https://socake.github.io/docs/kubernetes/Recent content in Kubernetes on 黄文卓 | DevOps EngineerHugo -- gohugo.iozh-CN17691281867@163.com (Wenzhuo Huang)17691281867@163.com (Wenzhuo Huang)© 2026 Wenzhuo HuangMon, 01 Dec 2025 00:00:00 +0000https://socake.github.io/docs/kubernetes/%E4%BA%91%E5%8E%9F%E7%94%9F%E5%AD%98%E5%82%A8%E6%96%B9%E6%A1%88/Tue, 09 Dec 2025 17:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/%E4%BA%91%E5%8E%9F%E7%94%9F%E5%AD%98%E5%82%A8%E6%96%B9%E6%A1%88/系统梳理 AWS EBS、EFS、S3 在 Kubernetes 中的使用方式，覆盖 StorageClass 配置、动态供给、性能测试与数据备份策略，附阿里云 NAS/OSS 对比。https://socake.github.io/docs/kubernetes/aws-iam%E6%9D%83%E9%99%90%E7%AE%A1%E7%90%86/Tue, 09 Dec 2025 16:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/aws-iam%E6%9D%83%E9%99%90%E7%AE%A1%E7%90%86/从 IAM 核心概念到 IRSA/GitHub Actions OIDC 联合身份，再到权限边界与 SCP，系统梳理 AWS IAM 在生产环境的最佳实践。https://socake.github.io/docs/kubernetes/aws-eks%E5%AE%9E%E6%88%98/Tue, 09 Dec 2025 15:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/aws-eks%E5%AE%9E%E6%88%98/覆盖 EKS 核心架构、eksctl/aws cli 常用操作、IRSA 原理与配置、VPC CNI 网络限制、升级流程及常见故障排查。https://socake.github.io/docs/kubernetes/helm%E4%BD%BF%E7%94%A8%E6%8C%87%E5%8D%97/Tue, 09 Dec 2025 11:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/helm%E4%BD%BF%E7%94%A8%E6%8C%87%E5%8D%97/Helm 从入门到生产实践：Chart 结构、values 覆盖、模板语法、–atomic/–wait 等生产参数，以及常用 Chart 安装示例。https://socake.github.io/docs/kubernetes/ingress%E9%85%8D%E7%BD%AE%E5%AE%9E%E8%B7%B5/Tue, 09 Dec 2025 11:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/ingress%E9%85%8D%E7%BD%AE%E5%AE%9E%E8%B7%B5/从 Ingress 概念到生产实践：nginx/traefik/ALB 选型对比、TLS 自动签发、canary 灰度发布、限速超时等常用 annotations 详解。https://socake.github.io/docs/kubernetes/k8s-%E5%AE%89%E5%85%A8%E5%8A%A0%E5%9B%BA/Tue, 09 Dec 2025 11:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/k8s-%E5%AE%89%E5%85%A8%E5%8A%A0%E5%9B%BA/K8s 安全加固从 Pod 到集群：SecurityContext 配置、网络策略隔离、Secret 安全管理、镜像漏洞扫描、RBAC 最小权限原则的落地实践。https://socake.github.io/docs/kubernetes/k8s-%E6%95%85%E9%9A%9C%E6%8E%92%E6%9F%A5sop/Tue, 09 Dec 2025 11:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/k8s-%E6%95%85%E9%9A%9C%E6%8E%92%E6%9F%A5sop/从现象到根因的 K8s 故障排查全流程：Pod 异常状态、Node NotReady、Service 不通、存储挂载失败等场景的系统化排查方法。https://socake.github.io/docs/kubernetes/k8s-%E9%9B%86%E7%BE%A4%E5%8D%87%E7%BA%A7/Tue, 09 Dec 2025 11:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/k8s-%E9%9B%86%E7%BE%A4%E5%8D%87%E7%BA%A7/K8s 集群升级全流程：从版本兼容性检查、etcd 备份、EKS 托管升级命令，到节点蓝绿替换、PDB 配置、pluto 工具检测废弃 API，再到常见升级问题处理。https://socake.github.io/docs/kubernetes/k8s-hpa%E5%BC%B9%E6%80%A7%E4%BC%B8%E7%BC%A9/Tue, 09 Dec 2025 10:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/k8s-hpa%E5%BC%B9%E6%80%A7%E4%BC%B8%E7%BC%A9/从 HPA v2 到 KEDA 事件驱动伸缩，覆盖 CPU/内存/自定义指标配置、防抖参数调优、VPA 推荐器集成和生产级弹性伸缩最佳实践。