Kubernetes API Resources Concepts: Difference between revisions
(35 intermediate revisions by the same user not shown) | |||
Line 11: | Line 11: | ||
=API Resources= | =API Resources= | ||
The full list of API resources (primitives, API objects) available to interact with in Kubernetes is generated by: | The full list of API resources (primitives, API objects) available to interact with in Kubernetes, including [[Kubernetes_Custom_Resources|custom resources]], is generated by: | ||
<syntaxhighlight lang='bash'> | |||
kubectl api-resources | |||
</syntaxhighlight> | |||
'''NAME''' SHORTNAMES <span id='API_Group'></span>'''APIGROUP''' NAMESPACED <span id='Kind'></span>'''KIND''' | '''NAME''' SHORTNAMES <span id='API_Group'></span>'''APIGROUP''' NAMESPACED <span id='Kind'></span>'''KIND''' | ||
bindings | bindings ''core API group'' true Binding | ||
componentstatuses cs false ComponentStatus | componentstatuses cs false ComponentStatus | ||
configmaps cm true ConfigMap | configmaps cm true ConfigMap | ||
endpoints ep true Endpoints | <span id='Endpoints'></span>endpoints ep true [[Kubernetes_Service_Concepts#Endpoints|Endpoints]] | ||
events ev true Event | events ev true Event | ||
limitranges limits true LimitRange | limitranges limits true LimitRange | ||
namespaces ns false [[Kubernetes Namespace Concepts|Namespace]] | namespaces ns false [[Kubernetes Namespace Concepts|Namespace]] | ||
nodes no false Node | nodes no false Node | ||
persistentvolumeclaims pvc true PersistentVolumeClaim | <span id='PersistentVolumeClaim'></span>persistentvolumeclaims pvc true [[Kubernetes_Storage_Concepts#Persistent_Volume_Claim_.28PVC.29|PersistentVolumeClaim]] | ||
persistentvolumes pv false PersistentVolume | <span id='PersistentVolume'></span>persistentvolumes pv false [[Kubernetes_Storage_Concepts#Persistent_Volume_.28PV.29|PersistentVolume]] | ||
<span id='Pod'></span>pods po true [[Kubernetes Pod and Container Concepts#Pod|Pod]] | <span id='Pod'></span>pods po true [[Kubernetes Pod and Container Concepts#Pod|Pod]] | ||
podtemplates true PodTemplate | podtemplates true PodTemplate | ||
Line 30: | Line 32: | ||
resourcequotas quota true ResourceQuota | resourcequotas quota true ResourceQuota | ||
<span id='Secret'></span>secrets true [[Kubernetes Cluster Configuration Concepts#Secret|Secret]] | <span id='Secret'></span>secrets true [[Kubernetes Cluster Configuration Concepts#Secret|Secret]] | ||
serviceaccounts sa true ServiceAccount | <span id='Service_Account'></span>serviceaccounts sa true [[Kubernetes_Security_Concepts#Service_Account|ServiceAccount]] | ||
services svc | <span id='Service'></span>services svc ''core API group'' true [[Kubernetes_Service_Concepts#Service|Service]] | ||
mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration | mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration | ||
validatingwebhookconfigurations admissionregistration.k8s.io false ValidatingWebhookConfiguration | <span id='ValidatingWebhookConfiguration'></span>validatingwebhookconfigurations admissionregistration.k8s.io false [[Kubernetes Admission Controller Concepts #ValidatingWebhookConfiguration|ValidatingWebhookConfiguration]] | ||
customresourcedefinitions crd,crds apiextensions.k8s.io false CustomResourceDefinition | customresourcedefinitions crd,crds apiextensions.k8s.io false CustomResourceDefinition | ||
apiservices apiregistration.k8s.io false APIService | apiservices apiregistration.k8s.io false APIService | ||
Line 40: | Line 42: | ||
deployments deploy apps true Deployment | deployments deploy apps true Deployment | ||
replicasets rs apps true ReplicaSet | replicasets rs apps true ReplicaSet | ||
statefulsets sts apps true [[ | <span id='StatefulSet'></span>statefulsets sts apps true [[Kubernetes StatefulSet|StatefulSet]] | ||
tokenreviews authentication.k8s.io false TokenReview | tokenreviews authentication.k8s.io false TokenReview | ||
localsubjectaccessreviews authorization.k8s.io true LocalSubjectAccessReview | localsubjectaccessreviews authorization.k8s.io true LocalSubjectAccessReview | ||
Line 46: | Line 48: | ||
selfsubjectrulesreviews authorization.k8s.io false SelfSubjectRulesReview | selfsubjectrulesreviews authorization.k8s.io false SelfSubjectRulesReview | ||
subjectaccessreviews authorization.k8s.io false SubjectAccessReview | subjectaccessreviews authorization.k8s.io false SubjectAccessReview | ||
horizontalpodautoscalers hpa autoscaling true HorizontalPodAutoscaler | <span id='HorizontalPodAutoscaler'></span>horizontalpodautoscalers hpa autoscaling true [[Kubernetes_Horizontal_Pod_Autoscaler#Overview|HorizontalPodAutoscaler]] | ||
