├── 1301.yaml ├── README.md ├── Setup Guide.pdf ├── SetupGuide.pdf ├── SetupGuideAiO.pdf ├── azuredisk-custom-storageclass.yaml ├── basicvolume.yaml ├── busybox-label.yaml ├── busybox-ns.yaml ├── busybox-ready.yaml ├── busybox.yaml ├── cm-test-pod.yaml ├── countdown ├── cron-example.yaml ├── daemon.yaml ├── dummy.yaml ├── example-ingress.yaml ├── friday.yaml ├── frontend-resources.yaml ├── frontend.yaml ├── httpd.yaml ├── ingress-virtual-hosting.yaml ├── kube-setup.sh ├── minikube-docker-setup.sh ├── morevolumes.yaml ├── mypod.yaml ├── nfs-pv-pod.yaml ├── nfs-pv-pod.yaml.bak ├── nfs-pv.yaml ├── nfs-pvc.yaml ├── nginx-cm.yml ├── nginx-custom-config.conf ├── nginx-in.yaml ├── nginx-probes.yaml ├── nginx123.yaml ├── nginxsvc-ingress.yaml ├── pod-secret-as-var.yaml ├── pod-secret.yaml ├── pods-with-nw-policy.yaml ├── pv-nfs.yaml ├── pv-pod.yaml ├── pv.yaml ├── pvc.yaml ├── redis-deploy.yaml ├── replicaset.yaml ├── rolling.yaml ├── sander.yaml ├── secret-yaml.yaml ├── securitycontextdemo.yaml ├── service.yaml ├── setup-container.sh ├── setup-docker.sh ├── setup-kubetools-ubuntu.sh ├── setup-kubetools.sh ├── sidecar.yaml ├── simplejob.yaml ├── simpleshell.yaml ├── sleepy.yaml ├── variables └── volumes.yaml /1301.yaml: -------------------------------------------------------------------------------- 1 | kind: Namespace 2 | apiVersion: v1 3 | metadata: 4 | name: ckad-ns1 5 | 6 | --- 7 | 8 | kind: Pod 9 | apiVersion: v1 10 | metadata: 11 | name: pod-a 12 | namespace: ckad-ns1 13 | spec: 14 | containers: 15 | - image: httpd 16 | name: httpserver 17 | 18 | --- 19 | 20 | kind: Pod 21 | apiVersion: v1 22 | metadata: 23 | name: pod-b 24 | namespace: ckad-ns1 25 | spec: 26 | containers: 27 | - image: nginx 28 | name: nginxserver 29 | - image: rsyslog 30 | name: rsyslogserver 31 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # kubernetes 2 | # kubernetes 3 | -------------------------------------------------------------------------------- /Setup Guide.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sandervanvugt/kub4h/84fc0d034e2923ddd1b8647d33b826a2f1a9b7cd/Setup Guide.pdf -------------------------------------------------------------------------------- /SetupGuide.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sandervanvugt/kub4h/84fc0d034e2923ddd1b8647d33b826a2f1a9b7cd/SetupGuide.pdf -------------------------------------------------------------------------------- /SetupGuideAiO.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sandervanvugt/kub4h/84fc0d034e2923ddd1b8647d33b826a2f1a9b7cd/SetupGuideAiO.pdf -------------------------------------------------------------------------------- /azuredisk-custom-storageclass.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: StorageClass 3 | metadata: 4 | annotations: 5 | kubectl.kubernetes.io/last-applied-configuration: | 6 | {"apiVersion":"storage.k8s.io/v1","kind":"StorageClass","metadata":{"annotations":{},"name":"azuredisk-custom-storageclass"},"parameters":{"kind":"Managed","storageaccounttype":"Standard_LRS"},"provisioner":"kubernetes.io/azure-disk","reclaimPolicy":"Retain","volumeBindingMode":"WaitForFirstConsumer"} 7 | creationTimestamp: "2020-02-26T11:37:56Z" 8 | name: azuredisk-custom-storageclass 9 | resourceVersion: "932514" 10 | selfLink: /apis/storage.k8s.io/v1/storageclasses/azuredisk-custom-storageclass 11 | uid: 54d93d90-8f20-430c-b5a0-46ecd31c076f 12 | parameters: 13 | kind: Managed 14 | storageaccounttype: Standard_LRS 15 | provisioner: kubernetes.io/azure-disk 16 | reclaimPolicy: Retain 17 | volumeBindingMode: WaitForFirstConsumer 18 | -------------------------------------------------------------------------------- /basicvolume.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busyboxab 5 | namespace: default 6 | spec: 7 | containers: 8 | - image: busybox 9 | name: busy1 10 | command: 11 | - sleep 12 | - "3600" 13 | volumeMounts: 14 | - mountPath: /somedir 15 | name: my-volume 16 | volumes: 17 | - name: my-volume 18 | emptyDir: {} 19 | -------------------------------------------------------------------------------- /busybox-label.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox3 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: busybox 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | nodeselector: 14 | disktype: hdd 15 | -------------------------------------------------------------------------------- /busybox-ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox2 5 | namespace: secret 6 | spec: 7 | containers: 8 | - image: busybox 9 | name: busy 10 | command: 11 | - sleep 12 | - "3600" 13 | -------------------------------------------------------------------------------- /busybox-ready.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox-ready 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: busy 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | readinessProbe: 14 | periodSeconds: 10 15 | exec: 16 | command: 17 | - cat 18 | - /tmp/nothing 19 | resources: {} 20 | -------------------------------------------------------------------------------- /busybox.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox2 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: busy 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | -------------------------------------------------------------------------------- /cm-test-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: test1 5 | spec: 6 | containers: 7 | - name: test1 8 | image: cirros 9 | command: ["/bin/sh", "-c", "env"] 10 | envFrom: 11 | - configMapRef: 12 | name: variables 13 | -------------------------------------------------------------------------------- /countdown: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | COUNTER=$1 4 | COUNTER=$(( COUNTER * 60 )) 5 | 6 | while true 7 | do 8 | echo $COUNTER seconds remaining in break 9 | COUNTER=$(( COUNTER - 1 )) 10 | sleep 1 11 | done 12 | -------------------------------------------------------------------------------- /cron-example.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: hello 5 | spec: 6 | schedule: "*/1 * * * *" 7 | jobTemplate: 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: hello 13 | image: busybox 14 | args: 15 | - /bin/sh 16 | - -c 17 | - date; echo hello from the K8s cluster 18 | restartPolicy: OnFailure 19 | -------------------------------------------------------------------------------- /daemon.yaml: -------------------------------------------------------------------------------- 1 | apiversion: apps/v1 2 | kind: DaemonSet 3 | metadata: 4 | name: multi-nginx 5 | spec: 6 | template: 7 | metadata: 8 | labels: 9 | system: DaemonSetOne 10 | spec: 11 | containers: 12 | - name: nginx 13 | image: nginx:1.7.9 14 | ports: 15 | - containerPort: 80 16 | -------------------------------------------------------------------------------- /dummy.yaml: -------------------------------------------------------------------------------- 1 | # dummy file 2 | -------------------------------------------------------------------------------- /example-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: example-ingress 5 | annotations: 6 | nginx.ingress.kubernetes.io/rewrite-target: /$1 7 | spec: 8 | rules: 9 | - host: hello-world.info 10 | http: 11 | paths: 12 | - path: /(.+) 13 | backend: 14 | serviceName: web 15 | servicePort: 8080 16 | -------------------------------------------------------------------------------- /friday.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busyboxf 5 | namespace: default 6 | spec: 7 | containers: 8 | - image: busybox 9 | name: busy 10 | command: 11 | - sleep 12 | - "3600" 13 | -------------------------------------------------------------------------------- /frontend-resources.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: frontend 5 | spec: 6 | containers: 7 | - name: db 8 | image: mysql 9 | env: 10 | - name: MYSQL_ROOT_PASSWORD 11 | value: "password" 12 | resources: 13 | requests: 14 | memory: "64Mi" 15 | cpu: "250m" 16 | limits: 17 | memory: "128Mi" 18 | cpu: "500m" 19 | - name: wp 20 | image: wordpress 21 | resources: 22 | requests: 23 | memory: "64Mi" 24 | cpu: "250m" 25 | limits: 26 | memory: "128Mi" 27 | cpu: "500m" 28 | -------------------------------------------------------------------------------- /frontend.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: ReplicaSet 3 | metadata: 4 | name: frontend 5 | labels: 6 | app: guestbook 7 | tier: frontend 8 | spec: 9 | # this replicas value is default 10 | # modify it according to your case 11 | replicas: 3 12 | selector: 13 | matchLabels: 14 | tier: frontend 15 | matchExpressions: 16 | - {key: tier, operator: In, values: [frontend]} 17 | template: 18 | metadata: 19 | labels: 20 | app: guestbook 21 | tier: frontend 22 | spec: 23 | containers: 24 | - name: php-redis 25 | image: gcr.io/google_samples/gb-frontend:v3 26 | resources: 27 | requests: 28 | cpu: 100m 29 | memory: 100Mi 30 | env: 31 | - name: GET_HOSTS_FROM 32 | value: dns 33 | # If your cluster config does not include a dns service, then to 34 | # instead access environment variables to find service host 35 | # info, comment out the 'value: dns' line above, and uncomment the 36 | # line below. 37 | # value: env 38 | ports: 39 | - containerPort: 80 40 | -------------------------------------------------------------------------------- /httpd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: newhttpd 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: httpd 9 | image: httpd 10 | 11 | -------------------------------------------------------------------------------- /ingress-virtual-hosting.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: name-virtual-host-ingress 5 | spec: 6 | rules: 7 | - host: first.bar.com 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: service1 12 | servicePort: 80 13 | - host: second.foo.com 14 | http: 15 | paths: 16 | - backend: 17 | serviceName: service2 18 | servicePort: 80 19 | - http: 20 | paths: 21 | - backend: 22 | serviceName: service3 23 | servicePort: 80 24 | -------------------------------------------------------------------------------- /kube-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # verified on Fedora 31 WS 4 | egrep '^flags.*(vmx|svm)' /proc/cpuinfo || (echo enable CPU virtualization support and try again && exit 9) 5 | 6 | dnf clean all 7 | dnf -y upgrade 8 | 9 | # install KVM software 10 | dnf install @virtualization -y 11 | systemctl enable --now libvirtd 12 | usermod -aG libvirt student 13 | 14 | # install kubectl 15 | echo installing kubectl 16 | cat < /etc/yum.repos.d/kubernetes.repo 17 | [kubernetes] 18 | name=Kubernetes 19 | baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 20 | enabled=1 21 | gpgcheck=1 22 | repo_gpgcheck=1 23 | gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 24 | EOF 25 | 26 | dnf install -y kubectl 27 | 28 | # install minikube 29 | echo downloading minikube, check version 30 | curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 31 | 32 | chmod +x minikube 33 | mv minikube /usr/local/bin 34 | 35 | 36 | 37 | echo at this point, reboot your Fedora Workstation. After reboot, manually run as non-root 38 | echo minikube start --memory 4096 --vm-driver=kvm2 39 | 40 | echo also use usermod -aG libvirt $USER where $USER is the name of the user that is going to start minikube 41 | -------------------------------------------------------------------------------- /minikube-docker-setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # last minute patch, added 20 Aug. 2021 3 | # currently only supported on Ubuntu 20.04 LTS 4 | 5 | sudo apt-get update -y 6 | sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common -y 7 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 8 | sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" 9 | sudo apt-get update -y 10 | sudo apt-get install docker-ce docker-ce-cli containerd.io -y 11 | 12 | curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl 13 | chmod +x ./kubectl 14 | sudo mv ./kubectl /usr/local/bin/kubectl 15 | 16 | curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 17 | sudo install minikube-linux-amd64 /usr/local/bin/minikube 18 | #### 19 | echo the script is now ready 20 | echo manually run minikube start --vm-driver=docker to start minikube 21 | 22 | sudo usermod -aG docker $USER 23 | newgrp docker 24 | 25 | minikube start --vm-driver=docker 26 | -------------------------------------------------------------------------------- /morevolumes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: morevol2 5 | spec: 6 | containers: 7 | - name: centos 8 | image: centos:7 9 | command: 10 | - sleep 11 | - "3600" 12 | volumeMounts: 13 | - mountPath: /centos 14 | name: test 15 | - name: centos 16 | image: centos:7 17 | command: 18 | - sleep 19 | - "3600" 20 | volumeMounts: 21 | - mountPath: /centos2 22 | name: test 23 | volumes: 24 | - name: test 25 | emptyDir: {} 26 | -------------------------------------------------------------------------------- /mypod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: busybox 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: busybox 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | - name: nginx 14 | image: nginx 15 | -------------------------------------------------------------------------------- /nfs-pv-pod.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: nfs-pv-pod 5 | spec: 6 | volumes: 7 | - name: nfs-pv 8 | persistentVolumeClaim: 9 | claimName: nfs-pv-claim 10 | containers: 11 | - name: nfs-client1 12 | image: centos:latest 13 | command: 14 | - sleep 15 | - "3600" 16 | volumeMounts: 17 | - mountPath: "/nfsshare" 18 | name: nfs-pv 19 | - name: nfs-client2 20 | image: centos:latest 21 | command: 22 | - sleep 23 | - "3600" 24 | volumeMounts: 25 | - mountPath: "/nfsshare" 26 | name: nfs-pv 27 | -------------------------------------------------------------------------------- /nfs-pv-pod.yaml.bak: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: nfs-pv-pod 5 | spec: 6 | volumes: 7 | - name: nfs-pv 8 | persistentVolumeClaim: 9 | claimName: nfs-pv-claim 10 | containers: 11 | - name: nfs-client1 12 | image: nginx 13 | ports: 14 | - containerPort: 8081 15 | name: "http-server1" 16 | volumeMounts: 17 | - mountPath: "/nfsshare" 18 | name: nfs-pv 19 | - name: nfs-client2 20 | image: nginx 21 | ports: 22 | - containerPort: 8082 23 | name: "http-server2" 24 | volumeMounts: 25 | - mountPath: "/nfsshare" 26 | name: nfs-pv 27 | -------------------------------------------------------------------------------- /nfs-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: nfs-pv 5 | spec: 6 | capacity: 7 | storage: 2Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | nfs: 12 | path: /data 13 | server: 192.168.99.1 14 | readOnly: false 15 | -------------------------------------------------------------------------------- /nfs-pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: nfs-pv-claim 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 100Mi 11 | -------------------------------------------------------------------------------- /nginx-cm.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginx-cm 5 | labels: 6 | role: web 7 | spec: 8 | containers: 9 | - name: nginx-cm 10 | image: nginx 11 | volumeMounts: 12 | - name: conf 13 | mountPath: /etc/nginx/conf.d 14 | volumes: 15 | - name: conf 16 | configMap: 17 | name: nginx-cm 18 | items: 19 | - key: nginx-custom-config.conf 20 | path: default.conf 21 | -------------------------------------------------------------------------------- /nginx-custom-config.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 8888; 3 | server_name localhost; 4 | location / { 5 | root /usr/share/nginx/html; 6 | index index.html index.htm; 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /nginx-in.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: nginx-ingress 5 | annotations: 6 | ingress.kubernetes.io/rewrite-target: / 7 | spec: 8 | rules: 9 | - host: 10 | http: 11 | paths: 12 | - path: /nginxserver 13 | backend: 14 | serviceName: nginx 15 | servicePort: 80 16 | -------------------------------------------------------------------------------- /nginx-probes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginx-probes 5 | labels: 6 | role: web 7 | spec: 8 | containers: 9 | - name: nginx-probes 10 | image: nginx 11 | readinessProbe: 12 | tcpSocket: 13 | port: 80 14 | initialDelaySeconds: 5 15 | periodSeconds: 10 16 | livenessProbe: 17 | tcpSocket: 18 | port: 80 19 | initialDelaySeconds: 20 20 | periodSeconds: 20 21 | 22 | -------------------------------------------------------------------------------- /nginx123.