├── dummy.yaml ├── variables ├── kustomize-bluegreen ├── blue │ ├── index.html │ ├── bluecm.yaml │ ├── kustomization.yaml │ ├── blue-svc.yaml │ ├── patch.yaml │ ├── myapp-ing.yaml │ └── deployment.yaml └── green │ ├── kustomization.yaml │ ├── greencm.yaml │ ├── green-svc.yaml │ ├── patch.yaml │ ├── myapp-ing.yaml │ └── deployment.yaml ├── May2020HistoryPart1 ├── SetupGuide.pdf ├── mysa.yaml ├── autoscaling ├── Dockerfile ├── index.php └── hpa.yaml ├── lab16-break.sh ├── README.txt ├── kustomization ├── kustomization.yaml ├── service.yaml └── deployment.yaml ├── externalname.yaml ├── sander.yaml ├── secret-yaml.yaml ├── httpd.yaml ├── Dealing with the Docker Image Pull Rate Limitation in Kubernetes.pdf ├── crd-backup.yaml ├── dockerfile ├── Dockerfile └── countdown ├── countdown ├── mypod.yaml ├── nginx-custom-config.conf ├── pvc.yaml ├── service.yaml ├── busybox-ns.yaml ├── securitycontextdemo.yaml ├── service.yml ├── busybox.yaml ├── friday.yaml ├── mysapod.yaml ├── list-pods.yaml ├── pv.yaml ├── multicontainer.yaml ├── cm-test-pod.yaml ├── my-ghost-app ├── templates │ ├── service.yaml │ ├── serviceaccount.yaml │ ├── tests │ │ └── test-connection.yaml │ ├── deployment.yaml │ ├── hpa.yaml │ ├── ingress.yaml │ ├── NOTES.txt │ └── _helpers.tpl ├── Chart.yaml └── values.yaml ├── init-example2.yaml ├── statefulpv.yaml ├── busybox-label.yaml ├── alpmap └── Containerfile ├── labs ├── exam-task10.sh ├── exam-task4.sh ├── exam-task15.sh ├── exam-task2.sh ├── exam-task14.sh ├── exam-task5.sh ├── exam-task13.sh ├── exam-task3.sh ├── exam-task9.sh ├── exam-task8.sh ├── exam-task6.sh ├── exam-task12.sh ├── exam-task11.sh ├── exam-task7.sh └── exam-task1.sh ├── simplejob.yaml ├── simpleshell.yaml ├── pv-nfs.yaml ├── sleepy.yaml ├── pod-secret-as-var.yaml ├── list-pods-mysa-binding.yaml ├── nginx-in.yaml ├── basicvolume.yaml ├── replicaset.yaml ├── volumes.yaml ├── README.md ├── example-ingress.yaml ├── busybox-ready.yaml ├── pod-secret.yaml ├── daemon.yaml ├── nginx-cm.yml ├── pv-pod.yaml ├── cron-example.yaml ├── nginx-probes.yaml ├── redis.yaml ├── redis-deploy.yaml ├── rolling.yaml ├── healthz_probe.yaml ├── http-routing.yaml ├── morevolumes.yaml ├── securitycontextdemo2.yaml ├── new-ing.yaml ├── old-nginx.yaml ├── ingress-resource.yaml ├── ingress-virtual-hosting.yaml ├── pullratelimitpatch.sh ├── sidecar.yaml ├── traefik-in.yaml ├── frontend-resources.yaml ├── custom-resources.yaml ├── nginxsvc-ingress.yaml ├── May2020HistoryPart2 ├── pvc-pod.yaml ├── init-example1.yaml ├── initpod.yaml ├── 157.yaml ├── canary.yaml ├── hpa.yaml ├── setup-kubetools-ubuntu.sh ├── crd-object.yaml ├── nwpolicy-complete-example.yaml ├── ingress-rbac.yaml ├── externalname2.yaml ├── pods-with-nw-policy.yaml ├── cluster-setup.sh ├── ART-kube-network.txt ├── pv-pvc-pod.yaml ├── statefuldemo.yaml ├── frontend.yaml ├── solution.txt ├── labs-live ├── ckad-lab5-grade.sh ├── ckad-lab6-grade.sh ├── ckad-lab12-grade.sh ├── ckad-lab15-grade.sh ├── ckad-lab13-grade.sh └── ckad-lab14-grade.sh ├── sfs.yaml ├── minikube-docker-setup-old.sh ├── statefulset-new.yaml ├── kube-setup 2.sh ├── setup-docker.sh ├── nginx123.yaml ├── traefik-ds.yaml ├── RESOURCE.TXT ├── minikube-docker-setup.sh ├── setup-docker-dev.sh ├── setup-kubetools.sh ├── setup-container 2.sh ├── setup-container-10jun24.txt ├── kube-setup.sh ├── setup-container.sh ├── setup-container 3.sh ├── exam-grade.sh ├── mar25.txt ├── Juneday124.txt ├── history-25sep24.txt ├── march25.txt ├── history-26sep24.txt ├── may2025.txt └── dec2024.txt /dummy.yaml: -------------------------------------------------------------------------------- 1 | # dummy file 2 | -------------------------------------------------------------------------------- /variables: -------------------------------------------------------------------------------- 1 | VAR1=Hello 2 | VAR2=World 3 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/index.html: -------------------------------------------------------------------------------- 1 | blue 2 | -------------------------------------------------------------------------------- /May2020HistoryPart1: -------------------------------------------------------------------------------- 1 | sudo -i 2 | history 3 | w 4 | exit 5 | -------------------------------------------------------------------------------- /SetupGuide.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sandervanvugt/ckad/HEAD/SetupGuide.pdf -------------------------------------------------------------------------------- /mysa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: mysa 5 | -------------------------------------------------------------------------------- /autoscaling/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM php:5-apache 2 | COPY index.php /var/www/html/index.php 3 | RUN chmod a+rx index.php 4 | -------------------------------------------------------------------------------- /lab16-break.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | sed -i -e 's/current-context: minikube/#current-context: minikube/' ~/.kube/config 3 | -------------------------------------------------------------------------------- /autoscaling/index.php: -------------------------------------------------------------------------------- 1 | 8 | -------------------------------------------------------------------------------- /README.txt: -------------------------------------------------------------------------------- 1 | These are labs that evaluate your work in the labs in my CKAD live course. This is work in progress, and what you find here is not yet final. 2 | -------------------------------------------------------------------------------- /kustomization/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - deployment.yaml 3 | - service.yaml 4 | namePrefix: test- 5 | commonLabels: 6 | environment: testing 7 | -------------------------------------------------------------------------------- /externalname.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: my-service 5 | spec: 6 | type: ExternalName 7 | externalName: sandervanvugt.com 8 | -------------------------------------------------------------------------------- /sander.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: sander-pod 5 | spec: 6 | containers: 7 | - name: sander-pod 8 | image: sander-image 9 | -------------------------------------------------------------------------------- /secret-yaml.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: secret-users 5 | type: Opaque 6 | data: 7 | password: cGFzc3dvcmQ= 8 | username: bGlzYQ== 9 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - greencm.yaml 3 | - green-svc.yaml 4 | - deployment.yaml 5 | 6 | patchesStrategicMerge: 7 | - patch.yaml 8 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/bluecm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | index.html: | 4 | blue 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: blue 9 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/greencm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | index.html: | 4 | green 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: green 9 | -------------------------------------------------------------------------------- /httpd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: newhttpd 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: httpd 9 | image: httpd 10 | 11 | -------------------------------------------------------------------------------- /Dealing with the Docker Image Pull Rate Limitation in Kubernetes.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sandervanvugt/ckad/HEAD/Dealing with the Docker Image Pull Rate Limitation in Kubernetes.pdf -------------------------------------------------------------------------------- /crd-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: "stable.example.com/v1" 2 | kind: BackUp 3 | metadata: 4 | name: mybackup 5 | spec: 6 | backupType: full 7 | image: linux-backup-image 8 | replicas: 5 9 | -------------------------------------------------------------------------------- /dockerfile/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine 2 | MAINTAINER Sander 3 | 4 | VOLUME /mydata 5 | WORKDIR /mydata 6 | COPY countdown . 7 | ENTRYPOINT ["./countdown"] 8 | CMD ["1"] 9 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bluecm.yaml 3 | - blue-svc.yaml 4 | - deployment.yaml 5 | - myapp-ing.yaml 6 | 7 | patchesStrategicMerge: 8 | - patch.yaml 9 | -------------------------------------------------------------------------------- /countdown: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | COUNTER=$1 4 | COUNTER=$(( COUNTER * 60 )) 5 | 6 | while true 7 | do 8 | echo $COUNTER seconds remaining in break 9 | COUNTER=$(( COUNTER - 1 )) 10 | sleep 1 11 | done 12 | -------------------------------------------------------------------------------- /mypod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: mypod 5 | spec: 6 | containers: 7 | - name: alpine 8 | image: alpine/curl 9 | command: 10 | - "sleep" 11 | - "3600" 12 | -------------------------------------------------------------------------------- /nginx-custom-config.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 8888; 3 | server_name localhost; 4 | location / { 5 | root /usr/share/nginx/html; 6 | index index.html index.htm; 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: pv-claim 5 | spec: 6 | accessModes: 7 | - ReadWriteOnce 8 | resources: 9 | requests: 10 | storage: 1Gi 11 | -------------------------------------------------------------------------------- /service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mywebserver 5 | spec: 6 | selector: 7 | run: nginx 8 | ports: 9 | - port: 80 10 | name: whatever 11 | type: NodePort 12 | -------------------------------------------------------------------------------- /busybox-ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox3 5 | spec: 6 | containers: 7 | - image: busybox 8 | name: busy 9 | command: 10 | - sleep 11 | - "3600" 12 | -------------------------------------------------------------------------------- /dockerfile/countdown: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | COUNTER=$1 4 | COUNTER=$(( COUNTER * 60 )) 5 | 6 | while true 7 | do 8 | echo $COUNTER seconds remaining in break 9 | COUNTER=$(( COUNTER - 1 )) 10 | sleep 1 11 | done 12 | -------------------------------------------------------------------------------- /securitycontextdemo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginxsecure 5 | spec: 6 | securityContext: 7 | runAsNonRoot: true 8 | containers: 9 | - image: nginx 10 | name: nginx 11 | -------------------------------------------------------------------------------- /service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: my-service 5 | spec: 6 | selector: 7 | app: MyApp 8 | ports: 9 | - protocol: TCP 10 | port: 80 11 | targetPort: 9376 12 | -------------------------------------------------------------------------------- /busybox.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox2 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: busy 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | -------------------------------------------------------------------------------- /friday.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busyboxf 5 | namespace: default 6 | spec: 7 | containers: 8 | - image: busybox 9 | name: busy 10 | command: 11 | - sleep 12 | - "3600" 13 | -------------------------------------------------------------------------------- /mysapod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: mysapod 5 | spec: 6 | serviceAccountName: mysa 7 | containers: 8 | - name: alpine 9 | image: alpine/curl 10 | command: 11 | - "sleep" 12 | - "3600" 13 | -------------------------------------------------------------------------------- /list-pods.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: list-pods 5 | namespace: default 6 | rules: 7 | - apiGroups: 8 | - '' 9 | resources: 10 | - pods 11 | verbs: 12 | - list 13 | -------------------------------------------------------------------------------- /pv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: pv-volume 5 | labels: 6 | type: local 7 | spec: 8 | capacity: 9 | storage: 2Gi 10 | accessModes: 11 | - ReadWriteOnce 12 | hostPath: 13 | path: "/mydata" 14 | -------------------------------------------------------------------------------- /multicontainer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: multicontainer 5 | spec: 6 | containers: 7 | - name: busybox 8 | image: busybox 9 | command: 10 | - sleep 11 | - "3600" 12 | - name: nginx 13 | image: nginx 14 | -------------------------------------------------------------------------------- /cm-test-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: test1 5 | spec: 6 | containers: 7 | - name: test1 8 | image: cirros 9 | command: ["/bin/sh", "-c", "env"] 10 | envFrom: 11 | - configMapRef: 12 | name: variables 13 | -------------------------------------------------------------------------------- /my-ghost-app/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: my-service-for-my-webapp 5 | spec: 6 | type: NodePort 7 | selector: 8 | app: ghost-app 9 | ports: 10 | - protocol: TCP 11 | port: 80 12 | targetPort: 2368 13 | -------------------------------------------------------------------------------- /init-example2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: init-demo2 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: nginx 9 | initContainers: 10 | - name: install 11 | image: busybox 12 | command: 13 | - sleep 14 | - "3600" 15 | -------------------------------------------------------------------------------- /statefulpv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: statefulpv 5 | labels: 6 | type: local 7 | spec: 8 | capacity: 9 | storage: 2Gi 10 | accessModes: 11 | - ReadWriteMany 12 | hostPath: 13 | path: "/statefuldata" 14 | 15 | -------------------------------------------------------------------------------- /busybox-label.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox3 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: busybox 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | nodeselector: 14 | disktype: hdd 15 | -------------------------------------------------------------------------------- /alpmap/Containerfile: -------------------------------------------------------------------------------- 1 | from alpine 2 | MAINTAINER Sander 3 | 4 | # Add repo file 5 | ADD ./sander.repo /etc/yum.repos.d/ 6 | 7 | # Install cool software 8 | RUN apk add bash nmap 9 | 10 | ENTRYPOINT ["/usr/bin/nmap"] 11 | CMD ["-sn", "172.17.0.0/24"] 12 | 13 | -------------------------------------------------------------------------------- /labs/exam-task10.sh: -------------------------------------------------------------------------------- 1 | if helm list | grep mysql &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t you have successfully installed the bitnami mysql chart" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t bitnami mysql chart not found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | -------------------------------------------------------------------------------- /simplejob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: simple-job 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: sleepy 10 | image: alpine 11 | command: [ "/bin/sleep" ] 12 | args: [ "5" ] 13 | restartPolicy: Never 14 | -------------------------------------------------------------------------------- /simpleshell.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: shell-demo 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: nginx 9 | env: 10 | - name: ilike 11 | valueFrom: 12 | configMapKeyRef: 13 | name: colors 14 | key: favorite 15 | -------------------------------------------------------------------------------- /pv-nfs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: pv-nfs 5 | spec: 6 | capacity: 7 | storage: 1Gi 8 | accessModes: 9 | - ReadWritemany 10 | persistentVolumeReclaimPolicy: Retain 11 | nfs: 12 | path: /data 13 | server: myserver 14 | readOnly: false 15 | -------------------------------------------------------------------------------- /sleepy.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: sleepy 5 | spec: 6 | containers: 7 | - name: sleep-container 8 | image: alpine 9 | command: ["/bin/sh"] 10 | args: ["-c", "while true; do date; sleep 5; done"] 11 | env: 12 | - name: BASE_URL 13 | value: "https://sleepy.example.com" 14 | -------------------------------------------------------------------------------- /pod-secret-as-var.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: mymysql 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: mysql 9 | image: mysql:latest 10 | env: 11 | - name: MYSQL_ROOT_PASSWORD 12 | valueFrom: 13 | secretKeyRef: 14 | name: mysql 15 | key: password 16 | -------------------------------------------------------------------------------- /kustomization/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | k8s-app: nginx-friday20 7 | name: nginx-friday20 8 | spec: 9 | ports: 10 | - port: 80 11 | protocol: TCP 12 | targetPort: 80 13 | selector: 14 | k8s-app: nginx-friday20 15 | status: 16 | loadBalancer: {} 17 | -------------------------------------------------------------------------------- /list-pods-mysa-binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: list-pods-mysa-binding 5 | namespace: default 6 | roleRef: 7 | kind: Role 8 | name: list-pods 9 | apiGroup: rbac.authorization.k8s.io 10 | subjects: 11 | - kind: ServiceAccount 12 | name: mysa 13 | namespace: default 14 | -------------------------------------------------------------------------------- /nginx-in.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: nginx-ingress 5 | annotations: 6 | ingress.kubernetes.io/rewrite-target: / 7 | spec: 8 | rules: 9 | - host: 10 | http: 11 | paths: 12 | - path: /nginxserver 13 | backend: 14 | serviceName: nginx 15 | servicePort: 80 16 | -------------------------------------------------------------------------------- /basicvolume.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busyboxab 5 | namespace: default 6 | spec: 7 | containers: 8 | - image: busybox 9 | name: busy1 10 | command: 11 | - sleep 12 | - "3600" 13 | volumeMounts: 14 | - mountPath: /somedir 15 | name: my-volume 16 | volumes: 17 | - name: my-volume 18 | emptyDir: {} 19 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/blue-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: blue-deploy 7 | name: blue-svc 8 | spec: 9 | ports: 10 | - port: 80 11 | protocol: TCP 12 | targetPort: 80 13 | selector: 14 | app: blue-deploy 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /replicaset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: ReplicaSet 3 | metadata: 4 | name: rsdemo 5 | spec: 6 | replicas: 2 7 | selector: 8 | matchLabels: 9 | app: myapp 10 | template: 11 | metadata: 12 | name: nginxrs 13 | labels: 14 | app: myapp 15 | spec: 16 | containers: 17 | - name: nginx 18 | image: nginx 19 | -------------------------------------------------------------------------------- /volumes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: vol2 5 | spec: 6 | containers: 7 | - name: centos2 8 | image: centos:7 9 | command: 10 | - sleep 11 | - "3600" 12 | volumeMounts: 13 | - mountPath: /test 14 | name: test 15 | restartPolicy: Always 16 | volumes: 17 | - name: test 18 | emptyDir: {} 19 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/green-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: green-deploy 7 | name: green-svc 8 | spec: 9 | ports: 10 | - port: 80 11 | protocol: TCP 12 | targetPort: 80 13 | selector: 14 | app: green-deploy 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /labs/exam-task4.sh: -------------------------------------------------------------------------------- 1 | if kubectl get pods sidepod -o yaml | grep -A 10 initContainers | grep 'restartPolicy: Always' &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t found a pod sidepod that runs a sidecar container" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t didn't find a pod sidepod that runs a sidecar container" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | This Git repository contains supporting files for all editions of my "Certified Kubernetes Application Developer (CKAD)" video course. See https://sandervanvugt.com for more detauls. The files are used as well as in the "CKAD Crash Course" that I'm teaching at https://learning.oreilly.com. 2 | 3 | See the document SetupGuide.pdf in this Git repository for initial setup instructions. 4 | -------------------------------------------------------------------------------- /example-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: example-ingress 5 | annotations: 6 | nginx.ingress.kubernetes.io/rewrite-target: /$1 7 | spec: 8 | rules: 9 | - host: hello-world.info 10 | http: 11 | paths: 12 | - path: /|/(.+) 13 | backend: 14 | serviceName: web 15 | servicePort: 8080 16 | -------------------------------------------------------------------------------- /busybox-ready.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox-ready 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: busy 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | readinessProbe: 14 | periodSeconds: 10 15 | exec: 16 | command: 17 | - cat 18 | - /tmp/nothing 19 | resources: {} 20 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: blue-deploy 5 | spec: 6 | template: 7 | spec: 8 | volumes: 9 | - name: configfile 10 | configMap: 11 | name: blue 12 | containers: 13 | - name: nginx 14 | volumeMounts: 15 | - name: configfile 16 | mountPath: /usr/share/nginx/html/ 17 | -------------------------------------------------------------------------------- /pod-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: secretbox2 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: secretbox 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | volumeMounts: 14 | - mountPath: /secretstuff 15 | name: secret 16 | volumes: 17 | - name: secret 18 | secret: 19 | secretName: secretstuff 20 | -------------------------------------------------------------------------------- /daemon.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: DaemonSet 3 | metadata: 4 | name: nginxdaemon 5 | namespace: default 6 | labels: 7 | k8s-app: nginxdaemon 8 | spec: 9 | selector: 10 | matchLabels: 11 | name: nginxdaemon 12 | template: 13 | metadata: 14 | labels: 15 | name: nginxdaemon 16 | spec: 17 | containers: 18 | - name: nginx 19 | image: nginx 20 | 21 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: green-deploy 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: nginx 10 | volumeMounts: 11 | - name: configfile 12 | mountPath: /usr/share/nginx/html/ 13 | volumes: 14 | - name: configfile 15 | configMap: 16 | name: green 17 | 18 | -------------------------------------------------------------------------------- /my-ghost-app/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "my-ghost-app.serviceAccountName" . }} 6 | labels: 7 | {{- include "my-ghost-app.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /labs/exam-task15.sh: -------------------------------------------------------------------------------- 1 | if kubectl get pod securepod -n oklahoma -o yaml | grep 'serviceAccount: secure' &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t pod securepod in namespace oklahoma found and it is using the serviceaccount secure" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t couldn't find the pod securepod in namespace oklahoma that uses the serviceaccount secure" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | -------------------------------------------------------------------------------- /nginx-cm.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginx-cm 5 | labels: 6 | role: web 7 | spec: 8 | containers: 9 | - name: nginx-cm 10 | image: nginx 11 | volumeMounts: 12 | - name: conf 13 | mountPath: /etc/nginx/conf.d 14 | volumes: 15 | - name: conf 16 | configMap: 17 | name: nginx-cm 18 | items: 19 | - key: nginx-custom-config.conf 20 | path: default.conf 21 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/myapp-ing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | creationTimestamp: null 5 | name: myapp 6 | spec: 7 | rules: 8 | - host: myapp.local 9 | http: 10 | paths: 11 | - backend: 12 | service: 13 | name: blue-svc 14 | port: 15 | number: 80 16 | path: / 17 | pathType: Exact 18 | status: 19 | loadBalancer: {} 20 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/myapp-ing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | creationTimestamp: null 5 | name: myapp 6 | spec: 7 | rules: 8 | - host: myapp.local 9 | http: 10 | paths: 11 | - backend: 12 | service: 13 | name: green-svc 14 | port: 15 | number: 80 16 | path: / 17 | pathType: Exact 18 | status: 19 | loadBalancer: {} 20 | -------------------------------------------------------------------------------- /pv-pod.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: pv-pod 5 | spec: 6 | volumes: 7 | - name: pv-storage 8 | persistentVolumeClaim: 9 | claimName: pv-claim 10 | containers: 11 | - name: pv-container 12 | image: nginx 13 | ports: 14 | - containerPort: 80 15 | name: "http-server" 16 | volumeMounts: 17 | - mountPath: "/usr/share/nginx/html" 18 | name: pv-storage 19 | -------------------------------------------------------------------------------- /cron-example.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: hello 5 | spec: 6 | schedule: "*/1 * * * *" 7 | jobTemplate: 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: hello 13 | image: busybox 14 | args: 15 | - /bin/sh 16 | - -c 17 | - date; echo hello from the K8s cluster 18 | restartPolicy: OnFailure 19 | -------------------------------------------------------------------------------- /labs/exam-task2.sh: -------------------------------------------------------------------------------- 1 | kubectl get pods -A --selector tier=control-plane | awk 'NR > 1 { print $2 }' > /tmp/task2file.txt 2 | 3 | if diff /tmp/task2file.txt /tmp/task2pods 4 | then 5 | echo -e "\033[32m[OK]\033[0m\t\t all pods with label tier=control-plane were found" 6 | SCORE=$(( SCORE + 10 )) 7 | else 8 | echo -e "\033[31m[FAIL]\033[0m\t\t your result file doesn't show all pods with the label tier=control-plane" 9 | fi 10 | TOTAL=$(( TOTAL + 10 )) 11 | 12 | -------------------------------------------------------------------------------- /nginx-probes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginx-probes 5 | labels: 6 | role: web 7 | spec: 8 | containers: 9 | - name: nginx-probes 10 | image: nginx 11 | readinessProbe: 12 | tcpSocket: 13 | port: 80 14 | initialDelaySeconds: 5 15 | periodSeconds: 10 16 | livenessProbe: 17 | tcpSocket: 18 | port: 80 19 | initialDelaySeconds: 20 20 | periodSeconds: 20 21 | 22 | -------------------------------------------------------------------------------- /redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1beta1 3 | kind: Deployment 4 | metadata: 5 | name: redis 6 | labels: 7 | app: redis 8 | spec: 9 | selector: 10 | matchLabels: 11 | app: redis 12 | replicas: 13 | template: 14 | metadata: 15 | labels: 16 | app: redis 17 | spec: 18 | containers: 19 | - name: redis 20 | image: redis:alpine 21 | ports: 22 | - containerPort: 6379 23 | name: redis 24 | -------------------------------------------------------------------------------- /redis-deploy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1beta1 3 | kind: Deployment 4 | metadata: 5 | name: redis 6 | labels: 7 | app: redis 8 | spec: 9 | selector: 10 | matchLabels: 11 | app: redis 12 | replicas: 13 | template: 14 | metadata: 15 | labels: 16 | app: redis 17 | spec: 18 | containers: 19 | - name: redis 20 | image: redis:alpine 21 | ports: 22 | - containerPort: 6379 23 | name: redis 24 | -------------------------------------------------------------------------------- /rolling.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: rolling-nginx 5 | spec: 6 | replicas: 4 7 | strategy: 8 | type: RollingUpdate 9 | rollingUpdate: 10 | maxSurge: 2 11 | maxUnavailable: 1 12 | selector: 13 | matchLabels: 14 | app: nginx 15 | template: 16 | metadata: 17 | name: nginx 18 | labels: 19 | app: nginx 20 | spec: 21 | containers: 22 | - name: nginx 23 | image: nginx:1.8 24 | -------------------------------------------------------------------------------- /my-ghost-app/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "my-ghost-app.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "my-ghost-app.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "my-ghost-app.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /healthz_probe.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | labels: 5 | test: readiness-exec 6 | name: readiness-exec 7 | spec: 8 | containers: 9 | - name: readyornot 10 | image: busybox 11 | command: 12 | - sleep 13 | - "3600" 14 | readinessProbe: 15 | exec: 16 | command: 17 | - wget 18 | - --no-check-certificate 19 | - --spider 20 | - https://192.168.49.2:8443/healthz 21 | initialDelaySeconds: 3 22 | periodSeconds: 3 23 | 24 | -------------------------------------------------------------------------------- /http-routing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: gateway.networking.k8s.io/v1 2 | kind: Gateway 3 | metadata: 4 | name: example-gateway 5 | spec: 6 | gatewayClassName: nginx 7 | listeners: 8 | - name: http 9 | protocol: HTTP 10 | port: 80 11 | --- 12 | apiVersion: gateway.networking.k8s.io/v1 13 | kind: HTTPRoute 14 | metadata: 15 | name: example-route 16 | spec: 17 | parentRefs: 18 | - name: example-gateway 19 | hostnames: 20 | - "whatever.com" 21 | rules: 22 | - backendRefs: 23 | - name: nginxgw 24 | port: 80 25 | 26 | -------------------------------------------------------------------------------- /morevolumes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: morevol2 5 | spec: 6 | containers: 7 | - name: centos1 8 | image: centos:7 9 | command: 10 | - sleep 11 | - "3600" 12 | volumeMounts: 13 | - mountPath: /centos1 14 | name: test 15 | - name: centos2 16 | image: centos:7 17 | command: 18 | - sleep 19 | - "3600" 20 | volumeMounts: 21 | - mountPath: /centos2 22 | name: test 23 | volumes: 24 | - name: test 25 | emptyDir: {} 26 | -------------------------------------------------------------------------------- /securitycontextdemo2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: security-context-demo 5 | spec: 6 | securityContext: 7 | runAsUser: 1000 8 | runAsGroup: 3000 9 | fsGroup: 2000 10 | volumes: 11 | - name: sec-ctx-vol 12 | emptyDir: {} 13 | containers: 14 | - name: sec-ctx-demo 15 | image: busybox 16 | command: [ "sh", "-c", "sleep 1h" ] 17 | volumeMounts: 18 | - name: sec-ctx-vol 19 | mountPath: /data/demo 20 | securityContext: 21 | allowPrivilegeEscalation: false 22 | -------------------------------------------------------------------------------- /kustomize-bluegreen/blue/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: blue-deploy 7 | name: blue-deploy 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: blue-deploy 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: blue-deploy 19 | spec: 20 | containers: 21 | - image: nginx 22 | name: nginx 23 | resources: {} 24 | status: {} 25 | -------------------------------------------------------------------------------- /kustomize-bluegreen/green/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: green-deploy 7 | name: green-deploy 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: green-deploy 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: green-deploy 19 | spec: 20 | containers: 21 | - image: nginx 22 | name: nginx 23 | resources: {} 24 | status: {} 25 | -------------------------------------------------------------------------------- /new-ing.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | creationTimestamp: null 5 | name: new-version 6 | annotations: 7 | nginx.ingress.kubernetes.io/canary: "true" 8 | nginx.ingress.kubernetes.io/canary-weight: "10" 9 | spec: 10 | rules: 11 | - host: theapp.info 12 | http: 13 | paths: 14 | - backend: 15 | service: 16 | name: new-nginx 17 | port: 18 | number: 80 19 | path: / 20 | pathType: Exact 21 | status: 22 | loadBalancer: {} 23 | -------------------------------------------------------------------------------- /old-nginx.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: old-nginx 7 | type: canary 8 | name: old-nginx 9 | spec: 10 | replicas: 3 11 | selector: 12 | matchLabels: 13 | app: old-nginx 14 | strategy: {} 15 | template: 16 | metadata: 17 | creationTimestamp: null 18 | labels: 19 | app: old-nginx 20 | type: canary 21 | spec: 22 | containers: 23 | - image: nginx:1.14 24 | name: nginx 25 | resources: {} 26 | status: {} 27 | -------------------------------------------------------------------------------- /ingress-resource.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | name: ingress-resource-backend 5 | spec: 6 | defaultBackend: 7 | resource: 8 | apiGroup: k8s.example.com 9 | kind: StorageBucket 10 | name: static-assets 11 | rules: 12 | - http: 13 | paths: 14 | - path: /icons 15 | pathType: ImplementationSpecific 16 | backend: 17 | resource: 18 | apiGroup: k8s.example.com 19 | kind: StorageBucket 20 | name: icon-assets 21 | -------------------------------------------------------------------------------- /ingress-virtual-hosting.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: name-virtual-host-ingress 5 | spec: 6 | rules: 7 | - host: first.bar.com 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: service1 12 | servicePort: 80 13 | - host: second.foo.com 14 | http: 15 | paths: 16 | - backend: 17 | serviceName: service2 18 | servicePort: 80 19 | - http: 20 | paths: 21 | - backend: 22 | serviceName: service3 23 | servicePort: 80 24 | -------------------------------------------------------------------------------- /pullratelimitpatch.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # this scripts creates a secret and sets that as the default for the default service account 4 | # the purpose is to overcome the Docker imagepullratelimit restriction 5 | 6 | echo enter your docker username 7 | read -s DOCKERUSER 8 | echo enter your docker password 9 | read -s DOCKERPASS 10 | 11 | kubectl create secret docker-registry dockercreds \ 12 | --docker-username=$DOCKERUSER \ 13 | --docker-password=$DOCKERPASS \ 14 | 15 | kubectl patch serviceaccount default \ 16 | -p '{"imagePullSecrets": [{"name": "dockercreds"}]}' 17 | 18 | -------------------------------------------------------------------------------- /sidecar.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: sidecar-pod 5 | spec: 6 | volumes: 7 | - name: logs 8 | emptyDir: {} 9 | 10 | containers: 11 | - name: app 12 | image: busybox 13 | command: ["/bin/sh"] 14 | args: ["-c", "while true; do date >> /var/log/date.txt; sleep 15 | 10;done"] 16 | volumeMounts: 17 | - name: logs 18 | mountPath: /var/log 19 | 20 | - name: sidecar 21 | image: centos/httpd 22 | ports: 23 | - containerPort: 80 24 | volumeMounts: 25 | - name: logs 26 | mountPath: /var/www/html 27 | -------------------------------------------------------------------------------- /traefik-in.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: traefik-web-ui 5 | namespace: kube-system 6 | spec: 7 | selector: 8 | k8s-app: traefik-ingress-lb 9 | ports: 10 | - name: web 11 | port: 80 12 | targetPort: 8080 13 | --- 14 | apiVersion: extensions/v1beta1 15 | kind: Ingress 16 | metadata: 17 | name: traefik-web-ui 18 | namespace: kube-system 19 | spec: 20 | rules: 21 | - host: traefik-ui.aio 22 | http: 23 | paths: 24 | - path: / 25 | backend: 26 | serviceName: traefik-web-ui 27 | servicePort: web 28 | -------------------------------------------------------------------------------- /frontend-resources.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: frontend 5 | spec: 6 | containers: 7 | - name: db 8 | image: mysql 9 | env: 10 | - name: MYSQL_ROOT_PASSWORD 11 | value: "password" 12 | resources: 13 | requests: 14 | memory: "64Mi" 15 | cpu: "250m" 16 | limits: 17 | memory: "128Mi" 18 | cpu: "500m" 19 | - name: wp 20 | image: wordpress 21 | resources: 22 | requests: 23 | memory: "64Mi" 24 | cpu: "250m" 25 | limits: 26 | memory: "128Mi" 27 | cpu: "500m" 28 | -------------------------------------------------------------------------------- /labs/exam-task14.sh: -------------------------------------------------------------------------------- 1 | if docker images | grep myapp | grep '1.0' &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t container image myapp:1.0 was found" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t container image myapp:1.0 was not found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if [ -f /tmp/myapp.tar ] 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t tar archive /tmp/myapp.tar was found" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t tar archive /tmp/myapp.tar was not found" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | 19 | -------------------------------------------------------------------------------- /custom-resources.yaml: -------------------------------------------------------------------------------- 1 | # This section includes base Calico installation configuration. 2 | # For more information, see: https://docs.projectcalico.org/v3.17/reference/installation/api#operator.tigera.io/v1.Installation 3 | apiVersion: operator.tigera.io/v1 4 | kind: Installation 5 | metadata: 6 | name: default 7 | spec: 8 | # Configures Calico networking. 9 | calicoNetwork: 10 | # Note: The ipPools section cannot be modified post-install. 11 | ipPools: 12 | - blockSize: 26 13 | cidr: 10.10.0.0/16 14 | encapsulation: VXLANCrossSubnet 15 | natOutgoing: Enabled 16 | nodeSelector: all() 17 | 18 | -------------------------------------------------------------------------------- /nginxsvc-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | name: nginxsvc-ingress 5 | annotations: 6 | nginx.ingress.kubernetes.io/rewrite-target: /$1 7 | spec: 8 | rules: 9 | - host: nginxsvc.info 10 | http: 11 | paths: 12 | - path: / 13 | pathType: Prefix 14 | backend: 15 | service: 16 | name: nginxsvc 17 | port: 18 | number: 80 19 | - path: /hello 20 | pathType: Prefix 21 | backend: 22 | service: 23 | name: newdep 24 | port: 25 | number: 8080 26 | -------------------------------------------------------------------------------- /May2020HistoryPart2: -------------------------------------------------------------------------------- 1 | sudo hostnamectl set-hostname minikube.example.com 2 | sudo grep vmx /proc/cpuinfo 3 | sudo poweroff 4 | sudo grep vmx /proc/cpuinfo 5 | sudo free -m 6 | df -h 7 | sudo yum install -y git 8 | git clone https://github.com/sandervanvugt/kubernetes 9 | cd kubernetes/ 10 | ls 11 | vim kube-setup.sh 12 | su reset 13 | resete 14 | reset 15 | sudo -i 16 | minikube start --memory=4096 --vm-driver=kvm2 17 | id 18 | sudo usermod -aG libvirt student 19 | newgrp libvirt 20 | minikube start --memory=4096 --vm-driver=kvm2 21 | minikube status 22 | kubectl get all 23 | sudo poweroff 24 | sudo systemctl enable --now sshd 25 | ip a | grep 136 26 | -------------------------------------------------------------------------------- /labs/exam-task5.sh: -------------------------------------------------------------------------------- 1 | if kubectl get ns probes &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t namespace probes was found" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t namespace probes was not found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if kubectl describe pods -n probes probepod | grep Liveness | grep '/healthz' &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t pod probepod was found, as well as its Liveness probe" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t no pod probepod with correct liveness probe was found" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | -------------------------------------------------------------------------------- /pvc-pod.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: PersistentVolumeClaim 3 | apiVersion: v1 4 | metadata: 5 | name: nginx-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | resources: 10 | requests: 11 | storage: 2Gi 12 | --- 13 | kind: Pod 14 | apiVersion: v1 15 | metadata: 16 | name: nginx-pvc-pod 17 | spec: 18 | volumes: 19 | - name: site-storage 20 | persistentVolumeClaim: 21 | claimName: nginx-pvc 22 | containers: 23 | - name: pv-container 24 | image: nginx 25 | ports: 26 | - containerPort: 80 27 | name: webserver 28 | volumeMounts: 29 | - mountPath: "/usr/share/nginx/html" 30 | name: site-storage 31 | -------------------------------------------------------------------------------- /init-example1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: init-demo1 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: nginx 9 | ports: 10 | - containerPort: 80 11 | volumeMounts: 12 | - name: workdir 13 | mountPath: /usr/share/nginx/html 14 | # These containers are run during pod initialization 15 | initContainers: 16 | - name: install 17 | image: busybox 18 | command: 19 | - wget 20 | - "-O" 21 | - "/work-dir/index.html" 22 | - http://info.cern.ch 23 | volumeMounts: 24 | - name: workdir 25 | mountPath: "/work-dir" 26 | dnsPolicy: Default 27 | volumes: 28 | - name: workdir 29 | emptyDir: {} 30 | -------------------------------------------------------------------------------- /initpod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: init-demo 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: nginx 9 | ports: 10 | - containerPort: 80 11 | volumeMounts: 12 | - name: workdir 13 | mountPath: /usr/share/nginx/html 14 | # These containers are run during pod initialization 15 | initContainers: 16 | - name: install 17 | image: busybox 18 | command: 19 | - wget 20 | - "-O" 21 | - "/work-dir/index.html" 22 | - http://kubernetes.io 23 | volumeMounts: 24 | - name: workdir 25 | mountPath: "/work-dir" 26 | dnsPolicy: Default 27 | volumes: 28 | - name: workdir 29 | emptyDir: {} 30 | 31 | -------------------------------------------------------------------------------- /157.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: my-server 5 | spec: 6 | 7 | volumes: 8 | - name: shared-data 9 | hostPath: 10 | path: /mydata 11 | 12 | containers: 13 | 14 | - name: file-server 15 | image: nginx 16 | imagePullPolicy: IfNotPresent 17 | volumeMounts: 18 | - name: shared-data 19 | mountPath: /usr/share/nginx/html 20 | 21 | - name: db-server 22 | image: busybox 23 | imagePullPolicy: IfNotPresent 24 | volumeMounts: 25 | - name: shared-data 26 | mountPath: /var/log 27 | command: ["/bin/sh"] 28 | args: ["-c", "while sleep 5; do date >> /var/log/date.log; done"] 29 | 30 | - name: log-server 31 | image: mariadb 32 | -------------------------------------------------------------------------------- /labs/exam-task13.sh: -------------------------------------------------------------------------------- 1 | if kubectl get pods -o yaml securepod | grep 'runAsGroup: 2000' &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t securepod is running with group ID 2000" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t securepod is not running with group ID 2000" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if kubectl get pods -o yaml securepod | grep 'allowPrivilegeEscalation: false' &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t container in pod securepod has privilege escalation disabled" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t container in pod securepod has privilege escalation not disabled" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | -------------------------------------------------------------------------------- /labs/exam-task3.sh: -------------------------------------------------------------------------------- 1 | if kubectl get cm task3cm -o yaml |grep index.html &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t a configmap with the name task3cm was found with the right contents" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t configmap with the name task3cm was not found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if kubectl describe pod oregonpod | grep -A1 'ConfigMap' | grep task3cm &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t the pod oregonpod has the configmap task3cm mounted" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t the pod oregonpod doesn't seem to have the configmap task3cm mounted" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | -------------------------------------------------------------------------------- /labs/exam-task9.sh: -------------------------------------------------------------------------------- 1 | if kubectl exec storepod -- cat /usr/share/nginx/html/index.html &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t file index.html accessible through hostPath storage" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t file index.html not accessible through hostPath storage" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if curl $(minikube ip):32032 | grep welcome &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t Pod storepod correctly exposed and hostPath volume content accessible" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t Pod storepod not correctly exposed" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | -------------------------------------------------------------------------------- /my-ghost-app/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: ghost-app 5 | spec: 6 | selector: 7 | matchLabels: 8 | app: ghost-app 9 | replicas: {{ .Values.replicaCount }} 10 | template: 11 | metadata: 12 | labels: 13 | app: ghost-app 14 | spec: 15 | containers: 16 | - name: ghost-app 17 | image: ghost 18 | ports: 19 | - containerPort: 2368 20 | env: 21 | - name: url 22 | {{- if .Values.prodUrlSchema }} 23 | value: http://{{ .Values.baseUrl }} 24 | {{- else }} 25 | value: http://{{ .Values.datacenter }}.non-prod.{{ .Values.baseUrl }} 26 | {{- end }} 27 | 28 | -------------------------------------------------------------------------------- /canary.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: old 7 | type: canary 8 | name: old 9 | spec: 10 | replicas: 3 11 | selector: 12 | matchLabels: 13 | app: old 14 | strategy: {} 15 | template: 16 | metadata: 17 | creationTimestamp: null 18 | labels: 19 | app: old 20 | type: canary 21 | spec: 22 | containers: 23 | - image: nginx:latest 24 | name: nginx 25 | resources: {} 26 | volumeMounts: 27 | - name: configfile 28 | mountPath: /usr/share/nginx/html/ 29 | volumes: 30 | - name: configfile 31 | configMap: 32 | name: old 33 | status: {} 34 | -------------------------------------------------------------------------------- /hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: php-apache 5 | spec: 6 | selector: 7 | matchLabels: 8 | run: php-apache 9 | replicas: 1 10 | template: 11 | metadata: 12 | labels: 13 | run: php-apache 14 | spec: 15 | containers: 16 | - name: php-apache 17 | image: k8s.gcr.io/hpa-example 18 | ports: 19 | - containerPort: 80 20 | resources: 21 | limits: 22 | cpu: 500m 23 | requests: 24 | cpu: 200m 25 | --- 26 | apiVersion: v1 27 | kind: Service 28 | metadata: 29 | name: php-apache 30 | labels: 31 | run: php-apache 32 | spec: 33 | ports: 34 | - port: 80 35 | selector: 36 | run: php-apache 37 | -------------------------------------------------------------------------------- /setup-kubetools-ubuntu.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cat </dev/null && kubectl describe networkpolicy | grep 'PodSelector:.*type=tester' &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t NetworkPolicy was found with correct configuration" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t No NetworkPolicy with correct configuration was found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if kubectl exec -it nevatest -- wget --spider --timeout=1 nevaginx &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t the tester pod can access the nevaginx pod" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t the tester pod cannot access the nevaginx pod" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | -------------------------------------------------------------------------------- /ingress-rbac.yaml: -------------------------------------------------------------------------------- 1 | kind: ClusterRole 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | metadata: 4 | name: traefik-ingress-controller 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - services 10 | - endpoints 11 | - secrets 12 | verbs: 13 | - get 14 | - list 15 | - watch 16 | - apiGroups: 17 | - extensions 18 | resources: 19 | - ingresses 20 | verbs: 21 | - get 22 | - list 23 | - watch 24 | --- 25 | kind: ClusterRoleBinding 26 | apiVersion: rbac.authorization.k8s.io/v1 27 | metadata: 28 | name: traefik-ingress-controller 29 | roleRef: 30 | apiGroup: rbac.authorization.k8s.io 31 | kind: ClusterRole 32 | name: traefik-ingress-controller 33 | subjects: 34 | - kind: ServiceAccount 35 | name: traefik-ingress-controller 36 | namespace: kube-system 37 | -------------------------------------------------------------------------------- /externalname2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: secure 6 | spec: {} 7 | --- 8 | apiVersion: v1 9 | kind: Pod 10 | metadata: 11 | name: secnginx 12 | labels: 13 | my: app 14 | namespace: secure 15 | spec: 16 | containers: 17 | - name: secnginx 18 | image: nginx 19 | ... 20 | --- 21 | apiVersion: v1 22 | kind: Service 23 | metadata: 24 | name: secnginx 25 | labels: 26 | my: app 27 | namespace: secure 28 | spec: 29 | ports: 30 | - port: 80 31 | protocol: TCP 32 | targetPort: 80 33 | selector: 34 | my: app 35 | ... 36 | --- 37 | apiVersion: v1 38 | kind: Service 39 | metadata: 40 | name: ex-service 41 | namespace: default 42 | spec: 43 | type: ExternalName 44 | externalName: secnginx.service.svc.cluster.local 45 | ports: 46 | - port: 80 47 | ... 48 | -------------------------------------------------------------------------------- /pods-with-nw-policy.