Certified Kubernetes Administrator (CKA) with Practice Tests - leqviet/wikidls GitHub Wiki

Summary

  • ETCD
  • Kube Api Server
  • Kube Controller Manager
  • Kube Proxy
  • POD

Core Concepts

Cluster Architecture Create and configure pods

  • Replicate controller vs Replica set ( Scale only use on replica set?? is that right?) kubectl create -f replicaset-definition.yml
    kubectl scale --replicas=6 replicaset {nameofreplica}
    kubectl delete replicaset {nameofreplica} ---> delete all pods
  • Label and Selectors Pod Replicaset Deployment

Services & Other Network Primitives

  • Services (?? Communication between services) Example: Pod ( ip 10.244.0.2) Node (ip 192.168.1.2) Client (ip 192.168.1.10) call curl http://10.244.0.2

Services Type: https://www.code4projects.net/kubernetes-services-cluster-ip-vs-nodeport-vs-loadbalancer-vs-ingress/

  • NodePort
  • ClusterIp
  • Loadbalancer ( what ingress --> nodeport has ingress file??)

Namespace -- when you define pod , you have key namespace: for each pod file namespace-dev.yml

apiVersion: v1
kind: Namespace
metadata: 
    name:dev

kubeclt create -f namespace-dev.yml
kubeclt create namespace dev

Resource Quota for namespace compute-quota.yaml

appVersion: v1
kind: ResourceQuota
metadata:
     name: compute-quota
     namespace: dev
spec:
  hard:
     pods: "10"
     requests.cpu: "4"
     requests.memory: 5Gi
     limits.cpu: "10"
     limits.memory: 10Gi

kubectl create -f compute-quota.yaml

Logging Monitoring

  1. Monitor Cluster Components
  2. Application Logs

Application Lifecycle Management (what is the different of recreate vs rolloutUpdate)

1. Rolling Updates and Rollbacks in Developments

kubectl rollout status development/myapp-deployment
kubectl rollout history development/myapp-deploy
kubectl rollout undo deployment/myapp-deployment

kubectl get replicasets Replica Set Rollback

Summarize Commands

  1. Create ==> kubectl create -f deployment-definition.yml
  2. Get ==> kubectk get deployments
  3. Update ==> kubectl apply -f deployment-definition.yml kubectl set image deployment/myapp-deployment nginx=nginx:1.9.1
  4. Status ==> kubectl rollout status deployment/myapp-deployment
  5. Rollback ==> kubectl rollout history deployment/myapp-deplopment kubectl rollout undo deployment/myapp-development

Using the command to change the image of deployment kubectl set image deploy {nameofdeployment} {nameofcontainer}={newimage}

If you want to modify the deployment file

kubectl edit deploy {deployment-name}

2. Configure Applications

Environment variables of kubernetes Env pod-definition.yaml

apiVersion: v1
kind: Pod
metadata:
   name: simple-webapp-color
spec:
   containers:
   -name: simple-webapp-color
    image: simple-webapp-color
    ports:
      - containerPort: 8080
    env:
      -name: APP_COLOR
       value: pink

ConfigMap (How to create config map ??): APP_COLOR: blue APP_MODE: prod

    env:
      -name: APP_COLOR
       value: pink

   envFrom:
   -configMapRef:
        name: app-config

config-map.yaml

apiVersion: v1
kind: ConfigMap
metadata:
   name: app-config
data:
   APP_COLOR: blue
   APP_MODE: prod

Secrets (Secrets are not encrypted. Only encoded)

apiVersion: v1
kind: Secret
metadata:
   name: app-secret
data:
   DB_Host: mysql
   DB_User: root
   DB_Password: passwrd

Base 64: echo -n 'mysql' | base64

   DB_Host: bXlzcWw=
   DB_User: root
   DB_Password: passwrd

Base 64: echo -n 'mysql' | base64 --decode

Pod yaml will inject the secret config:

  envFrom:
    - secretRef:
        name: app-secret

What is the volumes ?? config secret with volume

  1. Scale Applications
  2. Self-Healing Application

Security

TLS Basics View Certificate Details Generate Certificates What are TLS Certificates? How does Kube use Certificates? How to generate them? How to configure them? How to view them? How to troubleshoot issues related to Certificates?

Networking

https://github.com/kodekloudhub/certified-kubernetes-administrator-course/blob/master/docs/09-Networking/02-Pre-requisite-Switching-Routing-Gateways.md https://github.com/kodekloudhub/certified-kubernetes-administrator-course/blob/master/docs/09-Networking/03-Pre-requisite-DNS.md ip link ip addr ip addr add 192.168.1.10/24 dev eth0 ip route ip route add 192.168.1.0/24 via 192.168.2.1 cat /proc/sys/net/ipv4/ip_forward

DNS DNS host file CName Linux bridge ?? (what?) Linux namespace Linux network

https://github.com/kubernetes/dns/blob/master/docs/specification.md

https://coredns.io/plugins/kubernetes/

nslookup www.google.com dig www.google.com

Kube Controller Manager - kubectl get pod -n kube-system

  • Node Controller
  • Replica set controller

Kube Scheduler --> identify the best node of the pod 1 Filter nodes 2 Rank nodes You should read Resource Requirement and Limits Taints and Tolerations Node Selectors/Affinity Labels & Selectores Resource Limits Manual Scheduling Daemon Sets Mutiple Schedulers Scheduler Events Configure Kubernetes Scheduler

Kube Proxy (Pod Network) - Run on each pod of kubernetes cluster, it job to look a new services and every time a new service created, it created rules to forward traffic to services How to Install and deploy kube proxy

POD How to deploy POD