Kubernetes API Resources Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(32 intermediate revisions by the same user not shown)
Line 11: Line 11:
=API Resources=
=API Resources=


The full list of API resources (primitives, API objects) available to interact with in Kubernetes is generated by:
The full list of API resources (primitives, API objects) available to interact with in Kubernetes, including [[Kubernetes_Custom_Resources|custom resources]], is generated by:
kubectl api-resources
<syntaxhighlight lang='bash'>
kubectl api-resources
</syntaxhighlight>


  '''NAME'''                              SHORTNAMES  <span id='API_Group'></span>'''APIGROUP'''                      NAMESPACED  <span id='Kind'></span>'''KIND'''
  '''NAME'''                              SHORTNAMES  <span id='API_Group'></span>'''APIGROUP'''                      NAMESPACED  <span id='Kind'></span>'''KIND'''
  bindings                                                                     true        Binding
  bindings                                       ''core API group''                true        Binding
  componentstatuses                cs                                          false        ComponentStatus
  componentstatuses                cs                                          false        ComponentStatus
  configmaps                        cm                                          true        ConfigMap
  configmaps                        cm                                          true        ConfigMap
  endpoints                        ep                                          true        Endpoints
  <span id='Endpoints'></span>endpoints                        ep                                          true        [[Kubernetes_Service_Concepts#Endpoints|Endpoints]]
  events                            ev                                          true        Event
  events                            ev                                          true        Event
  limitranges                      limits                                      true        LimitRange
  limitranges                      limits                                      true        LimitRange
  namespaces                        ns                                          false        [[Kubernetes Namespace Concepts|Namespace]]
  namespaces                        ns                                          false        [[Kubernetes Namespace Concepts|Namespace]]
  nodes                            no                                          false        Node
  nodes                            no                                          false        Node
  persistentvolumeclaims            pvc                                        true        PersistentVolumeClaim
  <span id='PersistentVolumeClaim'></span>persistentvolumeclaims            pvc                                        true        [[Kubernetes_Storage_Concepts#Persistent_Volume_Claim_.28PVC.29|PersistentVolumeClaim]]
  persistentvolumes                pv                                          false        PersistentVolume
  <span id='PersistentVolume'></span>persistentvolumes                pv                                          false        [[Kubernetes_Storage_Concepts#Persistent_Volume_.28PV.29|PersistentVolume]]
  <span id='Pod'></span>pods                              po                                          true        [[Kubernetes Pod and Container Concepts#Pod|Pod]]
  <span id='Pod'></span>pods                              po                                          true        [[Kubernetes Pod and Container Concepts#Pod|Pod]]
  podtemplates                                                                  true        PodTemplate
  podtemplates                                                                  true        PodTemplate
Line 31: Line 33:
  <span id='Secret'></span>secrets                                                                      true        [[Kubernetes Cluster Configuration Concepts#Secret|Secret]]
  <span id='Secret'></span>secrets                                                                      true        [[Kubernetes Cluster Configuration Concepts#Secret|Secret]]
  <span id='Service_Account'></span>serviceaccounts                  sa                                          true        [[Kubernetes_Security_Concepts#Service_Account|ServiceAccount]]
  <span id='Service_Account'></span>serviceaccounts                  sa                                          true        [[Kubernetes_Security_Concepts#Service_Account|ServiceAccount]]
  <span id='Service'></span> services                          svc                                         true        [[Kubernetes_Service_Concepts#Service|Service]]
  <span id='Service'></span>services                          svc         ''core API group''                true        [[Kubernetes_Service_Concepts#Service|Service]]
  mutatingwebhookconfigurations                  admissionregistration.k8s.io  false        MutatingWebhookConfiguration
  mutatingwebhookconfigurations                  admissionregistration.k8s.io  false        MutatingWebhookConfiguration
  validatingwebhookconfigurations                admissionregistration.k8s.io  false        ValidatingWebhookConfiguration
  <span id='ValidatingWebhookConfiguration'></span>validatingwebhookconfigurations                admissionregistration.k8s.io  false        [[Kubernetes Admission Controller Concepts #ValidatingWebhookConfiguration|ValidatingWebhookConfiguration]]
  customresourcedefinitions        crd,crds    apiextensions.k8s.io          false        CustomResourceDefinition
  customresourcedefinitions        crd,crds    apiextensions.k8s.io          false        CustomResourceDefinition
  apiservices                                    apiregistration.k8s.io        false        APIService
  apiservices                                    apiregistration.k8s.io        false        APIService
Line 40: Line 42:
  deployments                      deploy      apps                          true        Deployment
  deployments                      deploy      apps                          true        Deployment
  replicasets                      rs          apps                          true        ReplicaSet
  replicasets                      rs          apps                          true        ReplicaSet
  statefulsets                      sts          apps                          true        [[Kubernetes_Higher_Level_Pod_Controllers#StatefulSet|StatefulSet]]
  <span id='StatefulSet'></span>statefulsets                      sts          apps                          true        [[Kubernetes StatefulSet|StatefulSet]]
