k8s Notes

Day -1 Kubernetes.
Docker Swarm -- it is basically an Orchestration system ,meaning of orchestration -

Hidden Mangaing
Orchestration is nothing but a managemnet of many containers.
Kubernetes is a portable extensible open source platform for managing containerzied

workloads and services.
Kubernetes also facilitaties both declartive configuration and automation .
Kubernetes (k8s) provides:

1.service discovery and load balancing
2.storage orchestration
3.Automated Rollouts and Rollbacks
4.Automatic bin packing
5.self healing
6.Secrets and configuration management
Installing Kubernetes
1.VMware --> 3 images Centos 8 VM's

u can setup the kubernetes
2.Choose any cloud AWS,AZUre,GCP
choose 3 VM's ,install of Kubernetes in these machine
3.Many of the cloud ,they are providing
GCP - GKE (Google Kubernetes Engine)

Azure - AKS (Azure Kubernetes services)
AWS - EKS (ELastic Kubernetes services)
4.Openshift
Lets us understand the History of Kubernetes
2003 - Google -- Omega and Borg --- run their application by using light weight
container method
2014 - Google gave this Omega as well Borg - Linux Foundations

sub foundation - CNCF - Cloud Native computing Foundatations
Kubernetes 2015 V1.0
V1.18
V1.22
V1.23.1
V1.23.2
V1.
V1.22.1
V1.22.2
V1.22.3
1--> Major release

22- Minor Version
1 2 3- Patch release
-----------------------------------------------------------------------------------
----------------------------
Day -2 ,Kubernetes Architecture
Different Installation Method
Kubernetes commands
Installation of Kubernetes cluster
1.Kubernetes cluster in a single node or in your own laptop --> minikube
2. Kubernetes Multi -Node - 2 VM (1 - Master ,1 -Node ,2-Node)

Kudeadm
kubespray
kops --> used in AWS cloud
3. IOT/ Arm processor - k3s
4. Native cloud
AWS - EKS (Elastic Kubernetes services)
Azure - AKS (Azure Kubernetes services)
Google - GKE (Google Kubernetes Engine)
5. Platform as service
Redhat -Openshift ( Docker and Kubernetes + Frontend GUI,Libraries )
6. katacode - 25 mins
Installation of Kubernetes - we will be kubeadm
1.Hardware requirement - Master - 2 CPU core,min 2GB Ram

Worker node - 1 CPU core,2GB Ram
AWS - t2.micro 1 CPU ,1GB RAM --> Dead slow

t2.medium - 2 CPU ,2 GB RAM
Kubernetes - 2 node t2.medium --> i have installed,setup 30 mins ,do

for practise ,terminate
tomorrow - 2 node again 20 mins
We will use 2 VM's in AWS -> we will prefer Ubuntu 20
sudo apt-get update

sudo apt-get install curl -y
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.

Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as
root:
kubeadm join 172.31.80.79:6443 --token j1xu5c.easj27u24hy88z78 --discovery-token-

ca-cert-hash
sha256:8e5ca3b533d4a6296e39bed25cab0559a8494c1314f4e2c8b24d5de458aa4b8b
kubetcl get nodes
FOr enabling the network ,there are many network addons available
Weave
Fannel
Crasito
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version |

base64 | tr -d '\n')"
-----------------------------------------------------------------------------------
------------------
Day-3 notes
root@ip-172-31-92-69:~# hostnamectl set-hostname master

root@ip-172-31-92-69:~# bash
root@master:~#
root@ip-172-31-85-91:~# hostnamectl set-hostname worker-1

root@ip-172-31-85-91:~# bash
root@worker-1:~#
kubeadm
Docker
To start using your cluster, you need to run the following as a regular user:
root:
kubeadm join 172.31.92.69:6443 --token h5ji2w.fjk5futv6sr1u64f --discovery-token-

ca-cert-hash
sha256:9eecc24558c8be96f99cde3d0328c72f702b7537a830e6b2ae3568a678e05abc
Network pod,there are many networking model which is support by kubernetes

waeve network pod
calisto network pod
root@master:~# kubectl get node

NAME STATUS ROLES AGE VERSION
master NotReady control-plane,master 81s v1.22.4
root@master:~# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$
(kubectl version | base64 | tr -d '\n')"
serviceaccount/weave-net created
clusterrole.rbac.authorization.k8s.io/weave-net created
clusterrolebinding.rbac.authorization.k8s.io/weave-net created
role.rbac.authorization.k8s.io/weave-net created
rolebinding.rbac.authorization.k8s.io/weave-net created
daemonset.apps/weave-net created
root@master:~# kubectl get node
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 3m9s v1.22.4
Worker-node-1 : Installation steps
root@worker-1:~# sudo apt-get update

Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu bionic InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:4 https://download.docker.com/linux/ubuntu bionic InRelease
Hit:5 http://security.ubuntu.com/ubuntu bionic-security InRelease
Reading package lists... Done
root@worker-1:~# sudo apt-get install -y apt-transport-https ca-certificates curl
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20210119~18.04.2).
curl is already the newest version (7.58.0-2ubuntu3.16).
apt-transport-https is already the newest version (1.6.14).
0 upgraded, 0 newly installed, 0 to remove and 28 not upgraded.
root@worker-1:~# sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-
keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
root@worker-1:~# echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-
keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee
/etc/apt/sources.list.d/kubernetes.list
deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg]
https://apt.kubernetes.io/ kubernetes-xenial main
root@worker-1:~# sudo apt-get update
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu bionic InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:4 http://security.ubuntu.com/ubuntu bionic-security InRelease
Hit:5 https://download.docker.com/linux/ubuntu bionic InRelease
Get:6 https://packages.cloud.google.com/apt kubernetes-xenial InRelease [9383 B]
Get:7 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 Packages
[51.6 kB]
Fetched 61.0 kB in 0s (126 kB/s)
root@worker-1:~# sudo apt-get install -y kubelet kubeadm kubectl
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
conntrack cri-tools kubernetes-cni socat
The following NEW packages will be installed:
conntrack cri-tools kubeadm kubectl kubelet kubernetes-cni socat
0 upgraded, 7 newly installed, 0 to remove and 28 not upgraded.
Need to get 73.5 MB of archives.
After this operation, 318 MB of additional disk space will be used.
Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu bionic/main amd64 conntrack
amd64 1:1.4.4+snapshot20161117-6ubuntu2 [30.6 kB]
Get:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu bionic/main amd64 socat amd64
1.7.3.2-2ubuntu2 [342 kB]
Get:3 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 cri-tools
amd64 1.19.0-00 [11.2 MB]
Get:4 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64
kubernetes-cni amd64 0.8.7-00 [25.0 MB]
Get:5 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubelet
amd64 1.22.4-00 [19.1 MB]
Get:6 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubectl
amd64 1.22.4-00 [9057 kB]
Get:7 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubeadm
amd64 1.22.4-00 [8732 kB]
Fetched 73.5 MB in 2s (47.2 MB/s)
Selecting previously unselected package conntrack.
(Reading database ... 57827 files and directories currently installed.)
Preparing to unpack .../0-conntrack_1%3a1.4.4+snapshot20161117-
6ubuntu2_amd64.deb ...
Unpacking conntrack (1:1.4.4+snapshot20161117-6ubuntu2) ...
Selecting previously unselected package cri-tools.
Preparing to unpack .../1-cri-tools_1.19.0-00_amd64.deb ...
Unpacking cri-tools (1.19.0-00) ...
Selecting previously unselected package kubernetes-cni.
Preparing to unpack .../2-kubernetes-cni_0.8.7-00_amd64.deb ...
Unpacking kubernetes-cni (0.8.7-00) ...
Selecting previously unselected package socat.
Preparing to unpack .../3-socat_1.7.3.2-2ubuntu2_amd64.deb ...
Unpacking socat (1.7.3.2-2ubuntu2) ...
Selecting previously unselected package kubelet.
Preparing to unpack .../4-kubelet_1.22.4-00_amd64.deb ...
Unpacking kubelet (1.22.4-00) ...
Selecting previously unselected package kubectl.
Preparing to unpack .../5-kubectl_1.22.4-00_amd64.deb ...
Unpacking kubectl (1.22.4-00) ...
Selecting previously unselected package kubeadm.
Preparing to unpack .../6-kubeadm_1.22.4-00_amd64.deb ...
Unpacking kubeadm (1.22.4-00) ...
Setting up conntrack (1:1.4.4+snapshot20161117-6ubuntu2) ...
Setting up kubernetes-cni (0.8.7-00) ...
Setting up cri-tools (1.19.0-00) ...
Setting up socat (1.7.3.2-2ubuntu2) ...
Setting up kubelet (1.22.4-00) ...
Created symlink /etc/systemd/system/multi-user.target.wants/kubelet.service â
/lib/systemd/system/kubelet.service.
Setting up kubectl (1.22.4-00) ...
Setting up kubeadm (1.22.4-00) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
root@worker-1:~# sudo apt-mark hold kubelet kubeadm kubectl
kubelet set on hold.
kubeadm set on hold.
kubectl set on hold.
root@worker-1:~# kubeadm join 172.31.92.69:6443 --token h5ji2w.fjk5futv6sr1u64f --
discovery-token-ca-cert-hash
sha256:9eecc24558c8be96f99cde3d0328c72f702b7537a830e6b2ae3568a678e05abc
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get
cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file
"/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file
"/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:

* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
kubeadm join 172.31.92.69:6443 --token bolnab.np6higdx1jf4zzs3 --discovery-token-

ca-cert-hash
sha256:05bf8f8bffc3f3ef8487d3a3d01b436f1504d82b8d049890ac92ef9da71efc61
kubeadm join 172.31.92.69:6443 --token n7l6d4.r0zy92bdjcqr4acm --discovery-token-

ca-cert-hash
sha256:3710df7bf6bc5a60c4ec1369af3c3cd14653aa091eaae42de2ff51d9ef189979
Day-4
Kubernetes cluster upgraded
Kubernetes Tokens
KUbernetes Objects
Introduction of pods
Namespaces
Kubernetes
V1.18.2---> V1.18.6
kubeadm join 172.31.84.0:6443 --token lk687r.klk9m5knhlvw18s7 --discovery-token-ca-

cert-hash sha256:e78840514b670575d47c1d82e702aa6684ab4b4028589a27063b265b8019f510
apt-mark unhold kubeadm && \

apt-get update && apt-get install -y kubeadm=1.23.6-00 && \
apt-mark hold kubeadm
Kubernetes Token and CA-certificates.
kubeadm join 172.31.84.0:6443 --token jhnz6p.0ifgqwtymcm1fa2a --discovery-token-ca-

cert-hash sha256:e78840514b670575d47c1d82e702aa6684ab4b4028589a27063b265b8019f510
kubeadm join 172.31.84.0:6443 --token lk687r.klk9m5knhlvw18s7 --discovery-token-

unsafe-skip-ca-verification
-----------------------------------
Day-5
Kubernetes Objects:
Kubernetes objects are persistent entities of your kubernetes system,entites is
nothing but it represent your state of the cluster
kubernetes object is "record of intent", once you create object,kubernetes will

make sure the object exists.
Every Kubernetes object has a specification (spec) and it has object status,
The specification is all about what we want and it is regarded as desired state and
the stauts is nothing
but the actual state of kubernetes
Every Kubernetes has a spec and the status
we specify object spec in the format of .yaml file (manifest file) and we the
status of the kubernets object after we apply the spec
kubectl ---> API Server
kubectl ---> API server

file format ---> API Server
Kubernetes provides a lot of resources,,, kubectl api-resources --List of all the

resources
Kubernetes API:
The core of the kubernetes control plane is the API server,this API -server exposes
http API's that lets
enduser and different parts of your cluster ,external componetns communicate each
others
kubernetes stors the serialized states of the objects by writing them to the etcd
database
To express the desired state ,we would be creating the specification of the
kubernetes resources
* pod
*container
*ephermel containers
* Replication Controllers
* Replica sets
* Deployments
* statefuset
* Daemon sets
* Job
* CronJob
* Horizontal pod Auto scaler
API groups and Versioning :
Kubernetes supports mulitple apiVersion ( Core Apiversion)

API groups make it easier to extend the kubernetes api.The API group is specified
in the REST path and is in the form
__apiVersion__ field of serialzied objects
There are several apigroups:
Core api group,Rest path /api/v1---> v1
Named groupd --> /api/$GROUP_NAME/$version
/api/batch/v1 ---> batch/v1
#### Kubectl
Kubectl is command line utlity for interacting and performing various operation on
Kubernetes
Kubectl has 2 ways of managing the cluster

1. Imperative method--> we create object by executing the command,or kubectl
commands
kubectl get pods
kubectl get nodes
kubectl apply -f hello-pod.yaml
2.Declartive method
.yaml ,apply ,delete
How kubectl communicates with kuberentes:
The API Servers manages communication in kubernetes ( for the developer it look
like it a API gateway)
To achieve the communication,the API server implement RESTFULL API over http and
https to perform
CRUD operations to populate and modify k8s API objects (pods,service,deployments)
-----------------------------------------------------------------------------------
----------------------------
Kubernetes Day-6
Introduction of pod
Namespaces
Taint node
Label
Pod - resources ,limits
Health Check - Liveness ,Readness
A pod is nothing but ,it is smallest deployable unit in Kubernetes system
each pod will be assgined a unique IP address
-----------------------------------------------------------------------------------
Day -7
Namespaces
Taint
Labels
Namespaces-- Kubernetes supports multiple virtual cluster backed with the same
physical cluster ,this virtual cluster is called as namespace
kubectl port-forward web-server 8081:80 --address 0.0.0.0
Taints: node-role.kubernetes.io/master:NoSchedule
To remove the taint in the master,execut the command

kubectl taint node master node-role.kubernetes.io/master
To set the taint in worker-1 node

kubectl taint node worker-1 key=value:NoSchedule
To set the taint in worker-2 node with new ways

