├── docs ├── manifest.webmanifest ├── img │ ├── logo.png │ ├── logo-white.png │ └── cluster-setup-demo.gif ├── advanced │ ├── index.md │ └── contrib │ │ └── help-wanted.md ├── build │ └── Dockerfile ├── getting-started │ ├── overview.md │ ├── cli │ │ ├── index.md │ │ ├── falco.md │ │ └── cluster.md │ ├── installation.md │ └── quickstart.md ├── index.md └── overrides │ └── main.html ├── .env.example ├── go.mod ├── pkg └── commands │ ├── falco │ ├── files │ │ ├── rules.txt │ │ └── tuto │ │ │ ├── step0.txt │ │ │ ├── step3.txt │ │ │ ├── step5.txt │ │ │ ├── step2.txt │ │ │ ├── step1.txt │ │ │ └── step4.txt │ ├── rules.go │ ├── scripts │ │ └── install.sh │ ├── install.go │ └── tuto.go │ ├── cluster │ ├── scripts │ │ ├── join.sh │ │ ├── create-token.sh │ │ ├── check-requirements.sh │ │ ├── install-worker.sh │ │ └── install-master.sh │ ├── join.go │ └── install.go │ ├── utils │ ├── template.go │ ├── run.go │ └── prompt.go │ └── app.go ├── main.go ├── docker-compose.yaml ├── .gitignore ├── .build-all ├── go.sum ├── Makefile ├── README.md ├── mkdocs.yml └── LICENSE /docs/manifest.webmanifest: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.env.example: -------------------------------------------------------------------------------- 1 | GOOGLE_ANALYTICS_KEY= 2 | BUCKET_BINARIES= 3 | BUCKET_WEBSITE= 4 | AWS_REGION= -------------------------------------------------------------------------------- /docs/img/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-tn/cks-cli/HEAD/docs/img/logo.png -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module cks-cli 2 | 3 | go 1.16 4 | 5 | require github.com/urfave/cli/v2 v2.3.0 6 | -------------------------------------------------------------------------------- /docs/advanced/index.md: -------------------------------------------------------------------------------- 1 | # Advanced 2 | This section describes advanced features, integrations, etc. -------------------------------------------------------------------------------- /docs/img/logo-white.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-tn/cks-cli/HEAD/docs/img/logo-white.png -------------------------------------------------------------------------------- /docs/img/cluster-setup-demo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubernetes-tn/cks-cli/HEAD/docs/img/cluster-setup-demo.gif -------------------------------------------------------------------------------- /pkg/commands/falco/files/rules.txt: -------------------------------------------------------------------------------- 1 | To discover/customize Falco rules, the following doc should be your best friend: 2 | 3 | https://k8s.tn/rd8uLj 4 | -------------------------------------------------------------------------------- /docs/advanced/contrib/help-wanted.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | Do you require any help ? 4 | 5 | Create issue in [kubernetes-tn/cks-cli#issues](https://github.com/kubernetes-tn/cks-cli/issues) -------------------------------------------------------------------------------- /pkg/commands/cluster/scripts/join.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # cks cluster join --master {{ .master }} --token {{ .token }} --ca-hash {{ .cahash }} 3 | kubeadm join {{ .master }} --token {{ .token }} --discovery-token-ca-cert-hash {{ .cahash }} -------------------------------------------------------------------------------- /pkg/commands/falco/files/tuto/step0.txt: -------------------------------------------------------------------------------- 1 | ____ _ ____ _____ 2 | / ___| / \ | _ \_ _| 3 | \___ \ / _ \ | |_) || | 4 | ___) / ___ \| _ < | | 5 | |____/_/ \_\_| \_\|_| 6 | ### Create Namespace for the demo ### 7 | 8 | kubectl create ns demo-falco 9 | -------------------------------------------------------------------------------- /pkg/commands/cluster/scripts/create-token.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo "### Execute the command below in Worker Nodes ###" 3 | kubeadm token create --print-join-command --ttl 0 | sed 's/kubeadm join/cks cluster join --master/g' | sed 's/discovery-token-ca-cert-hash/ca-hash/g' 4 | -------------------------------------------------------------------------------- /pkg/commands/falco/rules.go: -------------------------------------------------------------------------------- 1 | package falco 2 | 3 | import ( 4 | _ "embed" 5 | "fmt" 6 | 7 | "github.com/urfave/cli/v2" 8 | ) 9 | 10 | //go:embed files/rules.txt 11 | var rules string 12 | 13 | func Rules(ctx *cli.Context) error { 14 | 15 | fmt.Println(rules) 16 | return nil 17 | } 18 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "log" 5 | "os" 6 | 7 | "cks-cli/pkg/commands" 8 | ) 9 | 10 | var ( 11 | version = "dev" 12 | ) 13 | 14 | func main() { 15 | app := commands.NewApp(version) 16 | err := app.Run(os.Args) 17 | if err != nil { 18 | log.Fatal(err) 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /pkg/commands/falco/files/tuto/step3.txt: -------------------------------------------------------------------------------- 1 | ____ _____ _____ ____ _____ 2 | / ___|_ _| ____| _ \ |___ / 3 | \___ \ | | | _| | |_) | |_ \ 4 | ___) || | | |___| __/ ___) | 5 | |____/ |_| |_____|_| |____/ 6 | ### Install Falco on node which runs the pod 7 | 8 | cks falco install 9 | 10 | -------------------------------------------------------------------------------- /pkg/commands/falco/files/tuto/step5.txt: -------------------------------------------------------------------------------- 1 | _____ _ _ ____ 2 | | ____| \ | | _ \ 3 | | _| | \| | | | | 4 | | |___| |\ | |_| | 5 | |_____|_| \_|____/ 6 | ### Clean up namespace 7 | 8 | kubectl delete ns demo-falco 9 | 10 | 11 | ## check another advanced tuto in this link : 12 | https://k8s.tn/rdiL4i 13 | -------------------------------------------------------------------------------- /docker-compose.yaml: -------------------------------------------------------------------------------- 1 | version: '3.9' 2 | 3 | 4 | services: 5 | go: &go 6 | image: golang:1.16.6-alpine 7 | restart: 'no' 8 | working_dir: /usr/src/cks-cli 9 | volumes: 10 | - .:/usr/src/cks-cli 11 | - go-modules:/go/pkg/mod 12 | entrypoint: go 13 | cks: 14 | <<: *go 15 | entrypoint: ["go", "run", "."] 16 | 17 | volumes: 18 | go-modules: -------------------------------------------------------------------------------- /docs/build/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM squidfunk/mkdocs-material:7.2.0 2 | 3 | ## If you want to see exactly the same version as is published to GitHub pages 4 | ## use a private image for insiders, which requires authentication. 5 | 6 | # docker login -u ${GITHUB_USERNAME} -p ${GITHUB_TOKEN} ghcr.io 7 | # FROM ghcr.io/squidfunk/mkdocs-material-insiders 8 | 9 | RUN pip install mike mkdocs-macros-plugin -------------------------------------------------------------------------------- /pkg/commands/falco/files/tuto/step2.txt: -------------------------------------------------------------------------------- 1 | ____ _____ _____ ____ ____ 2 | / ___|_ _| ____| _ \ |___ \ 3 | \___ \ | | | _| | |_) | __) | 4 | ___) || | | |___| __/ / __/ 5 | |____/ |_| |_____|_| |_____| 6 | ### Check where your pod is created 7 | 8 | NODE_NAME=$(kubectl -n demo-falco get pod nginx -o jsonpath='{.spec.nodeName}'); 9 | 10 | kubectl describe node $NODE_NAME 11 | 12 | ### SSH to that node 13 | ssh $NODE_NAME 14 | 15 | -------------------------------------------------------------------------------- /pkg/commands/falco/files/tuto/step1.txt: -------------------------------------------------------------------------------- 1 | ____ _____ _____ ____ _ 2 | / ___|_ _| ____| _ \ / | 3 | \___ \ | | | _| | |_) | | | 4 | ___) || | | |___| __/ | | 5 | |____/ |_| |_____|_| |_| 6 | ###### CREATE POD ###### 7 | 8 | kubectl create -n demo-falco -f - < 14 |

Demo

15 | 16 | 17 |
18 | 19 |
Demo: Cluster Setup for CKS prepa
20 |
-------------------------------------------------------------------------------- /pkg/commands/falco/install.go: -------------------------------------------------------------------------------- 1 | package falco 2 | 3 | import ( 4 | _ "embed" 5 | 6 | "cks-cli/pkg/commands/cluster" 7 | "cks-cli/pkg/commands/utils" 8 | 9 | "github.com/urfave/cli/v2" 10 | ) 11 | 12 | //go:embed scripts/install.sh 13 | var installScript string 14 | 15 | func Install(ctx *cli.Context) error { 16 | err := cluster.CheckRequirements(ctx) 17 | if err != nil { 18 | return err 19 | } 20 | values := make(map[string]interface{}) 21 | // values["version"] = ctx.String("version") 22 | // fmt.Println(s) 23 | // fmt.Println(ProcessString(s, values)) 24 | return utils.RunCommand("/bin/sh", "-c", utils.ProcessString(installScript, values)) 25 | } 26 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | # Created by https://www.toptal.com/developers/gitignore/api/go 3 | # Edit at https://www.toptal.com/developers/gitignore?templates=go 4 | 5 | ### Go ### 6 | # Binaries for programs and plugins 7 | *.exe 8 | *.exe~ 9 | *.dll 10 | *.so 11 | *.dylib 12 | 13 | # Test binary, built with `go test -c` 14 | *.test 15 | 16 | # Output of the go coverage tool, specifically when used with LiteIDE 17 | *.out 18 | 19 | # Dependency directories (remove the comment below to include it) 20 | # vendor/ 21 | 22 | ### Go Patch ### 23 | /vendor/ 24 | /Godeps/ 25 | 26 | # End of https://www.toptal.com/developers/gitignore/api/go 27 | cks 28 | cks-* 29 | *.pptx 30 | .env 31 | public -------------------------------------------------------------------------------- /pkg/commands/utils/run.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "fmt" 5 | "os/exec" 6 | ) 7 | 8 | func RunCommand(name string, arg ...string) error { 9 | cmd := exec.Command(name, arg...) 10 | // error output and standard output of command is connected to the same pipeline 11 | stdout, err := cmd.StdoutPipe() 12 | cmd.Stderr = cmd.Stdout 13 | 14 | if err != nil { 15 | return err 16 | } 17 | 18 | if err = cmd.Start(); err != nil { 19 | return err 20 | } 21 | // Get real-time output from the pipe to the terminal and print 22 | for { 23 | tmp := make([]byte, 1024) 24 | _, err := stdout.Read(tmp) 25 | fmt.Print(string(tmp)) 26 | if err != nil { 27 | break 28 | } 29 | } 30 | 31 | if err = cmd.Wait(); err != nil { 32 | return err 33 | } 34 | return nil 35 | } 36 | -------------------------------------------------------------------------------- /.build-all: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # go tool dist list | awk -F / '{print "GOOS="$1 " GOARCH=" $2 " go '$restargs' build . "}' 3 | mkdir -p bin 4 | VERSION=$(git describe --tags) 5 | go tool dist list | while read l; do 6 | export GOOS=$(echo $l | awk -F / '{print $1}') 7 | if [ "${GOOS}" = "linux" ] || [ "${GOOS}" = "darwin" ] ; then 8 | export GOARCH=$(echo $l | awk -F / '{print $2}'); 9 | if [ "${GOARCH}" = "amd64" ] || [ "${GOARCH}" = "arm64" ] ; then 10 | artifact=cks-${GOOS}-${GOARCH}; 11 | go build -ldflags "-s -w -X=main.version=${VERSION}" -o bin/cks-${GOOS}-${GOARCH} . 