- Documentación
- Kubernetes Blog
- Partners
- Comunidad
- Casos de éxito
- Versions
- Release Information
- v1.32
- v1.31
- v1.30
- v1.29
- v1.28
- Español (Spanish)
- English
- বাংলা (Bengali)
- 中文 (Chinese)
- Français (French)
- Deutsch (German)
- हिन्दी (Hindi)
- Bahasa Indonesia (Indonesian)
- Italiano (Italian)
- 日本語 (Japanese)
- 한국어 (Korean)
- Polski (Polish)
- Português (Portuguese)
- Русский (Russian)
- Українська (Ukrainian)
- Tiếng Việt (Vietnamese)
Glosario de términos
Este glosario tiene la intención de ser una lista completa y estandarizada de la terminología de Kubernetes. Incluye términos técnicos que son específicos de k8s, así como términos más generales que proporcionan un contexto.
Filtrar terminos por categoría:
.
Architecture
Community
Core Object
Extension
Fundamental
Networking
Operation
Security
Storage
Tool
User Type
Workload
Seleccionar todos
Eliminar selecciónHaz click en el símbolo [+] para obtener información detallada sobre el término.
In Kubernetes, affinity is a set of rules that give hints to the scheduler about where to place pods.
[+]Una pareja clave-valor utilizada para añadir metadatos a los objetos.
[+]La información adicional proporcionada por las anotaciones puede ser grande o pequeña, estructurada como JSON o texto plano, y además permite caracteres que no están soportados por las Labels. Esta información puede ser útil para librerías o clientes que puedan necesitar información adicional.
A set of related paths in Kubernetes API.
[+]You can enable or disable each API group by changing the configuration of your API server. You can also disable or enable paths to specific resources. API group makes it easier to extend the Kubernetes API. The API group is specified in a REST path and in the
apiVersion
field of a serialized object.- Read API Group for more information.
- También conocido como: Servidor de la API, kube-apiserver
El servidor de la API es el componente del plano de control de Kubernetes que expone la API de Kubernetes. Se trata del frontend de Kubernetes, recibe las peticiones y actualiza acordemente el estado en etcd.
[+]La principal implementación de un servidor de la API de Kubernetes es kube-apiserver. Es una implementación preparada para ejecutarse en alta disponiblidad y que puede escalar horizontalmente para balancear la carga entre varias instancias.
- Es la capa donde se ejecutan varias aplicaciones en contenedores. [+]
Es la capa donde se ejecutan varias aplicaciones en contenedores.
A group of Linux processes with optional resource isolation, accounting and limits.
[+]cgroup is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network) for a collection of processes.
Un conjunto de máquinas, llamadas nodos, que ejecutan aplicaciones en contenedores administradas por Kubernetes.
[+]Un clúster tiene varios nodos de trabajo y como mínimo un nodo maestro.
Container environment variables are name=value pairs that provide useful information into containers running in a pod
[+]Container environment variables provide information that is required by the running containerized applications along with information about important resources to the containers. For example, file system details, information about the container itself, and other cluster resources such as service endpoints.
El Container Runtime es el software responsable de ejecutar contenedores.
[+]Kubernetes soporta varios Container Runtimes: Docker, containerd, cri-o, rktlet y cualquier implementación de Kubernetes CRI (Container Runtime Interface).
The main protocol for the communication between the kubelet and Container Runtime.
[+]The Kubernetes Container Runtime Interface (CRI) defines the main gRPC protocol for the communication between the node components kubelet and container runtime.
Una imagen ligera y portátil que contiene un software y todas sus dependencias.
[+]Los contenedores desacoplan la aplicaciones de la infraestructura subyacente del servidor donde se ejecutan para facilitar el despliegue en diferentes proveedores de nube o entornos de SO, y para un escalado más eficiente.
The container orchestration layer that exposes the API and interfaces to define, deploy, and manage the lifecycle of containers.
[+]This layer is composed by many different components, such as (but not restricted to):
These components can be run as traditional operating system services (daemons) or as containers. The hosts running these components were historically called masters.
