This is the multi-page printable view of this section. Click here to print.
Reference
1 - KubeOps CLI Commands
KubeOps KubeOpsCtl CLI Commands
This documentation shows all commands of the kubeopsctl and how to use them.
General commands
Overview of all KUBEOPSCTL commands
Description:
kubeopsctl is a kubernetes cluster manager
Usage:
kubeopsctl [command] [options]
Options:
--version Show version information
-?, -h, --help Show help and usage information
Commands:
version kubeopsctl version information
login Login to kubeops hub and registry
logout Logout from kubeops hub
pull Pull kosi packages for kubernetes cluster setup and plattform tools
apply Apply values on kubernetes cluster
Command ‘kubeopsctl –version’
The kubeopsctl --version command shows you the current version of kubeopsctl.
kubeopsctl --version
The output should be:
2.0.3
Command ‘kubeopsctl –help’
The command kubeopsctl --help gives you an overview of all available commands:
kubeopsctl --help
Alternatively, you can also enter kubeopsctl or kubeopsctl -? in the command line.
Command ‘kubeopsctl login’
The command kubeopsctl login performs a login against the KOSI HUB. A valid login session is neccessary to pull the packages.
Description:
Login to kubeops hub and registry
Usage:
kubeopsctl login [options]
Options:
-u, --username <username> (REQUIRED) Username
-p, --password <password> Password
-?, -h, --help Show help and usage information
Example:
kubeopsctl login -u <username> -p <password>
Command ‘kubeopsctl logout’
The command kubeopsctl logout performs a logout from the KOSI HUB.
Description:
Logout from kubeops hub
Usage:
kubeopsctl logout [options]
Options:
-?, -h, --help Show help and usage information
Example:
kubeopsctl logout
Command ‘kubeopsctl pull’
The command kubeopsctl pull downloads all necessary KOSI packages to the admin node:
Description:
Pull kosi packages for kubernetes cluster setup and plattform tools
Usage:
kubeopsctl pull [options]
Options:
-k, --kubernetesVersion <kubernetesVersion> Kubernetes version
-f, --tools <tools> Tools values file
-?, -h, --help Show help and usage information
Example:
kubeopsctl pull
If you do not specify a parameter, the latest from kubeopsctl supported Kubernetes version will be pulled.
With parameter --kubernetesVersion 1.30.8 you can pull an older Kubernetes version.
Example:
kubeopsctl pull --kubernetesVersion 1.30.8
https://dispatcher.kubeops.net/v4/dispatcher/
Command ‘kubeopsctl apply’
The command kubeopsctl apply is used to set up the kubeops platform with a configuration file.
Description:
Apply values on kubernetes cluster
Usage:
kubeopsctl apply [options]
Options:
-f, --file <file> (REQUIRED) Values files for cluster, tools and user
-?, -h, --help Show help and usage information
-f flag
The -f parameter is used to use value parameter yaml-files
Example:
kubeopsctl apply -f cluster-values.yaml
To install your KubeOps Compliance Applications, you have to use a second value file. It is called enterprise-value.yaml
Example:
kubeopsctl apply -f cluster-values.yaml -f enterprise-values.yaml
–delete flag
The -- delete parameter is used to perform a delete action.
This flag delete all nodes which are not present in the cluster-values.yaml - file
Example:
kubeopsctl apply --delete -f cluster-values.yaml
2 - Fileformats
Fileformats in kubeopsctl
This documentation shows you all the different kind of fileformats kubeopsctl uses and how to use them.
There are currently 2 different files which can be handled by KubeOpsCtl:
cluster-values.yaml
The cluster-values.yaml defines every aspect of the cluster itself. It has no influence over which applications get installed.
apiVersion: kubeops/kubeopsctl/beta/v1 # required
imagePullRegistry: registry.kubeops.net/kubeops/kubeops # required
airgap: true # optional, default: true
clusterName: myCluster # required
clusterUser: root # optional, default: root
kubernetesVersion: 1.32.2 # required
kubeVipEnabled: false # optional, default: true
virtualIP: 10.2.10.110 # required
firewall: nftables # optional, default: nftables
pluginNetwork: calico # optional, default: calico | possible alternative: cilium
containerRuntime: containerd # optional, default: containerd
kubeOpsRoot: /var/kubeops # optional, default: /var/kubeops
serviceSubnet: 192.168.128.0/17 # optional, default: 192.168.128.0/17
podSubnet: 192.168.0.0/17 # optional, default: 192.168.0.0/17
debug: false # optional, default: false
systemCpu: 250m # optional, default: 250m
systemMemory: 256Mi # optional, default: 256Mi
packageRepository: local # optional, default: local
changeCluster: true # optional, default: true
zones: # required
- name: zone1 # required
nodes: # required
- name: master1 # required
iPAddress: 10.2.10.110 # required
type: controlplane # required
kubeVersion: 1.32.2 # required
Detailed Parameter Information
| Key | Possible Values | Additional Info |
|---|---|---|
| pluginNetwork | Calico, Cilium |
enterprise-values.yaml
The enterprise-values.yaml defines all enterprise applications currently available for you to install in your cluster via kubeopsctl.
