Kubernetes Yaml Templates
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
config
deployment
job
networksecurity
pod
podsecurity
quota
rbac
service
statefulset
volume
.gitignore
README.org
kubernetes-yaml-templates.pdf

README.org

1 Kubernetes Yaml Templates

linkedin
github
slack


PRs Welcome

File me Issues or star this repo.

1.1 Pod

YamlSummary
pod/pod-dummy.yamlStart a dummy pod with a dead sleep loop
pod/pod-nginx.yamlStart a pod of sample app(nginx)
pod/pod-initcontainer-sysctl.yamlUse initContainer to run sysctl, when starting a Pod
pod/pod-healthcheck-nginx.yamlStart pod with tcp and http healthcheck
pod/pod-secrets.yamlPod use secrets as either volumes or environment variables
pod/pod-gitclone.yamlPod: use initContainer as sidecar to web host a git repo
pod/pod-hostaliases.yamlPod: add alias to /etc/hosts
pod/pod-handlers.yamlPod’s events whenever it get started or stoppped
LinksLink: kubectl cheatsheet

1.2 Configmap/Envs

YamlSummary
config/pod-environment-var.yamlStart a pod passing environment variables
config/pod-env-metada.yamlExpose metadata to pods

1.3 Volume

YamlSummary
volume/volume-manual-pv.yamlCreate pv first, then pvc
volume/volume-mount-localpath.yamlMount a local folder to pods
volume/volume-emptydir.yamlCreate a empty folder, then mount to pods
volume/volume-ebs.yamlMount EBS volume to pod running in amazon instance with the same AZ
volume/volume-digitalocean.yamlCreate DigitalOcean volume for your kubernetes cluster in DigitalOcean
LinksLink: kubectl cheatsheet, Link: volumes examples

1.4 Security - RBAC

YamlSummary
rbac/serviceaccount-default.yamlServiceaccount: basic usage
LinksLink: kubectl cheatsheet

1.5 Security - PodSecurityPolicy

YamlSummary
podsecurity/securitycontext-user.yamlConfigure userid, at both pod and container levels
podsecurity/podsecurity-privileged.yamlCreate pod security with privileged access
podsecurity/podsecurity-restricted.yamlCreate pod security with restricted access, then apply it later
podsecurity/podsecurity-enforce.yamlEnforce policy security by defining role and cluster role
podsecurity/podsecurity-advanced.yamlA more complicated definition of pod security policy
LinksLink: kubectl cheatsheet

1.6 Security - NetworkPolicy

YamlSummary
networksecurity/networksecurity-denyall-ingress.yamlAllow all ingress
networksecurity/networksecurity-allowall-ingress.yamlDeny all ingress
networksecurity/networksecurity-denyall.yamlDeny all ingress and egress
networksecurity/networksecurity-pod.yamlWhitelist traffic control
networksecurity/networksecurity-complicated.yamlA comprehensive network policy example
networksecurity/networksecurity-port.yamlAllow TCP 443 from one namespace
networksecurity/networksecurity-deny-othernamespaces.yamlDeny all ingress traffic from other namespaces
networksecurity/networksecurity-denyegress-exceptdns.yamlDeny all egress traffic except DNS
LinksLink: kubectl cheatsheet
LinksGitHub: kubernetes-network-policy-recipes

1.7 Quota & Limits

YamlSummary
quota/limitrange-pvc-size.yamlLimitRange: PVC size
quota/limitrange-pvc-cumulative-size.yamlResourceQuota: pvc count and storage size
quota/limitrange-mem-size.yamlLimitRange: Pod ram usage. Then apply it to namespace
LinksLink: kubectl cheatsheet

1.8 Deployment

YamlSummary
deployment/deployment-nginx.yamlDeploy nginx with 2 replicas
deployment/deployment-mysql.yamlDeploy mysql
LinksLink: kubectl cheatsheet

1.9 Statefulset

YamlSummary
statefulset/statefulset-nginx.yamlStatefulset: nginx
statefulset/statefulset-single-mysqlStatefulset: mysql
statefulset/statefulset-replicated-cassandra.yamlStatefulset: single cassandra
statefulset/statefulset-replicated-mysqlStatefulset: cassandra with replicas
LinksLink: kubectl cheatsheet

1.10 Service

YamlSummary
service/service-clusterip-nginx.yamlService: nginx with clusterip
service/service-nodeport.yamlService: nodeport
service/service-ingress.yamlService: ingress
service/service-cassandra.yamlService: cassandra
LinksLink: kubectl cheatsheet

1.11 Jobs & CronJob

YamlSummary
job/job-affinity.yamlDeploy a job with node affinity

1.12 More Resources

License: Code is licensed under MIT License.