Keywords: Pods, Containers, Replica Sets, Service, Job, Deployment, Rollout, Config Maps, Secrets, Persistent Volumes, Resource Management.
Note: This page is only intended to only provide you a quick understanding of terminology and their meanings and not to be considered as a complete overview of its architecture or design.
- Container is a process (or set of processes) that runs in a jailed environment so that it doesn’t interfere with other processes. This means from the point of view of the application (process) it has its own IP, disk, cpu, and memory.
A Pod is an instance of one or more containers under the same IP. In most cases a Pod contains just one container, in some edge cases a pod contains multiple containers and they are bound by the same IP to create a tight integration.
Containers inside the same Pod are co-located (tight-coupling**) (they cannot be spread to different machines), the scale up or down together (they cannot be scaled separately if needed) and share the same network IP (There may exist port conflicts if not designed properly).
- A Replica Set defines the Pods that needs to run and the number of their replicas.
Advantage – without breaking above tight-coupling**, we improve
The objective of Deployment is to manage an upgrade or downgrade of a service without having downtime during the upgrade we have to handle multiple instances of both versions during the upgrade.
There are both
A job creates one or more pods and ensures that a specified number of them successfully terminate.
Example: run 10 jobs but only 3 in parallel at a time
- A Service is basically a group of Pods that constitute a Service (e.g. a group of Nginx instances). When someone wants to access this group of Pods it does it through the service, which will redirect the request to one of those Pods.
- A service account provides an identity for processes that run in a Pod.
- The ConfigMap API resource holds key-value pairs of configuration data that can be consumed in pods or used to store configuration data for system components such as controllers.
- Objects of type secret are intended to hold sensitive information, such as passwords, OAuth tokens, and ssh keys
- Persistent Volumes define where Pods can claim Storage for their instances.
- Resource quotas are a tool for administrators to ensure fair share of resources. Cluter level.
- Limit Ranges helps define boundaries on the memory and cpu that Pods can claim on each namespace. This helps cluster operators manage the resources efficiently.