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: database-pod 5 | namespace: default 6 | labels: 7 | app: database 8 | spec: 9 | containers: 10 | - name: database 11 | image: alpine 12 | --- 13 | 14 | kind: Pod 15 | apiVersion: v1 16 | metadata: 17 | name: web-pod 18 | namespace: default 19 | labels: 20 | app: web 21 | spec: 22 | containers: 23 | - name: web 24 | image: alpine 25 | 26 | --- 27 | 28 | kind: NetworkPolicy 29 | apiVersion: networking.k8s.io/v1 30 | metadata: 31 | name: db-networkpolicy 32 | namespace: default 33 | spec: 34 | podSelector: 35 | matchLabels: 36 | app: database 37 | policyTypes: 38 | - Ingress 39 | - Egress 40 | ingress: 41 | - from: 42 | - podSelector: 43 | matchLabels: 44 | app: web 45 | -------------------------------------------------------------------------------- /cluster-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # this script automatically sets up a one node all-in-one kubernetes cluster 3 | # before running this script, make sure to use setup-docker.sh and setup-kubetools.sh 4 | # to take care of required software 5 | sudo yum install -y wget vim curl bash-completion 6 | 7 | sudo kubeadm init --pod-network-cidr=10.10.0.0/16 8 | mkdir ~/.kube 9 | sudo cp -i /etc/kubernetes/admin.conf ~/.kube/config 10 | sudo chown $(id -un):$(id -un) .kube/config 11 | 12 | kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml 13 | wget https://docs.projectcalico.org/manifests/custom-resources.yaml 14 | sed -i -e s/192.168.0.0/10.10.0.0/g custom-resources.yaml 15 | kubectl create -f custom-resources.yaml 16 | 17 | echo waiting for calico pods to appear 18 | sleep 120 19 | kubectl get pods -n calico-system 20 | 21 | kubectl taint nodes --all node-role.kubernetes.io/master- 22 | kubectl get all 23 | -------------------------------------------------------------------------------- /ART-kube-network.txt: -------------------------------------------------------------------------------- 1 | |---> 31966 node1-| |-- pod1 (1.0.0.1) 2 | | |---service (10.0.0.1) | 3 | ingress | | (ClusterIP) |-- pod2 (1.0.0.2) 4 | |---> 31966 node2-| (NodePort) | 5 | user --> LB | | |-- pod3 (1.0.0.3) 6 | (Metallb) | | | 7 | |---> 31966 node3-| |-- 8 | | | |-- 9 | (ext net) (clusternet) (pod network) 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /labs/exam-task6.sh: -------------------------------------------------------------------------------- 1 | # get the revision number of the last update that was found 2 | kubectl rollout history deployment updates > /tmp/task6.txt 3 | LAST=$(tail -2 /tmp/task6.txt | head -1 | awk '{ print $1 }') 4 | BEFORE=$(( LAST -1 )) 5 | 6 | if kubectl rollout history deployment updates --revision=${LAST} | grep 'nginx:1.17' &>/dev/null 7 | then 8 | echo -e "\033[32m[OK]\033[0m\t\t last revision of the updated deploy is set to nginx:1.17" 9 | SCORE=$(( SCORE + 10 )) 10 | else 11 | echo -e "\033[31m[FAIL]\033[0m\t\t last revision of the updated deploy is not set to nginx:1.17" 12 | fi 13 | TOTAL=$(( TOTAL + 10 )) 14 | 15 | if kubectl rollout history deployment updates --revision=${BEFORE} | grep 'nginx:latest' &>/dev/null 16 | then 17 | echo -e "\033[32m[OK]\033[0m\t\t previous revision of deploy updated was using nginx:latest" 18 | SCORE=$(( SCORE + 10 )) 19 | else 20 | echo -e "\033[31m[FAIL]\033[0m\t\t previous revision of deploy updated not found or not using nginx:latest" 21 | fi 22 | TOTAL=$(( TOTAL + 10 )) 23 | -------------------------------------------------------------------------------- /pv-pvc-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: local-pv-volume 5 | spec: 6 | storageClassName: manual 7 | capacity: 8 | storage: 10Gi 9 | accessModes: 10 | - ReadWriteOnce 11 | hostPath: 12 | path: "/mnt/data" 13 | --- 14 | apiVersion: v1 15 | kind: PersistentVolumeClaim 16 | metadata: 17 | name: local-pv-claim 18 | namespace: myvol 19 | spec: 20 | storageClassName: manual 21 | accessModes: 22 | - ReadWriteOnce 23 | resources: 24 | requests: 25 | storage: 3Gi 26 | --- 27 | apiVersion: v1 28 | kind: Pod 29 | metadata: 30 | name: local-pv-pod 31 | namespace: myvol 32 | spec: 33 | volumes: 34 | - name: local-pv-storage 35 | persistentVolumeClaim: 36 | claimName: local-pv-claim 37 | containers: 38 | - name: local-pv-container 39 | image: nginx 40 | ports: 41 | - containerPort: 80 42 | name: "http-server" 43 | volumeMounts: 44 | - mountPath: "/usr/share/nginx/html" 45 | name: local-pv-storage 46 | -------------------------------------------------------------------------------- /my-ghost-app/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: autoscaling/v2beta1 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "my-ghost-app.fullname" . }} 6 | labels: 7 | {{- include "my-ghost-app.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "my-ghost-app.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: cpu 20 | targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} 21 | {{- end }} 22 | {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} 23 | - type: Resource 24 | resource: 25 | name: memory 26 | targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} 27 | {{- end }} 28 | {{- end }} 29 | -------------------------------------------------------------------------------- /labs/exam-task12.sh: -------------------------------------------------------------------------------- 1 | if kubectl get ns | grep birds &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t namespace birds was found" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t namespace birds was not found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if [[ $(kubectl -n birds get pods --show-labels --selector=type=allbirds | grep bird | wc -l) == "5" ]] &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t good, 5 pods with label type=allbirds were found" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t couldn't finf 5 pods with the label type=allbirds" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | 19 | if kubectl get -n birds svc allbirds | grep 32323 &>/dev/null 20 | then 21 | echo -e "\033[32m[OK]\033[0m\t\t NodePort Service allbirds listening on nodePort 32323 was found in Namespace birds" 22 | SCORE=$(( SCORE + 10 )) 23 | else 24 | echo -e "\033[31m[FAIL]\033[0m\t\t no NodePort Service allbirds listening on nodePort 32323 was found in Namespace birds" 25 | fi 26 | TOTAL=$(( TOTAL + 10 )) 27 | 28 | -------------------------------------------------------------------------------- /labs/exam-task11.sh: -------------------------------------------------------------------------------- 1 | if kubectl get ns nebraska &>/dev/null &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t namespace nebraska was found" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t namespace nebraska was not found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if kubectl -n nebraska get deploy | grep snowdeploy &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t Deployment snowdeploy was found in Namespace nebraska" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t Deployment snowdeploy was not found" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | 19 | if kubectl -n nebraska get deploy snowdeploy -o yaml | grep -A1 requests | grep 64Mi &>/dev/null && kubectl -n nebraska get deploy snowdeploy -o yaml | grep -A1 limits | grep 128Mi &>/dev/null 20 | then 21 | echo -e "\033[32m[OK]\033[0m\t\t the requested memory request and limits have been found" 22 | SCORE=$(( SCORE + 10 )) 23 | else 24 | echo -e "\033[31m[FAIL]\033[0m\t\t the requested memory request and limits have not been found" 25 | fi 26 | TOTAL=$(( TOTAL + 10 )) 27 | -------------------------------------------------------------------------------- /statefuldemo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: nginx 5 | labels: 6 | app: nginx 7 | spec: 8 | ports: 9 | - port: 80 10 | name: web 11 | clusterIP: None 12 | selector: 13 | app: nginx 14 | --- 15 | apiVersion: apps/v1 16 | kind: StatefulSet 17 | metadata: 18 | name: web 19 | spec: 20 | selector: 21 | matchLabels: 22 | app: nginx # has to match .spec.template.metadata.labels 23 | serviceName: "nginx" 24 | replicas: 3 # by default is 1 25 | template: 26 | metadata: 27 | labels: 28 | app: nginx # has to match .spec.selector.matchLabels 29 | spec: 30 | terminationGracePeriodSeconds: 10 31 | containers: 32 | - name: nginx 33 | image: k8s.gcr.io/nginx-slim:0.8 34 | ports: 35 | - containerPort: 80 36 | name: web 37 | volumeMounts: 38 | - name: www 39 | mountPath: /usr/share/nginx/html 40 | volumeClaimTemplates: 41 | - metadata: 42 | name: www 43 | spec: 44 | accessModes: [ "ReadWriteMany" ] 45 | resources: 46 | requests: 47 | storage: 1Gi 48 | 49 | -------------------------------------------------------------------------------- /frontend.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: ReplicaSet 3 | metadata: 4 | name: frontend 5 | labels: 6 | app: guestbook 7 | tier: frontend 8 | spec: 9 | # this replicas value is default 10 | # modify it according to your case 11 | replicas: 3 12 | selector: 13 | matchLabels: 14 | tier: frontend 15 | matchExpressions: 16 | - {key: tier, operator: In, values: [frontend]} 17 | template: 18 | metadata: 19 | labels: 20 | app: guestbook 21 | tier: frontend 22 | spec: 23 | containers: 24 | - name: php-redis 25 | image: gcr.io/google_samples/gb-frontend:v3 26 | resources: 27 | requests: 28 | cpu: 100m 29 | memory: 100Mi 30 | env: 31 | - name: GET_HOSTS_FROM 32 | value: dns 33 | # If your cluster config does not include a dns service, then to 34 | # instead access environment variables to find service host 35 | # info, comment out the 'value: dns' line above, and uncomment the 36 | # line below. 37 | # value: env 38 | ports: 39 | - containerPort: 80 40 | -------------------------------------------------------------------------------- /solution.txt: -------------------------------------------------------------------------------- 1 | notes about networking issues during CKAD class 11-13 oct 2022 2 | CONFIGURATION: Ubuntu 2022 VM running on VMWare Fusion on MacOS Intel fully patched 3 | * calico network plugin does not allow proper access from pods 4 | - apk add curl --update fails from an alpine pod 5 | - wget http://cn.cern.io fails from busybox pod 6 | - networkpolicy does work 7 | * after replaceing the calico plugin with the weave plugin using kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml 8 | - apk add curl --update works from alpine pod 9 | - networkpolicy does not work 10 | CONFIGURATION: Fedora Core 36 VM running on VMware Fustion on MacOS Intel fully patched 11 | * calico network plugin does nog handle the netwerkpolicy correctly and allows traffic even if labels are unset 12 | 13 | To test networkpolicy, use https://github.com/sandervanvugt/ckad/nwp-complete-example.yaml. 14 | After installation of this, kubectl exec -it busybox -- wget --spider --timeout=1 nginx is supposed to fail, it doesn't. 15 | 16 | Observed behavior: firewall module in Ubuntu OS reports problems 17 | 18 | --- to be continued --- 19 | -------------------------------------------------------------------------------- /labs-live/ckad-lab5-grade.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if [ ! -f /tmp/ckad-lab5-check1 ] 4 | then 5 | if kubectl get cronjobs | grep hellojob 6 | then 7 | echo -e "\033[32m[OK]\033[0m\t\t A cronjob with the name hellojob was found" 8 | else 9 | 10 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a cronjob with the name hellojob. Did you use \033[1mkubectl create cronjob\033[0m with the right options to create it?" 11 | 12 | touch /tmp/ckad-lab5-check1 13 | exit 3 14 | fi 15 | fi 16 | 17 | 18 | if kubectl get cronjobs | grep hellojob 19 | then 20 | echo -e "\033[32m[OK]\033[0m\t\t A cronjob with the name hellojob was found" 21 | else 22 | 23 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a cronjob with the name hellojob. Did you use \033[1mkubectl create cronjob hellojob --image busybox --schedule \"*/5 * * * *\" -- echo hello\033[0m to create it?" && exit 3 24 | fi 25 | 26 | 27 | 28 | ## congratulations! 29 | echo 30 | echo -e "\033[32m[CONGRATS]\033[0m\t you have succesfully completed this lab\! Remember that it can take up to 5 minutes before the job runs for the first time. After confirming that, please move on to the next lesson" 31 | echo 32 | -------------------------------------------------------------------------------- /sfs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: nginx 5 | labels: 6 | app: nginx 7 | spec: 8 | ports: 9 | - port: 80 10 | name: web 11 | clusterIP: None 12 | selector: 13 | app: nginx 14 | --- 15 | apiVersion: apps/v1 16 | kind: StatefulSet 17 | metadata: 18 | name: web 19 | spec: 20 | selector: 21 | matchLabels: 22 | app: nginx # has to match .spec.template.metadata.labels 23 | serviceName: "nginx" 24 | replicas: 3 # by default is 1 25 | template: 26 | metadata: 27 | labels: 28 | app: nginx # has to match .spec.selector.matchLabels 29 | spec: 30 | terminationGracePeriodSeconds: 10 31 | containers: 32 | - name: nginx 33 | image: k8s.gcr.io/nginx-slim:0.8 34 | ports: 35 | - containerPort: 80 36 | name: web 37 | volumeMounts: 38 | - name: www 39 | mountPath: /usr/share/nginx/html 40 | volumeClaimTemplates: 41 | - metadata: 42 | name: www 43 | spec: 44 | accessModes: [ "ReadWriteOnce" ] 45 | storageClassName: "standard" 46 | resources: 47 | requests: 48 | storage: 1Gi 49 | -------------------------------------------------------------------------------- /minikube-docker-setup-old.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # last minute patch, added 20 Aug. 2021 3 | # currently only supported on Ubuntu 20.04 LTS 4 | 5 | sudo apt-get update -y 6 | sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y 7 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 8 | sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 9 | sudo apt-get update -y 10 | sudo apt-get install docker-ce docker-ce-cli containerd.io -y 11 | 12 | curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl 13 | chmod +x ./kubectl 14 | sudo mv ./kubectl /usr/local/bin/kubectl 15 | 16 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 17 | sudo install minikube-linux-amd64 /usr/local/bin/minikube 18 | #### 19 | echo the script is now ready 20 | echo manually run minikube start --vm-driver=docker to start minikube 21 | 22 | sudo usermod -aG docker $USER 23 | newgrp docker 24 | 25 | minikube start --vm-driver=docker 26 | -------------------------------------------------------------------------------- /statefulset-new.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: nginx 5 | labels: 6 | app: nginx 7 | spec: 8 | ports: 9 | - port: 80 10 | name: web 11 | clusterIP: None 12 | selector: 13 | app: nginx 14 | --- 15 | apiVersion: apps/v1 16 | kind: StatefulSet 17 | metadata: 18 | name: web 19 | spec: 20 | selector: 21 | matchLabels: 22 | app: nginx # has to match .spec.template.metadata.labels 23 | serviceName: "nginx" 24 | replicas: 3 # by default is 1 25 | minReadySeconds: 10 # by default is 0 26 | template: 27 | metadata: 28 | labels: 29 | app: nginx # has to match .spec.selector.matchLabels 30 | spec: 31 | terminationGracePeriodSeconds: 10 32 | containers: 33 | - name: nginx 34 | image: registry.k8s.io/nginx-slim:0.24 35 | ports: 36 | - containerPort: 80 37 | name: web 38 | volumeMounts: 39 | - name: www 40 | mountPath: /usr/share/nginx/html 41 | volumeClaimTemplates: 42 | - metadata: 43 | name: www 44 | spec: 45 | accessModes: [ "ReadWriteOnce" ] 46 | storageClassName: "my-storage-class" 47 | resources: 48 | requests: 49 | storage: 1Gi 50 | -------------------------------------------------------------------------------- /my-ghost-app/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: my-ghost-app 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | # It is recommended to use it with quotes. 24 | appVersion: "1.16.0" 25 | -------------------------------------------------------------------------------- /my-ghost-app/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "my-ghost-app.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1beta1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "my-ghost-app.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ .path }} 36 | backend: 37 | serviceName: {{ $fullName }} 38 | servicePort: {{ $svcPort }} 39 | {{- end }} 40 | {{- end }} 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /kube-setup 2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # verified on Fedora 31 WS 4 | egrep '^flags.*(vmx|svm)' /proc/cpuinfo || (echo enable CPU virtualization support and try again && exit 9) 5 | 6 | dnf clean all 7 | dnf -y upgrade 8 | 9 | # install KVM software 10 | dnf install @virtualization -y 11 | systemctl enable --now libvirtd 12 | usermod -aG libvirt student 13 | 14 | # install kubectl 15 | echo installing kubectl 16 | cat < /etc/yum.repos.d/kubernetes.repo 17 | [kubernetes] 18 | name=Kubernetes 19 | baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 20 | enabled=1 21 | gpgcheck=1 22 | repo_gpgcheck=1 23 | gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 24 | EOF 25 | 26 | dnf install -y kubectl 27 | 28 | # install minikube 29 | echo downloading minikube, check version 30 | curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 31 | 32 | chmod +x minikube 33 | mv minikube /usr/local/bin 34 | 35 | 36 | 37 | echo at this point, reboot your Fedora Workstation. After reboot, manually run as non-root 38 | echo minikube start --memory 4096 --vm-driver=kvm2 39 | 40 | echo also use usermod -aG libvirt $USER where $USER is the name of the user that is going to start minikube 41 | -------------------------------------------------------------------------------- /setup-docker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # script that runs 3 | # https://kubernetes.io/docs/setup/production-environment/container-runtime 4 | 5 | echo this script is now deprecated and provided for compatibility reasons only. 6 | echo run setup-container.sh instead. 7 | echo after running setup-container.sh, use setup-kubetools.sh to install the kubernetes tools 8 | echo this script will now stop 9 | echo use Ctrl-C to stop it now 10 | sleep 30 11 | exit 12 | 13 | yum install -y vim yum-utils device-mapper-persistent-data lvm2 14 | yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 15 | 16 | # notice that only verified versions of Docker may be installed 17 | # verify the documentation to check if a more recent version is available 18 | 19 | yum install -y docker-ce 20 | [ ! -d /etc/docker ] && mkdir /etc/docker 21 | 22 | cat > /etc/docker/daemon.json </dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t name resolution for myapp.info is setup" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t no name resolution for myapp.info was found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if kubectl describe svc task7svc | grep app=updates &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t Service task7svc found and exposes Deploy updates" 13 | SCORE=$(( SCORE + 10 )) 14 | else 15 | echo -e "\033[31m[FAIL]\033[0m\t\t No Service task7svc exposing Deploy updates was found" 16 | fi 17 | TOTAL=$(( TOTAL + 10 )) 18 | 19 | if kubectl get pods -n ingress-nginx | grep controller | grep Running &>/dev/null 20 | then 21 | echo -e "\033[32m[OK]\033[0m\t\t found a running ingress controller" 22 | SCORE=$(( SCORE + 10 )) 23 | else 24 | echo -e "\033[31m[FAIL]\033[0m\t\t no running ingress controller was found" 25 | fi 26 | TOTAL=$(( TOTAL + 10 )) 27 | 28 | 29 | if kubectl describe ing | grep task7svc:80 &>/dev/null 30 | then 31 | echo -e "\033[32m[OK]\033[0m\t\t ingress rule forwarding traffic to task7svc was found" 32 | SCORE=$(( SCORE + 10 )) 33 | else 34 | echo -e "\033[31m[FAIL]\033[0m\t\" no ingress rule forwarding traffic to task7svc was found" 35 | fi 36 | TOTAL=$(( TOTAL + 10 )) 37 | -------------------------------------------------------------------------------- /nginx123.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | annotations: 5 | deployment.kubernetes.io/revision: "1" 6 | creationTimestamp: "2019-09-20T14:54:12Z" 7 | generation: 1 8 | labels: 9 | k8s-app: nginx-friday20 10 | name: nginx-friday20 11 | namespace: default 12 | resourceVersion: "24766" 13 | selfLink: /apis/apps/v1/namespaces/default/deployments/nginx-friday20 14 | uid: 4c4e3217-0fcf-4365-987c-10d089a09c1e 15 | spec: 16 | progressDeadlineSeconds: 600 17 | replicas: 3 18 | revisionHistoryLimit: 10 19 | selector: 20 | matchLabels: 21 | k8s-app: nginx-friday20 22 | strategy: 23 | rollingUpdate: 24 | maxSurge: 25% 25 | maxUnavailable: 25% 26 | type: RollingUpdate 27 | template: 28 | metadata: 29 | creationTimestamp: null 30 | labels: 31 | k8s-app: nginx-friday20 32 | name: nginx-friday20 33 | spec: 34 | containers: 35 | - image: nginx 36 | imagePullPolicy: Always 37 | name: nginx-friday20 38 | resources: {} 39 | securityContext: 40 | privileged: false 41 | terminationMessagePath: /dev/termination-log 42 | terminationMessagePolicy: File 43 | dnsPolicy: ClusterFirst 44 | restartPolicy: Always 45 | schedulerName: default-scheduler 46 | securityContext: {} 47 | terminationGracePeriodSeconds: 30 48 | -------------------------------------------------------------------------------- /kustomization/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | annotations: 5 | deployment.kubernetes.io/revision: "1" 6 | creationTimestamp: "2019-09-20T14:54:12Z" 7 | generation: 1 8 | labels: 9 | k8s-app: nginx-friday20 10 | name: nginx-friday20 11 | namespace: default 12 | resourceVersion: "24766" 13 | selfLink: /apis/apps/v1/namespaces/default/deployments/nginx-friday20 14 | uid: 4c4e3217-0fcf-4365-987c-10d089a09c1e 15 | spec: 16 | progressDeadlineSeconds: 600 17 | replicas: 3 18 | revisionHistoryLimit: 10 19 | selector: 20 | matchLabels: 21 | k8s-app: nginx-friday20 22 | strategy: 23 | rollingUpdate: 24 | maxSurge: 25% 25 | maxUnavailable: 25% 26 | type: RollingUpdate 27 | template: 28 | metadata: 29 | creationTimestamp: null 30 | labels: 31 | k8s-app: nginx-friday20 32 | name: nginx-friday20 33 | spec: 34 | containers: 35 | - image: nginx 36 | imagePullPolicy: Always 37 | name: nginx-friday20 38 | resources: {} 39 | securityContext: 40 | privileged: false 41 | terminationMessagePath: /dev/termination-log 42 | terminationMessagePolicy: File 43 | dnsPolicy: ClusterFirst 44 | restartPolicy: Always 45 | schedulerName: default-scheduler 46 | securityContext: {} 47 | terminationGracePeriodSeconds: 30 48 | -------------------------------------------------------------------------------- /traefik-ds.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: traefik-ingress-controller 6 | namespace: kube-system 7 | --- 8 | kind: DaemonSet 9 | apiVersion: apps/v1 10 | metadata: 11 | name: traefik-ingress-controller 12 | namespace: kube-system 13 | labels: 14 | k8s-app: traefik-ingress-lb 15 | spec: 16 | selector: 17 | matchLabels: 18 | k8s-app: traefik-ingress-lb 19 | name: traefik-ingress-lb 20 | template: 21 | metadata: 22 | labels: 23 | k8s-app: traefik-ingress-lb 24 | name: traefik-ingress-lb 25 | spec: 26 | serviceAccountName: traefik-ingress-controller 27 | terminationGracePeriodSeconds: 60 28 | containers: 29 | - image: traefik:v1.7 30 | name: traefik-ingress-lb 31 | ports: 32 | - name: http 33 | containerPort: 80 34 | hostPort: 80 35 | - name: admin 36 | containerPort: 8080 37 | hostPort: 8080 38 | securityContext: 39 | capabilities: 40 | drop: 41 | - ALL 42 | add: 43 | - NET_BIND_SERVICE 44 | args: 45 | - --api 46 | - --kubernetes 47 | - --logLevel=INFO 48 | --- 49 | kind: Service 50 | apiVersion: v1 51 | metadata: 52 | name: traefik-ingress-service 53 | namespace: kube-system 54 | spec: 55 | selector: 56 | k8s-app: traefik-ingress-lb 57 | ports: 58 | - protocol: TCP 59 | port: 80 60 | name: web 61 | - protocol: TCP 62 | port: 8080 63 | name: admin 64 | -------------------------------------------------------------------------------- /labs/exam-task1.sh: -------------------------------------------------------------------------------- 1 | if kubectl get ns indiana &>/dev/null 2 | then 3 | echo -e "\033[32m[OK]\033[0m\t\t namespace indiana was found" 4 | SCORE=$(( SCORE + 10 )) 5 | else 6 | echo -e "\033[31m[FAIL]\033[0m\t\t namespace indiana was not found" 7 | fi 8 | TOTAL=$(( TOTAL + 10 )) 9 | 10 | if [[ $(echo $(kubectl get -n indiana secret insecret -o yaml | awk '/COLOR/ { print $2 }')| base64 -d) == blue ]] &>/dev/null 11 | then 12 | echo -e "\033[32m[OK]\033[0m\t\t secret insecret with COLOR=blue was found" 13 | SCORE=$(( SCORE + 10 )) 14 | elif kubectl get -n indiana secret insecret &>/dev/null 15 | then 16 | echo -e "\033[32m[OK]\033[0m\t\t secret insecret was found, but not with the expected variable" 17 | else 18 | echo -e "\033[31m[FAIL]\033[0m\t\t secret insecret was not found" 19 | fi 20 | TOTAL=$(( TOTAL + 10 )) 21 | 22 | if [[ $(echo $(kubectl get pods -n indiana inpod -o jsonpath='{.spec.containers[*].image}')) == nginx:latest ]] &>/dev/null 23 | then 24 | echo -e "\033[32m[OK]\033[0m\t\t found pod inpod that uses the latest version of nginx" 25 | SCORE=$(( SCORE + 10 )) 26 | else 27 | echo -e "\033[31m[FAIL]\033[0m\t\t pod inpod that uses the latest version of the nginx image was not found" 28 | fi 29 | TOTAL=$(( TOTAL + 10 )) 30 | 31 | 32 | if kubectl get pods -n indiana inpod -o yaml | grep insecret &>/dev/null 33 | then 34 | echo -e "\033[32m[OK]\033[0m\t\t pod inpod uses the secret insecret" 35 | SCORE=$(( SCORE + 10 )) 36 | else 37 | echo -e "\033[31m[FAIL]\033[0m\t\t pod inpod doesn't use the secret insecret" 38 | fi 39 | TOTAL=$(( TOTAL + 10 )) 40 | -------------------------------------------------------------------------------- /RESOURCE.TXT: -------------------------------------------------------------------------------- 1 | # related recorded courses 2 | Getting started with Kubernetes 3/rd edition: https://learning.oreilly.com/course/getting-started-with/9780138057626/ 3 | KCNA: https://learning.oreilly.com/course/kubernetes-and-cloud/9780137993413/ 4 | CKAD 3/rd edition: https://learning.oreilly.com/course/certified-kubernetes-application/9780138086558/ 5 | CKA 3/rd edition: https://learning.oreilly.com/course/certified-kubernetes-administrator/9780138103804/ 6 | Managing Microservices with kubernetes and Istio: https://learning.oreilly.com/course/building-and-managing/9780137649686/ 7 | CKAD 4/ed: https://learning.oreilly.com/course/certified-kubernetes-application/9780135349700/ 8 | Automating Kubernetes with GitOps: https://learning.oreilly.com/course/automating-kubernetes-with/9780138230258/ 9 | 10 | # related labs 11 | CKAD labs: https://learning.oreilly.com/playlists/ea6ea0fc-d8e2-422c-94dd-a0a8f608d224/ 12 | CKA lab: https://learning.oreilly.com/playlists/d6e3fe86-067c-4dc7-a36d-698802d0bdee/ 13 | 14 | # related live training 15 | CKA in 6 hours: https://learning.oreilly.com/live-events/cka-in-6-hours-certified-kubernetes-administrator-crash-course/0790145076879/0790145076860/ 16 | Building Microservices with Containers, Kubernetes and Istio: https://learning.oreilly.com/live-events/building-microservices-with-containers-kubernetes-and-istio/0636920408468/0636920097237/ 17 | Getting Started with OpenShift: https://learning.oreilly.com/live-events/getting-started-with-openshift/0636920244301/0636920097830/ 18 | 19 | # 30% discount on the CKAD exam 20 | Use the coupon code SANDER30 on checkout and book the exam here: https://training.linuxfoundation.org/certification/certified-kubernetes-application-developer-ckad/?source=aw&sv1=affiliate&sv_campaign_id=1937207&awc=85919_1754216222_69d0ea6b7bf719aae37f70bc14982b22 21 | -------------------------------------------------------------------------------- /my-ghost-app/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "my-ghost-app.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "my-ghost-app.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "my-ghost-app.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "my-ghost-app.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /minikube-docker-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ARCH=$(arch) 4 | 5 | ### installing Docker 6 | sudo apt-get update -y 7 | sudo apt-get install ca-certificates curl gnupg lsb-release -y 8 | sudo mkdir -p /etc/apt/keyrings 9 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg 10 | echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 11 | sudo apt-get update -y 12 | sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y 13 | 14 | if [ $ARCH = "x86_64" ] 15 | then 16 | echo executing on $ARCH 17 | #sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y 18 | #curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 19 | #sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 20 | #sudo apt-get update -y 21 | #sudo apt-get install docker-ce docker-ce-cli containerd.io -y 22 | 23 | curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl 24 | chmod +x ./kubectl 25 | sudo mv ./kubectl /usr/local/bin/kubectl 26 | 27 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 28 | sudo install minikube-linux-amd64 /usr/local/bin/minikube 29 | fi 30 | 31 | if [ $ARCH = "aarch64" ] 32 | then 33 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-arm64 34 | sudo install minikube-linux-arm64 /usr/local/bin/minikube 35 | sudo snap install kubectl --classic 36 | fi 37 | 38 | echo the script is now ready 39 | echo manually run minikube start to start it 40 | 41 | sudo usermod -aG docker $USER 42 | newgrp docker 43 | -------------------------------------------------------------------------------- /setup-docker-dev.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # script that runs 3 | # https://kubernetes.io/docs/setup/production-environment/container-runtimes 4 | 5 | # setting MYOS variable 6 | MYOS=$(hostnamectl | awk '/Operating/ { print $3 }') 7 | OSVERSION=$(hostnamectl | awk '/Operating/ { print $4 }') 8 | 9 | if [ $MYOS = "CentOS" ] 10 | then 11 | if [ $OSVERSION = 8 ] 12 | then 13 | echo CentOS 8 is not currently supported 14 | exit 9 15 | fi 16 | 17 | sudo yum install -y vim yum-utils device-mapper-persistent-data lvm2 18 | sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 19 | 20 | # notice that only verified versions of Docker may be installed 21 | # verify the documentation to check if a more recent version is available 22 | 23 | sudo yum install -y docker-ce 24 | [ ! -d /etc/docker ] && mkdir /etc/docker 25 | fi 26 | 27 | if [ $MYOS = "Ubuntu" ] 28 | then 29 | sudo apt-get update && sudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common gnupg2 30 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key --keyring /etc/apt/trusted.gpg.d/docker.gpg add - 31 | sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 32 | sudo apt-get update && sudo apt-get install -y containerd.io=1.2.13-2 docker-ce=5:19.03.11~3-0~ubuntu-$(lsb_release -cs) docker-ce-cli=5:19.03.11~3-0~ubuntu-$(lsb_release -cs) 33 | fi 34 | 35 | cat </dev/null 4 | then 5 | echo -e "\033[32m[OK]\033[0m\t\t The pod lab6pod is running" 6 | else 7 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a pod with the name lab6pod. Did you use \033[1mkubectl run lab6pod --image=nginx\033[0m to start it?" && exit 3 8 | fi 9 | 10 | if [ ! -f /tmp/ckad-lab6-check1 ] 11 | then 12 | if kubectl get pods lab6pod -o yaml | grep '512Mi' >/dev/null 13 | then 14 | echo -e "\033[32m[OK]\033[0m\t\t The pod lab6pod is restricted to using 512 MiB RAM" 15 | else 16 | echo -e "\033[31m[FAIL]\033[0m\t\t I did find the pod with the name lab6pod, but it doesn't have the appropriate resource restrictions. Unfortunately, the \033[1mkubectl set resources \033[0mcommand doesn't work for Pods. To fix this, use \033[1mkubectl run lab6pod --image=nginx --dry-run=client -o yaml > lab6pod.yaml\0330m to generate the lab6pod.yaml file, and edit it with the appropriate resource restrictions. Remember, you can find many examples in the Kubernetes documentation at \033[1mhttps://kubernetes.io/docs\033[0m. Next, use \033[1mkubectl apply -f lab6pod.yaml\033[0m to create it." 17 | touch /tmp/ckad-lab6-check1 18 | exit 4 19 | fi 20 | fi 21 | 22 | if kubectl get pods lab6pod -o yaml | grep '512Mi' >/dev/null 23 | then 24 | echo -e "\033[32m[OK]\033[0m\t\t The pod lab6pod is restricted to using 512 MiB RAM" 25 | else 26 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a memory restriction of 512 MiB on the lab6pod. If you followed my previous instructions, you should now have a file with the name lab6pod.yaml. Make sure that within the \033[1mspec.containers\033[0m section it contains the following: \033[0m\r\n\r\ni resources:\r\n limits:\r\n memory: "512Mi"\r\n\r\n\033[0mNext, use \033[1mkubectl apply -f lab6pod.yaml\033[0m to create it." 27 | exit 3 28 | fi 29 | 30 | echo 31 | echo -e "\033[32m[CONGRATS]\033[0m you have succesfully completed this lab, please move on to the next lesson" 32 | echo 33 | -------------------------------------------------------------------------------- /my-ghost-app/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "my-ghost-app.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "my-ghost-app.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "my-ghost-app.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "my-ghost-app.labels" -}} 37 | helm.sh/chart: {{ include "my-ghost-app.chart" . }} 38 | {{ include "my-ghost-app.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "my-ghost-app.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "my-ghost-app.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | 53 | {{/* 54 | Create the name of the service account to use 55 | */}} 56 | {{- define "my-ghost-app.serviceAccountName" -}} 57 | {{- if .Values.serviceAccount.create }} 58 | {{- default (include "my-ghost-app.fullname" .) .Values.serviceAccount.name }} 59 | {{- else }} 60 | {{- default "default" .Values.serviceAccount.name }} 61 | {{- end }} 62 | {{- end }} 63 | -------------------------------------------------------------------------------- /my-ghost-app/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for my-ghost-app. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: nginx 9 | pullPolicy: IfNotPresent 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "" 12 | 13 | imagePullSecrets: [] 14 | nameOverride: "" 15 | fullnameOverride: "" 16 | 17 | serviceAccount: 18 | # Specifies whether a service account should be created 19 | create: true 20 | # Annotations to add to the service account 21 | annotations: {} 22 | # The name of the service account to use. 23 | # If not set and create is true, a name is generated using the fullname template 24 | name: "" 25 | 26 | podAnnotations: {} 27 | 28 | podSecurityContext: {} 29 | # fsGroup: 2000 30 | 31 | securityContext: {} 32 | # capabilities: 33 | # drop: 34 | # - ALL 35 | # readOnlyRootFilesystem: true 36 | # runAsNonRoot: true 37 | # runAsUser: 1000 38 | 39 | service: 40 | type: ClusterIP 41 | port: 80 42 | 43 | ingress: 44 | enabled: false 45 | annotations: {} 46 | # kubernetes.io/ingress.class: nginx 47 | # kubernetes.io/tls-acme: "true" 48 | hosts: 49 | - host: chart-example.local 50 | paths: [] 51 | tls: [] 52 | # - secretName: chart-example-tls 53 | # hosts: 54 | # - chart-example.local 55 | 56 | resources: {} 57 | # We usually recommend not to specify default resources and to leave this as a conscious 58 | # choice for the user. This also increases chances charts run on environments with little 59 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 60 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 61 | # limits: 62 | # cpu: 100m 63 | # memory: 128Mi 64 | # requests: 65 | # cpu: 100m 66 | # memory: 128Mi 67 | 68 | autoscaling: 69 | enabled: false 70 | minReplicas: 1 71 | maxReplicas: 100 72 | targetCPUUtilizationPercentage: 80 73 | # targetMemoryUtilizationPercentage: 80 74 | 75 | nodeSelector: {} 76 | 77 | tolerations: [] 78 | 79 | affinity: {} 80 | -------------------------------------------------------------------------------- /setup-kubetools.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # kubeadm installation instructions as on 3 | # https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ 4 | 5 | # this script supports Ubuntu 22.04 LTS and later only 6 | # run this script with sudo 7 | 8 | #if ! [ $USER = root ] 9 | #then 10 | # echo run this script with sudo 11 | # exit 3 12 | #fi 13 | 14 | if ! [ -f /tmp/container.txt ] 15 | then 16 | echo run ./setup-container.sh before running this script 17 | exit 4 18 | fi 19 | 20 | # setting MYOS variable 21 | MYOS=$(hostnamectl | awk '/Operating/ { print $3 }') 22 | OSVERSION=$(hostnamectl | awk '/Operating/ { print $4 }') 23 | 24 | # detecting latest Kubernetes version 25 | KUBEVERSION=$(curl -s https://api.github.com/repos/kubernetes/kubernetes/releases/latest | jq -r '.tag_name') 26 | KUBEVERSION=${KUBEVERSION%.*} 27 | 28 | 29 | if [ $MYOS = "Ubuntu" ] 30 | then 31 | echo RUNNING UBUNTU CONFIG 32 | cat < /etc/sysctl.d/k8s.conf 51 | #net.bridge.bridge-nf-call-ip6tables = 1 52 | #net.bridge.bridge-nf-call-iptables = 1 53 | #EOF 54 | #sudo sysctl --system 55 | 56 | sudo crictl config --set \ 57 | runtime-endpoint=unix:///run/containerd/containerd.sock 58 | echo 'after initializing the control node, follow instructions and use kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml to install the calico plugin (control node only). On the worker nodes, use sudo kubeadm join ... to join' 59 | -------------------------------------------------------------------------------- /labs-live/ckad-lab12-grade.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # check if there is an application with the name lab12deploy and assume it's running enough replicas 4 | if kubectl get deploy | grep "lab12deploy" >/dev/null 5 | then 6 | echo -e "\033[32m[OK]\033[0m\t\t The deployment lab12deploy is running" 7 | else 8 | echo -e "\033[31m[FAIL]\033[0m\t\t The deployment lab12deploy is not running. Did you use \033[1mkubectl create deploy lab12deploy --replicas=3 --image=nginx:1.23\033[0m to start it?" && exit 3 9 | fi 10 | 11 | # check if there is a service resource running 12 | if kubectl get services | grep "lab12svc" >/dev/null 13 | then 14 | echo -e "\033[32m[OK]\033[0m\t\t The service lab12svc is available" 15 | else 16 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a Service with the name lab12svc. Did you use \033[1mkubectl expose deploy lab12deploy --name lab12svc --port=80\033[0m to start it?" && exit 4 17 | fi 18 | 19 | 20 | # check if the service is of the NodePort type 21 | if kubectl get services lab12svc | grep -i 'nodeport' &> /dev/null 22 | then 23 | echo -e "\033[32m[OK]\033[0m\t\t Good! The Service is set as a NodePort type" 24 | else 25 | echo -e "\033[31m[FAIL]\033[0m\t\t I did find the Service, but it is using the wrong type. Use \033[1mkubectl edit svc lab12svc\033[0m to open the default editor, and change the type line to read \033[1mtype: NodePort\033[0m. Also make sure to include \033[1mnodePort: 32000\033[0m to set the exposed port on nodes to 32000." && exit 4 26 | fi 27 | 28 | 29 | # check if the service is accessible on nodeport 32000 30 | if kubectl get services lab12svc | grep -i '32000' &> /dev/null 31 | then 32 | echo -e "\033[32m[OK]\033[0m\t\t Good! The Service is accessible through port 32000 on the Kubernetes nodes" 33 | else 34 | echo -e "\033[31m[FAIL]\033[0m\t\t You did correctly set the NodePort Service type, but forgot to specify the nodePort setting. Use \033[1mkubectl edit svc lab12svc\033[0m to open the default editor, and change the nodePort line to read \033[1mnodePort: 32000\033[0m" && exit 4 35 | fi 36 | 37 | echo 38 | echo -e "\033[32m[CONGRATS]\033[0m\t you have succesfully completed this lab, please move on to the next lesson" 39 | echo 40 | -------------------------------------------------------------------------------- /setup-container 2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # script that runs 3 | # https://kubernetes.io/docs/setup/production-environment/container-runtime 4 | 5 | # setting MYOS variable 6 | MYOS=$(hostnamectl | awk '/Operating/ { print $3 }') 7 | OSVERSION=$(hostnamectl | awk '/Operating/ { print $4 }') 8 | 9 | ##### CentOS 7 config 10 | if [ $MYOS = "centos" ] 11 | then 12 | echo setting up CentOS 7 with Docker 13 | yum install -y vim yum-utils device-mapper-persistent-data lvm2 14 | yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 15 | 16 | # notice that only verified versions of Docker may be installed 17 | # verify the documentation to check if a more recent version is available 18 | 19 | yum install -y docker-ce 20 | [ ! -d /etc/docker ] && mkdir /etc/docker 21 | 22 | mkdir -p /etc/systemd/system/docker.service.d 23 | 24 | 25 | cat > /etc/docker/daemon.json <<- EOF 26 | { 27 | "exec-opts": ["native.cgroupdriver=systemd"], 28 | "log-driver": "json-file", 29 | "log-opts": { 30 | "max-size": "100m" 31 | }, 32 | "storage-driver": "overlay2", 33 | "storage-opts": [ 34 | "overlay2.override_kernel_check=true" 35 | ] 36 | } 37 | EOF 38 | 39 | 40 | systemctl daemon-reload 41 | systemctl restart docker 42 | systemctl enable docker 43 | 44 | systemctl disable --now firewalld 45 | fi 46 | 47 | echo printing MYOS $MYOS 48 | 49 | if [ $MYOS = "Ubuntu" ] 50 | then 51 | ### setting up container runtime prereq 52 | cat <<- EOF | sudo tee /etc/modules-load.d/containerd.conf 53 | overlay 54 | br_netfilter 55 | EOF 56 | 57 | sudo modprobe overlay 58 | sudo modprobe br_netfilter 59 | 60 | # Setup required sysctl params, these persist across reboots. 61 | cat <<- EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf 62 | net.bridge.bridge-nf-call-iptables = 1 63 | net.ipv4.ip_forward = 1 64 | net.bridge.bridge-nf-call-ip6tables = 1 65 | EOF 66 | 67 | # Apply sysctl params without reboot 68 | sudo sysctl --system 69 | 70 | # (Install containerd) 71 | sudo apt-get update && sudo apt-get install -y containerd 72 | # Configure containerd 73 | sudo mkdir -p /etc/containerd 74 | containerd config default | sudo tee /etc/containerd/config.toml 75 | # Restart containerd 76 | sudo systemctl restart containerd 77 | fi 78 | 79 | -------------------------------------------------------------------------------- /setup-container-10jun24.txt: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # script that runs 3 | # https://kubernetes.io/docs/setup/production-environment/container-runtime 4 | 5 | # setting MYOS variable 6 | MYOS=$(hostnamectl | awk '/Operating/ { print $3 }') 7 | OSVERSION=$(hostnamectl | awk '/Operating/ { print $4 }') 8 | 9 | ##### CentOS 7 config 10 | if [ $MYOS = "centos" ] 11 | then 12 | echo setting up CentOS 7 with Docker 13 | yum install -y vim yum-utils device-mapper-persistent-data lvm2 14 | yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 15 | 16 | # notice that only verified versions of Docker may be installed 17 | # verify the documentation to check if a more recent version is available 18 | 19 | yum install -y docker-ce 20 | [ ! -d /etc/docker ] && mkdir /etc/docker 21 | 22 | mkdir -p /etc/systemd/system/docker.service.d 23 | 24 | 25 | cat > /etc/docker/daemon.json <<- EOF 26 | { 27 | "exec-opts": ["native.cgroupdriver=systemd"], 28 | "log-driver": "json-file", 29 | "log-opts": { 30 | "max-size": "100m" 31 | }, 32 | "storage-driver": "overlay2", 33 | "storage-opts": [ 34 | "overlay2.override_kernel_check=true" 35 | ] 36 | } 37 | EOF 38 | 39 | 40 | systemctl daemon-reload 41 | systemctl restart docker 42 | systemctl enable docker 43 | 44 | systemctl disable --now firewalld 45 | fi 46 | 47 | echo printing MYOS $MYOS 48 | 49 | if [ $MYOS = "Ubuntu" ] 50 | then 51 | ### setting up container runtime prereq 52 | cat <<- EOF | sudo tee /etc/modules-load.d/containerd.conf 53 | overlay 54 | br_netfilter 55 | EOF 56 | 57 | sudo modprobe overlay 58 | sudo modprobe br_netfilter 59 | 60 | # Setup required sysctl params, these persist across reboots. 61 | cat <<- EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf 62 | net.bridge.bridge-nf-call-iptables = 1 63 | net.ipv4.ip_forward = 1 64 | net.bridge.bridge-nf-call-ip6tables = 1 65 | EOF 66 | 67 | # Apply sysctl params without reboot 68 | sudo sysctl --system 69 | 70 | # (Install containerd) 71 | sudo apt-get update && sudo apt-get install -y containerd 72 | # Configure containerd 73 | sudo mkdir -p /etc/containerd 74 | containerd config default | sudo tee /etc/containerd/config.toml 75 | # Restart containerd 76 | sudo systemctl restart containerd 77 | fi 78 | 79 | -------------------------------------------------------------------------------- /labs-live/ckad-lab15-grade.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # check if the file index.html exists and contains the text lab15 4 | if grep "lab15" index.html &>/dev/null 5 | then 6 | echo -e "\033[32m[OK]\033[0m\t\t Found the file index.html containing the text lab15" 7 | else 8 | echo -e "\033[31m[FAIL]\033[0m\t\t Cannot find the file index.html with the content \"Welcome to lab15\". Did you use \033[1mecho \"Welcome to lab15\" > index.html\033[0m to create it?" && exit 3 9 | fi 10 | 11 | # check that the configmap webcontent exists 12 | if kubectl get cm | grep "webcontent" >/dev/null 13 | then 14 | echo -e "\033[32m[OK]\033[0m\t\t ConfigMap \033[1mwebcontent\033[0m was found" 15 | else 16 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a ConfigMap with the name webcontent. Did you use \033[1mkubectl create cm webcontent --from-file=index.html\033[0m to create it?" && exit 4 17 | fi 18 | 19 | # check that the deployment lab15 exists 20 | if kubectl get deploy | grep "lab15" >/dev/null 21 | then 22 | echo -e "\033[32m[OK]\033[0m\t\t Deployment lab15 was found" 23 | else 24 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a Deployment with the name lab15. Did you use \033[1mkubectl create deploy lab15 --image=nginx\033[0m to start it?" && exit 4 25 | fi 26 | 27 | # check that the index.html file is mounted on the deployment pod index.html location 28 | PODNAME=$(kubectl get pods -l app=lab15 --no-headers -o custom-columns=":metadata.name") 29 | 30 | if kubectl exec $PODNAME -- grep lab15 /usr/share/nginx/html/index.html &>/dev/null 31 | then 32 | echo -e "\033[32m[OK]\033[0m\t\t Found the Pod $PODNAME with an index.html that contains the text \"Welcome to lab15\" " 33 | else 34 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find the text \"Welcome to lab15\" in the index.html file from the ConfigMap. Did you mount the ConfigMap in the Deployment? There is no easy way to do this from the command line, but you can check the file \033[1mtestdeploy.yaml\033[0m in the course git repository and tweak it to mount your configmap to create it. If you have earlier succesfully created the Deployment, you might want to run \033[1mkubectl delete deploy lab15\033[0m to delete the old Deployment and use \033[1mkubectl apply lab15.yaml\033[0m to create the new deployment." && exit 4 35 | fi 36 | 37 | echo 38 | echo -e "\033[32m[CONGRATS]\033[0m\t you have succesfully completed this lab, please move on to the next lesson" 39 | echo 40 | -------------------------------------------------------------------------------- /labs-live/ckad-lab13-grade.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # check if there is an application with the name salesweb and assume it's running enough replicas 4 | if kubectl get deploy | grep "salesweb" >/dev/null 5 | then 6 | echo -e "\033[32m[OK]\033[0m\t\t The deployment salesweb is running" 7 | else 8 | echo -e "\033[31m[FAIL]\033[0m\t\t The deployment salesweb is not running. Did you use \033[1mkubectl create deploy salesweb --replicas=3 --image=nginx:1.23\033[0m to start it?" && exit 3 9 | fi 10 | 11 | # check if there is a service resource running 12 | if kubectl get services | grep "salesweb" >/dev/null 13 | then 14 | echo -e "\033[32m[OK]\033[0m\t\t The service salesweb is available" 15 | else 16 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a Service with the name salesweb. Did you use \033[1mkubectl expose deploy salesweb --port=80\033[0m to start it?" && exit 4 17 | fi 18 | 19 | # check if the minikube ingress is on 20 | if [[ $(minikube addons list | awk '/ingress / { print $6 }') == 'enabled' ]] >/dev/null 21 | then 22 | echo -e "\033[32m[OK]\033[0m\t\t The minikube ingress addon is enabled" 23 | else 24 | echo -e "\033[31m[FAIL]\033[0m\t\t the minikube ingress addon is disabled. Did you use \033[1mminikube addons enable ingress\033[0m to start it?" && exit 4 25 | fi 26 | 27 | # check if there is host name resolving to salesweb.example.com 28 | if nslookup salesweb.example.com &> /dev/null 29 | then 30 | echo -e "\033[32m[OK]\033[0m\t\t I can find salesweb.example.com." 31 | else 32 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot resolve the hostname salesweb.example.com. It should resolve to the minikube IP address. Did you use \033[1mminikube ip\033[0m to find the minikube IP address and add a line to your local Linux /etc/hosts file that resolves salesweb.example.com to that IP address? It should look like \033[1m192.168.49.2 salesweb.example.com\033[0m" 33 | exit 6 34 | fi 35 | 36 | # check if curl salesweb.example.com is giving a result 37 | if curl -s salesweb.example.com | grep -i 'welcome' &> /dev/null 38 | then 39 | echo -e "\033[32m[OK]\033[0m\t\t Succesfully contacted the name based virtual host provided by Ingress" 40 | else 41 | echo -e "\033[31m[FAIL]\033[0m\t\t The kubernetes ingress resource isn't doing it's work (yet). Give it a few seconds and then try again. If it still doesn't work, check if you used \033[1mkubectl create ingress salesweb --rule=\"salesweb.example.com/=salesweb:80\"\033[0m to create it?" && exit 4 42 | fi 43 | 44 | 45 | # succesfull completion 46 | echo 47 | echo -e "\033[32m[CONGRATS]\033[0m\t you have succesfully completed this lab, please move on to the next lesson" 48 | echo 49 | -------------------------------------------------------------------------------- /kube-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # verified on Fedora 31, 33, 34 and Ubuntu LTS 20.04 4 | 5 | echo this script is no longer supported 6 | echo use minikube-setup-docker.sh to install minikube on top of recent Ubuntu workstation 7 | echo if you want to use this script anyway, edit it to remove lines 4-9 8 | exit 9 | 10 | echo this script works on Fedora 31, 33, 34 and Ubuntu 20.04 11 | echo it does NOT currently work on Fedora 32 12 | echo it requires the machine where you run it to have 6GB of RAM or more 13 | echo press Enter to continue 14 | read 15 | 16 | ########## 17 | echo ######################################## 18 | echo WARNING 19 | echo ######################################## 20 | echo this script may give problems in VMware / MacOS environments 21 | echo if it does, use minikube-docker-setup.sh on Ubuntu 20.04 LTS (only distro tested so far) 22 | echo 23 | echo press Enter to continue 24 | read 25 | 26 | # setting MYOS variable 27 | MYOS=$(hostnamectl | awk '/Operating/ { print $3 }') 28 | OSVERSION=$(hostnamectl | awk '/Operating/ { print $4 }') 29 | 30 | egrep '^flags.*(vmx|svm)' /proc/cpuinfo || (echo enable CPU virtualization support and try again && exit 9) 31 | 32 | # debug MYOS variable 33 | echo MYOS is set to $MYOS 34 | 35 | #### Fedora config 36 | if [ $MYOS = "Fedora" ] 37 | then 38 | if [ $OSVERSION = 32 ] 39 | then 40 | echo Fedora 32 is not currently supported 41 | exit 9 42 | fi 43 | 44 | sudo dnf clean all 45 | sudo dnf -y upgrade 46 | 47 | # install KVM software 48 | sudo dnf install @virtualization -y 49 | sudo systemctl enable --now libvirtd 50 | sudo usermod -aG libvirt `id -un` 51 | fi 52 | 53 | ### Ubuntu config 54 | if [ $MYOS = "Ubuntu" ] 55 | then 56 | sudo apt-get update -y 57 | sudo apt-get install -y apt-transport-https curl 58 | sudo apt-get upgrade -y 59 | sudo apt-get install -y qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils 60 | 61 | sudo adduser `id -un` libvirt 62 | sudo adduser `id -un` kvm 63 | fi 64 | 65 | # install kubectl 66 | curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl 67 | chmod +x ./kubectl 68 | sudo mv ./kubectl /usr/local/bin/kubectl 69 | 70 | # install minikube 71 | echo downloading minikube, check version 72 | curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 73 | 74 | sudo chmod +x minikube 75 | sudo mv minikube /usr/local/bin 76 | 77 | # start minikube 78 | minikube start --memory 4096 --vm-driver=kvm2 79 | 80 | echo if this script ends with an error, restart the virtual machine 81 | echo and manually run minikube start --memory 4096 --vm-driver=kvm2 82 | -------------------------------------------------------------------------------- /setup-container.