Kubernetes v1.31 Documentation
首页
白天
夜间
下载
阅读记录
书签管理
我的书签
添加书签
移除书签
编辑文档
ClusterRoleBinding
来源 1
浏览
46
扫码
打印
2024-09-19 08:19:30
上一篇:
下一篇:
发布点评
Tutorials
Services
Connecting Applications with Services
Explore Termination Behavior for Pods And Their Endpoints
Using Source IP
Learn Kubernetes Basics
Deploy an App
Using kubectl to Create a Deployment
Expose Your App Publicly
Using a Service to Expose Your App
Explore Your App
Viewing Pods and Nodes
Scale Your App
Running Multiple Instances of Your App
Create a Cluster
Using Minikube to Create a Cluster
Update Your App
Performing a Rolling Update
Configuration
Updating Configuration via a ConfigMap
Adopting Sidecar Containers
Configuring Redis using a ConfigMap
Example: Configuring a Java Microservice
Externalizing config using MicroProfile, ConfigMaps and Secrets
Stateless Applications
Exposing an External IP Address to Access an Application in a Cluster
Example: Deploying PHP Guestbook application with Redis
Hello Minikube
Stateful Applications
Running ZooKeeper, A Distributed System Coordinator
Example: Deploying Cassandra with a StatefulSet
StatefulSet Basics
Example: Deploying WordPress and MySQL with Persistent Volumes
Security
Apply Pod Security Standards at the Namespace Level
Restrict a Container’s Syscalls with seccomp
Apply Pod Security Standards at the Cluster Level
Restrict a Container’s Access to Resources with AppArmor
Documentation
Available Documentation Versions
Tasks
Managing Secrets
Managing Secrets using kubectl
Managing Secrets using Kustomize
Managing Secrets using Configuration File
Manage HugePages
Extend kubectl with plugins
Schedule GPUs
Administer a Cluster
Securing a Cluster
Manage Memory, CPU, and API Resources
Configure Memory and CPU Quotas for a Namespace
Configure Default Memory Requests and Limits for a Namespace
Configure Default CPU Requests and Limits for a Namespace
Configure Minimum and Maximum Memory Constraints for a Namespace
Configure a Pod Quota for a Namespace
Configure Minimum and Maximum CPU Constraints for a Namespace
Namespaces Walkthrough
Using CoreDNS for Service Discovery
Access Clusters Using the Kubernetes API
Upgrade A Cluster
Operating etcd clusters for Kubernetes
Use Cascading Deletion in a Cluster
Set Kubelet Parameters Via A Configuration File
Autoscale the DNS Service in a Cluster
Migrating from dockershim
Find Out What Container Runtime is Used on a Node
Troubleshooting CNI plugin-related errors
Check whether dockershim removal affects you
Migrate Docker Engine nodes from dockershim to cri-dockerd
Migrating telemetry and security agents from dockershim
Changing the Container Runtime on a Node from Docker Engine to containerd
Switching from Polling to CRI Event-based Updates to Container Status
Using sysctls in a Kubernetes Cluster
Running Kubernetes Node Components as a Non-root User
Debugging DNS Resolution
Safely Drain a Node
Declare Network Policy
Configure a kubelet image credential provider
IP Masquerade Agent User Guide
Share a Cluster with Namespaces
Configure Quotas for API Objects
Migrate Replicated Control Plane To Use Cloud Controller Manager
Install a Network Policy Provider
Weave Net for NetworkPolicy
Use Cilium for NetworkPolicy
Use Calico for NetworkPolicy
Romana for NetworkPolicy
Use Kube-router for NetworkPolicy
Use Antrea for NetworkPolicy
Advertise Extended Resources for a Node
Developing Cloud Controller Manager
Using a KMS provider for data encryption
Cloud Controller Manager Administration
Using NodeLocal DNSCache in Kubernetes Clusters
Administration with kubeadm
Configuring a cgroup driver
Upgrading Windows nodes
Certificate Management with kubeadm
Reconfiguring a kubeadm cluster
Upgrading Linux nodes
Upgrading kubeadm clusters
Changing The Kubernetes Package Repository
Enable Or Disable A Kubernetes API
Decrypt Confidential Data that is Already Encrypted at Rest
Guaranteed Scheduling For Critical Add-On Pods
Change the default StorageClass
Reserve Compute Resources for System Daemons
Limit Storage Consumption
Utilizing the NUMA-aware Memory Manager
Change the Reclaim Policy of a PersistentVolume
Generate Certificates Manually
Customizing DNS Service
Verify Signed Kubernetes Artifacts
Change the Access Mode of a PersistentVolume to ReadWriteOncePod
Control Topology Management Policies on a node
Encrypting Confidential Data at Rest
Control CPU Management Policies on the Node
Install Tools
Install and Set Up kubectl on macOS
Install and Set Up kubectl on Windows
Install and Set Up kubectl on Linux
Networking
Extend Service IP Ranges
Adding entries to Pod /etc/hosts with HostAliases
Validate IPv4/IPv6 dual-stack
Manage Cluster Daemons
Perform a Rolling Update on a DaemonSet
Running Pods on Only Some Nodes
Perform a Rollback on a DaemonSet
Configure Pods and Containers
Use a User Namespace With a Pod
Assign Pods to Nodes
Assign Extended Resources to a Container
Assign Memory Resources to Containers and Pods
Create static Pods
Share Process Namespace between Containers in a Pod
Enforce Pod Security Standards with Namespace Labels
Resize CPU and Memory Resources assigned to Containers
Configure a Pod to Use a ConfigMap
Configure a Pod to Use a Volume for Storage
Configure Liveness, Readiness and Startup Probes
Migrate from PodSecurityPolicy to the Built-In PodSecurity Admission Controller
Configure a Security Context for a Pod or Container
Configure GMSA for Windows Pods and containers
Pull an Image from a Private Registry
Configure Service Accounts for Pods
Configure Quality of Service for Pods
Configure Pod Initialization
Use an Image Volume With a Pod
Assign Pods to Nodes using Node Affinity
Create a Windows HostProcess Pod
Attach Handlers to Container Lifecycle Events
Configure a Pod to Use a PersistentVolume for Storage
Configure a Pod to Use a Projected Volume for Storage
Configure RunAsUserName for Windows pods and containers
Enforce Pod Security Standards by Configuring the Built-in Admission Controller
Translate a Docker Compose File to Kubernetes Resources
Assign CPU Resources to Containers and Pods
Extend Kubernetes
Set up an Extension API Server
Use an HTTP Proxy to Access the Kubernetes API
Configure Multiple Schedulers
Configure the Aggregation Layer
Set up Konnectivity service
Use Custom Resources
Extend the Kubernetes API with CustomResourceDefinitions
Versions in CustomResourceDefinitions
Use a SOCKS5 Proxy to Access the Kubernetes API
Run Jobs
Parallel Processing using Expansions
Job with Pod-to-Pod Communication
Fine Parallel Processing Using a Work Queue
Running Automated Tasks with a CronJob
Handling retriable and non-retriable pod failures with Pod failure policy
Coarse Parallel Processing Using a Work Queue
Indexed Job for Parallel Processing with Static Work Assignment
TLS
Manual Rotation of CA Certificates
Configure Certificate Rotation for the Kubelet
Manage TLS Certificates in a Cluster
Manage Kubernetes Objects
Declarative Management of Kubernetes Objects Using Configuration Files
Declarative Management of Kubernetes Objects Using Kustomize
Imperative Management of Kubernetes Objects Using Configuration Files
Update API Objects in Place Using kubectl patch
Migrate Kubernetes Objects Using Storage Version Migration
Managing Kubernetes Objects Using Imperative Commands
Run Applications
Specifying a Disruption Budget for your Application
Run a Single-Instance Stateful Application
HorizontalPodAutoscaler Walkthrough
Horizontal Pod Autoscaling
Delete a StatefulSet
Force Delete StatefulSet Pods
Run a Stateless Application Using a Deployment
Accessing the Kubernetes API from a Pod
Run a Replicated Stateful Application
Scale a StatefulSet
Access Applications in a Cluster
Use Port Forwarding to Access Applications in a Cluster
Communicate Between Containers in the Same Pod Using a Shared Volume
Use a Service to Access an Application in a Cluster
Configure DNS for a Cluster
Access Services Running on Clusters
Accessing Clusters
Connect a Frontend to a Backend Using Services
Create an External Load Balancer
Set up Ingress on Minikube with the NGINX Ingress Controller
List All Container Images Running in a Cluster
Configure Access to Multiple Clusters
Deploy and Access the Kubernetes Dashboard
Monitoring, Logging, and Debugging
Troubleshooting Clusters
