I’ve been working on Kubernetes migration so its quite obvious I have been surrounded by the words you see below. I personally like to have a handy sheet with links to important concepts. Here are some of them with links.
Node - A worker machine in Kubernetes, which may be a VM or physical machine.
Operator - A method of packaging, deploying, and managing a Kubernetes application.
kubelet - An agent that runs on each node in the cluster. It makes sure that containers are running in a Pod.
API Server - The component in the Kubernetes control plane that exposes the Kubernetes API.
Cluster - A set of worker machines, called nodes, that run containerized applications.
Backup and Restore - Techniques for saving and recovering Kubernetes cluster data.
RBAC - Role-Based Access Control is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise.
Service - An abstract way to expose an application running on a set of Pods as a network service.
Deployment - A Kubernetes object that provides declarative updates for Pods and ReplicaSets.
ReplicaSet - Ensures that a specified number of pod replicas are running at any given time.
ConfigMap - An API object used to store non-confidential data in key-value pairs.
Secret - Used to store sensitive information, like passwords, OAuth tokens, and ssh keys.
Ingress - An API object that manages external access to the services in a cluster.
Stateful Set - Manages the deployment and scaling of a set of Pods, providing guarantees about the ordering and uniqueness.
DaemonSet - Ensures that all nodes run a copy of a specific pod.
Node Maintenance - Processes for handling updates and upgrades of nodes.
Crashloop Backoff - A status message indicating that a container is failing to start.
Container - A lightweight, standalone, executable package that includes everything needed to run a piece of software.
Scheduler - Controls the placement of pods onto nodes in a cluster.
Custom Metrics - User-defined metrics used for autoscaling.
Rolling Update - A method of updating an application in a cluster without downtime.
State Persistence - Ways to store data across pod restarts.
Readiness Probe - Determines if a container is ready to service requests.
Knative - A Kubernetes-based platform to deploy and manage modern serverless workloads.
Persistent Volume - A piece of storage in the cluster that has been manually provisioned by an administrator.
CronJob - Manages time-based jobs, namely: "Cron" jobs.
Load Testing - The process of putting demand on a system and measuring its response. Tool.
Liveness Probe - Determines if a container is running.
Continuous Integration - The practice of merging all developers' working copies to a shared mainline several times a day.
Continuous Deployment - The software release process where code changes are automatically built, tested, and deployed to production.
GitOps - A way of implementing Continuous Deployment for cloud native applications.
Deployment - The process of making software available to users.
Resource Quotas - Limits the resource consumption per Namespace.
Resource Monitoring - Observing and tracking the resources used by workloads.
Resource Limits - The maximum amount of compute resources that a container can use.
Canary Deployment - A pattern for rolling out releases to a subset of users or servers.
Dynamic Resource Allocation - API for requesting and sharing resources between pods and containers inside a pod.
Blue-Green Deployment - A release management strategy that reduces downtime and risk.
Pod Affinity - Allows you to specify that certain pods should be co-located in the same node.
CPU Limits - The maximum CPU resource that a container can use.
Memory Limits - The maximum memory resource that a container can use.
Topology - The arrangement of the elements of a Kubernetes cluster.
Custom Metrics - User-defined metrics used for autoscaling.
Custom Resource Validation - Ensures the structural schema for custom resources in Kubernetes.
Policy Enforcement Point - The component that intercepts requests made to Kubernetes API server and applies relevant policies.
Admission Controller - A piece of code that intercepts requests to the Kubernetes API server prior to persistence of the object.
Custom Admission webhook - A hook which allows invoking custom admission control logic.
Authentication/Authorization Webhook - A web callback which uses HTTP callbacks for authentication/authorization.
Metrics Server - A scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.
Prometheus - An open-source systems monitoring and alerting toolkit.
Grafana - An open source metric analytics & visualization suite.
Events - Provide insight on what is happening inside a cluster, such as what decisions were made by scheduler or why some pods were evicted from the node.
Logging - The process of recording actions or events in a system.
Log Aggregation - The process of consolidating log data from different sources into a central location.
Tracing - A way to track a transaction or workflow in a distributed system.
OpenTelemetry - A set of APIs, libraries, agents, and instrumentation to capture distributed traces and metrics from your application.
Disaster Recovery - The process, policies, and procedures related to preparing for recovery or continuation of technology infrastructure after a disaster.
Audit Logging - Records actions taken by any individual or system in the system for the purpose of maintaining a historical record.
Service Mesh - An infrastructure layer that manages service-to-service communication over a network to ensure that it is fast, safe, and reliable.
Network Policy - A specification of how groups of pods are allowed to communicate with each other and other network endpoints.
Proxy - An intermediary server that forwards requests from multiple clients to different servers across the Internet.
Compliance - Ensuring that the organization's processes and actions are in line with established laws, regulations, and guidelines.
Policies - Rules that govern the behavior within a system.
Policy Enforcement - The process of implementing and enforcing rules within a system.
Istio - An open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies, and aggregate telemetry data.
DNS - Domain Name System, a naming system for resources connected to the internet or a private network.
API Gateway - A server that acts as an API front-end, receives API requests, enforces throttling and security policies, passes requests to the back-end service and then passes the response back to the requester.
