CheatSheet For PKS: Pivotal Kubernetes Service
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore
README.org
cheatsheet-pks-A4.pdf
harbor.png
pks-deployment.png
pks-highlevel.png
pks-nsxt-nat.png
pks-nsxt-no-nat-logical-switch.png
pks-nsxt-no-nat-virtual-switch.png
run-bosh-cli.md
run-kubectl-in-kubo.md
run-kubectl-in-pks.md
run-pks-cli.md

README.org

1 PKS CheatSheet

linkedin
github
slack


PRs Welcome

File me Issues or star this repo.

1.1 PKS Reference

NameSummary
YouTubeYouTube: PKS Demos and Webcasts, YouTube: PKS overview
ReferencePKS Documentation, PKS Concepts, PKS 1.2 Release Notes, Managing PKS 1.2, PKS personal blog
ReferenceOpenShift CheatSheet, Rancher CheatSheet
ReferenceBosh CheatSheet, Tile CheatSheet, UAA CheatSheet, CheatSheet: VMware Products

https://raw.githubusercontent.com/dennyzhang/cheatsheet-pks-A4/master/pks-highlevel.png

1.2 Key Components

NameSummary
Computing virtualizationLink: VMware vSphere Documentation
NCP: CNI for Vmware NSX-THelp to create pod networks in PKS k8s clusters
CFCR/KuboDeploy/manage fleets of k8s clusters. GitHub: kubo-release, cfcr-etcd-release
Bosh: VM/Cluster lifecycle managementLink: BOSH CHEATSHEET, Github: Bosh
Packaging: tile, ops managerCheatSheet: Cloudfoundry Tile & OpsManager
CSI for persistent volumeGitHub: hatchway

1.3 VMware Product Integrations

NameSummary
wavefrontYouTube: PKS and VMware Wavefront
log insightYouTube: PKS and VMware vRealize Log Insight
vropsYouTube: VMware vRealize Operations
vcd (VMware vCLoud Director)YouTube: VMware vCloud Director Overview

1.4 PKS Scenarios

NameSummary
How to run pks cli commandsrun-pks-cli.md
How to run bosh cli commandsrun-bosh-cli.md
How to run kubectl commandrun-kubectl-in-pks.md
How airgap integration tests are enforcedFor each node, load specific iptable rules
How PKS supports k8s master HAGitHub: kubo-release, GitHub: cfcr-etcd-release
Workflow of how PKS creates a k8s clusterLink: Create a Kubernetes Cluster
Deployment for env without internetEnforce air-gapped integration deployment tests

1.5 What PKS Adds to Kubernetes

NameSummary
Secure multi-tenant ingressNSX-T
Secure container registryVMware Harbor
Rolling upgrades to cluster infrastructureIaaS: bosh VM upgrade
Cluster provisioning and scalingIaaS: VM lifecycle management
Monitoring and recovery of cluster VMs and processesIaaS: VM lifecycle management
Embedded, hardened operating systemLinux release for OS hardening
Log sinkK8S Namespace multi-tenancy

1.6 PKS Challenges

NameSummary
Faster for typical use casesCreate k8s clusters, resize k8s cluster, create pods, etc
Tile & OpsManager is not agileIt slows down everything. The development, testing and deployment.
Extend PKS API layerEasy to add more functionalities for PKS admins
UX of PKS CLIThe usage of pks cli could be more intuitive
Improve PKS control panel HAOnline rolling upgrade for opsmanager, uaa, pks api, etc
Better storage support of PVHA for PV, and support more CSI providers
Cleanup for stale resourcesWhen operations have failed, need to do the cleanup in a safe way
More built-in security supportsPKS supports most common security enhancements, but it doesn’t provides them

1.7 PKS Strengths

NameSummary
Kubernetes FederationMultiple clusters on-demand. Not only one kubernetes cluster for your infra
End-to-end integrationMonitoring and logging works out of box
VM LCM: auto healingVM health check and auto-replacement
Less vendor lock-inVanilla Kubernetes; Any infra; Any OS
Networking with NSX-TAdvanced CNI
Image registry & securityImage sign, audit, replication; vulnerabilities scan

