RSInfoMinds

  Context: Used to group the access parameters under an easily recognizable name in a kubeconfig file. Its a connection to particular cluster used by kubectl. Context consist of Cluster Name, Namespace and a user and the configuration (CERTS/KEYS) to access the cluster. The term context applies only to the client side. K8s server side does not recognize the term 'context'. Let me start with creating a namespace called "prod" and create a pod inside it. root@masterk8s:~# kubectl create ns prod namespace/prod created root@masterk8s:~# root@masterk8s:~# kubectl run nginx --image=nginx -n prod pod/nginx created root@masterk8s:~# root@masterk8s:~# kubectl get pods -n prod NAME    READY   STATUS    RESTARTS   AGE nginx   1/1     Running   0          21s root@masterk8s:~# When calling the kubectl get pods -n prod, you're retrieving the list of the pods located under the namespace 'prod'. If...

  In this post we will see how to create a user in kuberenetes. There are 3 building blocks needed for user creation in kubernetes: 1) Private Key. 2) CSR (Certificate Signing Request). 3) Certificate. Lets start by creating all 3 first using openssl command. root@masterk8s:/docker# openssl genrsa -out sam.key 2048 Generating RSA private key, 2048 bit long modulus (2 primes) ................+++++ ..........................+++++ e is 65537 (0x010001) root@masterk8s:/docker# Create a CSR with the private key generated and add the user to the group "developer". We will be creating a namespace called "developer" too. root@masterk8s:/docker# openssl req -new -key sam.key -out sam.csr -subj "/CN=sam/O=developer" Next, We need to sign the CSR with the K8s default CA CRT and KEY file located under /etc/kubernetes/pki root@masterk8s:/docker# openssl x509 -req -in sam.csr \ > -CA /etc/kubernetes/pki/ca.crt -CAkey /etc/kubernetes/pki/ca.key \ > -CAcreateserial ...

  What is a kube API Server? The API server is a component of the Kubernetes control plane that exposes the Kubernetes API. The API server is the front end for the Kubernetes control plane. kube-apiserver is designed to scale horizontally—that is, it scales by deploying more instances.  You can run several instances of kube-apiserver and balance traffic between those instances. root@masterk8s:/# kubectl describe pod -n kube-system kube-apiserver-masterk8s Command:       kube-apiserver       --advertise-address=192.168.163.128       --allow-privileged=true       --authorization-mode=Node,RBAC       --client-ca-file=/etc/kubernetes/pki/ca.crt       --enable-admission-plugins=NodeRestriction       --enable-bootstrap-token-auth=true       --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt       --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client...

Traditionally a Docker container runs a single process when it is launched, for example an Apache daemon or a SSH server daemon. Often though you want to run more than one process in a container.  There are a number of ways you can achieve this ranging from using a simple Bash script as the value of your container’s CMD instruction to installing a process management tool. Supervisor, to manage multiple processes in a container. Using Supervisor allows you to better control, manage, and restart the processes inside the container. Lets say you want to create SSH process running on the docker container. Lets build the image file. 1) Will use ubuntu image. 2) Install SSH and Supervisord. 3) Create folder for SSH and supervisor. 4) Create supervisord.conf and update with SSH startup command. 5) Copy the supervisord.conf to the image. 6) Expose port # 22. 7) Start the supervisord. root@masterk8s:/docker# cat supervisord.conf [supervisord] nodaemon=true [program:sshd] command=/usr/sbin/ss...

  In this post will talk about resource allocation to docker containers. Default behavior of docker container has no capacity limit. Its entitled to use the host available resources. root@masterk8s:~# lscpu | grep -i "CPU(s)" CPU(s):                          2 On-line CPU(s) list:             0,1 NUMA node0 CPU(s):               0,1 root@masterk8s:~# The host has 2 CPU's. I am going to create a container using the image progrium/stress. This is the CPU/Memory stress image simulator. root@masterk8s:~# docker run -d --rm progrium/stress -c 8 -t 20s Above command creates a CPU spike on the container for 20 secs. Since we have not set any limit on the container, It keeps using the host CPU. It has reached the maximum of 197% of CPU ( As the host has 2 CPU's its ~ 200%) Lets create a container to use 1 CPU. Now, You can see the docker container is b...

  1) Introduction to Orchestration. 2) Installation of K8s with docker engine. 3) Overview of dockers and containers. 4) Pods, Deployments, Services, Batches, Cron, Daemon set etc. 5) Horizontal Pod Autoscaling and Metric Server. 6) Replication Sets. 7) Service configuration. 8) Tenants and Contexts. 9) User and Role Management. 10) ETCD. 11) Kubernetes Volumes. 12) Readiness and Liveness Probes. 13) Namespace and Quotas. 14) Pod resource configuration. 15) Pod Tolerations, Priorities. 16) Taint and Draining of nodes. 17) Application Deployment Strategies. 18) Secrets and Config Maps. 19) Network Policies. 20) Init and Sidecar containers. 21) Integration of K8s in CI/CD pipeline* 22) Headless service. 23) Admission Controllers. 24) Secret Encryption. 25) Cron and Batch jobs.  26) Interview Q&A.