Pod Security - A group of settings that control the security aspects of pod specification.
Policy Monitoring - The process of tracking the implementation and effectiveness of policies.
Ingress Controller - An application that manages inbound requests.
External DNS - DNS management for external services.
Rolling Update - The process of updating the running version of your app without downtime.
Pod - The smallest and simplest unit in the Kubernetes object model that you create or deploy.
Node Affinity - A set of rules used by the scheduler to determine where a pod can be placed.
Node Selector - Scheduling constraints on pods based on node labels.
Canary Analysis - A technique to reduce the risk of introducing a new software version in production by slowly rolling out the change to a small subset of users before rolling it out to the entire infrastructure.
Taints and Tolerations - A way to ensure that pods are not scheduled onto inappropriate nodes.
Pod Disruption Budget - A way to limit the number of concurrent disruptions your applications experience, allowing for higher availability while permitting regular cluster operations to occur.
Node Auto Provisioning - The ability for a cluster to dynamically create nodes based on demand.
Garbage Collection - The process of freeing up resources that are no longer in use on Kubernetes worker nodes.
Horizontal Pod Autoscaler - Automatically scales the number of pods in a replication controller, deployment, or replica set based on observed CPU utilization.
Helm - A package manager for Kubernetes that allows developers and operators to more easily package, configure, and deploy applications and services onto Kubernetes clusters.
Vertical Pod Autoscaler - Automatically adjusts the CPU and memory reservations for your pods to help "right size" your applications.
Kustomize - A standalone tool for customizing Kubernetes objects through a kustomization file.
Image Security - Ensures that the use of container images in your cluster is safe and up-to-date.
Operators Framework - Provides developer and runtime Kubernetes tools, enabling the community to build a Kubernetes a service (KaaS) on any infrastructure.
Stateful Application - An application that saves client data from the activities of one session for use in the next session.
CSI - Container Storage Interface, a standard for exposing arbitrary block and file storage systems to containerized workloads on Container Orchestration Systems (COs).
Identity and access management - Ensures that the right individuals access the right resources at the right times for the right reasons.
Encryption - The method by which information is converted into secret code that hides the information's true meaning.
Persistent Volume Claim - A request for storage by a user.
Security Policy - A set of rules that govern how an organization secures its information.
Custom Resource Definition - Allows you to create a new type of resource that acts like a native Kubernetes object.
External Secrets - Allows Kubernetes to use external secret management systems, like AWS Secrets Manager or HashiCorp Vault.
CSI Driver - A standardized interface for exposing arbitrary block and file storage systems to containerized workloads on Container Orchestration Systems (COs).
Volume Snapshot - A snapshot of the state of a volume at a particular point in time.
Volume Snapshot Class - Allows you to specify different attributes for a volume snapshot in Kubernetes.
Load Balancer - A device that distributes network or application traffic across a number of servers to increase capacity and reliability.
Auto-scaling - The process of automatically adjusting the number of computing resources based on the demand.
GitLab - A web-based DevOps lifecycle tool that provides a Git-repository manager.
Storage Class - Provides a way for administrators to describe the "classes" of storage they offer.
Namespaces - Kubernetes namespaces are intended for use in environments with many users spread across multiple teams, or projects.
Service Discovery - The automatic detection of devices and services offered by these devices on a computer network.
Pod Lifecycle - Describes the high-level states that a Pod can go through from when it is scheduled to when it is terminated.
Container Runtime - The software that is responsible for running containers.
Job - A finite or batch task that runs to completion.
Replication Controller - Ensures that a specified number of pod replicas are running at any given time.
Volumes - A directory, possibly with some data in it, which is accessible to the containers in a pod.
Endpoints - Tracks the IP Addresses of the objects the service send traffic to.
Docker - An open-source platform used for automating the deployment, scaling, and management of applications within containers.
Fluentd - An open-source data collector, which lets you unify the data collection and consumption for better use and understanding of data.
Kube-proxy - A network proxy that runs on each node in your cluster, maintaining network rules on nodes.
Cilium - Open source software for providing and transparently securing network connectivity between application services deployed in Linux container management platforms like Kubernetes.
Calico - An open-source networking and network security solution for containers.
Kube-state-metrics - A simple service that listens to the Kubernetes API server and generates metrics about the state of the objects.
Node Problem Detector - A daemon for detecting hardware, kernel and app problems.
Falco - A cloud-native runtime security project evolved from Sysdig.
OPA - Open Policy Agent, an open-source, general-purpose policy engine.
Kube-bench - A Go application that checks whether Kubernetes is deployed securely.
Kube-hunter - Hunts for security weaknesses in Kubernetes clusters.
Kube-score - A tool that performs static code analysis of your Kubernetes object definitions.
Octant - A tool for developers to understand how applications run on a Kubernetes cluster.
Velero - An open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.
Jaeger - An open-source, end-to-end distributed tracing system for cloud-native applications.
Linkerd - An ultralight service mesh for Kubernetes. It gives you observability, reliability, and security without requiring any code changes.
Spinnaker - An open-source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.
Argo - An open-source container-native deployment, workflow engine for orchestrating parallel deployments and jobs on Kubernetes.
Rook - An open-source, cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments.