All Projects → cloudogu → K8s Diagrams

cloudogu / K8s Diagrams

Licence: mit
A collection of kubernetes-related diagrams

Projects that are alternatives of or similar to K8s Diagrams

K8s
Deploying Kubernetes High Availability Cluster with Ansible Playbook
Stars: ✭ 125 (-44.93%)
Mutual labels:  pod, k8s, container
Permission Manager
Permission Manager is a project that brings sanity to Kubernetes RBAC and Users management, Web UI FTW
Stars: ✭ 753 (+231.72%)
Mutual labels:  rbac, k8s
Carvel Kapp
kapp is a simple deployment tool focused on the concept of "Kubernetes application" — a set of resources with the same label
Stars: ✭ 489 (+115.42%)
Mutual labels:  deployment, k8s
Kanary
Kubernetes Operator to manage canary deployment using HAProxy
Stars: ✭ 14 (-93.83%)
Mutual labels:  deployment, k8s
Helloworld Msa
Main repository with documentation and support files
Stars: ✭ 218 (-3.96%)
Mutual labels:  deployment, container
Adapt
ReactJS for your infrastructure. Create and deploy full-stack apps to any infrastructure using the power of React.
Stars: ✭ 317 (+39.65%)
Mutual labels:  deployment, k8s
Openebs
Leading Open Source Container Attached Storage, built using Cloud Native Architecture, simplifies running Stateful Applications on Kubernetes.
Stars: ✭ 7,277 (+3105.73%)
Mutual labels:  pod, k8s
edge-home-orchestration-go
Home Edge Project in LF Edge - Edge Orchestration for home edge devices to enabling smart home use cases.
Stars: ✭ 68 (-70.04%)
Mutual labels:  container, rbac
Filebeat Kubernetes
Filebeat container, alternative to fluentd used to ship kubernetes cluster and pod logs
Stars: ✭ 147 (-35.24%)
Mutual labels:  pod, container
Nghttpx Ingress Lb
nghttpx ingress controller for Kubernetes
Stars: ✭ 115 (-49.34%)
Mutual labels:  k8s, container
Krane
Kubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (+11.89%)
Mutual labels:  rbac, k8s
Runtime
Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers).
Stars: ✭ 2,103 (+826.43%)
Mutual labels:  k8s, container
atlassian-kubernetes
All things Atlassian and Kubernetes
Stars: ✭ 30 (-86.78%)
Mutual labels:  deployment, k8s
Kubectl Plugins
A Collection of Plugins for kubectl Integration (exec as any user, context switching, etc).
Stars: ✭ 340 (+49.78%)
Mutual labels:  deployment, pod
ultimate-kubernetes-bootcamp
Ultimate Kubernetes Bootcamp
Stars: ✭ 43 (-81.06%)
Mutual labels:  deployment, container
Rakkess
Review Access - kubectl plugin to show an access matrix for k8s server resources
Stars: ✭ 751 (+230.84%)
Mutual labels:  rbac, k8s
falcon-helm
Helm Charts for running CrowdStrike Falcon with Kubernetes
Stars: ✭ 34 (-85.02%)
Mutual labels:  container, k8s
rkt-compose
CLI to run Docker Compose file as pod on rkt with integrated service discovery using Consul - EOL
Stars: ✭ 24 (-89.43%)
Mutual labels:  container, pod
Php K8s
PHP K8s is a PHP handler for the Kubernetes Cluster API, helping you handling the individual Kubernetes resources directly from PHP, like viewing, creating, updating or deleting resources.
Stars: ✭ 111 (-51.1%)
Mutual labels:  pod, k8s
Maratona Kubernetes
Repositório de código de demonstrações da Maratona Kubernetes 🇧🇷
Stars: ✭ 152 (-33.04%)
Mutual labels:  k8s, container

k8s-diagrams

A collection of diagrams explaining kubernetes, extracted from our trainings, articles and talks (k8s sec, k8s intro).

The diagrams are realized using PlantUML, so they're basically text and can be adjusted easily.
Note that the diagrams don't use UML notation. They are rather box and line diagrams.

Table of contents

Deployment ➜ Pod ➜ Container

Relationship between Deployment, Pod and Container.
Simplified - leaves out ReplicaSets for brevity.

Pod ➜ Node

Relationship between Pod and Node.

Services, Nodes and Pods explained

Traffic flow from Cloud LoadBalancer via Service to Pods running on Nodes.

Services, Nodes and Pods explained (including IP addresses)

Traffic flow from Cloud LoadBalancer via Service to Pods running on Nodes. Including different address IP address ranges and ports:

  • external IP,
  • node internal and external IP and node port,
  • service IP,
  • pod IP and target port (on container)

Ingresses explained

Progress of a requests from the ingress controller's service to the actual pod, illustrating the role of the ingress resource.

Rolling Updates explained

Authentication and Authorization

Flow from user API server request to response: check authn via identity provider, then authz via RBAC.

Role Based Access Control (RBAC) Resources

A simplified display of resources involved in RBAC and their correlations.

Note that

  • Permission is not a k8s resource, but a list of rules inside the (Cluster-)roles that make up a kind of permission.
    It consits of resources and verbs granted on it. For example:
    • resources: "secrets"
    • verbs: "get"
  • Subject can be a serviceAccount, user or group

PodSecurityPolicy Activation via RBAC

Connection from Pod to PSP via RBAC (Role, RoleBinding, ServiceAccount).

Troubleshooting Kubernetes PodSecurityPolicies

A diagram to help debugging Kubernetes PodSecurityPolicies.

GitOps

Diagrams describing the general concepts of gitOps and distinguishing it from "ciOps".

See also our

High-level overview

Details

There are different options when implementing GitOps. Some of them are depicted bellow.

CI Server writes image version to GitOps Repo.


CI Server read-only on GitOps Repo; GitOps Operator writes image version to GitOps Repo.


Infra as Code stays in app repo, CI Server writes to GitOps repo.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].