Wiki.Quizz.vn

User Tools

Site Tools

Trace:
k8s:core:kind

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
k8s:core:kind [2026/05/31 03:35] phong2018k8s:core:kind [2026/05/31 04:07] (current) – [Here's the relationship diagram.] phong2018
Line 1: Line 1:
-====== kind ======+====== Kubernetes ''kind'' Field — Complete Guide ======
  
-The `kind` field in Kubernetes defines **what type of object you are creating**.+===== Overview =====
  
-It tells Kubernetes+In Kubernetes, every resource manifest (written in YAML or JSONmust declare four top-level fields:
-  * What resource to build +
-  * What behavior this resource has +
-  * What controller will manage it (if any)+
  
----+<code yaml> 
 +apiVersion: apps/v1 
 +kind: Deployment 
 +metadata: 
 +  name: my-app 
 +spec: 
 +  ... 
 +</code>
  
-===== 1Core idea =====+The ''kind'' field tells Kubernetes **what type of resource** you are creating or managing. It maps to a specific API object within Kubernetes, and each kind has its own schema, behavior, and lifecycle.
  
-kind = **resource type in Kubernetes**+----
  
-Think of Kubernetes as a system that supports many object types.+===== Core Resource Kinds =====
  
-Each `kind` represents a different "role" in the system.+==== 1Pod ====
  
----+The **smallest deployable unit** in Kubernetes. A Pod wraps one or more containers that share network and storage.
  
-===== 2Common kinds =====+<code yaml> 
 +apiVersion: v1 
 +kind: Pod 
 +metadata: 
 +  name: nginx-pod 
 +  labels: 
 +    app: nginx 
 +spec: 
 +  containers: 
 +    - name: nginx 
 +      image: nginx:1.25 
 +      ports: 
 +        - containerPort: 80 
 +</code>
  
-Kubernetes has many kinds, but the most important ones are:+^ Field       ^ Description                                  ^ 
 +| ''kind''    | ''Pod'' — declares a single pod resource     | 
 +| ''metadata'' | Name and labels for identifying the pod     | 
 +| ''spec.containers'' | List of containers inside the pod   |
  
-  Pod → runs containers +**Note:** Pods are rarely created directly. Use Deployments or StatefulSets instead for resilience.
-  Deployment → manages Pods +
-  ReplicaSet → ensures Pod count +
-  Service → network access layer +
-  * ConfigMap → configuration data +
-  * Secret → sensitive data +
-  * Namespace → logical grouping+
  
----+----
  
-===== 3Example =====+==== 2Deployment ====
  
 +Manages a **ReplicaSet** to ensure a specified number of Pod replicas are running at all times. Supports rolling updates and rollbacks.
  
 +<code yaml>
 apiVersion: apps/v1 apiVersion: apps/v1
 kind: Deployment kind: Deployment
 metadata: metadata:
-name: my-app+  name: web-app 
 +  namespace: default
 spec: spec:
-replicas: 3+  replicas: 3 
 +  selector: 
 +    matchLabels: 
 +      app: web-app 
 +  template: 
 +    metadata: 
 +      labels: 
 +        app: web-app 
 +    spec: 
 +      containers: 
 +        - name: web 
 +          image: nginx:1.25 
 +          ports: 
 +            - containerPort: 80 
 +</code>
  
 +^ Field         ^ Description                                          ^
 +| ''kind''      | ''Deployment'' — manages a set of identical pods     |
 +| ''replicas''  | Number of desired Pod instances                      |
 +| ''selector''  | Labels used to identify which Pods belong here       |
 +| ''template''  | Pod template used to create new Pods                 |
  
-Here: +----
-  * kind: Deployment +
-  → Kubernetes creates a Deployment object+
  
----+==== 3. Service ====
  
-===== 4What happens internally =====+Exposes a set of Pods as a **stable network endpoint**. Handles load balancing across all matching Pods.
  
-When you write:+<code yaml> 
 +apiVersionv1 
 +kind: Service 
 +metadata: 
 +  name: web-service 
 +spec: 
 +  selector: 
 +    app: web-app 
 +  ports: 
 +    - protocol: TCP 
 +      port: 80 
 +      targetPort: 80 
 +  type: ClusterIP 
 +</code>
  
 +^ Service Type    ^ Description                                              ^
 +| ''ClusterIP''   | Default. Internal cluster access only                    |
 +| ''NodePort''    | Exposes on each node's IP at a static port               |
 +| ''LoadBalancer'' | Creates an external load balancer (cloud providers)     |
 +| ''ExternalName'' | Maps to an external DNS name                            |
  
-kind: Deployment+----
  
 +==== 4. ConfigMap ====
  
-Kubernetes will:+Stores **non-sensitive configuration** as key-value pairs, decoupling config from container images.
  