Debugging Kubernetes Nodes With Kubectl
Troubleshooting kubectl
Resource metrics pipeline
Tools for Monitoring Resources
Auditing
Debugging Kubernetes nodes with crictl
Windows debugging tips
Developing and debugging services locally using telepresence
Monitor Node Health
Troubleshooting Applications
Debug Init Containers
Determine the Reason for Pod Failure
Debug Services
Debug Running Pods
Debug Pods
Get a Shell to a Running Container
Debug a StatefulSet
Inject Data Into Applications
Define a Command and Arguments for a Container
Define Dependent Environment Variables
Expose Pod Information to Containers Through Environment Variables
Distribute Credentials Securely Using Secrets
Define Environment Variables for a Container
Expose Pod Information to Containers Through Files
Contribute
Documentation style overview
Style guide
Writing a new topic
Page content types
Diagram guide
Content guide
Custom Hugo Shortcodes
Content organization
Viewing Site Analytics
Updating Reference Documentation
Generating Reference Pages for Kubernetes Components and Tools
Contributing to the Upstream Kubernetes Code
Quickstart
Generating Reference Documentation for Metrics
Generating Reference Documentation for kubectl Commands
Generating Reference Documentation for the Kubernetes API
Localizing Kubernetes documentation
Contribute to Kubernetes Documentation
Participating in SIG Docs
PR wranglers
Roles and responsibilities
Issue Wranglers
Contributing new content
Opening a pull request
Documenting for a release
Blogs and case studies
Reviewing changes
For approvers and reviewers
Reviewing pull requests
Advanced contributing
Suggesting content improvements
Getting started
Best practices
Considerations for large clusters
PKI certificates and requirements
Validate node setup
Running in multiple zones
Enforcing Pod Security Standards
Learning environment
Production environment
Container Runtimes
Turnkey Cloud Solutions
Installing Kubernetes with deployment tools
Bootstrapping clusters with kubeadm
Set up a High Availability etcd Cluster with kubeadm
Creating Highly Available Clusters with kubeadm
Options for Highly Available Topology
Installing kubeadm
Customizing components with the kubeadm API
Dual-stack support with kubeadm
Configuring each kubelet in your cluster using kubeadm
Troubleshooting kubeadm
Creating a cluster with kubeadm
Concepts
Security
Security For Windows Nodes
Service Accounts
Multi-tenancy
Linux kernel security constraints for Pods and containers
Kubernetes API Server Bypass Risks
Good practices for Kubernetes Secrets
Cloud Native Security
Controlling Access to the Kubernetes API
Hardening Guide - Authentication Mechanisms
Role Based Access Control Good Practices
Pod Security Policies
Pod Security Standards
Security Checklist
Pod Security Admission
Policies
Process ID Limits And Reservations
Limit Ranges
Node Resource Managers
Resource Quotas
Extending Kubernetes
Extending the Kubernetes API
Custom Resources
Kubernetes API Aggregation Layer
Operator pattern
Compute, Storage, and Networking Extensions
Device Plugins
Network Plugins
Configuration
Configuration Best Practices
Resource Management for Pods and Containers
Liveness, Readiness, and Startup Probes
Resource Management for Windows nodes
ConfigMaps
Secrets
Organizing Cluster Access Using kubeconfig Files
Services, Load Balancing, and Networking
Service Internal Traffic Policy
Ingress
Networking on Windows
Topology Aware Routing
EndpointSlices
Network Policies
Service ClusterIP allocation
Ingress Controllers
DNS for Services and Pods
Gateway API
IPv4/IPv6 dual-stack
Service
Storage
Volume Snapshots
Volume Snapshot Classes
Volume Health Monitoring
Ephemeral Volumes
Windows Storage
Volumes
Node-specific Volume Limits
Volume Attributes Classes
Dynamic Volume Provisioning
Projected Volumes
CSI Volume Cloning
Storage Capacity
Storage Classes
Persistent Volumes
Cluster Architecture
Container Runtime Interface (CRI)
Garbage Collection
Nodes
Controllers
Communication between Nodes and the Control Plane
Mixed Version Proxy
Leases
Cloud Controller Manager
About cgroup v2
Overview
Kubernetes Components
Objects In Kubernetes
Namespaces