  tokenreviews                                  authentication.k8s.io          false        TokenReview
  tokenreviews                                  authentication.k8s.io          false        TokenReview
  localsubjectaccessreviews                      authorization.k8s.io          true        LocalSubjectAccessReview
  localsubjectaccessreviews                      authorization.k8s.io          true        LocalSubjectAccessReview
Line 46: Line 48:
  selfsubjectrulesreviews                        authorization.k8s.io          false        SelfSubjectRulesReview
  selfsubjectrulesreviews                        authorization.k8s.io          false        SelfSubjectRulesReview
  subjectaccessreviews                          authorization.k8s.io          false        SubjectAccessReview
  subjectaccessreviews                          authorization.k8s.io          false        SubjectAccessReview
  horizontalpodautoscalers          hpa          autoscaling                    true        HorizontalPodAutoscaler
  <span id='HorizontalPodAutoscaler'></span>horizontalpodautoscalers          hpa          autoscaling                    true        [[Kubernetes_Horizontal_Pod_Autoscaler#Overview|HorizontalPodAutoscaler]]
  cronjobs                          cj          batch                          true        CronJob
  cronjobs                          cj          batch                          true        <span id='CronJob'>[[Kubernetes CronJob#Overview|CronJob]]
  jobs                                          batch                          true        Job
  jobs                                          batch                          true        <span id='Job'>[[Kubernetes Job#Overview|Job]]
  certificatesigningrequests        csr          certificates.k8s.io            false        CertificateSigningRequest
  certificatesigningrequests        csr          certificates.k8s.io            false        CertificateSigningRequest
  stacks                                        compose.docker.com            true        Stack
  stacks                                        compose.docker.com            true        Stack
Line 55: Line 57:
  daemonsets                        ds          extensions                    true        DaemonSet
  daemonsets                        ds          extensions                    true        DaemonSet
  deployments                      deploy      extensions                    true        Deployment
  deployments                      deploy      extensions                    true        Deployment
  ingresses                        ing          extensions                    true        Ingress
  <span id='Ingress'></span>ingresses                        ing          extensions                    true        [[Kubernetes_Ingress_Concepts#Ingress_API_Resource|Ingress]]
  networkpolicies                  netpol      extensions                    true        NetworkPolicy
  networkpolicies                  netpol      extensions                    true        NetworkPolicy
  podsecuritypolicies              psp          extensions                    false        PodSecurityPolicy
  podsecuritypolicies              psp          extensions                    false        PodSecurityPolicy
  replicasets                      rs          extensions                    true        ReplicaSet
  replicasets                      rs          extensions                    true        ReplicaSet
  ingresses                        ing          networking.k8s.io              true        Ingress
  ingresses                        ing          networking.k8s.io              true        [[Kubernetes_Ingress_Concepts#Ingress_API_Resource|Ingress]]
  networkpolicies                  netpol      networking.k8s.io              true        NetworkPolicy
  networkpolicies                  netpol      networking.k8s.io              true        NetworkPolicy
  runtimeclasses                                node.k8s.io                    false        RuntimeClass
  runtimeclasses                                node.k8s.io                    false        RuntimeClass
  poddisruptionbudgets              pdb          policy                        true        PodDisruptionBudget
  poddisruptionbudgets              pdb          policy                        true        PodDisruptionBudget
  podsecuritypolicies              psp          policy                        false        PodSecurityPolicy
  podsecuritypolicies              psp          policy                        false        [[Kubernetes_Pod_Security_Policy_Concepts#PodSecurityPolicy|PodSecurityPolicy]]
  <span id='ClusterRoleBinding'></span>clusterrolebindings                            rbac.authorization.k8s.io      false        [[Kubernetes_Security_Concepts#Cluster_Role_Binding|ClusterRoleBinding]]
  <span id='ClusterRoleBinding'></span>clusterrolebindings                            rbac.authorization.k8s.io      false        [[Kubernetes_Role_Based_Access_Control_Concepts#Cluster_Role_Binding|ClusterRoleBinding]]
  <span id='ClusterRole'></span>clusterroles                                  rbac.authorization.k8s.io      false        [[Kubernetes_Security_Concepts#Cluster_Role|ClusterRole]]
  <span id='ClusterRole'></span>clusterroles                                  rbac.authorization.k8s.io      false        [[Kubernetes_Role_Based_Access_Control_Concepts#Cluster_Role|ClusterRole]]
  rolebindings                                  rbac.authorization.k8s.io      true        RoleBinding
  rolebindings                                  rbac.authorization.k8s.io      true        RoleBinding
  roles                                          rbac.authorization.k8s.io      true        Role
  roles                                          rbac.authorization.k8s.io      true        Role
Line 71: Line 73:
  csidrivers                                    storage.k8s.io                false        CSIDriver
  csidrivers                                    storage.k8s.io                false        CSIDriver
  csinodes                                      storage.k8s.io                false        CSINode
  csinodes                                      storage.k8s.io                false        CSINode
  storageclasses                    sc          storage.k8s.io                false        StorageClass
  <span id='StorageClass'></span>storageclasses                    sc          storage.k8s.io                false        [[Kubernetes_Storage_Concepts#Storage_Class_.28SC.29|StorageClass]]
  volumeattachments                              storage.k8s.io                false        VolumeAttachment
  volumeattachments                              storage.k8s.io                false        VolumeAttachment


