Certification Details

title: “Certification Details”
date: 2019-07-12T08:44:38
slug: certification-details

https://www.youtube.com/watch?v=DFEOdnYw1WY
https://www.youtube.com/watch?v=Y2SA7sCtKSs

Certified Kubernetes Administrator: https://www.cncf.io/certification/cka/

Exam Curriculum (Topics): https://github.com/cncf/curriculum

Candidate Handbook: https://www.cncf.io/certification/candidate-handbook

Exam Tips: http://training.linuxfoundation.org/go//Important-Tips-CKA-CKAD

Kubernetes Tab Completion

source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc

Create a nginx Deployment

kubectl run nginx --image=nginx

Create deployment with X replicas

!!TODO

Create a pod with name and image

kubectl run redis --image=redis123 --generator=run-pod/v1.

Generate Pod Manifest

kubectl run --generator=run-pod/v1 nginx --image=nginx --dry-run -o yaml

Create Pod with command line args:

kubectl run webapp --image=webapp --generator=run-pod/v1 --dry-run -o yaml -- --color=green

Extended information

kubectl get pods -o wide

Edit a Pod

kubectl edit pod nginx

Delete all pods

kubectl delete --all pods --namespace=foo

Create a Service (ClusterIP)

kubectl expose pod redis --port=6379 --name redis-service --dry-run -o yaml

Expose Pod:

kubectl expose pod nginx --port=80 --name nginx-service --dry-run -o yaml

Create Service Nodeport (not using selector, you have to correct it in yaml)

kubectl create service nodeport nginx --tcp=80:80 --node-port=30080 --dry-run -o yaml

Übung:

Name: webapp-service
Type: NodePort
Endpoints: 3
Port: 8080
NodePort: 30082

kubectl expose deployment webapp --type=NodePort --port=8080 --name=webapp-service

And edit the nodeport with kubectl edit or create manifest first

Assign Pod to a node by nodeName

apiVersion: v1
kind: Pod
metadata:
 name: nginx
spec:
 nodeName: foo-node # schedule pod to specific node
 containers:
 - name: nginx

Get pods by selector

kubectl get pods --selector env=dev
kubectl get pods --selector env=dev,bu=finance,tier=frontend
Pod Manifest:
labels:
 env: dev

You CANNOT edit specifications of an existing POD other than the below.

spec.containers[\*].image
spec.initContainers[\*].image
spec.activeDeadlineSeconds
spec.tolerations

Edit Deployments

With Deployments you can easily edit any field/property of the POD template. Since the pod template is a child of the deployment specification,  with every change the deployment will automatically delete and create a new pod with the new changes. So if you are asked to edit a property of a POD part of a deployment you may do that simply by running the command

kubectl edit deployment my-deployment

Create Custom Scheduler

apiVersion: v1
kind: Pod
metadata:
name: my-scheduler
namespace: kube-system
spec:
containers:
- command:
 - kube-scheduler
 - --address=127.0.0.1
 - --kubeconfig=/etc/kubernetes/scheduler.conf
 - --leader-elect=false
 - --scheduler-name=my-scheduler
 image: gcr.io/my-gcp-project/my-kube-scheduler:1.0

Assign Pod to scheduler

apiVersion: v1
kind: Pod
metadata:
 name: annotation-default-scheduler
 labels:
 name: multischeduler-example
spec:
 schedulerName: my-scheduler
 containers:
 - name: pod-with-default-annotation-container
 image: k8s.gcr.io/pause:2.0

Create a configmap

kubectl create configmap special-config --from-literal=special.how=very --from-literal=special.type=charm

Assign the configmap to a pod:

apiVersion: v1
kind: Pod
metadata:
 name: dapi-test-pod
spec:
 containers:
 - name: test-container
 image: k8s.gcr.io/busybox
 command: [ "/bin/sh", "-c", "env" ]
 env:
 # Define the environment variable
 - name: SPECIAL\_LEVEL\_KEY
 valueFrom:
 configMapKeyRef:
 # The ConfigMap containing the value you want to assign to SPECIAL\_LEVEL\_KEY
 name: special-config
 # Specify the key associated with the value
 key: special.how
 restartPolicy: Never

Create a secret with multiple vars

kubectl create secret generic test-secret --from-literal=username='my-app' --from-literal=password='39528$vdg7Jb'

Pass it to aPod as environmend

apiVersion: v1
kind: Pod
metadata:
 name: envfrom-secret
spec:
 containers:
 - name: envars-test-container
 image: nginx
 envFrom:
 - secretRef:
 name: test-secret

Create a pod with two init container

apiVersion: v1
kind: Pod
metadata:
 name: myapp-pod
 labels:
 app: myapp
spec:
 containers:
 - name: myapp-container
 image: busybox:1.28
 command: ['sh', '-c', 'echo The app is running! && sleep 3600']
 initContainers:
 - name: init-myservice
 image: busybox:1.28
 command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;']
 - name: init-mydb
 image: busybox:1.28
 command: ['sh', '-c', 'until nslookup mydb; do echo waiting for mydb; sleep 2; done;']

Pod dead timeout

--pod-eviction-timeout duration Default: 5m0s

Upgrade the Master Node (drain first)

apt install kubeadm=1.12.10-00
kubeadm update apply v1.12.10

Update the worker node (drain first)

apt install kubeadm=1.12.0-00
apt install kubelet=1.12.0-00
kubeadm upgrade node config --kubelet-version $(kubelet --version | cut -d ' ' -f 2)

Cluster backup 1

kubectl get all --all-namespaces -o yaml > all-deploy-services.yaml

Check multiple certificates

ls \*crt | xargs -n 1 sh -c 'openssl x509 -in $0 -text -noout' | grep -i after
Print Friendly, PDF & Email