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # script that runs 3 | # https://kubernetes.io/docs/setup/production-environment/container-runtime 4 | 5 | # changes March 14 2023: introduced $PLATFORM to have this work on amd64 as well as arm64 6 | 7 | # setting MYOS variable 8 | MYOS=$(hostnamectl | awk '/Operating/ { print $3 }') 9 | OSVERSION=$(hostnamectl | awk '/Operating/ { print $4 }') 10 | # beta: building in ARM support 11 | [ $(arch) = aarch64 ] && PLATFORM=arm64 12 | [ $(arch) = x86_64 ] && PLATFORM=amd64 13 | 14 | sudo apt install -y jq 15 | 16 | if [ $MYOS = "Ubuntu" ] 17 | then 18 | ### setting up container runtime prereq 19 | cat <<- EOF | sudo tee /etc/modules-load.d/containerd.conf 20 | overlay 21 | br_netfilter 22 | EOF 23 | 24 | sudo modprobe overlay 25 | sudo modprobe br_netfilter 26 | 27 | # Setup required sysctl params, these persist across reboots. 28 | cat <<- EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf 29 | net.bridge.bridge-nf-call-iptables = 1 30 | net.ipv4.ip_forward = 1 31 | net.bridge.bridge-nf-call-ip6tables = 1 32 | EOF 33 | 34 | # Apply sysctl params without reboot 35 | sudo sysctl --system 36 | 37 | # (Install containerd) 38 | # getting rid of hard coded version numbers 39 | CONTAINERD_VERSION=$(curl -s https://api.github.com/repos/containerd/containerd/releases/latest | jq -r '.tag_name') 40 | CONTAINERD_VERSION=${CONTAINERD_VERSION#v} 41 | wget https://github.com/containerd/containerd/releases/download/v${CONTAINERD_VERSION}/containerd-${CONTAINERD_VERSION}-linux-${PLATFORM}.tar.gz 42 | sudo tar xvf containerd-${CONTAINERD_VERSION}-linux-${PLATFORM}.tar.gz -C /usr/local 43 | # Configure containerd 44 | sudo mkdir -p /etc/containerd 45 | cat <<- TOML | sudo tee /etc/containerd/config.toml 46 | version = 2 47 | [plugins] 48 | [plugins."io.containerd.grpc.v1.cri"] 49 | [plugins."io.containerd.grpc.v1.cri".containerd] 50 | discard_unpacked_layers = true 51 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] 52 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] 53 | runtime_type = "io.containerd.runc.v2" 54 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] 55 | SystemdCgroup = true 56 | TOML 57 | 58 | RUNC_VERSION=$(curl -s https://api.github.com/repos/opencontainers/runc/releases/latest | jq -r '.tag_name') 59 | 60 | wget https://github.com/opencontainers/runc/releases/download/${RUNC_VERSION}/runc.${PLATFORM} 61 | sudo install -m 755 runc.${PLATFORM} /usr/local/sbin/runc 62 | # Restart containerd 63 | wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service 64 | sudo mv containerd.service /usr/lib/systemd/system/ 65 | sudo systemctl daemon-reload 66 | sudo systemctl enable --now containerd 67 | fi 68 | 69 | sudo ln -s /etc/apparmor.d/runc /etc/apparmor.d/disable/ 70 | sudo apparmor_parser -R /etc/apparmor.d/runc 71 | 72 | 73 | touch /tmp/container.txt 74 | exit 75 | -------------------------------------------------------------------------------- /setup-container 3.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # script that runs 3 | # https://kubernetes.io/docs/setup/production-environment/container-runtime 4 | 5 | # changes March 14 2023: introduced $PLATFORM to have this work on amd64 as well as arm64 6 | 7 | # setting MYOS variable 8 | MYOS=$(hostnamectl | awk '/Operating/ { print $3 }') 9 | OSVERSION=$(hostnamectl | awk '/Operating/ { print $4 }') 10 | # beta: building in ARM support 11 | [ $(arch) = aarch64 ] && PLATFORM=arm64 12 | [ $(arch) = x86_64 ] && PLATFORM=amd64 13 | 14 | sudo apt install -y jq curl wget vim git 15 | 16 | if [ $MYOS = "Ubuntu" ] 17 | then 18 | ### setting up container runtime prereq 19 | cat <<- EOF | sudo tee /etc/modules-load.d/containerd.conf 20 | overlay 21 | br_netfilter 22 | EOF 23 | 24 | sudo modprobe overlay 25 | sudo modprobe br_netfilter 26 | 27 | # Setup required sysctl params, these persist across reboots. 28 | cat <<- EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf 29 | net.bridge.bridge-nf-call-iptables = 1 30 | net.ipv4.ip_forward = 1 31 | net.bridge.bridge-nf-call-ip6tables = 1 32 | EOF 33 | 34 | # Apply sysctl params without reboot 35 | sudo sysctl --system 36 | 37 | # (Install containerd) 38 | # getting rid of hard coded version numbers 39 | CONTAINERD_VERSION=$(curl -s https://api.github.com/repos/containerd/containerd/releases/latest | jq -r '.tag_name') 40 | CONTAINERD_VERSION=${CONTAINERD_VERSION#v} 41 | wget https://github.com/containerd/containerd/releases/download/v${CONTAINERD_VERSION}/containerd-${CONTAINERD_VERSION}-linux-${PLATFORM}.tar.gz 42 | sudo tar xvf containerd-${CONTAINERD_VERSION}-linux-${PLATFORM}.tar.gz -C /usr/local 43 | # Configure containerd 44 | sudo mkdir -p /etc/containerd 45 | cat <<- TOML | sudo tee /etc/containerd/config.toml 46 | version = 2 47 | [plugins] 48 | [plugins."io.containerd.grpc.v1.cri"] 49 | [plugins."io.containerd.grpc.v1.cri".containerd] 50 | discard_unpacked_layers = true 51 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] 52 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] 53 | runtime_type = "io.containerd.runc.v2" 54 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] 55 | SystemdCgroup = true 56 | TOML 57 | 58 | RUNC_VERSION=$(curl -s https://api.github.com/repos/opencontainers/runc/releases/latest | jq -r '.tag_name') 59 | 60 | wget https://github.com/opencontainers/runc/releases/download/${RUNC_VERSION}/runc.${PLATFORM} 61 | sudo install -m 755 runc.${PLATFORM} /usr/local/sbin/runc 62 | # Restart containerd 63 | wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service 64 | sudo mv containerd.service /usr/lib/systemd/system/ 65 | sudo systemctl daemon-reload 66 | sudo systemctl enable --now containerd 67 | fi 68 | 69 | sudo ln -s /etc/apparmor.d/runc /etc/apparmor.d/disable/ 70 | sudo apparmor_parser -R /etc/apparmor.d/runc 71 | 72 | 73 | touch /tmp/container.txt 74 | exit 75 | -------------------------------------------------------------------------------- /exam-grade.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # exit if not root 3 | clear 4 | # evaluating tasks 5 | echo -e "\033[1mchecking task 1 results\033[0m" 6 | source labs/exam-task1.sh 7 | echo the score is $SCORE 8 | TOTALSCORE=$SCORE 9 | TOTALTOTAL=$TOTAL 10 | 11 | echo -e "\033[1mchecking task 2 results\033[0m" 12 | source labs/exam-task2.sh 13 | echo the score is $SCORE 14 | TOTALSCORE=$(( TOTAL + SCORE )) 15 | TOTALTOTAL=$TOTAL 16 | 17 | echo -e "\033[1mchecking task 3 results\033[0m" 18 | source labs/exam-task3.sh 19 | echo the score is $SCORE 20 | TOTALSCORE=$(( TOTAL + SCORE )) 21 | TOTALTOTAL=$TOTAL 22 | 23 | echo -e "\033[1mchecking task 4 results\033[0m" 24 | source labs/exam-task4.sh 25 | echo the score is $SCORE 26 | TOTALSCORE=$(( TOTAL + SCORE )) 27 | TOTALTOTAL=$TOTAL 28 | 29 | echo -e "\033[1mchecking task 5 results\033[0m" 30 | source labs/exam-task5.sh 31 | echo the score is $SCORE 32 | TOTALSCORE=$(( TOTAL + SCORE )) 33 | TOTALTOTAL=$TOTAL 34 | 35 | echo -e "\033[1mchecking task 6 results\033[0m" 36 | source labs/exam-task6.sh 37 | echo the score is $SCORE 38 | TOTALSCORE=$(( TOTAL + SCORE )) 39 | TOTALTOTAL=$TOTAL 40 | 41 | echo -e "\033[1mchecking task 7 results\033[0m" 42 | source labs/exam-task7.sh 43 | echo the score is $SCORE 44 | TOTALSCORE=$(( TOTAL + SCORE )) 45 | TOTALTOTAL=$TOTAL 46 | 47 | echo -e "\033[1mchecking task 8 results\033[0m" 48 | source labs/exam-task8.sh 49 | echo the score is $SCORE 50 | TOTALSCORE=$(( TOTAL + SCORE )) 51 | TOTALTOTAL=$TOTAL 52 | 53 | echo -e "\033[1mchecking task 9 results\033[0m" 54 | source labs/exam-task9.sh 55 | echo the score is $SCORE 56 | TOTALSCORE=$(( TOTAL + SCORE )) 57 | TOTALTOTAL=$TOTAL 58 | 59 | echo -e "\033[1mchecking task 10 results\033[0m" 60 | source labs/exam-task10.sh 61 | echo the score is $SCORE 62 | TOTALSCORE=$(( TOTAL + SCORE )) 63 | TOTALTOTAL=$TOTAL 64 | 65 | echo -e "\033[1mchecking task 11 results\033[0m" 66 | source labs/exam-task11.sh 67 | echo the score is $SCORE 68 | TOTALSCORE=$(( TOTAL + SCORE )) 69 | TOTALTOTAL=$TOTAL 70 | 71 | echo -e "\033[1mchecking task 12 results\033[0m" 72 | source labs/exam-task12.sh 73 | echo the score is $SCORE 74 | TOTALSCORE=$(( TOTAL + SCORE )) 75 | TOTALTOTAL=$TOTAL 76 | 77 | echo -e "\033[1mchecking task 13 results\033[0m" 78 | source labs/exam-task13.sh 79 | echo the score is $SCORE 80 | TOTALSCORE=$(( TOTAL + SCORE )) 81 | TOTALTOTAL=$TOTAL 82 | 83 | echo -e "\033[1mchecking task 14 results\033[0m" 84 | source labs/exam-task14.sh 85 | echo the score is $SCORE 86 | TOTALSCORE=$(( TOTAL + SCORE )) 87 | TOTALTOTAL=$TOTAL 88 | 89 | echo -e "\033[1mchecking task 15 results\033[0m" 90 | source labs/exam-task15.sh 91 | #### print PASS/FAIL 92 | echo -e "\n" 93 | echo your score is $SCORE out of a total of $TOTAL 94 | 95 | if [[ $SCORE -ge $(( TOTAL / 10 * 7 )) ]] 96 | then 97 | echo -e "\033[32mCONGRATULATIONS!!\033[0m\t\t You passed this sample exam!" 98 | echo -e "\033[1mResults obtained here don't guarantee anything for the real exam\033[0m" 99 | else 100 | echo -e "\033[31m[FAIL]\033[0m\t\t You did NOT pass this sample exam \033[36m:-(\033[0m" 101 | fi 102 | 103 | -------------------------------------------------------------------------------- /labs-live/ckad-lab14-grade.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # check if a storageclass is running 4 | if kubectl get storageclass >/dev/null 5 | then 6 | echo -e "\033[32m[OK]\033[0m\t\t A storageclass is running. You're good to continue." 7 | else 8 | echo -e "\033[31m[FAIL]\033[0m\t\t No storageclass was found. That's weird as it is a default resource in minikube. Are you sure you're using this lab in minikube?" && exit 3 9 | fi 10 | 11 | # verify that a PVC is created 12 | if kubectl get pvc | grep "pvc-lab14" >/dev/null 13 | then 14 | echo -e "\033[32m[OK]\033[0m\t\t PVC pvc-lab14 is running" 15 | else 16 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a PVC with the name pvc-lab14. There is no easy command to create a PVC. Have a look at the example file \033[1mpv-pvc-pod.yaml\033[0m in the course Git repository for an example and create your own pvc-lab14.yaml based on this. Next use \033[1mkubectl apply -f pvc-lab14.yaml\033[0m to create it it." && exit 4 17 | fi 18 | 19 | # verify that the PVC is bound to a PV 20 | if [[ $(kubectl get pvc | awk '/pvc-lab14/ { print $2 }') == "Bound" ]] >/dev/null 21 | then 22 | echo -e "\033[32m[OK]\033[0m\t\t PVC pvc-lab14 is bound to a Persistent Volume" 23 | else 24 | echo -e "\033[31m[FAIL]\033[0m\t\t I have found the PVC pvc-lab14 but it doesn't show as bound to any storage. Did you include a \033[1mstorageClassName\033[0m property in the pvc-lab14.yaml file? If you did, remove it and run \033[1mkubectl apply pvc-lab14.yaml\033[0m to update the PVC" && exit 4 25 | fi 26 | 27 | # verify that a pod with the name lab14 is running 28 | if kubectl get pods | grep lab14-pod >/dev/null 29 | then 30 | echo -e "\033[32m[OK]\033[0m\t\t Pod lab14-pod is running" 31 | else 32 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find a Pod with the name lab14-pod. There is no easy command to create a Pod that connects to specific storage. Have a look at the example file \033[1mpv-pvc-pod.yaml\033[0m in the course Git repository for an example and create your own lab14-pod.yaml based on this. Don't forget to tweak it, and include a default command like sleep 3600. Next use \033[1mkubectl apply -f lab14-pod.yaml\033[0m to create it." && exit 4 33 | fi 34 | 35 | # verify that a file with the name lab14file can be written to "storagelab" in the directory /data 36 | if kubectl exec lab14-pod -- touch /data/lab14file >/dev/null 37 | then 38 | echo -e "\033[32m[OK]\033[0m\t\t I can write a testfile to the /data directory in the Pod. So all is looking good!" 39 | else 40 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot create a testfile in the directory /data in the Pod. Can you please verify that mount path using \033[1mkubectl describe pod lab14-pod\033[0m" && exit 4 41 | fi 42 | 43 | # use minikube ssh ls /PATH/labfile to verify the file has been written 44 | if minikube ssh ls /tmp/hostpath-provisioner/default/pvc-lab14/lab14file >/dev/null 45 | then 46 | echo -e "\033[32m[OK]\033[0m\t\t I can find the testfile in the hostPath PV that the StorageClass has created." 47 | else 48 | echo -e "\033[31m[FAIL]\033[0m\t\t I cannot find the testfile in the hostPath PV that the StorageClass has created. Did you use the name \033[1mpvc-lab14\033[0m for the PVC?" && exit 4 49 | fi 50 | 51 | echo 52 | echo -e "\033[32m[CONGRATS]\033[0m\t you have succesfully completed this lab, please move on to the next lesson" 53 | echo 54 | -------------------------------------------------------------------------------- /mar25.txt: -------------------------------------------------------------------------------- 1 | 1 minikube start --memory=4G --cni=calico 2 | 2 minikube status 3 | 3 kubectl get all 4 | 4 history 5 | 5 ls 6 | 6 find . -name Dockerfile 7 | 7 cd dockerfile/ 8 | 8 ls 9 | 9 vim Dockerfile 10 | 10 sudo apt install vim 11 | 11 vim Dockerfile 12 | 12 docker build -t myapp . 13 | 13 docker images 14 | 14 docker run myapp 15 | 15 docker run myapp 2 16 | 16 docker run -it nginx sh 17 | 17 docker run myapp sh 18 | 18 vim Dockerfile 19 | 19 docker build -t apptwo . 20 | 20 docker run apptwo 21 | 21 docker run apptwo 2 22 | 22 docker run apptwo ./countdown 2 23 | 23 docker run -it apptwo sh 24 | 24 cd ../alpmap/ 25 | 25 ls 26 | 26 mv Containerfile Dockerfile 27 | 27 vim Dockerfile 28 | 28 docker build -t alpmap . 29 | 29 ls 30 | 30 cat Dockerfile 31 | 31 touch sander.repo 32 | 32 docker build -t alpmap . 33 | 33 cat Dockerfile 34 | 34 docker run alpmap 35 | 35 docker ps 36 | 36 cd .. 37 | 37 docker run myapp 38 | 38 id 39 | 39 cd alpmap/ 40 | 40 vim Dockerfile 41 | 41 cd .. 42 | 42 kubectl run nginx 43 | 43 kubectl run -h | less 44 | 44 kubectl run nginx --image=nginx 45 | 45 kubectl get all 46 | 46 kubectl get ns 47 | 47 kubectl create ns secret 48 | 48 kubectl get ns 49 | 49 kubectl run secretnginx --image=nginx -n secret 50 | 50 kubectl get all 51 | 51 kubectl get pods -A 52 | 52 kubectl completion -h | less 53 | 53 source <(kubectl completion bash) 54 | 54 history 55 | 55 vim initcontainer.yaml 56 | 56 kubectl apply -f initcontainer.yaml 57 | 57 kubectl get pods 58 | 58 ls init* 59 | 59 vim init-example1.yaml 60 | 60 kubectl apply -f init-example1.yaml 61 | 61 kubectl get pods 62 | 62 vim init-example2.yaml 63 | 63 vim initcontainer.yaml 64 | 64 kubectl explain pod 65 | 65 kubectl explain pod.spec 66 | 66 kubectl explain pod.spec.initContainers 67 | 67 vim lab1.yaml 68 | 68 kubectl apply -f lab1.yaml 69 | 69 vim lab1.yaml 70 | 70 kubectl apply -f lab1.yaml 71 | 71 kubectl get pods 72 | 72 kubectl run restartginx --image=nginx --dry-run=client -o yaml > restart.yaml 73 | 73 vim restart.yaml 74 | 74 kubectl apply -f restart.yaml 75 | 75 kubectl get pods 76 | 76 kubectl delete pod restartginx 77 | 77 kubectl get pods 78 | 78 history 79 | 79 kubectl run nginx2 --image=nginx 80 | 80 minikube ssh 81 | 81 kubectl get pods 82 | 82 ./countdown 1 83 | 83 history 84 | 84 kubectl api-resources | less 85 | 85 kubectl create job onejob --image=busybox -- date 86 | 86 kubectl get jobs,pods 87 | 87 kubectl get job onejob -o yaml | less 88 | 88 kubectl delete onejob 89 | 89 kubectl delete job onejob 90 | 90 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml sleep 5 > mynewjob.yaml 91 | 91 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml -- sleep 5 > mynewjob.yaml 92 | 92 vim mynewjob.yaml 93 | 93 kubectl apply -f mynewjob.yaml 94 | 94 kubectl get jobs,pods | grep mynew 95 | 95 history 96 | 96 cat mynewjob.yaml 97 | 97 vim mynewjob.yaml 98 | 98 kubectl apply -f mynewjob.yaml 99 | 99 kubectl get all 100 | 100 vim mynewjob.yaml 101 | 101 kubectl apply -f mynewjob.yaml 102 | 102 kubectl get pods 103 | 103 kubectl delete -f mynewjob.yaml 104 | 104 vim mynewjob.yaml 105 | 105 kubectl apply -f mynewjob.yaml 106 | 106 kubectl get pods 107 | 107 kubectl create cronjob -h | less 108 | 108 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster 109 | 109 kubectl get cronjobs,jobs,pods 110 | 110 kubectl delete job mynewjob 111 | 111 kubectl get cronjobs,jobs,pods 112 | 112 kubectl create job runme --from=cronjob/runme 113 | 113 kubectl get cronjobs,jobs,pods 114 | 114 kubectl logs runme-29047232-jmh59 115 | 115 kubectl get cronjobs,jobs,pods 116 | 116 kubectl delete cronjobs.batch runme 117 | 117 history 118 | 118 kubectl create deploy monday --image=nginx --replicas=3 119 | 119 kubectl get deploy monday -o yaml | less 120 | 120 kubectl create quota -h | less 121 | 121 vim frontend-resources.yaml 122 | 122 kubectl explain pods.spec | less 123 | 123 kubectl explain pods.spec.resources | less 124 | 124 vim frontend-resources.yaml 125 | 125 kubectl apply -f frontend-resources.yaml 126 | 126 kubectl get pods frontend 127 | 127 kubectl describe pods frontend 128 | 128 kubectl delete -f frontend-resources.yaml 129 | 129 kubectl create ns restricted 130 | 130 kubectl create quota myquota --hard=cpu=2,--memory=1G,pods=3 131 | 131 kubectl create quota myquota --hard=cpu=2,memory=1G,pods=3 132 | 132 kubectl describe ns default 133 | 133 kubectl delete quota myquota 134 | 134 kubectl create quota myquota --hard=cpu=2,memory=1G,pods=3 -n restricted 135 | 135 kubectl describe ns restricted 136 | 136 kubectl edit quota -n restricted myquota 137 | 137 kubectl describe ns restricted 138 | 138 kubectl run pod restrictedpod --image=nginx -n restricted 139 | 139 kubectl create deploy restricteddeploy --image=nginx -n restricted 140 | 140 kubectl get all -n restricted 141 | 141 kubectl describe rs -n restricted 142 | 142 kubectl set resources -n restricted deploy restricteddeploy --limits=200m,memory=2G 143 | 143 kubectl set resources -n restricted deploy restricteddeploy --limits=cpu=200m,memory=2G 144 | 144 kubectl get all -n restricted 145 | 145 kubectl describe -n restricted rs restricteddeploy-c9cdf9f94 146 | 146 kubectl set resources -n restricted deploy restricteddeploy --limits=cpu=200m,memory=128M --requests=cpu=100m,memory=64M 147 | 147 kubectl get all -n restricted 148 | 148 history 149 | 149 kubectl create deploy upapp --image=nginx:1.17 --replicas=5 150 | 150 kubectl get deploy upapp -o yaml | grep -A5 strategy 151 | 151 kubectl set image deploy/upapp nginx=nginx:1.18; sleep 1; kubectl get all --selector app=upapp 152 | 152 kubectl get all --selector app=upapp 153 | 153 kubectl edit deploy upapp 154 | 154 kubectl set image deploy/upapp nginx=nginx:1.19; sleep 1; kubectl get all --selector app=upapp 155 | 155 vim rolling.yaml 156 | 156 kubectl create -f rolling.yaml 157 | 157 kubectl rollout history deployment 158 | 158 kubectl edit deployments.apps rolling-nginx 159 | 159 kubectl rollout history deployment rolling-nginx 160 | 160 kubectl rollout history deployment rolling-nginx --revision=2 161 | 161 kubectl rollout history deployment rolling-nginx --revision=1 162 | 162 kubectl rollout undo deployment rolling-nginx --to-revision=1 163 | 163 kubectl create deploy nginxsvc --image=nginx 164 | 164 kubectl scale deployment nginxsvc --replicas=3 165 | 165 kubectl get all --selector app=nginxsvc 166 | 166 kubectl expose deploy nginxsvc --port=80 167 | 167 kubectl get all --selector app=nginxsvc 168 | 168 kubectl describe svc nginxsvc 169 | 169 kubectl get pods --selector app=nginxsvc -o wide 170 | 170 kubectl get endpoints 171 | 171 curl 10.107.171.53 172 | 172 minikube ssh 173 | 173 kubectl edit svc nginxsvc 174 | 174 kubectl get svc 175 | 175 minikube ip 176 | 176 curl 192.168.49.2:32372 177 | 177 ip a 178 | 178 history > /tmp/mar25.txt 179 | -------------------------------------------------------------------------------- /Juneday124.txt: -------------------------------------------------------------------------------- 1 | 1 sudo systemctl get-default 2 | 2 sudo apt install ubuntu-desktop 3 | 3 sudo dpkg --configure -a 4 | 4 sudo apt install ubuntu-desktop 5 | 5 sudo reboot 6 | 6 minikube start --mem=4G --disk=max 7 | 7 minikube start --memory=4G --disk=max 8 | 8 minikube start --help | less 9 | 9 minikube start --memory=4G --disk-size=30g 10 | 10 kubectl get all 11 | 11 minikube status 12 | 12 kubectl get all 13 | 13 docker 14 | 14 sudo apt install vim git -y 15 | 15 git clone https://github.com/sandervanvugt/ckad 16 | 16 ls 17 | 17 cd dockerfile/ 18 | 18 ls 19 | 19 vim Dockerfile 20 | 20 docker build -t myapp . 21 | 21 docker images 22 | 22 docker image inspect myapp | less 23 | 23 docker run myapp 24 | 24 docker ps -a 25 | 25 docker run --name customweb -it nginx sh 26 | 26 docker commit customweb nginx:custom 27 | 27 docker images 28 | 28 docker run -it localhost/nginx:custom ls -l /tmp/testfile 29 | 29 id 30 | 30 docker run -it nginx:custom ls -l /tmp/testfile 31 | 31 history 32 | 32 source <(kubectl completion bash) 33 | 33 history 34 | 34 kubectl run nginx 35 | 35 kubectl run --help | less 36 | 36 kubectl run nginx --image=nginx 37 | 37 kubectl get pods 38 | 38 kubectl get pods -A 39 | 39 kubectl create ns secret 40 | 40 kubectl get ns 41 | 41 kubectl run pod secretpod --image=nginx -n secret 42 | 42 kubectl get pods 43 | 43 kubectl get pods -n secret 44 | 44 kubectl get pods -A 45 | 45 kubectl -n secret describe pod pod 46 | 46 history 47 | 47 kubectl logs -n secret pod 48 | 48 kubectl delete -n secret pod pod 49 | 49 kubectl run secretpod --image=nginx -n secret 50 | 50 kubectl get pods -n secret 51 | 51 history 52 | 52 podman get -n secret pods secretpod -y yaml 53 | 53 kubectl get -n secret pods secretpod -y yaml 54 | 54 kubectl get -n secret pods secretpod -o yaml 55 | 55 kubectl describe -n secret pods secretpod 56 | 56 kubectl get -n secret pods secretpod -y yaml | less 57 | 57 kubectl get -n secret pods secretpod -o yaml | less 58 | 58 cd .. 59 | 59 vim initdemo.yaml 60 | 60 kubectl apply -f initdemo.yaml 61 | 61 kubectl get pods 62 | 62 cat initdemo.yaml 63 | 63 kubectl run nginx1 --image=nginx 64 | 64 kubectl get pods nginx1 -o yaml | grep restartP 65 | 65 kubectl delete pods nginx1 66 | 66 kubectl get pods 67 | 67 kubectl run nginx23 --image=nginx 68 | 68 minikube ssh 69 | 69 kubectl get pods 70 | 70 history 71 | 71 kubectl explain jobs 72 | 72 kubectl explain jobs.spec 73 | 73 kubectl create job onejob --image=busybox -- date 74 | 74 kubectl get jobs,pods 75 | 75 kubectl get pods onejob-fk2sf -o yaml | grep restartP 76 | 76 kubectl delete job onejob 77 | 77 kubectl get pods 78 | 78 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml 79 | 79 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml --sleep 5 > mynewjob.yaml 80 | 80 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml -- sleep 5 > mynewjob.yaml 81 | 81 vim mynewjob.yaml 82 | 82 kubectl apply -f mynewjob.yaml 83 | 83 kubectl get pods,jobs 84 | 84 kubectl create cronjob -h | less 85 | 85 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster 86 | 86 kubectl get cronjob,job,pod 87 | 87 kubectl create job runme --from=cronjob/runme 88 | 88 kubectl get jobs 89 | 89 kubectl logs runme-28623710-rvs2s 90 | 90 kubectl delete cronjob runme 91 | 91 history 92 | 92 ./countdown 1 93 | 93 history 94 | 94 kubectl completion -h | less 95 | 95 ./countdown 12 96 | 96 vim frontend-resources.yaml 97 | 97 kubectl create -f frontend-resources.yaml 98 | 98 kubectl get pods 99 | 99 kubectl describe pod frontend 100 | 100 kubectl delete -f frontend-resources.yaml 101 | 101 vim frontend-resources.yaml 102 | 102 kubectl apply -f frontend-resources.yaml 103 | 103 kubectl get pods 104 | 104 kubectl delete -f frontend-resources.yaml 105 | 105 vim frontend-resources.yaml 106 | 106 kubectl apply -f frontend-resources.yaml 107 | 107 kubectl get pods 108 | 108 kubectl describe pod frontend 109 | 109 kubectl delete -f frontend-resources.yaml 110 | 110 kubectl create deploy dummy --image=nginx 111 | 111 kubectl set resources -h | less 112 | 112 kubectl set resources deployment dummy --limits=cpu=200m,memory=512Mi --requests=cpu=100m,memory=256Mi 113 | 113 kubectl get deployments.apps dummy -o yaml | less 114 | 114 kubectl delete deployments.apps dummy 115 | 115 kubectl create deploy upapp --image=nginx:1.17 --replicas=5 116 | 116 kubectl get deploy upapp -o yaml 117 | 117 kubectl get deploy upapp -o yaml | grep -A5 strategy 118 | 118 kubectl set image deploy/upapp nginx=nginx:1.18; kubectl get all --selector app=upapp 119 | 119 kubectl get all --selector app=upapp 120 | 120 kubectl edit deploy upapp 121 | 121 kubectl set image deploy/upapp nginx=nginx:1.19; kubectl get all --selector app=upapp 122 | 122 vim rolling.yaml 123 | 123 kubectl create -f rolling.yaml 124 | 124 kubectl rollout history deploy 125 | 125 kubectl edit deploy rolling-nginx 126 | 126 kubectl rollout history deploy 127 | 127 kubectl rollout history deploy rolling-nginx --revision=2 128 | 128 kubectl rollout history deploy rolling-nginx --revision=1 129 | 129 kubectl rollout undo deployment rolling-nginx --to-revision=1 130 | 130 df -h 131 | 131 kubectl create deployment nginxsvc --image=nginx 132 | 132 kubectl scale deployment nginxsvc --replicas=3 133 | 133 kubectl expose deployment nginxsvc --port=80 134 | 134 kubectl get all --selector app=nginxsvc 135 | 135 kubectl describe svc nginxsvc | less 136 | 136 kubectl get svc nginxsvc -o yaml | less 137 | 137 kubectl get endpoints 138 | 138 kubectl get svc 139 | 139 curl 10.107.30.140 140 | 140 minikube ssh 141 | 141 kubectl edit svc nginxsvc 142 | 142 kubectl get svc 143 | 143 minikube ip 144 | 144 curl 192.168.39.2:30822 145 | 145 curl 192.168.49.2:30822 146 | 146 sudo -i 147 | 147 kubectl describe -n kube-system svc kubernetes 148 | 148 kubectl get svc -n kube-system 149 | 149 kubectl get svc -n kube-system kube-dns 150 | 150 kubectl create ns elsewhere 151 | 151 kubectl run nginxpod -n elsewhere 152 | 152 kubectl run nginxpod --image=nginx -n elsewhere 153 | 153 kubectl expose -n elsewhere pod nginxpod --port=80 154 | 154 kubectl get svc,pods -n elsewhere 155 | 155 kubectl run testpod --image=busybox -- sleep infinity 156 | 156 kubectl exec -it testpod -- cat /etc/resolv.conf 157 | 157 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod 158 | 158 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod.elsewhere.svc.cluster.local 159 | 159 minikube addons list 160 | 160 minikube addons enable ingress 161 | 161 kubectl get ns 162 | 162 kubectl get all -n ingress-nginx 163 | 163 kubectl create ingress -h | less 164 | 164 kubectl create ingress nginxsvc-ingress --rule="/=nginxsvc:80" --rule="/hello=newdep:8080" 165 | 165 sudo vim /etc/hosts 166 | 166 kubectl describe ing nginxsvc-ingress 167 | 167 curl nginxsvc.info 168 | 168 curl nginxsvc.info/hello 169 | 169 kubectl create deployment newdep --image=gcr.io/google-samples/hello-app:2.0 170 | 170 kubectl expose deployment newdep --port=8080 171 | 171 curl nginxsvc.info/hello 172 | 172 kubectl describe ing nginxsvc-ingress 173 | 173 kubectl get svc 174 | 174 kubectl describe svc newdep 175 | 175 kubectl get deploy newdep 176 | 176 kubectl get all --selector app=newdep 177 | 177 kubectl describe pod newdep-7f5cf4f95b-9r462 178 | 178 kubectl logs newdep-7f5cf4f95b-9r462 179 | 179 arch 180 | 180 history 181 | 181 history > Juneday124.txt 182 | -------------------------------------------------------------------------------- /history-25sep24.txt: -------------------------------------------------------------------------------- 1 | 1 sudo apt install ubuntu-desktop 2 | 2 sudo systemctl get-default 3 | 3 sudo systemctl disable pd-mapper.service 4 | 4 sudo systemctl disable systemd-networkd-wait-online 5 | 5 sudo apt update -y 6 | 6 ip a 7 | 7 ping nu.nl 8 | 8 sudo apt update 9 | 9 sudo apt upgrade 10 | 10 sudo dpkg --configure -a 11 | 11 sudo reboot 12 | 12 sudo -i 13 | 13 sudo poweroff 14 | 14 minikube start 15 | 15 minikube stop 16 | 16 minikube start --help 17 | 17 free -m 18 | 18 minikube start --memory=3g --cni=calico 19 | 19 minikube delete 20 | 20 minikube start --memory=3g --cni=calico 21 | 21 minikube status 22 | 22 kubectl get all 23 | 23 docker 24 | 24 ls 25 | 25 cd dockerfile/ 26 | 26 ls 27 | 27 vim Dockerfile 28 | 28 docker build -t countdown . 