Differences

This shows you the differences between two versions of the page.

--- devops:docker:kubernetes [2023/11/19 11:40] – [Kubernetes Command line control] skipidar
+++ devops:docker:kubernetes [2024/07/21 14:33] (current) – skipidar
@@ Line 9: / Line 9: @@
 K8s in 30 Min https://de.slideshare.net/lestrrat/kubernetes-in-30-minutes-20170310
+{{youtube>zkevzEgEFuc}}
+Glossary
+|Pod|Smallest unit of K8s. Can contain multiple containers {{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/ZS1pEtKqtQ.png?300px}}|
+|ReplicaSet| **Orchestrated by deployments.** A ReplicaSet ensures that a **specified number of pod replicas are running at any given time**. However, a Deployment is a higher-level concept that manages ReplicaSets and provides declarative updates to Pods along with a lot of other useful features. {{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/1a1gqMxnuj.png?300px}}|
+|Deployments|Manages your Pods. The Deployment object not only creates the pods but also ensures the correct number of pods is always running in the cluster, handles scalability, and takes care of updates to the pods on an ongoing basis.  {{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/IIQ1Hpm0Bd.png?300px}}|
+|Services|Write traffic to Pods. Visible inside the cluster {{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/jgduvQSMHM.png?300px}}|
+|Ingress|Make Service visible over the internets {{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/jgduvQSMHM.png?300px}}|
+|Secrets| Store SENSITIVE data and files to map those into the container {{https://s3.eu-central-1.amazonaws.com/alf-digital-wiki-pics/sharex/cYujcjPS5e.png?300px}}|
@@ Line 23: / Line 34: @@
+# list clusterrole bindings for all namespaces
+kubectl get clusterrolebindings system:node --all-namespaces -o json
+{
+    "apiVersion": "rbac.authorization.k8s.io/v1",
+    "kind": "ClusterRoleBinding",
+    "metadata": {
+        "annotations": {
+            "rbac.authorization.kubernetes.io/autoupdate": "true"
+        },
+        "creationTimestamp": "2023-11-19T11:19:05Z",
+        "labels": {
+            "kubernetes.io/bootstrapping": "rbac-defaults"
+        },
+        "name": "system:node",
+        "resourceVersion": "141",
+        "uid": "e9d7ef15-9313-4ec0-9676-521fd79073c3"
+    },
+    "roleRef": {
+        "apiGroup": "rbac.authorization.k8s.io",
+        "kind": "ClusterRole",
+        "name": "system:node"
+    }
+}
+# cubeconfig is the config-file, which makes k8s accessible
+# generates a "kubeconfig" in ~/.kube/config
+aws eks update-kubeconfig --name alf-dev-eks-auth0-eks --alias alf-dev-eks-auth0-eks
+apiVersion: v1
+clusters:
+- cluster:
+    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyY0F3SUJBZ0lJYmFmWWVvbHRNWDh3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUSFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TXpFeE1Ua3hNVEV6TXpCYUZ3MHpNekV4TVRZeE1URTRNekJhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUNldCtjeGlLNWFPV21mUit1ZUZGRVZId3JEbEdaRU5DcjBGaEx2QzBmZFRWTnJvYS9HWWRsdGIxNEMKOVF0OWErbk5pTytsWDRSUWVUMks1ZlZVUkdHaVQwV0RvR05DdFp5QkhlTXdOeThWakhtOWV4ckNnTnJ1QTVERgpGVGw5OE5vTUdYVGdjV1BKNUk4NGxSU3E4WEVCZzdJYVZNdVVMeGFyczNnb3JoN1IvaWFvdjFLNkRXYmxhODNkCk9qUkpRR28rUXFHVkFENFRieFZPYmszR21JU1ROcFp2bStUQ251MkdFcXI2MUxqWXdHNjVyb3pZbUxyd3lZNncKSU14VFdtSXIzSHlYZjc1eXRmNDkwa04xSG43T1FTNkxFSlZqdjhmMTdHMDByU2xwQTR3QlN1RlhrV3hDbFZ0QwppOUp0RFVRNzJ1QkJCNlFFVUU3T3M4eWNvTGtWQWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJSYUM3WnJIZmM3UjJUY0Q5a2FDTDdIMDRsaVNUQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQVdYM0N1TXJ2QgpjeDRIa1FnNWRPZ0thb3J4OWVheGpPRGl6L3FBT2tIOStGaUU5RnJaTUpzQmYvYzUwZ3JJMzlSNDVmQWpvSm5SCml4UTVTOEs1dmRqdUlOQ3J1L0lMcVkyY09pZG56VWowMmtlME43QXpFWDlUaXNwUkpPdXRHZlY3UjNZTUFucEMKd0ttZTJyMGpjemNvcXlWK1NxTmNyZFcvNzJqVGxuQkc2YlRPWmVZKzJWZFZkeU1VQm9JaWhPUUJQb2lia0x3awovUlZFcUxLdHRpZTVqcFRTaFlmSzdhTnB5UUprQTFxbWxqWk5nZlVkcjVmUitReHlqc2h0MG9DaTFUODM2eTRGCnFjZld0L2xjY2hjMXU2ZmJzZWlvemh1OW5ndkdNL3FVWXFVNkFVZ1daVjIzYVNzQjhqSlJna09hUlBMUXZ4anUKbjdMMkdnekUyTWkwCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+    server: https://1E8A67830070D01D369595NMD4DAB03D.gr7.eu-central-1.eks.amazonaws.com
