Core Concepts
All kubernetes components(minikube)
all_k8s_components
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8271f1c15e16 gcr.io/k8s-minikube/kicbase:v0.0.22 "/usr/local/bin/entr…" 18 hours ago Up 18 hours 127.0.0.1:32777->22/tcp, 127.0.0.1:32776->2376/tcp, 127.0.0.1:32775->5000/tcp, 127.0.0.1:32774->8443/tcp, 127.0.0.1:32773->32443/tcp minikube
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
root@minikube:/# netstat -plant | grep -i "LISTEN"
tcp 0 0 127.0.0.1:10257 0.0.0.0:* LISTEN 1867/kube-controlle
tcp 0 0 127.0.0.1:10259 0.0.0.0:* LISTEN 1878/kube-scheduler
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 198/sshd: /usr/sbin
tcp 0 0 127.0.0.11:37989 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:10248 0.0.0.0:* LISTEN 852/kubelet
tcp 0 0 127.0.0.1:36617 0.0.0.0:* LISTEN 852/kubelet
tcp 0 0 192.168.49.2:2379 0.0.0.0:* LISTEN 1708/etcd
tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 1708/etcd
tcp 0 0 192.168.49.2:2380 0.0.0.0:* LISTEN 1708/etcd
tcp 0 0 127.0.0.1:2381 0.0.0.0:* LISTEN 1708/etcd
tcp6 0 0 :::10256 :::* LISTEN 2898/kube-proxy
tcp6 0 0 :::22 :::* LISTEN 198/sshd: /usr/sbin
tcp6 0 0 :::8443 :::* LISTEN 1767/kube-apiserver
tcp6 0 0 :::2376 :::* LISTEN 211/dockerd
tcp6 0 0 :::10249 :::* LISTEN 2898/kube-proxy
tcp6 0 0 :::10250 :::* LISTEN 852/kubelet
root@minikube:/#
Master-Components:
-------------------------------->
root@minikube:/# ps -eaf | grep -i kube-apiserver
root 1767 1689 23 Sep04 ? 00:37:43 kube-apiserver --advertise-address=192.168.49.2 --allow-privileged=true --authorization-mode=Node,RBAC --client-ca-file=/var/lib/minikube/certs/ca.crt --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota --enable-bootstrap-token-auth=true --etcd-cafile=/var/lib/minikube/certs/etcd/ca.crt --etcd-certfile=/var/lib/minikube/certs/apiserver-etcd-client.crt --etcd-keyfile=/var/lib/minikube/certs/apiserver-etcd-client.key --etcd-servers=https://127.0.0.1:2379 --insecure-port=0 --kubelet-client-certificate=/var/lib/minikube/certs/apiserver-kubelet-client.crt --kubelet-client-key=/var/lib/minikube/certs/apiserver-kubelet-client.key --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --proxy-client-cert-file=/var/lib/minikube/certs/front-proxy-client.crt --proxy-client-key-file=/var/lib/minikube/certs/front-proxy-client.key --requestheader-allowed-names=front-proxy-client --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --secure-port=8443 --service-account-issuer=https://kubernetes.default.svc.cluster.local --service-account-key-file=/var/lib/minikube/certs/sa.pub --service-account-signing-key-file=/var/lib/minikube/certs/sa.key --service-cluster-ip-range=10.96.0.0/12 --tls-cert-file=/var/lib/minikube/certs/apiserver.crt --tls-private-key-file=/var/lib/minikube/certs/apiserver.key
root 37814 37775 0 01:12 pts/1 00:00:00 grep --color=auto -i kube-apiserver
root@minikube:/#
root@minikube:/# ps -eaf | grep -i kube-scheduler
root 1878 1810 1 Sep04 ? 00:01:52 kube-scheduler --authentication-kubeconfig=/etc/kubernetes/scheduler.conf --authorization-kubeconfig=/etc/kubernetes/scheduler.conf --bind-address=127.0.0.1 --kubeconfig=/etc/kubernetes/scheduler.conf --leader-elect=false --port=0
root 37924 37775 0 01:13 pts/1 00:00:00 grep --color=auto -i kube-scheduler
root@minikube:/#
root@minikube:/# ps -eaf | grep -i kube-controller-manager
root 1867 1747 9 Sep04 ? 00:15:15 kube-controller-manager --allocate-node-cidrs=true --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf --bind-address=127.0.0.1 --client-ca-file=/var/lib/minikube/certs/ca.crt --cluster-cidr=10.244.0.0/16 --cluster-name=mk --cluster-signing-cert-file=/var/lib/minikube/certs/ca.crt --cluster-signing-key-file=/var/lib/minikube/certs/ca.key --controllers=*,bootstrapsigner,tokencleaner --kubeconfig=/etc/kubernetes/controller-manager.conf --leader-elect=false --port=0 --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt --root-ca-file=/var/lib/minikube/certs/ca.crt --service-account-private-key-file=/var/lib/minikube/certs/sa.key --service-cluster-ip-range=10.96.0.0/12 --use-service-account-credentials=true
root 38052 37775 0 01:13 pts/1 00:00:00 grep --color=auto -i kube-controller-manager
root@minikube:/#
root@minikube:/# ps -eaf | grep -iw "etcd "
root 1708 1651 4 Sep04 ? 00:07:50 etcd --advertise-client-urls=https://192.168.49.2:2379 --cert-file=/var/lib/minikube/certs/etcd/server.crt --client-cert-auth=true --data-dir=/var/lib/minikube/etcd --initial-advertise-peer-urls=https://192.168.49.2:2380 --initial-cluster=minikube=https://192.168.49.2:2380 --key-file=/var/lib/minikube/certs/etcd/server.key --listen-client-urls=https://127.0.0.1:2379,https://192.168.49.2:2379 --listen-metrics-urls=http://127.0.0.1:2381 --listen-peer-urls=https://192.168.49.2:2380 --name=minikube --peer-cert-file=/var/lib/minikube/certs/etcd/peer.crt --peer-client-cert-auth=true --peer-key-file=/var/lib/minikube/certs/etcd/peer.key --peer-trusted-ca-file=/var/lib/minikube/certs/etcd/ca.crt --proxy-refresh-interval=70000 --snapshot-count=10000 --trusted-ca-file=/var/lib/minikube/certs/etcd/ca.crt
root 38208 37775 0 01:14 pts/1 00:00:00 grep --color=auto -iw etcd
root@minikube:/#
Node-Components:
-------------------------------->
root@minikube:/# ps -eaf | grep -i "kubelet "
root 852 1 12 Sep04 ? 00:20:57 /var/lib/minikube/binaries/v1.20.2/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --config=/var/lib/kubelet/config.yaml --container-runtime=docker --hostname-override=minikube --kubeconfig=/etc/kubernetes/kubelet.conf --node-ip=192.168.49.2
root 38499 37775 0 01:15 pts/1 00:00:00 grep --color=auto -i kubelet
root@minikube:/#
root@minikube:/# ps -eaf | grep -i "kube-proxy "
root 2898 2864 0 Sep04 ? 00:00:10 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=minikube
root 38563 37775 0 01:16 pts/1 00:00:00 grep --color=auto -i kube-proxy
root@minikube:/#
etcd
etcd
If you run minikube in your local macbook it emulates a docker as below in your local box.
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8271f1c15e16 gcr.io/k8s-minikube/kicbase:v0.0.22 "/usr/local/bin/entr…" About an hour ago Up About an hour 127.0.0.1:32777->22/tcp, 127.0.0.1:32776->2376/tcp, 127.0.0.1:32775->5000/tcp, 127.0.0.1:32774->8443/tcp, 127.0.0.1:32773->32443/tcp minikube
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ curl localhost:32774
Client sent an HTTP request to an HTTPS server.
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ telnet localhost 2379
Trying ::1...
Connection failed: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ etcdctl put bharath honest_guy
OK
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ etcdctl get bharath
bharath
honest_guy
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl exec -it etcd-kind-control-plane -n kube-system sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
sh-5.0#
etcdctl --endpoints=localhost:2379 get / --prefix --keys-only
bharathdasaraju@MacBook-Pro ~ $ minikube start
😄 minikube v1.20.0 on Darwin 11.2.3
✨ Using the docker driver based on existing profile
👍 Starting control plane node minikube in cluster minikube
🚜 Pulling base image ...
🔄 Restarting existing docker container for "minikube" ...
🐳 Preparing Kubernetes v1.20.2 on Docker 20.10.6 ...-
🔎 Verifying Kubernetes components...
▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🌟 Enabled addons: storage-provisioner, default-storageclass
🏄 Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
bharathdasaraju@MacBook-Pro ~ $
bharathdasaraju@MacBook-Pro ~ $ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
minikube Ready control-plane,master 2m48s v1.20.2 192.168.49.2 <none> Ubuntu 20.04.2 LTS 5.4.39-linuxkit docker://20.10.6
bharathdasaraju@MacBook-Pro ~ $
bharathdasaraju@MacBook-Pro ~ $ kubectl get pod/etcd-minikube -n kube-system -o yaml | grep -i "192"
kubeadm.kubernetes.io/etcd.advertise-client-urls: https://192.168.49.2:2379
k:{"ip":"192.168.49.2"}:
- --advertise-client-urls=https://192.168.49.2:2379
- --initial-advertise-peer-urls=https://192.168.49.2:2380
- --initial-cluster=minikube=https://192.168.49.2:2380
- --listen-client-urls=https://127.0.0.1:2379,https://192.168.49.2:2379
- --listen-peer-urls=https://192.168.49.2:2380
hostIP: 192.168.49.2
podIP: 192.168.49.2
- ip: 192.168.49.2
bharathdasaraju@MacBook-Pro ~ $
bharathdasaraju@MacBook-Pro ~ $ kubectl exec etcd-minikube -n kube-system -- etcdctl --endpoints https://192.168.49.2:2379 --cacert /var/lib/minikube/certs/etcd/ca.crt --cert /var/lib/minikube/certs/etcd/server.crt --key /var/lib/minikube/certs/etcd/server.key get / --prefix --keys-only
/registry/apiregistration.k8s.io/apiservices/v1.
