Tuesday, December 8, 2020

Kubernetes - hands on practice

 ------------------------
Kubernetes basic concept
------------------------

1. Create a namespace called frontend

ns-> namespace
[root@master kube]# kc create ns fronend

# kc get ns


2. Create a pod name nginx in frontend namespace. usig nginx image
# kc run nginx  --image=nginx -n frontend

[root@master kube]# kc create ns frontend
namespace/frontend created
[root@master kube]# kc run nginx --image=nginx -n frontend
pod/nginx created
[root@master kube]# kc get ns | grep frontend
frontend          Active   2m2s
[root@master kube]# kc get pods | grep nginx
nginx-f89759699-hxfnp   0/1     Pending   0          24d
[root@master kube]#


3. Get list of al lpods in kibe-system namespace and write the output to /root/kube-system-pods.txt

[root@master kube]# kc get pods -n kube-system
[root@master kube]# kc get pods -n kube-system > /root/kube/kube-system-pods.txt

4. Get list of all services across all namespaces and write the output to /root/all-services.txt
[root@master kube]# kc get svc -A
[root@master kube]# kc get svc -A > /root/kube/all-services.txt

Note: -A is shirtcut for --all-namespaces

5. Create a pod named hello with iage busybox and command echo "Hello Workd". Make sure the pod do not restart automatically
[root@master kube]# kc run hello --image=busybox --restart=Never -- echo "HelloWorld kc delete pod pod!"
[root@master kube]# kc get pod

6. Generate a pod manifest file at /root/mypodx.yaml. Pod name should be mypodx with image redis. Make sure you only generate the pod manifest file, you do not have to create the pod.

[root@master kube]# kc run mypod --image=redis --dry-run=client -o yaml >/root/kube/mypodx.yaml


-------------------
Configuration Part
-------------------

1. Create a config map called my-config in namespace called datatab. Use value confa=exvalue. Yo umay want to create namespac if it does not exists.

[root@master kube]# kc create ns datatab
[root@master kube]# kc create cm my-config --from-literal=confa=exvalue --namespace=datatab


2. A configmap al-conf has been created. Expose the value of al-user to a pod named al-pod as AL_USER environment variable. Use redis image for the pod.

cat << EOF > al-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: al-pod
  name: al-pod
spec:
  containers:
  - image: redis
    name: al-pod
    env:
    - name: AL_USER
      valueFrom:
        configMapKeyRef:
          name: al-conf
          key: al-user
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}
EOF

[root@master kube]# kc apply -f al-pod.yaml


3. Create a Pod named secure-pod. Use redis image. Run pod as user 1000 and group 2000

create a spec file:

cat << EOF > secure-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: secure-pod
  name: secure-pod
spec:
  securityContext:
    runAsUser: 1000
    runAsGroup: 2000
  containers:
  - image: redis
    name: secure-pod
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}
EOF

[root@master kube]# kc apply -f secure-pod.yaml
[root@master kube]# kc get pods | grep secure

4. Create a pod mainfest file at /root/kube/limitd-pod.yaml with name limited-pod and busybox image. Set memory request at 100Mi and limit at 200 Mi. You do not need to create the pod

[root@master kube]# kc run limited-pod --image=busybox --requests='memory=100Mi' --limits='memory=200Mi' --dry-run=client -o yaml > /root/kube/limited-pod.yaml

[root@master kube]# more /root/kube/limited-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: limited-pod
  name: limited-pod
spec:
  containers:
  - image: busybox
    name: limited-pod
    resources:
      limits:
        memory: 200Mi
      requests:
        memory: 100Mi
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}
[root@master kube]#


5. Complete the following tasks
a. Create a secret db-secret with value MYSQL_ROOT_PASSWORD=YoYoSecret and MYSQL_PASSWORD=X0X0Password
[root@master kube]# kubectl create secret generic db-secret --from-literal='MYSQL_ROOT_PASSWORD=YoYoSecret' --from-literal='MYSQL_PASSWORD=XoXoPassword'

b. Create a configmap db-config with value MYSQL_USER=k8s and MYSQL_DATABASE=newdb
[root@master kube]# kc create configmap db-config --from-literal='MYSQL_USER=k8s' --from-literal='MYSQL_DATABASE=mewdb'

c. Create a pod named mydb with image mysql:5.7 and expose all values of db-secret and db-config as environment variable to pod.

Create a spec file

cat << EOF > mydb.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: mydb
  name: mydb
spec:
  containers:
  - image: mysql:5.7
    name: mydb
    envFrom:
    - configMapRef:
        name: db-config
    - secretRef:
        name: db-secret
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}
EOF

[root@master kube]# kc apply -f mydb.yaml
pod/mydb created


6. Create a service account named namaste. Use the service account to create a pod yo-namaste with image nginx
[root@master kube]# kc create sa namaste
serviceaccount/namaste created
[root@master kube]# kc run yo-namaste --image=nginx --serviceaccount=namaste
pod/yo-namaste created
[root@master kube]# kc get pods

--------------------------------
Multi-Container PODs
Complete the following tasks

1. Create a pod mp-hello with image alpine, nginx and consul:1.8.
Use command sleep infinity for alpine comtainer.

# kc run mp-hello --image=alpine --command sleep=infinity

# cat << EOF > np-hello.yaml
[root@master kube]# cat <<EOF > mp-hello.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: mp-hellp
  name: mp-hellp
spec:
  containers:
  - args:
    - sleep
    - infinity
  - image: alpine
    name: mp-hellp

  - image: nginx
    name: nginx

  - image: consul:1.8
    name: consul

    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}
EOF


[root@master kube]# kc apply -f mp-hello.yaml
error: error validating "mp-hello.yaml": error validating data: ValidationError(Pod.spec.containers[0]): missing required field "name" in io.k8s.api.core.v1.Container; if you choose to ignore these errors, turn validation off with --validate=false

[root@master kube]# kc apply -f mp-hello.yaml
pod/mp-hellp created
[root@master kube]#


$ sleep 5 && upgrade.sh














No comments:

Post a Comment

Git branch show detached HEAD

  Git branch show detached HEAD 1. List your branch $ git branch * (HEAD detached at f219e03)   00 2. Run re-set hard $ git reset --hard 3. ...