12 | fi 13 | # default binary without suffixes to one arch and one OS 14 | if [ "${GOARCH}" = "amd64" ] && [ "${GOOS}" = "linux" ]; then 15 | cp bin/cks-${GOOS}-${GOARCH} bin/cks 16 | fi 17 | fi 18 | done -------------------------------------------------------------------------------- /docs/getting-started/cli/cluster.md: -------------------------------------------------------------------------------- 1 | # Cluster 2 | 3 | ```bash 4 | NAME: 5 | cks cluster - manage cluster (support Ubuntu 20 OS only for now) 6 | 7 | USAGE: 8 | cks cluster command [command options] cluster_install 9 | 10 | COMMANDS: 11 | check-requirements, req check if your machines meet requirements to install the cluster 12 | install-master, im install k8s master components 13 | install-worker, iw install k8s worker components 14 | create-token, ct Generate a token and print the command of joining a master k8s. It must run inside a master machine 15 | join, j Join a kubernetes master. Must be run in a worker node 16 | help, h Shows a list of commands or help for one command 17 | 18 | OPTIONS: 19 | --help, -h show help (default: false) 20 | ``` -------------------------------------------------------------------------------- /pkg/commands/falco/files/tuto/step4.txt: -------------------------------------------------------------------------------- 1 | ____ _____ _____ ____ _ _ 2 | / ___|_ _| ____| _ \ | || | 3 | \___ \ | | | _| | |_) | | || |_ 4 | ___) || | | |___| __/ |__ _| 5 | |____/ |_| |_____|_| |_| 6 | ### Validation 7 | 8 | # Try to spawn a shell in the pod 9 | kubectl -n demo-falco exec -it nginx -- sh 10 | 11 | 12 | # Immediately, SSH to the node where falco is installed, and check the log of falco 13 | tail -f /var/log/syslog | grep falco 14 | 15 | ## You should see a log entry like the following: 16 | 17 | ``` 18 | Jul 1 hh:mm:ss falco: hh:mm:ss.nnnn: Notice A shell was spawned in a container with an attached terminal (user=root..... 19 | ``` 20 | 21 | ## Discover Falco rules responsible for that detection 22 | cat /etc/falco/falco_rules.yaml | grep -i -B 8 -A 4 -F "shell was spawned" 23 | -------------------------------------------------------------------------------- /pkg/commands/utils/prompt.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "bufio" 5 | "fmt" 6 | "io" 7 | "log" 8 | "strings" 9 | ) 10 | 11 | func Confirm(s string, in io.Reader, tries int) bool { 12 | r := bufio.NewReader(in) // in=os.Stdin 13 | 14 | for ; tries > 0; tries-- { 15 | fmt.Printf("%s [y/n]: ", s) 16 | 17 | res, err := r.ReadString('\n') 18 | if err != nil { 19 | log.Fatal(err) 20 | } 21 | 22 | // Empty input (i.e. "\n") 23 | if len(res) < 2 { 24 | continue 25 | } 26 | 27 | return strings.ToLower(strings.TrimSpace(res))[0] == 'y' 28 | } 29 | 30 | return false 31 | } 32 | 33 | func AskForConfirmation2() bool { 34 | var response string 35 | 36 | _, err := fmt.Scanln(&response) 37 | if err != nil { 38 | log.Fatal(err) 39 | } 40 | 41 | switch strings.ToLower(response) { 42 | case "y", "yes": 43 | return true 44 | case "n", "no": 45 | return false 46 | default: 47 | fmt.Println("I'm sorry but I didn't get what you meant, please type (y)es or (n)o and then press enter:") 48 | return AskForConfirmation2() 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /pkg/commands/falco/tuto.go: -------------------------------------------------------------------------------- 1 | package falco 2 | 3 | import ( 4 | "cks-cli/pkg/commands/utils" 5 | _ "embed" 6 | "fmt" 7 | "os" 8 | 9 | "github.com/urfave/cli/v2" 10 | ) 11 | 12 | //go:embed files/tuto/step0.txt 13 | var step0 string 14 | 15 | //go:embed files/tuto/step1.txt 16 | var step1 string 17 | 18 | //go:embed files/tuto/step2.txt 19 | var step2 string 20 | 21 | //go:embed files/tuto/step3.txt 22 | var step3 string 23 | 24 | //go:embed files/tuto/step4.txt 25 | var step4 string 26 | 27 | //go:embed files/tuto/step5.txt 28 | var step5 string 29 | 30 | func Tuto(ctx *cli.Context) error { 31 | fmt.Println(step0) 32 | if utils.Confirm("# Are you done?", os.Stdin, 3) { 33 | fmt.Println(step1) 34 | if utils.Confirm("# Are you done?", os.Stdin, 3) { 35 | fmt.Println(step2) 36 | if utils.Confirm("# Did you SSH to that node?", os.Stdin, 3) { 37 | fmt.Println(step3) 38 | if utils.Confirm("# Are you done?", os.Stdin, 3) { 39 | fmt.Println(step4) 40 | if utils.Confirm("# Are you done?", os.Stdin, 3) { 41 | fmt.Println(step5) 42 | utils.Confirm("# Clean up done?", os.Stdin, 3) 43 | fmt.Println("END of Falco Tuto - Congrats!") 