/registry/apiregistration.k8s.io/apiservices/v1.admissionregistration.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.apiextensions.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.apps
/registry/apiregistration.k8s.io/apiservices/v1.authentication.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.authorization.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.autoscaling
/registry/apiregistration.k8s.io/apiservices/v1.batch
/registry/apiregistration.k8s.io/apiservices/v1.certificates.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.coordination.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.events.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.networking.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.node.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.rbac.authorization.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.scheduling.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.storage.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.admissionregistration.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.apiextensions.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.authentication.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.authorization.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.batch
/registry/apiregistration.k8s.io/apiservices/v1beta1.certificates.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.coordination.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.discovery.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.events.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.extensions
/registry/apiregistration.k8s.io/apiservices/v1beta1.flowcontrol.apiserver.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.networking.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.node.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.policy
/registry/apiregistration.k8s.io/apiservices/v1beta1.rbac.authorization.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.scheduling.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.storage.k8s.io
/registry/apiregistration.k8s.io/apiservices/v2beta1.autoscaling
/registry/apiregistration.k8s.io/apiservices/v2beta2.autoscaling
/registry/certificatesigningrequests/csr-scxvm
/registry/clusterrolebindings/cluster-admin
/registry/clusterrolebindings/kubeadm:get-nodes
/registry/clusterrolebindings/kubeadm:kubelet-bootstrap
/registry/clusterrolebindings/kubeadm:node-autoapprove-bootstrap
/registry/clusterrolebindings/kubeadm:node-autoapprove-certificate-rotation
/registry/clusterrolebindings/kubeadm:node-proxier
/registry/clusterrolebindings/minikube-rbac
/registry/clusterrolebindings/storage-provisioner
/registry/clusterrolebindings/system:basic-user
/registry/clusterrolebindings/system:controller:attachdetach-controller
/registry/clusterrolebindings/system:controller:certificate-controller
/registry/clusterrolebindings/system:controller:clusterrole-aggregation-controller
/registry/clusterrolebindings/system:controller:cronjob-controller
/registry/clusterrolebindings/system:controller:daemon-set-controller
/registry/clusterrolebindings/system:controller:deployment-controller
/registry/clusterrolebindings/system:controller:disruption-controller
/registry/clusterrolebindings/system:controller:endpoint-controller
/registry/clusterrolebindings/system:controller:endpointslice-controller
/registry/clusterrolebindings/system:controller:endpointslicemirroring-controller
/registry/clusterrolebindings/system:controller:expand-controller
/registry/clusterrolebindings/system:controller:generic-garbage-collector
/registry/clusterrolebindings/system:controller:horizontal-pod-autoscaler
/registry/clusterrolebindings/system:controller:job-controller
/registry/clusterrolebindings/system:controller:namespace-controller
/registry/clusterrolebindings/system:controller:node-controller
/registry/clusterrolebindings/system:controller:persistent-volume-binder
/registry/clusterrolebindings/system:controller:pod-garbage-collector
/registry/clusterrolebindings/system:controller:pv-protection-controller
/registry/clusterrolebindings/system:controller:pvc-protection-controller
/registry/clusterrolebindings/system:controller:replicaset-controller
/registry/clusterrolebindings/system:controller:replication-controller
/registry/clusterrolebindings/system:controller:resourcequota-controller
/registry/clusterrolebindings/system:controller:root-ca-cert-publisher
/registry/clusterrolebindings/system:controller:route-controller
/registry/clusterrolebindings/system:controller:service-account-controller
/registry/clusterrolebindings/system:controller:service-controller
/registry/clusterrolebindings/system:controller:statefulset-controller
/registry/clusterrolebindings/system:controller:ttl-controller
/registry/clusterrolebindings/system:coredns
/registry/clusterrolebindings/system:discovery
/registry/clusterrolebindings/system:kube-controller-manager
/registry/clusterrolebindings/system:kube-dns
/registry/clusterrolebindings/system:kube-scheduler
/registry/clusterrolebindings/system:monitoring
/registry/clusterrolebindings/system:node
/registry/clusterrolebindings/system:node-proxier
/registry/clusterrolebindings/system:public-info-viewer
/registry/clusterrolebindings/system:service-account-issuer-discovery
/registry/clusterrolebindings/system:volume-scheduler
/registry/clusterroles/admin
/registry/clusterroles/cluster-admin
/registry/clusterroles/edit
/registry/clusterroles/kubeadm:get-nodes
/registry/clusterroles/system:aggregate-to-admin
/registry/clusterroles/system:aggregate-to-edit
/registry/clusterroles/system:aggregate-to-view
/registry/clusterroles/system:auth-delegator
/registry/clusterroles/system:basic-user
/registry/clusterroles/system:certificates.k8s.io:certificatesigningrequests:nodeclient
/registry/clusterroles/system:certificates.k8s.io:certificatesigningrequests:selfnodeclient
/registry/clusterroles/system:certificates.k8s.io:kube-apiserver-client-approver
/registry/clusterroles/system:certificates.k8s.io:kube-apiserver-client-kubelet-approver
/registry/clusterroles/system:certificates.k8s.io:kubelet-serving-approver
/registry/clusterroles/system:certificates.k8s.io:legacy-unknown-approver
/registry/clusterroles/system:controller:attachdetach-controller
/registry/clusterroles/system:controller:certificate-controller
/registry/clusterroles/system:controller:clusterrole-aggregation-controller
/registry/clusterroles/system:controller:cronjob-controller
/registry/clusterroles/system:controller:daemon-set-controller
/registry/clusterroles/system:controller:deployment-controller
/registry/clusterroles/system:controller:disruption-controller
/registry/clusterroles/system:controller:endpoint-controller
/registry/clusterroles/system:controller:endpointslice-controller
/registry/clusterroles/system:controller:endpointslicemirroring-controller
/registry/clusterroles/system:controller:expand-controller
/registry/clusterroles/system:controller:generic-garbage-collector
/registry/clusterroles/system:controller:horizontal-pod-autoscaler
/registry/clusterroles/system:controller:job-controller
/registry/clusterroles/system:controller:namespace-controller
/registry/clusterroles/system:controller:node-controller
/registry/clusterroles/system:controller:persistent-volume-binder
/registry/clusterroles/system:controller:pod-garbage-collector
/registry/clusterroles/system:controller:pv-protection-controller
/registry/clusterroles/system:controller:pvc-protection-controller
/registry/clusterroles/system:controller:replicaset-controller
/registry/clusterroles/system:controller:replication-controller
/registry/clusterroles/system:controller:resourcequota-controller
/registry/clusterroles/system:controller:root-ca-cert-publisher
/registry/clusterroles/system:controller:route-controller
/registry/clusterroles/system:controller:service-account-controller
/registry/clusterroles/system:controller:service-controller
/registry/clusterroles/system:controller:statefulset-controller
/registry/clusterroles/system:controller:ttl-controller
/registry/clusterroles/system:coredns
/registry/clusterroles/system:discovery
/registry/clusterroles/system:heapster
/registry/clusterroles/system:kube-aggregator
/registry/clusterroles/system:kube-controller-manager
/registry/clusterroles/system:kube-dns
/registry/clusterroles/system:kube-scheduler
/registry/clusterroles/system:kubelet-api-admin
/registry/clusterroles/system:monitoring
/registry/clusterroles/system:node
/registry/clusterroles/system:node-bootstrapper
/registry/clusterroles/system:node-problem-detector
/registry/clusterroles/system:node-proxier
/registry/clusterroles/system:persistent-volume-provisioner
/registry/clusterroles/system:public-info-viewer
/registry/clusterroles/system:service-account-issuer-discovery
/registry/clusterroles/system:volume-scheduler
/registry/clusterroles/view
/registry/configmaps/default/kube-root-ca.crt
/registry/configmaps/kube-node-lease/kube-root-ca.crt
/registry/configmaps/kube-public/cluster-info
/registry/configmaps/kube-public/kube-root-ca.crt
/registry/configmaps/kube-system/coredns
/registry/configmaps/kube-system/extension-apiserver-authentication
/registry/configmaps/kube-system/kube-proxy
/registry/configmaps/kube-system/kube-root-ca.crt
/registry/configmaps/kube-system/kubeadm-config
/registry/configmaps/kube-system/kubelet-config-1.20
/registry/controllerrevisions/kube-system/kube-proxy-b89db7f56
/registry/csinodes/minikube
/registry/daemonsets/kube-system/kube-proxy
/registry/deployments/kube-system/coredns
/registry/endpointslices/default/kubernetes
/registry/endpointslices/kube-system/kube-dns-9xfbw
/registry/events/default/minikube.16a18be4b7100538
/registry/events/default/minikube.16a18be4cca0b168
/registry/events/default/minikube.16a18be4cca1a014
/registry/events/default/minikube.16a18be4cca33910
/registry/events/default/minikube.16a18be4e2a57390
/registry/events/default/minikube.16a18be500264638
/registry/events/default/minikube.16a18be70d57d234
/registry/events/default/minikube.16a18be737e5b624
/registry/events/default/minikube.16a18be88fa18450
/registry/events/default/minikube.16a18be88fff0ae4
/registry/events/default/minikube.16a18bff9ae000dc
/registry/events/default/minikube.16a18bffab3fc5d4
/registry/events/default/minikube.16a18bffab4337dc
/registry/events/default/minikube.16a18bffab43eb8c
/registry/events/default/minikube.16a18bffb856d5b4
/registry/events/default/minikube.16a18c0567a6f3f0
/registry/events/default/minikube.16a18c0567c27300
/registry/events/default/minikube.16a18c06e82561c8
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18be742c04514
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18be7da9adc00
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18be87a2ae0f8
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18be88241dd3c
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18be8b317a838
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18c04b11c72f4
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18c0532ad6300
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18c05408d550c
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18c055b65a58c
/registry/events/kube-system/coredns-74ff55c5b-plhmt.16a18c07074c8f18
/registry/events/kube-system/coredns-74ff55c5b.16a18be7464bf318
/registry/events/kube-system/coredns.16a18be73ba3ec7c
/registry/events/kube-system/etcd-minikube.16a18bffc94ead88
/registry/events/kube-system/etcd-minikube.16a18c0003563654
/registry/events/kube-system/etcd-minikube.16a18c001158e878
/registry/events/kube-system/etcd-minikube.16a18c0035eab978
/registry/events/kube-system/k8s.io-minikube-hostpath.16a18be9c719b208
/registry/events/kube-system/k8s.io-minikube-hostpath.16a18c133afda854
/registry/events/kube-system/kube-apiserver-minikube.16a18be7460f1e70
/registry/events/kube-system/kube-apiserver-minikube.16a18bffd59f6e38
/registry/events/kube-system/kube-apiserver-minikube.16a18c000fa728a0
/registry/events/kube-system/kube-apiserver-minikube.16a18c001b1c3b08
/registry/events/kube-system/kube-apiserver-minikube.16a18c0042d614ac
/registry/events/kube-system/kube-apiserver-minikube.16a18c03068ac4e0
/registry/events/kube-system/kube-controller-manager-minikube.16a18bffe406f9f0
/registry/events/kube-system/kube-controller-manager-minikube.16a18c001a9b6758
/registry/events/kube-system/kube-controller-manager-minikube.16a18c0023552348
/registry/events/kube-system/kube-controller-manager-minikube.16a18c0056fe4c4c
/registry/events/kube-system/kube-proxy-w85sf.16a18be76ec9e6b0
/registry/events/kube-system/kube-proxy-w85sf.16a18be7c3afbdf8
/registry/events/kube-system/kube-proxy-w85sf.16a18be7d22c9d74
/registry/events/kube-system/kube-proxy-w85sf.16a18be81a6037cc
/registry/events/kube-system/kube-proxy-w85sf.16a18c04c505a2a4
/registry/events/kube-system/kube-proxy-w85sf.16a18c0510a67940
/registry/events/kube-system/kube-proxy-w85sf.16a18c051bc0eb44
/registry/events/kube-system/kube-proxy-w85sf.16a18c054616dd54
/registry/events/kube-system/kube-proxy.16a18be745ff2498
/registry/events/kube-system/kube-scheduler-minikube.16a18bfff14fcf38
/registry/events/kube-system/kube-scheduler-minikube.16a18c002877e568
/registry/events/kube-system/kube-scheduler-minikube.16a18c002f00620c
/registry/events/kube-system/kube-scheduler-minikube.16a18c005cfa74b8
/registry/events/kube-system/storage-provisioner.16a18be4716e7e74
/registry/events/kube-system/storage-provisioner.16a18be9444edd58
/registry/events/kube-system/storage-provisioner.16a18be983957148
/registry/events/kube-system/storage-provisioner.16a18be98a7f0d34
/registry/events/kube-system/storage-provisioner.16a18be9a3c8f9d0
/registry/events/kube-system/storage-provisioner.16a18c04abb0f9fc
/registry/events/kube-system/storage-provisioner.16a18c04e979be2c
/registry/events/kube-system/storage-provisioner.16a18c04f27351dc
/registry/events/kube-system/storage-provisioner.16a18c052fdd62b0
/registry/events/kube-system/storage-provisioner.16a18c0c68bb6918
/registry/flowschemas/catch-all
/registry/flowschemas/exempt
/registry/flowschemas/global-default
/registry/flowschemas/kube-controller-manager
/registry/flowschemas/kube-scheduler
/registry/flowschemas/kube-system-service-accounts
/registry/flowschemas/service-accounts
/registry/flowschemas/system-leader-election
/registry/flowschemas/system-nodes
/registry/flowschemas/workload-leader-election
/registry/leases/kube-node-lease/minikube
/registry/masterleases/192.168.49.2
/registry/minions/minikube
/registry/namespaces/default
/registry/namespaces/kube-node-lease
/registry/namespaces/kube-public
/registry/namespaces/kube-system
/registry/pods/kube-system/coredns-74ff55c5b-plhmt
/registry/pods/kube-system/etcd-minikube
/registry/pods/kube-system/kube-apiserver-minikube
/registry/pods/kube-system/kube-controller-manager-minikube
/registry/pods/kube-system/kube-proxy-w85sf
/registry/pods/kube-system/kube-scheduler-minikube
/registry/pods/kube-system/storage-provisioner
/registry/priorityclasses/system-cluster-critical
/registry/priorityclasses/system-node-critical
/registry/prioritylevelconfigurations/catch-all
/registry/prioritylevelconfigurations/exempt
/registry/prioritylevelconfigurations/global-default
/registry/prioritylevelconfigurations/leader-election
/registry/prioritylevelconfigurations/system
/registry/prioritylevelconfigurations/workload-high
/registry/prioritylevelconfigurations/workload-low
/registry/ranges/serviceips
/registry/ranges/servicenodeports
/registry/replicasets/kube-system/coredns-74ff55c5b
/registry/rolebindings/kube-public/kubeadm:bootstrap-signer-clusterinfo
/registry/rolebindings/kube-public/system:controller:bootstrap-signer
/registry/rolebindings/kube-system/kube-proxy
/registry/rolebindings/kube-system/kubeadm:kubelet-config-1.20
/registry/rolebindings/kube-system/kubeadm:nodes-kubeadm-config
/registry/rolebindings/kube-system/system::extension-apiserver-authentication-reader
/registry/rolebindings/kube-system/system::leader-locking-kube-controller-manager
/registry/rolebindings/kube-system/system::leader-locking-kube-scheduler
/registry/rolebindings/kube-system/system:controller:bootstrap-signer
/registry/rolebindings/kube-system/system:controller:cloud-provider
/registry/rolebindings/kube-system/system:controller:token-cleaner
/registry/rolebindings/kube-system/system:persistent-volume-provisioner
/registry/roles/kube-public/kubeadm:bootstrap-signer-clusterinfo
/registry/roles/kube-public/system:controller:bootstrap-signer
/registry/roles/kube-system/extension-apiserver-authentication-reader
/registry/roles/kube-system/kube-proxy
/registry/roles/kube-system/kubeadm:kubelet-config-1.20
/registry/roles/kube-system/kubeadm:nodes-kubeadm-config
/registry/roles/kube-system/system::leader-locking-kube-controller-manager
/registry/roles/kube-system/system::leader-locking-kube-scheduler
/registry/roles/kube-system/system:controller:bootstrap-signer
/registry/roles/kube-system/system:controller:cloud-provider
/registry/roles/kube-system/system:controller:token-cleaner
/registry/roles/kube-system/system:persistent-volume-provisioner
/registry/secrets/default/default-token-lxpp9
/registry/secrets/kube-node-lease/default-token-tvrxs
/registry/secrets/kube-public/default-token-49sct
/registry/secrets/kube-system/attachdetach-controller-token-966hx
/registry/secrets/kube-system/bootstrap-signer-token-8l2q5
/registry/secrets/kube-system/bootstrap-token-1eo1in
/registry/secrets/kube-system/certificate-controller-token-4gkjg
/registry/secrets/kube-system/clusterrole-aggregation-controller-token-pm2bh
/registry/secrets/kube-system/coredns-token-t7784
/registry/secrets/kube-system/cronjob-controller-token-5jt7h
/registry/secrets/kube-system/daemon-set-controller-token-pwkrh
/registry/secrets/kube-system/default-token-dfnc4
/registry/secrets/kube-system/deployment-controller-token-9vhsp
/registry/secrets/kube-system/disruption-controller-token-c54kt
/registry/secrets/kube-system/endpoint-controller-token-hm49x
/registry/secrets/kube-system/endpointslice-controller-token-m6wvn
/registry/secrets/kube-system/endpointslicemirroring-controller-token-w6qlt
/registry/secrets/kube-system/expand-controller-token-2x7fc
/registry/secrets/kube-system/generic-garbage-collector-token-mnh22
/registry/secrets/kube-system/horizontal-pod-autoscaler-token-vt2g8
/registry/secrets/kube-system/job-controller-token-54xh4
/registry/secrets/kube-system/kube-proxy-token-qsxdd
/registry/secrets/kube-system/namespace-controller-token-kndll
/registry/secrets/kube-system/node-controller-token-fzn8p
/registry/secrets/kube-system/persistent-volume-binder-token-gmgqp
/registry/secrets/kube-system/pod-garbage-collector-token-pq26q
/registry/secrets/kube-system/pv-protection-controller-token-hzmsl
/registry/secrets/kube-system/pvc-protection-controller-token-wtkk4
/registry/secrets/kube-system/replicaset-controller-token-dncxp
/registry/secrets/kube-system/replication-controller-token-ljk6m
/registry/secrets/kube-system/resourcequota-controller-token-gkchp
/registry/secrets/kube-system/root-ca-cert-publisher-token-km4f2
/registry/secrets/kube-system/service-account-controller-token-mb5qg
/registry/secrets/kube-system/service-controller-token-5glzt
/registry/secrets/kube-system/statefulset-controller-token-s7wqm
/registry/secrets/kube-system/storage-provisioner-token-z7lw7
/registry/secrets/kube-system/token-cleaner-token-7btq6
/registry/secrets/kube-system/ttl-controller-token-vc2wg
/registry/serviceaccounts/default/default
/registry/serviceaccounts/kube-node-lease/default
/registry/serviceaccounts/kube-public/default
/registry/serviceaccounts/kube-system/attachdetach-controller
/registry/serviceaccounts/kube-system/bootstrap-signer
/registry/serviceaccounts/kube-system/certificate-controller
/registry/serviceaccounts/kube-system/clusterrole-aggregation-controller
/registry/serviceaccounts/kube-system/coredns
/registry/serviceaccounts/kube-system/cronjob-controller
/registry/serviceaccounts/kube-system/daemon-set-controller
/registry/serviceaccounts/kube-system/default
/registry/serviceaccounts/kube-system/deployment-controller
/registry/serviceaccounts/kube-system/disruption-controller
/registry/serviceaccounts/kube-system/endpoint-controller
/registry/serviceaccounts/kube-system/endpointslice-controller
/registry/serviceaccounts/kube-system/endpointslicemirroring-controller
/registry/serviceaccounts/kube-system/expand-controller
/registry/serviceaccounts/kube-system/generic-garbage-collector
/registry/serviceaccounts/kube-system/horizontal-pod-autoscaler
/registry/serviceaccounts/kube-system/job-controller
/registry/serviceaccounts/kube-system/kube-proxy
/registry/serviceaccounts/kube-system/namespace-controller
/registry/serviceaccounts/kube-system/node-controller
/registry/serviceaccounts/kube-system/persistent-volume-binder
/registry/serviceaccounts/kube-system/pod-garbage-collector
/registry/serviceaccounts/kube-system/pv-protection-controller
/registry/serviceaccounts/kube-system/pvc-protection-controller
/registry/serviceaccounts/kube-system/replicaset-controller
/registry/serviceaccounts/kube-system/replication-controller
/registry/serviceaccounts/kube-system/resourcequota-controller
/registry/serviceaccounts/kube-system/root-ca-cert-publisher
/registry/serviceaccounts/kube-system/service-account-controller
/registry/serviceaccounts/kube-system/service-controller
/registry/serviceaccounts/kube-system/statefulset-controller
/registry/serviceaccounts/kube-system/storage-provisioner
/registry/serviceaccounts/kube-system/token-cleaner
/registry/serviceaccounts/kube-system/ttl-controller
/registry/services/endpoints/default/kubernetes
/registry/services/endpoints/kube-system/k8s.io-minikube-hostpath
/registry/services/endpoints/kube-system/kube-dns
/registry/services/specs/default/kubernetes
/registry/services/specs/kube-system/kube-dns
/registry/storageclasses/standard
bharathdasaraju@MacBook-Pro ~ $
bharathdasaraju@MacBook-Pro ~ $ kubectl exec etcd-minikube -n kube-system -- sh -c " etcdctl --endpoints https://192.168.49.2:2379 --cacert /var/lib/minikube/certs/etcd/ca.crt --cert /var/lib/minikube/certs/etcd/server.crt --key /var/lib/minikube/certs/etcd/server.key get / --prefix --keys-only --limit=10"
/registry/apiregistration.k8s.io/apiservices/v1.
/registry/apiregistration.k8s.io/apiservices/v1.admissionregistration.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.apiextensions.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.apps
/registry/apiregistration.k8s.io/apiservices/v1.authentication.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.authorization.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.autoscaling
/registry/apiregistration.k8s.io/apiservices/v1.batch
/registry/apiregistration.k8s.io/apiservices/v1.certificates.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.coordination.k8s.io
bharathdasaraju@MacBook-Pro ~ $
bharathdasaraju@MacBook-Pro ~ $ kubectl exec etcd-minikube -n kube-system -- sh -c " etcdctl --endpoints https://192.168.49.2:2379 --cacert /var/lib/minikube/certs/etcd/ca.crt --cert /var/lib/minikube/certs/etcd/server.crt --key /var/lib/minikube/certs/etcd/server.key get / --prefix --keys-only --limit=20"
/registry/apiregistration.k8s.io/apiservices/v1.
/registry/apiregistration.k8s.io/apiservices/v1.admissionregistration.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.apiextensions.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.apps
/registry/apiregistration.k8s.io/apiservices/v1.authentication.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.authorization.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.autoscaling
/registry/apiregistration.k8s.io/apiservices/v1.batch
/registry/apiregistration.k8s.io/apiservices/v1.certificates.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.coordination.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.events.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.networking.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.node.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.rbac.authorization.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.scheduling.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1.storage.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.admissionregistration.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.apiextensions.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.authentication.k8s.io
/registry/apiregistration.k8s.io/apiservices/v1beta1.authorization.k8s.io
bharathdasaraju@MacBook-Pro ~ $
kubeapiserver
apiserver
bharathdasaraju@MacBook-Pro ~ $ kubectl get pod kube-apiserver-minikube -n kube-system -o yaml | grep -i -C36 "command"
spec:
containers:
- command:
- kube-apiserver
- --advertise-address=192.168.49.2
- --allow-privileged=true
- --authorization-mode=Node,RBAC
- --client-ca-file=/var/lib/minikube/certs/ca.crt
- --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota
- --enable-bootstrap-token-auth=true
- --etcd-cafile=/var/lib/minikube/certs/etcd/ca.crt
- --etcd-certfile=/var/lib/minikube/certs/apiserver-etcd-client.crt
- --etcd-keyfile=/var/lib/minikube/certs/apiserver-etcd-client.key
- --etcd-servers=https://127.0.0.1:2379
- --insecure-port=0
- --kubelet-client-certificate=/var/lib/minikube/certs/apiserver-kubelet-client.crt
- --kubelet-client-key=/var/lib/minikube/certs/apiserver-kubelet-client.key
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
- --proxy-client-cert-file=/var/lib/minikube/certs/front-proxy-client.crt
- --proxy-client-key-file=/var/lib/minikube/certs/front-proxy-client.key
- --requestheader-allowed-names=front-proxy-client
- --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt
- --requestheader-extra-headers-prefix=X-Remote-Extra-
- --requestheader-group-headers=X-Remote-Group
- --requestheader-username-headers=X-Remote-User
- --secure-port=8443
- --service-account-issuer=https://kubernetes.default.svc.cluster.local
- --service-account-key-file=/var/lib/minikube/certs/sa.pub
- --service-account-signing-key-file=/var/lib/minikube/certs/sa.key
- --service-cluster-ip-range=10.96.0.0/12
- --tls-cert-file=/var/lib/minikube/certs/apiserver.crt
- --tls-private-key-file=/var/lib/minikube/certs/apiserver.key
image: k8s.gcr.io/kube-apiserver:v1.20.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 8
httpGet:
host: 192.168.49.2
path: /livez
bharathdasaraju@MacBook-Pro ~ $
kubecontrollermanager
kubecontrollermanager
1. Node Controller
2. Replica Controller
3. Deployment Controller
4. Namespace Controller
5. Endpoint Controller
6. Job Controller
7. Service-Account-Controller
8. Stateful-Set
9. PV-Binder-Controller
10. PV-Protection-Controller
...
...
Many more
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl get pod kube-controller-manager-minikube -n kube-system -o yaml | grep -iC45 "kube-controller-manager"
spec:
containers:
- command:
- kube-controller-manager
- --allocate-node-cidrs=true
- --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
- --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf
- --bind-address=127.0.0.1
- --client-ca-file=/var/lib/minikube/certs/ca.crt
- --cluster-cidr=10.244.0.0/16
- --cluster-name=mk
- --cluster-signing-cert-file=/var/lib/minikube/certs/ca.crt
- --cluster-signing-key-file=/var/lib/minikube/certs/ca.key
- --controllers=*,bootstrapsigner,tokencleaner
- --kubeconfig=/etc/kubernetes/controller-manager.conf
- --leader-elect=false
- --port=0
- --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt
- --root-ca-file=/var/lib/minikube/certs/ca.crt
- --service-account-private-key-file=/var/lib/minikube/certs/sa.key
- --service-cluster-ip-range=10.96.0.0/12
- --use-service-account-credentials=true
--
- --allocate-node-cidrs=true
- --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
- --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf
- --bind-address=127.0.0.1
- --client-ca-file=/var/lib/minikube/certs/ca.crt
- --cluster-cidr=10.244.0.0/16
- --cluster-name=mk
- --cluster-signing-cert-file=/var/lib/minikube/certs/ca.crt
- --cluster-signing-key-file=/var/lib/minikube/certs/ca.key
- --controllers=*,bootstrapsigner,tokencleaner
- --kubeconfig=/etc/kubernetes/controller-manager.conf
- --leader-elect=false
- --port=0
- --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt
- --root-ca-file=/var/lib/minikube/certs/ca.crt
- --service-account-private-key-file=/var/lib/minikube/certs/sa.key
- --service-cluster-ip-range=10.96.0.0/12
- --use-service-account-credentials=true
image: k8s.gcr.io/kube-controller-manager:v1.20.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 8
httpGet:
host: 127.0.0.1
path: /healthz
port: 10257
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 15
kubescheduler
kubescheduler
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl get all --all-namespaces | grep -i "scheduler"
kube-system pod/kube-scheduler-minikube 1/1 Running 1 92m
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
uid: 1487f521-591a-4fa5-829a-9554400a9992
spec:
containers:
- command:
- kube-scheduler
- --authentication-kubeconfig=/etc/kubernetes/scheduler.conf
- --authorization-kubeconfig=/etc/kubernetes/scheduler.conf
- --bind-address=127.0.0.1
- --kubeconfig=/etc/kubernetes/scheduler.conf
- --leader-elect=false
- --port=0
--
- --authentication-kubeconfig=/etc/kubernetes/scheduler.conf
- --authorization-kubeconfig=/etc/kubernetes/scheduler.conf
- --bind-address=127.0.0.1
- --kubeconfig=/etc/kubernetes/scheduler.conf
- --leader-elect=false
- --port=0
image: k8s.gcr.io/kube-scheduler:v1.20.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 8
httpGet:
host: 127.0.0.1
path: /healthz
port: 10259
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 15
kubelet
kubelet
Kubelet registers the nodes with the cluster.
