bluemsi/2nd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
af11d666d27c084c274ecd770e3ada8f1875c7f2
2nd/10_Wiki/Topics/Cloud_Native.md
T
Antigravity Agent 504fd5fb42 [G1-Sync] Manual knowledge update
2026-05-10 22:08:15 +09:00

204 lines
5.8 KiB
Markdown
Raw Blame History

---
id: wiki-2026-0508-cloud-native
title: Cloud Native
category: 10_Wiki/Topics
status: verified
canonical_id: self
aliases: [CNCF, Cloud-Native Computing, K8s-native]
duplicate_of: none
source_trust_level: A
confidence_score: 0.92
verification_status: applied
tags: [cloud, kubernetes, devops, microservices, containers]
raw_sources: []
last_reinforced: 2026-05-10
github_commit: pending
tech_stack:
language: Go/YAML
framework: Kubernetes/CNCF stack
---
# Cloud Native
## 매 한 줄
> **"매 cloud-native 의 핵심: containers + orchestration + declarative API + 매 immutable infra"**. 매 2014 Google Borg → K8s open-source 으로 시작, 매 2026 현재 CNCF 의 200+ projects (K8s, Istio, Prometheus, Argo, Cilium) 가 매 production-grade platform 의 표준. 매 enterprise 의 90%+ 가 K8s 의 채용 (CNCF 2025 survey).
## 매 핵심
### 매 5 pillars (CNCF 정의)
- **Containerization**: 매 OCI image (Docker/Podman) — 매 immutable, portable.
- **Microservices**: 매 small, single-purpose services.
- **DevOps**: 매 CI/CD + culture of automation.
- **Continuous Delivery**: 매 GitOps (Argo CD, Flux).
- **Orchestration**: 매 K8s — 매 declarative scheduler.
### 매 K8s 의 핵심 abstractions
- **Pod**: 매 minimum deployable unit (1+ containers, shared net/storage).
- **Deployment**: 매 ReplicaSet manager — 매 rolling update.
- **Service**: 매 stable virtual IP / DNS for pods.
- **Ingress / Gateway API**: 매 L7 routing — 매 2026 Gateway API 가 stable.
- **ConfigMap / Secret**: 매 config injection.
### 매 응용
1. SaaS multi-tenant platforms (e.g., Slack, Snowflake).
2. ML model serving (KServe, Seldon Core).
3. Event-driven backends (Knative Eventing, KEDA).
## 💻 패턴
### Deployment + Service (basic)
```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: api
spec:
replicas: 3
selector:
matchLabels: { app: api }
template:
metadata:
labels: { app: api }
spec:
containers:
- name: api
image: ghcr.io/me/api:1.4.0
ports: [{ containerPort: 8080 }]
resources:
requests: { cpu: 100m, memory: 128Mi }
limits: { cpu: 500m, memory: 512Mi }
readinessProbe:
httpGet: { path: /health, port: 8080 }
---
apiVersion: v1
kind: Service
metadata: { name: api }
spec:
selector: { app: api }
ports: [{ port: 80, targetPort: 8080 }]
```
### HPA (Horizontal Pod Autoscaler)
```yaml
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata: { name: api-hpa }
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: api
minReplicas: 3
maxReplicas: 30
metrics:
- type: Resource
resource:
name: cpu
target: { type: Utilization, averageUtilization: 70 }
```
### Gateway API (modern Ingress)
```yaml
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata: { name: api-route }
spec:
parentRefs: [{ name: prod-gateway }]
hostnames: ["api.example.com"]
rules:
- matches: [{ path: { type: PathPrefix, value: /v1 } }]
backendRefs: [{ name: api, port: 80 }]
```
### Helm chart values pattern
```yaml
# values.yaml
image:
repo: ghcr.io/me/api
tag: "1.4.0"
replicas: 3
resources:
cpu: 500m
memory: 512Mi
```
### GitOps (Argo CD Application)
```yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata: { name: api }
spec:
project: default
source:
repoURL: https://github.com/me/infra
path: apps/api
targetRevision: main
destination:
server: https://kubernetes.default.svc
namespace: prod
syncPolicy:
automated: { prune: true, selfHeal: true }
```
### NetworkPolicy (zero-trust default)
```yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata: { name: deny-all }
spec:
podSelector: {}
policyTypes: [Ingress, Egress]
```
### Operator pattern (CRD)
```go
// controller-runtime Reconciler
func (r *MyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
var obj v1.MyResource
if err := r.Get(ctx, req.NamespacedName, &obj); err != nil {
return ctrl.Result{}, client.IgnoreNotFound(err)
}
// ensure desired state...
return ctrl.Result{RequeueAfter: 30 * time.Second}, nil
}
```
## 매 결정 기준
| 상황 | Approach |
|---|---|
| Small team, 1-2 services | 매 managed PaaS (Fly, Render) — K8s overkill |
| 10+ services, multi-team | K8s + GitOps (Argo) |
| Edge / IoT | K3s, KubeEdge |
| Serverless workloads | Knative or cloud Functions |
| Strict compliance | OpenShift / GKE Autopilot |
**기본값**: 매 managed K8s (EKS/GKE/AKS) + Argo CD + Helm.
## 🔗 Graph
- 부모: [[Distributed Systems]] · [[DevOps]]
- 변형: [[Kubernetes]] · [[Service Mesh]] · [[Serverless]]
- 응용: [[Microservices]] · [[Platform Engineering]]
- Adjacent: [[Edge Computing]] · [[Observability]] · [[GitOps]]
## 🤖 LLM 활용
**언제**: 매 K8s YAML 생성, Helm chart drafting, 매 troubleshooting (kubectl describe → root cause), 매 manifest review.
**언제 X**: 매 cluster credentials / secrets 의 prompt 에 포함 X. 매 production drift detection 은 GitOps tooling 사용.
## ❌ 안티패턴
- **Lift-and-shift VM mindset**: 매 stateful pet servers 의 K8s 에 그대로 — 매 cattle 화 X.
- **No resource limits**: 매 noisy-neighbor / OOM cascade.
- **Cluster-admin everywhere**: 매 RBAC bypass — 매 zero-trust violation.
- **Ignoring node autoscaling**: 매 capacity ceiling — 매 outage during spike.
- **Custom CRDs for everything**: 매 ecosystem fragmentation — 매 CNCF projects 의 reuse.
## 🧪 검증 / 중복
- Verified (CNCF official definition, K8s docs v1.31+, 2025 CNCF survey).
- 신뢰도 A.
- 관련: [[Cloud Native and Microservices]] (duplicate, redirected).
## 🕓 Changelog
| 날짜 | 변경 |
|---|---|
| 2026-05-08 | Phase 1 |
| 2026-05-10 | Manual cleanup — Cloud Native canonical 정립, K8s patterns + GitOps |
Reference in New Issue View Git Blame Copy Permalink