官术网_书友最值得收藏!

Kubernetes limitations

Although it is a powerful orchestration engine, Kubernetes doesn't have the features that are commonly required by PaaS solutions such as OpenShift and others:

  • Security:

Kubernetes namespaces are provided mainly for the purpose of resource quota enforcement for different groups of users, but they do not provide any security constraints or authentication. For example, every user from every namespace can see all other namespaces and their resources.

  • Deployments:

Kubernetes provides the means to create a deployment from an image with a single command, but doesn't create a service for external clients.

  • SCM integration:

Kubernetes doesn't support integration with SCM via webhooks to facilitate deployment.

  • Builds:

Kubernetes doesn't provide advanced build modes such as Source-to-Image (S2I) and Custom Builder.

  • Authentication:

Support for advanced authentication schemes such as LDAP, Google, GitHub, Keystone, or Kerberos is achieved only through a webhook or authenticating proxy.

  • CI/CD:

Kubernetes has no integrated application life cycle support, which makes it difficult to integrate it into a corporate software delivery framework.

All these limitations will be addressed in the OpenShift sections in subsequent chapters.

主站蜘蛛池模板: 甘德县| 宁海县| 惠水县| 伊吾县| 新竹县| 西畴县| 名山县| 炎陵县| 淄博市| 呼玛县| 康保县| 民勤县| 商南县| 麻城市| 五河县| 左云县| 伊宁县| 五河县| 渑池县| 民和| 资源县| 武安市| 内乡县| 桂东县| 旬阳县| 敦煌市| 长白| 南乐县| 喀什市| 柳林县| 安乡县| 阳朔县| 宜城市| 海丰县| 汉寿县| 拜泉县| 杭州市| 宁安市| 敦化市| 云和县| 静海县|