Kubernetes (k8s) – Open-source container orchestration platform that automates many of the manual processes involved in deploying, managing, and scaling containerized applications.
Namespaces – Virtual cluster backed by the same physical cluster. Namespaces are the way to separate and organize objects such as pods and containers in your cluster
Role-Based Access Control (RBAC) – Method allows you to control what users are allowed to do and access within your cluster.
Service Account – An account used by container process within Pods to authenticate with the K8s API. Service accounts help pods to communicate with the K8s API.
Init Containers – Containers that run once during the startup process of a pod. A pod can have any number of init containers, and they will each run once in order to complete.
Scheduling – The process of assigning pods to Nodes so kubelets can run them. Scheduler is the control plane component that handles the scheduling process.
DaemonSet – Automatically runs a copy of a pod on each node, it will run a copy of the pod on new nodes as they are added to the cluster.
Static Pod – A pod that is managed directly by the kubelet on a node, not by the K8s API server. They can run even if there is no K8s API server present.
Scaling – We can scale an application by increasing or decreasing the number of replicas. Each replica of your application represents a Kubernetes Pod that encapsulates your application’s container(s).
Rolling Update – Allows you to make changes to a deployment’s pods at a controlled rate, gradually replacing old pods with new pods. This allows you to update your pods without incurring downtime
CNI Plugins – A type of Kubernetes network plugin. These plugins provide network connectivity between pods according to the standard set by the Kubernetes network model. Kubernetes follows the v0.4.0 release of the CNI specification
CNI-Genie – Enables Kubernetes to seamlessly connect to a choice of CNI plugins, such as Calico, Canal, Flannel, Romana, or Weave.
CoreDNS – The K8 virtual network uses coreDNS to allow Pods to locate other Pods and Services using domain names instead of IP addresses.
NetworkPolicy – An object that allows you to control the flow of network communication to and from Pods. This allows you to build a more secure cluster network by keeping pods isolated from the traffic they do not need.
EGRESS – Network policy can be applied to egress, Outgoing network traffic leaving the Pod for another destination.
INGRESS – Network policy can be applied to ingress, Incoming network traffic coming into the Pod from another source
Container File System – This is an ephemeral file system where files on the container’s file system exist only as long as the container exists. If a container is deleted or re-created in K8s, data stored on the container file system is lost
Persistent Volumes – Volumes offer a simple way to provide external storage to containers within the Pod/Container Spec. Persistent Volumes are a slightly more advanced form of volume. They allow you to treat storage as an abstract resource and consume it using your Pods.
Volumes – In the Pod spec, these specify the storage volumes available to the Pod. They specify the volume type and other data that determines where and how the data is actually stored.
volumeMounts – In the container spec, these reference the volumes in the Pod spec and provide a mountPath (the location on the file system where the container process will access the volume data).
PersistentVolumeClaim – Represents a user’s request for storage resources. It defines a set of attributes similar to those of a PersistentVolume (StorageClass, etc)
Deployment & Service – Deployment is an object responsible for keeping a set of pods running with the application and service is an object responsible for enabling network access to a set of pods. Services and Deployments are different, but they work together nicely.