You can append multiple of them into a single enterprise-values.yaml as shown in the first example.
For each application you have 2 ways to change its values:
- the standard values
- the advanced values
While the standard values only cover predefined keys, the advanced values let you change every key available in the helm chart. Keep in mind, that the standard values overwrite the advanced values if both are set.
Each as optional marked line can be skipped unless otherwise stated. If a optional line is skipped, its default value will be used instead. If there is no default value, it can just be omitted and won’t affect the cluster and/or the application
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: opa-gatekeeper
enabled: true
values:
standard:
namespace: opa-gatekeeper # optional, default is opa-gatekeeper
advanced:
- name: filebeat-os
enabled: false
values:
standard:
namespace: logging # optional, default is logging
advanced:
### Values for Rook-Ceph ###
### For detailed explanation for each key see: https://artifacthub.io/packages/helm/rook/rook-ceph?modal=values ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: rook-ceph
enabled: true
values:
standard:
namespace: rook-ceph # optional, default is rook-ceph
cluster:
spec:
dataDirHostPath: "/var/lib/rook" # optional, default is /var/lib/rook
resources:
mgr:
requests:
cpu: "500m" # optional, default is 500m, limit: 1000m
memory: "512Mi" # optional, default is 1Gi, limit: 1Gi
mon:
requests:
cpu: "1" # optional, default is 1, limit: 2000m
memory: "1Gi" # optional, default is 1Gi, limit: 2Gi
osd:
requests:
cpu: "1" # optional, default is 1, limit: 2
memory: "1Gi" # optional, default is 4Gi, limit: 4Gi
operator:
data:
rookLogLevel: "DEBUG" # optional, default is DEBUG
advanced:
cluster: # All values from https://artifacthub.io/packages/helm/rook/rook-ceph-cluster?modal=values are overwritable
operator: # All values from https://artifacthub.io/packages/helm/rook/rook-ceph?modal=values are overwritable
### Values for Harbor deployment ###
### For detailed explanation for each key see: https://artifacthub.io/packages/helm/harbor/harbor/1.8.1#configuration ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: harbor
enabled: true
values:
standard:
namespace: harbor # optional, default is harbor
harborpass: "password" # required: set password for harbor access
databasePassword: "Postgres_Password" # required: set password for database access
redisPassword: "Redis_Password" # required: set password for redis access
externalURL: http://10.2.10.11:30002 # required, the ip address and port, from which harbor is accessable outside of the cluster
nodePort: 30002 # required
hostname: harbor.local # required
harborPersistence:
persistentVolumeClaim:
registry:
size: 40Gi # optional, default is 40Gi
storageClass: "rook-cephfs" #optional, default is rook-cephfs
jobservice:
jobLog:
size: 1Gi # optional, default is 1Gi
storageClass: "rook-cephfs" #optional, default is rook-cephfs
database:
size: 1Gi # optional, default is 1Gi
storageClass: "rook-cephfs" #optional, default is rook-cephfs
redis:
size: 1Gi # optional, default is 1Gi
storageClass: "rook-cephfs" #optional, default is rook-cephfs
trivy:
size: 5Gi # optional, default is 5Gi
storageClass: "rook-cephfs" #optional, default is rook-cephfs
advanced: # All values from https://artifacthub.io/packages/helm/harbor/harbor/1.8.1#configuration are overwritable
### Values for filebeat deployment ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: filebeat-os
enabled: true
values:
standard:
namespace: logging # optional, default is logging
advanced: # All values from https://artifacthub.io/packages/helm/elastic/filebeat?modal=values are overwritable
### Values for Logstash deployment ###
### For detailed explanation for each key see: https://github.com/elastic/helm-charts/releases/tag/v7.16.3 ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: logstash-os
enabled: true
values:
standard:
namespace: logging # optional, default is logging
volumeClaimTemplate:
accessModes:
- ReadWriteMany #optional, default is [ReadWriteMany]
resources:
requests:
storage: 1Gi # required, depending on storage capacity