En Kubernetes, los controladores son bucles de control que observan el estado del clúster, y ejecutan o solicitan los cambios que sean necesarios para llevar el estado actual del clúster más cerca del estado deseado.
[+]Los controladores observan el estado compartido del clúster a través del API Server (parte del plano de control).
Algunos controladores también se ejecutan dentro del mismo plano de control, proporcionado los bucles de control necesarios para las operaciones principales de Kubernetes. Por ejemplo, el controlador de Deployments, el controlador de DaemonSets, el controlador de Namespaces y el controlador de volúmenes persistentes, entre otros, se ejecutan dentro del kube-controller-manager.
Custom code that defines a resource to add to your Kubernetes API server without building a complete custom server.
[+]Custom Resource Definitions let you extend the Kubernetes API for your environment if the publicly supported API resources can't meet your needs.
- The layer that provides capacity such as CPU, memory, network, and storage so that the containers can run and connect to a network. [+]
The layer that provides capacity such as CPU, memory, network, and storage so that the containers can run and connect to a network.
Device plugins run on worker Nodes and provide Pods with access to resources, such as local hardware, that require vendor-specific initialization or setup steps.
[+]Device plugins advertise resources to the kubelet, so that workload Pods can access hardware features that relate to the Node where that Pod is running. You can deploy a device plugin as a DaemonSet, or install the device plugin software directly on each target Node.
See Device Plugins for more information.
Disruptions are events that lead to one or more Pods going out of service. A disruption has consequences for workload resources, such as Deployment, that rely on the affected Pods.
[+]If you, as cluster operator, destroy a Pod that belongs to an application, Kubernetes terms that a voluntary disruption. If a Pod goes offline because of a Node failure, or an outage affecting a wider failure zone, Kubernetes terms that an involuntary disruption.
See Disruptions for more information.
Docker (especialmente, Docker Engine) es una tecnología de software que proporciona virtualización a nivel de sistema operativo, también conocida como contenedores.
[+]Docker utiliza características de aislamiento del Kernel de Linux como cgroups y namespaces, además de sistemas de archivos con capacidad de unión como OverlayFS para permitir que contenedores independientes se ejecuten dentro de una misma instancia de Linux, evitando el coste de iniciar y mantener máquinas virtuales (VM).
The dockershim is a component of Kubernetes version 1.23 and earlier. It allows the kubelet to communicate with Docker Engine.
[+]Starting with version 1.24, dockershim has been removed from Kubernetes. For more information, see Dockershim FAQ.
A string value representing an amount of time.
[+]The format of a (Kubernetes) duration is based on the
time.Duration
type from the Go programming language.In Kubernetes APIs that use durations, the value is expressed as series of a non-negative integers combined with a time unit suffix. You can have more than one time quantity and the duration is the sum of those time quantities. The valid time units are "ns", "µs" (or "us"), "ms", "s", "m", and "h".
For example:
5s
represents a duration of five seconds, and1m30s
represents a duration of one minute and thirty seconds.A Container type that you can temporarily run inside a Pod.
[+]If you want to investigate a Pod that's running with problems, you can add an ephemeral container to that Pod and carry out diagnostics. Ephemeral containers have no resource or scheduling guarantees, and you should not use them to run any part of the workload itself.
Ephemeral containers are not supported by static pods.
Event is a Kubernetes object that describes state change/notable occurrences in the system.
[+]Events have a limited retention time and triggers and messages may evolve with time. Event consumers should not rely on the timing of an event with a given reason reflecting a consistent underlying trigger, or the continued existence of events with that reason.
Events should be treated as informative, best-effort, supplemental data.
In Kubernetes, auditing generates a different kind of Event record (API group
audit.k8s.io
).Extensions are software components that extend and deeply integrate with Kubernetes to support new types of hardware.
[+]Many cluster administrators use a hosted or distribution instance of Kubernetes. These clusters come with extensions pre-installed. As a result, most Kubernetes users will not need to install extensions and even fewer users will need to author new ones.
Feature gates are a set of keys (opaque string values) that you can use to control which Kubernetes features are enabled in your cluster.
[+]You can turn these features on or off using the
--feature-gates
command line flag on each Kubernetes component. Each Kubernetes component lets you enable or disable a set of feature gates that are relevant to that component. The Kubernetes documentation lists all current feature gates and what they control.Los finalizadores son atributos de un namespace que instruyen a Kubernetes a esperar a que ciertas condiciones sean satisfechas antes que pueda borrar definitivamente un objeto que ha sido marcado para eliminarse. Los finalizadores alertan a los controladores para borrar recursos que poseian esos objetos eliminados.
[+]Cuando instruyes a Kubernetes a borrar un objeto que tiene finalizadores especificados, la API de Kubernetes marca ese objeto para eliminacion configurando el campo
metadata.deletionTimestamp
, y retorna un codigo de estado202
(HTTP "Aceptado"). El objeto a borrar permanece en un estado de terminacion mientras el plano de contol, u otros componentes, ejecutan las acciones definidas en los finalizadores. Luego de que esas acciones son completadas, el controlador borra los finalizadores relevantes del objeto. Cuando el campometadata.finalizers
esta vacio, Kubernetes considera el proceso de eliminacion completo y borra el objeto.Puedes utilizar finalizadores para controlar garbage collection de recursos. Por ejemplo, puedes definir un finalizador para borrar recursos relacionados o infraestructura antes que el controlador elimine el objeto.
Garbage collection is a collective term for the various mechanisms Kubernetes uses to clean up cluster resources.
[+]Kubernetes uses garbage collection to clean up resources like unused containers and images, failed Pods, objects owned by the targeted resource, completed Jobs, and resources that have expired or failed.
Instantánea de un contenedor que contiene un conjunto de librerías necesarias para ejecutar la aplicación.
[+]Mecanismo para empaquetar software que permite almacenarlo en un registro de contenedores, descargarlo al entorno local y ejecutarlo como una aplicación. Los metadatos se incluyen en la imagen y proporcionan información diversa como el ejecutable por defecto o quién la ha construido.
One or more initialization containers that must run to completion before any app containers run.
[+]Initialization (init) containers are like regular app containers, with one difference: init containers must run to completion before any app containers can start. Init containers run in series: each init container must run to completion before the next init container begins.
Unlike sidecar containers, init containers do not remain running after Pod startup.
For more information, read init containers.
Componente del plano de control que ejecuta los controladores de Kubernetes.
[+]Lógicamente cada controlador es un proceso independiente, pero para reducir la complejidad, todos se compilan en un único binario y se ejecuta en un mismo proceso.
kube-proxy es un componente de red que se ejecuta en cada uno de los nodos del clúster, implementando parte del concepto de Kubernetes Service.
[+]kube-proxy mantiene las reglas de red en los nodos, permitiendo la comunicación entre sus Pods desde las sesiones de red dentro o fuera del clúster.
kube-proxy usa la capa de filtrado de paquetes del sistema operativo si la hay y está disponible; de lo contrario, kube-proxy reenvía el tráfico por sí mismo.
Herramienta de línea de comandos para comunicarse con un servidor ejecutando la API de Kubernetes.
[+]Puedes usar kubectl para crear, inspeccionar, actualizar y borrar objetos de Kubernetes.
Agente que se ejecuta en cada nodo de un clúster. Se asegura de que los contenedores estén corriendo en un pod.
[+]El agente kubelet toma un conjunto de especificaciones de Pod, llamados PodSpecs, que han sido creados por Kubernetes y garantiza que los contenedores descritos en ellos estén funcionando y en buen estado.
The application that serves Kubernetes functionality through a RESTful interface and stores the state of the cluster.
[+]Kubernetes resources and "records of intent" are all stored as API objects, and modified via RESTful calls to the API. The API allows configuration to be managed in a declarative way. Users can interact with the Kubernetes API directly, or via tools like
kubectl
. The core Kubernetes API is flexible and can also be extended to support custom resources.Metadatos en forma de clave-valor que permite añadir a los objetos atributos que sean relevantes para los usuarios para identificarlos.
