Authorization :Kubernetes does not currently have an authorization system. Anyone with the cluster password can do anything. We plan to add sophisticated authorization, and to make it pluggable. See the access control design doc and this issue.
Annotation : A key/value pair that can hold large (compared to a Label), and possibly not human-readable data. Intended to store non-identifying metadata associated with an object, such as provenance information. Not indexed.
Image : A Docker Image. See images.
Label : A key/value pair conveying user-defined identifying attributes of an object, and used to form sets of related objects, such as pods which are replicas in a load-balanced service. Not intended to hold large or non-human-readable data. See labels.
Name : A user-provided name for an object. See identifiers.
Namespace : A namespace is like a prefix to the name of an object. You can configure your client to use a particular namespace, so you do not have to type it all the time. Namespaces allow multiple projects to prevent naming collisions between unrelated teams.
Pod : A collection of containers which will be scheduled onto the same node, which share and an IP and port space, and which can be created/destroyed together. See pods.
Replication Controller : A replication controller ensures that a specified number of pod "replicas" are running at any one time. Both allows for easy scaling of replicated systems, and handles restarting of a Pod when the machine it is on reboots or otherwise fails.
Resource : CPU, memory, and other things that a pod can request. See resources.
Selector : An expression that matches Labels. Can identify related objects, such as pods which are replicas in a load-balanced service. See labels.
Service
: A load-balanced set of pods
which can be accessed via a single stable IP address. See services.
UID : An identifier on all Kubernetes objects that is set by the Kubernetes API server. Can be used to distinguish between historical occurrences of same-Name objects. See identifiers.
Volume : A directory, possibly with some data in it, which is accessible to a Container as part of its filesystem. Kubernetes Volumes build upon Docker Volumes, adding provisioning of the Volume directory and/or device. See volumes.