├── .gitignore
├── .gitmodules
├── 00-namespaces
├── my-namespace.yaml
├── resource-quota-lights.yaml
└── resource-quota.yaml
├── 01-pods
├── Readme.md
├── git-repo-pod.yaml
├── kuard-new.yaml
├── kuard.yaml
├── kuard_health.yaml
├── kuard_resource.yaml
├── kuard_volume.yaml
├── nginx-antiaffinity.yaml
├── nginx-nodeselector.yaml
├── pvc-pod.yaml
└── redis-antiaffinity-deployment.yaml
├── 02-deployments
├── 01.1-replication-controller.yaml
├── 02-1.rs-pod.yaml
├── 02-replicationset.yaml
├── 03.01-deployment.yaml
├── 03.02-deployment.yaml
├── 03.03-deployment.yaml
├── 04-deployment.yaml
├── 04.01-deployment.yaml
├── 04.02-deployment.yaml
├── ReadMe
├── bluegreen
│ ├── ReadMe
│ ├── app-v1.yaml
│ └── app-v2.yaml
├── canary
│ └── without-istio
│ │ ├── ReadMe
│ │ ├── app-v1.yaml
│ │ └── app-v2.yaml
├── random.yaml
└── rollingupdate
│ └── nginx-dpl.yaml
├── 03-other-specs
├── cassandra-pvc.yaml
├── cassandra-statefulset.yaml
├── deployment_kuard.yaml
├── deployment_kuard_health.yaml
├── fluentd_elk.yaml
├── jobs
│ └── 01-cronjob.yaml
├── kuard.yaml
├── kuard_replica_set.yaml
├── kuard_selector_replica_set.yaml
├── stateful_sets.yaml
└── svc_dep_kuard.yaml
├── 04-labels
├── .Readme.md.swp
├── 1_kuard.yaml
├── 2_kuard.yaml
└── Readme.md
├── 05-configmaps
├── apikey.txt
├── env-configmap.yaml
├── env-pod.yaml
├── kuard.crt
├── kuard.key
├── kuard.yaml
├── kuard_tls.yaml
├── log4j.xml
└── my-config.txt
├── 06-services
├── ReadMe.md
├── external
│ ├── ReadMe.md
│ ├── external_endpoint.yaml
│ └── external_service.yaml
├── ingress
│ ├── ReadMe.md
│ ├── context
│ │ ├── Readme.md
│ │ ├── ingress-tls-forcehttps.yaml
│ │ ├── ingress-tls-nginx.yaml
│ │ ├── ingress-tls.yaml
│ │ ├── web-v1-fixed.yaml
│ │ ├── web-v1-svc.yaml
│ │ ├── web-v1.yaml
│ │ ├── web-v2-fixed.yaml
│ │ ├── web-v2-svc.yaml
│ │ └── web-v2.yaml
│ ├── kuard-deployment.yaml
│ ├── kuard-dpl-svc.yaml
│ ├── kuard-ingress-static.yaml
│ ├── kuard-ingress.yaml
│ └── nginx-ingress
│ │ ├── Readme.md
│ │ ├── ingress-tls.yaml
│ │ ├── web-v1-fixed.yaml
│ │ ├── web-v1-svc.yaml
│ │ ├── web-v2-fixed.yaml
│ │ └── web-v2-svc.yaml
└── intro
│ ├── ReadMe.md
│ ├── headless
│ ├── Readme.md
│ ├── cassandra-statefulset.yaml
│ └── cassandra-svc.yaml
│ ├── kuard-deployment.yaml
│ ├── kuard-dpl-svc-lb-onlylocal.yaml
│ ├── kuard-dpl-svc-lb.yaml
│ ├── kuard-dpl-svc.yaml
│ ├── kuard-pod-svc-lb.yaml
│ ├── kuard-pod-svc-np.yaml
│ ├── kuard-pod-svc.yaml
│ └── kuard-pod.yaml
├── 07-ingress
└── ingress.yaml
├── 08-storage
├── auto-extends
│ ├── 01-pvc.yaml
│ ├── 01-storageclass.yaml
│ └── ReadMe.md
├── intro
│ ├── 01-2-emptydir-pod.yaml
│ ├── 01-3-emptydir-pod.yaml
│ ├── 01-4-emptydir-pod.yaml
│ ├── 01-emptydir-pod.yaml
│ ├── 02-emptydir-memory.yaml
│ ├── 04-downwardapi.yaml
│ ├── Readme.md
│ └── mysql.conn
├── portability
│ ├── 01-nfs-dp.yaml
│ ├── 01-nfs-pv-pvc.yaml
│ ├── 02-gcpd-pv-pvc.yaml
│ ├── Readme.md
│ ├── pvselector
│ │ ├── 01-gcpd-pv-pvc.yaml
│ │ ├── 02-gcpd-pv-pvc.yaml
│ │ └── Readme.md
│ └── storageclass
│ │ ├── 01-gcpd-pv-pvc.yaml
│ │ ├── 02-gcpd-pv-pvc.yaml
│ │ ├── Readme.md
│ │ ├── change-sc
│ │ ├── Readme.md
│ │ ├── redis-master-ssd-transition.yaml
│ │ ├── redis-master.yaml
│ │ └── redis-ssd-after-transition.yaml
│ │ ├── pvc-data-with-pv.yaml
│ │ ├── specific-pv.yaml
│ │ ├── storage-sdd-retain.yaml
│ │ └── storage-sdd.yaml
└── remotestorage
│ ├── 01-2-gce-pd.yaml
│ ├── 01-3-gce-pd.yaml
│ ├── 01-gce-pd.yaml
│ ├── 02-nfs-pd.yaml
│ └── Readme.md
├── 09-crd
└── 01-crd.yaml
├── 10-ks8-packaging
└── 01-helm
│ ├── 01-installation
│ └── Readme.md
│ ├── 02-prometheus
│ └── .Readme.md.swp
│ └── 03-customapp
│ ├── Readme.md
│ └── k8s-app
│ ├── .helmignore
│ ├── Chart.yaml
│ ├── templates
│ ├── NOTES.txt
│ ├── _helpers.tpl
│ ├── deployment.yaml
│ ├── ingress.yaml
│ └── service.yaml
│ └── values.yaml
├── LICENSE
└── README.md
/.gitignore:
--------------------------------------------------------------------------------
1 | # Compiled class file
2 | *.class
3 |
4 | # Log file
5 | *.log
6 |
7 | # BlueJ files
8 | *.ctxt
9 |
10 | # Mobile Tools for Java (J2ME)
11 | .mtj.tmp/
12 |
13 | # Package Files #
14 | *.jar
15 | *.war
16 | *.ear
17 | *.zip
18 | *.tar.gz
19 | *.rar
20 |
21 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
22 | hs_err_pid*
23 | *.key
24 | *.crt
25 |
26 |
--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "10-ks8-packaging/01-helm/02-prometheus/prometheus"]
2 | path = 10-ks8-packaging/01-helm/02-prometheus/prometheus
3 | url = https://github.com/Pamir/devfestistanbul2018
4 | [submodule "10-ks8-packaging/01-helm/04-repo/helm-gcs"]
5 | path = 10-ks8-packaging/01-helm/04-repo/helm-gcs
6 | url = https://github.com/viglesiasce/helm-gcs
7 |
--------------------------------------------------------------------------------
/00-namespaces/my-namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: my-namespace
5 | labels:
6 | name: my-namespace
7 | creator: pamir
--------------------------------------------------------------------------------
/00-namespaces/resource-quota-lights.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: quota
5 | spec:
6 | hard:
7 | pods: "2"
8 |
--------------------------------------------------------------------------------
/00-namespaces/resource-quota.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ResourceQuota
3 | metadata:
4 | name: quota
5 | spec:
6 | hard:
7 | cpu: "20"
8 | memory: 1Gi
9 | pods: "1"
10 | replicationcontrollers: "2"
11 | resourcequotas: "2"
12 | services: "2"
13 |
--------------------------------------------------------------------------------
/01-pods/Readme.md:
--------------------------------------------------------------------------------
1 | https://www.mirantis.com/blog/multi-container-pods-and-container-communication-in-kubernetes/
2 | https://kubernetes.io/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume/
3 | https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
4 | https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
5 |
--------------------------------------------------------------------------------
/01-pods/git-repo-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: gitrepo-volume-pod
5 | spec:
6 | containers:
7 | - image: nginx:alpine
8 | name: web-server
9 | volumeMounts:
10 | - name: html
11 | mountPath: /usr/share/nginx/html
12 | readOnly: true
13 | ports:
14 | - containerPort: 80
15 | protocol: TCP
16 | volumes:
17 | - name: html
18 | gitRepo:
19 | repository: https://github.com/luksa/kubia-website-example.git
20 | revision: master
21 | directory: .
22 |
--------------------------------------------------------------------------------
/01-pods/kuard-new.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.3
8 | name: kuardnew
9 | spec:
10 | containers:
11 | - image: gcr.io/kuar-demo/kuard-amd64:1
12 | imagePullPolicy: IfNotPresent
13 | name: kuardnew
14 | ports:
15 | - containerPort: 8080
16 | name: http
17 | protocol: TCP
18 | resources: {}
19 | dnsPolicy: ClusterFirst
20 | restartPolicy: Never
21 |
--------------------------------------------------------------------------------
/01-pods/kuard.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.2
8 | name: kuard
9 | spec:
10 | containers:
11 | - image: gcr.io/kuar-demo/kuard-amd64:1
12 | imagePullPolicy: IfNotPresent
13 | name: kuard
14 | ports:
15 | - containerPort: 8080
16 | name: http
17 | protocol: TCP
18 | resources: {}
19 | dnsPolicy: ClusterFirst
20 | restartPolicy: Never
21 |
--------------------------------------------------------------------------------
/01-pods/kuard_health.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.1
8 | name: kuard
9 | spec:
10 | containers:
11 | - image: gcr.io/kuar-demo/kuard-amd64:1
12 | imagePullPolicy: IfNotPresent
13 | name: kuard
14 | livenessProbe:
15 | httpGet:
16 | path: /healthy
17 | port: 8080
18 | initialDelaySeconds: 5
19 | timeoutSeconds: 1
20 | periodSeconds: 10
21 | failureThreshold: 3
22 | readinessProbe:
23 | httpGet:
24 | path: /ready
25 | port: 8080
26 | timeoutSeconds: 1
27 | periodSeconds: 10
28 | initialDelaySeconds: 30
29 | ports:
30 | - containerPort: 8080
31 | name: http
32 | protocol: TCP
33 | resources: {}
34 | dnsPolicy: ClusterFirst
35 | restartPolicy: OnFailure
--------------------------------------------------------------------------------
/01-pods/kuard_resource.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.1
8 | name: kuard
9 | spec:
10 | containers:
11 | - image: gcr.io/kuar-demo/kuard-amd64:1
12 | imagePullPolicy: IfNotPresent
13 | name: kuard
14 | resources:
15 | requests:
16 | memory: "1024Mi"
17 | cpu: "1000m"
18 | limits:
19 | memory: "1024Mi"
20 | cpu: "1000m"
21 | ports:
22 | - containerPort: 8080
23 | name: http
24 | protocol: TCP
25 | resources: {}
26 | dnsPolicy: ClusterFirst
27 | restartPolicy: OnFailure
28 |
--------------------------------------------------------------------------------
/01-pods/kuard_volume.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.1
8 | name: kuard
9 | spec:
10 | volumes:
11 | - name: "kuard-data"
12 | hostPath:
13 | path: /var/lib
14 | containers:
15 | - image: gcr.io/kuar-demo/kuard-amd64:1
16 | imagePullPolicy: IfNotPresent
17 | name: kuard
18 | resources:
19 | requests:
20 | cpu: "500m"
21 | memory: "128Mi"
22 | limits:
23 | cpu: "1000m"
24 | memory: "1024Mi"
25 | volumeMounts:
26 | - mountPath: "/data"
27 | name: "kuard-data"
28 | ports:
29 | - containerPort: 8080
30 | name: http
31 | protocol: TCP
32 | resources: {}
33 | dnsPolicy: ClusterFirst
34 | restartPolicy: OnFailure
35 |
--------------------------------------------------------------------------------
/01-pods/nginx-antiaffinity.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | name: nginx
5 | spec:
6 | replicas: 3
7 | template:
8 | metadata:
9 | labels:
10 | app: nginx
11 | spec:
12 | affinity:
13 | podAntiAffinity:
14 | #requiredDuringSchedulingIgnoredDuringExecution:
15 | preferredDuringSchedulingIgnoredDuringExecution:
16 | - weight: 100
17 | podAffinityTerm:
18 | labelSelector:
19 | matchExpressions:
20 | - key: app
21 | operator: In
22 | values:
23 | - nginx
24 | topologyKey: kubernetes.io/hostname
25 | containers:
26 | - name: nginx
27 | image: gcr.io/google_containers/nginx-slim:0.8
28 | ports:
29 | - containerPort: 80
30 |
--------------------------------------------------------------------------------
/01-pods/nginx-nodeselector.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: nginx
5 | labels:
6 | env: test
7 | spec:
8 | containers:
9 | - name: nginx
10 | image: nginx
11 | imagePullPolicy: IfNotPresent
12 | nodeSelector:
13 | cpu: kotu
14 |
--------------------------------------------------------------------------------
/01-pods/pvc-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: my-site
5 | spec:
6 | containers:
7 | - name: mysql
8 | image: mysql
9 | volumeMounts:
10 | - mountPath: /var/lib/mysql
11 | name: site-data
12 | subPath: mysql
13 | - name: php
14 | image: php
15 | volumeMounts:
16 | - mountPath: /var/www/html
17 | name: site-data
18 | subPath: html
19 | volumes:
20 | - name: site-data
21 | persistentVolumeClaim:
22 | claimName: my-site-data
23 |
--------------------------------------------------------------------------------
/01-pods/redis-antiaffinity-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: redis-cache
5 | spec:
6 | selector:
7 | matchLabels:
8 | app: store
9 | replicas: 3
10 | template:
11 | metadata:
12 | labels:
13 | app: store
14 | spec:
15 | affinity:
16 | podAntiAffinity:
17 | requiredDuringSchedulingIgnoredDuringExecution:
18 | - labelSelector:
19 | matchExpressions:
20 | - key: app
21 | operator: In
22 | values:
23 | - store
24 | topologyKey: "kubernetes.io/hostname"
25 | containers:
26 | - name: redis-server
27 | image: redis:3.2-alpine
28 |
--------------------------------------------------------------------------------
/02-deployments/01.1-replication-controller.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ReplicationController
3 | metadata:
4 | name: nginx
5 | spec:
6 | replicas: 3
7 | selector:
8 | app: nginx
9 | template:
10 | metadata:
11 | name: nginx
12 | labels:
13 | app: nginx
14 | spec:
15 | containers:
16 | - name: nginx
17 | image: nginx
18 | ports:
19 | - containerPort: 80
20 |
--------------------------------------------------------------------------------
/02-deployments/02-1.rs-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | app: guestbook
6 | tier: frontend
7 | name: frontend-pamir
8 | spec:
9 | containers:
10 | - env:
11 | - name: GET_HOSTS_FROM
12 | value: dns
13 | image: gcr.io/google_samples/gb-frontend:v3
14 | imagePullPolicy: IfNotPresent
15 | name: php-redis
16 | ports:
17 | - containerPort: 80
18 | protocol: TCP
19 | resources:
20 | requests:
21 | cpu: 100m
22 | memory: 100Mi
23 | dnsPolicy: ClusterFirst
24 |
--------------------------------------------------------------------------------
/02-deployments/02-replicationset.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: ReplicaSet
3 | metadata:
4 | name: frontend
5 | labels:
6 | app: guestbook
7 | tier: frontend
8 | spec:
9 | # modify replicas according to your case
10 | replicas: 3
11 | selector:
12 | #matchLabels:
13 | # tier: frontend
14 | matchExpressions:
15 | - {key: tier, operator: In, values: [frontend]}
16 | template:
17 | metadata:
18 | labels:
19 | app: guestbook
20 | tier: frontend
21 | spec:
22 | containers:
23 | - name: php-redis
24 | image: gcr.io/google_samples/gb-frontend:v3
25 | resources:
26 | requests:
27 | cpu: 100m
28 | memory: 100Mi
29 | env:
30 | - name: GET_HOSTS_FROM
31 | value: dns
32 | # If your cluster config does not include a dns service, then to
33 | # instead access environment variables to find service host
34 | # info, comment out the 'value: dns' line above, and uncomment the
35 | # line below.
36 | # value: env
37 | ports:
38 | - containerPort: 80
39 |
--------------------------------------------------------------------------------
/02-deployments/03.01-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: frontend
5 | labels:
6 | app: guestbook
7 | tier: frontend
8 | spec:
9 | # modify replicas according to your case
10 | replicas: 3
11 | selector:
12 | #matchLabels:
13 | # tier: frontend
14 | matchExpressions:
15 | - {key: tier, operator: In, values: [frontend]}
16 | template:
17 | metadata:
18 | labels:
19 | app: guestbook
20 | tier: frontend
21 | spec:
22 | containers:
23 | - name: php-redis
24 | image: gcr.io/google_samples/gb-frontend:v3
25 | resources:
26 | requests:
27 | cpu: 100m
28 | memory: 100Mi
29 | env:
30 | - name: GET_HOSTS_FROM
31 | value: dns
32 | # If your cluster config does not include a dns service, then to
33 | # instead access environment variables to find service host
34 | # info, comment out the 'value: dns' line above, and uncomment the
35 | # line below.
36 | # value: env
37 | ports:
38 | - containerPort: 80
39 |
--------------------------------------------------------------------------------
/02-deployments/03.02-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: frontend
5 | labels:
6 | app: guestbook
7 | tier: frontend
8 | spec:
9 | # modify replicas according to your case
10 | replicas: 3
11 | selector:
12 | #matchLabels:
13 | # tier: frontend
14 | matchExpressions:
15 | - {key: tier, operator: In, values: [frontend]}
16 | template:
17 | metadata:
18 | labels:
19 | app: guestbook
20 | tier: frontend
21 | spec:
22 | containers:
23 | - name: php-redis
24 | image: gcr.io/google_samples/gb-frontend:v2
25 | resources:
26 | requests:
27 | cpu: 100m
28 | memory: 100Mi
29 | env:
30 | - name: GET_HOSTS_FROM
31 | value: dns
32 | # If your cluster config does not include a dns service, then to
33 | # instead access environment variables to find service host
34 | # info, comment out the 'value: dns' line above, and uncomment the
35 | # line below.
36 | # value: env
37 | ports:
38 | - containerPort: 80
39 |
--------------------------------------------------------------------------------
/02-deployments/03.03-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: frontend
5 | labels:
6 | app: guestbook
7 | tier: frontend
8 | spec:
9 | # modify replicas according to your case
10 | replicas: 3
11 | selector:
12 | #matchLabels:
13 | # tier: frontend
14 | matchExpressions:
15 | - {key: tier, operator: In, values: [frontend]}
16 | template:
17 | metadata:
18 | labels:
19 | app: guestbook
20 | tier: frontend
21 | spec:
22 | containers:
23 | - name: php-redis
24 | image: gcr.io/google_samples/gb-frontend:v1
25 | resources:
26 | requests:
27 | cpu: 100m
28 | memory: 100Mi
29 | env:
30 | - name: GET_HOSTS_FROM
31 | value: dns
32 | # If your cluster config does not include a dns service, then to
33 | # instead access environment variables to find service host
34 | # info, comment out the 'value: dns' line above, and uncomment the
35 | # line below.
36 | # value: env
37 | ports:
38 | - containerPort: 80
39 |
--------------------------------------------------------------------------------
/02-deployments/04-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | app: guestbook
6 | tier: frontend
7 | name: frontend
8 | namespace: default
9 | spec:
10 | progressDeadlineSeconds: 600
11 | replicas: 10
12 | revisionHistoryLimit: 10
13 | selector:
14 | matchExpressions:
15 | - key: tier
16 | operator: In
17 | values:
18 | - frontend
19 | strategy:
20 | type: Recreate
21 | template:
22 | metadata:
23 | creationTimestamp: null
24 | labels:
25 | app: guestbook
26 | tier: frontend
27 | spec:
28 | containers:
29 | - env:
30 | - name: GET_HOSTS_FROM
31 | value: dns
32 | image: gcr.io/google_samples/gb-frontend:v2
33 | imagePullPolicy: IfNotPresent
34 | name: php-redis
35 | ports:
36 | - containerPort: 80
37 | protocol: TCP
38 | resources:
39 | requests:
40 | cpu: 100m
41 | memory: 100Mi
42 | terminationMessagePath: /dev/termination-log
43 | terminationMessagePolicy: File
44 | dnsPolicy: ClusterFirst
45 | restartPolicy: Always
46 | schedulerName: default-scheduler
47 | securityContext: {}
48 | terminationGracePeriodSeconds: 30
49 |
--------------------------------------------------------------------------------
/02-deployments/04.01-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | app: guestbook
6 | tier: frontend
7 | name: frontend
8 | namespace: default
9 | spec:
10 | progressDeadlineSeconds: 600
11 | replicas: 10
12 | revisionHistoryLimit: 10
13 | selector:
14 | matchExpressions:
15 | - key: tier
16 | operator: In
17 | values:
18 | - frontend
19 | strategy:
20 | rollingUpdate:
21 | maxSurge: 100%
22 | maxUnavailable: 25%
23 | type: RollingUpdate
24 | template:
25 | metadata:
26 | creationTimestamp: null
27 | labels:
28 | app: guestbook
29 | tier: frontend
30 | spec:
31 | containers:
32 | - env:
33 | - name: GET_HOSTS_FROM
34 | value: dns
35 | image: gcr.io/google_samples/gb-frontend:v2
36 | imagePullPolicy: IfNotPresent
37 | name: php-redis
38 | ports:
39 | - containerPort: 80
40 | protocol: TCP
41 | resources:
42 | requests:
43 | cpu: 100m
44 | memory: 100Mi
45 | terminationMessagePath: /dev/termination-log
46 | terminationMessagePolicy: File
47 | dnsPolicy: ClusterFirst
48 | restartPolicy: Always
49 | schedulerName: default-scheduler
50 | securityContext: {}
51 | terminationGracePeriodSeconds: 30
52 |
--------------------------------------------------------------------------------
/02-deployments/04.02-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | app: guestbook
6 | tier: frontend
7 | name: frontend
8 | namespace: default
9 | spec:
10 | progressDeadlineSeconds: 600
11 | replicas: 10
12 | revisionHistoryLimit: 10
13 | selector:
14 | matchExpressions:
15 | - key: tier
16 | operator: In
17 | values:
18 | - frontend
19 | strategy:
20 | type: Recreate
21 | template:
22 | metadata:
23 | creationTimestamp: null
24 | labels:
25 | app: guestbook
26 | tier: frontend
27 | spec:
28 | containers:
29 | - env:
30 | - name: GET_HOSTS_FROM
31 | value: dns
32 | image: gcr.io/google_samples/gb-frontend:v3
33 | imagePullPolicy: IfNotPresent
34 | name: php-redis
35 | ports:
36 | - containerPort: 80
37 | protocol: TCP
38 | resources:
39 | requests:
40 | cpu: 100m
41 | memory: 100Mi
42 | terminationMessagePath: /dev/termination-log
43 | terminationMessagePolicy: File
44 | dnsPolicy: ClusterFirst
45 | restartPolicy: Always
46 | schedulerName: default-scheduler
47 | securityContext: {}
48 | terminationGracePeriodSeconds: 30
49 |
--------------------------------------------------------------------------------
/02-deployments/ReadMe:
--------------------------------------------------------------------------------
1 | kubectl create -f 01-replication-controller.yaml
2 | kubectl get rc
3 | kubectl describe rc nginx
4 | kubectl delete rc nginx --cascade=false
5 | kubectl get pods
6 | kubectl delete pod nginx-xxxx
7 | kubectl get pods
8 | kubectl create -f 01-replication-controller.yaml
9 |
10 | # Deprecated
11 |
12 | kubectl rolling-update nginx nginx-v2 --image=nginx:1.8.1
13 | kubectl get pods
14 | kubectl get rc -w
15 |
16 | kubectl rolling-update nginx --image=nginx:xyz
17 | kubectl get pods
18 | kubectl rolling-update nginx --rollback
19 |
20 |
21 | kubectl delete rc nginx
22 |
23 | ## End Deprecated
24 |
25 | # ReplicationSet
26 |
27 | kubectl apply -f 02-replicationset.yaml
28 | kubectl get events -w
29 | kubectl get rs -w
30 | kubectl apply -f 02-1.rs-pod.yaml
31 |
32 | #Deployments
33 |
34 | kubectl apply -f 03-deployment.yaml
35 | kubectl apply -f 03.01-deployment.yaml
36 | kubectl rollout history deploy/frontend
37 | kubectl rollout undo deploy/frontend --to-revision=1
38 |
39 | # recording deployment
40 | kubectl apply -f 03.01-deployment.yaml --record
41 | kubectl apply -f 03.02-deployment.yaml --record
42 | kubectl apply -f 03.01-deployment.yaml --record
43 | kubectl rollout history deploy/frontend
44 | kubectl rollout undo deploy/frontend --to-revision=1
45 | kubectl rollout history deploy/frontend --revision=8
46 | #what is changed from the previos version
47 |
48 |
49 |
50 | # deployment internals
51 | kubectl get rs
52 | kubectl get rs frontend-788d978f9b -o yaml | grep hash
53 | # pod-template-hash: kismina bak. Burayi her deployment rs in podTemplate i alip hashleyerek koyar
54 |
55 | kubectl set image deployment/frontend php-redis=gcr.io/google_samples/gb-frontend:v2
56 | kubectl rollout history deploy/frontend
57 | kubectl set image deployment/frontend php-redis=gcr.io/google_samples/gb-frontend:v1 --record
58 | kubectl rollout history deploy/frontend
59 | kubectl edit deployment frontend --record
60 | kubectl rollout undo deploy/frontend --to-revision=5
61 |
62 |
63 | # deployment parameters
64 | kubectl scale deployment fronted --replicas=10
65 |
66 | #chnage maxSurge
67 | kubectl apply -f 04-deployment.yaml
68 | #change maxUnavailable
69 | kubectl apply -f 04.01-deployment.yaml
70 |
71 | #change strategy type to recreate
72 | kubectl get pods
73 |
74 |
75 |
--------------------------------------------------------------------------------
/02-deployments/bluegreen/ReadMe:
--------------------------------------------------------------------------------
1 | kubectl create ns bluegreen
2 | kubectl apply -f app-v1.yaml
3 | kubectl run --restart=Never --image=raesene/alpine-nettools nettools
4 | kubectl exec -it nettools -- /bin/sh
5 | while true; do curl http://my-app.bluegreen; done
6 |
7 | kubectl apply -f app-v2.yaml
8 | kubectl get pods -n bluegreen
9 | kubectl patch service my-app -n bluegreen -p '{"spec":{"selector":{"version":"v2.0.0"}}}'
10 |
11 | kubectl delete ns bluegreen
12 | kubectl delete pod nettools
--------------------------------------------------------------------------------
/02-deployments/bluegreen/app-v1.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: my-app
5 | namespace: bluegreen
6 | labels:
7 | app: my-app
8 | spec:
9 | type: NodePort
10 | ports:
11 | - name: http
12 | port: 80
13 | targetPort: http
14 |
15 | # Note here that we match both the app and the version
16 | selector:
17 | app: my-app
18 | version: v1.0.0
19 | ---
20 | apiVersion: apps/v1
21 | kind: Deployment
22 | metadata:
23 | name: my-app-v1
24 | namespace: bluegreen
25 | labels:
26 | app: my-app
27 | spec:
28 | replicas: 3
29 | selector:
30 | matchLabels:
31 | app: my-app
32 | version: v1.0.0
33 | template:
34 | metadata:
35 | labels:
36 | app: my-app
37 | version: v1.0.0
38 | annotations:
39 | prometheus.io/scrape: "true"
40 | prometheus.io/port: "9101"
41 | spec:
42 | containers:
43 | - name: my-app
44 | image: containersol/k8s-deployment-strategies
45 | ports:
46 | - name: http
47 | containerPort: 8080
48 | - name: probe
49 | containerPort: 8086
50 | env:
51 | - name: VERSION
52 | value: v1.0.0
53 | livenessProbe:
54 | httpGet:
55 | path: /live
56 | port: probe
57 | initialDelaySeconds: 5
58 | periodSeconds: 5
59 | readinessProbe:
60 | httpGet:
61 | path: /ready
62 | port: probe
63 | periodSeconds: 5
--------------------------------------------------------------------------------
/02-deployments/bluegreen/app-v2.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: my-app-v2
5 | namespace: bluegreen
6 | labels:
7 | app: my-app
8 | spec:
9 | replicas: 3
10 | selector:
11 | matchLabels:
12 | app: my-app
13 | version: v2.0.0
14 | template:
15 | metadata:
16 | labels:
17 | app: my-app
18 | version: v2.0.0
19 | annotations:
20 | prometheus.io/scrape: "true"
21 | prometheus.io/port: "9101"
22 | spec:
23 | containers:
24 | - name: my-app
25 | image: containersol/k8s-deployment-strategies
26 | ports:
27 | - name: http
28 | containerPort: 8080
29 | - name: probe
30 | containerPort: 8086
31 | env:
32 | - name: VERSION
33 | value: v2.0.0
34 | livenessProbe:
35 | httpGet:
36 | path: /live
37 | port: probe
38 | initialDelaySeconds: 5
39 | periodSeconds: 5
40 | readinessProbe:
41 | httpGet:
42 | path: /ready
43 | port: probe
44 | periodSeconds: 5
--------------------------------------------------------------------------------
/02-deployments/canary/without-istio/ReadMe:
--------------------------------------------------------------------------------
1 | kubectl create ns canary
2 | kubectl apply -f app-v1.yaml
3 |
4 | kubectl run --restart=Never --image=raesene/alpine-nettools nettools
5 | kubectl exec -it nettools -- /bin/sh
6 |
7 | while true; do curl http://my-app.canary; done
8 |
9 | kubectl apply -f app-v2.yaml
10 |
11 | kubectl scale deployment my-app-v2 -n canary --replicas=10
12 | kubectl scale deployment my-app-v1 -n canary --replicas=0
13 | kubectl get pods -n canary
14 |
15 |
16 | kubectl delete ns canary
17 |
--------------------------------------------------------------------------------
/02-deployments/canary/without-istio/app-v1.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: my-app
5 | namespace: canary
6 | labels:
7 | app: my-app
8 | spec:
9 | type: NodePort
10 | ports:
11 | - name: http
12 | port: 80
13 | targetPort: http
14 | selector:
15 | app: my-app
16 | ---
17 | apiVersion: apps/v1
18 | kind: Deployment
19 | metadata:
20 | name: my-app-v1
21 | namespace: canary
22 | labels:
23 | app: my-app
24 | spec:
25 | replicas: 10
26 | selector:
27 | matchLabels:
28 | app: my-app
29 | version: v1.0.0
30 | template:
31 | metadata:
32 | labels:
33 | app: my-app
34 | version: v1.0.0
35 | annotations:
36 | prometheus.io/scrape: "true"
37 | prometheus.io/port: "9101"
38 | spec:
39 | containers:
40 | - name: my-app
41 | image: containersol/k8s-deployment-strategies
42 | ports:
43 | - name: http
44 | containerPort: 8080
45 | - name: probe
46 | containerPort: 8086
47 | env:
48 | - name: VERSION
49 | value: v1.0.0
50 | livenessProbe:
51 | httpGet:
52 | path: /live
53 | port: probe
54 | initialDelaySeconds: 5
55 | periodSeconds: 5
56 | readinessProbe:
57 | httpGet:
58 | path: /ready
59 | port: probe
60 | periodSeconds: 5
--------------------------------------------------------------------------------
/02-deployments/canary/without-istio/app-v2.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: my-app-v2
5 | namespace: canary
6 | labels:
7 | app: my-app
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | app: my-app
13 | version: v2.0.0
14 | template:
15 | metadata:
16 | labels:
17 | app: my-app
18 | version: v2.0.0
19 | annotations:
20 | prometheus.io/scrape: "true"
21 | prometheus.io/port: "9101"
22 | spec:
23 | containers:
24 | - name: my-app
25 | image: containersol/k8s-deployment-strategies
26 | ports:
27 | - name: http
28 | containerPort: 8080
29 | - name: probe
30 | containerPort: 8086
31 | env:
32 | - name: VERSION
33 | value: v2.0.0
34 | livenessProbe:
35 | httpGet:
36 | path: /live
37 | port: probe
38 | initialDelaySeconds: 5
39 | periodSeconds: 5
40 | readinessProbe:
41 | httpGet:
42 | path: /ready
43 | port: probe
44 | periodSeconds: 5
--------------------------------------------------------------------------------
/02-deployments/random.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | app: nginx
6 | name: nginx-mutlu
7 | namespace: default
8 | spec:
9 | containers:
10 | - image: nginx
11 | imagePullPolicy: Always
12 | name: nginx
13 | ports:
14 | - containerPort: 80
15 | protocol: TCP
16 | resources:
17 | requests:
18 | cpu: 100m
19 | terminationMessagePath: /dev/termination-log
20 | terminationMessagePolicy: File
21 | dnsPolicy: ClusterFirst
22 | nodeName: gke-meetup-default-pool-0d57a9eb-2mxc
23 | serviceAccountName: default
24 | terminationGracePeriodSeconds: 30
25 |
--------------------------------------------------------------------------------
/02-deployments/rollingupdate/nginx-dpl.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | name: nginx-test
5 | spec:
6 | replicas: 5
7 | selector:
8 | matchLabels:
9 | service: http-server
10 | strategy:
11 | type: RollingUpdate
12 | rollingUpdate:
13 | maxSurge: 50%
14 | maxUnavailable: 1
15 | minReadySeconds: 5
16 | template:
17 | metadata:
18 | labels:
19 | service: http-server
20 | spec:
21 | containers:
22 | - name: nginx
23 | image: nginx:1.7.9
24 | imagePullPolicy: IfNotPresent
25 | ports:
26 | - containerPort: 80
27 |
--------------------------------------------------------------------------------
/03-other-specs/cassandra-pvc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolume
3 | metadata:
4 | name: cassandra-0
5 | spec:
6 | storageClassName: ""
7 | capacity:
8 | storage: 10G
9 | accessModes:
10 | - ReadWriteOnce
11 | gcePersistentDisk:
12 | pdName: cassandra-disk
13 | fsType: ext4
14 |
--------------------------------------------------------------------------------
/03-other-specs/cassandra-statefulset.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: "apps/v1beta1"
2 | kind: StatefulSet
3 | metadata:
4 | name: cassandra
5 | spec:
6 | serviceName: cassandra
7 | replicas: 3
8 | template:
9 | metadata:
10 | labels:
11 | app: cassandra
12 | spec:
13 | containers:
14 | - name: cassandra
15 | image: gcr.io/google-samples/cassandra:v12
16 | imagePullPolicy: Always
17 | ports:
18 | - containerPort: 7000
19 | name: intra-node
20 | - containerPort: 7001
21 | name: tls-intra-node
22 | - containerPort: 7199
23 | name: jmx
24 | - containerPort: 9042
25 | name: cql
26 | resources:
27 | limits:
28 | cpu: "500m"
29 | memory: 1Gi
30 | requests:
31 | cpu: "500m"
32 | memory: 1Gi
33 | securityContext:
34 | capabilities:
35 | add:
36 | - IPC_LOCK
37 | lifecycle:
38 | preStop:
39 | exec:
40 | command: ["/bin/sh", "-c", "PID=$(pidof java) && kill $PID && while ps -p $PID > /dev/null; do sleep 1; done"]
41 | env:
42 | - name: MAX_HEAP_SIZE
43 | value: 512M
44 | - name: HEAP_NEWSIZE
45 | value: 100M
46 | - name: CASSANDRA_SEEDS
47 | value: "cassandra-0.cassandra.default.svc.cluster.local"
48 | - name: CASSANDRA_CLUSTER_NAME
49 | value: "K8Demo"
50 | - name: CASSANDRA_DC
51 | value: "DC1-K8Demo"
52 | - name: CASSANDRA_RACK
53 | value: "Rack1-K8Demo"
54 | - name: CASSANDRA_AUTO_BOOTSTRAP
55 | value: "false"
56 | - name: POD_IP
57 | valueFrom:
58 | fieldRef:
59 | fieldPath: status.podIP
60 | readinessProbe:
61 | exec:
62 | command:
63 | - /bin/bash
64 | - -c
65 | - /ready-probe.sh
66 | initialDelaySeconds: 15
67 | timeoutSeconds: 5
68 | # These volume mounts are persistent. They are like inline claims,
69 | # but not exactly because the names need to match exactly one of
70 | # the stateful pod volumes.