44 | } 45 | } 46 | } 47 | } 48 | } 49 | return nil 50 | } 51 | -------------------------------------------------------------------------------- /pkg/commands/cluster/join.go: -------------------------------------------------------------------------------- 1 | package cluster 2 | 3 | import ( 4 | _ "embed" 5 | 6 | "cks-cli/pkg/commands/utils" 7 | 8 | "github.com/urfave/cli/v2" 9 | ) 10 | 11 | //go:embed scripts/create-token.sh 12 | var createTokenScript string 13 | 14 | //go:embed scripts/join.sh 15 | var joinScript string 16 | 17 | // ImageRun runs scan on docker image 18 | func CreateToken(ctx *cli.Context) error { 19 | values := make(map[string]interface{}) 20 | // values["version"] = ctx.String("version") 21 | // fmt.Println(s) 22 | // fmt.Println(ProcessString(s, values)) 23 | return utils.RunCommand("/bin/sh", "-c", utils.ProcessString(createTokenScript, values)) 24 | } 25 | 26 | // cks cluster join \ 27 | // --master 192.168.0.8:6443 28 | // --token 0ns3xh.z8ts84ld79kf4pha 29 | // --discovery-token-ca-cert-hash sha256:e049e4827e20734500848a8f56c6043069b3b8650533cd590413af61426a7d87 30 | func Join(ctx *cli.Context) error { 31 | values := make(map[string]interface{}) 32 | values["master"] = ctx.String("master") 33 | values["token"] = ctx.String("token") 34 | values["cahash"] = ctx.String("ca-hash") 35 | // fmt.Println(s) 36 | // fmt.Println(ProcessString(s, values)) 37 | return utils.RunCommand("/bin/sh", "-c", utils.ProcessString(joinScript, values)) 38 | } 39 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= 2 | github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY= 3 | github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= 4 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 5 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 6 | github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= 7 | github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= 8 | github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= 9 | github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= 10 | github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M= 11 | github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= 12 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 13 | gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 14 | -------------------------------------------------------------------------------- /pkg/commands/cluster/install.go: -------------------------------------------------------------------------------- 1 | package cluster 2 | 3 | import ( 4 | _ "embed" 5 | 6 | "cks-cli/pkg/commands/utils" 7 | 8 | "github.com/urfave/cli/v2" 9 | ) 10 | 11 | //go:embed scripts/check-requirements.sh 12 | var checkRequirementsScript string 13 | 14 | //go:embed scripts/install-master.sh 15 | var installMasterScript string 16 | 17 | //go:embed scripts/install-worker.sh 18 | var installWorkerScript string 19 | 20 | func CheckRequirements(ctx *cli.Context) error { 21 | values := make(map[string]interface{}) 22 | // values["version"] = ctx.String("version") 23 | // fmt.Println(s) 24 | // fmt.Println(ProcessString(s, values)) 25 | return utils.RunCommand("/bin/sh", "-c", utils.ProcessString(checkRequirementsScript, values)) 26 | } 27 | 28 | func InstallMaster(ctx *cli.Context) error { 29 | err := CheckRequirements(ctx) 30 | if err != nil { 31 | return err 32 | } 33 | values := make(map[string]interface{}) 34 | values["version"] = ctx.String("version") 35 | // fmt.Println(s) 36 | // fmt.Println(ProcessString(s, values)) 37 | return utils.RunCommand("/bin/sh", "-c", utils.ProcessString(installMasterScript, values)) 38 | } 39 | 40 | func InstallWorker(ctx *cli.Context) error { 41 | err := CheckRequirements(ctx) 42 | if err != nil { 43 | return err 44 | } 45 | values := make(map[string]interface{}) 46 | values["version"] = ctx.String("version") 47 | // fmt.Println(s) 48 | // fmt.Println(ProcessString(s, values)) 49 | return utils.RunCommand("/bin/sh", "-c", utils.ProcessString(installWorkerScript, values)) 50 | } 51 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | 2 | #!/usr/bin/make -f 3 | include .env 4 | # auto populate env vars from .env file 5 | VARS:=$(shell sed -ne 's/ *\#.*$$//; /./ s/=.*$$// p' .env ) 6 | $(foreach v,$(VARS),$(eval $(shell echo export $(v)="$($(v))"))) 7 | 8 | VERSION := $(shell git describe --tags) 9 | LDFLAGS=-ldflags "-s -w -X=main.version=$(VERSION)" 10 | MKDOCS_IMAGE := ktn/mkdocs-material:dev 11 | MKDOCS_PORT := 8000 12 | 13 | .PHONY: build 14 | build: 15 | GOOS=linux GOARCH=amd64 go build $(LDFLAGS) -o cks . 16 | 17 | .PHONY: build-all 18 | build-all: 19 | sh .build-all 20 | 21 | release-binary: 22 | make build-all 23 | aws s3 sync ./bin/ s3://$(BUCKET_BINARIES)/cks-cli/$(VERSION) --delete --region $(BUCKET_BINARIES_AWS_REGION) 24 | aws s3 sync s3://$(BUCKET_BINARIES)/cks-cli/$(VERSION) s3://$(BUCKET_BINARIES)/cks-cli/latest --delete --region $(BUCKET_BINARIES_AWS_REGION) 25 | mkdocs-serve: 26 | docker build -t $(MKDOCS_IMAGE) -f docs/build/Dockerfile docs/build 27 | docker run --name mkdocs-serve --rm --env-file .env -v $(PWD):/docs -p $(MKDOCS_PORT):8000 $(MKDOCS_IMAGE) 28 | 29 | mkdocs-gen: 30 | docker build -t $(MKDOCS_IMAGE) -f docs/build/Dockerfile docs/build 31 | docker run --name mkdocs-gen --rm --env-file .env -v $(PWD):/docs --entrypoint=mkdocs $(MKDOCS_IMAGE) build --site-dir public 32 | 33 | release-docs: 34 | make mkdocs-gen 35 | aws s3 sync ./public/ s3://$(BUCKET_WEBSITE)/ --delete --region $(BUCKET_WEBSITE_AWS_REGION) 36 | 37 | release-infra: 38 | echo bash deploy/cloudformation/apply.sh 39 | echo do it