cluster-architecture.md

Cluster Architecture, Installation & Configuration (25%)

kubernetes.io > Documentation > Reference > kubectl CLI > kubectl Cheat Sheet

kubernetes.io > Documentation > Tasks > Monitoring, Logging, and Debugging > Get a Shell to a Running Container

kubernetes.io > Documentation > Tasks > Access Applications in a Cluster > Configure Access to Multiple Clusters

kubernetes.io > Documentation > Tasks > Access Applications in a Cluster > Accessing Clusters using API

kubernetes.io > Documentation > Tasks > Access Applications in a Cluster > Use Port Forwarding to Access Applications in a Cluster

Setup autocomplete for k8s commands

show

source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc

Show kubeconfig settings

show

kubectl config view

Use multiple kubeconfig files at the same time

show

KUBECONFIG=~/.kube/config:~/.kube/kubconfig2

Create a role the will allow users to get, watch, and list pods and container logs

show

# create a file named role.yml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: default
  name: pod-reader
rules:
- apiGroups: [""]
  resources: ["pods", "pods/log"]
  verbs: ["get", "watch", "list"]

# create the role
kubectl apply -f role.yml

Create a role binding that binds to a role named pod-reader, applies to a user named dev

show

# create a file named role-binding.yml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: pod-reader
  namespace: default
subjects:
- kind: User
  name: dev
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: Role
  name: pod-reader
  apiGroup: rbac.authorization.k8s.io

Permanently save the namespace for all subsequent kubectl commands in that context.

show

kubectl config set-context --current --namespace=ggckad-s2

Set a context utilizing a specific username and namespace

show

kubectl config set-context gce --user=cluster-admin --namespace=foo \
  && kubectl config use-context gce

List all services in the kube-system namespace

show

kubectl get svc -n kube-system

Get pods on all namespaces

show

kubectl get po --all-namespaces

List all pods in the namespace, with more details

show

kubectl get pods -o wide

List a particular deployment

show

kubectl get deployment my-deployment

List all pods in the default namespace

show

kubectl get pods

Get pod's YAML

show

kubectl get po nginx -o yaml

Get information about the pod, including details about potential issues (e.g. pod hasn't started)

show

kubectl describe po nginx

Get pod logs

show

kubectl logs nginx

Output a pod's YAML without cluster specific information

show

kubectl get pod my-pod -o yaml

List all nodes in the cluster

show

kubectl get nodes
# or, get more information about the nodes
kubectl get nodes -o wide

Describe nodes with verbose output

show

kubectl describe nodes

List services sorted by name

show

kubectl get services --sort.by=.metadata.name

Get the external IP of all nodes

show

kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}'

Create a new namespace

show

kubectl create namespace web

List all the namespaces that exist in the cluster

show

kubectl get namespaces

Create a pod which runs an nginx container

show

kubectl run nginx --image=nginx
# or
kubectl run nginx2 --image=nginx --restart=Never --dry-run -o yaml | kubectl create -f -

Delete a pod

show

kubectl delete po nginx

Get the status of the control plane components (cluster health)

show

# check the livez endpoint 
curl -k https://localhost:6443/livez?verbose

# or

kubectl get --raw='/livez?verbose'

# check the readyz endpoint
curl -k https://localhost:6443/readyz?verbose

# or

kubectl get --raw='/readyz?verbose'

# check the healthz endpoint
curl -k https://localhost:6443/healthz?verbose

# or

kubectl get --raw='/healthz?verbose'

Kubernetes API Health Endpoints

Create a deployment with two replica pods from YAML

show

# create a deployment object using this YAML template with the following command
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    run: nginx
  name: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      run: nginx
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        run: nginx
    spec:
      containers:
      - image: nginx
        name: nginx
        resources: {}
status: {}
EOF

# create the file deploy.yaml with the content above
vim deploy.yaml
# create the deployment
kubectl apply -f deploy.yaml
# get verbose output of deployment YAML
kubectl get deploy nginx-deployment -o yaml
# add an annotation to the deployment
kubectl annotate deploy nginx mycompany.com/someannotation="chad"
# delete the deployment
kubectl delete deploy nginx

Add an annotation to a deployment

show

kubectl annotate deploy nginx mycompany.com/someannotation="chad"

Add a label to a pod

show

kubectl label pods nginx env=prod

Show labels for all pods in the cluster

show

kubectl get pods --show-labels
# or get pods with the env label
kubectl get po -L env

List all pods that are in the running state using field selectors

show

kubectl get po --field-selector status.phase=Running

List all services in the default namespace using field selectors

show

kubectl get svc --field-selector metadata.namespace=default

List all API resources in your Kubernetes cluster

show

kubectl api-resources

List the services on your Linux operating system that are associated with Kubernetes

show

systemctl list-unit-files --type service --all | grep kube

List the status of the kubelet service running on the Kubernetes node

show

systemctl status kubelet

Use the imperative command to create a pod named nginx-pod with the image nginx, but save it to a YAML file named pod.yaml instead of creating it

show

kubectl run nginx --image nginx-pod --dry-run=client -o yaml > pod.yaml

List all the services created in your Kubernetes cluster, across all namespaces

show

kubectl get svc -A