https://socake.github.io/docs/kubernetes/k8s-rbac%E6%9D%83%E9%99%90%E7%AE%A1%E7%90%86/Tue, 09 Dec 2025 10:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/k8s-rbac%E6%9D%83%E9%99%90%E7%AE%A1%E7%90%86/从 RBAC 核心概念到生产级多租户权限设计，涵盖 ServiceAccount 最小权限、kubectl auth can-i 排查和命名空间隔离实践。https://socake.github.io/docs/kubernetes/k8s-%E5%AD%98%E5%82%A8pvc/Tue, 09 Dec 2025 10:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/k8s-%E5%AD%98%E5%82%A8pvc/从 PV/PVC 基础概念到生产级 CSI 配置，涵盖动态供给、StatefulSet 存储、AWS EBS/EFS、阿里云云盘/NAS 以及数据迁移实践。https://socake.github.io/docs/kubernetes/k8s-%E7%BD%91%E7%BB%9C%E4%B8%8Eservice/Tue, 09 Dec 2025 10:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/k8s-%E7%BD%91%E7%BB%9C%E4%B8%8Eservice/从 K8s 网络基础模型到生产级 Service 配置，覆盖 CNI 插件对比、kube-proxy 模式选择、DNS 解析规则和排查思路。https://socake.github.io/docs/kubernetes/k8s-%E8%B5%84%E6%BA%90%E7%AE%A1%E7%90%86/Tue, 09 Dec 2025 10:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/k8s-%E8%B5%84%E6%BA%90%E7%AE%A1%E7%90%86/从 CPU throttling 到内存 OOMKill，从 QoS 分类到驱逐优先级，系统梳理 Kubernetes 资源管理机制与生产调优实践。https://socake.github.io/docs/kubernetes/%E5%8F%AF%E8%A7%82%E6%B5%8B%E6%80%A7%E5%BB%BA%E8%AE%BE/Mon, 08 Dec 2025 15:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/%E5%8F%AF%E8%A7%82%E6%B5%8B%E6%80%A7%E5%BB%BA%E8%AE%BE/记录在多套 K8s 集群上建立统一可观测性平台的实践经验，包含 Prometheus 采集配置、告警规则设计、Grafana Dashboard 组织方式，以及跨集群日志聚合的 Loki 部署方案。https://socake.github.io/docs/kubernetes/argocd-gitops%E5%AE%9E%E8%B7%B5/Mon, 08 Dec 2025 14:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/argocd-gitops%E5%AE%9E%E8%B7%B5/记录在多套 K8s 集群（AWS EKS + 阿里云 ACK）上落地 GitOps 的完整过程：目录结构设计、Kustomize overlay 环境差异管理、ArgoCD ApplicationSet 自动化、以及真实踩过的坑。https://socake.github.io/docs/kubernetes/karpenter-%E5%BC%B9%E6%80%A7%E8%8A%82%E7%82%B9/Mon, 08 Dec 2025 13:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/karpenter-%E5%BC%B9%E6%80%A7%E8%8A%82%E7%82%B9/Karpenter 替代 Cluster Autoscaler 的完整实践：NodePool 约束配置、EC2NodeClass 实例选型、consolidation 节点整合降本、Spot 实例容错，以及多套集群配置的组织方式。https://socake.github.io/docs/kubernetes/kubectl-%E5%91%BD%E4%BB%A4%E9%80%9F%E6%9F%A5/Mon, 08 Dec 2025 11:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/kubectl-%E5%91%BD%E4%BB%A4%E9%80%9F%E6%9F%A5/kubectl 实用命令手册，按场景分类整理，涵盖资源查看、Pod调试、日志查看、滚动更新、扩缩容、强制删除等高频操作。https://socake.github.io/docs/kubernetes/kubernetes-%E6%A0%B8%E5%BF%83%E6%9E%B6%E6%9E%84/Mon, 08 Dec 2025 10:00:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/docs/kubernetes/kubernetes-%E6%A0%B8%E5%BF%83%E6%9E%B6%E6%9E%84/深入理解 Kubernetes 控制面与工作节点各组件的职责与交互关系，结合生产环境实际经验，梳理核心资源对象与调度原理。