storageClass: "rook-cephfs" #optional, default is rook-cephfs
advanced: # All values from https://artifacthub.io/packages/helm/elastic/logstash?modal=values are overwritable
### Values for OpenSearch-Dashboards deployment ###
### For detailed explanation for each key see: https://github.com/opensearch-project/helm-charts/tree/main/charts/opensearch-dashboards ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: opensearch-dashboards
enabled: true
values:
standard:
namespace: logging # optional, default is logging
nodePort: 30050
advanced: # All values from https://artifacthub.io/packages/helm/opensearch-project-helm-charts/opensearch-dashboards?modal=values are overwritable
### Values for OpenSearch deployment ###
### For detailed explanation for each key see: https://github.com/opensearch-project/helm-charts/tree/main/charts/opensearch ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: opensearch-os
enabled: true
values:
standard:
namespace: logging # optional, default is logging
opensearchJavaOpts: "-Xmx512M -Xms512M" # optional, default is -Xmx512M -Xms512M
resources:
requests:
cpu: "250m" # optional, default is 250m
memory: "1024Mi" # optional, default is 1024Mi
limits:
cpu: "300m" # optional, default is 300m
memory: "3072Mi" # optional, default is 3072Mi
persistence:
size: 4Gi # required
enabled: "true" # optional, default is true
enableInitChown: "false" # optional, default is false
labels:
enabled: "false" # optional, default is false
storageClass: "rook-cephfs" # optional, default is rook-cephfs
accessModes:
- "ReadWriteMany" # optional, default is {ReadWriteMany}
securityConfig:
enabled: false # optional, default value: false
### Additional values can be set, if securityConfig is enabled:
# path: "/usr/share/opensearch/plugins/opensearch-security/securityconfig"
# actionGroupsSecret:
# configSecret:
# internalUsersSecret: internal-users-config-secret
# rolesSecret:
# rolesMappingSecret:
# tenantsSecret:
# config:
# securityConfigSecret: ""
# dataComplete: true
# data: {}
replicas: "3" # optional, default is 3
advanced: # All values from https://artifacthub.io/packages/helm/opensearch-project-helm-charts/opensearch?modal=values are overwritable
### Values for Prometheus deployment ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: kube-prometheus-stack
enabled: true
values:
standard:
namespace: monitoring # optional, default is monitoring
privateRegistry: false # optional, default is false
grafanaUsername: "user" # optional, default is user
grafanaPassword: "password" # optional, default is password
grafanaResources:
storageClass: "rook-cephfs" # optional, default is rook-cephfs
storage: 5Gi # optional, default is 5Gi
nodePort: 30211 # optional, default is 30211
prometheusResources:
storageClass: "rook-cephfs" # optional, default is rook-cephfs
storage: 25Gi # optional, default is 25Gi
retention: 10d # optional, default is 10d
retentionSize: "24GB" # optional, default is 24GB
nodePort: 32090
advanced: # All values from https://artifacthub.io/packages/helm/prometheus-community/prometheus?modal=values-schema are overwritable
### Values for OPA deployment ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: opa-gatekeeper
enabled: true
values:
standard:
namespace: gatekeeper-system # optional, default is gatekeeper-system
advanced: # All values from https://artifacthub.io/packages/helm/gatekeeper/gatekeeper/3.1.1?modal=values are overwritable
### Values for KubeOps-Dashboard (Headlamp) deployment ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: kubeops-dashboard
enabled: true
values:
standard:
namespace: monitoring # optional, default is monitoring
service:
nodePort: 30007
advanced: # All values from https://artifacthub.io/packages/helm/headlamp/headlamp?modal=values are overwritable
### Values for cert-manager deployment ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: cert-manager
enabled: true
values:
standard:
namespace: cert-manager # optional, default is cert-manager
replicaCount: 3
logLevel: 2
secretName: root-secret
advanced: # All values from https://artifacthub.io/packages/helm/cert-manager/cert-manager?modal=values are overwritable