71 | volumeMounts:
72 | - name: cassandra-data
73 | mountPath: /cassandra_data
74 | # These are converted to volume claims by the controller
75 | # and mounted at the paths mentioned above.
76 | # do not use these in production until ssd GCEPersistentDisk or other ssd pd
77 | volumeClaimTemplates:
78 | - metadata:
79 | name: cassandra-data
80 | spec:
81 | accessModes: [ "ReadWriteOnce" ]
82 | resources:
83 | requests:
84 | storage: 10Gi
85 |
--------------------------------------------------------------------------------
/03-other-specs/deployment_kuard.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | name: kuard-deployment
5 | spec:
6 | replicas: 2
7 | strategy:
8 | type: RollingUpdate
9 | rollingUpdate:
10 | maxSurge: 1
11 | maxUnavailable: 1
12 | template:
13 | metadata:
14 | labels:
15 | app: kuard
16 | version: 1.0.0
17 | spec:
18 | containers:
19 | - name: kuard
20 | image: gcr.io/kuar-demo/kuard-amd64:2
21 | ports:
22 | - containerPort: 8080
23 | name: http
24 | protocol: TCP
25 |
26 |
--------------------------------------------------------------------------------
/03-other-specs/deployment_kuard_health.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | name: kuard-deployment
5 | spec:
6 | replicas: 2
7 | strategy:
8 | type: RollingUpdate
9 | rollingUpdate:
10 | maxSurge: 1
11 | maxUnavailable: 1
12 | template:
13 | metadata:
14 | labels:
15 | app: kuard
16 | version: 1.0.0
17 | spec:
18 | containers:
19 | - name: kuard
20 | image: gcr.io/kuar-demo/kuard-amd64:2
21 | resources:
22 | requests:
23 | memory: "1024Mi"
24 | cpu: "1000m"
25 | limits:
26 | memory: "1024Mi"
27 | cpu: "1000m"
28 | ports:
29 | - containerPort: 8080
30 | name: http
31 | protocol: TCP
32 |
33 |
--------------------------------------------------------------------------------
/03-other-specs/fluentd_elk.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: DaemonSet
3 | metadata:
4 | name: fluentd-elasticsearch
5 | namespace: kube-system
6 | labels:
7 | k8s-app: fluentd-logging
8 | spec:
9 | updateStrategy:
10 | type: RollingUpdate
11 | selector:
12 | matchLabels:
13 | name: fluentd-elasticsearch
14 | template:
15 | metadata:
16 | labels:
17 | name: fluentd-elasticsearch
18 | spec:
19 | tolerations:
20 | - key: node-role.kubernetes.io/master
21 | effect: NoSchedule
22 | containers:
23 | - name: fluentd-elasticsearch
24 | image: gcr.io/google-containers/fluentd-elasticsearch:1.20
25 | resources:
26 | limits:
27 | memory: 200Mi
28 | requests:
29 | cpu: 100m
30 | memory: 200Mi
31 | volumeMounts:
32 | - name: varlog
33 | mountPath: /var/log
34 | - name: varlibdockercontainers
35 | mountPath: /var/lib/docker/containers
36 | readOnly: true
37 | terminationGracePeriodSeconds: 40
38 | volumes:
39 | - name: varlog
40 | hostPath:
41 | path: /var/log
42 | - name: varlibdockercontainers
43 | hostPath:
44 | path: /var/lib/docker/containers
--------------------------------------------------------------------------------
/03-other-specs/jobs/01-cronjob.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: batch/v1beta1
2 | kind: CronJob
3 | metadata:
4 | name: hello
5 | spec:
6 | schedule: "*/1 * * * *" # syntax is a same as in system cron jobs
7 | jobTemplate:
8 | spec:
9 | template:
10 | spec:
11 | containers:
12 | - name: hello
13 | image: nginx
14 | args:
15 | - /bin/sh
16 | - -c
17 | - date; echo Hello from the Kubernetes cluster
18 | restartPolicy: OnFailure
19 |
20 |
21 |
--------------------------------------------------------------------------------
/03-other-specs/kuard.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.1
8 | name: kuard
9 | spec:
10 | containers:
11 | - image: gcr.io/kuar-demo/kuard-amd64:1
12 | imagePullPolicy: IfNotPresent
13 | name: kuard
14 | ports:
15 | - containerPort: 8080
16 | name: http
17 | protocol: TCP
18 | resources: {}
19 | dnsPolicy: ClusterFirst
20 | restartPolicy: Never
--------------------------------------------------------------------------------
/03-other-specs/kuard_replica_set.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: ReplicaSet
3 | metadata:
4 | name: kuard
5 | spec:
6 | replicas: 1
7 | template:
8 | metadata:
9 | labels:
10 | app: kuard
11 | version: "1.0.0"
12 | spec:
13 | containers:
14 | - image: gcr.io/kuar-demo/kuard-amd64:2
15 | imagePullPolicy: IfNotPresent
16 | name: kuard
17 | ports:
18 | - containerPort: 8080
19 | name: http
20 | protocol: TCP
21 | resources: {}
22 | dnsPolicy: ClusterFirst
23 | restartPolicy: Always
--------------------------------------------------------------------------------
/03-other-specs/kuard_selector_replica_set.yaml:
--------------------------------------------------------------------------------
1 | #no chance
2 | apiVersion: extensions/v1beta1
3 | kind: ReplicaSet
4 | metadata:
5 | labels:
6 | app: kuard
7 | version: 1.0.0
8 | name: kuard
9 | namespace: default
10 | spec:
11 | replicas: 1
12 | selector:
13 | matchLabels:
14 | app: "kuard"
15 | version: "1.0.0"
16 | template:
17 | metadata:
18 | labels:
19 | app: kuard
20 | version: "1.0.0"
21 | spec:
22 | volumes:
23 | - name: "kuard-data"
24 | hostPath:
25 | path: /var/lib/kuard
26 | containers:
27 | - image: gcr.io/kuar-demo/kuard-amd64:1
28 | imagePullPolicy: IfNotPresent
29 | name: kuard
30 | resources:
31 | requests:
32 | cpu: "500m"
33 | memory: "128Mi"
34 | limits:
35 | cpu: "1000m"
36 | memory: "1024Mi"
37 | volumeMounts:
38 | - mountPath: "/data"
39 | name: "kuard-data"
40 | ports:
41 | - containerPort: 8080
42 | name: http
43 | protocol: TCP
44 | resources: {}
45 | dnsPolicy: ClusterFirst
46 | restartPolicy: Always
--------------------------------------------------------------------------------
/03-other-specs/stateful_sets.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: nginx
5 | labels:
6 | app: nginx
7 | spec:
8 | ports:
9 | - port: 80
10 | name: web
11 | clusterIP: None
12 | selector:
13 | app: nginx
14 | ---
15 | apiVersion: apps/v1beta1
16 | kind: StatefulSet
17 | metadata:
18 | name: web
19 | spec:
20 | serviceName: "nginx"
21 | replicas: 2
22 | selector:
23 | matchLabels:
24 | app: nginx
25 | template:
26 | metadata:
27 | labels:
28 | app: nginx
29 | spec:
30 | containers:
31 | - name: nginx
32 | image: gcr.io/google_containers/nginx-slim:0.8
33 | ports:
34 | - containerPort: 80
35 | name: web
36 | volumeMounts:
37 | - name: www
38 | mountPath: /usr/share/nginx/html
39 | volumeClaimTemplates:
40 | - metadata:
41 | name: www
42 | spec:
43 | accessModes: [ "ReadWriteOnce" ]
44 | resources:
45 | requests:
46 | storage: 1Gi
--------------------------------------------------------------------------------
/03-other-specs/svc_dep_kuard.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | app: kuard
7 | version: 1.0.0
8 | name: kuard-deployment
9 | spec:
10 | ports:
11 | - port: 8080
12 | protocol: TCP
13 | targetPort: 9999
14 | selector:
15 | app: kuard
16 | version: 1.0.0
17 | type: NodePort
18 | status:
19 | loadBalancer: {}
20 |
--------------------------------------------------------------------------------
/04-labels/.Readme.md.swp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetestr/kubernetes-essentials/58fcb758e68d2f87c48acc67650584f6a6af0dfd/04-labels/.Readme.md.swp
--------------------------------------------------------------------------------
/04-labels/1_kuard.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | appVersion: 2.0.0
7 | konu: meetup
8 | name: kuard
9 | spec:
10 | replicas: 2
11 | selector:
12 | matchLabels:
13 | appVersion: 2.0.0
14 | env: prod
15 | strategy: {}
16 | template:
17 | metadata:
18 | creationTimestamp: null
19 | labels:
20 | appVersion: 2.0.0
21 | env: prod
22 | spec:
23 | containers:
24 | - image: gcr.io/kuar-demo/kuard-amd64:1
25 | name: kuard
26 | resources: {}
27 | status: {}
28 |
--------------------------------------------------------------------------------
/04-labels/2_kuard.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | appVersion: 2.0.0
7 | env: staging
8 | name: kuard
9 | spec:
10 | replicas: 2
11 | selector:
12 | matchLabels:
13 | appVersion: 1.0.1
14 | env: prod
15 | strategy: {}
16 | template:
17 | metadata:
18 | creationTimestamp: null
19 | labels:
20 | appVersion: 1.0.1
21 | env: prod
22 | spec:
23 | containers:
24 | - image: gcr.io/kuar-demo/kuard-amd64:1
25 | name: kuard
26 | resources: {}
27 | status: {}
28 |
--------------------------------------------------------------------------------
/04-labels/Readme.md:
--------------------------------------------------------------------------------
1 | kubectl apply -f 1_kuard.yaml
2 | kubectl get pods --show-labels
3 | kubectl get pods -l appVersion=0.0.1
4 | kubectl get pods -l appVersion=1.0.0
5 | kubectl get pods --all-namespaces -l appVersion!=1.0.0,app=prometheus
6 | kubectl get pods --all-namespaces -l "k8s-app in(heapster,kube-state-metrics)"
7 | kubectl get pods --all-namespaces -l "k8s-app notin(heapster,kube-state-metrics)"
8 | kubectl get pods --all-namespaces -l "k8s-app,k8s-app notin(heapster,kube-state-metrics)"
9 | kubectl get pods --field-selector=status.phase!=Running --all-namespaces
10 | kubectl get pods -o json | jq ".items[].status.containerStatuses[].name"
11 | kubectl port-forward $(kubectl get pods -o jsonpath={.items[0].metadata.name}) 8080:8080
12 | kubectl port-forward $(kubectl get pod — selector=weave-scope-component=app -o jsonpath={.items..metadata.name}) 4040
13 |
14 | #Modifying patch / labels / annotations when to restart
15 | kubectl label nodes gke-prometheus-demo-default-pool-f423e0de-knrv konu=meetup
16 | kubectl patch deployment kuard -p '{"metadata": {"labels": {"version":"0.0.3"}}}'
17 | kubectl patch deployment kuard -p '"spec": {"template":{"metadata":{"labels":{"version":"2.0.0"}}}}'
18 | kubectl annotate deployment kuard durum=iyi
19 |
20 |
21 |
--------------------------------------------------------------------------------
/05-configmaps/apikey.txt:
--------------------------------------------------------------------------------
1 | Pamir
--------------------------------------------------------------------------------
/05-configmaps/env-configmap.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | data:
3 | log.enabled: "1"
4 | log.type: "debug"
5 | log.location: "file"
6 | kind: ConfigMap
7 | metadata:
8 | name: logging
9 |
--------------------------------------------------------------------------------
/05-configmaps/env-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: configpod
5 | spec:
6 | containers:
7 | - name: config-pod
8 | image: nginx
9 | env:
10 | - name: LOG_LOCATION
11 | valueFrom:
12 | configMapKeyRef:
13 | name: logging
14 | key: log.location
15 | - name: LOGGING_TYPE
16 | valueFrom:
17 | configMapKeyRef:
18 | name: logging
19 | key: log.type
20 | - name: LOGGING_ENABLED
21 | valueFrom:
22 | configMapKeyRef:
23 | name: logging
24 | key: log.enabled
25 |
--------------------------------------------------------------------------------
/05-configmaps/kuard.crt:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIC2zCCAcOgAwIBAgIJAI2AxVznPQNNMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNV
3 | BAMMEWt1YXJkLmV4YW1wbGUuY29tMB4XDTE3MDMxOTIwMTQyMVoXDTE4MDMxOTIw
4 | MTQyMVowHDEaMBgGA1UEAwwRa3VhcmQuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3
5 | DQEBAQUAA4IBDwAwggEKAoIBAQDO6HjeVc/OzCqCKTb9ESB4fOuHywM5R93q3ssl
6 | 5uFy6sooOvRfpQ1ADLZjNwfNaEkVcNEssHWCH+Dhbvsta90zTXYdPFWvVaXc32uy
7 | dQDR+FIRxl5c1oHrhD6yYJJop9Nyw0hwrfOyj7+NUW0fgSaVtbdrLlhQP0VuoQUG
8 | RlHpl7imqP3PlgQLmo8xnNQ1+R072l0rB/BqUGdG6MA6RXf9NixaECNVgSxuu+BB
9 | wx1upL/6c0rJaqjLpcEqoyp5FGo8ttOvWqwDukMATJD/7Ei5MzS6RdQjFC19rh88
10 | 1zpQ5hBPxcy3Lkj/Xaf6ehX5nrPcuRx4vadGagLnrxTgjk7XAgMBAAGjIDAeMBwG
11 | A1UdEQQVMBOCEWt1YXJkLmV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCb
12 | vOa6pCLJw9K2/929Wsn6CEuZrZfhXUrNGT87cVibQSj2a48sMdblIjxbvkAHtmbg
13 | mMxMOMgea1hCwZCaJw3ECEmCB4LHlBTnFDWbdqnRvs+/UiLhpaq4x5j2spf4VysY
14 | 1XqgkdHI+JQ1II07poqB/LkmpBPy3p/vCnHl5qgZ5ShS3GCZF45lHrMrwmq8ujJc
15 | nCa0CCZpjzYRp8pT5W/88OL+toeb9rN3ckKmBtws5q7J3Dbfkmv1sCPwSusBfATZ
16 | z4sKe4mopBMwE5yJzcjoPeiY6dhMZ2FsmOE9b4XaMkDPVIzeZS3S/0nUD36vCWsP
17 | jkFJS9Y6uqIRF7Tp7+q3
18 | -----END CERTIFICATE-----
19 |
--------------------------------------------------------------------------------
/05-configmaps/kuard.key:
--------------------------------------------------------------------------------
1 | -----BEGIN RSA PRIVATE KEY-----
2 | MIIEpAIBAAKCAQEAzuh43lXPzswqgik2/REgeHzrh8sDOUfd6t7LJebhcurKKDr0
3 | X6UNQAy2YzcHzWhJFXDRLLB1gh/g4W77LWvdM012HTxVr1Wl3N9rsnUA0fhSEcZe
4 | XNaB64Q+smCSaKfTcsNIcK3zso+/jVFtH4EmlbW3ay5YUD9FbqEFBkZR6Ze4pqj9
5 | z5YEC5qPMZzUNfkdO9pdKwfwalBnRujAOkV3/TYsWhAjVYEsbrvgQcMdbqS/+nNK
6 | yWqoy6XBKqMqeRRqPLbTr1qsA7pDAEyQ/+xIuTM0ukXUIxQtfa4fPNc6UOYQT8XM
7 | ty5I/12n+noV+Z6z3LkceL2nRmoC568U4I5O1wIDAQABAoIBAHb8SUXSo0aRMoDX
8 | or+1ca7YZ7oXjSsLoRrINJr/QvcK/mZUQOQfzpbeuKQlqV7+ccjar++7KlhCbNg3
9 | MkrUlMhD64C0ibHi1xdFhHGDx4z3+HowUWOiF+SQkF2UG54DpR2CH85supAdClMC
10 | WHadlsrRTUFdzXuYZx1Pi8wn9EMX7Gumq8nf+cyTCna5QoGu00RxFVmJjO2PN5YI
11 | FC4iQRF9D8VZvAY799Z/k0noUZNhUqDaFH4Uw9d6+aryz/YBaiHIa5D64SP8Sh3j
12 | xXNwVfDV6Gy/4bnyJ+n/EYoZvg3fis7C74t6c94B/dRsvjo2/cP3roRdMApf7qMv
13 | FLJYVwECgYEA5n/pYTVSmsD4tSFvZeHG7o11zO3TiXWrzNwdlF7VtiIDuJBR1fWl
14 | BweUABzcdTFqC5HyNZWWdVH8GGsqVhuupBIScPYxopvf7EXwAzha7RfC0x0h4OW3
15 | lVPa9H3/wdBR6oRqBxO9q0fXoidUlM48Ul0oiXB2yR7qnlk3wKC9FwcCgYEA5cxp
16 | s9tWkZTiJMUbfXhS3KiaZzGjNrT7S9vhHCov6X/qxKGFV/icvk0vTuF+aF0Nq21c
17 | 6OncxhzNWnTwr5ILZ3ulp0rACSRFL5Z04DhXGFk/hTBm9nzcHq7po90IbkntlpAy
18 | UkiRfyyWoAAteYO1CJOUXIA8g1qGH8tKAnTfxbECgYEAkLinE32jS771aOSBSPql
19 | KIpw+CYqtxfGsm1RtSKGFEDvDSav+yKsZul/J0L3uC06Y+FSrgop2aeMHNjMUBw5
20 | XpJqObqaF3q+8V5H//2WOV692EdmSgpxZbSsuO2Tc2EUzaYt3Bus7qnA3fLLzFJg
21 | 1WXgWcrfCg/7R0jFFJDXqGkCgYA3taaqg7Io+P8aCu7vLAxqkjVcbxwyVw3VBik8
22 | ur2CzhAMO1woR404VV3ysZgDlQuLU6gCjy+Gl9Tw6Qiwh6dcHw250NVdYf2j28XZ
23 | 1c7HiFtt3p4Xg42Zoq3hm+Q/WIzQw4Rvjkg3nIenomNj4hoxShXdlvkUnw2FB7OZ
24 | hNv7AQKBgQDNZG0c/I4ew+iVEm3I5cheEV6/l9w+rPsfaojU0t/F7FfEvlHjyhXC
25 | /pIdK+nZtR7AhMbUnKYAAqYauU4TT7RdEagKi4MshLpMHQPR0F15jx7tkGADl4E6
26 | GJcYXa0OUmgaPelwbH3oR2yEiHSz6guHt9BlYi2bFmAezQIw8xdK0A==
27 | -----END RSA PRIVATE KEY-----
28 |
--------------------------------------------------------------------------------
/05-configmaps/kuard.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.1
8 | name: kuard
9 | spec:
10 | containers:
11 | - image: gcr.io/kuar-demo/kuard-amd64:1
12 | imagePullPolicy: IfNotPresent
13 | name: kuard
14 | ports:
15 | - containerPort: 8080
16 | name: http
17 | protocol: TCP
18 | resources: {}
