Kube && Helm

- K8s how to collect metrics

- How to debug Kubernetes Ingress

- Monitoring, Logging and Alerting in Kubernetes

kubectl get pods -A

helm repo add prometheus https://prometheus-community.github.io/helm-charts

helm upgrade --install prometheus prometheus/prometheus --namespace monitoring   --create-namespace

kubectl get pods --namespace monitoring -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}"

-  Horizontal Pod Autoscaler Custom Metrics & Prometheus:  K8s and EKS)

- How to install Metrics Server on Kubernetes cluster

- PromCon 2017: lighting talk - kube-state-metrics- Fredric Branczyc

- Secret way to learn K8S

Cert manageer

- Kubernetes Cert Manager explained

- Install kind on debian

sudo apt-get clean

sudo rm -rf /var/lib/apt/lists/*

sudo apt-get update

- Install kubernetes

echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /" | \

sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt update
sudo apt install -y kubelet kubeadm kubectl

- Kind to create cluster

rm -rf /etc/cni/net.d

rm -rf /var/lib/cni

rm -rf /var/lib/kubelet

systemctl restart containerd

systemctl restart kubelet

mkdir -p $HOME/.kube

kubeadm version
containerd --version
uname -a

kubeadm init

sudo kubeadm init --pod-network-cidr=10.244.0.0/16

kubectl get pods -n kube-system

kubectl taint nodes --all node-role.kubernetes.io/control-plane-

kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml --validate=fals

snap install helm --classic

helm repo add jetstack https://charts.jetstack.io

helm repo update

kubectl create namespace cert-manager

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.crds.yaml

sudo mkdir -p /usr/lib/cni
sudo ln -s /opt/cni/bin/* /usr/lib/cni/

sudo systemctl restart containerd
sudo systemctl restart kubelet

kubectl delete pod -n cert-manager --all

ping -c 4 8.8.8.8

sudo mkdir -p /usr/lib/cni
sudo ln -sf /opt/cni/bin/* /usr/lib/cni/

helm install cert-manager jetstack/cert-manager   --namespace cert-manager   --version v1.14.4

kubectl get pods -n cert-manager

kubectl logs cert-manager-6dc66985d4-grlsd -n cert-manager

kubectl get all -n cert-manager

kubectl create ns cert-manager-test

cd work/

mkdir self-signes-k8s

vi issuer.yaml

vi certificate.yaml

kubectl describe certificate -n cert-manager-test

  Normal  Issuing    68s   cert-manager-certificates-trigger          Issuing certificate as Secret does not exist

  Normal  Generated  68s   cert-manager-certificates-key-manager      Stored new private key in temporary Secret resource "selfsigned-cert-4jgzm"

  Normal  Requested  68s   cert-manager-certificates-request-manager  Created new CertificateRequest resource "selfsigned-cert-1"

  Normal  Issuing    68s   cert-manager-certificates-issuing          The certificate has been successfully issued

kubectl get secrets -n cert-manager-test

  kind: Secret

  metadata:

    annotations:

      cert-manager.io/alt-names: example.com

      cert-manager.io/certificate-name: selfsigned-cert

      cert-manager.io/common-name: ""

      cert-manager.io/ip-sans: ""

      cert-manager.io/issuer-group: ""

      cert-manager.io/issuer-kind: ""

      cert-manager.io/issuer-name: test-selfsigned

      cert-manager.io/uri-sans: ""

- Deploy an ingress controller

kubectl create ns ingress-nginx

kubectl -n ingress-nginx get pods

kubectl -n ingress-nginx apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/baremetal/deploy.yaml

kubectl -n ingress-nginx get pods

- Implement cert-manager PDB

cat pdb.yml

apiVersion: policy/v1

kind: PodDisruptionBudget

metadata:

  name: nginx

spec:

  minAvailable: 2

  selector:

    matchLabels:

      app: cert-manager

kubectl apply -f pdb.yml -n cert-manager

- Kubernetes API Explained

- Kubernetes POD Draining for Node Maintenance

- Isolate a Pod Kubernetes

- Deploy metrics-server in Kubernetes using Helm

- Kube state metrics

- K Ingress

- K8s CoreDns

k get pods -n=kube-system

k get deploy -n=kube-system

k scale deploy coredns --replicas=2 -n=kube-system

k get pods -n=kube-system

k exec -it nginx -- curl nginx1

k get svc -n=kube-system (kube-dns|ClusterIP)\

cat /etc/resolv.conf

search default.svc.cluster.local svc.cluster.local

nameserver ip

cat /etc/hosts --> add entry in /etc/hosts

 - K9s Demo

a) arkade | grep k9s

b) column - shortcut gives us access between resources

c) Ctrl + A gives us access to all resources.

d) Logs can be seen by accessing pod

- Get deployments and statefullsets in log

┌─[bo@ldap]─[~]

└──╼ $kubectl get -A Deployments | tee -a log.txt

NAMESPACE     NAME      READY   UP-TO-DATE   AVAILABLE   AGE

kube-system   coredns   1/1     1            1           72d

┌─[bo@ldap]─[~]

└──╼ $kubectl get -A StatefulSets | tee -a og.txt

No resources found

- SideCar pods - sidecar

- Rolling update strategy

- DaemonSet-Deployment-StatefullSets

- NodePort-Ingress-LoadBalancer

Nginx Ingress Controller

- Kube deployments: Get started

- Get gcloud context

gcloud auth login

kubectl config current-context 

- DaemonSets

a) find api version: 

    kubectl api-resources | grep daemonset

b) the api resource must match helm

c) name of the daemon set first and second and third the names of pods

- Free SSL Certs in Kubernetes

- How to run local multi-node Kubernetes clusters using kind

KPT

- generate pkg

- generate kubectl deployment

- list pkg content

- verify pkg

Affinity

- 3 types of affinity

- Kube scheduler: node affinity vs node slector vs taints