Get Started. It's Free
or sign up with your email address
Rocket clouds
dummy by Mind Map: dummy

1. Kubernetes (K8s)

1.1. Documentation

1.1.1. what is kubernetes

1.1.2. User Guide

1.1.3. Xoriant Blog - K Building Blocks

1.1.4. Network Design

1.1.5. Tutorials

1.1.6. Security Best Practices good, only slightly TwistLock biased

1.1.7. 4-Day Docker & Kubernetes Training

1.1.8. KubeWeekly TONS of K8s relevant info

1.2. has

1.2.1. Cluster - a group of nodes Node - a physical or virtual machine has is allow isolation between pods within a cluster - perhaps for different teams, perhaps by environment (dev, test, prod) Default: within a namespace, all pods can talk to each other DefaultDeny: Pods in the namespace will be inaccessible from any source except the pod's local Node A production cluster should have at least 3 nodes disks

1.2.2. Master Controller (typically 1) has Deployments Discovery Service Replication Controller Scheduling Manager Heapster GCE only: GLBC - GCE Load Balance Controller KubeDNS dashboard API

1.2.3. command line utility kubectl has

1.2.4. Services integrate w HashiCorp Vault? single endpoint to multiple pods to provide consistent point of entry for service consumer LoadBalancer NodePort

1.2.5. Networking IP-per-Pod model: IP addresses applied at a Pod level All containers within a Pod use different ports on same IP Pod's single IP is the same inside and outside the pod. Google Compute Engine Each VM Service pod load balancing virtual IP for client access

1.2.6. namespaces create subdomains for services. <service-name>.<namespace-name>.svc.cluster.local. See

1.2.7. Labels

1.2.8. Secrets implemented in etcd not encrypted available to all containers in cluster Secrets Management (more here than just K8s)

1.2.9. contexts seems to be

1.2.10. console GUI can be used to explore API

1.3. kubectl commands

1.3.1. kubectl cheat sheet

1.3.2. kubectl cluster-info gets info about the cluster

1.3.3. kubectl get lists the objects in the cluster kubectl get nodes kubectl get services kubectl get deployments kubectl get pods -l <label-name>=<label-value>

1.3.4. kubectl proxy create a route between the terminal and K8s cluster - allows access to the API open a browser to http://localhost:8001/ui for the K8s GUI

1.3.5. kubectl expose exposes deployment as a service externally EG kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080 how to determine if an exposed service requires authentication or not? How to require auth?

1.3.6. kubectl describe describes object w a lot of details kubectl describe deployment kubectl describe services kubectl describe services/kubernetes-bootcamp

1.3.7. kubectl run creates a deployment

1.3.8. kubectl config kubectl config get-contexts list all the contexts available in the k8s config kubectl config use-context <context-name> sets current context

1.3.9. kubectl exec run a command on container. Often used to get to a shell kubectl exec <pod-name> -it -- "bash"

1.3.10. kubectl attach (look this up) kubectl attach nettools-3282871191-3m089 -c nettools -ti

1.3.11. kubectl top pods show top pods by CPU load

1.4. k8s runs

1.4.1. deployments

1.4.2. jobs if a job fails, it will try again check to see if this is really true or if there is a setting to control

1.4.3. bare pod if you want something to just terminate if it fails (eg, building new infrastructure)

1.4.4. Replication Controllers

1.5. DNS

1.5.1. creates its own dns service.namespace.svc.cluster.local

1.6. deployments

1.6.1. deployment YAML resources limits requests