19 | volumeMounts:
20 | - name: config-volume
21 | mountPath: /config
22 |
23 | dnsPolicy: ClusterFirst
24 | restartPolicy: Never
25 | volumes:
26 | - name: config-volume
27 | configMap:
28 | name: my-config
29 |
--------------------------------------------------------------------------------
/05-configmaps/kuard_tls.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.1
8 | name: kuard
9 | spec:
10 | containers:
11 | - image: gcr.io/kuar-demo/kuard-amd64:1
12 | imagePullPolicy: IfNotPresent
13 | name: kuard
14 | ports:
15 | - containerPort: 8080
16 | name: http
17 | protocol: TCP
18 | resources: {}
19 | volumeMounts:
20 | - name: tls-certs
21 | mountPath: /tls
22 | readOnly: true
23 |
24 | dnsPolicy: ClusterFirst
25 | restartPolicy: Never
26 | volumes:
27 | - name: tls-certs
28 | secret:
29 | secretName: kuard-tls
30 |
--------------------------------------------------------------------------------
/05-configmaps/log4j.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
5 |
6 |
7 |
8 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/05-configmaps/my-config.txt:
--------------------------------------------------------------------------------
1 | name=pamir
2 | surname=erdem
3 | bestfriend=habil
--------------------------------------------------------------------------------
/06-services/ReadMe.md:
--------------------------------------------------------------------------------
1 | ```bash
2 | #cluster-info
3 | gcloud container clusters describe meetup --project=inspired-bus-194216 --zone=us-central1-c --format="json" | grep service
4 | gcloud container clusters describe meetup --project=inspired-bus-194216 --zone=us-central1-c --format="json" | grep Ip
5 | ```
6 |
--------------------------------------------------------------------------------
/06-services/external/ReadMe.md:
--------------------------------------------------------------------------------
1 | ### External Services Use Cases
2 |
3 | Kubernetes --> Internal LoadBalancer --> Instance Groups
4 |
5 | ```bash
6 | kubectl apply -f external_service.yaml
7 | ```
8 |
9 |
10 | #### Cleanup
11 | ```bash
12 | kubectl delete -f external_service.yaml
13 | ```
14 |
15 |
--------------------------------------------------------------------------------
/06-services/external/external_endpoint.yaml:
--------------------------------------------------------------------------------
1 | kind: Endpoints
2 | apiVersion: v1
3 | metadata:
4 | name: external-ip-database
5 | subsets:
6 | - addresses:
7 | - ip: 192.168.0.1
8 | ports:
9 | - port: 3306
--------------------------------------------------------------------------------
/06-services/external/external_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: simpleserver
5 | spec:
6 | ports:
7 | - port: 8000
8 | targetPort: 8000
9 | protocol: TCP
10 | ---
11 | # Because this service has no selector, the corresponding Endpoints
12 | # object will not be created. You can manually map the service to
13 | # your own specific endpoints:
14 | kind: Endpoints
15 | apiVersion: v1
16 | metadata:
17 | name: simpleserver
18 | subsets:
19 | - addresses:
20 | - ip: "10.128.0.2"
21 | ports:
22 | - port: 8000
23 |
--------------------------------------------------------------------------------
/06-services/ingress/ReadMe.md:
--------------------------------------------------------------------------------
1 | ### Ingress
2 | #### Services
3 | ```bash
4 | kubectl apply -f kuard-dpl-svc.yaml
5 | kubectl apply -f kuard-deployment.yaml
6 | kubectl get endpoints -w
7 | kubectl apply -f kuard-ingress.yaml
8 |
9 | #watch for changes
10 | kubectl describe ingress kuard
11 |
12 | #go to network loadbalancer section on gcp console
13 | #look at probes / health status / ports
14 |
15 | gcloud compute addresses create kuardstatic-ip --global
16 | kubectl apply -f kuard-ingress-static.yaml
17 |
18 | #go to static ip address section in gcp console
19 | ```
20 | #### CleanUp
21 | ```bash
22 | kubectl delete kuard-dpl-svc.yaml
23 | kubectl delete -f kuard-dpl-svc.yaml
24 | kubectl delete -f kuard-deployment.yaml
25 | ```
26 |
27 | #### Context Bases Routing
28 | ```bash
29 |
30 | ```
31 |
32 |
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/06-services/ingress/context/Readme.md:
--------------------------------------------------------------------------------
1 | ```bash
2 | kubectl apply -f web-v1.yaml
3 | kubectl apply -f web-v2.yaml
4 | kubectl apply -f web-v1-svc.yaml
5 | kubectl apply -f web-v2-svc.yaml
6 |
7 | # Find the problem
8 |
9 |
10 | #Fix the problem
11 | kubectl apply -f web-v1-fixed.yaml
12 | kubectl apply -f web-v2-fixed.yaml
13 | kubectl get ingress web-ingress -o jsonpath="{.status.loadBalancer.ingress[*].ip}"
14 | curl -XGET http://$(kubectl get ingress web-ingress -o jsonpath="{.status.loadBalancer.ingress[*].ip}")/v1/
15 | curl -XGET http://$(kubectl get ingress web-ingress -o jsonpath="{.status.loadBalancer.ingress[*].ip}")/v2/
16 | ```
17 |
18 |
19 | #### Enable HTTPS
20 | ```bash
21 | openssl genrsa -out ca.key 2048
22 | openssl req -x509 -new -nodes -key ca.key -subj \
23 | "/CN=$(kubectl get ingress web-ingress \
24 | -o jsonpath="{.status.loadBalancer.ingress[*].ip}")" -days 10000 -out ca.crt
25 | kubectl create secret tls web-tls --key=ca.key --cert=ca.crt
26 | kubectl apply -f ingress-tls.yaml
27 | #watch for changes in gcp console
28 | ```
29 | ```yaml
30 | apiVersion: extensions/v1beta1
31 | kind: Ingress
32 | metadata:
33 | name: web-ingress
34 | annotations:
35 | kubernetes.io/ingress.allow-http: "false"
36 | spec:
37 | ```
38 |
39 | ```bash
40 | #force https
41 | kubectl apply -f ingress-tls-forcehttps.yaml
42 | ```
43 |
44 | ####Cleanup
45 | ```bash
46 | kubectl delete ingress web-ingress
47 | kubectl delete deployment web-v1
48 | kubectl delete deployment web-v1
49 | kubectl delete svc web-v1
50 | kubectl delete svc web-v2
51 | kubectl delete secret web-tls
52 | ```
53 |
54 |
55 |
56 | #### References
57 | 1- https://github.com/kubernetes/ingress-gce
58 |
59 |
--------------------------------------------------------------------------------
/06-services/ingress/context/ingress-tls-forcehttps.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Ingress
3 | metadata:
4 | name: web-ingress
5 | annotations:
6 | kubernetes.io/ingress.allow-http: "false"
7 | spec:
8 | rules:
9 | - http:
10 | paths:
11 | - path: /v2/*
12 | backend:
13 | serviceName: web-v2
14 | servicePort: 8080
15 | - path: /v1/*
16 | backend:
17 | serviceName: web-v1
18 | servicePort: 8080
19 | tls:
20 | - secretName: web-tls
21 |
--------------------------------------------------------------------------------
/06-services/ingress/context/ingress-tls-nginx.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Ingress
3 | metadata:
4 | name: web-ingress
5 | annotations:
6 | kubernetes.io/ingress.class: nginx
7 | spec:
8 | rules:
9 | - http:
10 | paths:
11 | - path: /v2/*
12 | backend:
13 | serviceName: web-v2
14 | servicePort: 8080
15 | - path: /v1/*
16 | backend:
17 | serviceName: web-v1
18 | servicePort: 8080
19 | tls:
20 | - secretName: web-tls
21 |
--------------------------------------------------------------------------------
/06-services/ingress/context/ingress-tls.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Ingress
3 | metadata:
4 | name: web-ingress
5 | spec:
6 | rules:
7 | - http:
8 | paths:
9 | - path: /v2/*
10 | backend:
11 | serviceName: web-v2
12 | servicePort: 8080
13 | - path: /v1/*
14 | backend:
15 | serviceName: web-v1
16 | servicePort: 8080
17 | tls:
18 | - secretName: web-tls
19 |
--------------------------------------------------------------------------------
/06-services/ingress/context/web-v1-fixed.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v1
7 | name: web-v1
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | run: web-v1
13 | strategy: {}
14 | template:
15 | metadata:
16 | creationTimestamp: null
17 | labels:
18 | run: web-v1
19 | spec:
20 | containers:
21 | - image: gcr.io/google-samples/hello-app:1.0
22 | name: web-v1
23 | ports:
24 | - containerPort: 8080
25 | livenessProbe:
26 | httpGet:
27 | path: /
28 | port: 8080
29 | initialDelaySeconds: 5
30 | timeoutSeconds: 1
31 | periodSeconds: 10
32 | failureThreshold: 3
33 | readinessProbe:
34 | httpGet:
35 | path: /
36 | port: 8080
37 | timeoutSeconds: 1
38 | periodSeconds: 10
39 | initialDelaySeconds: 30
40 | status: {}
41 |
--------------------------------------------------------------------------------
/06-services/ingress/context/web-v1-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v1
7 | name: web-v1
8 | spec:
9 | ports:
10 | - port: 8080
11 | protocol: TCP
12 | targetPort: 8080
13 | selector:
14 | run: web-v1
15 | type: NodePort
16 | status:
17 | loadBalancer: {}
18 |
--------------------------------------------------------------------------------
/06-services/ingress/context/web-v1.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v1
7 | name: web-v1
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | run: web-v1
13 | strategy: {}
14 | template:
15 | metadata:
16 | creationTimestamp: null
17 | labels:
18 | run: web-v1
19 | spec:
20 | containers:
21 | - image: gcr.io/google-samples/hello-app:1.0
22 | name: web-v1
23 | ports:
24 | - containerPort: 8080
25 | resources: {}
26 | status: {}
27 |
--------------------------------------------------------------------------------
/06-services/ingress/context/web-v2-fixed.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v2
7 | name: web-v2
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | run: web-v2
13 | strategy: {}
14 | template:
15 | metadata:
16 | creationTimestamp: null
17 | labels:
18 | run: web-v2
19 | spec:
20 | containers:
21 | - image: gcr.io/google-samples/hello-app:2.0
22 | name: web-v2
23 | ports:
24 | - containerPort: 8080
25 | livenessProbe:
26 | httpGet:
27 | path: /
28 | port: 8080
29 | initialDelaySeconds: 5
30 | timeoutSeconds: 1
31 | periodSeconds: 10
32 | failureThreshold: 3
33 | readinessProbe:
34 | httpGet:
35 | path: /
36 | port: 8080
37 | timeoutSeconds: 1
38 | periodSeconds: 10
39 | initialDelaySeconds: 30
40 | status: {}
41 |
--------------------------------------------------------------------------------
/06-services/ingress/context/web-v2-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v2
7 | name: web-v2
8 | spec:
9 | ports:
10 | - port: 8080
11 | protocol: TCP
12 | targetPort: 8080
13 | selector:
14 | run: web-v2
15 | type: NodePort
16 | status:
17 | loadBalancer: {}
18 |
--------------------------------------------------------------------------------
/06-services/ingress/context/web-v2.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v2
7 | name: web-v2
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | run: web-v2
13 | strategy: {}
14 | template:
15 | metadata:
16 | creationTimestamp: null
17 | labels:
18 | run: web-v2
19 | spec:
20 | containers:
21 | - image: gcr.io/google-samples/hello-app:2.0
22 | name: web-v2
23 | ports:
24 | - containerPort: 8080
25 | resources: {}
26 | status: {}
27 |
--------------------------------------------------------------------------------
/06-services/ingress/kuard-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: kuard
7 | name: kuard
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | run: kuard
13 | internalVersion: 0.0.1
14 | strategy: {}
15 | template:
16 | metadata:
17 | creationTimestamp: null
18 | labels:
19 | run: kuard
20 | internalVersion: 0.0.1
21 | spec:
22 | containers:
23 | - image: gcr.io/kuar-demo/kuard-amd64:1
24 | name: kuard
25 | livenessProbe:
26 | httpGet:
27 | path: /healthy
28 | port: 8080
29 | initialDelaySeconds: 5
30 | timeoutSeconds: 1
31 | periodSeconds: 10
32 | failureThreshold: 3
33 | readinessProbe:
34 | httpGet:
35 | path: /ready
36 | port: 8080
37 | timeoutSeconds: 1
38 | periodSeconds: 10
39 | initialDelaySeconds: 30
40 | ports:
41 | - containerPort: 8080
42 | name: http
43 | protocol: TCP
44 | status: {}
45 |
--------------------------------------------------------------------------------
/06-services/ingress/kuard-dpl-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | internalVersion: 0.0.1
7 | run: kuard
8 | name: kuard
9 | spec:
10 | ports:
11 | - port: 8080
12 | protocol: TCP
13 | targetPort: 8080
14 | selector:
15 | internalVersion: 0.0.1
16 | run: kuard
17 | type: NodePort
18 | status:
19 | loadBalancer: {}
20 |
--------------------------------------------------------------------------------
/06-services/ingress/kuard-ingress-static.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Ingress
3 | metadata:
4 | name: kuard-ingress
5 | annotations:
6 | kubernetes.io/ingress.global-static-ip-name: kuardstatic-ip
7 | spec:
8 | backend:
9 | serviceName: kuard
10 | servicePort: 8080
11 |
--------------------------------------------------------------------------------
/06-services/ingress/kuard-ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Ingress
3 | metadata:
4 | name: kuard-ingress
5 | spec:
6 | backend:
7 | serviceName: kuard
8 | servicePort: 8080
9 |
--------------------------------------------------------------------------------
/06-services/ingress/nginx-ingress/Readme.md:
--------------------------------------------------------------------------------
1 | #### Nginx Ingress
2 | ```bash
3 | helm install --name nginx-ingress stable/nginx-ingress --set rbac.create=true
4 | kubectl get pods
5 | kubectl get svc
6 |
7 | openssl genrsa -out ca.key 2048
8 | openssl req -x509 -new -nodes -key ca.key -subj \
9 | "/CN=$(kubectl get ingress color-ingress \
10 | -o jsonpath="{.status.loadBalancer.ingress[*].ip}")" -days 10000 -out ca.crt
11 |
12 |
13 | kubectl create secret tls web-tls --key=ca.key --cert=ca.crt
14 | kubectl apply -f web-v2-fixed.yaml
15 | kubectl apply -f web-v1-fixed.yaml
16 | kubectl apply -f web-v1-svc.yaml
17 | kubectl apply -f web-v2-svc.yaml
18 |
19 | curl -k -XGET https://$(kubectl get svc nginx-ingress-controller \
20 | -o jsonpath="{.status.loadBalancer.ingress[*].ip}")/v1/
21 |
22 | curl -k -XGET https://$(kubectl get svc nginx-ingress-controller \
23 | -o jsonpath="{.status.loadBalancer.ingress[*].ip}")/v2/
24 |
25 |
26 | ```
27 | #### TODO
28 | Fix the certificate error
29 |
30 |
--------------------------------------------------------------------------------
/06-services/ingress/nginx-ingress/ingress-tls.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Ingress
3 | metadata:
4 | name: web-ingress
5 | annotations:
6 | kubernetes.io/ingress.class: nginx
7 | spec:
8 | rules:
9 | - http:
10 | paths:
11 | - path: /v2/
12 | backend:
13 | serviceName: web-v2
14 | servicePort: 8080
15 | - path: /v1/
16 | backend:
17 | serviceName: web-v1
18 | servicePort: 8080
19 | tls:
20 | - secretName: web-tls
21 |
--------------------------------------------------------------------------------
/06-services/ingress/nginx-ingress/web-v1-fixed.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v1
7 | name: web-v1
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | run: web-v1
13 | strategy: {}
14 | template:
15 | metadata:
16 | creationTimestamp: null
17 | labels:
18 | run: web-v1
19 | spec:
20 | containers:
21 | - image: gcr.io/google-samples/hello-app:1.0
22 | name: web-v1
23 | ports:
24 | - containerPort: 8080
25 | livenessProbe:
26 | httpGet:
27 | path: /
28 | port: 8080
29 | initialDelaySeconds: 5
30 | timeoutSeconds: 1
31 | periodSeconds: 10
32 | failureThreshold: 3
33 | readinessProbe:
34 | httpGet:
35 | path: /
36 | port: 8080
37 | timeoutSeconds: 1
38 | periodSeconds: 10
39 | initialDelaySeconds: 30
40 | status: {}
41 |
--------------------------------------------------------------------------------
/06-services/ingress/nginx-ingress/web-v1-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v1
7 | name: web-v1
8 | spec:
9 | ports:
10 | - port: 8080
11 | protocol: TCP
12 | targetPort: 8080
13 | selector:
14 | run: web-v1
15 | type: NodePort
16 | status:
17 | loadBalancer: {}
18 |
--------------------------------------------------------------------------------
/06-services/ingress/nginx-ingress/web-v2-fixed.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v2
7 | name: web-v2
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | run: web-v2
13 | strategy: {}
14 | template:
15 | metadata:
16 | creationTimestamp: null
17 | labels:
18 | run: web-v2
19 | spec:
20 | containers:
21 | - image: gcr.io/google-samples/hello-app:2.0
22 | name: web-v2
23 | ports:
24 | - containerPort: 8080
25 | livenessProbe:
26 | httpGet:
27 | path: /
28 | port: 8080
29 | initialDelaySeconds: 5
30 | timeoutSeconds: 1
31 | periodSeconds: 10
32 | failureThreshold: 3
33 | readinessProbe:
34 | httpGet:
35 | path: /
36 | port: 8080
37 | timeoutSeconds: 1
38 | periodSeconds: 10
39 | initialDelaySeconds: 30
40 | status: {}
41 |
--------------------------------------------------------------------------------
/06-services/ingress/nginx-ingress/web-v2-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: web-v2
7 | name: web-v2
8 | spec:
9 | ports:
10 | - port: 8080
11 | protocol: TCP
12 | targetPort: 8080
13 | selector:
14 | run: web-v2
15 | type: NodePort
16 | status:
17 | loadBalancer: {}
18 |
--------------------------------------------------------------------------------
/06-services/intro/ReadMe.md:
--------------------------------------------------------------------------------
1 | ### Kubernetes Networking
2 |
3 | #### 3-Tier
4 |
5 | Pod to Pod communication happens without NAT
6 | All Nodes communicate each other without NAT
7 | ```bash
8 | ip addr
9 | brctl show
10 | docker ps
11 | docker inspect
12 | docker inspect 3ed6c7b2c4a5 -f '{{.NetworkSettings.IPAddress}}'
13 | docker ps | awk '{print $1}'
14 | for i in $(docker ps | awk '{print $1}'); do docker inspect 3ed6c7b2c4a5 -f '{{.NetworkSettings.IPAddress}}' $1; done;
15 | route show
16 | ```
17 | https://github.com/acedemand/kubernetes-cluster
18 |
19 |
20 | ### CNI
21 | Layer2 Switching
22 | layer3 Routing
23 | overlay networking
24 |
25 | ```bash
26 | ps -ef | grep cni
27 | kubectl get svc -o wide -n kube-system | grep 10.19.240.10
28 | ```
29 |
30 |
31 | ```bash
32 | #service types
33 | kubectl apply -f kuard-pod.yaml
34 | kubectl get pod -w
35 | kubectl expose pod kuard --type=ClusterIP --dry-run=true -o yaml
36 | kubectl expose pod kuard --type=ClusterIP -o yaml > kuard-pod-svc.yaml
37 | kubectl delete svc kuard
38 | kubectl expose pod kuard --type=NodePort --dry-run=true -o yaml > kuard-pod-svc-np.yaml
39 | kubectl expose pod kuard --type=LoadBalancer --dry-run=true -o yaml > kuard-pod-svc-lb.yaml
40 |
41 | #no endpoint
42 | kubectl apply -f kuard-pod-svc.yaml
43 | kubectl get endpoints
44 | kubectl delete pod kuard
45 | kubectl get endpoints
46 |
47 | kubectl apply -f kuard-deployment.yaml
48 | kubectl get endpoints
49 | #edit svc kuard
50 | kubectl edit svc kuard
51 | kubectl get endpoints
52 |
53 | ```
54 |
55 | #### NodePort
56 | ```bash
57 | kubectl delete svc kuard
58 | kubectl apply -f kuard-dpl-svc.yaml
59 | kubectl get endpoints
60 | kubectl scale deployment kuard --replicas=2
61 | kubectl get endpoints -w
62 |
63 | ```
64 | ```yaml
65 | ports:
66 | - nodePort: 30792
67 | port: 8080
68 | protocol: TCP
69 | targetPort: 8080
70 | ``
71 |
72 | ```bash
73 | kubectl delete svc kuard
74 | kubectl expose deployment kuard --type=LoadBalancer --dry-run=true -o yaml > kuard-dpl-svc-lb.yaml
75 | kubectl apply -f kuard-dpl-svc-lb.yaml
76 |
77 | #watch the external ip address
78 | kubectl get svc -w
79 |
80 | `
81 |
82 | ```bash
83 | #LoadBalancer InBalance problem
84 | #https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/
85 |
86 | kubectl apply -f kuard-dpl-svc-lb-onlylocal.yaml
87 | ````
88 |
89 |
90 |
--------------------------------------------------------------------------------
/06-services/intro/headless/Readme.md:
--------------------------------------------------------------------------------
1 | #### Headless Service
2 | ```bash
3 | kubectl apply -f cassandra-statefulset.yaml
4 | kubectl apply -f cassandra-svc.yaml
5 | kubectl get endpoints
6 | kubectl run --image=raesene/alpine-nettools nettools --restart=Never
7 | kubectl exec -it nettools -- /bin/sh
8 | curl -XGET http://cassandra-0.cassandra.default.svc.cluster.local:9042
9 |
10 | ```
11 |
12 | ####cleanup
13 | ```bash
14 | kubectl delete -f cassandra-svc.yaml
15 | kubectl delete -f cassandra-statefulset.yaml
16 | kubectl delete pod nettools
17 | ```
18 |
--------------------------------------------------------------------------------
/06-services/intro/headless/cassandra-statefulset.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: StatefulSet
3 | metadata:
4 | name: cassandra
5 | labels:
6 | app: cassandra
7 | spec:
8 | serviceName: cassandra
9 | replicas: 3
10 | selector:
11 | matchLabels:
12 | app: cassandra
13 | template:
14 | metadata:
15 | labels:
16 | app: cassandra
17 | spec:
18 | terminationGracePeriodSeconds: 1800
19 | containers:
20 | - name: cassandra
21 | image: gcr.io/google-samples/cassandra:v13
22 | imagePullPolicy: Always
23 | ports:
24 | - containerPort: 7000
25 | name: intra-node
26 | - containerPort: 7001
27 | name: tls-intra-node
28 | - containerPort: 7199
29 | name: jmx
30 | - containerPort: 9042
31 | name: cql
32 | resources:
33 | limits:
34 | cpu: "500m"
35 | memory: 1Gi
36 | requests:
37 | cpu: "500m"
38 | memory: 1Gi
39 | securityContext:
40 | capabilities:
41 | add:
42 | - IPC_LOCK
43 | lifecycle:
44 | preStop:
45 | exec:
46 | command:
47 | - /bin/sh
48 | - -c
49 | - nodetool drain
50 | env:
51 | - name: MAX_HEAP_SIZE
52 | value: 512M
53 | - name: HEAP_NEWSIZE
54 | value: 100M
55 | - name: CASSANDRA_SEEDS
56 | value: "cassandra-0.cassandra.default.svc.cluster.local"
57 | - name: CASSANDRA_CLUSTER_NAME
58 | value: "K8Demo"
59 | - name: CASSANDRA_DC
60 | value: "DC1-K8Demo"
61 | - name: CASSANDRA_RACK
62 | value: "Rack1-K8Demo"
63 | - name: POD_IP
64 | valueFrom:
65 | fieldRef:
66 | fieldPath: status.podIP
67 | readinessProbe:
68 | exec:
69 | command:
70 | - /bin/bash
71 | - -c
72 | - /ready-probe.sh
73 | initialDelaySeconds: 15
74 | timeoutSeconds: 5
75 | # These volume mounts are persistent. They are like inline claims,
76 | # but not exactly because the names need to match exactly one of
77 | # the stateful pod volumes.
78 | volumeMounts:
79 | - name: cassandra-data
80 | mountPath: /cassandra_data
81 | # These are converted to volume claims by the controller
82 | # and mounted at the paths mentioned above.
83 | # do not use these in production until ssd GCEPersistentDisk or other ssd pd
84 | volumeClaimTemplates:
85 | - metadata:
86 | name: cassandra-data
87 | spec:
88 | accessModes: [ "ReadWriteOnce" ]
89 | resources:
90 | requests:
91 | storage: 1Gi
92 |
--------------------------------------------------------------------------------
/06-services/intro/headless/cassandra-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | app: cassandra
6 | name: cassandra
7 | spec:
8 | clusterIP: None
9 | ports:
10 | - port: 9042
11 | selector:
12 | app: cassandra
13 |
--------------------------------------------------------------------------------
/06-services/intro/kuard-deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: kuard
7 | name: kuard
8 | spec:
9 | replicas: 1
10 | selector:
11 | matchLabels:
12 | run: kuard
13 | internalVersion: 0.0.1
14 | strategy: {}
15 | template:
16 | metadata:
17 | creationTimestamp: null
18 | labels:
19 | run: kuard
20 | internalVersion: 0.0.1
21 | spec:
22 | containers:
23 | - image: gcr.io/kuar-demo/kuard-amd64:1
24 | name: kuard
25 | livenessProbe:
26 | httpGet:
27 | path: /healthy
28 | port: 8080
29 | initialDelaySeconds: 5
30 | timeoutSeconds: 1
31 | periodSeconds: 10
32 | failureThreshold: 3
33 | readinessProbe:
34 | httpGet:
35 | path: /ready
36 | port: 8080
37 | timeoutSeconds: 1
38 | periodSeconds: 10
39 | initialDelaySeconds: 30
40 | ports:
41 | - containerPort: 8080
42 | name: http
43 | protocol: TCP
44 | status: {}
45 |
--------------------------------------------------------------------------------
/06-services/intro/kuard-dpl-svc-lb-onlylocal.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: kuard
7 | annotations:
8 | service.beta.kubernetes.io/external-traffic: "OnlyLocal"
9 | name: kuard
10 | spec:
11 | ports:
12 | - port: 8080
13 | protocol: TCP
14 | targetPort: 8080
15 | selector:
16 | internalVersion: 0.0.1
17 | run: kuard
18 | type: LoadBalancer
19 | status:
20 | loadBalancer: {}
21 |
--------------------------------------------------------------------------------
/06-services/intro/kuard-dpl-svc-lb.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: kuard
7 | name: kuard
8 | spec:
9 | ports:
10 | - port: 8080
11 | protocol: TCP
12 | targetPort: 8080
13 | selector:
14 | internalVersion: 0.0.1
15 | run: kuard
16 | type: LoadBalancer
17 | status:
18 | loadBalancer: {}
19 |
--------------------------------------------------------------------------------
/06-services/intro/kuard-dpl-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | internalVersion: 0.0.1
7 | run: kuard
8 | name: kuard
9 | spec:
10 | ports:
11 | - port: 8080
12 | protocol: TCP
13 | targetPort: 8080
14 | selector:
15 | internalVersion: 0.0.1
16 | run: kuard
17 | type: NodePort
18 | status:
19 | loadBalancer: {}
20 |
--------------------------------------------------------------------------------
/06-services/intro/kuard-pod-svc-lb.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: kuard
7 | name: kuard
8 | spec:
9 | ports:
10 | - port: 8080
11 | protocol: TCP
12 | targetPort: 8080
13 | selector:
14 | internalVersion: 0.0.1
15 | run: kuard
16 | type: LoadBalancer
17 | status:
18 | loadBalancer: {}
19 |
--------------------------------------------------------------------------------
/06-services/intro/kuard-pod-svc-np.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: kuard
7 | name: kuard
8 | spec:
9 | ports:
10 | - port: 8080
11 | protocol: TCP
12 | targetPort: 8080
13 | selector:
14 | internalVersion: 0.0.1
15 | run: kuard
16 | type: NodePort
17 | status:
18 | loadBalancer: {}
19 |
--------------------------------------------------------------------------------
/06-services/intro/kuard-pod-svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | creationTimestamp: null
5 | labels:
6 | run: kuard
7 | name: kuard
8 | spec:
9 | ports:
10 | - port: 8080
11 | protocol: TCP
12 | targetPort: 8080
13 | selector:
14 | internalVersion: 0.0.1
15 | run: kuard
16 | type: NodePort
17 | status:
18 | loadBalancer: {}
19 |
--------------------------------------------------------------------------------
/06-services/intro/kuard-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | labels:
5 | run: kuard
6 | name: kuard
7 | internalVersion: 0.0.1
8 | name: kuard
9 | spec:
10 | containers:
11 | - image: gcr.io/kuar-demo/kuard-amd64:1
12 | imagePullPolicy: IfNotPresent
13 | name: kuard
14 | livenessProbe:
15 | httpGet:
16 | path: /healthy
17 | port: 8080
18 | initialDelaySeconds: 5
19 | timeoutSeconds: 1
20 | periodSeconds: 10
21 | failureThreshold: 3
22 | readinessProbe:
23 | httpGet:
24 | path: /ready
25 | port: 8080
26 | timeoutSeconds: 1
27 | periodSeconds: 10
28 | initialDelaySeconds: 30
29 | ports:
30 | - containerPort: 8080
31 | name: http
32 | protocol: TCP
33 | resources: {}
34 | dnsPolicy: ClusterFirst
35 | restartPolicy: OnFailure
--------------------------------------------------------------------------------
/07-ingress/ingress.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Ingress
3 | metadata:
4 | name: nginx-ingress
5 | annotations:
6 | ingress.kubernetes.io/rewrite-target: /
7 | spec:
8 | rules:
9 | - http:
10 | paths:
11 | - path: /testpath
12 | backend:
13 | serviceName: nginx
14 | servicePort: 80
--------------------------------------------------------------------------------
/08-storage/auto-extends/01-pvc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolumeClaim
3 | metadata:
4 | name: myclaim
5 | namespace: default
6 | spec:
7 | accessModes:
8 | - ReadWriteOnce
9 | resources:
10 | requests:
11 | storage: 14Gi
12 | storageClassName: standard
13 |
--------------------------------------------------------------------------------
/08-storage/auto-extends/01-storageclass.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.k8s.io/v1
2 | kind: StorageClass
3 | metadata:
4 | name: standard
5 | parameters:
6 | type: pd-standard
7 | provisioner: kubernetes.io/gce-pd
8 | allowVolumeExpansion: true
9 | reclaimPolicy: Delete
10 |
--------------------------------------------------------------------------------
/08-storage/auto-extends/ReadMe.md:
--------------------------------------------------------------------------------
1 | ### Auto extend
2 | https://kubernetes.io/blog/2018/07/12/resizing-persistent-volumes-using-kubernetes/
3 | In Kubernetes v1.11 the persistent volume expansion feature is being promoted to beta. This feature allows users to easily resize an existing volume by editing the PersistentVolumeClaim (PVC) object. Users no longer have to manually interact with the storage backend or delete and recreate PV and PVC objects to increase the size of a volume. Shrinking persistent volumes is not supported.
