2nd/10_Wiki/Topics/Cloud_Native.md

id, title, category, status, canonical_id, aliases, duplicate_of, source_trust_level, confidence_score, verification_status, tags, raw_sources, last_reinforced, github_commit, tech_stack

id	title	category	status	canonical_id	aliases	duplicate_of	source_trust_level	confidence_score	verification_status	tags	raw_sources	last_reinforced	github_commit	tech_stack
wiki-2026-0508-cloud-native	Cloud Native	10_Wiki/Topics	verified	self	CNCF Cloud-Native Computing K8s-native	none	A	0.92	applied	cloud kubernetes devops microservices containers		2026-05-10	pending	language framework Go/YAML Kubernetes/CNCF stack

Cloud Native

매 한 줄

"매 cloud-native 의 핵심: containers + orchestration + declarative API + 매 immutable infra". 매 2014 Google Borg → K8s open-source 으로 시작, 매 2026 현재 CNCF 의 200+ projects (K8s, Istio, Prometheus, Argo, Cilium) 가 매 production-grade platform 의 표준. 매 enterprise 의 90%+ 가 K8s 의 채용 (CNCF 2025 survey).

매 핵심

매 5 pillars (CNCF 정의)

• Containerization: 매 OCI image (Docker/Podman) — 매 immutable, portable.
• Microservices: 매 small, single-purpose services.
• DevOps: 매 CI/CD + culture of automation.
• Continuous Delivery: 매 GitOps (Argo CD, Flux).
• Orchestration: 매 K8s — 매 declarative scheduler.

매 K8s 의 핵심 abstractions

• Pod: 매 minimum deployable unit (1+ containers, shared net/storage).
• Deployment: 매 ReplicaSet manager — 매 rolling update.
• Service: 매 stable virtual IP / DNS for pods.
• Ingress / Gateway API: 매 L7 routing — 매 2026 Gateway API 가 stable.
• ConfigMap / Secret: 매 config injection.

매 응용

1. SaaS multi-tenant platforms (e.g., Slack, Snowflake).
2. ML model serving (KServe, Seldon Core).
3. Event-driven backends (Knative Eventing, KEDA).

💻 패턴

Deployment + Service (basic)

apiVersion: apps/v1
kind: Deployment
metadata:
  name: api
spec:
  replicas: 3
  selector:
    matchLabels: { app: api }
  template:
    metadata:
      labels: { app: api }
    spec:
      containers:
      - name: api
        image: ghcr.io/me/api:1.4.0
        ports: [{ containerPort: 8080 }]
        resources:
          requests: { cpu: 100m, memory: 128Mi }
          limits:   { cpu: 500m, memory: 512Mi }
        readinessProbe:
          httpGet: { path: /health, port: 8080 }
---
apiVersion: v1
kind: Service
metadata: { name: api }
spec:
  selector: { app: api }
  ports: [{ port: 80, targetPort: 8080 }]

HPA (Horizontal Pod Autoscaler)

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata: { name: api-hpa }
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: api
  minReplicas: 3
  maxReplicas: 30
  metrics:
  - type: Resource
    resource:
      name: cpu
      target: { type: Utilization, averageUtilization: 70 }

Gateway API (modern Ingress)

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata: { name: api-route }
spec:
  parentRefs: [{ name: prod-gateway }]
  hostnames: ["api.example.com"]
  rules:
  - matches: [{ path: { type: PathPrefix, value: /v1 } }]
    backendRefs: [{ name: api, port: 80 }]

Helm chart values pattern

# values.yaml
image:
  repo: ghcr.io/me/api
  tag: "1.4.0"
replicas: 3
resources:
  cpu: 500m
  memory: 512Mi

GitOps (Argo CD Application)

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata: { name: api }
spec:
  project: default
  source:
    repoURL: https://github.com/me/infra
    path: apps/api
    targetRevision: main
  destination:
    server: https://kubernetes.default.svc
    namespace: prod
  syncPolicy:
    automated: { prune: true, selfHeal: true }

NetworkPolicy (zero-trust default)

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata: { name: deny-all }
spec:
  podSelector: {}
  policyTypes: [Ingress, Egress]

Operator pattern (CRD)

// controller-runtime Reconciler
func (r *MyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
    var obj v1.MyResource
    if err := r.Get(ctx, req.NamespacedName, &obj); err != nil {
        return ctrl.Result{}, client.IgnoreNotFound(err)
    }
    // ensure desired state...
    return ctrl.Result{RequeueAfter: 30 * time.Second}, nil
}

매 결정 기준

상황	Approach
Small team, 1-2 services	매 managed PaaS (Fly, Render) — K8s overkill
10+ services, multi-team	K8s + GitOps (Argo)
Edge / IoT	K3s, KubeEdge
Serverless workloads	Knative or cloud Functions
Strict compliance	OpenShift / GKE Autopilot

기본값: 매 managed K8s (EKS/GKE/AKS) + Argo CD + Helm.

🔗 Graph

• 부모: Distributed Systems · DevOps
• 변형: Kubernetes · Service Mesh · Serverless
• 응용: Microservices · Platform Engineering
• Adjacent: Edge Computing · Observability · GitOps

🤖 LLM 활용

언제: 매 K8s YAML 생성, Helm chart drafting, 매 troubleshooting (kubectl describe → root cause), 매 manifest review. 언제 X: 매 cluster credentials / secrets 의 prompt 에 포함 X. 매 production drift detection 은 GitOps tooling 사용.

❌ 안티패턴

• Lift-and-shift VM mindset: 매 stateful pet servers 의 K8s 에 그대로 — 매 cattle 화 X.
• No resource limits: 매 noisy-neighbor / OOM cascade.
• Cluster-admin everywhere: 매 RBAC bypass — 매 zero-trust violation.
• Ignoring node autoscaling: 매 capacity ceiling — 매 outage during spike.
• Custom CRDs for everything: 매 ecosystem fragmentation — 매 CNCF projects 의 reuse.

🧪 검증 / 중복

• Verified (CNCF official definition, K8s docs v1.31+, 2025 CNCF survey).
• 신뢰도 A.
• 관련: Cloud Native and Microservices (duplicate, redirected).

🕓 Changelog

날짜	변경
2026-05-08	Phase 1
2026-05-10	Manual cleanup — Cloud Native canonical 정립, K8s patterns + GitOps