官术网_书友最值得收藏!

Kubernetes limitations

Although it is a powerful orchestration engine, Kubernetes doesn't have the features that are commonly required by PaaS solutions such as OpenShift and others:

  • Security:

Kubernetes namespaces are provided mainly for the purpose of resource quota enforcement for different groups of users, but they do not provide any security constraints or authentication. For example, every user from every namespace can see all other namespaces and their resources.

  • Deployments:

Kubernetes provides the means to create a deployment from an image with a single command, but doesn't create a service for external clients.

  • SCM integration:

Kubernetes doesn't support integration with SCM via webhooks to facilitate deployment.

  • Builds:

Kubernetes doesn't provide advanced build modes such as Source-to-Image (S2I) and Custom Builder.

  • Authentication:

Support for advanced authentication schemes such as LDAP, Google, GitHub, Keystone, or Kerberos is achieved only through a webhook or authenticating proxy.

  • CI/CD:

Kubernetes has no integrated application life cycle support, which makes it difficult to integrate it into a corporate software delivery framework.

All these limitations will be addressed in the OpenShift sections in subsequent chapters.

主站蜘蛛池模板: 云霄县| 江口县| 溆浦县| 甘孜| 桦甸市| 永平县| 巴青县| 乳源| 广德县| 盐源县| 漳州市| 贵南县| 讷河市| 银川市| 民丰县| 车致| 卓资县| 扎赉特旗| 苏尼特左旗| 九龙县| 怀化市| 名山县| 平定县| 乃东县| 临沂市| 深泽县| 江山市| 凌源市| 莒南县| 崇阳县| 灵宝市| 兴宁市| 嘉义市| 双城市| 来安县| 女性| 西盟| 革吉县| 上思县| 潮州市| 谷城县|