cronjobs cj batch true CronJob | cronjobs cj batch true <span id='CronJob'>[[Kubernetes CronJob#Overview|CronJob]] | ||
jobs batch true Job | jobs batch true <span id='Job'>[[Kubernetes Job#Overview|Job]] | ||
certificatesigningrequests csr certificates.k8s.io false CertificateSigningRequest | certificatesigningrequests csr certificates.k8s.io false CertificateSigningRequest | ||
stacks compose.docker.com true Stack | stacks compose.docker.com true Stack | ||
Line 55: | Line 57: | ||
daemonsets ds extensions true DaemonSet | daemonsets ds extensions true DaemonSet | ||
deployments deploy extensions true Deployment | deployments deploy extensions true Deployment | ||
ingresses ing extensions true Ingress | <span id='Ingress'></span>ingresses ing extensions true [[Kubernetes_Ingress_Concepts#Ingress_API_Resource|Ingress]] | ||
networkpolicies netpol extensions true NetworkPolicy | networkpolicies netpol extensions true NetworkPolicy | ||
podsecuritypolicies psp extensions false PodSecurityPolicy | podsecuritypolicies psp extensions false PodSecurityPolicy | ||
replicasets rs extensions true ReplicaSet | replicasets rs extensions true ReplicaSet | ||
ingresses ing networking.k8s.io true Ingress | ingresses ing networking.k8s.io true [[Kubernetes_Ingress_Concepts#Ingress_API_Resource|Ingress]] | ||
networkpolicies netpol networking.k8s.io true NetworkPolicy | networkpolicies netpol networking.k8s.io true NetworkPolicy | ||
runtimeclasses node.k8s.io false RuntimeClass | runtimeclasses node.k8s.io false RuntimeClass | ||
poddisruptionbudgets pdb policy true PodDisruptionBudget | poddisruptionbudgets pdb policy true PodDisruptionBudget | ||
podsecuritypolicies psp policy false PodSecurityPolicy | podsecuritypolicies psp policy false [[Kubernetes_Pod_Security_Policy_Concepts#PodSecurityPolicy|PodSecurityPolicy]] | ||
clusterrolebindings rbac.authorization.k8s.io false ClusterRoleBinding | <span id='ClusterRoleBinding'></span>clusterrolebindings rbac.authorization.k8s.io false [[Kubernetes_Role_Based_Access_Control_Concepts#Cluster_Role_Binding|ClusterRoleBinding]] | ||
clusterroles rbac.authorization.k8s.io false ClusterRole | <span id='ClusterRole'></span>clusterroles rbac.authorization.k8s.io false [[Kubernetes_Role_Based_Access_Control_Concepts#Cluster_Role|ClusterRole]] | ||
rolebindings rbac.authorization.k8s.io true RoleBinding | rolebindings rbac.authorization.k8s.io true RoleBinding | ||
roles rbac.authorization.k8s.io true Role | roles rbac.authorization.k8s.io true Role | ||
Line 71: | Line 73: | ||
csidrivers storage.k8s.io false CSIDriver | csidrivers storage.k8s.io false CSIDriver | ||
csinodes storage.k8s.io false CSINode | csinodes storage.k8s.io false CSINode | ||
storageclasses sc storage.k8s.io false StorageClass | <span id='StorageClass'></span>storageclasses sc storage.k8s.io false [[Kubernetes_Storage_Concepts#Storage_Class_.28SC.29|StorageClass]] | ||
volumeattachments storage.k8s.io false VolumeAttachment | volumeattachments storage.k8s.io false VolumeAttachment | ||
Line 79: | Line 81: | ||
All objects in the Kubernetes REST API are unambiguously identified by a name and a [[#UID|UID]]. | All objects in the Kubernetes REST API are unambiguously identified by a name and a [[#UID|UID]]. | ||
When a resource is created, the desired name is specified in the [[Kubernetes_Manifest_Metadata#name|metadata.name]] manifest field. | When a resource is created, the desired name is specified in the [[Kubernetes_Manifest_Metadata#name|metadata.name]] manifest field. The name of the resource is used as part of resource URL, such as "/api/v1/pods/my-pod", so the name must respect constraints common to DNS names. There are three sub-categories of constrains a resource name should comply with: | ||
==DNS Subdomain Names== | |||
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names}} | |||
Most resource types require a name that can be used as a [[DNS_Concepts#DNS_Subdomain_Name|DNS subdomain name]] as defined in [https://tools.ietf.org/html/rfc1123 RFC 1123]: | |||
* contains no more than 253 characters | |||
* contains only lowercase alphanumeric characters, '-' or '.' | |||
* starts with an alphanumeric character | |||
* ends with an alphanumeric character | |||
==DNS Label Names== | |||
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names}} | |||
Some resource types require that their name follows the [[DNS_Concepts#DNS_Label_Name|DNS label]] standard, as defined in [https://tools.ietf.org/html/rfc1123 RFC 1123]: | |||
* contains at most 63 characters | |||
* contains only lowercase alphanumeric characters or '-' | |||
* starts with an alphanumeric character | |||