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8271f1c15e16 gcr.io/k8s-minikube/kicbase:v0.0.22 "/usr/local/bin/entr…" 2 hours ago Up 2 hours 127.0.0.1:32777->22/tcp, 127.0.0.1:32776->2376/tcp, 127.0.0.1:32775->5000/tcp, 127.0.0.1:32774->8443/tcp, 127.0.0.1:32773->32443/tcp minikube
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ docker exec -it 8271f1c15e16 bash
root@minikube:/#
root@minikube:/# ps auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.5 21948 11316 ? Ss 06:54 0:01 /sbin/init
root 176 0.0 0.4 26944 8828 ? S<s 06:54 0:00 /lib/systemd/systemd-journald
message+ 188 0.0 0.1 7004 3744 ? Ss 06:54 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
root 191 0.3 2.4 899352 49904 ? Ssl 06:54 0:22 /usr/bin/containerd
root 198 0.0 0.3 12176 7272 ? Ss 06:54 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root 211 3.4 5.2 1332080 106076 ? Ssl 06:54 3:23 /usr/bin/dockerd -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --default-ulimit=nofile=1048576:1048576 --tlsverify --tlscacert /etc/docker/ca.pem --tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem --label provider=docker --insecure-registry 10.96.0.0/12
root 852 13.0 5.1 1853424 103888 ? Ssl 06:54 12:40 /var/lib/minikube/binaries/v1.20.2/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --config=/var/lib/kubelet/config.yaml --container-runtime=docker --hostname-override=minikube --kubeconfig=/etc/kubernetes/kubelet.conf --node-ip=192.168.49.2
root 1380 0.0 0.3 113116 7376 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 0521ed07a4bc29e48c4ae345375861a9c7ce679cc00a3a6aaec2de20a55c5ac1 -address /run/containerd/containerd.sock
root 1413 0.0 0.3 111708 8032 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id be68ef7cc6eadc76b69492d4a5b5d737b20071358843a2547ecadd60091c0c44 -address /run/containerd/containerd.sock
root 1459 0.0 0.0 964 4 ? Ss 06:54 0:00 /pause
root 1484 0.0 0.3 113372 8008 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 76c11b9d89f8c80fe78fba4e4765874f29918bb167eab657e318df429799871c -address /run/containerd/containerd.sock
root 1492 0.0 0.0 964 4 ? Ss 06:54 0:00 /pause
root 1553 0.0 0.0 964 4 ? Ss 06:54 0:00 /pause
root 1573 0.0 0.4 113116 8152 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 2670ae8640aed0b9856a3a4d3c7d3dc5077da3db73807378ad2ddc948607e6c7 -address /run/containerd/containerd.sock
root 1614 0.0 0.0 964 4 ? Ss 06:54 0:00 /pause
root 1651 0.0 0.4 113372 8256 ? Sl 06:54 0:01 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 43d8dfc0dbd698df1be1f870147100cd66932cd15595ebdebf44d94863818a27 -address /run/containerd/containerd.sock
root 1689 0.0 0.3 113372 8128 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 66439383eeb9ffb1f38dbea9b75d618988f48e0e98dca7bbc65e0484599a372b -address /run/containerd/containerd.sock
root 1708 4.9 2.6 10612468 54272 ? Ssl 06:54 4:46 etcd --advertise-client-urls=https://192.168.49.2:2379 --cert-file=/var/lib/minikube/certs/etcd/server.crt --client-cert-auth=true --data-dir=/var/lib/minikube/etcd --initial-advertise-peer-urls=https://192.168.49.2:2380 --initial-cluster=minikube=https://192.168.49.2:2380 --key-file=/var/lib/minikube/certs/etcd/server.key --listen-client-urls=https://127.0.0.1:2379,https://192.168.49.2:2379 --listen-metrics-urls=http://127.0.0.1:2381 --listen-peer-urls=https://192.168.49.2:2380 --name=minikube --peer-cert-file=/var/lib/minikube/certs/etcd/peer.crt --peer-client-cert-auth=true --peer-key-file=/var/lib/minikube/certs/etcd/peer.key --peer-trusted-ca-file=/var/lib/minikube/certs/etcd/ca.crt --proxy-refresh-interval=70000 --snapshot-count=10000 --trusted-ca-file=/var/lib/minikube/certs/etcd/ca.crt
root 1747 0.0 0.3 113372 6828 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 230087c66fbdab6719efad402a52e2075dee9ac456272b3ee30fbe5fc43c8702 -address /run/containerd/containerd.sock
root 1767 24.0 17.4 1097736 355104 ? Ssl 06:54 23:11 kube-apiserver --advertise-address=192.168.49.2 --allow-privileged=true --authorization-mode=Node,RBAC --client-ca-file=/var/lib/minikube/certs/ca.crt --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota --enable-bootstrap-token-auth=true --etcd-cafile=/var/lib/minikube/certs/etcd/ca.crt --etcd-certfile=/var/lib/minikube/certs/apiserver-etcd-client.crt --etcd-keyfile=/var/lib/minikube/certs/apiserver-etcd-client.key --etcd-servers=https://127.0.0.1:2379 --insecure-port=0 --kubelet-client-certificate=/var/lib/minikube/certs/apiserver-kubelet-client.crt --kubelet-client-key=/var/lib/minikube/certs/apiserver-kubelet-client.key --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --proxy-client-cert-file=/var/lib/minikube/certs/front-proxy-client.crt --proxy-client-key-file=/var/lib/minikube/certs/front-proxy-client.key --requestheader-allowed-names=front-proxy-client --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --secure-port=8443 --service-account-issuer=https://kubernetes.default.svc.cluster.local --service-account-key-file=/var/lib/minikube/certs/sa.pub --service-account-signing-key-file=/var/lib/minikube/certs/sa.key --service-cluster-ip-range=10.96.0.0/12 --tls-cert-file=/var/lib/minikube/certs/apiserver.crt --tls-private-key-file=/var/lib/minikube/certs/apiserver.key
root 1810 0.0 0.3 113116 7388 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id e5f22d817beb70df847ac8e47e768c042ee04c1ada7f81b4a7b9fce1660f9a7f -address /run/containerd/containerd.sock
root 1867 9.4 4.8 816008 99624 ? Ssl 06:54 9:06 kube-controller-manager --allocate-node-cidrs=true --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf --bind-address=127.0.0.1 --client-ca-file=/var/lib/minikube/certs/ca.crt --cluster-cidr=10.244.0.0/16 --cluster-name=mk --cluster-signing-cert-file=/var/lib/minikube/certs/ca.crt --cluster-signing-key-file=/var/lib/minikube/certs/ca.key --controllers=*,bootstrapsigner,tokencleaner --kubeconfig=/etc/kubernetes/controller-manager.conf --leader-elect=false --port=0 --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt --root-ca-file=/var/lib/minikube/certs/ca.crt --service-account-private-key-file=/var/lib/minikube/certs/sa.key --service-cluster-ip-range=10.96.0.0/12 --use-service-account-credentials=true
root 1878 1.1 2.2 747360 44964 ? Ssl 06:54 1:05 kube-scheduler --authentication-kubeconfig=/etc/kubernetes/scheduler.conf --authorization-kubeconfig=/etc/kubernetes/scheduler.conf --bind-address=127.0.0.1 --kubeconfig=/etc/kubernetes/scheduler.conf --leader-elect=false --port=0
root 2614 0.0 0.3 113116 7864 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id f4dab4962dd953931d4ee6c39b835fb6b014882f7e3128f793dfc3a81ca1f899 -address /run/containerd/containerd.sock
root 2653 0.0 0.0 964 4 ? Ss 06:54 0:00 /pause
root 2662 0.0 0.3 111964 7488 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id c18a9a7f27a07285f9f1ca38df8ee428d9f3ce8747a638cd8eee17626c58a776 -address /run/containerd/containerd.sock
root 2708 0.0 0.0 964 4 ? Ss 06:54 0:00 /pause
root 2732 0.0 0.3 111964 7356 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 80230fe0322349551ca479677fea64e102dc769de6511b191c3fc63c859b7455 -address /run/containerd/containerd.sock
root 2782 0.0 0.0 964 4 ? Ss 06:54 0:00 /pause
root 2864 0.0 0.3 111964 7708 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id cac6c4b8c7040c21b69516d63773ff715c640eaac6f8549fe2d1d1e7c3c1fdaa -address /run/containerd/containerd.sock
root 2898 0.1 1.7 743816 36288 ? Ssl 06:54 0:06 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=minikube
root 2948 0.0 0.3 111964 6636 ? Sl 06:54 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 839eb66914e336f14cef61800a3b20a9695e161610a9529cc4af79b53cdd4dab -address /run/containerd/containerd.sock
root 2968 1.5 1.8 747400 37672 ? Ssl 06:54 1:29 /coredns -conf /etc/coredns/Corefile
root 3346 0.0 0.3 113372 7148 ? Sl 06:55 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 5b619918b8205f537c6cadcb4a14ad6fcd35c7c5f670f0e3ccc47a9ddece5c00 -address /run/containerd/containerd.sock
root 3368 0.7 1.4 735720 29168 ? Ssl 06:55 0:44 /storage-provisioner
root 23642 0.3 0.1 4244 3528 pts/1 Ss 08:30 0:00 bash
root 23657 0.0 0.1 5896 2912 pts/1 R+ 08:31 0:00 ps auxwww
root@minikube:/# cat /etc/*release*
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.2 LTS"
NAME="Ubuntu"
VERSION="20.04.2 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.2 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
root@minikube:/#
root@minikube:/# ps auxwww | grep -i kubeler
root 23935 0.0 0.0 3304 720 pts/1 R+ 08:32 0:00 grep --color=auto -i kubeler
root@minikube:/# ps auxwww | grep -i kubelet
root 852 13.0 5.1 1853424 103888 ? Ssl 06:54 12:48 /var/lib/minikube/binaries/v1.20.2/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --config=/var/lib/kubelet/config.yaml --container-runtime=docker --hostname-override=minikube --kubeconfig=/etc/kubernetes/kubelet.conf --node-ip=192.168.49.2
root 1767 23.9 17.4 1097736 355104 ? Ssl 06:54 23:28 kube-apiserver --advertise-address=192.168.49.2 --allow-privileged=true --authorization-mode=Node,RBAC --client-ca-file=/var/lib/minikube/certs/ca.crt --enable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota --enable-bootstrap-token-auth=true --etcd-cafile=/var/lib/minikube/certs/etcd/ca.crt --etcd-certfile=/var/lib/minikube/certs/apiserver-etcd-client.crt --etcd-keyfile=/var/lib/minikube/certs/apiserver-etcd-client.key --etcd-servers=https://127.0.0.1:2379 --insecure-port=0 --kubelet-client-certificate=/var/lib/minikube/certs/apiserver-kubelet-client.crt --kubelet-client-key=/var/lib/minikube/certs/apiserver-kubelet-client.key --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --proxy-client-cert-file=/var/lib/minikube/certs/front-proxy-client.crt --proxy-client-key-file=/var/lib/minikube/certs/front-proxy-client.key --requestheader-allowed-names=front-proxy-client --requestheader-client-ca-file=/var/lib/minikube/certs/front-proxy-ca.crt --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --secure-port=8443 --service-account-issuer=https://kubernetes.default.svc.cluster.local --service-account-key-file=/var/lib/minikube/certs/sa.pub --service-account-signing-key-file=/var/lib/minikube/certs/sa.key --service-cluster-ip-range=10.96.0.0/12 --tls-cert-file=/var/lib/minikube/certs/apiserver.crt --tls-private-key-file=/var/lib/minikube/certs/apiserver.key
root 23937 0.0 0.0 3436 736 pts/1 S+ 08:32 0:00 grep --color=auto -i kubelet
root@minikube:/# cat /var/lib/kubelet/config.yaml
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
enabled: true
x509:
clientCAFile: /var/lib/minikube/certs/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cgroupDriver: cgroupfs
clusterDNS:
- 10.96.0.10
clusterDomain: cluster.local
cpuManagerReconcilePeriod: 0s
evictionHard:
imagefs.available: 0%
nodefs.available: 0%
nodefs.inodesFree: 0%
evictionPressureTransitionPeriod: 0s
failSwapOn: false
fileCheckFrequency: 0s
healthzBindAddress: 127.0.0.1
healthzPort: 10248
httpCheckFrequency: 0s
imageGCHighThresholdPercent: 100
imageMinimumGCAge: 0s
kind: KubeletConfiguration
logging: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
rotateCertificates: true
runtimeRequestTimeout: 0s
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
volumeStatsAggPeriod: 0s
root@minikube:/#
kubeproxy
kubeproxy
by default with in a kubernetes cluster every pod can reach every other pod. This is achieved by kube-proxy
Its pod-network :) kube-proxy creates iptables rules to foward request from web application to database application.
but the service can not join the pod-network.