Object Names and IDs
Owners and Dependents
Labels and Selectors
Finalizers
Kubernetes Object Management
Annotations
Field Selectors
Recommended Labels
The Kubernetes API
Cluster Administration
Proxies in Kubernetes
Cluster Networking
Cluster Autoscaling
Metrics for Kubernetes Object States
System Logs
Coordinated Leader Election
Traces For Kubernetes System Components
Logging Architecture
Metrics For Kubernetes System Components
Node Shutdowns
Installing Addons
API Priority and Fairness
Certificates
Windows in Kubernetes
Guide for Running Windows Containers in Kubernetes
Windows containers in Kubernetes
Workloads
Managing Workloads
Autoscaling Workloads
Workload Management
ReplicationController
DaemonSet
CronJob
Automatic Cleanup for Finished Jobs
Jobs
StatefulSets
Deployments
ReplicaSet
Pods
Pod Quality of Service Classes
Disruptions
Pod Lifecycle
Init Containers
User Namespaces
Downward API
Ephemeral Containers
Sidecar Containers
Containers
Container Environment
Container Lifecycle Hooks
Runtime Class
Images
Scheduling, Preemption and Eviction
Node-pressure Eviction
Pod Scheduling Readiness
Dynamic Resource Allocation
Scheduling Framework
Taints and Tolerations
Pod Overhead
API-initiated Eviction
Pod Priority and Preemption
Pod Topology Spread Constraints
Resource Bin Packing
Scheduler Performance Tuning
Kubernetes Scheduler
Assigning Pods to Nodes
Docs smoke test page
Reference
Kubernetes Issues and Security
CVE feed
Kubernetes Issue Tracker
Kubernetes Security and Disclosure Information
Networking Reference
Protocols for Services
Ports and Protocols
Virtual IPs and Service Proxies
API Access Control
Authenticating
TLS bootstrapping
Managing Service Accounts
Webhook Mode
Mapping PodSecurityPolicies to Pod Security Standards
Using ABAC Authorization
Authorization
Using RBAC Authorization
Authenticating with Bootstrap Tokens
Certificates and Certificate Signing Requests
Admission Controllers
Kubelet authentication/authorization
Using Node Authorization
Validating Admission Policy
Dynamic Admission Control
Configuration APIs
kube-proxy Configuration (v1alpha1)
kubeconfig (v1)
Kubelet Configuration (v1)
kubeadm Configuration (v1beta3)
kubeadm Configuration (v1beta4)
kube-scheduler Configuration (v1)
kube-apiserver Configuration (v1)
Kubelet CredentialProvider (v1)
Client Authentication (v1)
kube-apiserver Configuration (v1alpha1)
Kubelet Configuration (v1beta1)
Client Authentication (v1beta1)
WebhookAdmission Configuration (v1)
Event Rate Limit Configuration (v1alpha1)
kube-apiserver Audit Configuration (v1)
kube-apiserver Admission (v1)
Image Policy API (v1alpha1)
kube-apiserver Configuration (v1beta1)
Kubelet Configuration (v1alpha1)
kube-controller-manager Configuration (v1alpha1)
Well-Known Labels, Annotations and Taints
Audit Annotations
Scheduling
Scheduler Configuration
Scheduling Policies
Other Tools
Mapping from dockercli to crictl
Setup tools
Kubeadm
kubeadm upgrade
kubeadm init phase
kubeadm token
kubeadm reset phase
kubeadm reset
kubeadm config
kubeadm join phase
kubeadm alpha
kubeadm version
kubeadm certs
kubeadm kubeconfig
kubeadm init
Implementation details
kubeadm upgrade phase
kubeadm join
External APIs
Kubernetes Custom Metrics (v1beta2)
Kubernetes Metrics (v1beta1)
Kubernetes External Metrics (v1beta1)
Kubernetes API
Common Definitions
Status
ObjectMeta
LocalObjectReference
Patch
LabelSelector
Quantity
DeleteOptions
ObjectFieldSelector
NodeSelectorRequirement
TypedLocalObjectReference
ResourceFieldSelector
ListMeta
ObjectReference
Extend Resources
DeviceClass v1alpha3
ValidatingWebhookConfiguration
MutatingWebhookConfiguration
CustomResourceDefinition
Authorization Resources
RoleBinding
ClusterRole
ClusterRoleBinding
SelfSubjectRulesReview
SelfSubjectAccessReview
SubjectAccessReview
LocalSubjectAccessReview
Role
Service Resources
EndpointSlice
Ingress
IngressClass
Endpoints
Service
Config and Storage Resources
PersistentVolumeClaim
VolumeAttachment
CSIDriver
VolumeAttributesClass v1beta1
Secret
StorageClass
Volume
PersistentVolume
CSIStorageCapacity
ConfigMap
StorageVersionMigration v1alpha1
CSINode
Cluster Resources
APIService
Node
