Stewart-YU
Zach Corleissen
parent
f4b9cf4581
commit
7f84d9a873
|
|
@ -293,14 +293,17 @@ The redirect capabilities have been deprecated and removed. Please use a proxy
|
||||||
|
|
||||||
There are several different proxies you may encounter when using Kubernetes:
|
There are several different proxies you may encounter when using Kubernetes:
|
||||||
|
|
||||||
1. The [kubectl proxy](#directly-accessing-the-rest-api):
|
1. The [kubectl proxy](#directly-accessing-the-rest-api):
|
||||||
|
|
||||||
- runs on a user's desktop or in a pod
|
- runs on a user's desktop or in a pod
|
||||||
- proxies from a localhost address to the Kubernetes apiserver
|
- proxies from a localhost address to the Kubernetes apiserver
|
||||||
- client to proxy uses HTTP
|
- client to proxy uses HTTP
|
||||||
- proxy to apiserver uses HTTPS
|
- proxy to apiserver uses HTTPS
|
||||||
- locates apiserver
|
- locates apiserver
|
||||||
- adds authentication headers
|
- adds authentication headers
|
||||||
1. The [apiserver proxy](#discovering-builtin-services):
|
|
||||||
|
1. The [apiserver proxy](#discovering-builtin-services):
|
||||||
|
|
||||||
- is a bastion built into the apiserver
|
- is a bastion built into the apiserver
|
||||||
- connects a user outside of the cluster to cluster IPs which otherwise might not be reachable
|
- connects a user outside of the cluster to cluster IPs which otherwise might not be reachable
|
||||||
- runs in the apiserver processes
|
- runs in the apiserver processes
|
||||||
|
|
@ -308,17 +311,23 @@ There are several different proxies you may encounter when using Kubernetes:
|
||||||
- proxy to target may use HTTP or HTTPS as chosen by proxy using available information
|
- proxy to target may use HTTP or HTTPS as chosen by proxy using available information
|
||||||
- can be used to reach a Node, Pod, or Service
|
- can be used to reach a Node, Pod, or Service
|
||||||
- does load balancing when used to reach a Service
|
- does load balancing when used to reach a Service
|
||||||
1. The [kube proxy](/docs/concepts/services-networking/service/#ips-and-vips):
|
|
||||||
|
1. The [kube proxy](/docs/concepts/services-networking/service/#ips-and-vips):
|
||||||
|
|
||||||
- runs on each node
|
- runs on each node
|
||||||
- proxies UDP and TCP
|
- proxies UDP and TCP
|
||||||
- does not understand HTTP
|
- does not understand HTTP
|
||||||
- provides load balancing
|
- provides load balancing
|
||||||
- is just used to reach services
|
- is just used to reach services
|
||||||
1. A Proxy/Load-balancer in front of apiserver(s):
|
|
||||||
|
1. A Proxy/Load-balancer in front of apiserver(s):
|
||||||
|
|
||||||
- existence and implementation varies from cluster to cluster (e.g. nginx)
|
- existence and implementation varies from cluster to cluster (e.g. nginx)
|
||||||
- sits between all clients and one or more apiservers
|
- sits between all clients and one or more apiservers
|
||||||
- acts as load balancer if there are several apiservers.
|
- acts as load balancer if there are several apiservers.
|
||||||
1. Cloud Load Balancers on external services:
|
|
||||||
|
1. Cloud Load Balancers on external services:
|
||||||
|
|
||||||
- are provided by some cloud providers (e.g. AWS ELB, Google Cloud Load Balancer)
|
- are provided by some cloud providers (e.g. AWS ELB, Google Cloud Load Balancer)
|
||||||
- are created automatically when the Kubernetes service has type `LoadBalancer`
|
- are created automatically when the Kubernetes service has type `LoadBalancer`
|
||||||
- use UDP/TCP only
|
- use UDP/TCP only
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue