From adc008f2261d24164b4c48078ef25e21e12eae1d Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:10:14 +0100 Subject: [PATCH 1/9] chore: Add other registry and onprem solution --- docs/markdown/01-docker_reminders/01-reminders.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/markdown/01-docker_reminders/01-reminders.md b/docs/markdown/01-docker_reminders/01-reminders.md index e61e102..96f03ad 100644 --- a/docs/markdown/01-docker_reminders/01-reminders.md +++ b/docs/markdown/01-docker_reminders/01-reminders.md @@ -92,4 +92,4 @@ La registry : permet le partage d’images -Docker Hub, Google Container Registry, ... +Docker Hub, Google Container Registry, Gitlab, You Own registry ... From 23334e76195e633797e0afeafdf3b7b395737115 Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:11:08 +0100 Subject: [PATCH 2/9] chore: Add other solutions for container engine and a reference to the Container Runtime Interface --- docs/markdown/03-first_view/01-first_view.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/markdown/03-first_view/01-first_view.md b/docs/markdown/03-first_view/01-first_view.md index 1ab78c2..1dbf376 100644 --- a/docs/markdown/03-first_view/01-first_view.md +++ b/docs/markdown/03-first_view/01-first_view.md @@ -39,7 +39,10 @@ Les noeuds exécutent les applications packagées dans des containers regroupés L’exécution des Pods est gérée par les kubelet. -Kubelet est un process qui pilote l'engine docker pour deployer les resources +Kubelet est un process qui pilote le moteur de containeurs +respectant le CRI (Container Runtime Interface) +ex: +(Docker engines, CRI-O, Containerd) ##==## From 8fa8fa595ec787eed5aa1f50e3557ef9ebeb2391 Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:11:32 +0100 Subject: [PATCH 3/9] chore: Fix scope or namespace isolation --- docs/markdown/05-getting_started/02-namespace.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/markdown/05-getting_started/02-namespace.md b/docs/markdown/05-getting_started/02-namespace.md index dd4f6a5..559f337 100644 --- a/docs/markdown/05-getting_started/02-namespace.md +++ b/docs/markdown/05-getting_started/02-namespace.md @@ -8,7 +8,7 @@ # Namespace -- Espace de nom pour isoler les déploiements +- Espace de nom pour isoler les ressources - Peut être utilisé pour séparer les environnements (soft multi-tenant) - Le nom d’une ressource est unique au sein d’un namespace. - Par défaut: From 288aa942115c4b5f2c1a50cb115f270a697b59b3 Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:12:07 +0100 Subject: [PATCH 4/9] chore: Add information about restart when startupProbe failed after timeout --- docs/markdown/05-getting_started/06-liveness_readiness.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/markdown/05-getting_started/06-liveness_readiness.md b/docs/markdown/05-getting_started/06-liveness_readiness.md index 8e54b7d..46c99aa 100644 --- a/docs/markdown/05-getting_started/06-liveness_readiness.md +++ b/docs/markdown/05-getting_started/06-liveness_readiness.md @@ -23,7 +23,8 @@ Notes: Kubeproxy sortira un pod du flux si le readiness devient ko. -Kubelet va redémarrer le container si le liveness est ko. +Kubelet va redémarrer le container si le liveness est ko, +ou si la startup n'est pas OK au bout d'une durée configurée ##==## From 93213f84bf3eb390c8bdcc75d4576dec3b941d75 Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:13:06 +0100 Subject: [PATCH 5/9] chore: Add some information about secret security + Add a class to code block for a better view of environment variable --- .../06-configuration_app/01-configuration_app.