[+]Las etiquetas son pares clave-valor que se adhieren a los diferentes objetos, como los Pods, y que se utilizan para identificar, organizar y seleccionar subconjuntos de objetos.
Proporciona restricciones para limitar el consumo de recursos por Contenedores o Pods en un espacio de nombres (Namespace)
[+]LimitRange limita la cantidad de objetos que se pueden crear por tipo, así como la cantidad de recursos informáticos que pueden ser requeridos/consumidos por Pods o Contenedores individuales en un Namespace.
Legacy term, used as synonym for nodes hosting the control plane.
[+]The term is still being used by some provisioning tools, such as kubeadm, and managed services, to label nodes with
kubernetes.io/role
and control placement of control plane pods.Herramienta para ejecutar Kubernetes de forma local.
[+]Minikube ejecuta un clúster de un solo nodo en una máquina virtual (VM) en tu máquina local.
A pod object that a kubelet uses to represent a static pod
[+]When the kubelet finds a static pod in its configuration, it automatically tries to create a Pod object on the Kubernetes API server for it. This means that the pod will be visible on the API server, but cannot be controlled from there.
(For example, removing a mirror pod will not stop the kubelet daemon from running it).
- También conocido como: Espacio de nombres
Abstracción utilizada por Kubernetes para soportar múltiples clústeres virtuales en el mismo clúster físico.
[+]Los Namespaces, espacios de nombres, se utilizan para organizar objetos del clúster proporcionando un mecanismo para dividir los recusos del clúster. Los nombres de los objetos tienen que ser únicos dentro del mismo namespace, pero se pueden repetir en otros namespaces del mismo clúster.
Un Node, nodo en castellano, es una de las máquinas del clúster de Kubernetes.
[+]Una máquina del clúster puede ser tanto una máquina virtual como una máquina física, dependiendo del clúster. Tiene los servicios necesarios para ejecutar Pods y es manejado por los componentes maestros. Los servicios de Kubernetes en un nodo incluyen la container runtime interface, kubelet y kube-proxy.
Una cadena de caracteres proporcionada por el cliente que identifica un objeto en la URL de un recurso, como por ejemplo,
[+]/api/v1/pods/nombre-del-objeto
.Los nombres de los objetos son únicos para cada tipo de objeto. Sin embargo, si se elimina el objeto, se puede crear un nuevo objeto con el mismo nombre.
An entity in the Kubernetes system. The Kubernetes API uses these entities to represent the state of your cluster.
[+]A Kubernetes object is typically a “record of intent”—once you create the object, the Kubernetes control plane works constantly to ensure that the item it represents actually exists. By creating an object, you're effectively telling the Kubernetes system what you want that part of your cluster's workload to look like; this is your cluster's desired state.
El objeto más pequeño y simple de Kubernetes. Un Pod es la unidad mínima de computación en Kubernetes y representa uno o más contenedores ejecutándose en el clúster.
[+]Normalmente un Pod se configura para ejecutar un solo contenedor primario, pero también puede ejecutar contenedores adicionales para implementar diferentes patrones como sidecar o ambassador. Estos contenedores pueden ser parte de la aplicación o simplemente añadir funcionalidades adicionales como gestión de logs o actuar de proxy. Los Pods son comúnmente gestionados por un Deployment.
The sequence of states through which a Pod passes during its lifetime.
[+]The Pod Lifecycle is defined by the states or phases of a Pod. There are five possible Pod phases: Pending, Running, Succeeded, Failed, and Unknown. A high-level description of the Pod state is summarized in the PodStatus
phase
field.Enables fine-grained authorization of Pod creation and updates.
[+]A cluster-level resource that controls security sensitive aspects of the Pod specification. The
PodSecurityPolicy
objects define a set of conditions that a Pod must run with in order to be accepted into the system, as well as defaults for the related fields. Pod Security Policy control is implemented as an optional admission controller.PodSecurityPolicy was deprecated as of Kubernetes v1.21, and removed in v1.25. As an alternative, use Pod Security Admission or a 3rd party admission plugin.