+  name: arn:aws:eks:eu-central-1:123456789012:cluster/alf-dev-eks-auth0-eks
+contexts:
+- context:
+    cluster: arn:aws:eks:eu-central-1:123456789012:cluster/alf-dev-eks-auth0-eks
+    user: arn:aws:eks:eu-central-1:123456789012:cluster/alf-dev-eks-auth0-eks
+  name: arn:aws:eks:eu-central-1:123456789012:cluster/alf-dev-eks-auth0-eks
+current-context: arn:aws:eks:eu-central-1:123456789012:cluster/alf-dev-eks-auth0-eks
+kind: Config
+preferences: {}
+users:
+- name: arn:aws:eks:eu-central-1:123456789012:cluster/alf-dev-eks-auth0-eks
+  user:
+    exec:
+      apiVersion: client.authentication.k8s.io/v1beta1
+      args:
+      - --region
+      - eu-central-1
+      - eks
+      - get-token
+      - --cluster-name
+      - alf-dev-eks-auth0-eks
+      - --output
+      - json
+      command: aws
@@ Line 69: / Line 141: @@
 ==== Vagrant environment ====
 Use the Vagrant environment for the experiments
-https://github.com/skipidar/Vagrant-Kubernetes
+<del>https://github.com/skipidar/Vagrant-Kubernetes</del>
+https://github.com/alfrepo/Vagrant_Templates/tree/master/Workspace
@@ Line 78: / Line 152: @@
-=== On Windows - Dont deploy in minikube===
+=== Prefered: On Windows - do use minikube===
-Why not Minukube: the **minikube** may only be started from disk C:\ Otherwise it will throw an error, that it does not recognize the path.
+- install "Docker Desktop"
+- install minikube directly on Windows, in order not to mess around with port forwarding etc.
+see
+https://wiki.alf.digital/doku.php?id=devops:docker:kubernetes:tutorial-win-minikube
+=== Alternative: On Windows - Deploy in Linux-guest Vagrant VM - Minikube distribution ===
-=== On Windows - Deploy in Linux-guest Vagrant VM - Minikube distribution ===
+Challenges: redirecting the minikube console etc. is challenging.
 OS: Ubuntu
@@ Line 904: / Line 985: @@
 https://github.com/Apress/Kubernetes-Native-Development/blob/main/snippets/chapter1/webserver-deployment.yaml
+Generate deployment config with a service.
+<sxh shell>
+kubectl create deployment demo --image=springguides/demo --dry-run -o=yaml > deployment.yaml
+echo --- >> deployment.yaml
+kubectl create service clusterip demo --tcp=8080:8080 --dry-run -o=yaml >> deployment.yaml
+</sxh>
+Generated deployment config:
+<sxh shell>
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  creationTimestamp: null
+  labels:
+    app: demo
+  name: demo
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: demo
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: demo
+    spec:
+      containers:
+      - image: springguides/demo
+        name: demo
+        resources: {}
+status: {}
+</sxh>
+Lets go step by step through the config:
+<sxh shell>
+metadata:
+  creationTimestamp: null
+  labels:
+    app: demo
+  name: demo
+Assign label "app". Value: demo
+Labels help identify and categorize resources. By assigning specific labels, you can easily distinguish between different types or groups of resources within your cluster.
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: demo
+In the provided Kubernetes deployment specification, the selector section defines a criteria for matching Pods to the deployment. Let's break it down:
+selector:
+This key signifies the start of the selector configuration within the deployment spec.
+matchLabels:
+This key specifies that the selector will use labels for matching.
+app: demo:
+This entry defines the actual matching criteria. It specifies that the selector will only consider Pods with a label named app and a value of demo.
+spec:
+  replicas: 1
+    spec:
+      containers:
+      - image: springguides/demo
+        name: demo
+        resources: {}
+This defines the name assigned to the container within the Pod.
+</sxh>