4 |
5 |
6 |
--------------------------------------------------------------------------------
/08-storage/intro/01-2-emptydir-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: test-pd
5 | spec:
6 | containers:
7 | - image: nginx:1.7.9
8 | name: test-container
9 | volumeMounts:
10 | - mountPath: /usr/share/nginx/html
11 | name: cache-volume
12 | initContainers:
13 | - name: git-code-downlaod
14 | image: alpine/git
15 | command: ['sh', '-c', 'git clone https://github.com/wlsf82/helloworld.git; mv * /cache ']
16 | volumeMounts:
17 | - mountPath: /cache
18 | name: cache-volume
19 | volumes:
20 | - name: cache-volume
21 | emptyDir: {}
22 |
--------------------------------------------------------------------------------
/08-storage/intro/01-3-emptydir-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: test-pd
5 | spec:
6 | containers:
7 | - image: nginx:1.7.9
8 | name: test-container
9 | volumeMounts:
10 | - mountPath: /usr/share/nginx/html
11 | name: cache-volume
12 | - name: git-code-downlaod
13 | image: alpine/git
14 | command: ['sh', '-c', 'while true; do rm -rdf /cache/*; git clone https://github.com/wlsf82/helloworld.git; mv -f helloworld/ /cache; sleep 30; done; ']
15 | volumeMounts:
16 | - mountPath: /cache
17 | name: cache-volume
18 | volumes:
19 | - name: cache-volume
20 | emptyDir: {}
21 |
--------------------------------------------------------------------------------
/08-storage/intro/01-4-emptydir-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: test-pd
5 | spec:
6 | containers:
7 | - image: nginx:1.7.9
8 | name: test-container
9 | volumeMounts:
10 | - mountPath: /usr/share/nginx/html
11 | name: cache-volume
12 | initContainers:
13 | - name: template-changer
14 | image: alpine/git
15 | command: ['sh', '-c', 'cp /conf/* /cache; chmod +x /cache/*']
16 | volumeMounts:
17 | - mountPath: /cache
18 | name: cache-volume
19 | - mountPath: /conf
20 | name: conf
21 |
22 | volumes:
23 | - name: cache-volume
24 | emptyDir: {}
25 | - name: conf
26 | configMap:
27 | name: mysql-conn
28 |
--------------------------------------------------------------------------------
/08-storage/intro/01-emptydir-pod.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: test-pd
5 | spec:
6 | containers:
7 | - image: nginx:1.7.9
8 | name: test-container
9 | volumeMounts:
10 | - mountPath: /cache
11 | name: cache-volume
12 | volumes:
13 | - name: cache-volume
14 | emptyDir: {}
15 |
--------------------------------------------------------------------------------
/08-storage/intro/02-emptydir-memory.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: test-pd
5 | spec:
6 | containers:
7 | - image: nginx:1.7.9
8 | name: test-container
9 | volumeMounts:
10 | - mountPath: /cache
11 | name: cache-volume
12 | volumes:
13 | - name: cache-volume
14 | emptyDir:
15 | medium: Memory
16 | sizeLimit: "1Gi"
17 |
--------------------------------------------------------------------------------
/08-storage/intro/04-downwardapi.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: nginx-pd
5 | labels:
6 | zone: us-est-coast
7 | cluster: test-cluster1
8 | rack: rack-22
9 | annotations:
10 | build: two
11 | builder: john-doe
12 | spec:
13 | containers:
14 | - name: nginx-pd
15 | image: nginx:1.7.9
16 | volumeMounts:
17 | - name: podinfo
18 | mountPath: /etc/podinfo
19 | readOnly: false
20 | volumes:
21 | - name: podinfo
22 | downwardAPI:
23 | items:
24 | - path: "labels"
25 | fieldRef:
26 | fieldPath: metadata.labels
27 | - path: "annotations"
28 | fieldRef:
29 | fieldPath: metadata.annotations
30 |
--------------------------------------------------------------------------------
/08-storage/intro/Readme.md:
--------------------------------------------------------------------------------
1 |
2 | ### EmptyDir
3 | ```bash
4 | vim 01-2-emptydir-pod.yaml
5 | kubectl apply -f 01-2-emptydir-pod.yaml
6 | kubectl port-forward test-pd 8080:80
7 | curl -XGET http://localhost:8080/helloworld/helloworld.html
8 | kubectl delete -f 01-2-emptydir-pod.yaml
9 | ```
10 |
11 | ### Bad Practice
12 | ```bash
13 | kubectl apply -f 01-3-emptydir-pod.yaml
14 | kubectl port-forward test-pd 8080:80
15 | curl -XGET http://localhost:8080/helloworld/helloworld.html
16 | kubectl delete -f 01-3-emptydir-pod.yaml
17 | ```
18 |
19 | ### Secret Volume
20 | ```bash
21 | echo mysql://root:topsecretpassword@remote_mysql:3306/acedemand > mysql.conn
22 | kubectl create secret generic mysqlconnection --from-file=mysql.conn
23 | kubectl apply -f 03-secretdir.yaml
24 | kubectl exec -it test-pd -- /bin/sh
25 | ls /secret
26 | cat /secret/mysql.conn
27 | ```
28 |
29 | ### configmap readonly
30 | ```bash
31 | kubectl create configmap mysql-conn --from-file mysql.conn
32 | kubectl apply -f 01-4-emptydir-pod.yaml
33 | kubectl exec -it test-pd -- /bin/sh
34 | cd /usr/share/nginx/html
35 | ls -lart
36 | # find executable rights
37 | kubectl delete configmap mysql-conn
38 | kubectl delete -f 01-4-emptydir-pod.yaml
39 | ```
40 |
41 |
42 |
43 |
44 |
45 |
--------------------------------------------------------------------------------
/08-storage/intro/mysql.conn:
--------------------------------------------------------------------------------
1 | mysql://root:topsecretpassword@remote_mysql:3306/acedemand
2 |
--------------------------------------------------------------------------------
/08-storage/portability/01-nfs-dp.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | name: test-pd
5 | labels:
6 | app: test-pd
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: test-pd
12 | template:
13 | metadata:
14 | labels:
15 | app: test-pd
16 | spec:
17 | containers:
18 | - image: nginx:1.7.9
19 | name: test-container
20 | volumeMounts:
21 | - mountPath: /cache
22 | name: cache-volume
23 | volumes:
24 | - name: cache-volume
25 | persistentVolumeClaim:
26 | claimName: nfsdata
27 |
--------------------------------------------------------------------------------
/08-storage/portability/01-nfs-pv-pvc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolume
3 | metadata:
4 | name: nfsdata
5 | spec:
6 | capacity:
7 | storage: 10Gi
8 | accessModes:
9 | - ReadWriteMany
10 | nfs:
11 | server: nfsserver
12 | path: "/nfsdata"
13 |
14 | ---
15 | kind: PersistentVolumeClaim
16 | apiVersion: v1
17 | metadata:
18 | name: nfsdata
19 | spec:
20 | accessModes:
21 | - ReadWriteMany
22 | storageClassName: ""
23 | resources:
24 | requests:
25 | storage: 10Gi
26 |
--------------------------------------------------------------------------------
/08-storage/portability/02-gcpd-pv-pvc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolume
3 | metadata:
4 | name: nfsdata
5 | spec:
6 | capacity:
7 | storage: 10Gi
8 | accessModes:
9 | - ReadWriteOnce
10 | gcePersistentDisk:
11 | pdName: meetup-disk
12 | fsType: ext4
13 |
14 | ---
15 | kind: PersistentVolumeClaim
16 | apiVersion: v1
17 | metadata:
18 | name: nfsdata
19 | spec:
20 | accessModes:
21 | - ReadWriteMany
22 | storageClassName: ""
23 | resources:
24 | requests:
25 | storage: 10Gi
26 |
--------------------------------------------------------------------------------
/08-storage/portability/Readme.md:
--------------------------------------------------------------------------------
1 | ### Persistent Volume and Persistent Volume Claim
2 | ```bash
3 | kubectl apply -f 01-nfs-pv-pvc.yaml
4 | kubectl get pv
5 | kubectl get pvc
6 | kubectl apply -f 01-nfs-dp.yaml
7 | kubectl scale deployment test-pd --replicas=2
8 | kubectl delete -f 01-nfs-dp.yaml
9 | ```
10 |
11 | #### Little change move to gcp
12 | ```bash
13 | kubectl apply -f 02-gcpd-pv-pvc.yaml
14 | kubectl apply -f 01-nfs-dp.yaml
15 | kubectl get pods
16 | kubectl delete -f 01-nfs-dp.yaml
17 | ```
18 |
19 |
20 |
--------------------------------------------------------------------------------
/08-storage/portability/pvselector/01-gcpd-pv-pvc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolume
3 | metadata:
4 | name: pv-data1
5 | spec:
6 | capacity:
7 | storage: 10Gi
8 | accessModes:
9 | - ReadWriteOnce
10 | gcePersistentDisk:
11 | pdName: meetup-disk
12 | fsType: ext4
13 | ---
14 | apiVersion: v1
15 | kind: PersistentVolume
16 | metadata:
17 | name: pv-data2
18 | spec:
19 | capacity:
20 | storage: 10Gi
21 | accessModes:
22 | - ReadWriteOnce
23 | gcePersistentDisk:
24 | pdName: meetup-disk-2
25 | fsType: ext4
26 | ---
27 | kind: PersistentVolumeClaim
28 | apiVersion: v1
29 | metadata:
30 | name: pvc-data1
31 | spec:
32 | accessModes:
33 | - ReadWriteOnce
34 | storageClassName: ""
35 | resources:
36 | requests:
37 | storage: 10Gi
38 | ---
39 | kind: PersistentVolumeClaim
40 | apiVersion: v1
41 | metadata:
42 | name: pvc-data2
43 | spec:
44 | accessModes:
45 | - ReadWriteOnce
46 | storageClassName: ""
47 | resources:
48 | requests:
49 | storage: 10Gi
50 |
51 |
--------------------------------------------------------------------------------
/08-storage/portability/pvselector/02-gcpd-pv-pvc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolume
3 | metadata:
4 | name: pv-data1
5 | labels:
6 | app: alertmanager
7 | spec:
8 | capacity:
9 | storage: 10Gi
10 | accessModes:
11 | - ReadWriteOnce
12 | gcePersistentDisk:
13 | pdName: meetup-disk
14 | fsType: ext4
15 | ---
16 | apiVersion: v1
17 | kind: PersistentVolume
18 | metadata:
19 | name: pv-data2
20 | labels:
21 | app: prometheus
22 | spec:
23 | capacity:
24 | storage: 10Gi
25 | accessModes:
26 | - ReadWriteOnce
27 | gcePersistentDisk:
28 | pdName: meetup-disk-2
29 | fsType: ext4
30 | ---
31 | kind: PersistentVolumeClaim
32 | apiVersion: v1
33 | metadata:
34 | name: pvc-data1
35 | spec:
36 | accessModes:
37 | - ReadWriteOnce
38 | storageClassName: ""
39 | selector:
40 | matchLabels:
41 | app: prometheus
42 | resources:
43 | requests:
44 | storage: 10Gi
45 | ---
46 | kind: PersistentVolumeClaim
47 | apiVersion: v1
48 | metadata:
49 | name: pvc-data2
50 | spec:
51 | accessModes:
52 | - ReadWriteOnce
53 | selector:
54 | matchLabels:
55 | app: alertmanager
56 | storageClassName: ""
57 | resources:
58 | requests:
59 | storage: 10Gi
60 |
61 |
--------------------------------------------------------------------------------
/08-storage/portability/pvselector/Readme.md:
--------------------------------------------------------------------------------
1 | #### More PVs
2 | ```bash
3 | gcloud compute disks create meetup-disk-2 --size 1g --zone europe-west3-c
4 | kubectl apply -f 01-gcpd-pv-pvc.yaml
5 | kubectl get pv
6 | kubectl get pvc
7 | kubectl delete -f 01-gcpd-pv-pvc.yaml
8 | kubectl apply -f 02-gcpd-pv-pvc.yaml
9 | kubectl get pv
10 | kubectl get pvc
11 | ```
12 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/01-gcpd-pv-pvc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | kind: PersistentVolumeClaim
3 | apiVersion: v1
4 | metadata:
5 | name: pvc-data1
6 | spec:
7 | accessModes:
8 | - ReadWriteOnce
9 | storageClassName: standard
10 | resources:
11 | requests:
12 | storage: 10Gi
13 | ---
14 | kind: PersistentVolumeClaim
15 | apiVersion: v1
16 | metadata:
17 | name: pvc-data2
18 | spec:
19 | accessModes:
20 | - ReadWriteOnce
21 | storageClassName: standard
22 | resources:
23 | requests:
24 | storage: 10Gi
25 |
26 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/02-gcpd-pv-pvc.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | kind: PersistentVolumeClaim
3 | apiVersion: v1
4 | metadata:
5 | name: pvc-data1
6 | spec:
7 | accessModes:
8 | - ReadWriteOnce
9 | storageClassName: ssd
10 | resources:
11 | requests:
12 | storage: 10Gi
13 | ---
14 | kind: PersistentVolumeClaim
15 | apiVersion: v1
16 | metadata:
17 | name: pvc-data2
18 | spec:
19 | accessModes:
20 | - ReadWriteOnce
21 | storageClassName: ssd
22 | resources:
23 | requests:
24 | storage: 10Gi
25 |
26 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/Readme.md:
--------------------------------------------------------------------------------
1 | #### Storage Class
2 | ```bash
3 | kubectl get storageclass
4 | kubectl get storageclass standard -o yaml
5 | kubectl apply -f 01-gcpd-pv-pvc.yaml
6 | kubectl get pv
7 | gcloud compute disks list
8 | ```
9 |
10 | ### SSD Class
11 | ```bash
12 | kubectl apply -f storage-sdd.yaml
13 | kubectl get storageclass
14 | kubectl apply -f 02-gcpd-pv-pvc.yaml
15 | kubectl get pvc
16 | kubectl get pv
17 | ```
18 |
19 | #### what should go wrong
20 | ```bash
21 | kubectl delete pvc pvc-data1 pvc-data2
22 | kubectl get pvc
23 | kubectl get pv
24 | kubectl get pv pvc-c0a10dce-d68e-11e8-89dc-42010a9c0015 -o yaml
25 | ```
26 |
27 | ```yaml
28 | spec:
29 | accessModes:
30 | - ReadWriteOnce
31 | capacity:
32 | storage: 10Gi
33 | claimRef:
34 | apiVersion: v1
35 | kind: PersistentVolumeClaim
36 | name: pvc-data1
37 | namespace: default
38 | resourceVersion: "173319"
39 | uid: c0a10dce-d68e-11e8-89dc-42010a9c0015
40 | gcePersistentDisk:
41 | fsType: ext4
42 | pdName: gke-meetup-a2eade41-dy-pvc-c0a10dce-d68e-11e8-89dc-42010a9c0015
43 | persistentVolumeReclaimPolicy: Retain
44 | storageClassName: ssd
45 | status:
46 | phase: Bound
47 | ```
48 |
49 | ```bash
50 | kubectl delete pvc pvc-data1 pvc-data2
51 | kubectl get pvc
52 | kubectl get pv
53 | ```
54 | ```yaml
55 | # edit ssd storageclass
56 | parameters:
57 | type: pd-ssd
58 | provisioner: kubernetes.io/gce-pd
59 | reclaimPolicy: Retain
60 | volumeBindingMode: Immediate
61 | ```
62 |
63 | ```bash
64 | kubectl delete -f storage-sdd.yaml
65 | kubectl apply -f storage-sdd-retain.yaml
66 | kubectl delete -f 02-gcpd-pv-pvc.yaml
67 | kubectl apply -f 02-gcpd-pv-pvc.yaml
68 | kubectl get pv
69 | kubectl delete -f 02-gcpd-pv-pvc.yaml
70 | kubectl get pv
71 | kubectl apply -f 02-gcpd-pv-pvc.yaml
72 | kubectl get pv
73 | kubectl get pvc
74 | ```
75 | ```yaml
76 | spec:
77 | accessModes:
78 | - ReadWriteOnce
79 | resources:
80 | requests:
81 | storage: 10Gi
82 | storageClassName: ssd
83 | volumeName: pvc-13619eda-d690-11e8-89dc-42010a9c0015
84 | status:
85 | accessModes:
86 | - ReadWriteOnce
87 | capacity:
88 | storage: 10Gi
89 | phase: Bound
90 | ```
91 | ```bash
92 | kubectl get pvc pvc-data1 -o yaml > pvc-data-with-pv.yaml
93 | kubectl delete pvc pvc-data1
94 | kubectl get pv pvc-13619eda-d690-11e8-89dc-42010a9c0015 -o yaml > specific-pv.yaml
95 | kubectl delete pv kubectl get pv pvc-13619eda-d690-11e8-89dc-42010a9c0015 -o yaml > specific-pv.yaml
96 | kubectl delete pv pvc-13619eda-d690-11e8-89dc-42010a9c0015
97 | kubectl apply -f specific-pv.yaml
98 | kubectl apply -f pvc-data-with-pv.yaml
99 |
100 | ```
101 |
102 |
103 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/change-sc/Readme.md:
--------------------------------------------------------------------------------
1 | ### wcgw
2 | ```bash
3 | kubectl create ns redis
4 | kubectl apply -f redis-master.yaml
5 | kubectl get pods -n redis
6 | kubectl get pvc -n redis
7 | kubectl get pv
8 | kubectl exec -it redis-master-0 -- /bin/sh
9 | redis-cli
10 | set name pamir
11 | 127.0.0.1:6379> get name
12 | "pamir"
13 | exit
14 | exit
15 | kubectl delete -f redis-master.yaml
16 | kubectl apply -f redis-master-ssd-transition.yaml
17 | kubectl exec -it redis-master-0 -n redis -- /bin/sh
18 | # redis-cli
19 | 127.0.0.1:6379> get name
20 | "pamir"
21 | 127.0.0.1:6379> exit
22 | # exit
23 | kubectl delete -f redis-master-ssd-transition.yaml
24 | kubectl apply -f redis-ssd-after-transition.yaml
25 |
26 | ```
27 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/change-sc/redis-master-ssd-transition.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: StatefulSet
3 | metadata:
4 | labels:
5 | app: redis-master
6 | name: redis-master
7 | namespace: redis
8 | spec:
9 | podManagementPolicy: OrderedReady
10 | replicas: 3
11 | revisionHistoryLimit: 10
12 | selector:
13 | matchLabels:
14 | app: redis-master
15 | serviceName: redis-master
16 | template:
17 | metadata:
18 | creationTimestamp: null
19 | labels:
20 | app: redis-master
21 | spec:
22 | affinity:
23 | podAntiAffinity:
24 | preferredDuringSchedulingIgnoredDuringExecution:
25 | - podAffinityTerm:
26 | labelSelector:
27 | matchExpressions:
28 | - key: app
29 | operator: In
30 | values:
31 | - redis-master
32 | topologyKey: kubernetes.io/hostname
33 | weight: 100
34 | containers:
35 | - args:
36 | - /opt/redis.conf
37 | command:
38 | - /opt/bin/k8s-redis-ha-server
39 | env:
40 | - name: SERVICE
41 | value: redis-master
42 | - name: SERVICE_PORT
43 | value: redis-master
44 | - name: SENTINEL
45 | value: redis-sentinel
46 | - name: SENTINEL_PORT
47 | value: redis-sentinel
48 | image: redis:4.0.11
49 | imagePullPolicy: IfNotPresent
50 | name: redis-master
51 | ports:
52 | - containerPort: 6379
53 | name: redis-master
54 | protocol: TCP
55 | readinessProbe:
56 | exec:
57 | command:
58 | - redis-cli
59 | - info
60 | - server
61 | failureThreshold: 3
62 | periodSeconds: 10
63 | successThreshold: 1
64 | timeoutSeconds: 1
65 | livenessProbe:
66 | exec:
67 | command:
68 | - redis-cli
69 | - info
70 | - server
71 | failureThreshold: 3
72 | periodSeconds: 10
73 | successThreshold: 1
74 | timeoutSeconds: 1
75 | resources:
76 | limits:
77 | cpu: "1"
78 | memory: 512Mi
79 | requests:
80 | cpu: "1"
81 | memory: 512Mi
82 | terminationMessagePath: /dev/termination-log
83 | terminationMessagePolicy: File
84 | volumeMounts:
85 | - mountPath: /data
86 | name: redis-master-data
87 | - mountPath: /opt
88 | name: opt
89 | dnsPolicy: ClusterFirst
90 | initContainers:
91 | - command:
92 | - /bin/sh
93 | - -c
94 | - sysctl -w net.core.somaxconn=10000
95 | image: busybox
96 | imagePullPolicy: Always
97 | name: init-sysctl
98 | resources: {}
99 | securityContext:
100 | privileged: true
101 | terminationMessagePath: /dev/termination-log
102 | terminationMessagePolicy: File
103 |
104 | - image: rifatx/redis-replication:master-latest
105 | imagePullPolicy: Always
106 | name: redis-ha-master
107 | resources: {}
108 | terminationMessagePath: /dev/termination-log
109 | terminationMessagePolicy: File
110 | volumeMounts:
111 | - mountPath: /opt
112 | name: opt
113 |
114 |
115 | - command:
116 | - /bin/sh
117 | - -c
118 | - cp -rf /data/* /data2/
119 | image: busybox
120 | imagePullPolicy: Always
121 | name: db-copy
122 | resources: {}
123 | securityContext:
124 | privileged: true
125 | terminationMessagePath: /dev/termination-log
126 | terminationMessagePolicy: File
127 | imagePullPolicy: Always
128 | volumeMounts:
129 | - mountPath: /data
130 | name: redis-master-volume
131 | - mountPath: /data2
132 | name: redis-master-data
133 | restartPolicy: Always
134 | schedulerName: default-scheduler
135 | securityContext: {}
136 | terminationGracePeriodSeconds: 30
137 |
138 | volumes:
139 | - emptyDir: {}
140 | name: opt
141 | volumeClaimTemplates:
142 | - metadata:
143 | annotations:
144 | volume.beta.kubernetes.io/storage-class: standard
145 | name: redis-master-volume
146 | spec:
147 | storageClassName: standard
148 | accessModes:
149 | - ReadWriteOnce
150 | resources:
151 | requests:
152 | storage: 10Gi
153 | - metadata:
154 | annotations:
155 | volume.beta.kubernetes.io/storage-class: ssd
156 | name: redis-master-data
157 | spec:
158 | storageClassName: ssd
159 | accessModes:
160 | - ReadWriteOnce
161 | resources:
162 | requests:
163 | storage: 10Gi
164 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/change-sc/redis-master.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: StatefulSet
3 | metadata:
4 | labels:
5 | app: redis-master
6 | name: redis-master
7 | namespace: redis
8 | spec:
9 | podManagementPolicy: OrderedReady
10 | replicas: 3
11 | revisionHistoryLimit: 10
12 | selector:
13 | matchLabels:
14 | app: redis-master
15 | serviceName: redis-master
16 | template:
17 | metadata:
18 | creationTimestamp: null
19 | labels:
20 | app: redis-master
21 | spec:
22 | containers:
23 | - args:
24 | - /opt/redis.conf
25 | command:
26 | - /opt/bin/k8s-redis-ha-server
27 | env:
28 | - name: SERVICE
29 | value: redis-master
30 | - name: SERVICE_PORT
31 | value: redis-master
32 | - name: SENTINEL
33 | value: redis-sentinel
34 | - name: SENTINEL_PORT
35 | value: redis-sentinel
36 | image: redis:4.0.11
37 | imagePullPolicy: IfNotPresent
38 | name: redis-master
39 | ports:
40 | - containerPort: 6379
41 | name: redis-master
42 | protocol: TCP
43 | readinessProbe:
44 | exec:
45 | command:
46 | - redis-cli
47 | - info
48 | - server
49 | failureThreshold: 3
50 | periodSeconds: 10
51 | successThreshold: 1
52 | timeoutSeconds: 1
53 | livenessProbe:
54 | exec:
55 | command:
56 | - redis-cli
57 | - info
58 | - server
59 | failureThreshold: 3
60 | periodSeconds: 10
61 | successThreshold: 1
62 | timeoutSeconds: 1
63 | resources:
64 | limits:
65 | cpu: "1"
66 | memory: 512Mi
67 | requests:
68 | cpu: "1"
69 | memory: 512Mi
70 | terminationMessagePath: /dev/termination-log
71 | terminationMessagePolicy: File
72 | volumeMounts:
73 | - mountPath: /data
74 | name: redis-master-volume
75 | - mountPath: /opt
76 | name: opt
77 | dnsPolicy: ClusterFirst
78 | initContainers:
79 | - command:
80 | - /bin/sh
81 | - -c
82 | - sysctl -w net.core.somaxconn=10000
83 | image: busybox
84 | imagePullPolicy: Always
85 | name: init-sysctl
86 | resources: {}
87 | securityContext:
88 | privileged: true
89 | terminationMessagePath: /dev/termination-log
90 | terminationMessagePolicy: File
91 |
92 | - image: rifatx/redis-replication:master-latest
93 | imagePullPolicy: Always
94 | name: redis-ha-master
95 | resources: {}
96 | terminationMessagePath: /dev/termination-log
97 | terminationMessagePolicy: File
98 | volumeMounts:
99 | - mountPath: /opt
100 | name: opt
101 |
102 |
103 | restartPolicy: Always
104 | schedulerName: default-scheduler
105 | securityContext: {}
106 | terminationGracePeriodSeconds: 30
107 |
108 | volumes:
109 | - emptyDir: {}
110 | name: opt
111 | volumeClaimTemplates:
112 | - metadata:
113 | annotations:
114 | volume.beta.kubernetes.io/storage-class: standard
115 | name: redis-master-volume
116 | spec:
117 | storageClassName: standard
118 | accessModes:
119 | - ReadWriteOnce
120 | resources:
121 | requests:
122 | storage: 10Gi
123 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/change-sc/redis-ssd-after-transition.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: StatefulSet
3 | metadata:
4 | labels:
5 | app: redis-master
6 | name: redis-master
7 | namespace: redis
8 | spec:
9 | podManagementPolicy: OrderedReady
10 | replicas: 3
11 | revisionHistoryLimit: 10
12 | selector:
13 | matchLabels:
14 | app: redis-master
15 | serviceName: redis-master
16 | template:
17 | metadata:
18 | creationTimestamp: null
19 | labels:
20 | app: redis-master
21 | spec:
22 | affinity:
23 | podAntiAffinity:
24 | preferredDuringSchedulingIgnoredDuringExecution:
25 | - podAffinityTerm:
26 | labelSelector:
27 | matchExpressions:
28 | - key: app
29 | operator: In
30 | values:
31 | - redis-master
32 | topologyKey: kubernetes.io/hostname
33 | weight: 100
34 | containers:
35 | - args:
36 | - /opt/redis.conf
37 | command:
38 | - /opt/bin/k8s-redis-ha-server
39 | env:
40 | - name: SERVICE
41 | value: redis-master
42 | - name: SERVICE_PORT
43 | value: redis-master
44 | - name: SENTINEL
45 | value: redis-sentinel
46 | - name: SENTINEL_PORT
47 | value: redis-sentinel
48 | image: redis:4.0.11
49 | imagePullPolicy: IfNotPresent
50 | name: redis-master
51 | ports:
52 | - containerPort: 6379
53 | name: redis-master
54 | protocol: TCP
55 | readinessProbe:
56 | exec:
57 | command:
58 | - redis-cli
59 | - info
60 | - server
61 | failureThreshold: 3
62 | periodSeconds: 10
63 | successThreshold: 1
64 | timeoutSeconds: 1
65 | livenessProbe:
66 | exec:
67 | command:
68 | - redis-cli
69 | - info
70 | - server
71 | failureThreshold: 3
72 | periodSeconds: 10
73 | successThreshold: 1
74 | timeoutSeconds: 1
75 | resources:
76 | limits:
77 | cpu: "1"
78 | memory: 512Mi
79 | requests:
80 | cpu: "1"
81 | memory: 512Mi
82 | terminationMessagePath: /dev/termination-log
83 | terminationMessagePolicy: File
84 | volumeMounts:
85 | - mountPath: /data
86 | name: redis-master-data
87 | - mountPath: /opt
88 | name: opt
89 | dnsPolicy: ClusterFirst
90 | initContainers:
91 | - command:
92 | - /bin/sh
93 | - -c
94 | - sysctl -w net.core.somaxconn=10000
95 | image: busybox
96 | imagePullPolicy: Always
97 | name: init-sysctl
98 | resources: {}
99 | securityContext:
100 | privileged: true
101 | terminationMessagePath: /dev/termination-log
102 | terminationMessagePolicy: File
103 |
104 | - image: rifatx/redis-replication:master-latest
105 | imagePullPolicy: Always
106 | name: redis-ha-master
107 | resources: {}
108 | terminationMessagePath: /dev/termination-log
109 | terminationMessagePolicy: File
110 | volumeMounts:
111 | - mountPath: /opt
112 | name: opt
113 | restartPolicy: Always
114 | schedulerName: default-scheduler
115 | securityContext: {}
116 | terminationGracePeriodSeconds: 30
117 |
118 | volumes:
119 | - emptyDir: {}
120 | name: opt
121 | volumeClaimTemplates:
122 | - metadata:
123 | annotations:
124 | volume.beta.kubernetes.io/storage-class: ssd
125 | name: redis-master-data
126 | spec:
127 | storageClassName: ssd
128 | accessModes:
129 | - ReadWriteOnce
130 | resources:
131 | requests:
132 | storage: 10Gi
133 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/pvc-data-with-pv.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolumeClaim
3 | metadata:
4 | name: pvc-data1
5 | namespace: default
6 | spec:
7 | accessModes:
8 | - ReadWriteOnce
9 | resources:
10 | requests:
11 | storage: 10Gi
12 | storageClassName: ssd
13 | volumeName: pvc-13619eda-d690-11e8-89dc-42010a9c0015
14 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/specific-pv.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolume
3 | metadata:
4 | name: pvc-13619eda-d690-11e8-89dc-42010a9c0015
5 | spec:
6 | accessModes:
7 | - ReadWriteOnce
8 | capacity:
9 | storage: 10Gi
10 | claimRef:
11 | apiVersion: v1
12 | kind: PersistentVolumeClaim
13 | name: pvc-data1
14 | namespace: default
15 | gcePersistentDisk:
16 | fsType: ext4
17 | pdName: gke-meetup-a2eade41-dy-pvc-13619eda-d690-11e8-89dc-42010a9c0015
18 | persistentVolumeReclaimPolicy: Retain
19 | storageClassName: ssd
20 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/storage-sdd-retain.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.k8s.io/v1
2 | kind: StorageClass
3 | metadata:
4 | name: ssd
5 | provisioner: kubernetes.io/gce-pd
6 | reclaimPolicy: Retain
7 | parameters:
8 | type: pd-ssd
9 |
10 |
--------------------------------------------------------------------------------
/08-storage/portability/storageclass/storage-sdd.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: storage.k8s.io/v1
2 | kind: StorageClass
3 | metadata:
4 | name: ssd
5 | provisioner: kubernetes.io/gce-pd
6 | parameters:
7 | type: pd-ssd
8 |
--------------------------------------------------------------------------------
/08-storage/remotestorage/01-2-gce-pd.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | name: test-pd
5 | labels:
6 | app: test-pd
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: test-pd
12 | template:
13 | metadata:
14 | labels:
15 | app: test-pd
16 | spec:
17 | containers:
18 | - image: nginx:1.7.9
19 | name: test-container
20 | volumeMounts:
21 | - mountPath: /cache
22 | name: cache-volume
23 | volumes:
24 | - name: cache-volume
25 | gcePersistentDisk:
26 | pdName: meetup-disk
27 | fsType: ext4
28 |
--------------------------------------------------------------------------------
/08-storage/remotestorage/01-3-gce-pd.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | name: test-pd
5 | labels:
6 | app: test-pd
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: test-pd
12 | template:
13 | metadata:
14 | labels:
15 | app: test-pd
16 | spec:
17 | containers:
18 | - image: nginx:1.7.9
19 | name: test-container
20 | volumeMounts:
21 | - mountPath: /cache
22 | name: cache-volume
23 | volumes:
24 | - name: cache-volume
25 | gcePersistentDisk:
26 | pdName: meetup-disk
27 | fsType: ext4
28 | readOnly: true
29 |
--------------------------------------------------------------------------------
/08-storage/remotestorage/01-gce-pd.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | metadata:
4 | name: test-pd
5 | spec:
6 | containers:
7 | - image: nginx:1.7.9
8 | name: test-container
9 | volumeMounts:
10 | - mountPath: /cache
11 | name: cache-volume
12 | volumes:
13 | - name: cache-volume
14 | gcePersistentDisk:
15 | pdName: meetup-disk
16 | fsType: ext4
17 |
--------------------------------------------------------------------------------
/08-storage/remotestorage/02-nfs-pd.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: extensions/v1beta1
2 | kind: Deployment
3 | metadata:
4 | name: test-pd
5 | labels:
6 | app: test-pd
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | app: test-pd
12 | template:
13 | metadata:
14 | labels:
15 | app: test-pd
16 | spec:
17 | containers:
18 | - image: nginx:1.7.9
19 | name: test-container
20 | volumeMounts:
21 | - mountPath: /cache
22 | name: cache-volume
23 | volumes:
24 | - name: cache-volume
25 | nfs:
26 | server: nfsserver
27 | path: "/nfsdata"
28 |
29 |
--------------------------------------------------------------------------------
/08-storage/remotestorage/Readme.md:
--------------------------------------------------------------------------------
1 | ### gce pd
2 | #### Bad practice
3 | ```bash
4 | gcloud compute disks create meetup-disk --size 1g --zone europe-west3-c
5 | kubectl apply -f 01-gce-pd.yaml
6 | kubectl describe pod test-pd
7 | kubectl exec -it test-pd -- /bin/sh
8 | echo k8s > /cache/data.txt
9 | kubectl delete pod test-pd
10 | kubectl apply -f 01-gce-pd.yaml
11 | kubectl exec -it test-pd -- /bin/sh
12 | cat /cache/data.txt
13 |
14 | #Remote Storage Lifecycle
15 | mount | grep cache
16 | exit
17 | gcloud compute --project "inspired-bus-194216" ssh --zone "europe-west3-c" $(kubectl get pods test-pd -o jsonpath="{.spec.nodeName}")
18 | mount | grep meetup-disk
19 | kubectl delete pod test-pd
20 | ```
21 |
22 | ### rtfm
23 | ```bash
24 | kubectl apply -f 01-2-gce-pd.yaml
25 | kubectl scale deployment test-pd --replicas=2
26 | kubectl apply -f 01-3-gce-pd.yaml
27 | kubectl scale deployment test-pd --replicas 2
28 | kubectl delete -f 01-2-gce-pd.yaml
29 | ```
30 |
31 | ### nfs server
32 | ```bash
33 | gcloud beta compute --project=inspired-bus-194216 instances create nfsserver --zone=europe-west3-c --machine-type=n1-standard-2 --subnet=default --network-tier=PREMIUM --maintenance-policy=MIGRATE --service-account=249941509274-compute@developer.gserviceaccount.com --scopes=https://www.googleapis.com/auth/devstorage.read_only,https://www.googleapis.com/auth/logging.write,https://www.googleapis.com/auth/monitoring.write,https://www.googleapis.com/auth/servicecontrol,https://www.googleapis.com/auth/service.management.readonly,https://www.googleapis.com/auth/trace.append --image=ubuntu-1804-bionic-v20181003 --image-project=ubuntu-os-cloud --boot-disk-size=20GB --boot-disk-type=pd-standard --boot-disk-device-name=nfsserver
34 |
35 |
36 | gcloud compute --project "inspired-bus-194216" ssh --zone "europe-west3-c" "nfsserver"
37 | sudo su -
38 | apt install nfs-kernel-server
39 | mkdir /nfsdata
40 | echo /nfsdata 10.0.0.0/8(rw,sync,no_subtree_check) > /etc/exports
41 | sudo chown nobody:nogroup /nfsdata/
42 | systemctl restart nfs-server
43 | exit
44 | exit
45 |
46 |
47 | kubectl apply -f 02-nfs-pd.yaml
48 | kubectl scale deployment test-pd --replicas=2
49 | kubectl exec -it -- /bin/sh
50 | cd /cache
51 | touch a.txt
52 | exit
53 | kubectl exec -it -- /bin/sh
54 | ls -lart /cache
55 | exit
56 | kubectl delete deployment test-pd
57 |
58 | ```
59 |
60 |
61 |
62 |
63 |
--------------------------------------------------------------------------------
/09-crd/01-crd.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | # name must match the spec fields below, and be in the form: .
