Mastering Kubernetes: A Complete Guide to All Core Resources

Workload Resources

Kubernetes workload resources are the primary objects for running containerized applications.

Pod : The smallest deployable unit; a Pod can host one or more tightly coupled containers.

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
    - name: nginx
      image: nginx:1.25
      ports:
        - containerPort: 80

Deployment : The most common controller for stateless applications, supporting rolling updates and rollbacks.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deploy
spec:
  replicas: 3
  selector:
    matchLabels:
      app: web
  template:
    metadata:
      labels:
        app: web
    spec:
      containers:
        - name: nginx
          image: nginx:1.25

ReplicaSet : Ensures a specified number of Pod replicas; usually managed by a Deployment.

StatefulSet : Manages stateful applications (e.g., databases) and provides stable identifiers and ordered deployment.

DaemonSet : Runs a copy of a Pod on every node, ideal for log collectors, monitoring agents, or storage daemons.

Job / CronJob : Job runs a one‑off task; CronJob schedules recurring tasks similar to Linux cron.

Service Discovery & Load Balancing

Services expose stable network endpoints for Pods and support several types.

Service : Provides a stable access point; common types are ClusterIP, NodePort, and LoadBalancer.

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: NodePort
  selector:
    app: web
  ports:
    - port: 80
      targetPort: 80
      nodePort: 30080

Ingress : Offers HTTP/HTTPS routing; requires an Ingress Controller such as Nginx.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
    - host: app.example.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: my-service
                port:
                  number: 80

Configuration & Storage

Configuration objects store non‑secret and secret data, while storage objects manage volume provisioning.

ConfigMap : Holds non‑sensitive configuration data.

apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  APP_MODE: "production"

Secret : Stores sensitive information; data is base64‑encoded.

apiVersion: v1
kind: Secret
metadata:
  name: db-secret
type: Opaque
data:
  password: cGFzc3dvcmQ=  # base64("password")

PersistentVolumeClaim (PVC) : Requests persistent storage.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi

StorageClass : Defines storage types such as SSD or HDD.

Cluster‑Level Resources

Namespace : Logical isolation for multi‑environment management (dev/test/prod).

ResourceQuota : Limits total resource consumption within a namespace.

LimitRange : Sets default and maximum resource requests/limits for individual Pods or containers.

Metadata & Security

HorizontalPodAutoscaler (HPA) : Automatically scales Pod replicas based on metrics such as CPU utilization.

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: hpa-example
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: my-deploy
  minReplicas: 2
  maxReplicas: 5
  metrics:
    - type: Resource
      resource:
        name: cpu
        target:
          type: Utilization
          averageUtilization: 60

ServiceAccount : Identity for Pods to access the Kubernetes API.

Role / ClusterRole : Define permission rules.

RoleBinding / ClusterRoleBinding : Bind users, groups, or ServiceAccounts to the defined roles.

This panoramic reference, combining concise explanations with ready‑to‑use YAML snippets, serves both as a study outline for newcomers and a quick‑lookup cheat sheet for operators.