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl get all --all-namespaces | grep -i "kube-proxy"
kube-system pod/kube-proxy-w85sf 1/1 Running 1 109m
kube-system daemonset.apps/kube-proxy 1 1 1 1 1 kubernetes.io/os=linux 109m
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl get ds kube-proxy -n kube-system -o yaml | grep -iC25 "kube-proxy"
spec:
containers:
- command:
- /usr/local/bin/kube-proxy
- --config=/var/lib/kube-proxy/config.conf
- --hostname-override=$(NODE_NAME)
env:
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
pods
pods
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
minikube Ready control-plane,master 117m v1.20.2 192.168.49.2 <none> Ubuntu 20.04.2 LTS 5.4.39-linuxkit docker://20.10.6
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system coredns-74ff55c5b-plhmt 1/1 Running 1 119m 172.17.0.2 minikube <none> <none>
kube-system etcd-minikube 1/1 Running 1 119m 192.168.49.2 minikube <none> <none>
kube-system kube-apiserver-minikube 1/1 Running 1 119m 192.168.49.2 minikube <none> <none>
kube-system kube-controller-manager-minikube 1/1 Running 1 119m 192.168.49.2 minikube <none> <none>
kube-system kube-proxy-w85sf 1/1 Running 1 119m 192.168.49.2 minikube <none> <none>
kube-system kube-scheduler-minikube 1/1 Running 1 119m 192.168.49.2 minikube <none> <none>
kube-system storage-provisioner 1/1 Running 2 119m 192.168.49.2 minikube <none> <none>
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl get svc --all-namespaces -o wide
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 121m <none>
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 121m k8s-app=kube-dns
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
harathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl run nginx --image=nginx
pod/nginx created
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl get pods -n default
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 63s
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl describe pod nginx -n default
Name: nginx
Namespace: default
Priority: 0
Node: minikube/192.168.49.2
Start Time: Sun, 05 Sep 2021 09:01:56 +0800
Labels: run=nginx
Annotations: <none>
Status: Running
IP: 172.17.0.3
IPs:
IP: 172.17.0.3
Containers:
nginx:
Container ID: docker://29f805ef6ace3d5283594cd85b7d261739550297e18dcf68819b4a364e37bb23
Image: nginx
Image ID: docker-pullable://nginx@sha256:a05b0cdd4fc1be3b224ba9662ebdf98fe44c09c0c9215b45f84344c12867002e
Port: <none>
Host Port: <none>
State: Running
Started: Sun, 05 Sep 2021 09:02:25 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-lxpp9 (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-lxpp9:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-lxpp9
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 8m13s default-scheduler Successfully assigned default/nginx to minikube
Normal Pulling 8m12s kubelet Pulling image "nginx"
Normal Pulled 7m46s kubelet Successfully pulled image "nginx" in 27.0053815s
Normal Created 7m45s kubelet Created container nginx
Normal Started 7m45s kubelet Started container nginx
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl run bknginx --image=nginx --dry-run=client
pod/bknginx created (dry run)
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl run nginx --image=nginx --dry-run=client -o yaml > pods_recap.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl apply -f pods_recap.yaml
pod/nginx created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 0/1 ContainerCreating 0 15s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 0/1 ContainerCreating 0 17s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 25s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
podslabs
podslabs
root@controlplane:~# kubectl run nginx --image=nginx
pod/nginx created
root@controlplane:~#
root@controlplane:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
newpods-54kvg 1/1 Running 0 2m3s
newpods-bmpxk 1/1 Running 0 2m3s
newpods-w66pw 1/1 Running 0 2m3s
nginx 1/1 Running 0 2m38s
root@controlplane:~#
root@controlplane:~# kubectl run redis --image=redis123
pod/redis created
root@controlplane:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
newpods-54kvg 1/1 Running 0 9m34s
newpods-bmpxk 1/1 Running 0 9m34s
newpods-w66pw 1/1 Running 0 9m34s
nginx 1/1 Running 0 10m
redis 0/1 ImagePullBackOff 0 6s
root@controlplane:~#
root@controlplane:~# kubectl run redis --image=redis
Error from server (AlreadyExists): pods "redis" already exists
# Edit pod definition file and update the image
root@controlplane:~# kubectl edit pod redis
pod/redis edited
root@controlplane:~#
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ kubectl run redis --image=redis123 --dry-run=client -o yaml > Four_September_2021_CKA_Recap/sample_pod.yaml
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
---------------------------------------------------------------------------
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: redis
name: redis
spec:
containers:
- image: redis123
name: redis
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
---------------------------------------------------------------------------
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl apply -f sample_pod.yaml
pod/redis created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl describe pod redis | grep -iA20 Events
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 86s default-scheduler Successfully assigned default/redis to minikube
Normal Pulling 28s (x3 over 86s) kubelet Pulling image "redis123"
Warning Failed 20s (x3 over 79s) kubelet Failed to pull image "redis123": rpc error: code = Unknown desc = Error response from daemon: pull access denied for redis123, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
Warning Failed 20s (x3 over 79s) kubelet Error: ErrImagePull
Normal BackOff 9s (x3 over 79s) kubelet Back-off pulling image "redis123"
Warning Failed 9s (x3 over 79s) kubelet Error: ImagePullBackOff
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl apply -f sample_pod.yaml
pod/redis configured
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 7h44m
redis 1/1 Running 0 2m41s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl describe pod redis | grep -iA10 Events
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 2m56s default-scheduler Successfully assigned default/redis to minikube
Normal BackOff 74s (x5 over 2m48s) kubelet Back-off pulling image "redis123"
Warning Failed 74s (x5 over 2m48s) kubelet Error: ImagePullBackOff
Normal Pulling 60s (x4 over 2m55s) kubelet Pulling image "redis123"
Warning Failed 53s (x4 over 2m48s) kubelet Failed to pull image "redis123": rpc error: code = Unknown desc = Error response from daemon: pull access denied for redis123, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
Warning Failed 53s (x4 over 2m48s) kubelet Error: ErrImagePull
Normal Pulling 45s kubelet Pulling image "redis"
Normal Pulled 25s kubelet Successfully pulled image "redis" in 20.0685611s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl edit pod redis
Edit cancelled, no changes made.
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl delete pod redis nginx
pod "redis" deleted
pod "nginx" deleted
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl run nginx --image=nginx1818 --dry-run=client -o yaml > sample_pod_nginx.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl apply -f sample_pod_nginx.yaml
pod/nginx created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master)
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl describe pod nginx | grep -iA20 "Events"
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 60s default-scheduler Successfully assigned default/nginx to minikube
Normal BackOff 21s (x2 over 51s) kubelet Back-off pulling image "nginx1818"
Warning Failed 21s (x2 over 51s) kubelet Error: ImagePullBackOff
Normal Pulling 9s (x3 over 59s) kubelet Pulling image "nginx1818"
Warning Failed 1s (x3 over 51s) kubelet Failed to pull image "nginx1818": rpc error: code = Unknown desc = Error response from daemon: pull access denied for nginx1818, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
Warning Failed 1s (x3 over 51s) kubelet Error: ErrImagePull
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl edit pod nginx
pod/nginx edited
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl delete pod nginx
pod "nginx" deleted
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl run redis --image=redis1234 --dry-run=client -o yaml > sample_pod_redis.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl apply -f sample_pod_redis.yaml
pod/redis created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl describe pod redis | grep -iA25 "Events"
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 5s default-scheduler Successfully assigned default/redis to minikube
Normal Pulling 5s kubelet Pulling image "redis1234"
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl describe pod redis | grep -iA25 "Events"
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 9s default-scheduler Successfully assigned default/redis to minikube
Normal Pulling 8s kubelet Pulling image "redis1234"
Warning Failed 1s kubelet Failed to pull image "redis1234": rpc error: code = Unknown desc = Error response from daemon: pull access denied for redis1234, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
Warning Failed 1s kubelet Error: ErrImagePull
Normal BackOff 1s kubelet Back-off pulling image "redis1234"
Warning Failed 1s kubelet Error: ImagePullBackOff
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl edit pod redis
pod/redis edited
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl apply -f sample_pod_redis.yaml
pod/redis configured
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
redis 1/1 Running 1 2m54s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
replicationcontroller
replicationcontroller
multiple instances of pods
loadbalancing and pods
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f rc-definition.yaml
replicationcontroller/bkapp-rc created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkapp-rc-8l5p4 0/1 ContainerCreating 0 10s
bkapp-rc-ksd2j 1/1 Running 0 11s
bkapp-rc-zlxcw 0/1 ContainerCreating 0 11s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkapp-rc-8l5p4 1/1 Running 0 18s
bkapp-rc-ksd2j 1/1 Running 0 19s
bkapp-rc-zlxcw 0/1 ContainerCreating 0 19s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkapp-rc-8l5p4 1/1 Running 0 26s
bkapp-rc-ksd2j 1/1 Running 0 27s
bkapp-rc-zlxcw 1/1 Running 0 27s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get all -n default
NAME READY STATUS RESTARTS AGE
pod/bkapp-rc-8l5p4 1/1 Running 0 65s
pod/bkapp-rc-ksd2j 1/1 Running 0 66s
pod/bkapp-rc-zlxcw 1/1 Running 0 66s
NAME DESIRED CURRENT READY AGE
replicationcontroller/bkapp-rc 3 3 3 66s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 26h
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get replicationcontroller
NAME DESIRED CURRENT READY AGE
bkapp-rc 3 3 3 100s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get rc
NAME DESIRED CURRENT READY AGE
bkapp-rc 3 3 3 105s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkapp-rc-8l5p4 1/1 Running 0 6m13s
bkapp-rc-ksd2j 1/1 Running 0 6m14s
bkapp-rc-zlxcw 1/1 Running 0 6m14s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
replicaset
replicaset
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl api-resources | grep -i replica
replicationcontrollers rc true ReplicationController
replicasets rs apps true ReplicaSet
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl api-versions | grep -i apps
apps/v1
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
the difference between replication controller and replicaset is...for ReplicaSet we need specify the selector definition in manifest file.
selector:
matchLabels:
type: front-end
replicaset.apps/bkapp-replicaset created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get rs
NAME DESIRED CURRENT READY AGE
bkapp-replicaset 3 3 1 9s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get rs
NAME DESIRED CURRENT READY AGE
bkapp-replicaset 3 3 2 15s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get rs
NAME DESIRED CURRENT READY AGE
bkapp-replicaset 3 3 3 20s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkapp-rc-8l5p4 1/1 Running 0 19m
bkapp-rc-ksd2j 1/1 Running 0 19m
bkapp-rc-zlxcw 1/1 Running 0 19m
bkapp-replicaset-5hnxx 1/1 Running 0 33s
bkapp-replicaset-hbtkt 1/1 Running 0 33s
bkapp-replicaset-zkcdg 1/1 Running 0 33s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get all -n default
NAME READY STATUS RESTARTS AGE
pod/bkapp-rc-8l5p4 1/1 Running 0 19m
pod/bkapp-rc-ksd2j 1/1 Running 0 19m
pod/bkapp-rc-zlxcw 1/1 Running 0 19m
pod/bkapp-replicaset-5hnxx 1/1 Running 0 53s
pod/bkapp-replicaset-hbtkt 1/1 Running 0 53s
pod/bkapp-replicaset-zkcdg 1/1 Running 0 53s
NAME DESIRED CURRENT READY AGE
replicationcontroller/bkapp-rc 3 3 3 19m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 27h
NAME DESIRED CURRENT READY AGE
replicaset.apps/bkapp-replicaset 3 3 3 53s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
Number of ways to scale the replicas:
---------------------------------------------------->
1. Update replicaset-definition.yaml as replicas: 4 and run below -->
1. kubectl replace -f replicaset-definition.yaml
2. kubectl scale --replicas=5 -f replicaset-definition.yaml
3. kubectl scale --replicas=6 replicaset bkapp-replicaset
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl replace -f replicaset-definition.yaml
replicaset.apps/bkapp-replicaset replaced
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkapp-replicaset-5hnxx 1/1 Running 0 157m
bkapp-replicaset-bghvv 1/1 Running 0 20s
bkapp-replicaset-hbtkt 1/1 Running 0 157m
bkapp-replicaset-zkcdg 1/1 Running 0 157m
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl scale --replicas=5 -f replicaset-definition.yaml
replicaset.apps/bkapp-replicaset scaled
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl edit rs bkapp-replicaset
Edit cancelled, no changes made.
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkapp-replicaset-5hnxx 1/1 Running 0 160m
bkapp-replicaset-bghvv 1/1 Running 0 3m26s
bkapp-replicaset-hbtkt 1/1 Running 0 160m
bkapp-replicaset-nfhwp 1/1 Running 0 58s
bkapp-replicaset-zkcdg 1/1 Running 0 160m
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl scale --replicas=6 replicaset bkapp-replicaset
replicaset.apps/bkapp-replicaset scaled
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkapp-replicaset-5hnxx 1/1 Running 0 167m
bkapp-replicaset-7pq6p 1/1 Running 0 6m31s
bkapp-replicaset-bghvv 1/1 Running 0 10m
bkapp-replicaset-hbtkt 1/1 Running 0 167m
bkapp-replicaset-nfhwp 1/1 Running 0 8m
bkapp-replicaset-zkcdg 1/1 Running 0 167m
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f replicaset_recap.yaml
replicaset.apps/nginx-rs created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx 1/1 Running 0 7m13s
pod/nginx-rs-fxjkk 1/1 Running 0 34s
pod/nginx-rs-mkkqc 1/1 Running 0 34s
pod/nginx-rs-tfnjq 1/1 Running 0 34s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6d17h
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-rs 3 3 3 34s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
replicasetlabs
replicasetlabs
root@controlplane:~# kubectl get rs -n default
NAME DESIRED CURRENT READY AGE
new-replica-set 4 4 0 17s
root@controlplane:~#
root@controlplane:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
new-replica-set-cz24w 0/1 ImagePullBackOff 0 56s
new-replica-set-dd8qv 0/1 ImagePullBackOff 0 56s
new-replica-set-nhq2b 0/1 ImagePullBackOff 0 56s
new-replica-set-w7qqj 0/1 ImagePullBackOff 0 56s
root@controlplane:~# kubectl describe pod new-replica-set-cz24w -n default
Name: new-replica-set-cz24w
Namespace: default
Priority: 0
Node: controlplane/10.42.79.3
Start Time: Sun, 05 Sep 2021 20:58:58 +0000
Labels: name=busybox-pod
Annotations: <none>
Status: Pending
IP: 10.244.0.4
IPs:
IP: 10.244.0.4
Controlled By: ReplicaSet/new-replica-set
Containers:
busybox-container:
Container ID:
Image: busybox777
Image ID:
Port: <none>
Host Port: <none>
Command:
sh
-c
echo Hello Kubernetes! && sleep 3600
State: Waiting
Reason: ImagePullBackOff
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-k65w6 (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
default-token-k65w6:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-k65w6
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 86s default-scheduler Successfully assigned default/new-replica-set-cz24w to controlplane
Normal Pulling 36s (x3 over 81s) kubelet Pulling image "busybox777"
Warning Failed 35s (x3 over 79s) kubelet Failed to pull image "busybox777": rpc error: code = Unknown desc = Error response from daemon: pull access denied for busybox777, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
Warning Failed 35s (x3 over 79s) kubelet Error: ErrImagePull
Normal BackOff 13s (x5 over 79s) kubelet Back-off pulling image "busybox777"
Warning Failed 13s (x5 over 79s) kubelet Error: ImagePullBackOff
root@controlplane:~#
root@controlplane:~# kubectl delete pod new-replica-set-cz24w -n default
pod "new-replica-set-cz24w" deleted
root@controlplane:~#
root@controlplane:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
new-replica-set-dd8qv 0/1 ImagePullBackOff 0 4m33s
new-replica-set-nhq2b 0/1 ImagePullBackOff 0 4m33s
new-replica-set-vflzg 0/1 ImagePullBackOff 0 83s
new-replica-set-w7qqj 0/1 ImagePullBackOff 0 4m33s
root@controlplane:~#
NAME DESIRED CURRENT READY AGE
new-replica-set 4 4 0 16m
replicaset-1 2 2 2 6m20s
replicaset-2 2 2 2 51s
root@controlplane:~#
root@controlplane:~# kubectl edit rs new-replica-set -n default
replicaset.apps/new-replica-set edited
root@controlplane:~#
root@controlplane:~# kubectl delete pod new-replica-set-dd8qv new-replica-set-nhq2b new-replica-set-vflzg new-replica-set-w7qqj
pod "new-replica-set-dd8qv" deleted
pod "new-replica-set-nhq2b" deleted
pod "new-replica-set-vflzg" deleted
pod "new-replica-set-w7qqj" deleted
root@controlplane:~#
root@controlplane:~# kubectl edit rs new-replica-set -n default
replicaset.apps/new-replica-set edited
root@controlplane:~#
root@controlplane:~# kubectl scale rs new-replica-set --replicas=2 -n default
replicaset.apps/new-replica-set scaled
root@controlplane:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
new-replica-set-424fn 1/1 Terminating 0 3m33s
new-replica-set-98mdn 1/1 Terminating 0 3m33s
new-replica-set-9rh6l 1/1 Running 0 3m33s
new-replica-set-hrqmq 1/1 Running 0 3m33s
new-replica-set-k7bbq 1/1 Terminating 0 74s
root@controlplane:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
new-replica-set-424fn 1/1 Terminating 0 3m39s
new-replica-set-98mdn 1/1 Terminating 0 3m39s
new-replica-set-9rh6l 1/1 Running 0 3m39s
new-replica-set-hrqmq 1/1 Running 0 3m39s
new-replica-set-k7bbq 1/1 Terminating 0 80s
root@controlplane:~#
deployments
deployments
The manifest file for deployment is exactly same as replicaSet exacept the kind is Deployment now.
apiVersion: apps/v1
kind: ReplicaSet --> Deployment
metadata:
labels:
run: nginx
type: front-end
name: nginx-rs
spec:
template:
metadata:
labels:
run: nginx
type: front-end
spec:
containers:
- image: nginx
name: nginx
selector:
matchLabels:
type: front-end
replicas: 3
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f deployment-definition.yaml
deployment.apps/nginx-deployment created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-deployment-766794d85c-22z9x 1/1 Running 0 33s
pod/nginx-deployment-766794d85c-gkzkn 1/1 Running 0 33s
pod/nginx-deployment-766794d85c-q7pn7 1/1 Running 0 33s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6d17h
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-deployment 3/3 3 3 3m56s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-deployment-766794d85c 3 3 3 33s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
generatedeploymentyaml
generatedeploymentyaml
kubectl create deployment redis-deploy --image=redis --replicas=4 --dry-run=client -o yaml > redis-deployment.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create deployment redis-deploy --image=redis --replicas=4 --dry-run=client -o yaml > redis-deployment.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f redis-deployment.yaml
deployment.apps/redis-deploy created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create deployment redis-deploy --image=redis --replicas=4 --dry-run=client -o yaml > redis-deployment.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f redis-deployment.yaml
deployment.apps/redis-deploy created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get all -l app=redis-deploy
NAME READY STATUS RESTARTS AGE
pod/redis-deploy-68fb445555-2rhp9 1/1 Running 0 3m47s
pod/redis-deploy-68fb445555-h6rx5 1/1 Running 0 3m47s
pod/redis-deploy-68fb445555-qz4st 1/1 Running 0 3m47s
pod/redis-deploy-68fb445555-tvzfk 1/1 Running 0 3m47s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/redis-deploy 4/4 4 4 3m47s
NAME DESIRED CURRENT READY AGE
replicaset.apps/redis-deploy-68fb445555 4 4 4 3m47s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
The generated deployment file is like below:
------------------------------------------------>
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: redis-deploy
name: redis-deploy
spec:
replicas: 4
selector:
matchLabels:
app: redis-deploy
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: redis-deploy
spec:
containers:
- image: redis
name: redis
resources: {}
status: {}
deploymentlabs
deploymentlabs
root@controlplane:~# kubectl create deployment httpd-frontend --image=httpd:2.4-alpine --replicas=3 --dry-run=client -o yaml > httpd_alpine_deploy.yaml
root@controlplane:~#
root@controlplane:~# cat httpd_alpine_deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: httpd-frontend
name: httpd-frontend
spec:
replicas: 3
selector:
matchLabels:
app: httpd-frontend
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: httpd-frontend
spec:
containers:
- image: httpd:2.4-alpine
name: httpd
resources: {}
status: {}
root@controlplane:~#
root@controlplane:~# kubectl get all -l app=httpd-frontend
NAME READY STATUS RESTARTS AGE
pod/httpd-frontend-5ddf995bdf-b6sft 1/1 Running 0 2m14s
pod/httpd-frontend-5ddf995bdf-mnkdz 1/1 Running 0 2m14s
pod/httpd-frontend-5ddf995bdf-z9xv4 1/1 Running 0 2m14s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/httpd-frontend 3/3 3 3 2m14s
NAME DESIRED CURRENT READY AGE
replicaset.apps/httpd-frontend-5ddf995bdf 3 3 3 2m14s
root@controlplane:~#
namespaces
namespaces
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get namespaces
NAME STATUS AGE
default Active 6d18h
kube-node-lease Active 6d18h
kube-public Active 6d18h
kube-system Active 6d18h
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
Default namespace --> 1.web-pod 2.db-service 3.web-deployment
In the same namespace web-pod can use DB simply by its name like mysql.connect("db-service")
and web-pod in default namespace can access the "db-service" in another namespace(dev) as well. but we need to specify like below.
mysql.connect("db-service.dev.svc.cluster.local")
cluster.local is the default domain name for the kubernetes cluster
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-74ff55c5b-plhmt 1/1 Running 1 6d18h
etcd-minikube 1/1 Running 1 6d18h
kube-apiserver-minikube 1/1 Running 1 6d18h
kube-controller-manager-minikube 1/1 Running 1 6d18h
kube-proxy-w85sf 1/1 Running 1 6d18h
kube-scheduler-minikube 1/1 Running 1 6d18h
storage-provisioner 1/1 Running 22 6d18h
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create namespace dev --dry-run=client -o yaml > create_namespace.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f create_namespace.yaml
namespace/dev created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get namespaces
NAME STATUS AGE
default Active 6d18h
dev Active 14s
kube-node-lease Active 6d18h
kube-public Active 6d18h
kube-system Active 6d18h
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl config set-context $(kubectl config current-context) --namespace=dev
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority: /Users/bharathdasaraju/.minikube/ca.crt
extensions:
- extension:
last-update: Sat, 04 Sep 2021 14:54:48 +08
provider: minikube.sigs.k8s.io
version: v1.20.0
name: cluster_info
server: https://127.0.0.1:32774
name: minikube
contexts:
- context:
cluster: minikube
extensions:
- extension:
last-update: Sat, 04 Sep 2021 14:54:48 +08
provider: minikube.sigs.k8s.io
version: v1.20.0
name: context_info
namespace: default
user: minikube
name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: minikube
user:
client-certificate: /Users/bharathdasaraju/.minikube/profiles/minikube/client.crt
client-key: /Users/bharathdasaraju/.minikube/profiles/minikube/client.key
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl config set-context $(kubectl config current-context) --namespace=dev
Context "minikube" modified.
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority: /Users/bharathdasaraju/.minikube/ca.crt
extensions:
- extension:
last-update: Sat, 04 Sep 2021 14:54:48 +08
provider: minikube.sigs.k8s.io
version: v1.20.0
name: cluster_info
server: https://127.0.0.1:32774
name: minikube
contexts:
- context:
cluster: minikube
extensions:
- extension:
last-update: Sat, 04 Sep 2021 14:54:48 +08
provider: minikube.sigs.k8s.io
version: v1.20.0
name: context_info
namespace: dev
user: minikube
name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: minikube
user:
client-certificate: /Users/bharathdasaraju/.minikube/profiles/minikube/client.crt
client-key: /Users/bharathdasaraju/.minikube/profiles/minikube/client.key
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods -n default
NAME READY STATUS RESTARTS AGE
nginx-deployment-766794d85c-22z9x 1/1 Running 0 80m
nginx-deployment-766794d85c-gkzkn 1/1 Running 0 80m
nginx-deployment-766794d85c-q7pn7 1/1 Running 0 80m
redis-deploy-68fb445555-2rhp9 1/1 Running 0 67m
redis-deploy-68fb445555-h6rx5 1/1 Running 0 67m
redis-deploy-68fb445555-qz4st 1/1 Running 0 67m
redis-deploy-68fb445555-tvzfk 1/1 Running 0 67m
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl delete deploy redis-deploy -n default
deployment.apps "redis-deploy" deleted
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get rs -n default
NAME DESIRED CURRENT READY AGE
nginx-deployment-766794d85c 3 3 3 81m
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl delete deploy nginx-deployment -n default
deployment.apps "nginx-deployment" deleted
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get all -n default
NAME READY STATUS RESTARTS AGE
pod/nginx-deployment-766794d85c-22z9x 0/1 Terminating 0 82m
pod/nginx-deployment-766794d85c-gkzkn 0/1 Terminating 0 82m
pod/nginx-deployment-766794d85c-q7pn7 0/1 Terminating 0 82m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6d18h
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get all -n default
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6d18h
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
resourcesinnamespaces
resourcesinnamespaces
we can specify ResourceQuota in namespace level to restrict CPU and Memory resources
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-quota
namespace: dev
spec:
hard:
pods: "10"
requests.cpu: "4"
requests.memory: 5Gi
limits.cpu: "10"
limits.memory: 10Gi
namespacelabs
namespacelabs
root@controlplane:~# kubectl get namespaces
NAME STATUS AGE
default Active 8m20s
dev Active 59s
finance Active 59s
kube-node-lease Active 8m23s
kube-public Active 8m23s
kube-system Active 8m24s
manufacturing Active 59s
marketing Active 59s
prod Active 59s
research Active 59s
root@controlplane:~# kubectl get namespaces | wc -l
11
root@controlplane:~# kubectl get pods -n research
NAME READY STATUS RESTARTS AGE
dna-1 0/1 ContainerCreating 0 96s
dna-2 0/1 ContainerCreating 0 96s
root@controlplane:~# kubectl run redis --image=redis -n finance
pod/redis created
root@controlplane:~#
root@controlplane:~# kubectl get all --all-namespaces | grep -i service
default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11m
dev service/db-service ClusterIP 10.102.88.175 <none> 6379/TCP 4m31s
finance service/payroll-service NodePort 10.96.4.206 <none> 8080:30083/TCP 4m30s
kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 11m
manufacturing service/red-service NodePort 10.96.212.35 <none> 8080:30080/TCP 4m31s
marketing service/blue-service NodePort 10.98.187.151 <none> 8080:30082/TCP 4m31s
marketing service/db-service NodePort 10.99.133.204 <none> 6379:31971/TCP 4m31s
root@controlplane:~#
from blue service we can access another service("db-service") in same namespace(marketing) like below
db-service
from blue service we can access another service("db-service") in different namespace(dev) like below
db-service.dev.svc.cluster.local:6379
services
services
services enable loose coupling between our applications.