1.8 PKS cli

NameCommand
Check cli versionpks --version
List all pks clusterspks clusters
Create clusterpks create-cluster <cluster-name> -e <subdomain>.pks.local -p "plan 1" -n 1
Delete clusterpks delete-cluster <cluster-name>
Check cluster statuspks cluster cluster1
Get cluster kubectl credentialpks get-credentials <cluster_name>
Set kubectl contextkubectl config use-context <cluster_name>
List all available planspks plans
pks loginpks login -a <api.test.com> -u <username> -p <passwd> -k
pks loginpks login -k --username <username> --password <password> --api <myk8s1.test.com>
Default roles in pks UAApks.clusters.manage, pks.clusters.admin, Link: Manage Users in UAA

1.9 Deployment Diagram

NameSummary
Bosh director vmVM manager
Ops manager vmPackage manager
PKS API server vmSee below
Build-in process in k8s master vmSee below
Build-in process in k8s worker vmSee below

1.10 PKS footprint: in control panel

NameSummary
Get process list in pks 1.2.0ssh to the pks api vm, then sudo monit summary
pks-api
uaa
broker
pks-nsx-t-osb-proxy
mariadb_ctrl
galera-healthcheck
gra-log-purger-executable
cluster_health_logger
telemetry
event-emitter
bosh-dns
bosh-dns-resolvconf
bosh-dns-healthcheck

1.11 PKS footprint: in k8s master vms

NameSummary
Get process list in pks 1.2.0ssh to k8s master vm, then sudo monit summary
kube-apiserver
kube-controller-manager
kube-scheduler
etcd
blackbox
ncp
bosh-dns
bosh-dns-resolvconf
bosh-dns-healthcheck
pks-helpers-bosh-dns-resolvconf

1.12 PKS footprint: in k8s worker vms

NameSummary
Get process list in pks 1.2.0ssh to the k8s worker vm, then sudo monit summary
docker
kubelet
kube-proxy
blackbox
nsx-node-agent
ovs-vswitchdopen vSwitch
ovsdb-servervSwitch database
nsx-kube-proxy
bosh-dns
bosh-dns-resolvconf
bosh-dns-healthcheck
pks-helpers-bosh-dns-resolvconf

1.13 PKS errands & tasks

NameCommand
kubeconfig=Github: kubo-deployment/bin/set_kubeconfig=
apply-specsbosh -d cfcr run-errand apply-specs

1.14 PKS Troubleshooting

NameSummary
Log files in pks vms/var/vcap/sys/log
ReferenceLink: PKS Troubleshoot

1.15 Deployment with NSX-T + NAT

https://raw.githubusercontent.com/dennyzhang/cheatsheet-pks-A4/master/pks-nsxt-nat.png

1.16 Deployment with NSX-T + No-NAT + vswitch

https://raw.githubusercontent.com/dennyzhang/cheatsheet-pks-A4/master/pks-nsxt-no-nat-virtual-switch.png

1.17 Deployment with NSX-T + No-NAT + logical switch

https://raw.githubusercontent.com/dennyzhang/cheatsheet-pks-A4/master/pks-nsxt-no-nat-logical-switch.png

1.18 PKS CLI Online Help

[ec2-user@ip-172-31-33-176 ~]$ pks --help

The Pivotal Container Service (PKS) CLI is used to create, manage, and delete Kubernetes clusters.
To deploy workloads to a Kubernetes cluster created using the PKS CLI, use the Kubernetes CLI, kubectl.

Version: 1.1.1-build.8

Usage:
  pks [command]

Available Commands:
  cluster         View the details of the cluster
  clusters        Show all clusters created with PKS
  create-cluster  Creates a kubernetes cluster, requires cluster name, an external host name, and plan
  delete-cluster  Deletes a kubernetes cluster, requires cluster name
  get-credentials Allows you to connect to a cluster and use kubectl
  help            Help about any command
  login           Log in to PKS
  logout          Log out of PKS
  plans           View the preconfigured plans available
  resize          Increases the number of worker nodes for a cluster

Flags:
  -h, --help      help for pks
      --version   version for pks

Use "pks [command] --help" for more information about a command.

1.19 More Resources

https://docs.pivotal.io/runtimes/pks/1-2/index.html

License: Code is licensed under MIT License.

linkedin github slack