manually.CFN does not support 40 | echo TODO https://github.com/riboseinc/terraform-aws-s3-cloudfront-website/blob/master/sample-site/main.tf 41 | release: 42 | make release-binary 43 | make release-docs 44 | 45 | 46 | # https://stackoverflow.com/a/41629516/747579 47 | -------------------------------------------------------------------------------- /docs/overrides/main.html: -------------------------------------------------------------------------------- 1 | {% extends "base.html" %} 2 | 3 | {% block extrahead %} 4 | 5 | 6 | 7 | 8 | 9 | {% if page and page.meta and page.meta.title %} 10 | 11 | {% elif page and page.title and not page.is_homepage %} 12 | 13 | {% else %} 14 | 15 | {% endif %} 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | {% if page and page.meta and page.meta.title %} 26 | 27 | {% elif page and page.title and not page.is_homepage %} 28 | 29 | {% else %} 30 | 31 | {% endif %} 32 | 33 | 34 | 35 | 36 | {% endblock %} -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | # Overview 3 | 4 | A comprehensive CLI for CKS exam preparation 5 | 6 | # Getting Started 7 | 8 | ```sh 9 | docker-compose run --rm cks help 10 | ``` 11 | 12 | # Prerequisites 13 | 14 | - Create a set of virtual machines (Amazon EC2 or Azure VMs) 15 | - One of the machines will be your master node and the other(s) will be your worker node(s) 16 | - Note: Ensure the virtual machines have network connectivity between them otherwise you will not be able to establish a connection or joined the nodes together 17 | 18 | # Installation of binaries 19 | 20 | ## Linux 21 | 22 | ```sh 23 | - curl -o cks https://k8s.tn/cks-cli/latest/cks-linux-amd64 24 | - chmod +x cks 25 | - sudo mv cks /usr/local/bin 26 | ``` 27 | 28 | ## OS X 29 | 30 | ```sh 31 | - curl -o cks https://k8s.tn/cks-cli/latest/cks-darwin-amd64 32 | - chmod +x cks 33 | - sudo mv cks /usr/local/bin 34 | ``` 35 | 36 | # Cluster Setup 37 | 38 | ## Installing the master node 39 | 40 | ```sh 41 | cks cluster install-master 42 | ``` 43 | 44 | once above is complete, you will get a command that will be executed on the worker node looking like: 45 | 46 | ```sh 47 | cks cluster join --master : --token --ca-hash : --token --ca-hash 59 | ``` 60 | 61 | # Installing Falco on CKS CLI 62 | 63 | ```sh 64 | cks falco install 65 | ``` 66 | # Now check your nodes are running 67 | 68 | - on your master node, run: 69 | 70 | ```sh 71 | kubectl get nodes 72 | ``` 73 | 74 | You should now see your nodes running. 75 | # Docs 76 | 77 | https://cks.k8s.tn 78 | 79 | # Authors 80 | 81 | - @abdennour - [Abdennour TOUMI](https://www.linkedin.com/in/abdennour/) 82 | - @moabukar - [Mohamed Abukar](https://linkedin.com/in/mohamed-abukar) 83 | 84 | # License 85 | 86 | [LICENSE](LICENSE) -------------------------------------------------------------------------------- /pkg/commands/cluster/scripts/install-worker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Source: http://kubernetes.io/docs/getting-started-guides/kubeadm/ 4 | KUBE_VERSION={{ .version }};#!/bin/sh 5 | 6 | # Source: http://kubernetes.io/docs/getting-started-guides/kubeadm/ 7 | 8 | ### setup terminal 9 | apt-get install -y bash-completion binutils 10 | echo 'colorscheme ron' >> ~/.vimrc 11 | echo 'set tabstop=2' >> ~/.vimrc 12 | echo 'set shiftwidth=2' >> ~/.vimrc 13 | echo 'set expandtab' >> ~/.vimrc 14 | echo 'source <(kubectl completion bash)' >> ~/.bashrc 15 | echo 'alias k=kubectl' >> ~/.bashrc 16 | echo 'alias c=clear' >> ~/.bashrc 17 | echo 'complete -F __start_kubectl k' >> ~/.bashrc 18 | sed -i '1s/^/force_color_prompt=yes\n/' ~/.bashrc 19 | 20 | 21 | ### install k8s and docker 22 | apt-get remove -y docker* containerd* kubelet kubeadm kubectl kubernetes-cni 23 | apt-get autoremove -y 24 | apt-get install -y etcd-client vim build-essential 25 | 26 | systemctl daemon-reload 27 | curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - 28 | cat < /etc/apt/sources.list.d/kubernetes.list 29 | deb http://apt.kubernetes.io/ kubernetes-xenial main 30 | EOF 31 | 32 | apt-get update 33 | apt-get install -y docker.io kubelet=${KUBE_VERSION}-00 kubeadm=${KUBE_VERSION}-00 kubectl=${KUBE_VERSION}-00 kubernetes-cni=0.8.7-00 34 | 35 | cat > /etc/docker/daemon.json <> ~/.vimrc 9 | echo 'set tabstop=2' >> ~/.vimrc 10 | echo 'set shiftwidth=2' >> ~/.vimrc 11 | echo 'set expandtab' >> ~/.vimrc 12 | echo 'source <(kubectl completion bash)' >> ~/.bashrc 13 | echo 'alias k=kubectl' >> ~/.bashrc 14 | echo 'alias c=clear' >> ~/.bashrc 15 | echo 'complete -F __start_kubectl k' >> ~/.bashrc 16 | sed -i '1s/^/force_color_prompt=yes\n/' ~/.bashrc 17 | 18 | 19 | ### install k8s and docker 20 | apt-get remove -y docker* containerd* kubelet kubeadm kubectl kubernetes-cni 21 | apt-get autoremove -y 22 | apt-get install -y etcd-client vim build-essential 23 | 24 | systemctl daemon-reload 25 | curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - 26 | cat < /etc/apt/sources.list.d/kubernetes.list 27 | deb http://apt.kubernetes.io/ kubernetes-xenial main 28 | EOF 29 | 30 | apt-get update 31 | apt-get install -y docker.io kubelet=${KUBE_VERSION}-00 kubeadm=${KUBE_VERSION}-00 kubectl=${KUBE_VERSION}-00 kubernetes-cni=0.8.7-00 32 | 33 | cat > /etc/docker/daemon.json <:6443", 39 | EnvVars: []string{"CKS_MASTER"}, 