A collection of diagrams explaining kubernetes, extracted from our trainings, articles and talks.
Realized using PlantUML. The diagrams don't use UML notation, though. They are rather box and line diagrams.
- Deployment ➜ Pod ➜ Container
- Pod ➜ Node
- Services, Nodes and Pods explained
- Services, Nodes and Pods explained (including IP addresses)
- Authentication and Authorization
- PodSecurityPolicy Activation via RBAC
- Troubleshooting Kubernetes PodSecurityPolicies
Relationship between Deployment, Pod and Container.
Simplified - leaves out ReplicaSets for brevity.
Relationship between Pod and Node.
Traffic flow from Cloud LoadBalancer via Service to Pods running on Nodes.
Traffic flow from Cloud LoadBalancer via Service to Pods running on Nodes. Including different address IP address ranges and ports:
- external IP,
- node internal and external IP and node port,
- service IP,
- pod IP and target port (on container)
Flow from user API server request to response: check authn via identitiy provider, then authz via RBAC.
Connection from Pod to PSP via RBAC (Role, RoleBinding, ServiceAccount).
A diagram to help debugging Kubernetes PodSecurityPolicies.