spec:<br> accessModes: [ "ReadWriteOnce" ]<br> resources:<br> requests:<br> storage: 1Gi<br> |
| DaemonSet | Ensures a copy of a Pod is running across all or some nodes in the cluster. | yaml<br>apiVersion: apps/v1<br>kind: DaemonSet<br>metadata:<br> name: my-daemonset<br>spec:<br> selector:<br> matchLabels:<br> app: myapp<br> template:<br> metadata:<br> labels:<br> app: myapp<br> spec:<br> containers:<br> - name: my-container<br> image: nginx<br> |
| Job | Creates one or more Pods and ensures that a specified number of them successfully terminate. | yaml<br>apiVersion: batch/v1<br>kind: Job<br>metadata:<br> name: my-job<br>spec:<br> template:<br> spec:<br> containers:<br> - name: my-container<br> image: busybox<br> command: ["sleep", "10"]<br> restartPolicy: OnFailure<br> |
| CronJob | Creates Jobs on a time-based schedule. | yaml<br>apiVersion: batch/v1<br>kind: CronJob<br>metadata:<br> name: my-cronjob<br>spec:<br> schedule: "*/1 * * * *"<br> jobTemplate:<br> spec:<br> template:<br> spec:<br> containers:<br> - name: my-container<br> image: busybox<br> command: ["sleep", "10"]<br> restartPolicy: OnFailure<br> |
| Role | Defines permissions within a namespace. | yaml<br>apiVersion: rbac.authorization.k8s.io/v1<br>kind: Role<br>metadata:<br> namespace: default<br> name: pod-reader<br>rules:<br>- apiGroups: [""]<br> resources: ["pods"]<br> verbs: ["get", "watch", "list"]<br> |
| ClusterRole | Defines permissions cluster-wide. | yaml<br>apiVersion: rbac.authorization.k8s.io/v1<br>kind: ClusterRole<br>metadata:<br> name: cluster-admin<br>rules:<br>- apiGroups: ["*"]<br> resources: ["*"]<br> verbs: ["*"]<br> |
| RoleBinding | Grants permissions defined in a Role to a user or set of users. | yaml<br>apiVersion: rbac.authorization.k8s.io/v1<br>kind: RoleBinding<br>metadata:<br> name: read-pods<br> namespace: default<br>subjects:<br>- kind: User<br> name: "jane"<br> apiGroup: rbac.authorization.k8s.io<br>roleRef:<br> kind: Role<br> name: pod-reader<br> apiGroup: rbac.authorization.k8s.io<br> |
| ClusterRoleBinding | Grants permissions defined in a ClusterRole to a user or set of users. | yaml<br>apiVersion: rbac.authorization.k8s.io/v1<br>kind: ClusterRoleBinding<br>metadata:<br> name: admin-binding<br>subjects:<br>- kind: User<br> name: "admin"<br> apiGroup: rbac.authorization.k8s.io<br>roleRef:<br> kind: ClusterRole<br> name: cluster-admin<br> apiGroup: rbac.authorization.k8s.io<br> |
Created
May 15, 2024 11:48
-
-
Save searchformyusername/acfd3dba3ad073ecd8e8fa10c82e8e94 to your computer and use it in GitHub Desktop.
Kuberenetes
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://validkube.com/
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#deployment-v1-apps