## add helm values here
# override email in the LetsEncrypt ClusterIssuer
# emailLetsEncrypt: <your_email@domain.com> # dafault: example@example.com --> must configure
# ingressName: <ingress_name> # default: nginx --> must update
### Values for ingress-nginx deployment ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: ingress-nginx
enabled: true
values:
standard:
namespace: ingress # optional, default is ingress
advanced: # All values from https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx?modal=values are overwritable
### Values for keycloak deployment ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: keycloak
enabled: true
values:
standard:
namespace: keycloak # Optional, default is "keycloak"
storageClass: "rook-cephfs" # Optional, default is "rook-cephfs"
keycloak:
auth:
adminUser: admin # Optional, default is admin
adminPassword: admin # Optional, default is admin
existingSecret: "" # Optional, default is ""
postgresql:
auth:
postgresPassword: "" # Optional, default is ""
username: bn_keycloak # Optional, default is "bn_keycloak"
password: "" # Optional, default is ""
database: bitnami_keycloak # Optional, default is "bitnami_keycloak"
existingSecret: "" # Optional, default is ""
advanced: # All values from https://artifacthub.io/packages/helm/bitnami/keycloak?modal=values are overwritable
### Values for velero deployment ###
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: velero
enabled: true
values:
standard:
namespace: velero # Optional, default is "velero"
accessKeyId: "your_s3_storage_username"
secretAccessKey: "your_s3_storage_password"
useNodeAgent: false
defaultVolumesToFsBackup: false
provider: "aws"
bucket: "velero"
useVolumeSnapshots: false
backupLocationConfig:
region: "minio"
s3ForcePathStyle: true
s3Url: "http://minio.velero.svc:9000"
advanced: # All values from https://artifacthub.io/packages/helm/vmware-tanzu/velero?modal=values are overwritable
apiVersion: kubeops/kubeopsctl/enterprise/beta/v1
deleteNs: false
localRegistry: false
packages:
- name: rook-ceph
enabled: true
values:
standard:
namespace: rook-ceph
cluster:
resources:
mgr:
requests:
cpu: "500m"
memory: "512Mi"
mon:
requests:
cpu: "1"
memory: "1Gi"
osd:
requests:
cpu: "1"
memory: "1Gi"
dashboard:
enabled: true
operator:
data:
rookLogLevel: "DEBUG"
- name: harbor
enabled: true
values:
standard:
namespace: harbor
harborpass: "topsecret"
databasePassword: "topsecret"
redisPassword: "topsecret"
externalURL: http://10.2.10.110:30002
nodePort: 30002
hostname: harbor.local
harborPersistence:
persistentVolumeClaim:
registry:
size: 40Gi
storageClass: "rook-cephfs"
jobservice:
jobLog:
size: 1Gi
storageClass: "rook-cephfs"
database:
size: 1Gi
storageClass: "rook-cephfs"
redis:
size: 1Gi
storageClass: "rook-cephfs"
trivy:
size: 5Gi
storageClass: "rook-cephfs"
advanced:
- name: filebeat-os
enabled: true
values:
standard:
namespace: logging
advanced:
- name: logstash-os
enabled: true
values:
standard:
namespace: logging
volumeClaimTemplate:
accessModes:
- ReadWriteMany #optional, default is [ReadWriteMany]
resources:
requests:
storage: 1Gi # required, depending on storage capacity
storageClass: "rook-cephfs" #optional, default is rook-cephfs
advanced:
- name: opensearch-dashboards
enabled: true
values:
standard:
namespace: logging
nodePort: 30050
advanced:
- name: opensearch-os
enabled: true
values:
standard:
namespace: logging
opensearchJavaOpts: "-Xmx512M -Xms512M" # optional, default is -Xmx512M -Xms512M
resources:
requests:
cpu: "250m" # optional, default is 250m
memory: "1024Mi" # optional, default is 1024Mi
limits:
cpu: "300m" # optional, default is 300m
memory: "3072Mi" # optional, default is 3072Mi
persistence:
size: 4Gi # required
enabled: "true" # optional, default is true
enableInitChown: "false" # optional, default is false
labels:
enabled: "false" # optional, default is false
storageClass: "rook-cephfs" # optional, default is rook-cephfs
accessModes:
- "ReadWriteMany" # optional, default is {ReadWriteMany}
securityConfig:
enabled: false # optional, default value: false
