------------------------
Kubernetes basic concept
------------------------
1. Create a namespace called frontend
ns-> namespace
[root@master kube]# kc create ns fronend
# kc get ns
2. Create a pod name nginx in frontend namespace. usig nginx image
# kc run nginx --image=nginx -n frontend
[root@master kube]# kc create ns frontend
namespace/frontend created
[root@master kube]# kc run nginx --image=nginx -n frontend
pod/nginx created
[root@master kube]# kc get ns | grep frontend
frontend Active 2m2s
[root@master kube]# kc get pods | grep nginx
nginx-f89759699-hxfnp 0/1 Pending 0 24d
[root@master kube]#
3. Get list of al lpods in kibe-system namespace and write the output to /root/kube-system-pods.txt
[root@master kube]# kc get pods -n kube-system
[root@master kube]# kc get pods -n kube-system > /root/kube/kube-system-pods.txt
4. Get list of all services across all namespaces and write the output to /root/all-services.txt
[root@master kube]# kc get svc -A
[root@master kube]# kc get svc -A > /root/kube/all-services.txt
Note: -A is shirtcut for --all-namespaces
5. Create a pod named hello with iage busybox and command echo "Hello Workd". Make sure the pod do not restart automatically
[root@master kube]# kc run hello --image=busybox --restart=Never -- echo "HelloWorld kc delete pod pod!"
[root@master kube]# kc get pod
6. Generate a pod manifest file at /root/mypodx.yaml. Pod name should be mypodx with image redis. Make sure you only generate the pod manifest file, you do not have to create the pod.
[root@master kube]# kc run mypod --image=redis --dry-run=client -o yaml >/root/kube/mypodx.yaml
-------------------
Configuration Part
-------------------
1. Create a config map called my-config in namespace called datatab. Use value confa=exvalue. Yo umay want to create namespac if it does not exists.
[root@master kube]# kc create ns datatab
[root@master kube]# kc create cm my-config --from-literal=confa=exvalue --namespace=datatab
2. A configmap al-conf has been created. Expose the value of al-user to a pod named al-pod as AL_USER environment variable. Use redis image for the pod.
cat << EOF > al-pod.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: al-pod
name: al-pod
spec:
containers:
- image: redis
name: al-pod
env:
- name: AL_USER
valueFrom:
configMapKeyRef:
name: al-conf
key: al-user
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
EOF
[root@master kube]# kc apply -f al-pod.yaml
3. Create a Pod named secure-pod. Use redis image. Run pod as user 1000 and group 2000
create a spec file:
cat << EOF > secure-pod.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: secure-pod
name: secure-pod
spec:
securityContext:
runAsUser: 1000
runAsGroup: 2000
containers:
- image: redis
name: secure-pod
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
EOF
[root@master kube]# kc apply -f secure-pod.yaml
[root@master kube]# kc get pods | grep secure
4. Create a pod mainfest file at /root/kube/limitd-pod.yaml with name limited-pod and busybox image. Set memory request at 100Mi and limit at 200 Mi. You do not need to create the pod
[root@master kube]# kc run limited-pod --image=busybox --requests='memory=100Mi' --limits='memory=200Mi' --dry-run=client -o yaml > /root/kube/limited-pod.yaml
[root@master kube]# more /root/kube/limited-pod.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: limited-pod
name: limited-pod
spec:
containers:
- image: busybox
name: limited-pod
resources:
limits:
memory: 200Mi
requests:
memory: 100Mi
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[root@master kube]#
5. Complete the following tasks
a. Create a secret db-secret with value MYSQL_ROOT_PASSWORD=YoYoSecret and MYSQL_PASSWORD=X0X0Password
[root@master kube]# kubectl create secret generic db-secret --from-literal='MYSQL_ROOT_PASSWORD=YoYoSecret' --from-literal='MYSQL_PASSWORD=XoXoPassword'
b. Create a configmap db-config with value MYSQL_USER=k8s and MYSQL_DATABASE=newdb
[root@master kube]# kc create configmap db-config --from-literal='MYSQL_USER=k8s' --from-literal='MYSQL_DATABASE=mewdb'
c. Create a pod named mydb with image mysql:5.7 and expose all values of db-secret and db-config as environment variable to pod.
Create a spec file
cat << EOF > mydb.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: mydb
name: mydb
spec:
containers:
- image: mysql:5.7
name: mydb
envFrom:
- configMapRef:
name: db-config
- secretRef:
name: db-secret
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
EOF
[root@master kube]# kc apply -f mydb.yaml
pod/mydb created
6. Create a service account named namaste. Use the service account to create a pod yo-namaste with image nginx
[root@master kube]# kc create sa namaste
serviceaccount/namaste created
[root@master kube]# kc run yo-namaste --image=nginx --serviceaccount=namaste
pod/yo-namaste created
[root@master kube]# kc get pods
--------------------------------
Multi-Container PODs
Complete the following tasks
1. Create a pod mp-hello with image alpine, nginx and consul:1.8.
Use command sleep infinity for alpine comtainer.
# kc run mp-hello --image=alpine --command sleep=infinity
# cat << EOF > np-hello.yaml
[root@master kube]# cat <<EOF > mp-hello.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: mp-hellp
name: mp-hellp
spec:
containers:
- args:
- sleep
- infinity
- image: alpine
name: mp-hellp
- image: nginx
name: nginx
- image: consul:1.8
name: consul
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
EOF
[root@master kube]# kc apply -f mp-hello.yaml
error: error validating "mp-hello.yaml": error validating data: ValidationError(Pod.spec.containers[0]): missing required field "name" in io.k8s.api.core.v1.Container; if you choose to ignore these errors, turn validation off with --validate=false
[root@master kube]# kc apply -f mp-hello.yaml
pod/mp-hellp created
[root@master kube]#
$ sleep 5 && upgrade.sh
Tuesday, December 8, 2020
Kubernetes - hands on practice
Subscribe to:
Post Comments (Atom)
Git branch show detached HEAD
Git branch show detached HEAD 1. List your branch $ git branch * (HEAD detached at f219e03) 00 2. Run re-set hard $ git reset --hard 3. ...
-
snmpconfig command allow you to managge snmpv1/v3 agent configuration on SAN switch. Event trap level is mapped with event severity level....
-
Firmware upgrade on HPE SuperDom Flex 280 - prerequisites tasks a. Set up repo b. Upload firmware to your webserver 1. For foundation so...
-
Disabling the Telnet protocol on Brocade SAN switches By default, telnet is enabled on Brocade SAN switches. As part of security hardening o...
No comments:
Post a Comment