Difference between revisions of "IT-SDK-Kubernetes-YAML"

From wiki.samerhijazi.net
Jump to navigation Jump to search
(Yaml-Collection)
(Yaml-Collection)
Line 93: Line 93:
 
metadata (name, labels, namespace)
 
metadata (name, labels, namespace)
 
spec (ports, selector)
 
spec (ports, selector)
 +
</pre>
 +
<pre class="code">
 +
kind: Route
 +
metadata (labels, name)
 +
spec (port, to, tls)
 +
</pre>
 +
<pre class="code">
 +
kind: HorizontalPodAutoscaler
 +
metadata     
 +
spec (minReplicas, maxReplicas, scaleTargetRef, targetCPUUtilizationPercentage)
 
</pre>
 
</pre>
  

Revision as of 18:54, 18 November 2019

Introduction

...

  • Cluster >>> Nodes >>> Deployments >>> Pods (Endpoint) >>> Containers (App) >> Service (s:app=A)
  • Master-Components:
  • Node-Components: kubelet, kube-proxy
  • Deleting a deployment does not delete the endpoints (Pod) or services.
  • Deployment: primary purpose is to declare how many replicas of a pod should be running at a time.
  • Resource: ???
  • Persistent Volumes: To store data permanently
  • Isolation between pods

... Services

  • Ingress: communicate with a service running in a pod >> Ingress-Controller / LoadBalancer
  • Service in Kubernetes defines a logical set of Pods and a policy by which to access them.
  • The set of Pods targeted by a Service is usually determined by a LabelSelector
  • Services can be exposed in different ways by specifying a type in the ServiceSpec.
  • Typ: ClusterIP, NodePort, LoadBalancer, ExternalName

...

  • Node: Has a Node-IP
  • Pod: Has an Endpoint-IP
  • Service: Has a Cluster-IP

Infrastructure

Linux-Admin

$ vi /etc/sudoers.d #Add: student ALL=(ALL) ALL
$ PATH=$PATH:/usr/sbin:/sbin
$ export PATH="/home/sh/.minishift/cache/oc/v3.11.0/linux:$PATH"
$ tar -xvf filename
$ ip addr show
$ vim /etc/hosts
$ less filaname.txt # Dispaly the contents of a file
$ cat filename.txt # Display the content of a file
$ tee filename.txt # Redirect output to multiple files

Install kubectl

curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
sudo install kubectl /sdk/bin

Install minikube

curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 && chmod +x minikube
sudo install minikube /sdk/bin

Life Cycle: kubeadm

Yaml-ClusterConfiguration

apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: 1.15.1
controlPlaneEndpoint: "k8smaster:6443"
networking:
   podSubnet: 192.168.0.0/16

Commands

$ kubeadm init
$ kubeadm join
$ kubeadm config
$ kubeadm token

Life Cycle: kubectl

YAML

Yaml-Collection

kind: Config
preferences: {}
clusters (cluster, name)
users (name, user)
contexts (cluster, namespace, user)
current-context

kind: Deployment
metadata (name, labels, namespace)
spec (replicas, template)
- template (metadata, spec)
--- spec (containers, volumes, nodeSelector)
---- containers (name, image, imagePullPolicy, ports, env, securityContext, volumeMounts)

kind: Service
metadata (name, labels, namespace)
spec (ports, selector)

kind: Route
metadata (labels, name)
spec (port, to, tls)

kind: HorizontalPodAutoscaler
metadata      
spec (minReplicas, maxReplicas, scaleTargetRef, targetCPUUtilizationPercentage)

Yaml-Config

apiVersion: v1
kind: Config
preferences: {}
clusters:
- cluster:
    certificate-authority: fake-ca-file
    server: https://1.2.3.4
  name: development
- cluster:
    insecure-skip-tls-verify: true
    server: https://5.6.7.8
  name: scratch
contexts:
- context:
    cluster: development
    namespace: frontend
    user: developer
  name: dev-frontend
- context:
    cluster: development
    namespace: storage
    user: developer
  name: dev-storage
- context:
    cluster: scratch
    namespace: default
    user: experimenter
  name: exp-scratch
users:
- name: developer
  user:  
    client-certificate: fake-cert-file
    client-key: fake-key-file
- name: experimenter
  user:
    password: some-password
    username: exp  
current-context: dev-frontend