29 | 29 docker images 30 | 30 docker run countdown 31 | 31 docker run countdown 2 32 | 32 history 33 | 33 cat Dockerfile 34 | 34 docker run --name customweb -it nginx sh 35 | 35 docker commit customweb nginx:custom 36 | 36 docker images 37 | 37 docker run -it nginx:custom ls -l /tmp/testfile 38 | 38 kubectl get ns 39 | 39 source <(kubectl completion bash) 40 | 40 kubectl completion --help | less 41 | 41 kubectl get pods 42 | 42 kubectl run -h | less 43 | 43 kubectl run appone --image=nginx 44 | 44 kubectl get pods 45 | 45 kubectl get pods -A 46 | 46 kubectl create ns secret 47 | 47 kubectl run secretpod --image=nginx -n secret 48 | 48 kubectl get pods 49 | 49 kubectl get pods -n secret 50 | 50 history 51 | 51 cd .. 52 | 52 vim 25init.yaml 53 | 53 kubectl apply -f 25init.yaml 54 | 54 kubectl get all 55 | 55 vim 25init.yaml 56 | 56 kubectl apply -f 25init.yaml 57 | 57 kubectl get pods 58 | 58 cat 25init.yaml 59 | 59 kubectl get pods 60 | 60 history 61 | 61 cat 25init.yaml 62 | 62 vim docs.yaml 63 | 63 kubectl apply -f docs.yaml 64 | 64 kubectl get pods 65 | 65 kubectl delete -f docs.yaml 66 | 66 kubectl get pods 67 | 67 kubectl run nginx1 --image=nginx 68 | 68 kubectl get pods nginx1 -o yaml | less 69 | 69 kubectl delete pods nginx1 70 | 70 kubectl get pods 71 | 71 kubectl run nginx2 --image=nginx 72 | 72 minikube ssh 73 | 73 kubectl get pods 74 | 74 grep centos * 75 | 75 vim sidecar.yaml 76 | 76 kubectl apply -f sidecar.yaml 77 | 77 kubectl get pods 78 | 78 kubectl describe pod sidecar-pod 79 | 79 kubectl logs sidecar-pod 80 | 80 kubectl logs sidecar-pod -c sidecar 81 | 81 arch 82 | 82 kubectl get pods 83 | 83 kubectl delete pod sidecar-pod 84 | 84 kubectl explain jobs.spec | less 85 | 85 kubectl create job onejob --image=busybox -- date 86 | 86 kubectl get jobs,pods 87 | 87 kubectl get pods onejob-w69wh -o yaml | less 88 | 88 kubectl get jobs onejob -o yaml | less 89 | 89 kubectl get jobs,pods 90 | 90 kubectl delete job onejob 91 | 91 kubectl get jobs,pods 92 | 92 kubectl create job twojob --image=busybox --dry-run=client -o yaml -- sleep 5 > twojob.yaml 93 | 93 vim twojob.yaml 94 | 94 kubectl apply -f twojob.yaml 95 | 95 kubectl get jobs,pods 96 | 96 kubectl explain pod.spec | less 97 | 97 kubectl explain pod.spec.containers | less 98 | 98 kubectl get jobs,pods 99 | 99 kubectl delete pod initdemo 100 | 100 kubectl create cronjob -h | less 101 | 101 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster 102 | 102 kubectl get cronjobs,jobs,pods 103 | 103 date 104 | 104 kubectl create job runme --from=cronjob/runme 105 | 105 kubectl get cronjobs,jobs,pods 106 | 106 kubectl logs runme-tkpj2 107 | 107 kubectl delete cronjobs.batch runme 108 | 108 history 109 | 109 vim twojob.yaml 110 | 110 kubectl apply -f twojob.yaml 111 | 111 vim twojob.yaml 112 | 112 kubectl create job threejob --image=busybox --dry-run=client -o yaml -- false > threejob.yaml 113 | 113 vim threejob.yaml 114 | 114 kubectl apply -f threejob.yaml 115 | 115 kubectl get jobs,pods 116 | 116 vim frontend-resources.yaml 117 | 117 kubectl create -f frontend-resources.yaml 118 | 118 kubectl get pods 119 | 119 kubectl get jobs 120 | 120 kubectl delete job threejob 121 | 121 kubectl get pods 122 | 122 kubectl delete -f frontend-resources.yaml 123 | 123 vim frontend-resources.yaml 124 | 124 kubectl apply -f frontend-resources.yaml 125 | 125 kubectl get pods 126 | 126 kubectl get pods -n kube-system 127 | 127 kubectl describe pod frontend 128 | 128 vim frontend-resources.yaml 129 | 129 kubectl apply -f frontend-resources.yaml 130 | 130 kubectl delete -f frontend-resources.yaml 131 | 131 kubectl create -f frontend-resources.yaml 132 | 132 kubectl delete -f frontend-resources.yaml 133 | 133 vim frontend-resources.yaml 134 | 134 kubectl create -f frontend-resources.yaml 135 | 135 kubectl get pods 136 | 136 kubectl describe pod frontend 137 | 137 kubectl logs frontend -c db 138 | 138 kubectl delete -f frontend-resources.yaml 139 | 139 kubectl create deploy upapp --image=nginx:1.17 --replicas=5 140 | 140 kubectl get all 141 | 141 kubectl get deployments.apps upapp -o yaml | grep -A5 strategy 142 | 142 kubectl set -h | less 143 | 143 kubectl set image -h | less 144 | 144 #kubectl set image deploy/upapp nginx=nginx:1.18 145 | 145 #kubectl get all --selector app=upapp 146 | 146 kubectl set image deploy/upapp nginx=nginx:1.18 147 | 147 kubectl get all --selector app=upapp 148 | 148 kubectl get all --show-labels 149 | 149 kubectl edit deploy upapp 150 | 150 kubectl set image deploy/upapp nginx=nginx:1.19 151 | 151 kubectl get all --show-labels 152 | 152 vim rolling.yaml 153 | 153 kubectl create -f rolling.yaml 154 | 154 kubectl rollout history deployment 155 | 155 kubectl edit deployments.apps rolling-nginx 156 | 156 kubectl rollout history deployment 157 | 157 kubectl describe deployments.apps rolling-nginx 158 | 158 kubectl describe deployments.apps rolling-nginx --revision=2 159 | 159 kubectl rollout history deployment rolling-nginx --revision=2 160 | 160 kubectl rollout history deployment rolling-nginx --revision=1 161 | 161 kubectl rollout undo deployment rolling-nginx --to-revision=1 162 | 162 kubectl rollout -h 163 | 163 history 164 | 164 kubectl get all 165 | 165 kubectl get deploy --show-labels 166 | 166 kubectl get all 167 | 167 kubectl describe pod rolling-nginx-6bd86fdcfb-nghnm 168 | 168 kubectl get pods 169 | 169 kubectl get pods rolling-nginx-59f94dfcb4-8snhs 170 | 170 kubectl get pods rolling-nginx-59f94dfcb4-8snhs -o yaml | less 171 | 171 kubectl delete -f rolling.yaml 172 | 172 kubectl get all 173 | 173 kubectl apply -f rolling.yaml 174 | 174 kubectl get pods 175 | 175 kubectl logs rolling-nginx-6bd86fdcfb-2kxzm 176 | 176 kubectl describe rolling-nginx-6bd86fdcfb-2kxzm 177 | 177 kubectl describe pod rolling-nginx-6bd86fdcfb-2kxzm 178 | 178 kubectl delete -f rolling.yaml 179 | 179 vim rolling.yaml 180 | 180 kubectl create -f rolling.yaml 181 | 181 kubectl get all 182 | 182 kubectl delete -f rolling.yaml 183 | 183 kubectl get deploy 184 | 184 kubectl delete deploy upapp 185 | 185 kubectl create deploy nginxsvc --image=nginx 186 | 186 kubectl get all 187 | 187 kubectl get all --selector app=nginxsvc 188 | 188 kubectl get all --selector app=nginxsvc --show-labels 189 | 189 kubectl get all --selector app=nginxsvc 190 | 190 kubectl scale deployment nginxsvc --replicas=3 191 | 191 kubectl get all --selector app=nginxsvc 192 | 192 kubectl expose deployment nginxsvc --port=80 193 | 193 kubectl get all --selector app=nginxsvc 194 | 194 kubectl describe svc nginxsvc 195 | 195 kubectl get svc 196 | 196 curl 10.98.84.17 197 | 197 minikube ssh 198 | 198 kubectl edit svc nginxsvc 199 | 199 kubectl get svc 200 | 200 minikube ip 201 | 201 curl 192.168.49.2:31161 202 | 202 kubectl edit svc nginxsvc 203 | 203 curl 192.168.49.2:31161 204 | 204 kubectl get svc 205 | 205 kubectl describe svc nginxsvc 206 | 206 kubectl edit svc nginxsvc 207 | 207 curl 192.168.49.2:31161 208 | 208 kubectl edit svc nginxsvc 209 | 209 kubectl describe svc nginxsvc 210 | 210 kubectl edit svc nginxsvc 211 | 211 kubectl describe svc nginxsvc 212 | 212 history 213 | 213 history > /tmp/history-25sep24.txt 214 | -------------------------------------------------------------------------------- /march25.txt: -------------------------------------------------------------------------------- 1 | 1 minikube start --memory=4G --cni=calico 2 | 2 minikube status 3 | 3 kubectl get all 4 | 4 history 5 | 5 ls 6 | 6 find . -name Dockerfile 7 | 7 cd dockerfile/ 8 | 8 ls 9 | 9 vim Dockerfile 10 | 10 sudo apt install vim 11 | 11 vim Dockerfile 12 | 12 docker build -t myapp . 13 | 13 docker images 14 | 14 docker run myapp 15 | 15 docker run myapp 2 16 | 16 docker run -it nginx sh 17 | 17 docker run myapp sh 18 | 18 vim Dockerfile 19 | 19 docker build -t apptwo . 20 | 20 docker run apptwo 21 | 21 docker run apptwo 2 22 | 22 docker run apptwo ./countdown 2 23 | 23 docker run -it apptwo sh 24 | 24 cd ../alpmap/ 25 | 25 ls 26 | 26 mv Containerfile Dockerfile 27 | 27 vim Dockerfile 28 | 28 docker build -t alpmap . 29 | 29 ls 30 | 30 cat Dockerfile 31 | 31 touch sander.repo 32 | 32 docker build -t alpmap . 33 | 33 cat Dockerfile 34 | 34 docker run alpmap 35 | 35 docker ps 36 | 36 cd .. 37 | 37 docker run myapp 38 | 38 id 39 | 39 cd alpmap/ 40 | 40 vim Dockerfile 41 | 41 cd .. 42 | 42 kubectl run nginx 43 | 43 kubectl run -h | less 44 | 44 kubectl run nginx --image=nginx 45 | 45 kubectl get all 46 | 46 kubectl get ns 47 | 47 kubectl create ns secret 48 | 48 kubectl get ns 49 | 49 kubectl run secretnginx --image=nginx -n secret 50 | 50 kubectl get all 51 | 51 kubectl get pods -A 52 | 52 kubectl completion -h | less 53 | 53 source <(kubectl completion bash) 54 | 54 history 55 | 55 vim initcontainer.yaml 56 | 56 kubectl apply -f initcontainer.yaml 57 | 57 kubectl get pods 58 | 58 ls init* 59 | 59 vim init-example1.yaml 60 | 60 kubectl apply -f init-example1.yaml 61 | 61 kubectl get pods 62 | 62 vim init-example2.yaml 63 | 63 vim initcontainer.yaml 64 | 64 kubectl explain pod 65 | 65 kubectl explain pod.spec 66 | 66 kubectl explain pod.spec.initContainers 67 | 67 vim lab1.yaml 68 | 68 kubectl apply -f lab1.yaml 69 | 69 vim lab1.yaml 70 | 70 kubectl apply -f lab1.yaml 71 | 71 kubectl get pods 72 | 72 kubectl run restartginx --image=nginx --dry-run=client -o yaml > restart.yaml 73 | 73 vim restart.yaml 74 | 74 kubectl apply -f restart.yaml 75 | 75 kubectl get pods 76 | 76 kubectl delete pod restartginx 77 | 77 kubectl get pods 78 | 78 history 79 | 79 kubectl run nginx2 --image=nginx 80 | 80 minikube ssh 81 | 81 kubectl get pods 82 | 82 ./countdown 1 83 | 83 history 84 | 84 kubectl api-resources | less 85 | 85 kubectl create job onejob --image=busybox -- date 86 | 86 kubectl get jobs,pods 87 | 87 kubectl get job onejob -o yaml | less 88 | 88 kubectl delete onejob 89 | 89 kubectl delete job onejob 90 | 90 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml sleep 5 > mynewjob.yaml 91 | 91 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml -- sleep 5 > mynewjob.yaml 92 | 92 vim mynewjob.yaml 93 | 93 kubectl apply -f mynewjob.yaml 94 | 94 kubectl get jobs,pods | grep mynew 95 | 95 history 96 | 96 cat mynewjob.yaml 97 | 97 vim mynewjob.yaml 98 | 98 kubectl apply -f mynewjob.yaml 99 | 99 kubectl get all 100 | 100 vim mynewjob.yaml 101 | 101 kubectl apply -f mynewjob.yaml 102 | 102 kubectl get pods 103 | 103 kubectl delete -f mynewjob.yaml 104 | 104 vim mynewjob.yaml 105 | 105 kubectl apply -f mynewjob.yaml 106 | 106 kubectl get pods 107 | 107 kubectl create cronjob -h | less 108 | 108 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster 109 | 109 kubectl get cronjobs,jobs,pods 110 | 110 kubectl delete job mynewjob 111 | 111 kubectl get cronjobs,jobs,pods 112 | 112 kubectl create job runme --from=cronjob/runme 113 | 113 kubectl get cronjobs,jobs,pods 114 | 114 kubectl logs runme-29047232-jmh59 115 | 115 kubectl get cronjobs,jobs,pods 116 | 116 kubectl delete cronjobs.batch runme 117 | 117 history 118 | 118 kubectl create deploy monday --image=nginx --replicas=3 119 | 119 kubectl get deploy monday -o yaml | less 120 | 120 kubectl create quota -h | less 121 | 121 vim frontend-resources.yaml 122 | 122 kubectl explain pods.spec | less 123 | 123 kubectl explain pods.spec.resources | less 124 | 124 vim frontend-resources.yaml 125 | 125 kubectl apply -f frontend-resources.yaml 126 | 126 kubectl get pods frontend 127 | 127 kubectl describe pods frontend 128 | 128 kubectl delete -f frontend-resources.yaml 129 | 129 kubectl create ns restricted 130 | 130 kubectl create quota myquota --hard=cpu=2,--memory=1G,pods=3 131 | 131 kubectl create quota myquota --hard=cpu=2,memory=1G,pods=3 132 | 132 kubectl describe ns default 133 | 133 kubectl delete quota myquota 134 | 134 kubectl create quota myquota --hard=cpu=2,memory=1G,pods=3 -n restricted 135 | 135 kubectl describe ns restricted 136 | 136 kubectl edit quota -n restricted myquota 137 | 137 kubectl describe ns restricted 138 | 138 kubectl run pod restrictedpod --image=nginx -n restricted 139 | 139 kubectl create deploy restricteddeploy --image=nginx -n restricted 140 | 140 kubectl get all -n restricted 141 | 141 kubectl describe rs -n restricted 142 | 142 kubectl set resources -n restricted deploy restricteddeploy --limits=200m,memory=2G 143 | 143 kubectl set resources -n restricted deploy restricteddeploy --limits=cpu=200m,memory=2G 144 | 144 kubectl get all -n restricted 145 | 145 kubectl describe -n restricted rs restricteddeploy-c9cdf9f94 146 | 146 kubectl set resources -n restricted deploy restricteddeploy --limits=cpu=200m,memory=128M --requests=cpu=100m,memory=64M 147 | 147 kubectl get all -n restricted 148 | 148 history 149 | 149 kubectl create deploy upapp --image=nginx:1.17 --replicas=5 150 | 150 kubectl get deploy upapp -o yaml | grep -A5 strategy 151 | 151 kubectl set image deploy/upapp nginx=nginx:1.18; sleep 1; kubectl get all --selector app=upapp 152 | 152 kubectl get all --selector app=upapp 153 | 153 kubectl edit deploy upapp 154 | 154 kubectl set image deploy/upapp nginx=nginx:1.19; sleep 1; kubectl get all --selector app=upapp 155 | 155 vim rolling.yaml 156 | 156 kubectl create -f rolling.yaml 157 | 157 kubectl rollout history deployment 158 | 158 kubectl edit deployments.apps rolling-nginx 159 | 159 kubectl rollout history deployment rolling-nginx 160 | 160 kubectl rollout history deployment rolling-nginx --revision=2 161 | 161 kubectl rollout history deployment rolling-nginx --revision=1 162 | 162 kubectl rollout undo deployment rolling-nginx --to-revision=1 163 | 163 kubectl create deploy nginxsvc --image=nginx 164 | 164 kubectl scale deployment nginxsvc --replicas=3 165 | 165 kubectl get all --selector app=nginxsvc 166 | 166 kubectl expose deploy nginxsvc --port=80 167 | 167 kubectl get all --selector app=nginxsvc 168 | 168 kubectl describe svc nginxsvc 169 | 169 kubectl get pods --selector app=nginxsvc -o wide 170 | 170 kubectl get endpoints 171 | 171 curl 10.107.171.53 172 | 172 minikube ssh 173 | 173 kubectl edit svc nginxsvc 174 | 174 kubectl get svc 175 | 175 minikube ip 176 | 176 curl 192.168.49.2:32372 177 | 177 ip a 178 | 178 history > /tmp/mar25.txt 179 | 179 sudo apt install openssh-server 180 | 180 kubectl get all 181 | 181 kubectl describe svc -n kube-system kube-dns 182 | 182 kubectl get pods -n kube-system 183 | 183 kubectl create ns elsewhere 184 | 184 kubectl run nginxpod --image=nginx -n elsewhere 185 | 185 kubectl expose -n elsewhere pod nginxpod --port=80 186 | 186 kubectl run testpod --image=busybox -- sleep infinity 187 | 187 kubectl exec -it testpod -- cat /etc/resolv.conf 188 | 188 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod 189 | 189 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod.elsewhere.svc.cluster.local 190 | 190 minikube addons list 191 | 191 minikube addons enable ingress 192 | 192 kubectl get ns 193 | 193 kubectl get all -n ingress-nginx 194 | 194 kubectl get all --selector app=nginxsvc 195 | 195 kubectl create ing -h | less 196 | 196 kubectl create ing nginxsvc-ingress --rule="/=nginxsvc:80" --rule="/hello=newdep:8080" 197 | 197 sudo vim /etc/hosts 198 | 198 ping nginxsvc.info 199 | 199 kubectl describe ing nginxsvc-ingress 200 | 200 curl nginxsvc.info 201 | 201 kubectl create deploy newdep --image=gcr.io/google-samples/hello-app:2.0 202 | 202 kubectl expose deploy newdep --port=8080 203 | 203 curl nginxsvc.info/hello 204 | 204 kubectl describe ing nginxsvc-ingress 205 | 205 kubectl get all 206 | 206 kubectl describe rs newdep-56cb577645 207 | 207 kubectl describe pod newdep-56cb577645-jl9pg 208 | 208 kubectl logs newdep-56cb577645-jl9pg 209 | 209 curl nginxsvc.info 210 | 210 kubectl edit svc nginxsvc 211 | 211 curl nginxsvc.info 212 | 212 kubectl describe ing nginxsvc-ingress 213 | 213 kubectl describe svc nginxsvc 214 | 214 kubectl edit svc nginxsvc 215 | 215 curl nginxsvc.info 216 | 216 history 217 | 217 kubectl get pods -n kube-system 218 | 218 history | less 219 | 219 vim nwpolicy-complete-example.yaml 220 | 220 kubectl apply -f nwpolicy-complete-example.yaml 221 | 221 kubectl expose pod nginxxx --port=80 222 | 222 kubectl exec -it busybox -- wget --spider --timeout=1 nginxxx 223 | 223 kubectl get netpol 224 | 224 kubectl describe netpol access-nginx 225 | 225 kubectl get pods nginxxx --show-labels 226 | 226 kubectl get pods busybox --show-labels 227 | 227 kubectl label pod busybox access="true" 228 | 228 kubectl exec -it busybox -- wget --spider --timeout=1 nginxxx 229 | 229 vim expol.yaml 230 | 230 history 231 | 231 kubectl create ns Nevada 232 | 232 kubectl create ns nevada 233 | 233 kubectl -n nevada run nevaginx --image=nginx 234 | 234 kubectl -n nevada label pod nevaginx type=webapp 235 | 235 kubectl -n nevadata get all --show-labels 236 | 236 kubectl -n nevada get all --show-labels 237 | 237 vim nevapol.yaml 238 | 238 kubectl apply -f nevapol.yaml 239 | 239 kubectl get netpol -n nevada 240 | 240 kubectl -n nevada run nevatest --image=busybox -- sleep infinity 241 | 241 kubectl exec -it -n nevada nevatest -- wget --spider --timeout=1 nevaginx 242 | 242 kubectl -n nevada label pod nevatest type=tester 243 | 243 kubectl exec -it -n nevada nevatest -- wget --spider --timeout=1 nevaginx 244 | 244 kubectl expose -n nevada pod nevaginx --port=80 245 | 245 kubectl exec -it -n nevada nevatest -- wget --spider --timeout=1 nevaginx 246 | 246 history 247 | 247 cat nevapol.yaml 248 | 248 curl -k https://192.168.49.2:8443/healthz 249 | 249 grep -i probe * 250 | 250 vim nginx-probes.yaml 251 | 251 vim busybox-ready.yaml 252 | 252 kubectl apply -f busybox-ready.yaml 253 | 253 kubectl get pods busybox-ready 254 | 254 kubectl describe pod busybox-ready 255 | 255 kubectl exec -it busybox-ready -- touch /tmp/nothin 256 | 256 kubectl exec -it busybox-ready -- touch /tmp/nothing 257 | 257 kubectl get pods busybox-ready 258 | 258 kubectl apply -f redis-deploy.yaml 259 | 259 vim redis-deploy.yaml 260 | 260 kubectl api-versions 261 | 261 vim redis-deploy.yaml 262 | 262 kubectl api-versions 263 | 263 kubectl apply -f redis-deploy.yaml 264 | 264 kubectl get deploy 265 | 265 kubectl delete all 266 | 266 kubectl delete all --all 267 | 267 kubectl api-resources 268 | 268 kubectl api-resources | less 269 | 269 kubectl api-resources | wc -l 270 | 270 kubectl api-resources | grep crd 271 | 271 vim crd-object.yaml 272 | 272 kubectl api-resources | grep backup 273 | 273 kubectl apply -f crd-object.yaml 274 | 274 kubectl api-resources | grep backup 275 | 275 vim crd-backup.yaml 276 | 276 kubectl apply -f crd-backup.yaml 277 | 277 kubectl get backups 278 | 278 history 279 | 279 kubectl explain pod.spec.volumes | less 280 | 280 history 281 | 281 vim redis.yaml 282 | 282 kubectl apply -f redis.yaml 283 | 283 kubectl exec -it redis -- touch /data/redis/helloworld 284 | 284 minikube ssh 285 | 285 kubectl get pods 286 | 286 kubectl exec -it redis -- ls -l /data/redis 287 | 287 minikube ssh 288 | 288 kubectl delete --force pod redis 289 | 289 minikube ssh 290 | 290 kubectl apply -f https://k8s.io/examples/pods/storage/pv-volume.yaml 291 | 291 kubectl describe pv task-pv-volume 292 | 292 minikube addons list 293 | 293 kubectl get storageclass 294 | 294 kubectl describe storageclass 295 | 295 kubectl apply -f https://k8s.io/examples/pods/storage/pv-claim.yaml 296 | 296 kubectl get pvc,pv 297 | 297 kubectl describe pvc task-pv-claim 298 | 298 kubectl apply -f https://k8s.io/examples/pods/storage/pv-pod.yaml 299 | 299 kubectl get pods task-pv-pod -o yaml | less 300 | 300 kubectl exec task-pv-pod -- touch /usr/share/nginx/html/testfile 301 | 301 kubectl describe pv task-pv-volume 302 | 302 minikube ssh 303 | 303 history 304 | 304 kubectl create deploy mydb --image=mariadb --replicas=3 305 | 305 kubectl get pods 306 | 306 kubectl logs mydb-7c9ddb78dc-drpn2 307 | 307 kubectl create cm mydbvars --from-literal=ROOT_PASSWORD=password 308 | 308 kubectl describe cm mydbvars 309 | 309 kubectl set env deploy/mydb --from configmap/mydbvars --prefix=MARIADB_ 310 | 310 kubectl get pods 311 | 311 kubectl get deploy mydb -o yaml | grep env -A 5 312 | 312 echo "hello world" > index.html 313 | 313 kubectl create cm myindex --from-file=index.html 314 | 314 kubectl describe cm myindex 315 | 315 kubectl create cm pw --from-file=/etc/passwd 316 | 316 kubectl describe cm pw 317 | 317 kubectl create deploy myweb --image=nginx 318 | 318 kubectl edit deployments.apps myweb 319 | 319 kubectl get pods 320 | 320 kubectl exec -it myweb-56976c75bc-svskz -- cat /usr/share/nginx/html/index.html 321 | 321 kubectl create secret generic dbpw --from-literal=ROOT_PASSWORD=password 322 | 322 kubectl describe secret dbpw 323 | 323 kubectl get secret dbpw -o yaml 324 | 324 echo cGFzc3dvcmQ= | base64 -d 325 | 325 kubectl create deploy mynewdb --image=mariadb 326 | 326 kubectl set env deploy mynewdb --from=secret/dbpw --prefix=MYSQL_ 327 | 327 history 328 | 328 echo old nginx > index.html 329 | 329 kubectl create cm old --from-file=index.html 330 | 330 echo new nginx > index.html 331 | 331 kubectl create cm new --from-file=index.html 332 | 332 cat canary.yaml 333 | 333 kubectl apply -f canary.yaml 334 | 334 vim canary.yaml 335 | 335 kubectl apply -f canary.yaml 336 | 336 kubectl get all --selector type=canary 337 | 337 kubectl expose deploy old --name=theapp --port=80 --selector type=canary --type=NodePort 338 | 338 kubectl get svc 339 | 339 curl 192.168.49.2:32573 340 | 340 kubectl get deploy 341 | 341 kubectl scale old --replicas=4 342 | 342 kubectl scale deploy old --replicas=4 343 | 343 kubectl get deploy 344 | 344 kubectl config view 345 | 345 kubectl describe pod task-pv-pod 346 | 346 kubectl get sa 347 | 347 kubectl describe pod coredns -n kube-system 348 | 348 kubectl get sa -n kube-system 349 | 349 kubectl create ns bellevue 350 | 350 kubectl create role viewer --verb=get --verb=list --verb=watch --resource=pods -n bellevue 351 | 351 kubectl create sa viewer -n bellevue 352 | 352 kubectl create rolebinding --serviceaccount=bellevue:viewer --role=viewer -n bellevue 353 | 353 kubectl create rolebinding viewer --serviceaccount=bellevue:viewer --role=viewer -n bellevue 354 | 354 kubectl create deploy viewginx --image=nginx --replicas=3 -n bellevue 355 | 355 kubectl set serviceaccount deployment viewginx viewer -n bellevue 356 | 356 kubectl auth can-i get pods --as=system:serviceaccount:bellevue:viewer -n bellevue 357 | 357 kubectl auth can-i get pods --as=system:serviceaccount:bellevue:viewer -n default 358 | 358 kubectl describe serviceaccounts coredns -n kube-system 359 | 359 kubectl describe clusterrolebindings.rbac.authorization.k8s.io system:coredns 360 | 360 kubectl describe clusterrole system:coredns 361 | 361 vim securitycontextdemo2.yaml 362 | 362 kubectl apply -f securitycontextdemo2.yaml 363 | 363 kubectl exec -it security-context-demo -- sh 364 | 364 vim securitycontextdemo.yaml 365 | 365 kubectl apply -f securitycontextdemo.yaml 366 | 366 kubectl get pods 367 | 367 kubectl describe pods nginxsecure 368 | 368 ls 369 | 369 history > /tmp/march25.txt 370 | -------------------------------------------------------------------------------- /history-26sep24.txt: -------------------------------------------------------------------------------- 1 | 1 sudo apt install ubuntu-desktop 2 | 2 sudo systemctl get-default 3 | 3 sudo systemctl disable pd-mapper.service 4 | 4 sudo systemctl disable systemd-networkd-wait-online 5 | 5 sudo apt update -y 6 | 6 ip a 7 | 7 ping nu.nl 8 | 8 sudo apt update 9 | 9 sudo apt upgrade 10 | 10 sudo dpkg --configure -a 11 | 11 sudo reboot 12 | 12 sudo -i 13 | 13 sudo poweroff 14 | 14 ./countdown 1 15 | 15 ./countdown 12 16 | 16 minikube start 17 | 17 minikube stop 18 | 18 minikube start --help 19 | 19 free -m 20 | 20 minikube start --memory=3g --cni=calico 21 | 21 minikube delete 22 | 22 minikube start --memory=3g --cni=calico 23 | 23 minikube status 24 | 24 kubectl get all 25 | 25 docker 26 | 26 ls 27 | 27 cd dockerfile/ 28 | 28 ls 29 | 29 vim Dockerfile 30 | 30 docker build -t countdown . 