40 | } 41 | 42 | caHashFlag = cli.StringFlag{ 43 | Name: "ca-hash", 44 | Aliases: []string{"ch"}, 45 | Value: "", 46 | Usage: "discovery token CA cert hash .i.e: sha256:e049e4827e20734500848a8f56c6043069b3b8650533cd590413af61426a7d87", 47 | EnvVars: []string{"CKS_CA_HASH"}, 48 | } 49 | 50 | // Global flags 51 | globalFlags = []cli.Flag{ 52 | &topicFlag, 53 | } 54 | 55 | clusterInstallFlags = []cli.Flag{ 56 | &verisonFlag, 57 | } 58 | 59 | clusterJoinFlags = []cli.Flag{ 60 | &masterFlag, 61 | &tokenFlag, 62 | &caHashFlag, 63 | } 64 | 65 | falcoInstallFlags = []cli.Flag{} 66 | ) 67 | 68 | func NewApp(version string) *cli.App { 69 | // cli.VersionPrinter = func(c *cli.Context) { 70 | // showVersion(c.String("cache-dir"), c.String("format"), c.App.Version, c.App.Writer) 71 | // } 72 | 73 | app := cli.NewApp() 74 | app.Name = "cks" 75 | app.Version = version 76 | app.ArgsUsage = "verb" 77 | app.Usage = "A Comprehensive CLI for CKS exam preparation" 78 | app.EnableBashCompletion = true 79 | // flags := append(globalFlags, setHidden(deprecatedFlags, true)...) 80 | // flags = append(flags, setHidden(imageFlags, true)...) 81 | 82 | // app.Flags = flags 83 | app.Commands = []*cli.Command{ 84 | NewClusterCommand(), 85 | NewFalcoCommand(), 86 | } 87 | 88 | return app 89 | } 90 | 91 | // NewClusterCommand is the factory method to add image command 92 | func NewClusterCommand() *cli.Command { 93 | return &cli.Command{ 94 | Name: "cluster", 95 | Aliases: []string{"c"}, 96 | ArgsUsage: "cluster_install", 97 | Usage: "manage cluster (support Ubuntu 20 OS only for now)", 98 | Subcommands: cli.Commands{ 99 | { 100 | Name: "check-requirements", 101 | Aliases: []string{"req"}, 102 | Usage: "check if your machines meet requirements to install the cluster", 103 | ArgsUsage: "", 104 | Action: cluster.CheckRequirements, 105 | }, 106 | { 107 | Name: "install-master", 108 | Aliases: []string{"im"}, 109 | Usage: "install k8s master components", 110 | ArgsUsage: "", 111 | Action: cluster.InstallMaster, 112 | Flags: clusterInstallFlags, 113 | }, 114 | { 115 | Name: "install-worker", 116 | Aliases: []string{"iw"}, 117 | Usage: "install k8s worker components", 118 | ArgsUsage: "", 119 | Action: cluster.InstallWorker, 120 | Flags: clusterInstallFlags, 121 | }, 122 | { 123 | Name: "create-token", 124 | Aliases: []string{"ct"}, 125 | Usage: "Generate a token and print the command of joining a master k8s. It must run inside a master machine", 126 | ArgsUsage: "", 127 | Action: cluster.CreateToken, 128 | }, 129 | { 130 | Name: "join", 131 | Aliases: []string{"j"}, 132 | Usage: "Join a kubernetes master. Must be run in a worker node", 133 | ArgsUsage: "--master 192.168.0.8:6443 --token ztyj0p.cdew3ak071o57t7w --ca-hash sha256:e049e4827e20734500848a8f56c6043069b3b8650533cd590413af61426a7d8", 134 | Action: cluster.Join, 135 | Flags: clusterJoinFlags, 136 | }, 137 | }, 138 | } 139 | } 140 | 141 | func NewFalcoCommand() *cli.Command { 142 | return &cli.Command{ 143 | Name: "falco", 144 | Aliases: []string{"f"}, 145 | ArgsUsage: "falco_install", 146 | Usage: "teach falco in CKS context", 147 | Subcommands: cli.Commands{ 148 | { 149 | Name: "check-requirements", 150 | Aliases: []string{"req"}, 151 | Usage: "check if your machines meet requirements to install the cluster", 152 | ArgsUsage: "", 153 | Action: cluster.CheckRequirements, 154 | }, 155 | { 156 | Name: "install", 157 | Aliases: []string{"i"}, 158 | Usage: "install falco (support Ubuntu 20 OS only for now)", 159 | ArgsUsage: "", 160 | Action: falco.Install, 161 | Flags: falcoInstallFlags, 162 | }, 163 | { 164 | Name: "tutorial", 165 | Aliases: []string{"t", "tuto"}, 166 | Usage: "tuto falco", 167 | ArgsUsage: "", 168 | Action: falco.Tuto, 169 | }, 170 | { 171 | Name: "rules", 172 | Aliases: []string{"r"}, 173 | Usage: "rules falco", 174 | ArgsUsage: "", 175 | Action: falco.Rules, 176 | }, 177 | }} 178 | } 179 | -------------------------------------------------------------------------------- /docs/getting-started/quickstart.md: -------------------------------------------------------------------------------- 1 | # Quick Start 2 | 3 | ## Cluster Setup 4 | 5 | **install master** 6 | 7 | Identify your master machine and run 8 | 9 | ``` 10 | $ cks cluster install-master 11 | 12 | ``` 13 | 14 |
15 | Result 16 | 17 | ``` 18 | OS type is checked 19 | Reading package lists... 20 | Building dependency tree... 21 | Reading state information... 22 | bash-completion is already the newest version (1:2.10-1ubuntu1). 23 | binutils is already the newest version (2.34-6ubuntu1.1). 24 | 0 upgraded, 0 newly installed, 0 to remove and 65 not upgraded. 25 | Reading package lists... 26 | Building dependency tree... 27 | Reading state information... 28 | Package 'docker-ce' is not installed, so not removed 29 | Package 'docker-engine-cs' is not installed, so not removed 30 | Package 'docker' is not installed, so not removed 31 | Package 'docker-compose' is not installed, so not removed 32 | Package 'docker-registry' is not installed, so not removed 33 | Package 'docker2aci' is not installed, so not removed 34 | Package 'docker-doc' is not installed, so not removed 35 | Package 'docker-engine' is not installed, so not removed 36 | The following packages were automatically installed and are no longer required: 37 | bridge-utils conntrack cri-tools ebtables pigz runc socat ubuntu-fan 38 | Use 'apt autoremove' to remove them. 39 | The following packages will be REMOVED: 40 | containerd docker.io kubeadm kubectl kubelet kubernetes-cni 41 | ..... 42 | .... 43 | .... 44 | ### Execute the command below in Worker Nodes ### 45 | cks cluster join --master 172.31.118.222:6443 --token ppblkq.6uafwx1q03m0cxbq --ca-hash sha256:03466f37be5072fa68d84f156a1f68ce2e19d2e3f24833674263fa65b724acf9 46 | ``` 47 | 48 |
