Shared Flashcard Set

Details

Kubernetes Sec 8&9
CKA
18
Computer Science
Professional
08/29/2020
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
Volume yaml
 Definition
- Pod
spec:
containers:
- name:
image:
volumeMounts:
- mountPath: /opt
name: data-volume --mount external data-volume to /opt
volumes:
- name: data-volume
hostPath:
path: /data --local to each node (NOT across nodes!)
type: Directory
OR
volumes:
- name: data-volume
awsElasticBlockStore: --uses cloud aws storage solution
volumeID:
fsType: extr
Term
Persistent Volume yaml
 Definition
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-vol1
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: 1Gi
awsElasticBlockStore:
Term
PV Claims yaml
 Definition
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: myclaim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 500Mi
Term
Delete PVC
 Definition
- kubectl delete persistentvolumeclaim my-claim
- persistentVolumeReclaimPolicy: Delete
- default
- not deleted
- cannot be reused
- persistentVolumeReclaimPolicy: Recycle
- not deleted
- data is scrubbed
- reusable
Term
POD,Deploy,RS PVC yaml
 Definition
spec:
containers:
- name: myfrontend
image:
volumeMounts:
- mountPath: /mnt
name: mypd
volumes:
- name: mypd
persistentVolumeClaim:
claimName: myclaim
Term
StorageClass yaml (dynamic provisioning)
 Definition
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: google-storage
provisioner: kubernetes.io/gce-pd
Term
StorageClass pvc yaml
 Definition
- spec:
storageClassName: google-storage --defined in storageclass yaml
- Replaces PV so NO need for PV
Term
Linux nw cmds
 Definition
- ip link
- show int
- ip addr
- set int
- ip route
- set/show routes
- ip netns add/del "ns"
- show/set/del nw namespaces
- ip netns exec "ns" ip link OR ip -n "ns" link/route/arp
- run cmd inside ns
Term
Virtual cable
 Definition
- ip link add veth-red type veth peer name veth-blue
- ip link set veth-red netns red
- ip link set veth-blue netns blue
- ip -n red addr add x.x.x.x dev veth-red
- ip -n blue addr add x.x.x.y dev veth-blue
- ip -n red link set veth-red up
- ip -n blue link set beth-blue up
- ip -n red ping x.x.x.x
- ip -n red arp
Term
CNI in kubelet.service
 Definition
--network-plugin=cni
--cni-bin-dir=/opt/cni/bin
--cni-conf-dir=/etc/cni/net.d
Term
weave add-on
 Definition
search for "cloud.weave.works"
Term
CoreDNS file
 Definition
- /etc/coredns/Corefile
- contains plugins
- 'kubernetes' plugin defines root domain
- 'proxy' contains forwarded like /etc/resolv.conf
- this file is in a configmap
- DNS handled by kube-dns service (describe to get IP)
Term
Ingress
 Definition
- load balancer, SSL, etc.
- Ingress controller
- SW implementation
- Ingress Resources
- rules
Term
Ingress Controller yaml
 Definition
apiVersion: networking.k8s.io/v1
kind: Deployment
metadata:
name: nginx-ing-controller
spec:
replicas: 1
selector:
matchLabels:
name: nginx-ing
template:
metadata:
labels:
name: nginx-ing
spec:
containers:
- name: nginx-ing-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.21.0
args:
- /nginx-ing-controller
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
Term
To Deploy Ingress Controller
 Definition
- create deployment for controller
- create ConfigMap
- pass config data to controller
- create Service (NodePort)
- expose controller to external world
- create Service account
- allow controller to monitor service / access components
Term
Ingress Resource
 Definition
- apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-srv1
spec:
backend:
serviceName: srv1-service
servicePort: 80
- kubectl get ingress
Term
Ingress resource rules
 Definition
spec:
rules:
- http:
paths:
- path:/url1
backend:
serviceName: srv1-service
servicePort: 80
- path: /url2
backend:
serviceName: srv2-service
servicePort: 80
OR
spec:
rules:
- host: site1.com
http:
- host: site2.com
http:
Term
Rewrite URL
 Definition
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: test-ingress
namespace: critical-space
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /pay
backend:
serviceName: pay-service
servicePort: 8282
Supporting users have an ad free experience!