31 | 31 docker images 32 | 32 docker run countdown 33 | 33 docker run countdown 2 34 | 34 history 35 | 35 cat Dockerfile 36 | 36 docker run --name customweb -it nginx sh 37 | 37 docker commit customweb nginx:custom 38 | 38 docker images 39 | 39 docker run -it nginx:custom ls -l /tmp/testfile 40 | 40 kubectl get ns 41 | 41 source <(kubectl completion bash) 42 | 42 kubectl completion --help | less 43 | 43 kubectl get pods 44 | 44 kubectl run -h | less 45 | 45 kubectl run appone --image=nginx 46 | 46 kubectl get pods 47 | 47 kubectl get pods -A 48 | 48 kubectl create ns secret 49 | 49 kubectl run secretpod --image=nginx -n secret 50 | 50 kubectl get pods 51 | 51 kubectl get pods -n secret 52 | 52 history 53 | 53 cd .. 54 | 54 vim 25init.yaml 55 | 55 kubectl apply -f 25init.yaml 56 | 56 kubectl get all 57 | 57 vim 25init.yaml 58 | 58 kubectl apply -f 25init.yaml 59 | 59 kubectl get pods 60 | 60 cat 25init.yaml 61 | 61 kubectl get pods 62 | 62 history 63 | 63 cat 25init.yaml 64 | 64 vim docs.yaml 65 | 65 kubectl apply -f docs.yaml 66 | 66 kubectl get pods 67 | 67 kubectl delete -f docs.yaml 68 | 68 kubectl get pods 69 | 69 kubectl run nginx1 --image=nginx 70 | 70 kubectl get pods nginx1 -o yaml | less 71 | 71 kubectl delete pods nginx1 72 | 72 kubectl get pods 73 | 73 kubectl run nginx2 --image=nginx 74 | 74 minikube ssh 75 | 75 kubectl get pods 76 | 76 grep centos * 77 | 77 vim sidecar.yaml 78 | 78 kubectl apply -f sidecar.yaml 79 | 79 kubectl get pods 80 | 80 kubectl describe pod sidecar-pod 81 | 81 kubectl logs sidecar-pod 82 | 82 kubectl logs sidecar-pod -c sidecar 83 | 83 arch 84 | 84 kubectl get pods 85 | 85 kubectl delete pod sidecar-pod 86 | 86 kubectl explain jobs.spec | less 87 | 87 kubectl create job onejob --image=busybox -- date 88 | 88 kubectl get jobs,pods 89 | 89 kubectl get pods onejob-w69wh -o yaml | less 90 | 90 kubectl get jobs onejob -o yaml | less 91 | 91 kubectl get jobs,pods 92 | 92 kubectl delete job onejob 93 | 93 kubectl get jobs,pods 94 | 94 kubectl create job twojob --image=busybox --dry-run=client -o yaml -- sleep 5 > twojob.yaml 95 | 95 vim twojob.yaml 96 | 96 kubectl apply -f twojob.yaml 97 | 97 kubectl get jobs,pods 98 | 98 kubectl explain pod.spec | less 99 | 99 kubectl explain pod.spec.containers | less 100 | 100 kubectl get jobs,pods 101 | 101 kubectl delete pod initdemo 102 | 102 kubectl create cronjob -h | less 103 | 103 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster 104 | 104 kubectl get cronjobs,jobs,pods 105 | 105 date 106 | 106 kubectl create job runme --from=cronjob/runme 107 | 107 kubectl get cronjobs,jobs,pods 108 | 108 kubectl logs runme-tkpj2 109 | 109 kubectl delete cronjobs.batch runme 110 | 110 history 111 | 111 vim twojob.yaml 112 | 112 kubectl apply -f twojob.yaml 113 | 113 vim twojob.yaml 114 | 114 kubectl create job threejob --image=busybox --dry-run=client -o yaml -- false > threejob.yaml 115 | 115 vim threejob.yaml 116 | 116 kubectl apply -f threejob.yaml 117 | 117 kubectl get jobs,pods 118 | 118 vim frontend-resources.yaml 119 | 119 kubectl create -f frontend-resources.yaml 120 | 120 kubectl get pods 121 | 121 kubectl get jobs 122 | 122 kubectl delete job threejob 123 | 123 kubectl get pods 124 | 124 kubectl delete -f frontend-resources.yaml 125 | 125 vim frontend-resources.yaml 126 | 126 kubectl apply -f frontend-resources.yaml 127 | 127 kubectl get pods 128 | 128 kubectl get pods -n kube-system 129 | 129 kubectl describe pod frontend 130 | 130 vim frontend-resources.yaml 131 | 131 kubectl apply -f frontend-resources.yaml 132 | 132 kubectl delete -f frontend-resources.yaml 133 | 133 kubectl create -f frontend-resources.yaml 134 | 134 kubectl delete -f frontend-resources.yaml 135 | 135 vim frontend-resources.yaml 136 | 136 kubectl create -f frontend-resources.yaml 137 | 137 kubectl get pods 138 | 138 kubectl describe pod frontend 139 | 139 kubectl logs frontend -c db 140 | 140 kubectl delete -f frontend-resources.yaml 141 | 141 kubectl create deploy upapp --image=nginx:1.17 --replicas=5 142 | 142 kubectl get all 143 | 143 kubectl get deployments.apps upapp -o yaml | grep -A5 strategy 144 | 144 kubectl set -h | less 145 | 145 kubectl set image -h | less 146 | 146 #kubectl set image deploy/upapp nginx=nginx:1.18 147 | 147 #kubectl get all --selector app=upapp 148 | 148 kubectl set image deploy/upapp nginx=nginx:1.18 149 | 149 kubectl get all --selector app=upapp 150 | 150 kubectl get all --show-labels 151 | 151 kubectl edit deploy upapp 152 | 152 kubectl set image deploy/upapp nginx=nginx:1.19 153 | 153 kubectl get all --show-labels 154 | 154 vim rolling.yaml 155 | 155 kubectl create -f rolling.yaml 156 | 156 kubectl rollout history deployment 157 | 157 kubectl edit deployments.apps rolling-nginx 158 | 158 kubectl rollout history deployment 159 | 159 kubectl describe deployments.apps rolling-nginx 160 | 160 kubectl describe deployments.apps rolling-nginx --revision=2 161 | 161 kubectl rollout history deployment rolling-nginx --revision=2 162 | 162 kubectl rollout history deployment rolling-nginx --revision=1 163 | 163 kubectl rollout undo deployment rolling-nginx --to-revision=1 164 | 164 kubectl rollout -h 165 | 165 history 166 | 166 kubectl get all 167 | 167 kubectl get deploy --show-labels 168 | 168 kubectl get all 169 | 169 kubectl describe pod rolling-nginx-6bd86fdcfb-nghnm 170 | 170 kubectl get pods 171 | 171 kubectl get pods rolling-nginx-59f94dfcb4-8snhs 172 | 172 kubectl get pods rolling-nginx-59f94dfcb4-8snhs -o yaml | less 173 | 173 kubectl delete -f rolling.yaml 174 | 174 kubectl get all 175 | 175 kubectl apply -f rolling.yaml 176 | 176 kubectl get pods 177 | 177 kubectl logs rolling-nginx-6bd86fdcfb-2kxzm 178 | 178 kubectl describe rolling-nginx-6bd86fdcfb-2kxzm 179 | 179 kubectl describe pod rolling-nginx-6bd86fdcfb-2kxzm 180 | 180 kubectl delete -f rolling.yaml 181 | 181 vim rolling.yaml 182 | 182 kubectl create -f rolling.yaml 183 | 183 kubectl get all 184 | 184 kubectl delete -f rolling.yaml 185 | 185 kubectl get deploy 186 | 186 kubectl delete deploy upapp 187 | 187 kubectl create deploy nginxsvc --image=nginx 188 | 188 kubectl get all 189 | 189 kubectl get all --selector app=nginxsvc 190 | 190 kubectl get all --selector app=nginxsvc --show-labels 191 | 191 kubectl get all --selector app=nginxsvc 192 | 192 kubectl scale deployment nginxsvc --replicas=3 193 | 193 kubectl get all --selector app=nginxsvc 194 | 194 kubectl expose deployment nginxsvc --port=80 195 | 195 kubectl get all --selector app=nginxsvc 196 | 196 kubectl describe svc nginxsvc 197 | 197 kubectl get svc 198 | 198 curl 10.98.84.17 199 | 199 minikube ssh 200 | 200 kubectl edit svc nginxsvc 201 | 201 kubectl get svc 202 | 202 minikube ip 203 | 203 curl 192.168.49.2:31161 204 | 204 kubectl edit svc nginxsvc 205 | 205 curl 192.168.49.2:31161 206 | 206 kubectl get svc 207 | 207 kubectl describe svc nginxsvc 208 | 208 kubectl edit svc nginxsvc 209 | 209 curl 192.168.49.2:31161 210 | 210 kubectl edit svc nginxsvc 211 | 211 kubectl describe svc nginxsvc 212 | 212 kubectl edit svc nginxsvc 213 | 213 kubectl describe svc nginxsvc 214 | 214 history 215 | 215 history > /tmp/history-25sep24.txt 216 | 216 ip a 217 | 217 ls 218 | 218 sudo poweroff 219 | 219 git clone https://github.com/sandervanvugt/ckad 220 | 220 cd ckad 221 | 221 ls 222 | 222 ls *sh 223 | 223 ./minikube-docker-setup.sh 224 | 224 minikube delete 225 | 225 minikube start --memory=6g --cni=calico 226 | 226 minikube start 227 | 227 kubectl get all 228 | 228 source <(kubectl completion bash) 229 | 229 minikube status 230 | 230 kubectl create deploy nginxsvc 231 | 231 kubectl create deploy nginxsvc --image=nginx --replicas=3 232 | 232 kubectl expose deploy nginxsvc --port=80 233 | 233 kubectl describe svc -n kube-system kube-dns 234 | 234 kubectl create ns elsewhere 235 | 235 kubectl run nginxpod -n elsewhere 236 | 236 kubectl run nginxpod -n elsewhere --image=nginx 237 | 237 kubectl expose -n elsewhere nginxpod --port=80 238 | 238 kubectl expose -n elsewhere pod nginxpod --port=80 239 | 239 kubectl get svc,pods -n elsewhere 240 | 240 kubectl run testpod --image=busybox -- sleep infinity 241 | 241 kubectl exec -it testpod -- cat /etc/resolv.conf 242 | 242 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod 243 | 243 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod.elsewhere.svc.cluster.local 244 | 244 minikube addons list 245 | 245 minikube addons enable ingress 246 | 246 kubectl get ns 247 | 247 kubectl get all -n ingress-nginx 248 | 248 kubectl create ingress -h | less 249 | 249 kubectl get all 250 | 250 kubectl create ing nginx-ingress --rule="/=nginxsvc:80" --rule="/hello=newdep:8080" 251 | 251 kubectl describe ing nginx-ingress 252 | 252 minikube ip 253 | 253 sudo vim /etc/hosts 254 | 254 curl nginxsvc.info 255 | 255 curl nginxsvc.info/hello 256 | 256 kubectl create deploy newdep --image=gcr.io/google-samples/hello-app:2.0 257 | 257 kubectl expose deploy newdep --port=8080 258 | 258 curl nginxsvc.info/hello 259 | 259 kubectl get pods 260 | 260 kubectl logs newdep-5bd57cc949-5zdqp 261 | 261 kubectl get pods -n kube-system | grep -i calico 262 | 262 cd ckad/ 263 | 263 vim nwpolicy-complete-example.yaml 264 | 264 kubectl apply -f nwpolicy-complete-example.yaml 265 | 265 kubectl expose pod nginx --port=80 266 | 266 kubectl exec -it busybox -- wget --spider --timeout=1 nginx 267 | 267 kubectl get pods --show-labels 268 | 268 kubectl label pod busybox access=true 269 | 269 kubectl exec -it busybox -- wget --spider --timeout=1 nginx 270 | 270 kubectl get networkpolicy 271 | 271 kubectl describe networkpolicy 272 | 272 kubectl get pods --show-labels 273 | 273 vim simplenwp.yaml 274 | 274 kubectl get pods 275 | 275 kubectl get pods busybox -o yaml | less 276 | 276 kubectl api-resources | less 277 | 277 vim simplenwp.yaml 278 | 278 kubectl api-resources | less 279 | 279 vim redis-deploy.yaml 280 | 280 kubectl create -f redis-deploy.yaml 281 | 281 kubectl api-resources | less 282 | 282 vim redis-deploy.yaml 283 | 283 kubectl create -f redis-deploy.yaml 284 | 284 vim crd-object.yaml 285 | 285 kubectl api-resources | grep -i back 286 | 286 kubectl create -f crd-object.yaml 287 | 287 kubectl api-resources | grep -i back 288 | 288 cat crd-backup.yaml 289 | 289 kubectl create -f crd-backup.yaml 290 | 290 kubectl get backups -o yaml 291 | 291 kubectl api-resources 292 | 292 /ingress 293 | 293 kubectl api-resources | less 294 | 294 history 295 | 295 vim redis.yaml 296 | 296 vim redis2.yaml 297 | 297 kubectl apply -f redis2.yaml 298 | 298 kubectl describe pods redis 299 | 299 kubectl exec -it redis -- touch /data/redis/helloworld 300 | 300 minikube ssh 301 | 301 kubectl get pods 302 | 302 kubectl exec -it redis -- ls -l /data/redis 303 | 303 minikube ssh 304 | 304 kubectl delete --force pod redis 305 | 305 minikube ssh 306 | 306 kubectl explain pod.spec.volumes | less 307 | 307 kubectl apply -f https://k8s.io/examples/pods/storage/pv-volume.yaml 308 | 308 kubectl describe pv task-pv-volume 309 | 309 minikube addons list 310 | 310 kubectl get storageclass 311 | 311 kubectl describe storageclasses.storage.k8s.io 312 | 312 kubectl apply -f https://k8s.io/examples/pods/storage/pv-claim.yaml 313 | 313 kubectl get pvc task-pv-claim -o yaml 314 | 314 kubectl get pvc,pv 315 | 315 kubectl api-resources | less 316 | 316 kubectl apply -f https://k8s.io/examples/pods/storage/pv-pod.yaml 317 | 317 kubectl describe pod task-pv-pod 318 | 318 kubectl exec task-pv-pod -- touch /usr/share/nginx/html/testfile 319 | 319 kubectl describe pv pv-volume 320 | 320 kubectl describe pv task-pv-volume 321 | 321 minikube ssh 322 | 322 kubectl create deploy mydb --image=mariadb 323 | 323 kubectl get pods 324 | 324 kubectl logs mydb-7d665fb947-9q44f 325 | 325 kubectl set env deploy mydb MYSQL_ROOT_PASSWORD=password 326 | 326 kubectl get all --selector app=mydb 327 | 327 kubectl get deploy mydb -o yaml | less 328 | 328 kubectl get deploy 329 | 329 kubectl delete deploy mydb newdep redis 330 | 330 kubectl create deployment mydb --image=mariadb --replicas=3 331 | 331 kubectl create cm mydbvars --from-literal=ROOT_PASSWORD=password 332 | 332 kubectl describe cm mydbvars 333 | 333 kubectl set env deploy/mydb --from configmap/mydbvars --prefix=MARIADB_ 334 | 334 kubectl get deployments.apps mydb -o yaml | grep env -A 5 335 | 335 history 336 | 336 echo hello world > index.html 337 | 337 kubectl create cm myindex --from-file=index.html 338 | 338 kubectl describe cm myindex 339 | 339 kubectl create deploy myweb --image=nginx 340 | 340 kubectl edit deploy myweb 341 | 341 kubectl expose deploy myweb --port=80 342 | 342 kubectl edit svc myweb 343 | 343 kubectl get svc 344 | 344 curl 192.168.49.2:31873 345 | 345 kubectl create secret generic dbpw --from-literal=ROOT_PASSWORD=password 346 | 346 kubectl describe secrets dbpw 347 | 347 kubectl get secret dbpw -o yaml 348 | 348 echo cGFzc3dvcmQ= | base64 -d 349 | 349 kubectl create deploy mynewdb --image=mariadb 350 | 350 kubectl set env deploy mynewdb --from=secret/dbpw --prefix=MYSQL_ 351 | 351 kubectl get deploy -o yaml | grep -A 5 env 352 | 352 history 353 | 353 echo old nginx > index.html 354 | 354 kubectl create cm old --from-file=index.html 355 | 355 echo new nginx > index.html 356 | 356 kubectl create cm new --from-file=index.html 357 | 357 vim canary.yaml 358 | 358 kubectl apply -f canary.yaml 359 | 359 sed -i -e 's/old/new/' canary.yaml 360 | 360 vim canary.yaml 361 | 361 kubectl apply -f canary.yaml 362 | 362 kubectl get all --selector type=canary 363 | 363 kubectl expose deployment old-version --name=theapp --port=80 --selector type=canary --type=NodePort 364 | 364 kubectl expose deployment old-nginx --name=theapp --port=80 --selector type=canary --type=NodePort 365 | 365 kubectl describe svc theapp 366 | 366 curl 192.168.49.2:31597 367 | 367 history 368 | 368 kubectl get pods 369 | 369 kubectl get pods testpod -o yaml | less 370 | 370 kubectl get roles -A 371 | 371 kubectl get clusterroles 372 | 372 kubectl get clusterrolebindings 373 | 373 kubectl get clusterrolebindings | grep -v ':' 374 | 374 kubectl get pods -n kube-system 375 | 375 kubectl get pods -n kube-system calico-node-6tvh5 -o yaml | less 376 | 376 kubectl create ns bellevue 377 | 377 kubectl create role -h | less 378 | 378 kubectl create role viewer --verb=get --verb=list --verb=watch --resource=pods -n bellevue 379 | 379 kubectl describe role viewer 380 | 380 kubectl describe role viewer -n bellevue 381 | 381 kubectl create sa viewer -n bellevue 382 | 382 kubectl create rolebinding --serviceaccount=bellevue:viewer --role=viewer -n bellevue 383 | 383 kubectl create rolebinding viewer --serviceaccount=bellevue:viewer --role=viewer -n bellevue 384 | 384 kubectl create deploy viewginx --image=nginx --replicas=3 -n bellevue 385 | 385 kubectl set serviceaccount deployment viewginx viewer -n bellevue 386 | 386 kubectl auth can-i get pods --as=system:serviceaccount:bellevue:viewer -n bellevue 387 | 387 kubectl auth can-i get deploy --as=system:serviceaccount:bellevue:viewer -n bellevue 388 | 388 kubectl auth can-i -h | less 389 | 389 kubectl describe serviceaccounts coredns -n kube-system 390 | 390 kubectl describe clusterrolebindings.rbac.authorization.k8s.io system:coredns 391 | 391 kubectl describe clusterrole system:coredns 392 | 392 kubectl get sa -n bellevue 393 | 393 vim securitycontextdemo2.yaml 394 | 394 kubectl apply -f securitycontextdemo2.yaml 395 | 395 kubectl exec -it security-context-demo -- sh 396 | 396 vim securitycontextdemo.yaml 397 | 397 kubectl apply -f securitycontextdemo.yaml 398 | 398 kubectl get pods 399 | 399 kubectl describe pod nginxsecure 400 | 400 ls 401 | 401 cat RESOURCE.TXT 402 | 402 history > /tmp/history-26sep24.txt 403 | -------------------------------------------------------------------------------- /may2025.txt: -------------------------------------------------------------------------------- 1 | 1 minikube start --cni=calico 2 | 2 history 3 | 3 minikube status 4 | 4 find . -name "Dockerfile" 5 | 5 cd dockerfile/ 6 | 6 ls 7 | 7 cat Dockerfile 8 | 8 docker build -t countdown . 9 | 9 docker images 10 | 10 docker build -t docker.io/sandervanvugt/countdown 11 | 11 docker build -t docker.io/sandervanvugt/countdown . 12 | 12 docker push docker.io/sandervanvugt/countdown 13 | 13 docker login docker.io 14 | 14 docker images 15 | 15 docker image inspect countdown:latest 16 | 16 docker run countdown 17 | 17 docker run countdown:latest 5 18 | 18 cd 19 | 19 docker run --name customweb -it nginx sh 20 | 20 docker commit customweb nginx:custom 21 | 21 docker images 22 | 22 docker run -it nginx:custom ls -l /tmp/testfile 23 | 23 history 24 | 24 kubectl explain pod.spec | less 25 | 25 kubectl completion -h | less 26 | 26 source <(kubectl completion bash) 27 | 27 kubectl get all 28 | 28 kubectl get pods 29 | 29 kubectl get pods -A 30 | 30 kubectl get ns 31 | 31 kubectl get pods 32 | 32 kubectl get pods -A 33 | 33 kubectl create ns secret 34 | 34 kubectl run secretpod --image=nginx -n secret 35 | 35 kubectl get pods 36 | 36 kubectl get pods -n secret 37 | 37 docker run countdown:latest 1 38 | 38 vim initc.yaml 39 | 39 sudo apt install -y vim 40 | 40 vim initc.yaml 41 | 41 kubectl apply -f initc.yaml 42 | 42 kubectl get pods 43 | 43 kubectl get pods myapp-pod -o yaml | less 44 | 44 vim sidecar.yaml 45 | 45 history 46 | 46 vim sidecar.yaml 47 | 47 cp initc.yaml lab1.yaml 48 | 48 vim lab1.yaml 49 | 49 kubectl apply -f lab1.yaml 50 | 50 vim lab1.yaml 51 | 51 kubectl apply -f lab1.yaml 52 | 52 kubectl get all 53 | 53 kubectl run nginx1 --image=nginx 54 | 54 kubectl get pods nginx1 -o yaml | grep restartP 55 | 55 kubectl delete pods nginx1 56 | 56 kubectl get pods 57 | 57 kubectl run nginx2 --image=nginx 58 | 58 minikube ssh 59 | 59 kubectl get pods 60 | 60 kubectl api-resources | less 61 | 61 kubectl create job -h | less 62 | 62 kubectl create job onejob --image=busybox -- date 63 | 63 kubectl get jobs,pods 64 | 64 kubectl get pods onejob-mvsg2 -o yaml | grep restartP 65 | 65 kubectl delete job onejob 66 | 66 kubectl get jobs,pods 67 | 67 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml -- sleep 5 > mynewjob.yaml 68 | 68 vim mynewjob.yaml 69 | 69 kubectl apply -f mynewjob.yaml 70 | 70 kubectl get jobs,pods 71 | 71 sleep 30 72 | 72 kubectl get jobs,pods 73 | 73 kubectl create cronjob -h | less 74 | 74 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster 75 | 75 kubectl get cronjobs,jobs,pods 76 | 76 date 77 | 77 kubectl create job runme --from=cronjob/runme 78 | 78 kubectl get cronjobs,jobs,pods 79 | 79 date 80 | 80 kubectl get cronjobs,jobs,pods 81 | 81 kubectl logs runme-29111990-kd7wt 82 | 82 kubectl delete cronjob runme 83 | 83 kubectl get cronjobs,jobs,pods 84 | 84 kubectl explain pods.spec | less 85 | 85 cd ckad/ 86 | 86 vim frontend-resources.yaml 87 | 87 kubectl apply -f frontend-resources.yaml 88 | 88 kubectl get pods 89 | 89 sleep 15 90 | 90 kubectl get pods 91 | 91 kubectl describe pod frontend 92 | 92 kubectl delete -f frontend-resources.yaml 93 | 93 kubectl create ns restricted 94 | 94 kubectl create quota -h | less 95 | 95 kubectl create quota myquota -n restricted --hard=cpu=2,--memory=1G,pods=3 96 | 96 kubectl create quota myquota -n restricted --hard=cpu=2,memory=1G,pods=3 97 | 97 kubectl describe ns restricted 98 | 98 kubectl run pod restructedpod --image=nginx -n restricted 99 | 99 kubectl create deploy restrictdeploy --image=nginx -n restricted 100 | 100 kubectl get all -n restricted 101 | 101 kubectl set resources -n restricted deploy restrictdeploy --limits=cpu=200m,memory=2G 102 | 102 kubectl describe -n restricted deployments.apps restrictdeploy 103 | 103 kubectl describe ns restricted 104 | 104 kubectl set resources -n restricted deploy restrictdeploy --limits=cpu=200m,memory=128M --requests=cpu=100m,memory=64M 105 | 105 kubectl get all -n restricted 106 | 106 kubectl describe ns restricted 107 | 107 history 108 | 108 df -h 109 | 109 kubectl create ns Nebraska 110 | 110 kubectl create ns nebraska 111 | 111 kubectl create deploy snowdeploy --image=nginx -n nebraska 112 | 112 kubectl set resources -h 113 | 113 kubectl set resources -h | less 114 | 114 kubectl set resources deploy snowdeploy -n nebraska --limits=memory=182Mi --requests=memory=64Mi 115 | 115 kubectl describe pod -n nebraska snowdeploy-7d58ff95bc-kzj9z 116 | 116 history 117 | 117 kubectl create deploy upapp --image=nginx:1.17 --replicas=5 118 | 118 kubectl get deploy upapp 119 | 119 kubectl get deploy upapp -o yaml | grep -A5 strategy 120 | 120 kubectl set image deploy/upapp nginx=nginx:1.18;kubectl get all --selector app=upapp 121 | 121 kubectl get all --selector app=upapp 122 | 122 kubectl edit deploy upapp 123 | 123 kubectl get all --selector app=upapp 124 | 124 kubectl set image deploy/upapp nginx=nginx:1.19;kubectl get all --selector app=upapp 125 | 125 kubectl get all --selector app=upapp 126 | 126 vim rolling.yaml 127 | 127 kubectl apply -f rolling.yaml 128 | 128 kubectl rollout history deployment 129 | 129 kubectl edit deploy rolling-nginx 130 | 130 kubectl rollout history deployment 131 | 131 kubectl describe deployments.apps rolling-nginx 132 | 132 kubectl rollout history deployment rolling-nginx --reivsion=2 133 | 133 kubectl rollout history deployment rolling-nginx --revision=2 134 | 134 kubectl rollout history deployment rolling-nginx --revision=1 135 | 135 kubectl rollout undo deployment rolling-nginx --to-revision=1 136 | 136 kubectl get deploy 137 | 137 kubectl delete deploy rolling-nginx 138 | 138 kubectl expose deploy upapp --port=80 139 | 139 kubectl get all --selector app=upapp 140 | 140 kubectl describe svc upapp 141 | 141 kubectl get pods -o wide --selector app=upapp 142 | 142 kubectl scale deployment upapp --replicas=2 143 | 143 kubectl describe svc upapp 144 | 144 history 145 | 145 kubectl create deploy nginxsvc --image=nginx 146 | 146 kubectl scale deployment nginxsvc --replicas=3 147 | 147 kubectl expose deployment nginxsvc --port=80 148 | 148 kubectl describe svc nginxsvc 149 | 149 kubectl get pods --show-labels 150 | 150 kubectl get svc 151 | 151 kubectl get endpoints 152 | 152 curl 10.106.246.4 153 | 153 minikube ssh 154 | 154 kubectl edit svc nginxsvc 155 | 155 kubectl get svc 156 | 156 minikube ip 157 | 157 curl 192.168.49.2:31649 158 | 158 kubectl get svc,pods -n kube-system 159 | 159 kubectl exec -it nginx2 -- cat /etc/resolv.conf 160 | 160 kubectl exec -it nginx2 -- nslookup nginxsvc.default.svc.cluster.local 161 | 161 kubectl exec -it nginx2 -- ping nginxsvc.default.svc.cluster.local 162 | 162 kubectl describe svc -n kube-system kube-dns 163 | 163 kubectl create ns elsewhere 164 | 164 kubectl run nginxpod --image=nginx -n elsewhere 165 | 165 kubectl expose -n elsewhere pod nginxpod --port=80 166 | 166 kubectl run testpod --image=busybox -- sleep infinity 167 | 167 kubectl exec -it testpod -- cat /etc/resolv.conf 168 | 168 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod 169 | 169 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod.elsewhere.svc.cluster.local 170 | 170 kubectl get all -n elsewhere 171 | 171 minikube addons list 172 | 172 minikube addons enable ingress 173 | 173 kubectl get ns 174 | 174 kubectl get all -n ingress-nginx 175 | 175 kubectl create ing -h | less 176 | 176 kubectl create ing nginxsvc-ingress --rule="/=nginxsvc:80" 177 | 177 kubectl describe ing nginxsvc-ingress 178 | 178 sudo vim /etc/hosts 179 | 179 curl nginxsvc.info 180 | 180 history 181 | 181 history > /tmp/may2025.txt 182 | 182 ip a 183 | 183 sudo apt install openssh-server 184 | 184 kubectl get pods -n kube-system 185 | 185 history | less 186 | 186 vim nwpolicy-complete-example.yaml 187 | 187 kubectl apply -f nwpolicy-complete-example.yaml 188 | 188 kubectl expose pod nginx --port=80 189 | 189 kubectl exec -it busybox -- wget --spider --timeout=1 nginx 190 | 190 kubectl label pod busybox access="true" 191 | 191 kubectl exec -it busybox -- wget --spider --timeout=1 nginx 192 | 192 history 193 | 193 kubectl describe netpol access-nginx 194 | 194 kubectl get pods --show-labels 195 | 195 vim somethinglikethis.yaml 196 | 196 history 197 | 197 curl -k https://192.168.49.2:8443/healthz 198 | 198 grep -i probe * 199 | 199 vim nginx-probes.yaml 200 | 200 kubectl get pods -n kube-system 201 | 201 kubectl edit -n kube-system kube-apiserver-minikube 202 | 202 kubectl edit pod -n kube-system kube-apiserver-minikube 203 | 203 kubectl get ns 204 | 204 kubectl api-versions 205 | 205 cat redis-deploy.yaml 206 | 206 kubectl create -f redis-deploy.yaml 207 | 207 kubectl api-resources | less 208 | 208 vim redis-deploy.yaml 209 | 209 kubectl create -f redis-deploy.yaml 210 | 210 kubectl explain --recursive deploy.spec | less 211 | 211 kubectl api-resources | grep -i custom 212 | 212 vim crd-object.yaml 213 | 213 kubectl api-resources | grep backup 214 | 214 kubectl create -f crd-object.yaml 215 | 215 kubectl api-resources | grep backup 216 | 216 vim crd-backup.yaml 217 | 217 kubectl create -f crd-backup.yaml 218 | 218 kubectl get