- Learn OpenShift
- Denis Zuev Artemii Kropachev Aleksey Usov
- 179字
- 2021-08-13 16:03:53
Kubernetes limitations
Although it is a powerful orchestration engine, Kubernetes doesn't have the features that are commonly required by PaaS solutions such as OpenShift and others:
- Security:
Kubernetes namespaces are provided mainly for the purpose of resource quota enforcement for different groups of users, but they do not provide any security constraints or authentication. For example, every user from every namespace can see all other namespaces and their resources.
- Deployments:
Kubernetes provides the means to create a deployment from an image with a single command, but doesn't create a service for external clients.
- SCM integration:
Kubernetes doesn't support integration with SCM via webhooks to facilitate deployment.
- Builds:
Kubernetes doesn't provide advanced build modes such as Source-to-Image (S2I) and Custom Builder.
- Authentication:
Support for advanced authentication schemes such as LDAP, Google, GitHub, Keystone, or Kerberos is achieved only through a webhook or authenticating proxy.
- CI/CD:
Kubernetes has no integrated application life cycle support, which makes it difficult to integrate it into a corporate software delivery framework.
All these limitations will be addressed in the OpenShift sections in subsequent chapters.
- Linux運(yùn)維實(shí)戰(zhàn):CentOS7.6操作系統(tǒng)從入門到精通
- Cybersecurity:Attack and Defense Strategies
- 鴻蒙生態(tài):開啟萬物互聯(lián)的智慧新時(shí)代
- Learning Android Intents
- Persistence in PHP with the Doctrine ORM
- 精通Linux內(nèi)核開發(fā)
- 嵌入式操作系統(tǒng)(Linux篇)(微課版)
- 零基礎(chǔ)學(xué)鴻蒙PC:新一代國產(chǎn)操作系統(tǒng)
- VMware NSX Cookbook
- Mastering Reactive JavaScript
- Vim 8文本處理實(shí)戰(zhàn)
- 跟老男孩學(xué)Linux運(yùn)維:Shell編程實(shí)戰(zhàn)
- Windows 10從新手到高手
- Learning BeagleBone
- Advanced Infrastructure Penetration Testing