QoS Class (Quality of Service Class) provides a way for Kubernetes to classify Pods within the cluster into several classes and make decisions about scheduling and eviction.
[+]QoS Class of a Pod is set at creation time based on its compute resources requests and limits settings. QoS classes are used to make decisions about Pods scheduling and eviction. Kubernetes can assign one of the following QoS classes to a Pod:
Guaranteed
,Burstable
orBestEffort
.A whole-number representation of small or large numbers using SI suffixes.
[+]Quantities are representations of small or large numbers using a compact, whole-number notation with SI suffixes. Fractional numbers are represented using milli units, while large numbers can be represented using kilo, mega, or giga units.
For instance, the number
1.5
is represented as1500m
, while the number1000
can be represented as1k
, and1000000
as1M
. You can also specify binary-notation suffixes; the number 2048 can be written as2Ki
.The accepted decimal (power-of-10) units are
m
(milli),k
(kilo, intentionally lowercase),M
(mega),G
(giga),T
(tera),P
(peta),E
(exa).The accepted binary (power-of-2) units are
Ki
(kibi),Mi
(mebi),Gi
(gibi),Ti
(tebi),Pi
(pebi),Ei
(exbi).Manages authorization decisions, allowing admins to dynamically configure access policies through the Kubernetes API.
[+]RBAC utilizes four kinds of Kubernetes objects:
- Role
- Defines permission rules in a specific namespace.
- ClusterRole
- Defines permission rules cluster-wide.
- RoleBinding
- Grants the permissions defined in a role to a set of users in a specific namespace.
- ClusterRoleBinding
- Grants the permissions defined in a role to a set of users cluster-wide.
For more information, see RBAC.
A copy or duplicate of a Pod or a set of pods. Replicas ensure high availability, scalability, and fault tolerance by maintaining multiple identical instances of a pod.
[+]Replicas are commonly used in Kubernetes to achieve the desired application state and reliability. They enable workload scaling and distribution across multiple nodes in a cluster.
By defining the number of replicas in a Deployment or ReplicaSet, Kubernetes ensures that the specified number of instances are running, automatically adjusting the count as needed.
Replica management allows for efficient load balancing, rolling updates, and self-healing capabilities in a Kubernetes cluster.
El ReplicaSet es la nueva generación del ReplicationController.
[+]Un ReplicaSet, análogamente a un ReplicationController, garantiza que un número establecido de réplicas de un pod estén corriendo en un momento dado. El ReplicaSet tiene soporte para selectores del tipo set-based, lo que permite el filtrado de claves por grupos de valores como por ejemplo todos los pods cuya etiqueta
environment
no seaproduction
niqa
. Por otro lado, el ReplicationController solo soporta selectores equality-based, es decir, que solo puedes filtrar por valores exactos como por ejemplo, los pods que tengan la etiquetatier
con valorfrontend
.Provides an identity for processes that run in a Pod.
[+]When processes inside Pods access the cluster, they are authenticated by the API server as a particular service account, for example,
default
. When you create a Pod, if you do not specify a service account, it is automatically assigned the default service account in the same Namespace.A technique for assigning requests to queues that provides better isolation than hashing modulo the number of queues.
[+]We are often concerned with insulating different flows of requests from each other, so that a high-intensity flow does not crowd out low-intensity flows. A simple way to put requests into queues is to hash some characteristics of the request, modulo the number of queues, to get the index of the queue to use. The hash function uses as input characteristics of the request that align with flows. For example, in the Internet this is often the 5-tuple of source and destination address, protocol, and source and destination port.