backups 219 | 219 kubectl get crds 220 | 220 kubectl explain pod.spec.volumes | less 221 | 221 kubectl apply -f https://k8s.io/examples/pods/storage/redis.yaml 222 | 222 kubectl describe pod redis 223 | 223 kubectl exec -it redis -- touch /data/redis/helloworld 224 | 224 minikube ssh 225 | 225 kubectl get pods 226 | 226 kubectl exec -it redis -- ls -l /data/redis 227 | 227 kubectl delete --force pod redis 228 | 228 minikube ssh 229 | 229 ./countdown 13 230 | 230 kubectl apply -f https://k8s.io/examples/pods/storage/pv-volume.yaml 231 | 231 kubectl describe pv task-pv-volume 232 | 232 kubectl get pv task-pv-volume -o yaml 233 | 233 minikube addons list 234 | 234 kubectl get storageclass 235 | 235 kubectl describe storageclasses.storage.k8s.io 236 | 236 kubectl get pv,pvc 237 | 237 kubectl apply -f https://k8s.io/examples/pods/storage/pv-claim.yaml 238 | 238 kubectl get pv,pvc 239 | 239 kubectl describe pvc task-pv-claim 240 | 240 kubectl apply -f https://k8s.io/examples/pods/storage/pv-pod.yaml 241 | 241 kubectl get pods task-pv-pod -o yaml | less 242 | 242 kubectl exec task-pv-pod -- touch /usr/share/nginx/html/testfile 243 | 243 kubectl describe pv task-pv-volume 244 | 244 minikube ssh 245 | 245 vim labvol.yaml 246 | 246 kubectl apply -f labvol.yaml 247 | 247 kubectl exec hostpath-example-linux -- cat /usr/share/nginx/html/index.html 248 | 248 cat labvol.yaml 249 | 249 kubectl expose pod hostpath-example-linux --port=80 250 | 250 kubectl label pod hostpath-example-linux app=hostpath 251 | 251 kubectl expose pod hostpath-example-linux --port=80 252 | 252 kubectl get svc 253 | 253 kubectl edit svc hostpath-example-linux 254 | 254 kubectl get svc 255 | 255 kubectl edit svc hostpath-example-linux 256 | 256 kubectl get svc 257 | 257 curl 192.168.49.2:32032 258 | 258 history 259 | 259 cat labvol.yaml 260 | 260 kubectl create deploy mydb --image=mariadb 261 | 261 kubectl get all --selector app=mydb 262 | 262 kubectl describe pod mydb-7c9ddb78dc-gjxtr 263 | 263 kubectl logs mydb-7c9ddb78dc-gjxtr 264 | 264 kubectl set env deploy mydb MARIADB_ROOT_PASSWORD=password 265 | 265 kubectl get deployments.apps mydb -o yaml > mydb.yaml 266 | 266 vim mydb.yaml 267 | 267 history 268 | 268 kubectl create configmap -h | less 269 | 269 kubectl get deploy 270 | 270 kubectl delete deploy mydb nginxsvc redis upapp 271 | 271 minikube ssh 272 | 272 df -h 273 | 273 kubectl get deploy 274 | 274 kubectl create deploy mydb --image=mariadb --replicas=3 275 | 275 kubectl get all --selector app=mydb 276 | 276 kubectl create cm mydbvars --from-literal=ROOT_PASSWORD=password 277 | 277 kubectl get cm mydbvars -o yaml 278 | 278 kubectl set env deploy/mydb --from configmap/mydbvars --prefix=MARIADB_ 279 | 279 kubectl get deploy mydb -o yaml | grep env -A 5 280 | 280 df -h 281 | 281 sudo poweroff 282 | 282 ./countdown 15 283 | 283 ./countdown 17 284 | 284 ./countdown 12 285 | 285 ./countdown 1 286 | 286 ./countdown 8 287 | 287 ./countdown 13 288 | 288 sudo apt install docker.io 289 | 289 sudo systemctl stop docker 290 | 290 sudo systemctl disable --now docker.socket 291 | 291 systemctl --user start docker.service 292 | 292 systemctl --user start dockerd.service 293 | 293 sudo systemctl status docker.service 294 | 294 free -m 295 | 295 git clone https://github.com/sandervanvugt/ckad 296 | 296 cd ckad 297 | 297 ls 298 | 298 ./minikube-docker-setup.sh 299 | 299 sudo fdisk /dev/nvme0n1 300 | 300 sudo resize2fs /dev/nvme0n1p2 301 | 301 df -h 302 | 302 minikube start 303 | 303 minikube ssh 304 | 304 kubectl get deploy mydb -o yaml | grep env -A 5 305 | 305 source <(kubectl completion bash) 306 | 306 history 307 | 307 echo hello configuration > index.html 308 | 308 kubectl create cm myindex --from-file=index.html 309 | 309 rm index.html 310 | 310 kubectl describe cm myindex 311 | 311 kubectl create deploy myweb --image=nginx 312 | 312 kubectl edit deploy myweb 313 | 313 kubectl exec myweb-56976c75bc-8dhpg -- cat /usr/share/nginx/html/index.html 314 | 314 kubectl create secret generic dbpw --from-literal=ROOT_PASSWORD=password 315 | 315 kubectl describe secret dbpw 316 | 316 kubectl get secret dbpw -o yaml 317 | 317 echo cGFzc3dvcmQ= | base64 -d 318 | 318 kubectl create deploy mybewdb --image=mariadb 319 | 319 kubectl set env deploy mybewdb --from=secret/dbpw --prefix=MARIADB_ 320 | 320 history 321 | 321 kubectl create ns indiana 322 | 322 kubectl create secret generic -n indiana insecret --from-literal=COLOR=blue 323 | 323 kubectl run -n indiana inpod --image=nginx --dry-run=client -o yaml > inpod.yaml 324 | 324 kubectl get pods mybewdb-84799cd96b-6chds -o yaml 325 | 325 vim inpod.yaml 326 | 326 kubectl apply -f inpod.yaml 327 | 327 vim inpod.yaml 328 | 328 kubectl apply -f inpod.yaml 329 | 329 kubectl exec -n indiana -- echo $COLOR 330 | 330 kubectl exec -n indiana inpod -- echo $COLOR 331 | 331 history 332 | 332 vim inpod.yaml 333 | 333 echo old nginx > index.html 334 | 334 kubectl create cm old --from-file=index.html 335 | 335 echo new nginx > index.html 336 | 336 kubectl create cm new --from-file=index.html 337 | 337 cd ckad 338 | 338 cat canary.yaml 339 | 339 vim canary.yaml 340 | 340 kubectl apply -f canary.yaml 341 | 341 kubectl get all --selector type=canary 342 | 342 vim canary.yaml 343 | 343 kubectl apply -f canary.yaml 344 | 344 kubectl get all --selector type=canary 345 | 345 kubectl expose deploy old-version --name=theapp --port=80 --selector type=canary --type=NodePort 346 | 346 kubectl expose deploy old --name=theapp --port=80 --selector type=canary --type=NodePort 347 | 347 kubectl get all --selector type=canary 348 | 348 curl 192.168.49.2:31018 349 | 349 history 350 | 350 kubectl exec -it -n indiana inpod -- bash 351 | 351 kubectl exec -n indiana inpod -- sh -c 'echo $COLOR' 352 | 352 kubectl exec -n indiana inpod -- env 353 | 353 cd 354 | 354 cd .kube 355 | 355 ls 356 | 356 less config 357 | 357 kubectl get pods 358 | 358 kubectl get pods -o yaml | less 359 | 359 kubectl get pods -n kube-system calico-node-x8kjw -o yaml | less 360 | 360 kubectl get sa 361 | 361 kubectl get sa -n kube-system 362 | 362 kubectl get sa storage-provisioner -n kube-system -o yaml 363 | 363 kubectl create ns bellevue 364 | 364 kubectl create role viewer -n bellevue --verb=get --verb=list --verb=watch --resource=pods 365 | 365 kubectl create sa viewer -n bellevue 366 | 366 kubectl create rolebinding --serviceaccount=bellevue:viewer --role=viewer -n bellevue 367 | 367 kubectl create rolebinding viewer --serviceaccount=bellevue:viewer --role=viewer -n bellevue 368 | 368 kubectl create deploy viewnginx --image=nginx --replicas=3 -n bellevue 369 | 369 kubectl set serviceaccount deployment viewginx viewer -n bellevue 370 | 370 kubectl set serviceaccount deployment viewnginx viewer -n bellevue 371 | 371 kubectl auth can-i get pods --as--systemLserviceaccount:bellevue:viewer -n bellevue 372 | 372 kubectl auth can-i get pods --as--system:serviceaccount:bellevue:viewer -n bellevue 373 | 373 kubectl auth can-i get pods --as=system:serviceaccount:bellevue:viewer -n bellevue 374 | 374 kubectl auth can-i get pods --as=system:serviceaccount:bellevue:viewer -n default 375 | 375 cd ~/ckad 376 | 376 vim securitycontextdemo2.yaml 377 | 377 kubectl apply -f securitycontextdemo2.yaml 378 | 378 kubectl exec -it security-context-demo -- sh 379 | 379 vim securitycontextdemo.yaml 380 | 380 kubectl apply -f securitycontextdemo.yaml 381 | 381 kubectl get pods 382 | 382 kubectl describe pod nginxsecure 383 | 383 less RESOURCE.TXT 384 | 384 history > may2025.txt 385 | 385 ip a 386 | 386 history > /tmp/may2025.txt 387 | -------------------------------------------------------------------------------- /dec2024.txt: -------------------------------------------------------------------------------- 1 | 1 sudo apt install ubuntu-desktop 2 | 2 sudo systemctl get-default 3 | 3 sudo systemctl disable pd-mapper.service 4 | 4 sudo systemctl disable systemd-networkd-wait-online 5 | 5 sudo apt update -y 6 | 6 ip a 7 | 7 ping nu.nl 8 | 8 sudo apt update 9 | 9 sudo apt upgrade 10 | 10 sudo dpkg --configure -a 11 | 11 sudo reboot 12 | 12 sudo -i 13 | 13 sudo poweroff 14 | 14 minikube start --help | less 15 | 15 free -m 16 | 16 minikube start --cni=calico 17 | 17 minikube status 18 | 18 kubectl get all 19 | 19 ls 20 | 20 cd dockerfile/ 21 | 21 ls 22 | 22 vim Dockerfile 23 | 23 docker build -t myapp . 24 | 24 docker images 25 | 25 docker image inspect myapp:latest | less 26 | 26 docker run myapp 27 | 27 docker run myapp 3 28 | 28 docker run myapp bash 29 | 29 vim Dockerfile 30 | 30 docker build -t myapp . 31 | 31 docker run myapp 32 | 32 docker run myapp bash 33 | 33 docker run myapp sh 34 | 34 docker run -it myapp sh 35 | 35 docker run myapp 2 36 | 36 vim Dockerfile 37 | 37 docker build -t breaktimer . 38 | 38 docker run -it alpine 39 | 39 history 40 | 40 docker run --name customweb -it nginx sh 41 | 41 docker commit customweb nginx:custom 42 | 42 docker images 43 | 43 docker run -ti nginx:custom ls -l /tmp/testfile 44 | 44 cd 45 | 45 kubectl -h | less 46 | 46 kubectl create -h | less 47 | 47 kubectl create deploy -h | less 48 | 48 kubectl completion -h | less 49 | 49 source <(kubectl completion bash) 50 | 50 kubectl run firstpod 51 | 51 kubectl run firstpod --image=nginx 52 | 52 kubectl get pods 53 | 53 kubectl get pods firstpod -o yaml | less 54 | 54 kubectl explain pods.spec | less 55 | 55 history 56 | 56 kubectl get ns 57 | 57 kubectl api-resources | less 58 | 58 kubectl get pods 59 | 59 kubectl get pods -n default 60 | 60 kubectl get pods -n kube-system 61 | 61 kubectl get pods -A 62 | 62 kubectl create ns secret 63 | 63 kubectl run secretpod -n secret --image=nginx 64 | 64 kubectl get all 65 | 65 kubectl get all -n secret 66 | 66 kubectl -n kube-system get pods coredns-6f6b679f8f-j6b2r 67 | 67 docker images 68 | 68 docker run breaktimer 1 69 | 69 history 70 | 70 vim initdemo.yaml 71 | 71 kubectl apply -f initdemo.yaml 72 | 72 vim initdemo.yaml 73 | 73 kubectl apply -f initdemo.yaml 74 | 74 kubectl get pods 75 | 75 history 76 | 76 echo $EDITOR 77 | 77 export EDITOR=/usr/bin/nano 78 | 78* kubectl edit pod firstp 79 | 79 export EDITOR=/usr/bin/vim 80 | 80 docker run breaktimer 12 81 | 81 vim initdemo.yaml 82 | 82 docker run breaktimer 5 83 | 83 kubectl explain pod.spec.initcontainer 84 | 84 kubectl explain pod.spec.initcontainers 85 | 85 kubectl explain pod.spec | less 86 | 86 kubectl explain pod.spec.initContainers 87 | 87 kubectl explain pod.spec.initContainers | less 88 | 88 vim initdemo.yaml 89 | 89 kubectl apply -f initdemo.yaml 90 | 90 kubectl get pods 91 | 91 kubectl describe pod sidecardemo 92 | 92 vim initdemo.yaml 93 | 93 kubectl apply -f initdemo.yaml 94 | 94 kubectl get pods sidecardemo -o yaml 95 | 95 vim initdemo.yaml 96 | 96 kubectl version 97 | 97 kubectl run nginx1 --image=nginx 98 | 98 kubectl get pods nginx1 -o yaml | grep restartP 99 | 99 kubectl delete pods nginx1 100 | 100 kubectl get ods 101 | 101 kubectl get pods 102 | 102 kubectl run nginx2 --image=nginx 103 | 103 minikube ssh 104 | 104 kubectl get pods 105 | 105 kubectl create job -h | less 106 | 106 kubectl create job --image=busybox -- date 107 | 107 kubectl create job onejob --image=busybox -- date 108 | 108 kubectl get jobs,pods 109 | 109 kubectl get jobs onejob -o yaml | less 110 | 110 kubectl delete job onejob 111 | 111 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml -- sleep 5 112 | 112 kubectl create job mynewjob --image=busybox --dry-run=client -o yaml -- sleep 5 > mynewjob.yaml 113 | 113 vim mynewjob.yaml 114 | 114 kubectl apply -f mynewjob.yaml 115 | 115 kubectl get jobs,pods 116 | 116 kubectl create cronjob -h | less 117 | 117 #kubectl create cronjob my-job --image=busybox --schedule="*/1 * * * *" -- date 118 | 118 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster 119 | 119 kubectl get cronjobs,jobs,pods 120 | 120 kubectl create job runme --from=cronjob/runme 121 | 121 kubectl get cronjobs,jobs,pods 122 | 122 kubectl logs runme-7t76j 123 | 123 kubectl get cronjobs,jobs,pods 124 | 124 kubectl delete cronjobs.batch runme 125 | 125 docker run breaktimer 1 126 | 126 history 127 | 127 kubectl get events 128 | 128 kubectl create job runme --from=cronjob/runme >> file.log 129 | 129 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster >> file.log 130 | 130 cat file.log 131 | 131 kubectl create cronjob runme --image=busybox --schedule="*/2 * * * *" -- echo greetings from the cluster 132 | 132 kubectl logs runme-28906144-kdl9l 133 | 133 kubectl logs runme-28906144-kdl9l >> file.log 134 | 134 cat file.log 135 | 135 docker run breaktimer 12 136 | 136 vim rscs.yaml 137 | 137 kubectl apply -f rscs.yaml 138 | 138 kubectl get pods 139 | 139 kubectl describe pod frontend 140 | 140 kubectl delete -f rscs.yaml 141 | 141 vim rscs.yaml 142 | 142 kubectl apply -f rscs.yaml 143 | 143 kubectl get pods 144 | 144 kubectl describe pod frontend 145 | 145 kubectl delete -f rscs.yaml 146 | 146 vim rscs.yaml 147 | 147 kubectl apply -f rscs.yaml 148 | 148 kubectl get pods 149 | 149 kubectl create quota -h | less 150 | 150 kubectl create quota my-quota --hard=cpu=1,memory=1G,pods=2,services=3,replicationcontrollers=2,resourcequotas=1,secrets=5,persistentvolumeclaims=10 151 | 151 kubectl run myapp --image=nginx 152 | 152 kubectl describe ns default 153 | 153 vim rscs.yaml 154 | 154 kubectl apply -f rscs.yaml 155 | 155 kubectl delete -f rscs.yaml 156 | 156 kubectl delete quota my-quota 157 | 157 kubectl describe ns default 158 | 158 kubectl create ns restricted 159 | 159 kubectl create quota myquota -n restricted --hard=cpu=2,memory=1G,pods=3 160 | 160 kubectl describe ns restricted 161 | 161 kubectl run pod restructedpod --image=nginx -n restricted 162 | 162 kubectl create deploy restricteddeploy --image=nginx -n restricted 163 | 163 kubectl get all -n restricted 164 | 164 kubectl describe rs restricteddeploy-8cf89bcbf 165 | 165 kubectl describe rs restricteddeploy-8cf89bcbf -n restricted 166 | 166 kubectl set resources -n restricted deploy restricteddeploy --limits=200m,memory=2G 167 | 167 kubectl set resources -n restricted deploy restricteddeploy --limits=cpu=200m,memory=2G 168 | 168 kubectl get all -n restricted 169 | 169 kubectl describe -n restricted replicaset restricteddeploy-68d6898ddb 170 | 170 kubectl set resources -n restricted deploy restricteddeploy --limits=cpu=200m,memory=2G --requests=cpu=100m,memory=8M 171 | 171 kubectl get all -n restricted 172 | 172 kubectl describe ns restricted 173 | 173 kubectl scale -n restricted deployment restricteddeploy --replicas=6 174 | 174 kubectl describe ns restricted 175 | 175 kubectl get all -n restricted 176 | 176 history 177 | 177 docker run breaktimer 1 178 | 178 kubectl create deploy upapp --image=nginx:1.17 --replicas=5 179 | 179 kubectl get deploy upapp -o yaml | grep -i -A5 strategy 180 | 180 kubectl set image deploy/upapp nginx=nginx:1.18; kubectl get all --selector app=upapp; sleep 2; kubectl get all --selector app=upapp 181 | 181 kubectl edit deployments.apps upapp 182 | 182 kubectl set image deploy/upapp nginx=nginx:1.19; sleep 1; kubectl get all --selector app=upapp 183 | 183 kubectl get all --selector app=upapp 184 | 184 docker run breaktimer 12 185 | 185 cd ckad/ 186 | 186 vim rolling.yaml 187 | 187 kubectl create -f rolling.yaml 188 | 188 kubectl rollout history deployment 189 | 189 kubectl edit deployments.apps rolling-nginx 190 | 190 kubectl rollout history deployment 191 | 191 kubectl describe deployments.apps rolling-nginx 192 | 192 kubectl rollout history deployment rolling-nginx --revision=2 193 | 193 kubectl rollout history deployment rolling-nginx --revision=1 194 | 194 kubectl rollout undo deployment rolling-nginx --to-revision=1 195 | 195 kubectl create deploy nginxsvc --image=nginx 196 | 196 kubectl scale deploy nginxsvc --replicas=3 197 | 197 kubectl expose svc deploy nginxsvc --port=80 198 | 198 kubectl expose deploy nginxsvc --port=80 199 | 199 kubectl get all --selector app=nginxsvc 200 | 200 curl 10.111.133.139 201 | 201 kubectl describe svc nginxsvc 202 | 202 kubectl explain service.spec | less 203 | 203 kubectl get all --selector app=nginxsvc 204 | 204 kubectl get endpoints 205 | 205 minikube ssh 206 | 206 kubectl edit svc nginxsvc 207 | 207 kubectl get svc 208 | 208 minikube ip 209 | 209 curl 192.168.49.2:32000 210 | 210 kubectl edit svc nginxsvc 211 | 211 curl 192.168.49.2:32000 212 | 212 kubectl describe svc nginxsvc 213 | 213 kubectl edit svc nginxsvc 214 | 214 curl 192.168.49.2:32000 215 | 215 history 216 | 216 docker run breaktimer 1 217 | 217 kubectl describe svc -n kube-system kube-dns 218 | 218 kubectl create ns elsewhere 219 | 219 kubectl run nginxpod --image=nginx -n elsewhere 220 | 220 kubectl expose -n elsewhere pod nginxpod --port=80 221 | 221 kubectl run testpod --image=busybox -- sleep infinity 222 | 222 kubectl exec -it testpod -- cat /etc/resolv.conf 223 | 223 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod 224 | 224 kubectl exec -it testpod -- wget --spider --timeout=1 nginxpod.elsewhere.svc.cluster.local 225 | 225 history 226 | 226 history > /tmp/dec2024.txt 227 | 227 ip a 228 | 228 minikube addons list 229 | 229 minikube addons enable ingress 230 | 230 kubectl get ns 231 | 231 kubectl get all -n ingress-nginx 232 | 232 kubectl get all --selector app=nginxsvc 233 | 233 kubectl create ing -h | less 234 | 234 kubectl create ing nginxsvc-ingress --rule="/=nginxsvc:80" --rule="/hello=newdep:8080" 235 | 235 sudo vim /etc/hosts 236 | 236 kubectl describe ing nginxsvc-ingress 237 | 237 curl nginxsvc.info 238 | 238 kubectl create deploy newdep --image=gcr.io/google-samples/hello-app:2.0 239 | 239 kubectl expose deploy newdep --port=8080 240 | 240 kubectl get all --selector app=newdep 241 | 241 kubectl logs newdep-5bd57cc949-lktfn 242 | 242 curl nginxsvc.info/hello 243 | 243 docker run breaktimer 3 244 | 244 kubectl get pods -n kube-system 245 | 245 vim nwpolicy-complete-example.yaml 246 | 246 kubectl apply -f nwpolicy-complete-example.yaml 247 | 247 kubectl expose pod nginx --port=80 248 | 248 kubectl exec -it busybox -- wget --spider --timeout=1 nginx 249 | 249 kubectl label pod busybox access="true" 250 | 250 kubectl exec -it busybox -- wget --spider --timeout=1 nginx 251 | 251 vim nwp.yaml 252 | 252 curl -k https://192.168.49.2:8443/healthz 253 | 253 kubectl get -n kube-system pods 254 | 254 kubectl get -n kube-system pod kube-apiserver-minikube -o yaml | less 255 | 255 kubectl explain pod.spec.readinessProbe 256 | 256 kubectl get -n kube-system pod kube-apiserver-minikube -o yaml | less 257 | 257 kubectl explain pod.spec.containers.readinessProbe 258 | 258 kubectl explain pod.spec.containers.readinessProbe | less 259 | 259 docker run breaktimer 12 260 | 260 kubectl api-resources | less 261 | 261 kubectl api-resources | wc -l 262 | 262 kubectl apply -f redis-deploy.yaml 263 | 263 vim redis-deploy.yaml 264 | 264 kubectl api-version 265 | 265 kubectl api-versions 266 | 266 kubectl api-resources | grep eployment 267 | 267 vim crd-object.yaml 268 | 268 kubectl api-resources | grep backup 269 | 269 kubectl create -f crd-object.yaml 270 | 270 kubectl api-resources | grep backup 271 | 271 cat crd-backup.yaml 272 | 272 kubectl create -f crd-backup.yaml 273 | 273 kubectl get backups 274 | 274 vim morevolumes.yaml 275 | 275 kubectl apply -f morevolumes.yaml 276 | 276 kubectl explain pod.spec.volumes 277 | 277 kubectl get pods 278 | 278 kubectl exec -it morevol2 -c centos1 -- touch /centos1/onefile 279 | 279 kubectl exec -it morevol2 -c centos2 -- ls /centos2 280 | 280 kubectl apply -f https://k8s.io/examples/pods/storage/redis.yaml 281 | 281 kubectl describe pods redis 282 | 282 kubectl exec -it redis -- touch /data/redis/helloworld 283 | 283 minikube ssh 284 | 284 kubectl get pods redis 285 | 285 kubectl exec -it redis -- ls -l /data/redis 286 | 286 minikube ssh 287 | 287 kubectl delete --force pod redis 288 | 288 minikube ssh 289 | 289 kubectl apply -f https://k8s.io/examples/pods/storage/pv-volume.yaml 290 | 290 kubectl get pv,pvc 291 | 291 kubectl describe pv task-pv-volume 292 | 292 minikube addons list 293 | 293 kubectl get storageclasses.storage.k8s.io 294 | 294 kubectl describe storageclasses.storage.k8s.io 295 | 295 kubectl apply -f https://k8s.io/examples/pods/storage/pv-claim.yaml 296 | 296 kubectl get pv,pvc 297 | 297 kubectl apply -f https://k8s.io/examples/pods/storage/pv-pod.yaml 298 | 298 kubectl describe pod task-pv-pod 299 | 299 kubectl exec task-pv-pod -- touch /usr/share/nginx/html/testfile 300 | 300 kubectl describe pv pv-volume 301 | 301 kubectl describe pv task-pv-volume 302 | 302 minikube ssh 303 | 303 ls p* 304 | 304 vim pvc.yaml 305 | 305 kubectl apply -f pvc.yaml 306 | 306 kubectl get pvc 307 | 307 docker run breaktimer 13 308 | 308 history 309 | 309 kubectl create deploy mydb --image=mariadb 310 | 310 kubectl get all --selector app=mydb 311 | 311 kubectl describe pod mydb-7d665fb947-pm6wn 312 | 312 kubectl logs mydb-7d665fb947-pm6wn 313 | 313 kubectl set env mydb MARIADB_ROOT_PASSWORD=password 314 | 314 kubectl set env deploy mydb MARIADB_ROOT_PASSWORD=password 315 | 315 kubectl get all --selector app=mydb 316 | 316 kubectl get pods mydb-dcbc9b8f7-smgmk -o yaml | less 317 | 317 kubectl delete deploy mydb 318 | 318 kubectl create deploy mydb --image=mariadb --replicas=3 319 | 319 kubectl get all --selector app=mydb 320 | 320 kubectl create cm mydbvars --from-literal=ROOT_PASSWORD=password 321 | 321 kubectl set env deploy/mydb --from configmap/mydbvars --prefix=MARIADB_ 322 | 322 kubectl get deploy mydb -o yaml | grep env -A 5 323 | 323 history 324 | 324 echo hello world > index.html 325 | 325 kubectl create cm myindex --from-file=index.html 326 | 326 rm index.html 327 | 327 kubectl describe cm myindex 328 | 328 kubectl create deploy myweb --image=nginx 329 | 329 kubectl edit deploy myweb 330 | 330 kubectl exec -it myweb-8465b5695f-kp8fb -- cat /usr/share/nginx/html/index.html 331 | 331 kubectl create secret generic dbpw --from-literal=ROOT_PASSWORD=password 332 | 332 kubectl describe secret dbpw 333 | 333 kubectl create secret dbpw -o yaml | less 334 | 334 kubectl get secret dbpw -o yaml | less 335 | 335 echo cGFzc3dvcmQ= | base64 -d 336 | 336 kubectl create deploy mynewdb --image=mariadb 337 | 337 kubectl set env deploy mynewdb --from=secret/dbpw --prefix=MYSQL_ 338 | 338 kubectl get deploy mynewdb -o yaml | less 339 | 339 history 340 | 340 kubectl get pods 341 | 341 echo old nginx > index.html 342 | 342 kubectl create cm old --from-file=index.html 343 | 343 echo new nginx > index.html 344 | 344 kubectl create cm new --from-file=index.html 345 | 345 cat canary.yaml 346 | 346 vim canary.yaml 347 | 347 kubectl apply -f canary.yaml 348 | 348 kubectl get all --selector type=canary 349 | 349 vim canary.yaml 350 | 350 kubectl apply -f canary.yaml 351 | 351 kubectl get all --selector type=canary 352 | 352 kubectl expose deploy old --name=theapp --port=80 --selector type=canary --type=NodePort 353 | 353 kubectl get endpoints 354 | 354 kubectl get svc 355 | 355 curl 192.168.49.2:31286 356 | 356 cd 357 | 357 ls -a 358 | 358 vim .kube/config 359 | 359 kubectl get pods 360 | 360 kubectl get pods testpod -o yaml | less 361 | 361 kubectl get sa 362 | 362 kubectl get sa -A 363 | 363 kubectl get pods -n kube-system 364 | 364 kubectl get pods -n kube-system calico-node-vz9v7 -o yaml | less 365 | 365 history 366 | 366 kubectl create ns bellevue 367 | 367 kubectl create role -h | less 368 | 368 kubectl create role viewer --verb=get --verb=list --verb=watch --resource=pods -n bellevue 369 | 369 kubectl create sa viewer -n bellevue 370 | 370 kubectl create rolebinding --serviceaccount=bellevue:viewer --role=viewer -n bellevue 371 | 371 kubectl create rolebinding viewer --serviceaccount=bellevue:viewer --role=viewer -n bellevue 372 | 372 kubectl create deploy viewginx --image=nginx --replicas=3 -n bellevue 373 | 373 kubectl set serviceaccount deployment viewginx viewer -n bellevue 374 | 374 kubectl get deploy viewginx -n bellevue -o yaml | grep ervice 375 | 375 kubectl auth can-i get pods --as=system:serviceaccount:bellevue:viewer -n bellevue 376 | 376 kubectl auth can-i get deploy --as=system:serviceaccount:bellevue:viewer -n bellevue 377 | 377 kubectl describe sa coredns -n kube-system 378 | 378 kubectl describe clusterrolebinding system:coredns 379 | 379 kubectl describe clusterrole system:coredns 380 | 380 kubectl explain pods.spec.securityContext 381 | 381 kubectl explain pods.spec.containers.securityContext 382 | 382 cd ckad/ 383 | 383 vim securitycontextdemo2.yaml 384 | 384 kubectl apply -f securitycontextdemo2.yaml 385 | 385 kubectl exec -it security-context-demo -- sh 386 | 386 vim securitycontextdemo.yaml 387 | 387 kubectl apply -f securitycontextdemo.yaml 388 | 388 kubectl get pods nginxsecure 389 | 389 kubectl describe pods nginxsecure 390 | 390 cd ../Downloads/ 391 | 391 ls 392 | 392 tar xvf helm-v3.16.4-linux-arm64.tar.gz 393 | 393 sudo cp linux-arm64/helm /usr/local/bin/ 394 | 394 helm version 395 | 395 helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/ 396 | 396 helm repositories 397 | 397 helm --help | grep repo 398 | 398 helm repo list 399 | 399 helm upgrade --install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard --create-namespace --namespace kubernetes-dashboard 400 | 400 kubectl -n kubernetes-dashboard port-forward svc/kubernetes-dashboard-kong-proxy 8443:443 401 | 401 history 402 | 402 kubectl get all -n kubernetes-dashboard 403 | 403 cd ../ckad/ 404 | 404 ls 405 | 405 cim RESOURCE.TXT 406 | 406 vim RESOURCE.TXT 407 | 407 history\ 408 | 408 history > /tmp/dec2024.txt 409 | --------------------------------------------------------------------------------