49 | 50 | 51 | **Install worker node** 52 | 53 | Identify your worker machine(s) and run 54 | 55 | ``` 56 | $ cks cluster install-worker 57 | 58 | ``` 59 | 60 |
61 | Result 62 | 63 | ``` 64 | Reading package lists... 65 | Building dependency tree... 66 | Reading state information... 67 | bash-completion is already the newest version (1:2.10-1ubuntu1). 68 | binutils is already the newest version (2.34-6ubuntu1.1). 69 | 0 upgraded, 0 newly installed, 0 to remove and 26 not upgraded. 70 | Reading package lists... 71 | Building dependency tree... 72 | Reading state information... 73 | Package 'docker-engine-cs' is not installed, so not removed 74 | Package 'docker' is not installed, so not removed 75 | Package 'docker-compose' is not installed, so not removed 76 | Package 'docker-registry' is not installed, so not removed 77 | Package 'docker2aci' is not installed, so not removed 78 | Package 'docker-doc' is not installed, so not removed 79 | Package 'containerd.io' is not installed, so not removed 80 | Package 'docker-ce-cli' is not installed, so not removed 81 | Package 'docker-ce-rootless-extras' is not installed, so not removed 82 | Package 'docker-ce' is not installed, so not removed 83 | Package 'docker-scan-plugin' is not installed, so not removed 84 | Package 'docker-engine' is not installed, so not removed 85 | The following packages were automatically installed and are no longer required: 86 | bridge-utils conntrack cri-tools ebtables pigz runc socat ubuntu-fan 87 | Use 'apt autoremove' to remove them. 88 | ..... 89 | .... 90 | ... 91 | ``` 92 | 93 |
94 | 95 | 96 | **worker joins a master** 97 | 98 | Join the master ( run it in worker(s)) 99 | ``` 100 | $ cks cluster join --master : --token --ca-hash 101 | 102 | ``` 103 | 104 | example: 105 | 106 | ``` 107 | cks cluster join --master 172.31.118.222:6443 --token ppblkq.6uafwx1q03m0cxbq --ca-hash sha256:03466f37be5072fa68d84f156a1f68ce2e19d2e3f24833674263fa65b724acf9 108 | ``` 109 | 110 |
111 | Result 112 | ``` 113 | cks cluster join --master 172.31.118.222:6443 --token ppblkq.6uafwx1q03m0cxbq --ca-hash sha256:03466f37be5072fa68d84f156a1f68ce2e19d2e3f24833674263fa65b724acf9 114 | [preflight] Running pre-flight checks 115 | [preflight] Reading configuration from the cluster... 116 | [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml' 117 | [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" 118 | [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" 119 | [kubelet-start] Starting the kubelet 120 | [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap... 121 | This node has joined the cluster: 122 | * Certificate signing request was sent to apiserver and a response was received. 123 | * The Kubelet was informed of the new secure connection details. 124 | Run 'kubectl get nodes' on the control-plane to see this node join the cluster 125 | ``` 126 |
127 | 128 | ## Falco 129 | 130 | **install falco** 131 | 132 | Identify one of your worker nodes and install falco 133 | 134 | ``` 135 | $ cks falco install 136 | 137 | ``` 138 | 139 |
140 | Result 141 | 142 | ``` 143 | ... 144 | .... 145 | .... 146 | 147 | ``` 148 | 149 |
150 | 151 | 152 | **Follow falco tutorial** 153 | 154 | Enjoy a falco tutorial step by step 155 | 156 | ``` 157 | $ cks falco tuto 158 | 159 | ``` 160 | 161 |
162 | Result 163 | 164 | ``` 165 | ____ _ ____ _____ 166 | / ___| / \ | _ \_ _| 167 | \___ \ / _ \ | |_) || | 168 | ___) / ___ \| _ < | | 169 | |____/_/ \_\_| \_\|_| 170 | ### Create Namespace for the demo ### 171 | 172 | kubectl create ns demo-falco 173 | 174 | # Are you done? [y/n]: 175 | ...... 176 | ..... 177 | .... 178 | _____ _ _ ____ 179 | | ____| \ | | _ \ 180 | | _| | \| | | | | 181 | | |___| |\ | |_| | 182 | |_____|_| \_|____/ 183 | ### Clean up namespace 184 | 185 | kubectl delete ns demo-falco 186 | 187 | 188 | ## check another advanced tuto in this link : 189 | https://k8s.tn/rdiL4i 190 | 191 | # Clean up done? [y/n]: y 192 | END of Falco Tuto - Congrats! 193 | 194 | ``` 195 | 196 |
