はじめに
Kubernetesを理解したり、kubernetesに関するスライドを作る際にKubernetes Icons Setがとても役に立つのでもっとみんなの目に触れるといいなと思ってQiitaにまとめてみました。
各Componentの英語の概要は書いてありますが、もう少し詳しい内容が知りたい場合はkubernetesの公式サイトを確認するか、日本語で詳しい内容を知りたい場合はKubernetes完全ガイドを読むと大体のことはわかると思います。
icons
Compute
| kind | Labeled | Unlabeled |
|---|---|---|
| pod |  |
 |
| ReplicaSet |  |
 |
| Deployment |  |
 |
| DaemonSet |  |
 |
| Job |  |
 |
| CronJob |  |
 |
| StatefulSet |  |
 |
- Pod: Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.
- ReplicaSet: ReplicaSet ensures that a specified number of pod replicas are running at any given time
- Deployment: Deployment enables declarative updates for Pods and ReplicaSets.
- DaemonSet: DaemonSet represents the configuration of a daemon set.
- Job: Job represents the configuration of a single job.
-
CronJob: A CronJob manages time based Job, namely:
- once at a specified point in time
- repeatedly at a specified point in time
Storage
| kind | Labeled | Unlabeled |
|---|---|---|
| PersistentVolume |  |
 |
| PersistentVolumeClaim |  |
 |
| StorageClass |  |
 |
- PersistentVolume: is a storage resource provisioned by an administrator.
- PersistentVolumeClaim: PersistentVolumeClaim is a user's request for and claim to a persistent volume.
- StorageClass: StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.
Network
| kind | Labeled | Unlabeled |
|---|---|---|
| Ingress |  |
 |
| Service |  |
 |
| Endpoint |  |
 |
| NetworkPolicy |  |
 |
- Ingress: Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.
- Service: Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.
- Endpoint: Endpoints is a collection of endpoints that implement the actual service.
- NetworkPolicy: NetworkPolicy describes what network traffic is allowed for a set of Pods.
RBAC Model
| kind | Labeled | Unlabeled |
|---|---|---|
| ServicaAccount |  |
 |
| User |  |
 |
| Group |  |
 |
| Role |  |
 |
| ClusterRole |  |
 |
| ClusterRoleBinding |  |
 |
| RoleBinding |  |
 |
- ServicaAccount: binds together: a name, a principal that can be authenticated and authorized * a set of secrets.
- User: Human user of Kubernetes cluster.
- Group: Set of Service Accounts or Users.
- Role: Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
- ClusterRole: ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
- ClusterRoleBinding: A cluster role binding grants the permissions defined in a role/clusterrole to a user or set of users. Permissions are granted cluster-wide.
- RoleBinding: A role binding grants the permissions defined in a role/clusterrole to a user or set of users. Permissions are granted within a namespace.
Pods Configuration
| kind | Labeled | Unlabeled |
|---|---|---|
| ConfigMap |  |
 |
| Secret |  |
 |
- ConfigMap: ConfigMap holds configuration data for pods to consume.
- Secret: Secret holds secret data of a certain type.
Cluster Configuration
| kind | Labeled | Unlabeled |
|---|---|---|
| LimitRange |  |
 |
| Quota |  |
 |
| HorizontalPodAutoscaler |  |
 |
- LimitRange: LimitRange sets resource usage limits for each kind of resource in a Namespace.
- Quota: ResourceQuota sets aggregate quota restrictions enforced per namespace.
- HorizontalPodAutoscaler: configuration of a horizontal pod autoscaler.
Others
| kind | Labeled | Unlabeled |
|---|---|---|
| CustomResourceDefinition |  |
 |
| PodSecurityPolicy |  |
 |
- CustomResourceDefinition: Extension of Kubernetes API.
- PodSecurityPolicy: governs the ability to make requests that affect the Security Context that will be applied to a pod and container.
Infrastructure Components
| kind | Labeled | Unlabeled |
|---|---|---|
| Cluster |  |
|
| Master |  |
 |
| Node |  |
 |
| ETCD |  |
 |
- Cluster: Kubernetes cluster.
- Master: Kubernetes Control Plane.
- Node: Worker machine in Kubernetes cluster.
- ETCD: Kubernetes’s backing store.
iconのgithubに"Cluster"がなかったのでこっちから画像を持ってきてリサイズしています。
Control Plane Components
| kind | Labeled | Unlabeled |
|---|---|---|
| K8s API Server |  |
|
| Controller Manager |  |
|
| Scheduler |  |
|
| Cloud Controller Manager |  |
|
| Kubelet |  |
|
| Kube-proxy |  |
|
- K8s API Server: Kubernetes API.
- Controller Manager: Kubernetes controller manager.
- Scheduler: In charge of ensuring Pods placement.
- Cloud Controller Manager Optional and External Cloud controller (experimental).
- Kubelet: The kubelet is the primary “node agent” that runs on each node.
- Kube-proxy: The Kubernetes network proxy runs on each node. This reflects services as defined in the Kubernetes API on each node.
"Control Plane Components"の"Unlabeled"の大きい画像がiconのgithubに無いんです。(一体なぜ?)
"Control Plane Components"の"Unlabeled"の画像は"Master"と"Node"のものと同じなので省略されているみたいです。
Group and links
 |
|---|
Kubernetes ressources map
 |
|---|
Diagrams examples
Exposed Application
 |
|---|
Application with configuration
 |
|---|
Application with persistent storage
 |
|---|
StatefulSet Architecture
 |
|---|
RBAC model
 |
|---|
Kube-dns example
 |
|---|
Server implementation
 |
|---|
K8s components startup
 |
|---|