ServiceCIDR v1beta1
Namespace
Lease
ComponentStatus
Event
LeaseCandidate v1alpha1
IPAddress v1beta1
RuntimeClass
Policy Resources
PodDisruptionBudget
FlowSchema
PriorityLevelConfiguration
NetworkPolicy
LimitRange
ResourceQuota
ValidatingAdmissionPolicy
ValidatingAdmissionPolicyBinding
Workload Resources
PodSchedulingContext v1alpha3
Job
HorizontalPodAutoscaler
Pod
ResourceClaim v1alpha3
PodTemplate
DaemonSet
ResourceSlice v1alpha3
StatefulSet
ResourceClaimTemplate v1alpha3
ControllerRevision
PriorityClass
HorizontalPodAutoscaler
ReplicationController
ReplicaSet
CronJob
Deployment
Binding
Authentication Resources
ServiceAccount
TokenReview
TokenRequest
ClusterTrustBundle v1alpha1
CertificateSigningRequest
SelfSubjectReview
Common Parameters
Node Reference Information
Node Labels Populated By The Kubelet
Node Status
Articles on dockershim Removal and on Using CRI-compatible Runtimes
Linux Kernel Version Requirements
Kubelet Configuration Directory Merging
Kubelet Device Manager API Versions
Kubelet Checkpoint API
Glossary
Debug cluster
Flow control
API Overview
Kubernetes Deprecation Policy
Deprecated API Migration Guide
Server-Side Apply
Client Libraries
Kubernetes API health endpoints
Kubernetes API Concepts
Common Expression Language in Kubernetes
Instrumentation
CRI Pod & Container Metrics
Service Level Indicator Metrics
Node metrics data
Kubernetes Metrics Reference
Command line tool (kubectl)
kubectl for Docker Users
kubectl Usage Conventions
kubectl reference
kubectl version
kubectl api-versions
kubectl cordon
kubectl logs
kubectl replace
kubectl attach
kubectl options
kubectl port-forward
kubectl diff
kubectl get
kubectl apply
kubectl apply view-last-applied
kubectl apply edit-last-applied
kubectl apply set-last-applied
kubectl taint
kubectl annotate
kubectl
kubectl plugin
kubectl plugin list
kubectl run
kubectl kustomize
kubectl certificate
kubectl certificate approve
kubectl certificate deny
kubectl top
kubectl top node
kubectl top pod
kubectl set
kubectl set resources
kubectl set image
kubectl set subject
kubectl set env
kubectl set serviceaccount
kubectl set selector
kubectl patch
kubectl drain
kubectl autoscale
kubectl explain
kubectl cp
kubectl cluster-info
kubectl cluster-info dump
kubectl edit
kubectl completion
kubectl label
kubectl debug
kubectl expose
kubectl delete
kubectl create
kubectl create service clusterip
kubectl create service nodeport
kubectl create priorityclass
kubectl create service externalname
kubectl create rolebinding
kubectl create configmap
kubectl create secret docker-registry
kubectl create token
kubectl create service
kubectl create service loadbalancer
kubectl create cronjob
kubectl create secret generic
kubectl create quota
kubectl create namespace
kubectl create poddisruptionbudget
kubectl create deployment
kubectl create job
kubectl create role
kubectl create serviceaccount
kubectl create clusterrolebinding
kubectl create ingress
kubectl create secret tls
kubectl create clusterrole
kubectl create secret
kubectl rollout
kubectl rollout resume
kubectl rollout history
kubectl rollout undo
kubectl rollout restart
kubectl rollout status
kubectl rollout pause
kubectl api-resources
kubectl exec
kubectl auth
kubectl auth reconcile
kubectl auth whoami
kubectl auth can-i
kubectl describe
kubectl proxy
kubectl config
kubectl config get-clusters
kubectl config view
kubectl config get-users
kubectl config set
kubectl config delete-cluster
kubectl config current-context
kubectl config unset
kubectl config set-cluster
kubectl config rename-context
kubectl config delete-context
kubectl config set-context
kubectl config get-contexts
kubectl config use-context
kubectl config set-credentials
kubectl config delete-user
kubectl events
kubectl scale
kubectl uncordon
kubectl wait
Introduction to kubectl
kubectl Commands
kubectl Quick Reference
kubectl
JSONPath Support
Component tools
kubelet
Feature Gates (removed)
kube-scheduler
kube-proxy
Feature Gates
kube-apiserver
kube-controller-manager
暂无相关搜索结果!
本文档使用
全库网
构建
×
思维导图备注
×
文章二维码
手机扫一扫,轻松掌上读
×
文档下载
请下载您需要的格式的文档,随时随地,享受汲取知识的乐趣!
PDF
文档
EPUB
文档
MOBI
文档
×
书签列表
×
阅读记录
阅读进度:
0.00%
(
0/0
)
重置阅读进度