Scribd
Upload
23 views24 pages

Kubernetes Icons PDF

Uploaded by

Don Gladiator
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
23 views24 pages

Kubernetes Icons PDF

Uploaded by

Don Gladiator
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 24

Kubernetes Icons

v0.2
● Set of icons to create diagrams
● Use them as SDK, feel free to create
● Non official library
● Kubernetes official blue color
○ #326ce5
○ RGB(50,108,229)
● Maintainers:
○ Arnaud Mazin <[email protected]>
○ Etienne Coutaud <[email protected]>
Table of contents
1...Compute 10...Group and links
2...Storage 11...Kubernetes ressources map
3...Network 12...Diagrams examples
4...RBAC Model
5...Pods Configuration
6...Cluster Configuration
7...Others
8...Infrastructure components
9...Control Plane components
Compute
Pod: Pod is a collection Job: Job represents the
of containers that can run configuration of a single job.
on a host. This resource
is created by clients and
scheduled onto hosts.

ReplicaSet: ReplicaSet CronJob: A CronJob manages time based


ensures that a specified Job, namely:
number of pod replicas are - once at a specified point in time
running at any given time. - repeatedly at a specified point
in time

Deployment: Deployment StatefulSet: StatefulSet represents a set


enables declarative of pods with consistent identities.
updates for Pods and Identities are defined as: network,
ReplicaSets. storage.

DaemonSet: DaemonSet
represents the
configuration of a daemon
set.
Storage

PersistentVolume: is a storage resource provisioned by an


administrator.

PersistentVolumeClaim: PersistentVolumeClaim is a user's


request for and claim to a persistent volume.

StorageClass: StorageClass describes the parameters for a class


of storage for which PersistentVolumes can be dynamically
provisioned.
Network

Ingress: Ingress is a collection of rules that allow inbound


connections to reach the endpoints defined by a backend. An Ingress
can be configured to give services externally-reachable urls, load
balance traffic, terminate SSL, offer name based virtual hosting
etc.

Service: Service is a named abstraction of software service


(for example, mysql) consisting of local port (for example
3306) that the proxy listens on, and the selector that
determines which pods will answer requests sent through the
proxy.

Endpoint: Endpoints is a collection of endpoints that implement


the actual service.

NetworkPolicy: NetworkPolicy describes what network traffic is


allowed for a set of Pods.
RBAC model
ServicaAccount: binds ClusterRole: ClusterRole is a cluster
together: a name, a principal level, logical grouping of PolicyRules
that can be authenticated and that can be referenced as a unit by a
authorized * a set of RoleBinding or ClusterRoleBinding.
secrets.

User: Human user of


Kubernetes cluster. ClusterRoleBinding: A cluster role binding
grants the permissions defined in a
role/clusterrole to a user or set of users.
Permissions are granted cluster-wide.

Group: Set of Service RoleBinding: A role binding grants the


Accounts or Users. permissions defined in a role/clusterrole
to a user or set of users. Permissions
are granted within a namespace.

Role: Role is a namespaced,


logical grouping of
PolicyRules that can be
referenced as a unit by a
RoleBinding.
Pods Configuration

ConfigMap: ConfigMap holds configuration data for pods to


consume.

Secret: Secret holds secret data of a certain type.


Cluster configuration

LimitRange: LimitRange sets resource usage limits for each kind of


resource in a Namespace.

Quota: ResourceQuota sets aggregate quota restrictions


enforced per namespace.

HorizontalPodAutoscaler: configuration of a horizontal pod


autoscaler.
Others

CustomResourceDefinition: Extension of Kubernetes API.

PodSecurityPolicy: governs the ability to make requests that affect


the Security Context that will be applied to a pod and container.
Infrastructure components
Cluster: Kubernetes cluster.

Master: Kubernetes Control


Plane.

Node: Worker machine in


Kubernetes cluster.

ETCD: Kubernetes’s backing


store.
Control Plane components
Kubelet: The kubelet is the
K8s API Server: Kubernetes API.
primary “node agent” that runs
on each node.

Kube-proxy: The Kubernetes


Controller Manager: Kubernetes
network proxy runs on each node.
controller manager.
This reflects services as defined
in the Kubernetes API on each
node.

Scheduler: In charge of ensuring


Pods placement.

Cloud Controller Manager:


Optional and External Cloud
controller (experimental).
Groups and links
Namespace: Namespace provides a
scope for Names. Use of multiple
namespaces is optional.

Use to represent a reference


between components, reference can
be through various selector
(label, name ...)
kubernetes dashboard dns heapster

Use to represent a generation,


kube-public default kube-system resource generate other resource
Kubernetes Ressources Map Creates
References

Resources mgt

Network / exposition

Configuration

Storage
IAM

Pod generator
Diagrams examples
Exposed Application

trololo.com
Application with configuration

trololo.com
Application with persistent storage

trololo.com
StatefulSet Architecture
RBAC model
Certificate
CN=ksz,O=dev-admins

Certificate
CN=etc,O=dev-admins

dev-admins

Certificate
CN=aug,O=dev-admins

dev-admins admin

dev
Kube-dns example
kube-system

kube-dns

system:kube-dns

system:kube-dns

rules: kube-dns
- apiGroups: (Static ClusterIP)
- ""
resources:
- endpoints
- services
verbs:
- list
- watch
Server implementation
Minimal H-A design Prod-ready design

ingress nodes

masters masters

workload nodes workload nodes

etcd
etcd cluster cluster
K8s components startup
K8s cluster

default kube-system

kubernetes api c-m sched k-proxy

mirror pods

static pods
Appendices

You might also like