--- id: wiki-2026-0508-cloud-native title: Cloud Native category: 10_Wiki/Topics status: verified canonical_id: self aliases: [CNCF, Cloud-Native Computing, K8s-native] duplicate_of: none source_trust_level: A confidence_score: 0.92 verification_status: applied tags: [cloud, kubernetes, devops, microservices, containers] raw_sources: [] last_reinforced: 2026-05-10 github_commit: pending tech_stack: language: Go/YAML framework: Kubernetes/CNCF stack --- # Cloud Native ## 매 한 줄 > **"매 cloud-native 의 핵심: containers + orchestration + declarative API + 매 immutable infra"**. 매 2014 Google Borg → K8s open-source 으로 시작, 매 2026 현재 CNCF 의 200+ projects (K8s, Istio, Prometheus, Argo, Cilium) 가 매 production-grade platform 의 표준. 매 enterprise 의 90%+ 가 K8s 의 채용 (CNCF 2025 survey). ## 매 핵심 ### 매 5 pillars (CNCF 정의) - **Containerization**: 매 OCI image (Docker/Podman) — 매 immutable, portable. - **Microservices**: 매 small, single-purpose services. - **DevOps**: 매 CI/CD + culture of automation. - **Continuous Delivery**: 매 GitOps (Argo CD, Flux). - **Orchestration**: 매 K8s — 매 declarative scheduler. ### 매 K8s 의 핵심 abstractions - **Pod**: 매 minimum deployable unit (1+ containers, shared net/storage). - **Deployment**: 매 ReplicaSet manager — 매 rolling update. - **Service**: 매 stable virtual IP / DNS for pods. - **Ingress / Gateway API**: 매 L7 routing — 매 2026 Gateway API 가 stable. - **ConfigMap / Secret**: 매 config injection. ### 매 응용 1. SaaS multi-tenant platforms (e.g., Slack, Snowflake). 2. ML model serving (KServe, Seldon Core). 3. Event-driven backends (Knative Eventing, KEDA). ## 💻 패턴 ### Deployment + Service (basic) ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: api spec: replicas: 3 selector: matchLabels: { app: api } template: metadata: labels: { app: api } spec: containers: - name: api image: ghcr.io/me/api:1.4.0 ports: [{ containerPort: 8080 }] resources: requests: { cpu: 100m, memory: 128Mi } limits: { cpu: 500m, memory: 512Mi } readinessProbe: httpGet: { path: /health, port: 8080 } --- apiVersion: v1 kind: Service metadata: { name: api } spec: selector: { app: api } ports: [{ port: 80, targetPort: 8080 }] ``` ### HPA (Horizontal Pod Autoscaler) ```yaml apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: { name: api-hpa } spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: api minReplicas: 3 maxReplicas: 30 metrics: - type: Resource resource: name: cpu target: { type: Utilization, averageUtilization: 70 } ``` ### Gateway API (modern Ingress) ```yaml apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: { name: api-route } spec: parentRefs: [{ name: prod-gateway }] hostnames: ["api.example.com"] rules: - matches: [{ path: { type: PathPrefix, value: /v1 } }] backendRefs: [{ name: api, port: 80 }] ``` ### Helm chart values pattern ```yaml # values.yaml image: repo: ghcr.io/me/api tag: "1.4.0" replicas: 3 resources: cpu: 500m memory: 512Mi ``` ### GitOps (Argo CD Application) ```yaml apiVersion: argoproj.io/v1alpha1 kind: Application metadata: { name: api } spec: project: default source: repoURL: https://github.com/me/infra path: apps/api targetRevision: main destination: server: https://kubernetes.default.svc namespace: prod syncPolicy: automated: { prune: true, selfHeal: true } ``` ### NetworkPolicy (zero-trust default) ```yaml apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: { name: deny-all } spec: podSelector: {} policyTypes: [Ingress, Egress] ``` ### Operator pattern (CRD) ```go // controller-runtime Reconciler func (r *MyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { var obj v1.MyResource if err := r.Get(ctx, req.NamespacedName, &obj); err != nil { return ctrl.Result{}, client.IgnoreNotFound(err) } // ensure desired state... return ctrl.Result{RequeueAfter: 30 * time.Second}, nil } ``` ## 매 결정 기준 | 상황 | Approach | |---|---| | Small team, 1-2 services | 매 managed PaaS (Fly, Render) — K8s overkill | | 10+ services, multi-team | K8s + GitOps (Argo) | | Edge / IoT | K3s, KubeEdge | | Serverless workloads | Knative or cloud Functions | | Strict compliance | OpenShift / GKE Autopilot | **기본값**: 매 managed K8s (EKS/GKE/AKS) + Argo CD + Helm. ## 🔗 Graph - 부모: [[Distributed Systems]] · [[DevOps]] - 변형: [[Kubernetes]] · [[Service Mesh]] · [[Serverless]] - 응용: [[Microservices]] · [[Platform Engineering]] - Adjacent: [[Edge Computing]] · [[Observability]] · [[GitOps]] ## 🤖 LLM 활용 **언제**: 매 K8s YAML 생성, Helm chart drafting, 매 troubleshooting (kubectl describe → root cause), 매 manifest review. **언제 X**: 매 cluster credentials / secrets 의 prompt 에 포함 X. 매 production drift detection 은 GitOps tooling 사용. ## ❌ 안티패턴 - **Lift-and-shift VM mindset**: 매 stateful pet servers 의 K8s 에 그대로 — 매 cattle 화 X. - **No resource limits**: 매 noisy-neighbor / OOM cascade. - **Cluster-admin everywhere**: 매 RBAC bypass — 매 zero-trust violation. - **Ignoring node autoscaling**: 매 capacity ceiling — 매 outage during spike. - **Custom CRDs for everything**: 매 ecosystem fragmentation — 매 CNCF projects 의 reuse. ## 🧪 검증 / 중복 - Verified (CNCF official definition, K8s docs v1.31+, 2025 CNCF survey). - 신뢰도 A. - 관련: [[Cloud Native and Microservices]] (duplicate, redirected). ## 🕓 Changelog | 날짜 | 변경 | |---|---| | 2026-05-08 | Phase 1 | | 2026-05-10 | Manual cleanup — Cloud Native canonical 정립, K8s patterns + GitOps |