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/docs/markdown/06-configuration_app/01-configuration_app.md b/docs/markdown/06-configuration_app/01-configuration_app.md index a653069..f221df0 100644 --- a/docs/markdown/06-configuration_app/01-configuration_app.md +++ b/docs/markdown/06-configuration_app/01-configuration_app.md @@ -8,7 +8,7 @@ ##==## - + # Variables d’environnement @@ -179,6 +179,10 @@ data: +Notes: + +La valeur des clés est encodé en base64, ce n'est pas du chiffrement. + ##==## @@ -205,7 +209,8 @@ $ kubectl create secret docker-registry regcred Notes: Un secret va permettre de stocker des informations sensibles, comme des mots de passe, des clés privées. - +L'objet secret permet de définir des règles de sécurité (RBAC), ex: +Les developpeurs n'ont pas accès aux secrets, les ops si ##==## From 4b5a897419b25868e22780beb1f96c4e479f2ad1 Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:13:31 +0100 Subject: [PATCH 6/9] chore: Add some information about naming and convention about labels --- docs/markdown/06-configuration_app/05-label_game.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/markdown/06-configuration_app/05-label_game.md b/docs/markdown/06-configuration_app/05-label_game.md index b5bebcd..4d5ce62 100644 --- a/docs/markdown/06-configuration_app/05-label_game.md +++ b/docs/markdown/06-configuration_app/05-label_game.md @@ -11,6 +11,10 @@ - Pour le fonctionnement interne de Kubernetes - ReplicaSet && Deployments ⇒ Pods - Services ⇒ Pods +- Recommandations de nommage + - app.kubernetes.io/name: mysql + - app.kubernetes.io/component: database + - app.kubernetes.io/part-of: wordpress ##==## From ece0f36b9a7be1a5397a0f4075b5380cd58c9746 Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:13:47 +0100 Subject: [PATCH 7/9] chore: Add some information about using custom metrics for HPA --- docs/markdown/07-upscale/02-upscale_auto.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/markdown/07-upscale/02-upscale_auto.md b/docs/markdown/07-upscale/02-upscale_auto.md index e2cda28..3645e91 100644 --- a/docs/markdown/07-upscale/02-upscale_auto.md +++ b/docs/markdown/07-upscale/02-upscale_auto.md @@ -40,7 +40,8 @@ On peut déclarer un horizontal pod autoscaler en cli ou via l’api, exemple vi Le HPA va agir sur le deployment pour monter ou descendre le nombre de pod en fonction du pourcentage de cpu consommé. -D’autres métriques peuvent être utilisés. +D’autres métriques peuvent être utilisés. Nativement CPU & RAM +Custom , nombre d'event dans un broker, nombre de requêtes/s ##==## From d5ac102c5a846686217f71dde788d48a660a7343 Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:15:31 +0100 Subject: [PATCH 8/9] chore: Remove tiller reference cause Helm 3 no longer uses. Add a small definition on Chart --- docs/markdown/09-advanced_pods/02-template.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/markdown/09-advanced_pods/02-template.md b/docs/markdown/09-advanced_pods/02-template.md index 89b0464..6735be4 100644 --- a/docs/markdown/09-advanced_pods/02-template.md +++ b/docs/markdown/09-advanced_pods/02-template.md @@ -37,10 +37,9 @@ Plutôt que de déployer un deployment + un service + un configmap + ... , on a # Template : Helm - Le plus populaire aujourd’hui +- Chart: Ensemble de manifest permettant de déployer une solution/application - Templating sur la base du moteur de template go -- Chart - Repository de chart -- Tiller et état `$ helm repo update` From a31a9a1db7950fbf96c19660aa48addad5ddef12 Mon Sep 17 00:00:00 2001 From: Guillaume Audic Date: Mon, 12 Feb 2024 22:16:41 +0100 Subject: [PATCH 9/9] chore: Add some exemple of Kubernetes distribution for bare metal. Remove unwanted $ on OVH, doesn't know if it was a joke --- docs/markdown/10-installation/01-installation.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/markdown/10-installation/01-installation.md b/docs/markdown/10-installation/01-installation.md index d600710..f53ad96 100644 --- a/docs/markdown/10-installation/01-installation.md +++ b/docs/markdown/10-installation/01-installation.md @@ -26,11 +26,13 @@ Kops : cli pour créer un cluster k8s sur des VMs chez des cloud provider AWS, G - On premise - Kubeadm + - Rke2 + - Kubespray - Cloud - GKE (Google) - AKS (Azure) - EKS (AWS) - $ OVH + - OVH - …. Notes: