├── README.md
├── labs
    ├── 01-tutorial-create-cluster.md
    ├── 02-tutorial-basics.md
    ├── 03-challenge-hello-world.md
    ├── 04-tutorial-secrets.md
    ├── 05-challege-secrets.md
    ├── 06-tutorial-metrics.md
    └── 07-challege-metrics.md
└── statefulsets
    └── vault.yaml


/README.md:
--------------------------------------------------------------------------------
 1 | # OSCON Tutorial: Kubernetes Hands-on
 2 | 
 3 | ## Labs
 4 | 
 5 | * [Create a Kubernetes Cluster](labs/01-tutorial-create-cluster.md)
 6 | * [Deploy an Application](labs/02-tutorial-basics.md)
 7 | * [The Hello World Challenge](labs/03-challenge-hello-world.md)
 8 | * [Creating and Consuming Secrets](labs/04-tutorial-secrets.md)
 9 | * [The Secret Challenge](labs/05-challege-secrets.md)
10 | * [Collecting Metrics with Prometheus](labs/06-tutorial-metrics.md)
11 | 


--------------------------------------------------------------------------------
/labs/01-tutorial-create-cluster.md:
--------------------------------------------------------------------------------
 1 | # Create a cluster
 2 | 
 3 | In this lab you will create a Kubernetes using the gcloud command.
 4 | 
 5 | Set the GCE compute zone:
 6 | 
 7 | ```
 8 | gcloud config set compute/zone us-central1-c
 9 | ```
10 | 
11 | Create a Kubernetes cluster named `oscon`:
12 | 
13 | ```
14 | gcloud container clusters create oscon --cluster-version 1.6.2
15 | ```
16 | 


--------------------------------------------------------------------------------
/labs/02-tutorial-basics.md:
--------------------------------------------------------------------------------
 1 | # Tutorial: Basics
 2 | 
 3 | In this tutorial you will walk through running a container with an autoscaling policy and HTTP loadbalancer.
 4 | 
 5 | ## Deploy Nginx
 6 | 
 7 | ```
 8 | kubectl run nginx --image nginx:1.10
 9 | ```
10 | 
11 | ```
12 | kubectl get deployments
13 | ```
14 | 
15 | ```
16 | kubectl describe deployment nginx
17 | ```
18 | 
19 | ```
20 | kubectl get pods
21 | ```
22 | 
23 | Use the describe command to describe the nginx pod created by the nginx deployment:
24 | 
25 | ```
26 | kubectl describe pods <pod-name>
27 | ```
28 | 
29 | ## Autoscale
30 | 
31 | ```
32 | kubectl autoscale deployment nginx --cpu-percent=10 --min=2 --max=10
33 | ```
34 | 
35 | ```
36 | kubectl get hpa
37 | ```
38 | 
39 | ## Expose Nginx
40 | 
41 | ```
42 | kubectl expose deployment nginx --type LoadBalancer --port 80
43 | ```
44 | 
45 | ```
46 | kubectl get services
47 | ```
48 | 
49 | ```
50 | kubectl describe svc nginx
51 | ```
52 | 
53 | ## Troubleshooting
54 | 
55 | ```
56 | kubectl logs 
57 | ```
58 | 
59 | ```
60 | kubectl exec --tty -i <pod-name> /bin/sh
61 | ```
62 | 
63 | ## Test autoscaling
64 | 
65 | ```
66 | sudo apt-get update
67 | sudo apt-get install apache2-utils
68 | ```
69 | 
70 | ```
71 | ab -n 1000000 -c 1000 http://1.2.3.4/ (put the IP address of your exposed service)
72 | ```
73 | 
74 | ```
75 | kubectl get hpa
76 | ```
77 | 
78 | (After a few minutes you should see the reported CPU log go up, and more pods will be added)
79 | 


--------------------------------------------------------------------------------
/labs/03-challenge-hello-world.md:
--------------------------------------------------------------------------------
 1 | # Challenge: Hello World
 2 | 
 3 | In this challenge you will write a hello world application, in the language of your choice, and deploy it to Kubernetes.
 4 | 
 5 | Perform the following steps:
 6 | 
 7 | * Write an application that responds to web requests with "hello world" on port 8000
 8 | * Package the application in a Docker container image
 9 | * Push the container image to a Docker repository
10 | * Create a Kubernetes deployment for the application. Limit the CPU to half a CPU core.
11 | * Expose the application using a LoadBalancer
12 | * Set up a Kubernetes autoscaler to scale the application based on CPU usage. Set the min and max
13 | 


--------------------------------------------------------------------------------
/labs/04-tutorial-secrets.md:
--------------------------------------------------------------------------------
 1 | # Tutorial: Secrets
 2 | 
 3 | In this tutorial you will learn how to create and consume Kubernetes secrets.
 4 | 
 5 | Create the example application configuration file:
 6 | 
 7 | ```
 8 | cat << EOF > config.json
 9 | {
10 |   "username": "admin",
11 |   "password": "123456789"
12 | }
13 | EOF
14 | ```
15 | 
16 | Create the `oscon` secret:
17 | 
18 | ```
19 | kubectl create secret generic oscon \
20 |   --from-literal=username=admin \
21 |   --from-literal=password=123456789 \
22 |   --from-file=config.json
23 | ```
24 | 
25 | Describe the `oscon` secret: 
26 | 
27 | ```
28 | kubectl describe secrets oscon
29 | ```
30 | 
31 | Run the `secrets` job to fetch the secrets and log the secrets:
32 | 
33 | ```
34 | kubectl create -f https://raw.githubusercontent.com/kelseyhightower/secrets/master/secrets.yaml
35 | ```
36 | 
37 | View the logs of the `secrets` job:
38 | 
39 | ```
40 | kubectl get pods -a
41 | ```
42 | 
43 | ```
44 | kubectl logs <print-secrets-pod-name>
45 | ```
46 | 
47 | ## Managing Secrets with Vault
48 | 
49 | In this tutorial you will deploy a Vault server running in dev mode.
50 | 
51 | ### Install the vault client on your client machine:
52 | 
53 | [https://www.vaultproject.io/downloads.html](https://www.vaultproject.io/downloads.html)
54 | 
55 | ### Deploy a Vault Server
56 | 
57 | ```
58 | kubectl create -f https://raw.githubusercontent.com/kelseyhightower/oscon-2017-kubernetes-tutorial/master/statefulsets/vault.yaml
59 | ```
60 | 
61 | ```
62 | kubectl get pods
63 | ```
64 | 
65 | ```
66 | kubectl get svc
67 | ```
68 | 
69 | ```
70 | kubectl logs vault-0
71 | ```
72 | 
73 | ### Connect to the Vault Server
74 | 
75 | ```
76 | kubectl port-forward vault-0 8200:8200
77 | ```
78 | 
79 | ```
80 | export VAULT_ADDR="http://127.0.0.1:8200"
81 | ```
82 | 
83 | ```
84 | export VAULT_TOKEN="3e4a5ba1-oscon-422b-d1db-844979cab098"
85 | ```
86 | 
87 | ```
88 | vault status
89 | ```
90 | 
91 | 
92 | ### Add Secrets
93 | 
94 | ```
95 | vault write secret/oscon \
96 |   username=admin \
97 |   password=123456789
98 | ```
99 | 


--------------------------------------------------------------------------------
/labs/05-challege-secrets.md:
--------------------------------------------------------------------------------
 1 | # Challenge: Replicate Vault Secrets into Kubernetes
 2 | 
 3 | In this challenge you will sync secrets from vault into Kubernetes.
 4 | 
 5 | Perform the following steps:
 6 | 
 7 | * Create a tool that syncs a Vault secret into a Kubernetes secret.
 8 | 
 9 | ## Bonus
10 | 
11 | * Create a Kubernetes deployment for your secrets management tool and sync a Vault secret every 10 seconds.
12 | 


--------------------------------------------------------------------------------
/labs/06-tutorial-metrics.md:
--------------------------------------------------------------------------------
 1 | # Tutorial: Collecting Metrics with Prometheus
 2 | 
 3 | In this Tutorial you will walk through installing Prometheus.
 4 | 
 5 | ## Deploy Prometheus
 6 | 
 7 | Download the prometheus configuration file:
 8 | 
 9 | ```
10 | wget https://raw.githubusercontent.com/kelseyhightower/cloud-native-demo/master/configs/prometheus.yml
11 | ```
12 | 
13 | Create the prometheus configmap:
14 | 
15 | ```
16 | kubectl create configmap prometheus \
17 |   --namespace kube-system \
18 |   --from-file prometheus.yml
19 | ```
20 | 
21 | Create the promethues replicaset:
22 | 
23 | ```
24 | kubectl create -f https://raw.githubusercontent.com/kelseyhightower/cloud-native-demo/master/replicasets/prometheus.yaml
25 | ```
26 | 
27 | ```
28 | kubectl get pods -n kube-system
29 | ```
30 | 
31 | Create the prometheus service:
32 | 
33 | ```
34 | kubectl create -f https://raw.githubusercontent.com/kelseyhightower/cloud-native-demo/master/services/prometheus.yaml
35 | ```
36 | 
37 | ```
38 | kubectl -n kube-system get pods
39 | ```
40 | 
41 | ```
42 | kubectl -n kube-system port-forward <prometheus-pod-name> 9090:9090
43 | ```
44 | 


--------------------------------------------------------------------------------
/labs/07-challege-metrics.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kelseyhightower/oscon-2017-kubernetes-tutorial/1671ce1e13352a54756f219d31b372a288d67904/labs/07-challege-metrics.md


--------------------------------------------------------------------------------
/statefulsets/vault.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   labels:
 6 |     app: vault
 7 |   name: vault
 8 | spec:
 9 |   clusterIP: None
10 |   ports:
11 |     - port: 8200
12 |       protocol: TCP
13 |       targetPort: 8200
14 |   selector:
15 |     app: vault
16 | ---
17 | apiVersion: apps/v1beta1
18 | kind: StatefulSet
19 | metadata:
20 |   name: vault
21 | spec:
22 |   serviceName: vault
23 |   replicas: 1
24 |   template:
25 |     metadata:
26 |       labels:
27 |         app: vault
28 |     spec:
29 |       terminationGracePeriodSeconds: 10
30 |       containers:
31 |         - name: vault
32 |           image: vault:0.7.0
33 |           args:
34 |             - "server"
35 |             - "-dev"
36 |             - "-log-level=debug"
37 |             - "-dev-root-token-id=3e4a5ba1-oscon-422b-d1db-844979cab098"
38 |           securityContext:
39 |             capabilities:
40 |               add:
41 |                 - IPC_LOCK
42 | 
43 | 


--------------------------------------------------------------------------------