### Additional values can be set, if securityConfig is enabled:
# path: "/usr/share/opensearch/plugins/opensearch-security/securityconfig"
# actionGroupsSecret:
# configSecret:
# internalUsersSecret: internal-users-config-secret
# rolesSecret:
# rolesMappingSecret:
# tenantsSecret:
# config:
# securityConfigSecret: ""
# dataComplete: true
# data: {}
replicas: "3" # optional, default is 3
advanced:
- name: kube-prometheus-stack
enabled: true
values:
standard:
namespace: kubeops # optional, default is kubeops
privateRegistry: false # optional, default is false
grafanaUsername: "user" # optional, default is user
grafanaPassword: "password" # optional, default is password
grafanaResources:
storageClass: "rook-cephfs" # optional, default is rook-cephfs
storage: 5Gi # optional, default is 5Gi
nodePort: 30211 # optional, default is 30211
prometheusResources:
storageClass: "rook-cephfs" # optional, default is rook-cephfs
storage: 25Gi # optional, default is 25Gi
retention: 10d # optional, default is 10d
retentionSize: "24GB" # optional, default is 24GB
nodePort: 32090
advanced:
- name: opa-gatekeeper
enabled: true
values:
standard:
namespace: kubeops
advanced:
- name: kubeops-dashboard
enabled: true
values:
standard:
service:
nodePort: 30007
advanced:
- name: cert-manager
enabled: true
values:
standard:
namespace: kubeops
replicaCount: 3
logLevel: 2
secretName: root-secret
advanced: # override email in the LetsEncrypt ClusterIssuer
# emailLetsEncrypt: <your_email@domain.com> # dafault: example@example.com --> must configure
# ingressName: <ingress_name> # default: nginx --> must update
- name: ingress-nginx
enabled: true
values:
standard:
namespace: kubeops
advanced:
- name: keycloak
enabled: true
values:
standard:
namespace: "kubeops" # Optional, default is "keycloak"
storageClass: "rook-cephfs" # Optional, default is "rook-cephfs"
keycloak:
auth:
adminUser: admin # Optional, default is admin
adminPassword: admin # Optional, default is admin
existingSecret: "" # Optional, default is ""
postgresql:
auth:
postgresPassword: "" # Optional, default is ""
username: bn_keycloak # Optional, default is "bn_keycloak"
password: "" # Optional, default is ""
database: bitnami_keycloak # Optional, default is "bitnami_keycloak"
existingSecret: "" # Optional, default is ""
advanced:
- name: velero
enabled: true
values:
standard:
namespace: "velero"
accessKeyId: "your_s3_storage_username"
secretAccessKey: "your_s3_storage_password"
useNodeAgent: false
defaultVolumesToFsBackup: false
provider: "aws"
bucket: "velero"
useVolumeSnapshots: false
backupLocationConfig:
region: "minio"
s3ForcePathStyle: true
s3Url: "http://minio.velero.svc:9000"
advanced:
3 - Supported Maintenance Packages
Supported Maintenance Packages
KubeOps provides you packages for the supported Kubernetes tools. These maintenance packages help you update the kubernetes tools to the desired versions on your clusters along with its dependencies.
It is necessary to install the required maintenance packages to create your first Kubernetes cluster. The packages are available on kubeops hub.
So let’s get started!
List of Maintenance Packages
1.Kubernetes
The first step is to choose a Kubernetes version and to pull its available package Kubeops Compliance 2.0 currently supports following Kubernetes versions:
| Version | 1.32.x | 1.33.x | 1.34.x |
|---|---|---|---|
| Deprecation date | TBD | 2026-06-28 | 2026-10-27 |
| Supported OS | Red Hat 9 | Red Hat 9 | Red Hat 9 |
| 1.32.0 | 1.33.3 | 1.34.1 | |
| 1.32.2 | 1.33.5 | ||
| 1.32.3 | |||
| 1.32.7 | |||
| 1.32.9 | |||
| 1.32.10 |
Following are the packages available for the supported Kubernetes versions.
| Kubernetes version | Available packages |
|---|---|
| 1.32.x | kubernetes-1.32.x |
| 1.33.x | kubernetes-1.33.x |
| 1.34.x | kubernetes-1.34.x |
4 - Glossary
Glossary
KOSI package
KOSI package is the .tgz file packaged by bundling package.kosi and other essential yaml files and artifacts. This package is ready to install on your Kubernetes Clusters.
KubeOps Hub
KubeOps Hub is a secure repository where published KOSI packages can be stored and shared. You are welcome to contribute and use public hub also at the same time KubeOps provides you a way to access your own private hub.