* ends with an alphanumeric character | |||
==Path Segment Names== | |||
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#path-segment-names}} | |||
=<span id='UID'></span>UIDs= | =<span id='UID'></span>UIDs= | ||
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids}} | {{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids}} | ||
Also see: {{Internal|UUID|UUID}} | |||
=Resource Manifests= | =Resource Manifests= | ||
{{Internal|Kubernetes Manifests|Kubernetes Manifests}} | {{Internal|Kubernetes Manifests|Kubernetes Manifests}} |
Latest revision as of 19:38, 6 December 2023
External
Internal
API Reference
API Resources
The full list of API resources (primitives, API objects) available to interact with in Kubernetes, including custom resources, is generated by:
kubectl api-resources
NAME SHORTNAMES APIGROUP NAMESPACED KIND bindings core API group true Binding componentstatuses cs false ComponentStatus configmaps cm true ConfigMap endpoints ep true Endpoints events ev true Event limitranges limits true LimitRange namespaces ns false Namespace nodes no false Node persistentvolumeclaims pvc true PersistentVolumeClaim persistentvolumes pv false PersistentVolume pods po true Pod podtemplates true PodTemplate replicationcontrollers rc true ReplicationController resourcequotas quota true ResourceQuota secrets true Secret serviceaccounts sa true ServiceAccount services svc core API group true Service mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration validatingwebhookconfigurations admissionregistration.k8s.io false ValidatingWebhookConfiguration customresourcedefinitions crd,crds apiextensions.k8s.io false CustomResourceDefinition apiservices apiregistration.k8s.io false APIService controllerrevisions apps true ControllerRevision daemonsets ds apps true DaemonSet deployments deploy apps true Deployment replicasets rs apps true ReplicaSet statefulsets sts apps true StatefulSet tokenreviews authentication.k8s.io false TokenReview localsubjectaccessreviews authorization.k8s.io true LocalSubjectAccessReview selfsubjectaccessreviews authorization.k8s.io false SelfSubjectAccessReview selfsubjectrulesreviews authorization.k8s.io false SelfSubjectRulesReview subjectaccessreviews authorization.k8s.io false SubjectAccessReview horizontalpodautoscalers hpa autoscaling true HorizontalPodAutoscaler cronjobs cj batch true CronJob jobs batch true Job certificatesigningrequests csr certificates.k8s.io false CertificateSigningRequest stacks compose.docker.com true Stack leases coordination.k8s.io true Lease events ev events.k8s.io true Event daemonsets ds extensions true DaemonSet deployments deploy extensions true Deployment ingresses ing extensions true Ingress networkpolicies netpol extensions true NetworkPolicy podsecuritypolicies psp extensions false PodSecurityPolicy replicasets rs extensions true ReplicaSet ingresses ing networking.k8s.io true Ingress networkpolicies netpol networking.k8s.io true NetworkPolicy runtimeclasses node.k8s.io false RuntimeClass poddisruptionbudgets pdb policy true PodDisruptionBudget podsecuritypolicies psp policy false PodSecurityPolicy clusterrolebindings rbac.authorization.k8s.io false ClusterRoleBinding clusterroles rbac.authorization.k8s.io false ClusterRole rolebindings rbac.authorization.k8s.io true RoleBinding roles rbac.authorization.k8s.io true Role priorityclasses pc scheduling.k8s.io false PriorityClass csidrivers storage.k8s.io false CSIDriver csinodes storage.k8s.io false CSINode storageclasses sc storage.k8s.io false StorageClass volumeattachments storage.k8s.io false VolumeAttachment
Names
All objects in the Kubernetes REST API are unambiguously identified by a name and a UID.
When a resource is created, the desired name is specified in the metadata.name manifest field. The name of the resource is used as part of resource URL, such as "/api/v1/pods/my-pod", so the name must respect constraints common to DNS names. There are three sub-categories of constrains a resource name should comply with:
DNS Subdomain Names
Most resource types require a name that can be used as a DNS subdomain name as defined in RFC 1123:
- contains no more than 253 characters
- contains only lowercase alphanumeric characters, '-' or '.'
- starts with an alphanumeric character
- ends with an alphanumeric character
DNS Label Names
Some resource types require that their name follows the DNS label standard, as defined in RFC 1123:
- contains at most 63 characters
- contains only lowercase alphanumeric characters or '-'
- starts with an alphanumeric character
- ends with an alphanumeric character
Path Segment Names
UIDs
Also see: