Objects

Kubernetes (often abbreviated as K8s) objects are persistent entities in the Kubernetes system that represent the state of your cluster. These objects describe the desired state of your cluster: what containers should be running, what network or storage resources should be available, etc. Kubernetes ensures that the current state of the cluster matches the desired state described by these objects.

Core Kubernetes Objects

  1. Pod: The smallest and simplest Kubernetes object. A Pod represents a single instance of a running process in your cluster and can contain one or more containers.
  2. Service: Defines a logical set of Pods and a policy by which to access them. Services provide stable IP addresses and DNS names for Pods.
  3. Volume: Abstraction that allows containers in a Pod to access and store data. Volumes can persist data even after the Pod is terminated.
  4. Namespace: A way to divide cluster resources between multiple users via a namespace. It is a Kubernetes object that provides a scope for Kubernetes names.
  5. ConfigMap: Allows you to decouple configuration artifacts from image content to keep containerized applications portable.
  6. Secret: Similar to ConfigMap, but specifically intended to hold sensitive information like passwords, OAuth tokens, and SSH keys.
  7. ServiceAccount: Provides an identity for processes that run in a Pod. This is useful for accessing the Kubernetes API server.

Workload Objects

  1. Deployment: Provides declarative updates for Pods and ReplicaSets. It’s the most commonly used workload resource in Kubernetes.
  2. ReplicaSet: Ensures that a specified number of pod replicas are running at any given time. ReplicaSets are typically managed by Deployments.
  3. StatefulSet: Manages the deployment and scaling of a set of Pods and provides guarantees about the ordering and uniqueness of these Pods.
  4. DaemonSet: Ensures that all or some nodes run a copy of a Pod. As nodes are added to the cluster, Pods are added to them.
  5. Job: Creates one or more Pods and ensures that a specified number of them successfully terminate. Jobs are used to run batch processes.
  6. CronJob: Manages time-based jobs, similar to cron in Unix/Linux. It runs Jobs at specified intervals.
  7. ReplicationController: Similar to a ReplicaSet but with fewer features. It ensures that a specified number of replicas of a Pod are running at any time.
  8. HorizontalPodAutoscaler: Automatically scales the number of Pods in a Deployment, ReplicaSet, or StatefulSet based on observed CPU utilization or other select metrics.
  9. VerticalPodAutoscaler: Automatically adjusts the CPU and memory requests/limits of Pods to match the resource needs of the application.

Networking Objects

  1. Ingress: Manages external access to the services in a cluster, typically HTTP. It provides load balancing, SSL termination, and name-based virtual hosting.
  2. NetworkPolicy: Specifies how groups of Pods are allowed to communicate with each other and other network endpoints.

Storage Objects

  1. PersistentVolume (PV): A piece of storage in the cluster that has been provisioned by an administrator or dynamically by Kubernetes using a StorageClass.
  2. PersistentVolumeClaim (PVC): A request for storage by a user. It is similar to a Pod in that Pods consume node resources, and PVCs consume PV resources.
  3. StorageClass: Provides a way for administrators to describe the “classes” of storage they offer.

Metadata Objects

  1. LimitRange: Enforces minimum and maximum compute resource usage per Pod or Container in a namespace.
  2. ResourceQuota: Provides constraints that limit aggregate resource consumption per namespace.
  3. PodDisruptionBudget (PDB): Limits the number of concurrent disruptions (like voluntary evictions) that can happen to Pods in a specified collection.

Cluster Objects

  1. Node: A worker machine in Kubernetes, previously known as a “minion”. A node may be a VM or physical machine, depending on the cluster.
  2. ClusterRole: Defines a set of permissions that are applied at the cluster level.
  3. Role: Similar to a ClusterRole, but Role permissions are confined to a namespace.
  4. RoleBinding: Grants permissions defined in a Role to a user or set of users within a specific namespace.
  5. ClusterRoleBinding: Grants permissions defined in a ClusterRole to a user or set of users across the entire cluster.
  6. CustomResourceDefinition (CRD): Allows you to extend Kubernetes by adding your own resources. Once a CRD is created, you can create objects of that custom type.
  7. Endpoint: A list of IP addresses that implement a Service. Endpoints are not usually managed directly by users.
  8. Event: Records an event in the cluster, such as the start or end of a Pod or container, or an error.

Other Objects

  1. Binding: Associates a Pod with a Node. This is typically managed by the Kubernetes scheduler.
  2. PodTemplate: Template for creating Pods, which is included in controllers like Deployments and Jobs.
  3. ResourceClass: Defines a class of resources for dynamic provisioning.
  4. CSINode: Information about storage drivers installed on a node, used by the Kubernetes Container Storage Interface (CSI).
  5. RuntimeClass: Provides an abstraction for different container runtimes in a cluster.
  6. Lease: A resource that represents a lease that can be used to implement leader election in distributed systems.

This list encompasses the majority of Kubernetes objects that you might encounter or work with. Each of these objects has a specific role and is used to define and control various aspects of a Kubernetes cluster.

_____________________________________________________________________________

Objects complete list:

Kubernetes provides a comprehensive set of built-in objects that represent various resources within the cluster. These objects can be categorized based on their roles, such as workloads, networking, storage, configuration management, and security. Below is a complete list of the built-in Kubernetes objects as of the latest Kubernetes version:

1. Workloads Objects

Workload objects are responsible for managing and running containers in Kubernetes.

  • Pod:
  • The smallest and simplest Kubernetes object. A Pod represents a single instance of a running process in the cluster and can contain one or more containers.
  • ReplicaSet:
  • Ensures that a specified number of replicas of a Pod are running at any given time. Typically used by Deployments to maintain the desired number of Pods.
  • Deployment:
  • Provides declarative updates for Pods and ReplicaSets. It’s commonly used to manage stateless applications by allowing you to define and manage a set of Pods.
  • StatefulSet:
  • Manages the deployment and scaling of a set of Pods, providing guarantees about the ordering and uniqueness of these Pods. Typically used for stateful applications that require stable, persistent storage.
  • DaemonSet:
  • Ensures that all or some nodes run a copy of a Pod. As nodes are added to the cluster, Pods are added to them, and when nodes are removed, the Pods are deleted.
  • Job:
  • Creates one or more Pods and ensures that a specified number of them successfully terminate. Used for batch processing tasks.
  • CronJob:
  • Manages time-based jobs, running them on a schedule similar to cron jobs in Unix/Linux. It is used for tasks that need to run periodically or at specific times.
  • ReplicationController (Legacy):
  • Similar to ReplicaSet, ensures that a specified number of pod replicas are running. It is mostly superseded by ReplicaSet and Deployment.
  • HorizontalPodAutoscaler:
  • Automatically scales the number of Pods in a Deployment, ReplicaSet, or StatefulSet based on observed CPU utilization or other select metrics.
  • VerticalPodAutoscaler (Beta):
  • Automatically adjusts the CPU and memory requests/limits of Pods to match the resource needs of the application.

2. Service and Networking Objects

Networking objects manage how Pods communicate with each other and with external resources.

  • Service:
  • Defines a logical set of Pods and a policy by which to access them. Services provide stable IP addresses and DNS names for Pods.
  • Ingress:
  • Manages external access to services in a cluster, typically HTTP. It provides load balancing, SSL termination, and name-based virtual hosting.
  • NetworkPolicy:
  • Specifies how groups of Pods are allowed to communicate with each other and with other network endpoints. Network policies are used to secure the network interactions between Pods.
  • EndpointSlice:
  • Provides a scalable and extensible way to track network endpoints associated with a Service.
  • Endpoint:
  • A list of IP addresses that implement a Service. Endpoints are created automatically by the Kubernetes API server when a Service is created.

3. Configuration Objects

Configuration objects help decouple configuration from Pod and container images, making applications more portable.

  • ConfigMap:
  • Provides a way to inject configuration data into Pods. ConfigMaps can store data in key-value pairs and make it accessible to Pods as environment variables or configuration files.
  • Secret:
  • Similar to ConfigMap but intended to hold sensitive information like passwords, OAuth tokens, and SSH keys. Secrets are stored securely and can be used by Pods to access sensitive data.
  • ServiceAccount:
  • Provides an identity for processes that run in a Pod. ServiceAccounts are used to control access to the Kubernetes API and to other services within the cluster.
  • LimitRange:
  • Defines limits on the resources (such as CPU and memory) that can be requested or used by Pods or containers within a namespace.
  • ResourceQuota:
  • Provides constraints that limit aggregate resource consumption (CPU, memory, storage) within a namespace.

4. Storage Objects

Storage objects manage how data is stored and accessed by Pods.

  • PersistentVolume (PV):
  • A piece of storage in the cluster that has been provisioned by an administrator or dynamically using a StorageClass. PersistentVolumes are used to store data that is independent of the Pod lifecycle.
  • PersistentVolumeClaim (PVC):
  • A request for storage by a user. It is similar to a Pod in that Pods consume node resources, and PVCs consume PersistentVolume resources.
  • StorageClass:
  • Provides a way for administrators to describe the “classes” of storage they offer. Different classes might map to quality-of-service levels, backup policies, or other parameters.
  • Volume:
  • A directory that contains data, accessible by containers in a Pod. Volumes are used to store data that needs to be preserved across container restarts.
  • CSIDriver:
  • Represents a Container Storage Interface (CSI) driver that Kubernetes can use to manage volumes.
  • CSINode:
  • Provides information about all the CSI drivers installed on a node.
  • VolumeAttachment:
  • Represents the attachment of a storage volume to a node. This is part of the CSI architecture for managing volumes.