external access
front-end
backend etc...
basic service types:
1.NodePort
2.ClusterIP
3.Loadbalancer(for cloud providers)
serviceNodePort
serviceNodePort
NodePort range between 30000 - 32767
apiVersion: v1
kind: Service
metadata:
name: bkapp-service
spec:
type: NodePort
ports:
- targetPort: 80 # Pod listens on this port, if we do not specify this value it assumes same as port.
port: 80 # Service Port this is the only mandatory files
nodePort: 30008 # Node listens on this port...can access using node IP-Address this is also optional
selector:
app: bkapp
type: front-end
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f bkweb_pod.yaml
pod/bkweb created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get pods
NAME READY STATUS RESTARTS AGE
bkweb 1/1 Running 0 9s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f service_nodeport.yaml
service/bkapp-service created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
bkapp-service NodePort 10.102.41.98 <none> 80:30009/TCP 6s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6d19h
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
bkapp-service NodePort 10.102.41.98 <none> 80:30009/TCP 9m58s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6d19h
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
minikube Ready control-plane,master 6d19h v1.20.2 192.168.49.2 <none> Ubuntu 20.04.2 LTS 5.4.39-linuxkit docker://20.10.6
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
create tunnel using "minikube service"
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ minikube service bkapp-service --url
🏃 Starting tunnel for service bkapp-service.
|-----------|---------------|-------------|------------------------|
| NAMESPACE | NAME | TARGET PORT | URL |
|-----------|---------------|-------------|------------------------|
| default | bkapp-service | | http://127.0.0.1:54535 |
|-----------|---------------|-------------|------------------------|
http://127.0.0.1:54535
❗ Because you are using a Docker driver on darwin, the terminal needs to be open to run it.
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ curl http://127.0.0.1:54535
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $ curl -I http://127.0.0.1:54535
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 11 Sep 2021 02:48:20 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Tue, 07 Sep 2021 15:21:03 GMT
Connection: keep-alive
ETag: "6137835f-267"
Accept-Ranges: bytes
bharathdasaraju@MacBook-Pro certified_kubernetes_administrator (master) $
serviceCLusterIP
serviceCLusterIP
# ClusterIP service type
1. front-end pods
2. back-end pods
3. redis pods
front-end pods need to connect to back-end pods for internal communication
And back-end pods needs to communicate to redis pods for internal configuration
apiVersion: v1
kind: Service
metadata:
name: back-end
spec:
type: ClusterIP
ports:
- targetPort : 80
port: 80
selector:
app: bkapp2
type: back-end
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl run redis --image=redis --dry-run=client -o yaml > bkweb_pod2.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f bkweb_pod2.yaml
pod/redis created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f service_ClusterIP.yaml
service/back-end created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
back-end ClusterIP 10.102.211.63 <none> 80/TCP 7s
bkapp-service NodePort 10.102.41.98 <none> 80:30009/TCP 45h
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 8d
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
serviceLoadBalancer
serviceLoadBalancer
apiVersion: v1
kind: Service
metadata:
name: bkapp3
spec:
type: LoadBalancer
ports:
- targetPort: 80 # Pod listens on this port, if we do not specify this value it assumes same as port.
port: 80 # Service Port this is the only mandatory files
nodePort: 30008 # Node listens on this port...can access using node IP-Address this is also optional
selector:
app: bkapp3
type: front-end
servicelabs
servicelabs
root@controlplane:~# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11m
root@controlplane:~#
root@controlplane:~# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11m
root@controlplane:~# kubectl edit service kubernetes
Edit cancelled, no changes made.
root@controlplane:~# kubectl edit service kubernetes
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2021-09-12T23:44:04Z"
labels:
component: apiserver
provider: kubernetes
name: kubernetes
namespace: default
resourceVersion: "201"
uid: a2ebf456-c63a-4923-851d-b27bd3b55906
spec:
clusterIP: 10.96.0.1
clusterIPs:
- 10.96.0.1
ports:
- name: https
port: 443
protocol: TCP
targetPort: 6443
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
~
~
"/tmp/kubectl-edit-fuoo7.yaml" 28L, 664C
root@controlplane:~#
root@controlplane:~# kubectl get ep
NAME ENDPOINTS AGE
kubernetes 10.49.247.3:6443 19m
root@controlplane:~# kubectl edit ep kubernetes
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Endpoints
metadata:
creationTimestamp: "2021-09-12T23:44:04Z"
labels:
endpointslice.kubernetes.io/skip-mirror: "true"
name: kubernetes
namespace: default
resourceVersion: "203"
uid: bd579fd9-da5e-4d32-be46-33b6ab16e376
subsets:
- addresses:
- ip: 10.49.247.3
ports:
- name: https
port: 6443
protocol: TCP
root@controlplane:~#
root@controlplane:~# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
simple-webapp-deployment 0/4 4 0 11s
root@controlplane:~#
root@controlplane:~# kubectl describe deploy simple-webapp-deployment
Name: simple-webapp-deployment
Namespace: default
CreationTimestamp: Mon, 13 Sep 2021 00:05:24 +0000
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 1
Selector: name=simple-webapp
Replicas: 4 desired | 4 updated | 4 total | 4 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: name=simple-webapp
Containers:
simple-webapp:
Image: kodekloud/simple-webapp:red
Port: 8080/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: simple-webapp-deployment-b56f88b77 (4/4 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 19m deployment-controller Scaled up replica set simple-webapp-deployment-b56f88b77 to 4
root@controlplane:~#
root@controlplane:~# vim service-definition-1.yaml
root@controlplane:~# cat service-definition-1.yaml
---
apiVersion: v1
kind: Service
metadata: webapp-service
name:
spec:
type: NodePort
ports:
- targetPort: 8080
port: 8080
nodePort: 30080
selector:
name: simple-webapp
root@controlplane:~#
root@controlplane:~# kubectl create -f service-definition-1.yaml
service/webapp-service created
root@controlplane:~#
root@controlplane:~#
root@controlplane:~# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 41m
webapp-service NodePort 10.101.212.188 <none> 8080:30080/TCP 98s
root@controlplane:~# kubectl describe service webapp-service
Name: webapp-service
Namespace: default
Labels: <none>
Annotations: <none>
Selector: name=simple-webapp
Type: NodePort
IP Families: <none>
IP: 10.101.212.188
IPs: 10.101.212.188
Port: <unset> 8080/TCP
TargetPort: 8080/TCP
NodePort: <unset> 30080/TCP
Endpoints: 10.244.0.4:8080,10.244.0.5:8080,10.244.0.6:8080 + 1 more...
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
root@controlplane:~#
Minikube test:
---------------------->
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create deployment simple-webapp-deployment --replicas=3 --image=kodekloud/simple-webapp:red --dry-run=client -o yaml > simple-webapp-deployment.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f simple-webapp-deployment.yaml
The Deployment "simple-webapp-deployment" is invalid: spec.template.metadata.labels: Invalid value: map[string]string{"app":"simple-webapp-deployment"}: `selector` does not match template `labels`
kubectl create -f simple-webapp-deployment.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create -f simple-webapp-deployment.yaml
deployment.apps/simple-webapp-deployment created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get all
NAME READY STATUS RESTARTS AGE
pod/simple-webapp-deployment-85db7b94cf-prmrk 1/1 Running 0 2m4s
pod/simple-webapp-deployment-85db7b94cf-r6jqs 1/1 Running 0 2m4s
pod/simple-webapp-deployment-85db7b94cf-ss226 1/1 Running 0 2m4s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 8d
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/simple-webapp-deployment 3/3 3 3 2m5s
NAME DESIRED CURRENT READY AGE
replicaset.apps/simple-webapp-deployment-85db7b94cf 3 3 3 2m5s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 8d
webapp-service NodePort 10.102.158.105 <none> 8080:30080/TCP 6s
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
Create a service with "kubectl expose" command
"kubectl expose deployment simple-webapp-deployment --name=webapp-service --target-port=8080 --type=NodePort --port=8080 --dry-run=client -o yaml > simple_webapp_service.yaml"
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl delete svc webapp-service
service "webapp-service" deleted
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
simple-webapp-deployment 3/3 3 3 12m
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl expose deployment simple-webapp-deployment --name=webapp-service --target-port=8080 --type=NodePort --port=8080 --dry-run=client -o yaml > simple_webapp_service.yaml
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
kubectlDeclarative
kubectlDeclarative
Imperative:
------------------------------------------------------------------------------------------>
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
simple-webapp-deployment 3/3 3 3 3h52m
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl scale deployment simple-webapp-deployment --replicas=4
deployment.apps/simple-webapp-deployment scaled
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
simple-webapp-deployment 4/4 4 4 3h54m
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
Declarative:
-------------------------------------------------------------------------->
kubectl apply -f /path/to_config/files
kubectlImperative
kubectlImperative
bharathdasaraju@MacBook-Pro Four_September_2021_CKA_Recap (master) $ kubectl run nginx --image=nginx --dry-run=client -o yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx
name: nginx
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
bharathdasaraju@MacBook-Pro Four_September_2021_CKA_Recap (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create deployment nginx --image=nginx --replicas=4 --dry-run=client -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: nginx
name: nginx
spec:
replicas: 4
selector:
matchLabels:
app: nginx
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: nginx
spec:
containers:
- image: nginx
name: nginx
resources: {}
status: {}
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl run nginx --image=nginx
pod/nginx created
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl expose pod nginx --port=80 --name web-service --dry-run=client -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
run: nginx
name: web-service
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
run: nginx
status:
loadBalancer: {}
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl expose pod nginx --port=80 --name web-service
service/web-service exposed
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl get svc web-service -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2021-09-13T05:08:42Z"
labels:
run: nginx
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:labels:
.: {}
f:run: {}
f:spec:
f:ports:
.: {}
k:{"port":80,"protocol":"TCP"}:
.: {}
f:port: {}
f:protocol: {}
f:targetPort: {}
f:selector:
.: {}
f:run: {}
f:sessionAffinity: {}
f:type: {}
manager: kubectl-expose
operation: Update
time: "2021-09-13T05:08:42Z"
name: web-service
namespace: default
resourceVersion: "50739"
uid: d08bd0c8-1649-40a6-8edb-28dd9a2f191b
spec:
clusterIP: 10.106.66.87
clusterIPs:
- 10.106.66.87
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
run: nginx
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
"The problem with below approach is this will not use the pods labels as selectors, instead it will assume slectors as app=nginx so we need to modify it"
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create service clusterip nginx --tcp=80:80 --dry-run=client -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: nginx
name: nginx
spec:
ports:
- name: 80-80
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: ClusterIP
status:
loadBalancer: {}
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl expose pod nginx --type=NodePort --port=80 --name=nginx-service-np --dry-run=client -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
run: nginx
name: nginx-service-np
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
run: nginx
type: NodePort
status:
loadBalancer: {}
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
"using expose command"
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $ kubectl create service nodeport nginx --tcp=80:80 --node-port=30090 --dry-run=client -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: nginx
name: nginx
spec:
ports:
- name: 80-80
nodePort: 30090
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: NodePort
status:
loadBalancer: {}
bharathdasaraju@MacBook-Pro 1.Core_Concepts (master) $
kubectlImperativelabs
kubectlImperativelabs
root@controlplane:~# kubectl run nginx-pod --image=nginx:alpine
pod/nginx-pod created
root@controlplane:~#
root@controlplane:~# kubectl run redis --image=redis:alpine --dry-run=client -o yaml > redis-pod.yamlroot@controlplane:~# vim redis-pod.yaml
root@controlplane:~# kubectl apply -f redis-pod.yaml
pod/redis created
root@controlplane:~#
Create a service redis-service to expose the redis application within the cluster on port 6379.