That simple hash-based scheme has the property that any high-intensity flow will crowd out all the low-intensity flows that hash to the same queue. Providing good insulation for a large number of flows requires a large number of queues, which is problematic. Shuffle-sharding is a more nimble technique that can do a better job of insulating the low-intensity flows from the high-intensity flows. The terminology of shuffle-sharding uses the metaphor of dealing a hand from a deck of cards; each queue is a metaphorical card. The shuffle-sharding technique starts with hashing the flow-identifying characteristics of the request, to produce a hash value with dozens or more of bits. Then the hash value is used as a source of entropy to shuffle the deck and deal a hand of cards (queues). All the dealt queues are examined, and the request is put into one of the examined queues with the shortest length. With a modest hand size, it does not cost much to examine all the dealt cards and a given low-intensity flow has a good chance to dodge the effects of a given high-intensity flow. With a large hand size it is expensive to examine the dealt queues and more difficult for the low-intensity flows to dodge the collective effects of a set of high-intensity flows. Thus, the hand size should be chosen judiciously.
One or more containers that are typically started before any app containers run.
[+]Sidecar containers are like regular app containers, but with a different purpose: the sidecar provides a Pod-local service to the main app container. Unlike init containers, sidecar containers continue running after Pod startup.
Read Sidecar containers for more information.
Defines how each object, like Pods or Services, should be configured and its desired state.
[+]Almost every Kubernetes object includes two nested object fields that govern the object's configuration: the object spec and the object status. For objects that have a spec, you have to set this when you create the object, providing a description of the characteristics you want the resource to have: its desired state.
It varies for different objects like Pods, StatefulSets, and Services, detailing settings such as containers, volumes, replicas, ports,
and other specifications unique to each object type. This field encapsulates what state Kubernetes should maintain for the defined
object.Gestiona el despliegue y escalado de un conjunto de Pods, y garantiza el orden y unicidad de dichos Pods.
[+]Al igual que un Deployment, un StatefulSet gestiona Pods que se basan en una especificación idéntica de contenedor. A diferencia de un Deployment, un StatefulSet mantiene una identidad asociada a sus Pods. Estos pods se crean a partir de la misma especificación, pero no pueden intercambiarse; cada uno tiene su propio identificador persistente que mantiene a lo largo de cualquier re-programación.
Un StatefulSet opera bajo el mismo patrón que cualquier otro controlador. Se define el estado deseado en un objeto StatefulSet, y el controlador del StatefulSet efectúa las actualizaciones que sean necesarias para alcanzarlo a partir del estado actual.
A pod managed directly by the kubelet daemon on a specific node,
[+]without the API server observing it.
Static Pods do not support ephemeral containers.
A core object consisting of three required properties: key, value, and effect. Taints prevent the scheduling of Pods on nodes or node groups.
[+]Taints and tolerations work together to ensure that pods are not scheduled onto inappropriate nodes. One or more taints are applied to a node. A node should only schedule a Pod with the matching tolerations for the configured taints.
Una cadena de caracteres generada por Kubernetes para identificar objetos de forma única.
[+]Cada objeto creado a lo largo de toda la vida de un clúster Kubernetes tiene un UID distinto. Está pensado para distinguir entre ocurrencias históricas de entidades similares.
Un directorio que contiene datos y que es accesible desde los contenedores corriendo en un pod.
[+]Un volumen de Kubernetes vive mientras exista el pod que lo contiene, no depende de la vida del contenedor por eso se conservan los datos entre los reinicios de los contenedores.
A verb that is used to track changes to an object in Kubernetes as a stream. It is used for the efficient detection of changes.
[+]A verb that is used to track changes to an object in Kubernetes as a stream. Watches allow efficient detection of changes; for example, a controller that needs to know whenever a ConfigMap has changed can use a watch rather than polling.
See Efficient Detection of Changes in API Concepts for more information.
Un Workload es una aplicación que se ejecuta en Kubernetes.
[+]Varios objetos clave que representan diferentes tipos o partes de un Workload incluyen los objetos: DaemonSet, Deployment, Job, ReplicaSet y StatefulSet.
Por ejemplo, un Workload que tiene un servidor web y una base de datos podría ejecutar la base de datos en un StatefulSet y el servidor web en un Deployment.
Última modificación May 29, 2024 at 12:08 AM PST: [es] Ready glossary page for vanilla Docsy (cd072b367b)