5. Metadata Objects

Metadata objects are used to organize, manage, and secure Kubernetes resources.

  • Namespace:
  • Provides a way to divide cluster resources between multiple users via namespaces. Namespaces are intended for use in environments with many users spread across multiple teams or projects.
  • Label:
  • A key-value pair attached to objects, used to organize and select subsets of objects. Labels are used in conjunction with label selectors to identify a group of objects.
  • Annotation:
  • Provides additional metadata for objects that can be used by external tooling or for internal tracking. Annotations are not used to identify or select objects.
  • OwnerReference:
  • Used to track ownership of Kubernetes objects. For example, Pods created by a ReplicaSet will have an OwnerReference pointing to that ReplicaSet.
  • Finalizer:
  • Provides a way to execute clean-up tasks before an object is deleted from the cluster. Finalizers are often used to manage external resources that are associated with Kubernetes objects.

6. Cluster Management Objects

Cluster management objects control aspects of the Kubernetes control plane and nodes.

  • Node:
  • A worker machine in Kubernetes, previously known as a “minion”. A node may be a VM or physical machine, depending on the cluster.
  • Role:
  • Specifies a set of permissions (rules) within a namespace. Roles are used to define what actions can be performed on resources within a namespace.
  • ClusterRole:
  • Similar to a Role, but a ClusterRole can apply to all namespaces or cluster-wide resources.
  • RoleBinding:
  • Grants the permissions defined in a Role to a user or set of users within a specific namespace.
  • ClusterRoleBinding:
  • Grants the permissions defined in a ClusterRole to a user or set of users across the entire cluster.
  • PodSecurityPolicy (Deprecated):
  • Defines a set of conditions that a Pod must meet to be accepted into the system, as well as runtime requirements. It was used to enforce security policies at the Pod level, but it is deprecated and being replaced by other mechanisms.
  • NodeRestriction:
  • Prevents nodes from modifying resources they should not have access to, enhancing security by restricting node privileges.

7. Scheduling Objects

Scheduling objects help manage how Pods are scheduled onto nodes.

  • PodDisruptionBudget (PDB):
  • Specifies the minimum number or percentage of Pods that must remain available during a voluntary disruption (e.g., during a node maintenance).
  • PriorityClass:
  • Defines the priority of Pods, affecting their placement and eviction. Higher priority Pods are scheduled before lower priority ones, and they are less likely to be evicted when resources are scarce.
  • Taints and Tolerations:
  • Taints allow a node to repel a set of Pods, while tolerations allow Pods to schedule on nodes with matching taints.
  • Affinity and Anti-affinity:
  • Rules that influence the scheduling of Pods based on their relationships to other Pods. Pod affinity places Pods together, while anti-affinity ensures they are scheduled apart.

8. Autoscaling Objects

Autoscaling objects automatically adjust the number of running Pods based on resource utilization.

  • HorizontalPodAutoscaler:
  • Automatically scales the number of Pods in a Deployment, ReplicaSet, or StatefulSet based on observed CPU utilization or other select metrics.
  • VerticalPodAutoscaler (VPA) (Beta):
  • Automatically adjusts the CPU and memory requests/limits of Pods to match the resource needs of the application.

9. Batch and Job Objects

These objects manage batch processing and scheduled jobs.

  • Job:
  • A Job creates one or more Pods and ensures that a specified number of them successfully terminate. It is used for batch processing tasks.
  • CronJob:
  • A CronJob manages time-based jobs, running them on a schedule similar to cron jobs in Unix/Linux. It is used for tasks that need to run periodically or at specific times.

10. Other Specialized Objects

These objects serve specific roles in managing Kubernetes cluster operations.

  • Lease:
  • Used for leader election within the cluster. For example, Kubernetes components that require leader election (like the control plane components) use Leases.
  • Event:
  • Records events that occur in the cluster, such as the start or end of a Pod, or any errors that occur. Events are useful for debugging and monitoring the state of the cluster.
  • Binding:
  • Used by the Kubernetes scheduler to assign a Pod to a specific Node.

11. Deprecated Objects

These objects have been deprecated and replaced by other mechanisms.

  • ReplicationController:
  • Largely replaced by ReplicaSet and Deployment.
  • PodSecurityPolicy (PSP):
  • Deprecated in favor of other security mechanisms like Open Policy Agent (OPA) and Kubernetes Admission Controllers.

Summary

Kubernetes provides a wide array of built-in objects to manage applications, resources, and infrastructure within a cluster. These objects cover the full spectrum of needs from running workloads to managing networking, storage, security, and more. Understanding these objects and how to use them effectively is crucial for managing Kubernetes clusters and deploying applications in a scalable, secure, and reliable manner.