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | annotations: 5 | deployment.kubernetes.io/revision: "1" 6 | creationTimestamp: "2019-09-20T14:54:12Z" 7 | generation: 1 8 | labels: 9 | k8s-app: nginx-friday20 10 | name: nginx-friday20 11 | namespace: default 12 | resourceVersion: "24766" 13 | selfLink: /apis/apps/v1/namespaces/default/deployments/nginx-friday20 14 | uid: 4c4e3217-0fcf-4365-987c-10d089a09c1e 15 | spec: 16 | progressDeadlineSeconds: 600 17 | replicas: 3 18 | revisionHistoryLimit: 10 19 | selector: 20 | matchLabels: 21 | k8s-app: nginx-friday20 22 | strategy: 23 | rollingUpdate: 24 | maxSurge: 25% 25 | maxUnavailable: 25% 26 | type: RollingUpdate 27 | template: 28 | metadata: 29 | creationTimestamp: null 30 | labels: 31 | k8s-app: nginx-friday20 32 | name: nginx-friday20 33 | spec: 34 | containers: 35 | - image: nginx 36 | imagePullPolicy: Always 37 | name: nginx-friday20 38 | resources: {} 39 | securityContext: 40 | privileged: false 41 | terminationMessagePath: /dev/termination-log 42 | terminationMessagePolicy: File 43 | dnsPolicy: ClusterFirst 44 | restartPolicy: Always 45 | schedulerName: default-scheduler 46 | securityContext: {} 47 | terminationGracePeriodSeconds: 30 48 | -------------------------------------------------------------------------------- /nginxsvc-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: nginxsvc-ingress 5 | annotations: 6 | nginx.ingress.kubernetes.io/rewrite-target: /$1 7 | spec: 8 | rules: 9 | - host: nginxsvc.info 10 | http: 11 | paths: 12 | - path: / 13 | backend: 14 | serviceName: nginxsvc 15 | servicePort: 80 16 | -------------------------------------------------------------------------------- /pod-secret-as-var.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: mymysql 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: mysql 9 | image: mysql:latest 10 | env: 11 | - name: MYSQL_ROOT_PASSWORD 12 | valueFrom: 13 | secretKeyRef: 14 | name: mysql 15 | key: password 16 | -------------------------------------------------------------------------------- /pod-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: secretbox2 5 | namespace: default 6 | spec: 7 | containers: 8 | - name: secretbox 9 | image: busybox 10 | command: 11 | - sleep 12 | - "3600" 13 | volumeMounts: 14 | - mountPath: /secretstuff 15 | name: secret 16 | volumes: 17 | - name: secret 18 | secret: 19 | secretName: secretstuff 20 | -------------------------------------------------------------------------------- /pods-with-nw-policy.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: database-pod 5 | namespace: default 6 | labels: 7 | app: database 8 | spec: 9 | containers: 10 | - name: database 11 | image: alpine 12 | --- 13 | 14 | kind: Pod 15 | apiVersion: v1 16 | metadata: 17 | name: web-pod 18 | namespace: default 19 | labels: 20 | app: web 21 | spec: 22 | containers: 23 | - name: web 24 | image: alpine 25 | 26 | --- 27 | 28 | kind: NetworkPolicy 29 | apiVersion: networking.k8s.io/v1 30 | metadata: 31 | name: db-networkpolicy 32 | namespace: default 33 | spec: 34 | podSelector: 35 | matchLabels: 36 | app: database 37 | policyTypes: 38 | - Ingress 39 | - Egress 40 | ingress: 41 | - from: 42 | - podSelector: 43 | matchLabels: 44 | app: web 45 | -------------------------------------------------------------------------------- /pv-nfs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: pv-nfs 5 | spec: 6 | capacity: 7 | storage: 1Gi 8 | accessModes: 9 | - ReadWritemany 10 | persistentVolumeReclaimPolicy: Retain 11 | nfs: 12 | path: /data 13 | server: myserver 14 | readOnly: false 15 | -------------------------------------------------------------------------------- /pv-pod.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: pv-pod 5 | spec: 6 | volumes: 7 | - name: pv-storage 8 | persistentVolumeClaim: 9 | claimName: pv-claim 10 | containers: 11 | - name: pv-container 12 | image: nginx 13 | ports: 14 | - containerPort: 80 15 | name: "http-server" 16 | volumeMounts: 17 | - mountPath: "/usr/share/nginx/html" 18 | name: pv-storage 19 | -------------------------------------------------------------------------------- /pv.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolume 2 | apiVersion: v1 3 | metadata: 4 | name: pv-volume 5 | labels: 6 | type: local 7 | spec: 8 | capacity: 9 | storage: 2Gi 10 | accessModes: 11 | - ReadWriteOnce 12 | hostPath: 13 | path: "/mydata" 14 | -------------------------------------------------------------------------------- /pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: pv-claim 5 | spec: 6 | accessModes: 7 | - ReadWriteOnce 8 | resources: 9 | requests: 10 | storage: 1Gi 11 | -------------------------------------------------------------------------------- /redis-deploy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1beta1 3 | kind: Deployment 4 | metadata: 5 | name: redis 6 | labels: 7 | app: redis 8 | spec: 9 | selector: 10 | matchLabels: 11 | app: redis 12 | replicas: 13 | template: 14 | metadata: 15 | labels: 16 | app: redis 17 | spec: 18 | containers: 19 | - name: redis 20 | image: redis:alpine 21 | ports: 22 | - containerPort: 6379 23 | name: redis 24 | -------------------------------------------------------------------------------- /replicaset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: ReplicaSet 3 | metadata: 4 | name: rsdemo 5 | spec: 6 | replicas: 2 7 | selector: 8 | matchLabels: 9 | app: myapp 10 | template: 11 | metadata: 12 | name: nginxrs 13 | labels: 14 | app: myapp 15 | spec: 16 | containers: 17 | - name: nginx 18 | image: nginx 19 | -------------------------------------------------------------------------------- /rolling.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: rolling-nginx 5 | spec: 6 | replicas: 4 7 | strategy: 8 | type: RollingUpdate 9 | rollingUpdate: 10 | maxSurge: 2 11 | maxUnavailable: 1 12 | selector: 13 | matchLabels: 14 | app: nginx 15 | template: 16 | metadata: 17 | name: nginx 18 | labels: 19 | app: nginx 20 | spec: 21 | containers: 22 | - name: nginx 23 | image: nginx:1.8 24 | -------------------------------------------------------------------------------- /sander.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: sander-pod 5 | spec: 6 | containers: 7 | - name: sander-pod 8 | image: sander-image 9 | -------------------------------------------------------------------------------- /secret-yaml.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: secret-users 5 | type: Opaque 6 | data: 7 | password: cGFzc3dvcmQ= 8 | username: bGlzYQ== 9 | -------------------------------------------------------------------------------- /securitycontextdemo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginxsecure 5 | spec: 6 | securityContext: 7 | runAsNonRoot: true 8 | containers: 9 | - image: nginx 10 | name: nginx 11 | -------------------------------------------------------------------------------- /service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mywebserver 5 | spec: 6 | selector: 7 | run: nginx 8 | ports: 9 | - port: 80 10 | name: whatever 11 | type: NodePort 12 | -------------------------------------------------------------------------------- /setup-container.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # script that runs 3 | # https://kubernetes.io/docs/setup/production-environment/container-runtime 4 | 5 | # setting MYOS variable 6 | MYOS=$(hostnamectl | awk '/Operating/ { print $3 }') 7 | OSVERSION=$(hostnamectl | awk '/Operating/ { print $4 }') 8 | 9 | ##### CentOS 7 config 10 | if [ $MYOS = "centos" ] 11 | then 12 | echo setting up CentOS 7 with Docker 13 | yum install -y vim yum-utils device-mapper-persistent-data lvm2 14 | yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 15 | 16 | # notice that only verified versions of Docker may be installed 17 | # verify the documentation to check if a more recent version is available 18 | 19 | yum install -y docker-ce 20 | [ ! -d /etc/docker ] && mkdir /etc/docker 21 | 22 | mkdir -p /etc/systemd/system/docker.service.d 23 | 24 | 25 | cat > /etc/docker/daemon.json <<- EOF 26 | { 27 | "exec-opts": ["native.cgroupdriver=systemd"], 28 | "log-driver": "json-file", 29 | "log-opts": { 30 | "max-size": "100m" 31 | }, 32 | "storage-driver": "overlay2", 33 | "storage-opts": [ 34 | "overlay2.override_kernel_check=true" 35 | ] 36 | } 37 | EOF 38 | 39 | 40 | systemctl daemon-reload 41 | systemctl restart docker 42 | systemctl enable docker 43 | 44 | systemctl disable --now firewalld 45 | fi 46 | 47 | echo printing MYOS $MYOS 48 | 49 | if [ $MYOS = "Ubuntu" ] 50 | then 51 | ### setting up container runtime prereq 52 | cat <<- EOF | sudo tee /etc/modules-load.d/containerd.conf 53 | overlay 54 | br_netfilter 55 | EOF 56 | 57 | sudo modprobe overlay 58 | sudo modprobe br_netfilter 59 | 60 | # Setup required sysctl params, these persist across reboots. 