-  1. Recognize this as a Deployment object +<code yaml> 
-  2. Send it to the Deployment Controller +apiVersion: v1 
-  3. Deployment Controller creates a ReplicaSet +kind: ConfigMap 
-  4. ReplicaSet creates Pods+metadata: 
 +  name: app-config 
 +data: 
 +  APP_ENV: production 
 +  APP_PORT: "8080" 
 +  log_level: info 
 +</code>
  
-Flow:+Use in a Pod:
  
 +<code yaml>
 +envFrom:
 +  - configMapRef:
 +      name: app-config
 +</code>
  
-Deployment +----
-↓ +
-ReplicaSet +
-↓ +
-Pods+
  
 +==== 5. Secret ====
  
----+Like ConfigMap, but for **sensitive data** (passwords, tokens, TLS certs). Values are base64-encoded.
  
-===== 5. Why kind is important =====+<code yaml> 
 +apiVersion: v1 
 +kind: Secret 
 +metadata: 
 +  name: db-credentials 
 +type: Opaque 
 +data: 
 +  username: YWRtaW4       # base64 of "admin" 
 +  password: cGFzc3dvcmQ  # base64 of "password" 
 +</code>
  
-Because Kubernetes is NOT just one system — it is a collection of controllers.+> **Security note:** base64 is encoding, not encryption. Use tools like Sealed Secrets or Vault for production. 
 + 
 +---- 
 + 
 +==== 6. StatefulSet ==== 
 + 
 +Like Deployment, but designed for **stateful applications** (databases, message queues) that need: 
 +  * Stable, persistent network identity 
 +  * Ordered, graceful deployment and scaling 
 +  * Persistent storage per pod 
 + 
 +<code yaml> 
 +apiVersion: apps/v1 
 +kind: StatefulSet 
 +metadata: 
 +  name: mysql 
 +spec: 
 +  serviceName: "mysql" 
 +  replicas: 3 
 +  selector: 
 +    matchLabels: 
 +      app: mysql 
 +  template: 
 +    metadata: 
 +      labels: 
 +        app: mysql 
 +    spec: 
 +      containers: 
 +        - name: mysql 
 +          image: mysql:8.0 
 +          env: 
 +            - name: MYSQL_ROOT_PASSWORD 
 +              value: "secret" 
 +          volumeMounts: 
 +            - name: data 
 +              mountPath: /var/lib/mysql 
 +  volumeClaimTemplates: 
 +    - metadata: 
 +        name: data 
 +      spec: 
 +        accessModes: ["ReadWriteOnce"
 +        resources: 
 +          requests: 
 +            storage: 10Gi 
 +</code> 
 + 
 +---- 
 + 
 +==== 7. DaemonSet ==== 
 + 
 +Ensures **copy of a Pod runs on every node** (or selected nodes). Used for cluster-level services like log collectors, monitoring agents, or network plugins. 
 + 
 +<code yaml> 
 +apiVersion: apps/v1 
 +kind: DaemonSet 
 +metadata: 
 +  name: fluentd 
 +spec: 
 +  selector: 
 +    matchLabels: 
 +      name: fluentd 
 +  template: 
 +    metadata: 
 +      labels: 
 +        name: fluentd 
 +    spec: 
 +      containers: 
 +        - name: fluentd 
 +          image: fluent/fluentd:v1.16 
 +</code> 
 + 
 +---- 
 + 
 +==== 8. Job ==== 
 + 
 +Runs a **one-off task** to completion. Kubernetes ensures the Pod runs successfully at least once. 
 + 
 +<code yaml> 
 +apiVersion: batch/v1 
 +kind: Job 
 +metadata: 
 +  name: db-migration 
 +spec: 
 +  template: 
 +    spec: 
 +      containers: 
 +        - name: migrate 
 +          image: myapp:latest 
 +          command: ["python", "manage.py", "migrate"
 +      restartPolicy: OnFailure 
 +</code> 
 + 
 +---- 
 + 
 +==== 9. CronJob ==== 
 + 
 +Runs Jobs on a **scheduled (cron) basis**. 
 + 
 +<code yaml> 
 +apiVersion: batch/v1 
 +kind: CronJob 
 +metadata: 
 +  name: backup-job 
 +spec: 
 +  schedule: "0 2 * * *"   # Every day at 2:00 AM 
 +  jobTemplate: 
 +    spec: 
 +      template: 
 +        spec: 
 +          containers: 
 +            - name: backup 
 +              image: backup-tool:latest 
 +              command: ["/bin/sh", "-c", "run-backup.sh"
 +          restartPolicy: OnFailure 
 +</code> 
 + 
 +---- 
 + 
 +==== 10. Namespace ==== 
 + 
 +Creates a **virtual cluster** within a Kubernetes cluster, providing isolation between teams or environments. 
 + 
 +<code yaml> 
 +apiVersion: v1 
 +kind: Namespace 
 +metadata: 
 +  name: staging 
 +</code> 
 + 
 +---- 
 + 
 +==== 11. PersistentVolumeClaim (PVC) ==== 
 + 
 +Requests **persistent storage** from the cluster for a Pod. 
 + 
 +<code yaml> 
 +apiVersion: v1 
 +kind: PersistentVolumeClaim 
 +metadata: 
 +  name: my-storage 
 +spec: 
 +  accessModes: 
 +    - ReadWriteOnce 
 +  resources: 
 +    requests: 
 +      storage: 5Gi 
 +</code> 
 + 
 +---- 
 + 
 +==== 12. Ingress ==== 
 + 
 +Manages **external HTTP/HTTPS access** to services, routing rules, TLS termination. 
 + 
 +<code yaml> 
 +apiVersion: networking.k8s.io/v1 
 +kind: Ingress 
 +metadata: 
 +  name: web-ingress 
 +  annotations: 
 +    nginx.ingress.kubernetes.io/rewrite-target:
 +spec: 
 +  rules: 
 +    - host: myapp.example.com 
 +      http: 
 +        paths: 
 +          - path: / 
 +            pathType: Prefix 
 +            backend: 
 +              service: 
 +                name: web-service 
 +                port: 
 +                  number: 80 
 +</code>
  