5 | name: crontabs.stable.example.com
6 | spec:
7 | # group name to use for REST API: /apis//
8 | group: stable.example.com
9 | # list of versions supported by this CustomResourceDefinition
10 | versions:
11 | - name: v1
12 | # Each version can be enabled/disabled by Served flag.
13 | served: true
14 | # One and only one version must be marked as the storage version.
15 | storage: true
16 | # either Namespaced or Cluster
17 | scope: Namespaced
18 | names:
19 | # plural name to be used in the URL: /apis///
20 | plural: crontabs
21 | # singular name to be used as an alias on the CLI and for display
22 | singular: crontab
23 | # kind is normally the CamelCased singular type. Your resource manifests use this.
24 | kind: CronTab
25 | # shortNames allow shorter string to match your resource on the CLI
26 | shortNames:
27 | - ct
28 |
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/01-installation/Readme.md:
--------------------------------------------------------------------------------
1 | #### Installation
2 | ```bash
3 | kubectl create serviceaccount --namespace kube-system tiller
4 | kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
5 | helm init --service-account tiller --upgrade
6 | kubectl get deployment -n kube-system -o yaml tiller-deploy | grep serviceAccount
7 | ```
8 |
9 | #### Helm uninstall from cluster
10 | ```bash
11 | helm reset
12 | kubectl get pods -n kube-system
13 | ```
14 |
15 | #### Forget to create service account
16 |
17 | ```bash
18 | #https://github.com/fnproject/fn-helm/issues/21
19 | helm init
20 | helm list
21 | kubectl create serviceaccount --namespace kube-system tiller
22 | kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
23 | kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
24 | helm --help
25 | helm list --help
26 | helm list
27 | helm list -a
28 | ```
29 |
30 | #### Stable Charts && Incubator Charts
31 | ```bash
32 | helm search mysql
33 | helm repo add incubator https://kubernetes-charts-incubator.storage.googleapis.com/
34 | helm search cassandra
35 | curl -XGET https://kubernetes-charts-incubator.storage.googleapis.com/
36 | ```
37 |
38 | open from Chrome https://console.cloud.google.com/storage/browser/kubernetes-charts-incubator
39 |
40 | ```bash
41 | helm install stable/nginx-ingress --name nginx-ing --namespace app
42 | kubectl get all -n app
43 | helm list
44 | helm delete --help
45 | helm delete nginx-ing --purge
46 | ```
47 |
48 | ### Managing dependencies
49 | ```bash
50 | mkdir -p $HOME/dev/tools_data
51 | cd ~/dev/tools_data
52 | git clonehttps://github.com/helm/charts.git
53 | cd charts/stable
54 | cd sonarqube
55 | cat requirements.yaml
56 | mkdir charts/postgresql
57 | cp -R ../postgresql charts/postgresql
58 | helm install . --name sonarqube --namespace app -f values.yaml
59 | helm list
60 | ```
61 |
62 | #### Helm Commands
63 | ```bash
64 | helm status sonarqube
65 | helm inspect .
66 | helm inspect stable/mysql
67 | ```
68 | change limits in values.yaml
69 | ```yaml
70 | resources:
71 | limits:
72 | cpu: 100m
73 | memory: 128Mi
74 | requests:
75 | cpu: 100m
76 | memory: 128Mi
77 | ```
78 | ```bash
79 | helm upgrade sonarqube . -f values.yaml
80 | helm history sonarqube
81 | helm rollback --dry-run=true sonarqube 1
82 | helm rollback sonarqube 1
83 | kubectl get pods -n app
84 | ```
85 |
86 |
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/02-prometheus/.Readme.md.swp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetestr/kubernetes-essentials/58fcb758e68d2f87c48acc67650584f6a6af0dfd/10-ks8-packaging/01-helm/02-prometheus/.Readme.md.swp
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/Readme.md:
--------------------------------------------------------------------------------
1 | #### Custom Helm Chart
2 | ```bash
3 | helm create k8s-app
4 | cd k8s-app
5 | ```
6 |
7 | change yaml
8 | ```yaml
9 | # Default values for k8s-app.
10 | # This is a YAML-formatted file.
11 | # Declare variables to be passed into your templates.
12 |
13 | replicaCount: 1
14 |
15 | image:
16 | repository: pamir/webapp
17 | tag: latest
18 | pullPolicy: IfNotPresent
19 |
20 | service:
21 | type: ClusterIP
22 | port: 80
23 |
24 | ingress:
25 | enabled: false
26 | annotations: {}
27 | # kubernetes.io/ingress.class: nginx
28 | # kubernetes.io/tls-acme: "true"
29 | path: /
30 | hosts:
31 | - chart-example.local
32 | tls: []
33 | # - secretName: chart-example-tls
34 | # hosts:
35 | # - chart-example.local
36 |
37 | resources:
38 | limits:
39 | cpu: 100m
40 | memory: 128Mi
41 | requests:
42 | cpu: 100m
43 | memory: 128Mi
44 |
45 | nodeSelector: {}
46 |
47 | tolerations: []
48 |
49 | affinity: {}
50 | ```
51 | ```bash
52 | helm install --name pn . --namespace app -f values
53 | ```
54 |
55 | change the container port with variable
56 | ```yaml
57 | container:
58 | port: 8080
59 |
60 |
61 | ---
62 | ports:
63 | - name: http
64 | containerPort: "{{ .Values.container.port}}"
65 | ```
66 | ```bash
67 | helm upgrade pn . -f values.yaml
68 | ```
69 | Pretty cool features of helm
70 | ```bash
71 | helm lint .
72 | helm upgrade pn . --dry-run=true --debug
73 | ```
74 | Another if statement
75 | ```yaml
76 | terminationGrace: "enabled"
77 | terminationGracePeriodSeconds: 60
78 | ---
79 | {{ if eq .Values.container.terminationGrace "enabled" }}
80 | terminationGracePeriodSeconds: {{ .Values.container.terminationGracePeriodSeconds }}
81 | {{ end }}
82 | ```
83 |
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/k8s-app/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 |
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/k8s-app/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: "1.0.o"
3 | description: A Helm chart for Acedemand Deployment
4 | name: k8s-app
5 | version: 1.0.0
6 | icon: https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
7 |
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/k8s-app/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | 1. Get the application URL by running these commands:
2 | {{- if .Values.ingress.enabled }}
3 | {{- range .Values.ingress.hosts }}
4 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
5 | {{- end }}
6 | {{- else if contains "NodePort" .Values.service.type }}
7 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "k8s-app.fullname" . }})
8 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
9 | echo http://$NODE_IP:$NODE_PORT
10 | {{- else if contains "LoadBalancer" .Values.service.type }}
11 | NOTE: It may take a few minutes for the LoadBalancer IP to be available.
12 | You can watch the status of by running 'kubectl get svc -w {{ template "k8s-app.fullname" . }}'
13 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "k8s-app.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
14 | echo http://$SERVICE_IP:{{ .Values.service.port }}
15 | {{- else if contains "ClusterIP" .Values.service.type }}
16 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "k8s-app.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
17 | echo "Visit http://127.0.0.1:8080 to use your application"
18 | kubectl port-forward $POD_NAME 8080:80
19 | {{- end }}
20 |
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/k8s-app/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "k8s-app.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "k8s-app.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "k8s-app.chart" -}}
31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/k8s-app/templates/deployment.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1beta2
2 | kind: Deployment
3 | metadata:
4 | name: {{ template "k8s-app.fullname" . }}
5 | labels:
6 | app: {{ template "k8s-app.name" . }}
7 | chart: {{ template "k8s-app.chart" . }}
8 | release: {{ .Release.Name }}
9 | heritage: {{ .Release.Service }}
10 | spec:
11 | replicas: {{ .Values.replicaCount }}
12 | selector:
13 | matchLabels:
14 | app: {{ template "k8s-app.name" . }}
15 | release: {{ .Release.Name }}
16 | template:
17 | metadata:
18 | labels:
19 | app: {{ template "k8s-app.name" . }}
20 | release: {{ .Release.Name }}
21 | spec:
22 | containers:
23 | - name: {{ .Chart.Name }}
24 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
25 | imagePullPolicy: {{ .Values.image.pullPolicy }}
26 | ports:
27 | - name: http
28 | containerPort: {{ .Values.container.port }}
29 | protocol: TCP
30 | livenessProbe:
31 | httpGet:
32 | path: /
33 | port: http
34 | readinessProbe:
35 | httpGet:
36 | path: /
37 | port: http
38 | resources:
39 | {{ toYaml .Values.resources | indent 12 }}
40 | {{- with .Values.nodeSelector }}
41 | nodeSelector:
42 | {{ toYaml . | indent 8 }}
43 | {{- end }}
44 | {{- with .Values.affinity }}
45 | affinity:
46 | {{ toYaml . | indent 8 }}
47 | {{- end }}
48 | {{- with .Values.tolerations }}
49 | tolerations:
50 | {{ toYaml . | indent 8 }}
51 | {{- end }}
52 | {{ if eq .Values.container.terminationGrace "enabled" }}
53 | terminationGracePeriodSeconds: {{ .Values.container.terminationGracePeriodSeconds }}
54 | {{ end }}
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/k8s-app/templates/ingress.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.ingress.enabled -}}
2 | {{- $fullName := include "k8s-app.fullname" . -}}
3 | {{- $ingressPath := .Values.ingress.path -}}
4 | apiVersion: extensions/v1beta1
5 | kind: Ingress
6 | metadata:
7 | name: {{ $fullName }}
8 | labels:
9 | app: {{ template "k8s-app.name" . }}
10 | chart: {{ template "k8s-app.chart" . }}
11 | release: {{ .Release.Name }}
12 | heritage: {{ .Release.Service }}
13 | {{- with .Values.ingress.annotations }}
14 | annotations:
15 | {{ toYaml . | indent 4 }}
16 | {{- end }}
17 | spec:
18 | {{- if .Values.ingress.tls }}
19 | tls:
20 | {{- range .Values.ingress.tls }}
21 | - hosts:
22 | {{- range .hosts }}
23 | - {{ . }}
24 | {{- end }}
25 | secretName: {{ .secretName }}
26 | {{- end }}
27 | {{- end }}
28 | rules:
29 | {{- range .Values.ingress.hosts }}
30 | - host: {{ . }}
31 | http:
32 | paths:
33 | - path: {{ $ingressPath }}
34 | backend:
35 | serviceName: {{ $fullName }}
36 | servicePort: http
37 | {{- end }}
38 | {{- end }}
39 |
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/k8s-app/templates/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: {{ template "k8s-app.fullname" . }}
5 | labels:
6 | app: {{ template "k8s-app.name" . }}
7 | chart: {{ template "k8s-app.chart" . }}
8 | release: {{ .Release.Name }}
9 | heritage: {{ .Release.Service }}
10 | spec:
11 | type: {{ .Values.service.type }}
12 | ports:
13 | - port: {{ .Values.service.port }}
14 | targetPort: http
15 | protocol: TCP
16 | name: http
17 | selector:
18 | app: {{ template "k8s-app.name" . }}
19 | release: {{ .Release.Name }}
--------------------------------------------------------------------------------
/10-ks8-packaging/01-helm/03-customapp/k8s-app/values.yaml:
--------------------------------------------------------------------------------
1 | # Default values for k8s-app.
2 | # This is a YAML-formatted file.
3 | # Declare variables to be passed into your templates.
4 |
5 | replicaCount: 1
6 |
7 | image:
8 | repository: pamir/webapp
9 | tag: latest
10 | pullPolicy: IfNotPresent
11 |
12 | service:
13 | type: ClusterIP
14 | port: 80
15 |
16 | container:
17 | port: 8080
18 | terminationGrace: "enabled"
19 | terminationGracePeriodSeconds: 60
20 | ingress:
21 | enabled: false
22 | annotations: {}
23 | # kubernetes.io/ingress.class: nginx
24 | # kubernetes.io/tls-acme: "true"
25 | path: /
26 | hosts:
27 | - chart-example.local
28 | tls: []
29 | # - secretName: chart-example-tls
30 | # hosts:
31 | # - chart-example.local
32 |
33 | resources:
34 | limits:
35 | cpu: 100m
36 | memory: 128Mi
37 | requests:
38 | cpu: 100m
39 | memory: 128Mi
40 |
41 | nodeSelector: {}
42 |
43 | tolerations: []
44 | affinity: {}
45 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # kubernetes-samples
2 | Step by step kubernetes samples from beginner to advanced
3 |
4 | #Installation
5 | kubectl + minikube
6 | https://kubernetes.io/docs/tasks/tools/install-minikube/
7 |
8 | [Cmder](http://cmder.net/)
9 |
10 |
11 | Books
12 | [Up and Running kubernetes](https://www.amazon.com/Kubernetes-Running-Dive-Future-Infrastructure/dp/1491935677)
13 |
14 | References
15 | [1] https://www.slideshare.net/Docker/containerd-the-universal-container-runtime
16 | [2] https://rominirani.com/tutorial-getting-started-with-kubernetes-on-your-windows-laptop-with-minikube-3269b54a226
17 | [3] https://github.com/jamiehannaford/what-happens-when-k8s
18 | [4] https://kubernetes.io/docs/tasks/administer-cluster/cpu-constraint-namespace/
19 | [5] https://kubernetes.io/docs/reference/kubectl/cheatsheet/
20 | [6] https://github.com/kubernetes/kubernetes/issues/24925 *:))))* Mind Blowing CPU Shares
21 | [7] https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt
22 | [8] https://0xax.gitbooks.io/linux-insides/content/Cgroups/cgroups1.html
23 |
24 |
25 |
--------------------------------------------------------------------------------