Use imperative commands.
root@controlplane:~# kubectl expose pod redis --port=6379 --name=redis-service --dry-run=client -o yaml > redis-service.yaml
root@controlplane:~# vim
root@controlplane:~# cat redis-service.yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
tier: db
name: redis-service
spec:
ports:
- port: 6379
protocol: TCP
targetPort: 6379
selector:
tier: db
type: ClusterIP
status:
loadBalancer: {}
root@controlplane:~#
root@controlplane:~# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-pod 1/1 Running 0 8m15s
pod/redis 1/1 Running 0 5m52s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 13m
service/redis-service ClusterIP 10.106.124.133 <none> 6379/TCP 19s
root@controlplane:~#
root@controlplane:~# kubectl create deployment webapp --image=kodekloud/webapp-color --replicas=3 --dry-run=client -o yaml > webapp-deployment.yaml
root@controlplane:~# cat webapp-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: webapp
name: webapp
spec:
replicas: 3
selector:
matchLabels:
app: webapp
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: webapp
spec:
containers:
- image: kodekloud/webapp-color
name: webapp-color
resources: {}
status: {}
root@controlplane:~#
root@controlplane:~# kubectl apply -f webapp-deployment.yaml
deployment.apps/webapp created
root@controlplane:~#
Create a new pod called custom-nginx using the nginx image and expose it on container port 8080.
kubectl run custom-nginx --image=nginx --port=8080
root@controlplane:~# kubectl expose pod custom-nginx --port=8 --name=custom-nginx-service --dry-run=client -o yaml > custom-nginx-service.yaml
root@controlplane:~#
root@controlplane:~# vim custom-nginx-service.yaml
root@controlplane:~# kubectl apply -f custom-nginx-service.yaml
service/custom-nginx-service created
root@controlplane:~# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
custom-nginx-service ClusterIP 10.96.71.30 <none> 8080/TCP 5s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19m
redis-service ClusterIP 10.106.124.133 <none> 6379/TCP 6m34s
root@controlplane:~#
root@controlplane:~# kubectl run custom-nginx --image=nginx --port=8080 --dry-run=client -o yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: custom-nginx
name: custom-nginx
spec:
containers:
- image: nginx
name: custom-nginx
ports:
- containerPort: 8080
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
root@controlplane:~#
root@controlplane:~# kubectl run custom-nginx --image=nginx --port=8080
pod/custom-nginx created
root@controlplane:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
custom-nginx 0/1 ContainerCreating 0 6s
nginx-pod 1/1 Running 0 26m
redis 1/1 Running 0 23m
webapp-56847f875b-56dcw 1/1 Running 0 16m
webapp-56847f875b-khmk5 1/1 Running 0 16m
webapp-56847f875b-rpfcj 1/1 Running 0 16m
root@controlplane:~#
root@controlplane:~# kubectl run nginx-pod --image=nginx:alpine
pod/nginx-pod created
root@controlplane:~# ls
sample.yaml
root@controlplane:~# kubectl run redis --image=redis:alpine -l tier=db
pod/redis created
root@controlplane:~#
root@controlplane:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-pod 1/1 Running 0 64s
redis 0/1 ContainerCreating 0 11s
root@controlplane:~#
root@controlplane:~# kubectl expose pod redis --port=6379 --name redis-service --dry-run=client -o yaml > redis-service.yaml
root@controlplane:~#
root@controlplane:~# kubectl expose pod redis --port=6379 --name redis-service --dry-run=client -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
tier: db
name: redis-service
spec:
ports:
- port: 6379
protocol: TCP
targetPort: 6379
selector:
tier: db
status:
loadBalancer: {}
root@controlplane:~#
root@controlplane:~# vim redis-service.yaml
root@controlplane:~# kubectl apply -f redis-service.yaml
service/redis-service created
root@controlplane:~#
root@controlplane:~# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11m
redis-service ClusterIP 10.103.54.86 <none> 6379/TCP 13s
root@controlplane:~#
root@controlplane:~# kubectl create deployment webapp --image=kodekloud/webapp-color --replicas=3 --dry-run=client -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: webapp
name: webapp
spec:
replicas: 3
selector:
matchLabels:
app: webapp
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: webapp
spec:
containers:
- image: kodekloud/webapp-color
name: webapp-color
resources: {}
status: {}
root@controlplane:~#
root@controlplane:~# kubectl create deployment webapp --image=kodekloud/webapp-color --replicas=3 --dry-run=client -o yaml > webapp.yaml
root@controlplane:~# kubectl apply -f webapp.yaml
deployment.apps/webapp created
root@controlplane:~# kubectl get deploy webapp -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
webapp 3/3 3 3 23s webapp-color kodekloud/webapp-color app=webapp
root@controlplane:~#
Create a new pod called custom-nginx using the nginx image and expose it on container port 8080.
root@controlplane:~# kubectl run custom-nginx --image=nginx --port=8080 --dry-run=client -o yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: custom-nginx
name: custom-nginx
spec:
containers:
- image: nginx
name: custom-nginx
ports:
- containerPort: 8080
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
root@controlplane:~#
root@controlplane:~# kubectl run custom-nginx --image=nginx --port=8080 --dry-run=client -o yaml > custom-nginx.yaml
root@controlplane:~# kubectl apply -f custom-nginx.yaml
pod/custom-nginx created
root@controlplane:~#
root@controlplane:~# kubectl create namespace dev-ns --dry-run=client -o yaml
apiVersion: v1
kind: Namespace
metadata:
creationTimestamp: null
name: dev-ns
spec: {}
status: {}
root@controlplane:~#
root@controlplane:~# kubectl create namespace dev-ns --dry-run=client -o yaml > namespace.yaml
root@controlplane:~# kubectl apply -f namespace.yaml
namespace/dev-ns created
root@controlplane:~#
root@controlplane:~# kubectl create deployment redis-deploy --image=redis --replicas=2 -n dev-ns --dry-run=client -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: redis-deploy
name: redis-deploy
namespace: dev-ns
spec:
replicas: 2
selector:
matchLabels:
app: redis-deploy
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: redis-deploy
spec:
containers:
- image: redis
name: redis
resources: {}
status: {}
root@controlplane:~#
root@controlplane:~# kubectl create deployment redis-deploy --image=redis --replicas=2 -n dev-ns --dry-run=client -o yaml > redis-deploy.yaml
root@controlplane:~# kubectl apply -f redis-deploy.yaml
deployment.apps/redis-deploy created
root@controlplane:~#
root@controlplane:~# kubectl run httpd --image=httpd:alpine --dry-run=client -o yaml > httpd_pod.yamlroot@controlplane:~# kubectl apply -f httpd_pod.yaml
pod/httpd created
root@controlplane:~# kubectl expose pod httpd --name=httpd --port=80 --dry-run=client -o yaml > httpd_service.yaml
root@controlplane:~# vim httpd_service.yaml
root@controlplane:~# kubectl apply -f httpd_service.yaml
service/httpd created
root@controlplane:~#
The shortcut is: kubectl run httpd --image=httpd:alpine --port=80 --expose
root@controlplane:~# kubectl get all -n default
NAME READY STATUS RESTARTS AGE
pod/custom-nginx 1/1 Running 0 7m47s
pod/httpd 1/1 Running 0 2m22s
pod/nginx-pod 1/1 Running 0 14m
pod/redis 1/1 Running 0 13m
pod/webapp-56847f875b-6zp5q 1/1 Running 0 9m35s
pod/webapp-56847f875b-8xwh7 1/1 Running 0 9m35s
pod/webapp-56847f875b-txvwg 1/1 Running 0 9m35s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/httpd ClusterIP 10.109.119.111 <none> 80/TCP 60s
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 22m
service/redis-service ClusterIP 10.103.54.86 <none> 6379/TCP 11m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/webapp 3/3 3 3 9m35s
NAME DESIRED CURRENT READY AGE
replicaset.apps/webapp-56847f875b 3 3 3 9m35s
root@controlplane:~#
root@controlplane:~# kubectl get all -n dev-ns
NAME READY STATUS RESTARTS AGE
pod/redis-deploy-68fb445555-kr5w8 1/1 Running 0 4m25s
pod/redis-deploy-68fb445555-zrxfn 1/1 Running 0 4m25s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/redis-deploy 2/2 2 2 4m25s
NAME DESIRED CURRENT READY AGE
replicaset.apps/redis-deploy-68fb445555 2 2 2 4m25s
root@controlplane:~#
Pod, RepliationController, Repliaset, Deployment, Service, Namespace manifest files
podnginx
podnginx
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx1818
name: nginx
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
podredis
podredis
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: redis
name: redis
spec:
containers:
- image: redis1234
name: redis
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
replicationcontroller
replicationcontroller
apiVersion: v1
kind: ReplicationController
metadata:
name: bkapp-rc
labels:
app: bkapp
type: front-end
spec:
template:
metadata:
labels:
app: bkapp
type: front-end
name: bkapp-pod
spec:
containers:
- image: nginx
name: nginx-container
replicas: 3
replicaset
replicaset
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: bkapp-replicaset
labels:
app: bkapp
type: front-end
spec:
template:
metadata:
labels:
app: bkapp
type: front-end
name: bkapp-pod
spec:
containers:
- image: nginx
name: nginx-container
replicas: 4
selector:
matchLabels:
type: front-end
replicasetlab1
replicasetlab1
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: replicaset-1
spec:
replicas: 2
selector:
matchLabels:
tier: frontend
template:
metadata:
labels:
tier: frontend
spec:
containers:
- name: nginx
image: nginx
replicasetlab2
replicasetlab2
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: replicaset-2
spec:
replicas: 2
selector:
matchLabels:
tier: frontend
template:
metadata:
labels:
tier: frontend
spec:
containers:
- name: nginx
image: nginx
samplepod
samplepod
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: redis
name: redis
spec:
containers:
- image: redis
name: redis
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
deployment
deployment
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
run: nginx
type: front-end
name: nginx-deployment
spec:
template:
metadata:
labels:
run: nginx
type: front-end
spec:
containers:
- image: nginx
name: nginx
selector:
matchLabels:
type: front-end
replicas: 3
replicasetrecap
replicasetrecap
apiVersion: apps/v1
kind: ReplicaSet
metadata:
labels:
run: nginx
type: front-end
name: nginx-rs
spec:
template:
metadata:
labels:
run: nginx
type: front-end
spec:
containers:
- image: nginx
name: nginx
selector:
matchLabels:
type: front-end
replicas: 3
redisdeployment
redisdeployment
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: redis-deploy
name: redis-deploy
spec:
replicas: 4
selector:
matchLabels:
app: redis-deploy
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: redis-deploy
spec:
containers:
- image: redis
name: redis
resources: {}
status: {}
namespace
namespace
apiVersion: v1
kind: Namespace
metadata:
creationTimestamp: null
name: dev
spec: {}
status: {}
servicenodeport
servicenodeport
apiVersion: v1
kind: Service
metadata:
name: bkapp-service
spec:
selector:
app: bkweb-app
type: front-end
type: NodePort
ports:
- name: bkwebport
port: 80
targetPort: 80
nodePort: 30009
webpod
webpod
apiVersion: v1
kind: Pod
metadata:
labels:
app: bkweb-app
type: front-end
name: bkweb
spec:
containers:
- image: nginx
name: bkweb
serviceclusterip
serviceclusterip
kind: Service
apiVersion: v1
metadata:
name: back-end
spec:
selector:
app: bkapp2
type: back-end
type: ClusterIP # Its default type if we do not specify type it automatically assigned as ClusterIP only.
ports:
- name: back-end-port
port: 80
targetPort: 8080
webpod2
webpod2
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: redis
app: bkapp2
type: back-end
name: redis
spec:
containers:
- image: redis
name: redis
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
servicelb
servicelb
apiVersion: v1
kind: Service
metadata:
name: bkapp3
spec:
type: LoadBalancer
ports:
- targetPort: 80 # Pod listens on this port, if we do not specify this value it assumes same as port.
port: 80 # Service Port this is the only mandatory files
nodePort: 30008 # Node listens on this port...can access using node IP-Address this is also optional
selector:
app: bkapp3
type: front-end
simplewebapp
simplewebapp
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: simple-webapp
name: simple-webapp-deployment
spec:
replicas: 3
selector:
matchLabels:
app: simple-webapp
strategy: {}
template:
metadata:
labels:
app: simple-webapp
spec:
containers:
- image: kodekloud/simple-webapp:red
name: simple-webapp
ports:
- containerPort: 8080
protocol: TCP
status: {}
servicewebapp
servicewebapp
apiVersion: v1
kind: Service
metadata:
name: webapp-service
spec:
type: NodePort
ports:
- targetPort: 8080
port: 8080
nodePort: 30080
selector:
app: simple-webapp
nginxdeploymentimperative
nginxdeploymentimperative
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: nginx
name: nginx
spec:
replicas: 4
selector:
matchLabels:
app: nginx
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: nginx
spec:
containers:
- image: nginx
name: nginx
resources: {}
status: {}
podsrecap
podsrecap
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx
name: nginx
resources: {}
ports:
- name: Port Name
port: Port
protocol: TCP
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
simplewebservice
simplewebservice
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: simple-webapp
name: webapp-service
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
nodePort: 30080
selector:
app: simple-webapp
type: NodePort
status:
loadBalancer: {}