61 | cat <<- EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf 62 | net.bridge.bridge-nf-call-iptables = 1 63 | net.ipv4.ip_forward = 1 64 | net.bridge.bridge-nf-call-ip6tables = 1 65 | EOF 66 | 67 | # Apply sysctl params without reboot 68 | sudo sysctl --system 69 | 70 | # (Install containerd) 71 | sudo apt-get update && sudo apt-get install -y containerd 72 | # Configure containerd 73 | sudo mkdir -p /etc/containerd 74 | containerd config default | sudo tee /etc/containerd/config.toml 75 | # Restart containerd 76 | sudo systemctl restart containerd 77 | fi 78 | 79 | -------------------------------------------------------------------------------- /setup-docker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # script that runs 3 | # https://kubernetes.io/docs/setup/production-environment/container-runtime 4 | 5 | yum install -y vim yum-utils device-mapper-persistent-data lvm2 6 | yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 7 | 8 | # notice that only verified versions of Docker may be installed 9 | # verify the documentation to check if a more recent version is available 10 | 11 | yum install -y docker-ce 12 | [ ! -d /etc/docker ] && mkdir /etc/docker 13 | 14 | cat > /etc/docker/daemon.json < /etc/yum.repos.d/kubernetes.repo 6 | [kubernetes] 7 | name=Kubernetes 8 | baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 9 | enabled=1 10 | gpgcheck=1 11 | repo_gpgcheck=1 12 | gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 13 | EOF 14 | 15 | # Set SELinux in permissive mode (effectively disabling it) 16 | setenforce 0 17 | sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config 18 | 19 | # disable swap (assuming that the name is /dev/centos/swap 20 | sed -i 's/^\/dev\/mapper\/centos-swap/#\/dev\/mapper\/centos-swap/' /etc/fstab 21 | swapoff /dev/mapper/centos-swap 22 | 23 | yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes 24 | 25 | systemctl enable --now kubelet 26 | 27 | # Set iptables bridging 28 | cat < /etc/sysctl.d/k8s.conf 29 | net.bridge.bridge-nf-call-ip6tables = 1 30 | net.bridge.bridge-nf-call-iptables = 1 31 | EOF 32 | sysctl --system 33 | -------------------------------------------------------------------------------- /sidecar.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: sidecar-pod 5 | spec: 6 | volumes: 7 | - name: logs 8 | emptyDir: {} 9 | 10 | containers: 11 | - name: app 12 | image: busybox 13 | command: ["/bin/sh"] 14 | args: ["-c", "while true; do date >> /var/log/date.txt; sleep 15 | 10;done"] 16 | volumeMounts: 17 | - name: logs 18 | mountPath: /var/log 19 | 20 | - name: sidecar 21 | image: centos/httpd 22 | ports: 23 | - containerPort: 80 24 | volumeMounts: 25 | - name: logs 26 | mountPath: /var/www/html 27 | -------------------------------------------------------------------------------- /simplejob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: simple-job 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: sleepy 10 | image: alpine 11 | command: [ "/bin/sleep" ] 12 | args: [ "5" ] 13 | restartPolicy: Never 14 | -------------------------------------------------------------------------------- /simpleshell.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: shell-demo 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: nginx 9 | env: 10 | - name: ilike 11 | valueFrom: 12 | configMapKeyRef: 13 | name: colors 14 | key: favorite 15 | -------------------------------------------------------------------------------- /sleepy.yaml: -------------------------------------------------------------------------------- 1 | kind: Pod 2 | apiVersion: v1 3 | metadata: 4 | name: sleepy 5 | spec: 6 | containers: 7 | - name: sleep-container 8 | image: alpine 9 | command: ["/bin/sh"] 10 | args: ["-c", "while true; do date; sleep 5; done"] 11 | env: 12 | - name: BASE_URL 13 | value: "https://sleepy.example.com" 14 | -------------------------------------------------------------------------------- /variables: -------------------------------------------------------------------------------- 1 | VAR1=Hello 2 | VAR2=World 3 | -------------------------------------------------------------------------------- /volumes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: vol2 5 | spec: 6 | containers: 7 | - name: centos2 8 | image: centos:7 9 | command: 10 | - sleep 11 | - "3600" 12 | volumeMounts: 13 | - mountPath: /test 14 | name: test 15 | restartPolicy: Always 16 | volumes: 17 | - name: test 18 | emptyDir: {} 19 | --------------------------------------------------------------------------------