Yaml-Service

commands

$ kubectl config --kubeconfig=$CONFIG_FILE
$ kubectl config --kubeconfig=$KONFIG_FILE use-context $CONTEXT_NAME
...
$ kubectl get namespaces
$ kubectl get nodes
$ kubectl get depolyments
$ kubectl get pods
$ kubectl get service
$ kubectl get endpoints
...
kubectl create deployment nginx --image=nginx
kubectl get deployments
kubectl get deployment nginx -o yaml > first.yaml
kubectl replace -f first.yaml
kubectl expose deployment/nginx
kubectl expose deployment nginx --type=LoadBalancer
kubectl get deploy nginx
kubectl get pod nginx
kubectl get svc nginx
kubectl get ep nginx
kubectl describe pod nginx-1234567890
kubectl scale deployment nginx --replicas=3
kubectl exec nginx-1234567890 -- printenv
...
kubectl delete deployments nginx
kubectl delete ep nginx
kubectl delete svc nginx

Schulung

Introduction

Basics of Kubernetes

Installation and Configuration

[user@master:~$] sudo -i
[root@master:~$] apt-get update && apt-get upgrade -y
[root@master:~$] apt-get install -y docker.io
[root@master:~$] vim /etc/apt/sources.list.d/kubernetes.list # add: deb http://apt.kubernetes.io/ kubernetes-xenial main
[root@master:~$] curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
[root@master:~$] apt-get update
[root@master:~$] apt-get install -y kubeadm=1.15.1-00 kubelet=1.15.1-00 kubectl=1.15.1-00
[root@master:~$] wget https://tinyurl.com/yb4xturm -O rbac-kdd.yaml
[root@master:~$] wget https://tinyurl.com/y8lvqc9g -O calico.yaml
[root@master:~$] less calico.yaml
[root@master:~$] vim kubeadm-config.yaml # Add: Kubernetes-Version, Node-Alais, IP-Range
[root@master:~$] kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.out # Save output for future review
[root@master:~$] exit
...
[user@master:~$] mkdir -p $HOME/.kube
[user@master:~$] sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[user@master:~$] sudo chown $(id -u):$(id -g) $HOME/.kube/config
[user@master:~$] less .kube/config
[user@master:~$] sudo cp /root/rbac-kdd.yaml .
[user@master:~$] kubectl apply -f rbac-kdd.yaml
[user@master:~$] sudo cp /root/calico.yaml .
[user@master:~$] kubectl apply -f calico.yaml
[user@master:~$] source <(kubectl completion bash)
[user@master:~$] echo "source <(kubectl completion bash)" >> ~/.bashrc
[user@master:~$] kubectl des<Tab> n<Tab><Tab> lfs458-<Tab>
[user@master:~$] kubectl -n kube-s<Tab> g<Tab> po<Tab>
[user@master:~$] sudo kubeadm config print init-defaults
...
[user@k8s-node01:~$] sudo -i
[root@k8s-node01:~$] apt-get update && apt-get upgrade -y
[root@k8s-node01:~$] apt-get install -y docker.io
[root@k8s-node01:~$] vim /etc/apt/sources.list.d/kubernetes.list >>>> add:deb http://apt.kubernetes.io/ kubernetes-xenial main
[root@k8s-node01:~$] curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
[root@k8s-node01:~$] apt-get update
[root@k8s-node01:~$] apt-get install -y kubeadm=1.15.1-00 kubelet=1.15.1-00 kubectl=1.15.1-00
[root@k8s-node01:~$] exit
...
[user@master:~$] ip addr show ens4 | grep inet
[user@master:~$] sudo kubeadm token list
[user@master:~$] sudo kubeadm token create
[user@master:~$] openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
...
[root@k8s-node01:~$] vim /etc/hosts
[root@k8s-node01:~$] kubeadm join --token 27eee4.6e66ff60318da929 k8smaster:6443 --discovery-token-ca-cert-hash sha256:6d541678b05652e1fa5d43908e75e67376e994c3483d6683f2a18673e5d2a1b0
[root@k8s-node01:~$] exit
[user@k8s-node01:~$] kubectl get nodes
[user@k8s-node01:~$] ls -l .kube
...

Kubernetes Architecture

APIs and Access

API Objects

Managing State With Deployments

Services

Volumes and Data

Ingress

Scheduling

Logging and Troubleshooting

Custom Resource Definition

Helm

Security

High Availability

Retrieved from "http://wiki.samerhijazi.net/index.php?title=IT-SDK-Kubernetes-YAML&oldid=370"