Kubernetes Resource Categories and Objects

A systematic overview of Kubernetes resource categories including Workloads, Service, Config and Storage, Cluster, and Metadata APIs with their key objects explained.

3 min read

Kubernetes manages various types of objects called “resources” to handle the deployment, operation, and scaling of containerized applications. These resources are classified into several categories based on their function and purpose.

1. Workloads APIs

Resources related to running and managing containerized applications.

  • Pod: The smallest deployable unit in Kubernetes. Encapsulates one or more containers, storage, network resources, and specifications for how to run the containers.
  • ReplicaSet: Ensures that a specified number of Pod replicas are always running.
  • Deployment: A high-level resource for declaratively managing Pods and ReplicaSets. Facilitates rolling updates and rollbacks of applications.
  • DaemonSet: Ensures that a copy of a Pod runs on all (or specified) nodes. Used for logging agents, monitoring agents, etc.
  • StatefulSet: A workload API for managing stateful applications (such as databases). Provides Pod ordering, unique network identifiers, and persistent storage.
  • Job: Creates Pods that execute one-time tasks and terminate upon successful completion.
  • CronJob: Periodically executes Jobs based on a schedule.

2. Service APIs (Service Discovery and Load Balancing)

Resources for exposing containerized applications externally or providing internal service discovery.

  • Service: Defines a logical set of Pods and provides a stable IP address and DNS name for accessing them.
    • ClusterIP: Assigns a virtual IP address accessible only from within the cluster.
    • NodePort: Opens a specific port on each node, enabling external access.
    • LoadBalancer: Integrates with cloud provider load balancers to load balance external access.
    • ExternalName: Maps a service to an external DNS name.
    • Headless: Has no ClusterIP; allows Pod IP addresses to be resolved directly via DNS.
  • Ingress: Manages HTTP/HTTPS routing to services within the cluster. Routes external access to multiple services based on path or hostname.

3. Config & Storage APIs

Resources related to application configuration information, secrets, and persistent storage.

  • ConfigMap: Stores application configuration data in key-value format. Suitable for non-sensitive configuration.
  • Secret: Securely stores sensitive information (passwords, API keys, tokens, etc.). Base64-encoded but not encrypted.
  • PersistentVolume (PV): An abstraction of storage resources within the cluster (NFS, iSCSI, cloud storage, etc.).
  • PersistentVolumeClaim (PVC): A resource for Pods to request storage. Developers can request the needed capacity and access mode without knowing the specific storage implementation.

4. Cluster APIs

Resources related to cluster configuration, security, and resource management.

  • Node: Represents a worker machine (physical or virtual) in the cluster.
  • Namespace: A virtual partition for logically separating resources within the cluster.
  • ResourceQuota: Limits resource usage (CPU, memory, Pod count, etc.) within a Namespace.
  • ServiceAccount: Provides an identity for processes running within Pods to access the Kubernetes API.
  • Role: Defines permissions for operations on resources (reading Pods, creating Deployments, etc.) within a specific Namespace.
  • ClusterRole: Defines permissions for operations on resources across the entire cluster.
  • RoleBinding: Binds a Role to users, groups, or ServiceAccounts, granting permissions within a Namespace.
  • ClusterRoleBinding: Binds a ClusterRole to users, groups, or ServiceAccounts, granting permissions across the entire cluster.
  • NetworkPolicy: Defines rules for controlling network communication between Pods.

5. Metadata APIs

Resources for operating other resources within the cluster or extending Kubernetes functionality.

  • LimitRange: Defines the minimum and maximum resources (CPU, memory) that Pods and containers can request within a Namespace.
  • HorizontalPodAutoscaler (HPA): Automatically scales the number of Pod replicas based on CPU utilization or custom metrics.
  • PodDisruptionBudget (PDB): Ensures that a specified number of Pod replicas are always available during voluntary disruptions (such as node draining).
  • CustomResourceDefinition (CRD): Extends the Kubernetes API to allow defining custom resources.

References

関連記事