Kubernetes指南
Linux性能优化实战eBPF 核心技术与实战SDN指南个人博客
EN
EN
  • Overview
  • Introduction
    • Kubernetes Introduction
    • Kubernetes Concepts
    • Kubernetes 101
    • Kubernetes 201
    • Kubernetes Cluster
  • Concepts
    • Concepts
    • Architecture
    • Design Principles
    • Components
      • etcd
      • kube-apiserver
      • kube-scheduler
      • kube-controller-manager
      • kubelet
      • kube-proxy
      • kube-dns
      • Federation
      • kubeadm
      • hyperkube
      • kubectl
    • Objects
      • Autoscaling
      • ConfigMap
      • CronJob
      • CustomResourceDefinition
      • DaemonSet
      • Deployment
      • Ingress
      • Job
      • LocalVolume
      • Namespace
      • NetworkPolicy
      • Node
      • PersistentVolume
      • Pod
      • PodPreset
      • ReplicaSet
      • Resource Quota
      • Secret
      • SecurityContext
      • Service
      • ServiceAccount
      • StatefulSet
      • Volume
  • Setup
    • Setup Guidance
    • kubectl Install
    • Single Machine
    • Feature Gates
    • Best Practice
    • Version Support
    • Setup Cluster
      • kubeadm
      • kops
      • Kubespray
      • Azure
      • Windows
      • LinuxKit
      • kubeasz
    • Setup Addons
      • Addon-manager
      • DNS
      • Dashboard
      • Monitoring
      • Logging
      • Metrics
      • GPU
      • Cluster Autoscaler
      • ip-masq-agent
  • Extension
    • API Extension
      • Aggregation
      • CustomResourceDefinition
    • Access Control
      • Authentication
      • RBAC Authz
      • Admission
    • Scheduler Extension
    • Network Plugin
      • CNI
      • Flannel
      • Calico
      • Weave
      • Cilium
      • OVN
      • Contiv
      • SR-IOV
      • Romana
      • OpenContrail
      • Kuryr
    • Container Runtime
      • CRI-tools
      • Frakti
    • Storage Driver
      • CSI
      • FlexVolume
      • glusterfs
    • Network Policy
    • Ingress Controller
      • Ingress + Letsencrypt
      • minikube Ingress
      • Traefik Ingress
      • Keepalived-VIP
    • Cloud Provider
    • Device Plugin
  • Cloud Native Apps
    • Apps Management
      • Patterns
      • Rolling Update
      • Helm
      • Operator
      • Service Mesh
      • Linkerd
      • Linkerd2
    • Istio
      • Deploy
      • Traffic Management
      • Security
      • Policy
      • Metrics
      • Troubleshooting
      • Community
    • Devops
      • Draft
      • Jenkins X
      • Spinnaker
      • Kompose
      • Skaffold
      • Argo
      • Flux GitOps
  • Practices
    • Overview
    • Resource Management
    • Cluster HA
    • Workload HA
    • Debugging
    • Portmap
    • Portforward
    • User Management
    • GPU
    • HugePage
    • Security
    • Audit
    • Backup
    • Cert Rotation
    • Large Cluster
    • Big Data
      • Spark
      • Tensorflow
    • Serverless
  • Troubleshooting
    • Overview
    • Cluster Troubleshooting
    • Pod Troubleshooting
    • Network Troubleshooting
    • PV Troubleshooting
      • AzureDisk
      • AzureFile
    • Windows Troubleshooting
    • Cloud Platform Troubleshooting
      • Azure
    • Troubleshooting Tools
  • Community
    • Development Guide
    • Unit Test and Integration Test
    • Community Contribution
  • Appendix
    • Ecosystem
    • Learning Resources
    • Domestic Mirrors
    • How to Contribute
    • Reference Documents
由 GitBook 提供支持
在本页
  1. Extension

API Extension

The infrastructure of Kubernetes is highly flexible, offering a series of extension mechanisms ranging from API, authentication authorization, admission control, networking, storage, runtime to cloud platform [20]. These features enable users to conveniently boost the functionality of their clusters without causing any infringement.

From the perspective of API, Kubernetes API can be expanded through methods such as Aggregation and CustomResourceDefinition (CRD).

  • API Aggregation allows the integration of third-party services into the Kubernetes API without having to modify the core code of Kubernetes. In this way, external services can also be accessed via the Kubernetes API.

  • CustomResourceDefinition allows the addition of new resource objects to the cluster and enables their management in the same way as existing resource objects (like Pod, Deployment etc.)

CRD is more user-friendly in comparison to Aggregation, as illustrated in the table below:

CRDs
Aggregated API

Resource management through CRD requires no programming

Building of Aggregated APIserver requires Go

No extra services needed, though typically a CRD controller is necessary for synchronizing and managing these resources

Requires separate third-party service

All defects are addressed in the core of Kubernetes

Regular synchronizing from the Kubernetes community and rebuilding of Aggregated APIserver may be necessary to fix defects

No additional version management necessary

Requires third-party service for version management

More comparison of features

Feature
Description
CRDs
Aggregated API

Validation

Helps users avoid errors and evolve your API independently of your clients. Extremely useful when many clients are unable to update simultaneously.

Yes, arbitrary validation checks

Defaulting

See above

Yes, via a Mutating Webhook; Planned, via CRD OpenAPI schema.

Yes

Multi-versioning

Allows the same object to be served through two API versions. Helpful in managing API changes like renaming fields. Less pertinent if you have control over your client versions.

No, but planned

Yes

Custom Storage

Useful when you need storage with a different performance mode (e.g., time-series database instead of a key-value store) or isolation for secure reasons (e.g., encryption secrets or different

No

Yes

Custom Business Logic

Allows arbitrary checks or actions when creating, reading, updating or deleting an object

Yes, using Webhooks.

Yes

Scale Subresource

Lets systems like HorizontalPodAutoscaler and PodDisruptionBudget interact with your new resource

Yes

Status Subresource

Provides finer-grained access control: users write spec section, controller writes status section. Enables incrementing object Generation on custom resource data mutation (requires separate spec and status sections in the resource)

Yes

Other Subresources

Adds operations other than CRUD, such as “logs” or “exec”.

No

Yes

strategic-merge-patch

No, but similar functionality planned

Yes

Protocol Buffers

The new resource supports clients that prefer using Protocol Buffers

No

Yes

OpenAPI Schema

Is there an OpenAPI (swagger) schema for the types that can be dynamically fetched from the server? Can the user avoid misspelling field names by ensuring only allowed fields are set? Are types enforced (For instance, do not place an int in a string field?)

No, but planned

Yes

Methods of Application

Please, refer to the detailed steps in:

上一页ip-masq-agent下一页Aggregation

最后更新于1年前

Yes. Most validation can be specified in the CRD via . Any other validations supported by a Validating Webhook.

The new endpoints support PATCH with Content-Type: application/strategic-merge-patch+json. Helps to update objects that may be modified locally, and by the server. For more information, see

Aggregation
CustomResourceDefinition
OpenAPI v3.0 validation
Yes
Yes
“Update API Objects in Place Using kubectl patch”