Skip to content

Latest commit

 

History

History
219 lines (152 loc) · 3.54 KB

cluster-architecture.md

File metadata and controls

219 lines (152 loc) · 3.54 KB
Raw

Cluster Architecture, Installation & Configuration (25%)

Setup autocomplete for k8s commands

show 

source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc

Use multiple kubeconfig files at the same time

show 

KUBECONFIG=~/.kube/config:~/.kube/kubconfig2

Create a role the will allow users to get, watch, and list pods and container logs

show 

# create a file named role.yml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: default
  name: pod-reader
rules:
- apiGroups: [""]
  resources: ["pods", "pods/log"]
  verbs: ["get", "watch", "list"]

# create the role
kubectl apply -f role.yml

Create a role binding that binds to a role named pod-reader, applies to a user named dev

show 

# create a file named role-binding.yml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: pod-reader
  namespace: default
subjects:
- kind: User
  name: dev
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: Role
  name: pod-reader
  apiGroup: rbac.authorization.k8s.io

Permanently save the namespace for all subsequent kubectl commands in that context.

show 

kubectl config set-context --current --namespace=ggckad-s2

Set a context utilizing a specific username and namespace

show 

kubectl config set-context gce --user=cluster-admin --namespace=foo \
  && kubectl config use-context gce

List services sorted by name

show 

kubectl get services --sort.by=.metadata.name

Get the external IP of all nodes

show 

kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}'

Get the status of the control plane components (cluster health)

show 

# check the livez endpoint
curl -k https://localhost:6443/livez?verbose

# or

kubectl get --raw='/livez?verbose'

# check the readyz endpoint
curl -k https://localhost:6443/readyz?verbose

# or

kubectl get --raw='/readyz?verbose'

# check the healthz endpoint
curl -k https://localhost:6443/healthz?verbose

# or

kubectl get --raw='/healthz?verbose'

Kubernetes API Health Endpoints

List all pods that are in the running state using field selectors

show 

kubectl get po --field-selector status.phase=Running

List all services in the default namespace using field selectors

show 

kubectl get svc --field-selector metadata.namespace=default

List all API resources in your Kubernetes cluster

show 

kubectl api-resources

List the services on your Linux operating system that are associated with Kubernetes

show 

systemctl list-unit-files --type service --all | grep kube

List the status of the kubelet service running on the Kubernetes node

show 

systemctl status kubelet