Line 79: Line 81:
All objects in the Kubernetes REST API are unambiguously identified by a name and a [[#UID|UID]].  
All objects in the Kubernetes REST API are unambiguously identified by a name and a [[#UID|UID]].  


When a resource is created, the desired name is specified in the [[Kubernetes_Manifest_Metadata#name|metadata.name]] manifest field.
When a resource is created, the desired name is specified in the [[Kubernetes_Manifest_Metadata#name|metadata.name]] manifest field. The name of the resource is used as part of resource URL, such as "/api/v1/pods/my-pod", so the name must respect constraints common to DNS names. There are three sub-categories of constrains a resource name should comply with:
 
==DNS Subdomain Names==
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names}}
Most resource types require a name that can be used as a [[DNS_Concepts#DNS_Subdomain_Name|DNS subdomain name]] as defined in [https://tools.ietf.org/html/rfc1123 RFC 1123]:
* contains no more than 253 characters
* contains only lowercase alphanumeric characters, '-' or '.'
* starts with an alphanumeric character
* ends with an alphanumeric character
 
==DNS Label Names==
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names}}
Some resource types require that their name follows the [[DNS_Concepts#DNS_Label_Name|DNS label]] standard, as defined in [https://tools.ietf.org/html/rfc1123 RFC 1123]:
* contains at most 63 characters
* contains only lowercase alphanumeric characters or '-'
* starts with an alphanumeric character
* ends with an alphanumeric character
 
==Path Segment Names==
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#path-segment-names}}


=<span id='UID'></span>UIDs=
=<span id='UID'></span>UIDs=
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids}}
{{External|https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids}}
Also see: {{Internal|UUID|UUID}}


=Resource Manifests=
=Resource Manifests=
{{Internal|Kubernetes Manifests|Kubernetes Manifests}}
{{Internal|Kubernetes Manifests|Kubernetes Manifests}}

Latest revision as of 19:38, 6 December 2023

External

Internal

API Reference

https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/

API Resources

The full list of API resources (primitives, API objects) available to interact with in Kubernetes, including custom resources, is generated by:

