Shared Flashcard Set

Details

Kubernetes Sec 4,5&6
CKA
25
Computer Science
Professional
08/16/2020
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
Get metrics
 Definition
- kubectl top node (or pod)
Term
Continuous pod logs
 Definition
- if single container
kubectl logs -f "pod"
- if multi containers
kubectl logs -f "pod" "container"
Term
Check dep rollout
 Definition
- kubectl rollout status deploy "name"
- kubectl rollout history deploy "name"
Term
Deploy strategies
 Definition
- recreate all (at same time)
- rolling update (one at a time - default)
Term
Set new deploy image (imperative)
 Definition
kubectl set image deploy "name" old_image=new_image
Term
Undo rollout (or rollback)
 Definition
- kubectl rollout undo deploy "name"
- uses saved replica set
Term
configmap imperative
 Definition
- kubectl create configmap "map name" --from-literal=key=value
- kubectl create configmap "map name" --from-file=filename
Term
configmap declarative
 Definition
apiVersion: v1
kind: ConfigMap
metadata:
name: "map name"
data:
key1:value1
Term
list config maps
 Definition
kubectl get/describe configmap (or cm)
Term
pod configmap yaml
 Definition
spec:
envFrom:
- configMapRef:
name:
OR
containers:
- name:
image:
command:
env:
- name: key1
valueFrom:
configMapKeyRef:
name: special-config
key: key1
Term
create secret imperative
 Definition
- kubectl create secret generic \
"sec name" --from-literal=key1=value1
kubectl create secret generic \
"sec name" --from-file="filename"
Term
secret yaml
 Definition
apiVersion: v1
kind: Secret
metadata:
name: "name"
data:
key1: "base64-encoded-value"
Term
Get secret values
 Definition
- kubectl get secret "name" -o yaml
- values in base64
Term
secret pod yaml
 Definition
spec:
containers:
- name:
envFrom:
- secretRef:
key1: value1
OR
spec:
envFrom
- secretRef
name: "sec-name"
OR
volumes:
- name:
secret:
secretName: "sec-name"
Term
Exec cmd in pod
 Definition
kubectl exec -it "pod" cmd param
Term
InitContainer yaml
 Definition
spec:
containers:
initContainers:
- name:
image:
command: ['cmd', 'param1', 'param2']
- name:
image:
command:

- if multi initContainers, each one run one at a time sequentially with each one finishing before next starts
- after all initContainers run, then run regular containers
Term
Clear node of all pods
 Definition
- kubectl drain "node"
- "node" marked as unscheduable
- to reverse
-kubectl uncordon "node"
- kubectl cordon "node"
- don't schedule any pods on nodes
- pods recreated on other running nodes
Term
version #
 Definition
- kubectl get nodes
- v(maj).(min).(patch)
- minor = features/functions
- patch = patches/bug fixes
Term
Version restrictions
 Definition
- kube-apiserver can be X
- controller-manager & kube-schedeler can be X or X-1
- kubelet & kube-proxy can be X, X-1 or X-2
- kubectl can be X or X+1 > X-1
- only current minor plus last 2 minor vers supported
Term
Upgrades
 Definition
- upgrade only one minor version at a time
- upgrade master first
- cannot deploy, modify or access pods while upgrading master
- Strategy 1 - upgrade all nodes at once
- Strategy 2 - upgrade one node at a time
- Strategy 3 - add new node with latest ver to replace each node
Term
Upgrade steps
 Definition
- kubeadm upgrade plan
- get ver #'s and other data
- Upgrade steps:
1) update kubeadm (apt-get)
2) kubeadm upgrade apply "v#"
3) upgrade kubelet (apt-get)
4) systemctl restart kubelet
5) kubectl uncordon master
6) for each node one at a time
1) Move workloads with kubectl drain "node"
2) upgrade kubeadm & kubelet
3) kubeadm upgrade node
4) system restart kubelet
5) kubectl uncordon "node"
Term
to query/save all yaml configs
 Definition
- kubectl get all -all-namespaces -o yaml > all-deploy-srvs.yaml
Term
to query/save/restore all etcd
 Definition
- etcdctl snapshot save snapshot.db
- etcdctl snapshot status snapshot.db
- etcdctl snapshot restore snapshot.db
Term
To restore etcd
 Definition
- create snapshot
- service kube-apiserver stop
- restore snapshot using new token and data dir (if we want to dup a live cluster)
- change token and data dir in etcd.yaml
- systemctl daemon-reload
- service etcd restart
- service kube-apiserver start
Term
2 backup methods
 Definition
- Resource configurations (yaml)
- ETCD DB
Supporting users have an ad free experience!