Workloads are applications running on Kubernetes clusters. A Kubernetes workload is composed of multiple resources. This section provides brief descriptions, with links to additional information, for the Kubernetes resources you can use to define your applications.
If you are familiar with Kubernetes, you can proceed directly to the Catalogs section.
Pod
In Kubernetes, a Pod is the basic unit of deployment and scaling. A pod can have several related containers that share networking and storage resources, just like applications running on a server.
As a best practice, Nirmata does not allow defining individual pods. Instead, you can define a pod controller like a Deployment, StatefulSet, Job, or CronJob to manage the pod lifecycle.
Deployments
Use a Deployment for stateless services in your application. As part of your Deployment definition, you can configure a Pod template with one or more containers. For each container, you can add settings such as image information, run command, health checks, environment variables, volume mounts, container ports etc.
StatefulSets
Some application components require stable identities e.g. distributed software tools may require that cluster members retain the same names and addresses within the cluster. Other software may manage large data sets, requiring reusing the same volume. StatefulSets address solve of these challenges, and provide additional controls over upgrades and restarts suitable for stateful services.
Service
To enable communication with other components in your application, or with external clients, you can expose one or more ports of your containers by defining a Service.
Jobs
Jobs are applications that run to completion i.e. run once and terminate.
Most commonly, Jobs are used to cleanup after an application runs, to run security before deploying an application, or to perform one-time setup operations.
It is possible to add multiple jobs to a single application.
CronJob
CronJobs are jobs that run periodically. Using CronJobs, users can schedule jobs to be performed at predetermined intervals. CronJobs are most commonly used to create current snapshots and to backup snapshots.
Persistent Volume Claims
A PersistentVolumeClaim (PVC) is a request for storage for a pod. PVCs are used to create Persistent Volumes (PV) for your pods). PVCs can request specific size and access modes for storage.
Tip: When creating a StatefulSet, you can create VolumeClaimTemplates instead of using PVCs. This will allow you to scale your StatefulSet.
ConfigMaps
ConfigMaps allow you to decouple configuration from your container image, ensuring that your containerized application is portable.
ConfigMaps can be made available to your pod as:
- Environment variables
- Volumes
A ConfigMap can be shared across multiple pod templates further simplifying your application configuration.
Secrets
Secrets can be created to store sensitive information such as password, certificates etc. Putting sensitive information in secrets is relatively secure compared to including it in your container image and provides flexibility in how these secrets can be accessed.
Secrets can be made available to your pod as:
- Environment variables
- Volumes
A Secret can be shared across multiple pod templates further simplifying your application configuration.
Network Policies
A network policy specifies how groups of pods are allowed to communicate with each other and other network endpoints.
Network Policies use labels to select pods and define rules which specify what traffic is allowed to the selected pods. By default, all pods in a Namespace can communicate with each other.
Ingress
An Ingress manages external access to the services in a cluster, typically HTTP. Ingress resources can provide load balancing, SSL termination, and name-based virtual hosting.
Custom Resources
Nirmata offers native-support for most commonly used Kubernetes workload concepts. However, a major benefit of Kubernetes is its extensibility. To enable use of any other Kubernetes resource, including Custom Resource Definitions (CRDs), Nirmata can import and manage any Kubernetes resource in YAML or JSON format.