kubectl api-resources
NAME                              SHORTNAMES   APIGROUP                       NAMESPACED   KIND
bindings                                       core API group                 true         Binding
componentstatuses                 cs                                          false        ComponentStatus
configmaps                        cm                                          true         ConfigMap
endpoints                         ep                                          true         Endpoints
events                            ev                                          true         Event
limitranges                       limits                                      true         LimitRange
namespaces                        ns                                          false        Namespace
nodes                             no                                          false        Node
persistentvolumeclaims            pvc                                         true         PersistentVolumeClaim
persistentvolumes                 pv                                          false        PersistentVolume
pods                              po                                          true         Pod
podtemplates                                                                  true         PodTemplate
replicationcontrollers            rc                                          true         ReplicationController
resourcequotas                    quota                                       true         ResourceQuota
secrets                                                                       true         Secret
serviceaccounts                   sa                                          true         ServiceAccount
services                          svc          core API group                 true         Service
mutatingwebhookconfigurations                  admissionregistration.k8s.io   false        MutatingWebhookConfiguration
validatingwebhookconfigurations                admissionregistration.k8s.io   false        ValidatingWebhookConfiguration
customresourcedefinitions         crd,crds     apiextensions.k8s.io           false        CustomResourceDefinition
apiservices                                    apiregistration.k8s.io         false        APIService
controllerrevisions                            apps                           true         ControllerRevision
daemonsets                        ds           apps                           true         DaemonSet
deployments                       deploy       apps                           true         Deployment
replicasets                       rs           apps                           true         ReplicaSet
statefulsets                      sts          apps                           true         StatefulSet
tokenreviews                                   authentication.k8s.io          false        TokenReview
localsubjectaccessreviews                      authorization.k8s.io           true         LocalSubjectAccessReview
selfsubjectaccessreviews                       authorization.k8s.io           false        SelfSubjectAccessReview
selfsubjectrulesreviews                        authorization.k8s.io           false        SelfSubjectRulesReview
subjectaccessreviews                           authorization.k8s.io           false        SubjectAccessReview
horizontalpodautoscalers          hpa          autoscaling                    true         HorizontalPodAutoscaler
cronjobs                          cj           batch                          true         CronJob
jobs                                           batch                          true         Job
certificatesigningrequests        csr          certificates.k8s.io            false        CertificateSigningRequest
stacks                                         compose.docker.com             true         Stack
leases                                         coordination.k8s.io            true         Lease
events                            ev           events.k8s.io                  true         Event
daemonsets                        ds           extensions                     true         DaemonSet
deployments                       deploy       extensions                     true         Deployment
ingresses                         ing          extensions                     true         Ingress
networkpolicies                   netpol       extensions                     true         NetworkPolicy
podsecuritypolicies               psp          extensions                     false        PodSecurityPolicy
replicasets                       rs           extensions                     true         ReplicaSet
ingresses                         ing          networking.k8s.io              true         Ingress
networkpolicies                   netpol       networking.k8s.io              true         NetworkPolicy
runtimeclasses                                 node.k8s.io                    false        RuntimeClass
poddisruptionbudgets              pdb          policy                         true         PodDisruptionBudget
podsecuritypolicies               psp          policy                         false        PodSecurityPolicy
clusterrolebindings                            rbac.authorization.k8s.io      false        ClusterRoleBinding
clusterroles                                   rbac.authorization.k8s.io      false        ClusterRole
rolebindings                                   rbac.authorization.k8s.io      true         RoleBinding
roles                                          rbac.authorization.k8s.io      true         Role
priorityclasses                   pc           scheduling.k8s.io              false        PriorityClass
csidrivers                                     storage.k8s.io                 false        CSIDriver
csinodes                                       storage.k8s.io                 false        CSINode
storageclasses                    sc           storage.k8s.io                 false        StorageClass
volumeattachments                              storage.k8s.io                 false        VolumeAttachment

Names

https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

All objects in the Kubernetes REST API are unambiguously identified by a name and a UID.

When a resource is created, the desired name is specified in the metadata.name manifest field. The name of the resource is used as part of resource URL, such as "/api/v1/pods/my-pod", so the name must respect constraints common to DNS names. There are three sub-categories of constrains a resource name should comply with:

DNS Subdomain Names

https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names

Most resource types require a name that can be used as a DNS subdomain name as defined in RFC 1123:

  • contains no more than 253 characters
  • contains only lowercase alphanumeric characters, '-' or '.'
  • starts with an alphanumeric character
  • ends with an alphanumeric character

DNS Label Names

https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names

Some resource types require that their name follows the DNS label standard, as defined in RFC 1123:

  • contains at most 63 characters
  • contains only lowercase alphanumeric characters or '-'
  • starts with an alphanumeric character
  • ends with an alphanumeric character

Path Segment Names

https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#path-segment-names

UIDs

https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

Also see:

UUID

Resource Manifests

Kubernetes Manifests