Help us understand the problem. What are the problem?

More than 3 years have passed since last update.

posted at

updated at


Kubernetes Icons Set & Kubernetes ressources map


Kubernetesを理解したり、kubernetesに関するスライドを作る際にKubernetes Icons Setがとても役に立つのでもっとみんなの目に触れるといいなと思ってQiitaにまとめてみました。



kind Labeled Unlabeled
pod pod-128.png pod-128.png
ReplicaSet rs-128.png rs-128.png
Deployment deploy-128.png deploy-128.png
DaemonSet ds-128.png ds-128.png
Job job-128.png job-128.png
CronJob cronjob-128.png cronjob-128.png
StatefulSet sts-128.png sts-128.png
  • Pod: Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.
  • ReplicaSet: ReplicaSet ensures that a specified number of pod replicas are running at any given time
  • Deployment: Deployment enables declarative updates for Pods and ReplicaSets.
  • DaemonSet: DaemonSet represents the configuration of a daemon set.
  • Job: Job represents the configuration of a single job.
  • CronJob: A CronJob manages time based Job, namely:
    • once at a specified point in time
    • repeatedly at a specified point in time


kind Labeled Unlabeled
PersistentVolume pv-128.png pv-128.png
PersistentVolumeClaim pvc-128.png pvc-128.png
StorageClass sc-128.png sc-128.png
  • PersistentVolume: is a storage resource provisioned by an administrator.
  • PersistentVolumeClaim: PersistentVolumeClaim is a user's request for and claim to a persistent volume.
  • StorageClass: StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.


kind Labeled Unlabeled
Ingress ing-128.png ing-128.png
Service svc-128.png svc-128.png
Endpoint ep-128.png ep-128.png
NetworkPolicy netpol-128.png netpol-128.png
  • Ingress: Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.
  • Service: Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.
  • Endpoint: Endpoints is a collection of endpoints that implement the actual service.
  • NetworkPolicy: NetworkPolicy describes what network traffic is allowed for a set of Pods.

RBAC Model

kind Labeled Unlabeled
ServicaAccount sa-128.png sa-128.png
User user-128.png user-128.png
Group group-128.png group-128.png
Role role-128.png role-128.png
ClusterRole c-role-128.png c-role-128.png
ClusterRoleBinding crb-128.png crb-128.png
RoleBinding rb-128.png rb-128.png
  • ServicaAccount: binds together: a name, a principal that can be authenticated and authorized * a set of secrets.
  • User: Human user of Kubernetes cluster.
  • Group: Set of Service Accounts or Users.
  • Role: Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
  • ClusterRole: ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
  • ClusterRoleBinding: A cluster role binding grants the permissions defined in a role/clusterrole to a user or set of users. Permissions are granted cluster-wide.
  • RoleBinding: A role binding grants the permissions defined in a role/clusterrole to a user or set of users. Permissions are granted within a namespace.

Pods Configuration

kind Labeled Unlabeled
ConfigMap cm-128.png cm-128.png
Secret secret-128.png secret-128.png
  • ConfigMap: ConfigMap holds configuration data for pods to consume.
  • Secret: Secret holds secret data of a certain type.

Cluster Configuration

kind Labeled Unlabeled
LimitRange limits-128.png limits-128.png
Quota quota-128.png quota-128.png
HorizontalPodAutoscaler hpa-128.png hpa-128.png
  • LimitRange: LimitRange sets resource usage limits for each kind of resource in a Namespace.
  • Quota: ResourceQuota sets aggregate quota restrictions enforced per namespace.
  • HorizontalPodAutoscaler: configuration of a horizontal pod autoscaler.


kind Labeled Unlabeled
CustomResourceDefinition crd-128.png crd-128.png
PodSecurityPolicy psp-128.png psp-128.png
  • CustomResourceDefinition: Extension of Kubernetes API.
  • PodSecurityPolicy: governs the ability to make requests that affect the Security Context that will be applied to a pod and container.

Infrastructure Components

kind Labeled Unlabeled
Cluster image.png
Master master-128.png master-128.png
Node node-128.png node-128.png
ETCD etcd-128.png etcd-128.png
  • Cluster: Kubernetes cluster.
  • Master: Kubernetes Control Plane.
  • Node: Worker machine in Kubernetes cluster.
  • ETCD: Kubernetes’s backing store.


Control Plane Components

kind Labeled Unlabeled
K8s API Server image.png master-128.png
Controller Manager image.png master-128.png
Scheduler image.png master-128.png
Cloud Controller Manager image.png master-128.png
Kubelet image.png node-128.png
Kube-proxy image.png node-128.png
  • K8s API Server: Kubernetes API.
  • Controller Manager: Kubernetes controller manager.
  • Scheduler: In charge of ensuring Pods placement.
  • Cloud Controller Manager Optional and External Cloud controller (experimental).
  • Kubelet: The kubelet is the primary “node agent” that runs on each node.
  • Kube-proxy: The Kubernetes network proxy runs on each node. This reflects services as defined in the Kubernetes API on each node.

"Control Plane Components"の"Unlabeled"の大きい画像がiconのgithubに無いんです。(一体なぜ?)
"Control Plane Components"の"Unlabeled"の画像は"Master"と"Node"のものと同じなので省略されているみたいです。

Group and links


Kubernetes ressources map


Diagrams examples

Exposed Application


Application with configuration


Application with persistent storage


StatefulSet Architecture


RBAC model


Kube-dns example


Server implementation


K8s components startup

Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Sign upLogin
Help us understand the problem. What are the problem?