-Each `kind`: +----
-  * Triggers a different controller +
-  * Has different behavior +
-  * Has different lifecycle rules+
  
-Example:+===== Summary Table =====
  
-  * Pod → directly runs container +^ Kind                   ^ API Version         ^ Purpose                                      ^ 
-  Deployment → manages and replaces Pods +| ''Pod''                | ''v1''              | Smallest deployable unit                     | 
-  * Service → creates stable network endpoint+| ''Deployment''         | ''apps/v1''         | Stateless app, rolling updates               | 
 +| ''StatefulSet''        | ''apps/v1''         | Stateful app with stable identity            | 
 +| ''DaemonSet''          | ''apps/v1''         | One pod per node                             | 
 +| ''Job''                | ''batch/v1''        | One-off task                                 | 
 +| ''CronJob''            | ''batch/v1''        | Scheduled recurring task                     | 
 +| ''Service''            | ''v1''              | Network endpoint for pods                    | 
 +| ''Ingress''            | ''networking.k8s.io/v1'' | HTTP routing / TLS termination         | 
 +| ''ConfigMap''          | ''v1''              | Non-sensitive config data                    | 
 +| ''Secret''             | ''v1''              | Sensitive config data                        | 
 +| ''Namespace''          | ''v1''              | Cluster isolation                            | 
 +| ''PersistentVolumeClaim'' | ''v1''           | Request for persistent storage               |
  
----+----
  
-===== 6. Real-world analogy =====+===== How ''kind'' Connects to ''apiVersion'' =====
  
-Think of Kubernetes like a company system:+The ''apiVersion'' determines which API group and version handles your ''kind'':
  
-  * Pod → employee +^ apiVersion              ^ Kinds included                                       ^ 
-  Deployment → manager of employees +| ''v1''                  | Pod, Service, ConfigMap, Secret, Namespace, PVC      | 
-  * Service → receptionist (routes requests) +| ''apps/v1''             Deployment, StatefulSet, DaemonSet, ReplicaSet       | 
-  * ConfigMap → instruction manual+| ''batch/v1''            | Job, CronJob                                         | 
 +| ''networking.k8s.io/v1'' | Ingress, NetworkPolicy                              | 
 +| ''rbac.authorization.k8s.io/v1'' | Role, ClusterRole, RoleBinding           |
  
-So:+----
  
-kind "what role am I creating in the system?"+===== Here'the relationship diagram. =====  
 +Hierarchy flows top-down:
  
----+Deployment → ReplicaSet → Pod (Deployment manages replicas, which manage pods)
  
-===== 7. Key insight (VERY IMPORTANT) =====+StatefulSet and DaemonSet go straight to their own Pods
  
-kind is NOT just label.+CronJob → Job (CronJob triggers Jobs on schedule)
  
-It determines: +Networking routes traffic inward:
-  * Which controller handles the object +
-  * How the object behaves +
-  * How lifecycle is managed+
  
----+Ingress → Service → Pod (external HTTP traffic funneled down to running containers)
  
-===== 8. Simple mental model =====+NetworkPolicy applies traffic rules at the Pod level
  
 +Config and Storage are mounted into Pods:
  
-kind = "type of machine in Kubernetes"+ConfigMap and Secret are injected as env vars or volume mounts (dashed lines)
  
-Pod → runs workload +PVC (PersistentVolumeClaim) binds to a PV (PersistentVolume) and mounts into Pods
-Deployment → manages workload +
-Service → exposes workload+
  
 +Everything lives inside a `Namespace for isolation.
  
----+{{ :k8s:core:kind-in-kubenetes.png?600 |}}
  
-===== 9. Summary =====+===== See Also =====
  
-  * kind defines the type of Kubernetes object +  * [[https://kubernetes.io/docs/concepts/|Kubernetes Concepts]] 
-  * Each kind has a different purpose and behavior +  * [[https://kubernetes.io/docs/reference/kubernetes-api/|Kubernetes API Reference]] 
-  * Kubernetes uses controllers based on kind +  * ''kubectl api-resources'' — list all available kinds in your cluster
-  * kind drives the entire lifecycle of the resource+
k8s/core/kind.1780198553.txt.gz · Last modified: by phong2018