197 | -------------------------------------------------------------------------------- /mkdocs.yml: -------------------------------------------------------------------------------- 1 | site_name: CKS CLI 2 | site_url: https://cks.kubernetes.tn 3 | site_description: A Simple and Comprehensive CLI to prepare for CKS exam 4 | docs_dir: docs/ 5 | repo_name: GitHub 6 | repo_url: https://github.com/kubernetes-tn/cks-cli 7 | edit_uri: "" 8 | 9 | nav: 10 | - HOME: index.md 11 | - Getting started: 12 | - Overview: getting-started/overview.md 13 | - Installation: getting-started/installation.md 14 | - Quick Start: getting-started/quickstart.md 15 | # - Troubleshooting: getting-started/troubleshooting.md 16 | # - Further Reading: getting-started/further.md 17 | # - Credits: getting-started/credit.md 18 | - Reference: 19 | - CLI: 20 | - Overview: getting-started/cli/index.md 21 | - Cluster: getting-started/cli/cluster.md 22 | - Falco: getting-started/cli/falco.md 23 | # - Config: getting-started/cli/config.md 24 | # - Filesystem: getting-started/cli/fs.md 25 | # - Repository: getting-started/cli/repo.md 26 | # - Client: getting-started/cli/client.md 27 | # - Server: getting-started/cli/server.md 28 | # - Vulnerability: 29 | # - Scanning: 30 | # - Overview: vulnerability/scanning/index.md 31 | # - Container Image: vulnerability/scanning/image.md 32 | # - Filesystem: vulnerability/scanning/filesystem.md 33 | # - Git Repository: vulnerability/scanning/git-repository.md 34 | # - Detection: 35 | # - OS Packages: vulnerability/detection/os.md 36 | # - Language-specific Packages: vulnerability/detection/language.md 37 | # - Data Sources: vulnerability/detection/data-source.md 38 | # - Supported: vulnerability/detection/supported.md 39 | # - Examples: 40 | # - Vulnerability Filtering: vulnerability/examples/filter.md 41 | # - Report Formats: vulnerability/examples/report.md 42 | # - Vulnerability DB: vulnerability/examples/db.md 43 | # - Cache: vulnerability/examples/cache.md 44 | # - Others: vulnerability/examples/others.md 45 | # - Misconfiguration: 46 | # - Scanning: 47 | # - Overview: misconfiguration/index.md 48 | # - Infrastructure as Code: misconfiguration/iac.md 49 | # - Filesystem: misconfiguration/filesystem.md 50 | # - Policy: 51 | # - Built-in Policies: misconfiguration/policy/builtin.md 52 | # - Exceptions: misconfiguration/policy/exceptions.md 53 | # - Custom Policies: 54 | # - Overview: misconfiguration/custom/index.md 55 | # - Data: misconfiguration/custom/data.md 56 | # - Combine: misconfiguration/custom/combine.md 57 | # - Testing: misconfiguration/custom/testing.md 58 | # - Debugging Policies: misconfiguration/custom/debug.md 59 | # - Examples: misconfiguration/custom/examples.md 60 | # - Options: 61 | # - Policy: misconfiguration/options/policy.md 62 | # - Filtering: misconfiguration/options/filter.md 63 | # - Report Formats: misconfiguration/options/report.md 64 | # - Others: misconfiguration/options/others.md 65 | # - Comparison: 66 | # - vs Conftest: misconfiguration/comparison/conftest.md 67 | # - vs tfsec: misconfiguration/comparison/tfsec.md 68 | - Advanced: 69 | - Overview: advanced/index.md 70 | # - Plugins: advanced/plugins.md 71 | # - Air-Gapped Environment: advanced/air-gap.md 72 | # - Integrations: 73 | # - Overview: advanced/integrations/index.md 74 | # - GitHub Actions: advanced/integrations/github-actions.md 75 | # - CircleCI: advanced/integrations/circleci.md 76 | # - Travis CI: advanced/integrations/travis-ci.md 77 | # - GitLab CI: advanced/integrations/gitlab-ci.md 78 | # - AWS CodePipeline: advanced/integrations/aws-codepipeline.md 79 | # - AWS Security Hub: advanced/integrations/aws-security-hub.md 80 | # - Container Image: 81 | # - Embed in Dockerfile: advanced/container/embed-in-dockerfile.md 82 | # - Unpacked container image filesystem: advanced/container/unpacked-filesystem.md 83 | # - OCI Image: advanced/container/oci.md 84 | # - Podman: advanced/container/podman.md 85 | # - Private Docker Registries: 86 | # - Overview: advanced/private-registries/index.md 87 | # - Docker Hub: advanced/private-registries/docker-hub.md 88 | # - AWS ECR (Elastic Container Registry): advanced/private-registries/ecr.md 89 | # - GCR (Google Container Registry): advanced/private-registries/gcr.md 90 | # - Self-Hosted: advanced/private-registries/self.md 91 | # - Modes: 92 | # - Standalone: advanced/modes/standalone.md 93 | # - Client/Server: advanced/modes/client-server.md 94 | - Maintainer: 95 | - Help Wanted: advanced/contrib/help-wanted.md 96 | # - Triage: advanced/contrib/triage.md 97 | 98 | theme: 99 | name: material 100 | language: 'en' 101 | logo: img/logo-white.png 102 | custom_dir: docs/overrides 103 | features: 104 | - navigation.tabs 105 | - navigation.tabs.sticky 106 | - navigation.sections 107 | 108 | markdown_extensions: 109 | - meta 110 | - pymdownx.highlight 111 | - pymdownx.superfences 112 | - admonition 113 | - footnotes 114 | - attr_list 115 | - pymdownx.tabbed 116 | - def_list 117 | - pymdownx.details 118 | - pymdownx.emoji: 119 | emoji_index: !!python/name:materialx.emoji.twemoji 120 | emoji_generator: !!python/name:materialx.emoji.to_svg 121 | 122 | extra: 123 | generator: false 124 | version: 125 | method: mike 126 | provider: mike 127 | 128 | plugins: 129 | - search 130 | - macros 131 | - minify: 132 | minify_html: true 133 | 134 | # Customization 135 | extra: 136 | manifest: manifest.webmanifest 137 | analytics: 138 | provider: google 139 | property: !ENV GOOGLE_ANALYTICS_KEY 140 | social: 141 | - icon: fontawesome/brands/github 142 | link: https://github.com/kubernetes-tn 143 | - icon: fontawesome/brands/docker 144 | link: https://hub.docker.com/r/abdennour/ 145 | - icon: fontawesome/brands/linkedin 146 | link: https://linkedin.com/in/abdennour/ 147 | copyright: Copyright © 2021 - 2022 kubernetes.tn 148 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | --------------------------------------------------------------------------------