Installation Address
It is the distinctive address automatically generated for each published package on KubeOps Hub. It is constructed using name of package creator, package name and package version.
You can use this address at the time of package installation on your Kubernetes Cluster.
It is indicated by the install column in KubeOps Hub.
Deployment name
When a package is installed, KOSI creates a deployment name to track that installation.
Alternatively, KOSI also lets you specify the deployment name of your choice during the installation.
A single package may be installed many times into the same cluster and create multiple deployments.
It is indicated by Deployment column in the list of package deployments.
Tasks
As the name suggests, “Tasks” in package.yaml are one or more sets of instructions to be executed. These are defined by utilizing Plugins.
Plugins
KOSI provides many functions which enable you to define tasks to be executed using your package. These are called Plugins. They are the crucial part of your package development.
KUBEOPSROOT Variable
The environment variable KUBEOPSROOT stores the location of the KOSI plugins and the config.yaml. To use the variable, the config.yaml and the plugins have to be copied manually.
apiVersion
It shows the supported KubeOps tool API version. You do not need to change it unless otherwise specified.
Registry
As the name suggests, it is the location where docker images can be stored. You can either use the default KubeOps registry or specify your own local registry for AirGap environments. You need an internet connection to use the default registry provided by KubeOps.
Maintenance Package
KubeOps provides a package for the supported Kubernetes tools. These packages help you update the Kubernetes tools to the desired versions on your clusters along with the dependencies.
Cluster
In computing, a cluster refers to a group of interconnected computers or servers that work together as a single system.
These machines, or nodes, are typically networked and collaborate to execute tasks or provide services. Clusters are commonly used in various fields such as distributed computing, high-performance computing, and cloud computing to improve reliability, scalability, and performance. In the context of technologies like Kubernetes, a cluster consists of multiple nodes managed collectively to deploy, manage, and scale containerized applications.
Container
A container is a lightweight, standalone package that includes everything needed to run a piece of software, including the code, runtime, libraries, and dependencies.
Containers are isolated from each other and from the underlying infrastructure, providing consistency and portability across different environments. Kubernetes manages containers, orchestrating their deployment, scaling, and management across a cluster of nodes. Containers are often used to encapsulate microservices or individual components of an application, allowing for efficient resource utilization and simplified deployment processes.
Drain-node
A Drain Node is a feature in distributed systems, especially prevalent in Kubernetes, used for gracefully removing a node from a cluster.
It allows the system to evict all existing workload from the node and prevent new workload assignments before shutting it down, ensuring minimal disruption to operations.
Kube-proxy
Kube-Proxy, short for Kubernetes Proxy, is a network proxy that runs on each node in a Kubernetes cluster. Its primary responsibility is to manage network connectivity for Kubernetes services. Its main tasks include service proxying and load balancing.
Kubelet
Kubelet is a crucial component of Kubernetes responsible for managing individual nodes in a cluster. It ensures that containers are running in pods as expected, maintaining their health and performance.
Kubelet communicates with the Kubernetes API server to receive instructions about which pods should be scheduled and executed on its node. It also monitors the state of these pods, reporting any issues back to the API server. Kubelet plays a vital role in the orchestration and management of containerized workloads within a Kubernetes cluster.
Node
A Kubernetes node oversees and executes pods.
It serves as the operational unit (virtual or physical machine) for executing assigned tasks. Similar to how pods bring together multiple containers to collaborate, a node gathers complete pods to work in unison. In large-scale operations, the goal is to delegate tasks to nodes with available pods ready to handle them.
Pod
In Kubernetes, a pod groups containers and is the smallest unit managed by the system.
Each pod shares an IP address among its containers and resources like memory and storage. This allows treating the containers as a single application, similar to traditional setups where processes run together on one host. Often, a pod contains just one container for simple tasks, but for more complex operations requiring collaboration among multiple processes with shared data, multi-container pods simplify deployment.
For example, in an image-processing service creating JPEGs, one pod might have containers for resizing images and managing background tasks or data cleanup, all working together.
Registry
Helm registry serves as a centralized repository for Helm charts, facilitating the discovery, distribution, and installation of Kubernetes applications and services.
It allows users to easily find, share, and consume pre-packaged Kubernetes resources, streamlining the deployment process in Kubernetes environments.
Zone
A “zone” typically refers to a subset of the overall cluster that shares certain characteristics, such as geographic location or hardware specifications. Zoning helps distribute resources strategically and can enhance fault tolerance by ensuring redundancy within distinct zones.