kubectl taint node worker-2 key=value:NoExecute
--------------------------------------------------
Day-8
Kubernetes Labels
Kubernetes ResourceQuota and LimitRange
/etc/kubernetes/manifests/kube-apiserver.yaml
---- PodNodeSelector
--enable-admission-plugins=NodeRestriction,PodNodeSelector
root@master:~# kubectl edit namespace project-1

metadata:
annotations:
scheduler.alpha.kubernetes.io/node-selector: node=worker1
-------------------------------------------------------------------------
Day-9 (50%)
ResourceQuota ,LimitRange
Controllers
services -- cluserip,nodeport ,loadbalanceer - 5 sessions
wednesday - 10PM
sat,sun - end 0f january
kubernetes - Helm,Servicemesh,isitio , integration of kubernetes with

promethus ,grafanna, integration of kubernestes with ELK
Kubernests as service (Paas) AWS (EKS) - 5 sessions ,Azure ,Google
1 trouble shooting ,
4 session - CKA
Feb - 2nd week - 35 to 40 hours only on kubernetes
/var/lib/kubelet -> config.yaml

maxPod: 10000
-----------------------------------------------------------------------------------
------
Kubernetes Day-10
LimitRange- we can set to pod,containers,volumes
Limitrange - pods
Pod Controllers
AWS- Autoscaler -- VMmachine in aws ,
Replication controller can only montior only 1 label as selector ,it cannot
monitoring multiple labels
It only monotor the Equality based Selector - only 1 label it can monitor
Replicset - monitor the Set-based selector
Replication controller will support for Rolling update of the applications .
Replicaset will not support any rolling update of the application running inside
the pod
what is the difference between replication controller and deployment?
In Replication controller- there is downtime of the application ,where in
deployment there is no downtime
In case of Replication controller,there is no roll-back,where in the Deployment,we

have undo or we call as roll-back facility is there in Deployments
-----------------------------------------------------------------------------------
----------------------
Kubernetes Day - 11
V1.18 --> kubernetes has removed the rolling update feature in

ReplicationController
kubetcl rolling-update rc-demo --update-period=10s -f rc.yaml
In case of Replicaset,we have 2 operator - In,NotIn
Rolling update methods in Deployment

1.File method
2. kubectl set image deployment.apps/nginx-deployment nginx=nginx:1.7.1 --
record=true
3.kubectl edit deployment.apps/nginx-deployment
root@master:~# vi rc.yml
apiVersion: v1
kind: ReplicationController
metadata:
name: mycloud
spec:
replicas: 3
selector:
team: dev
template:
metadata:
name: mycloud
labels:
team: dev
spec:
containers:
- name: mycloud
image: nginx:1.7.1
ports:
- containerPort: 80
root@master:~# vi web.yaml
apiVersion: v1
kind: Pod
metadata:
name: web-server
spec:
containers:
- name: web-server
image: nginx
-----------------------------------------------------------------------------------
-----------------------------
Kubernetes Day -13
init container
Multi container pod
Kubernetes Volumes
Troubleshooting
AWS EKS
Kubernetes HELM,ISITIO,SERVICEMESH
Kubernetes integration Prometheus GRaffana , ELK
Kubernetes Topics covered in upcoming sessions
1. Services - Node port

2. Kubernetes Networking - LoadBalancers (Ingress)
3. Init Containers
4. Multi Container Pods
5. Kubernetes Persistant volume and PVC
6. Horizontal Pod Auto Scaling
7. Kubernetes Daemonset,jobs,Statefulset, Affinity
8. Kubernetes - Secrets,configmaps
9. Kubernetes - RBAC,Probes (Liveness,Readiness)
10.Kubernetes - Monitoring,Logging,Debugging,Troubleshooting
11.Kubernetes - Integration with Promotheus with Grafana
12.Kubernetes - Intergration with ELK
13.Kubernetes - AWS EKS
14.Kubernetes - Azure AKS - How to create Azure Kubernetes service in Azure portal
15.Kubernetes - GKE - How to setup Kubernetes in Google cloud platform
16. Kuberne HELM
17. Kubernetes - ServiceMesh and Isitio
18. Kubernetes - Preparation on CKA (Certified Kubernetes Adminstrator) and Roadmap
to other ceritifications
tes - Introduction to HELM,usage of
There are some very interesting topics in Kubernetes like Pod
Security ,CoreDNS,etcd,cni,Playing with Network Plugin (Calico,Waeave and others
Plugins),Kompose,Metrics Server,DashBoards,Service Accounts,Kubernetes- The Hard
way,Operating system upgrade within a Kubernetes Cluster
-------------------------------------------------------------------------------
Kubernetes Day - 14 session
Thursday - Multi-container and Probes
Saturday - Volumes and Affinity
Sunday - HPA, Daemonset, Configmap and secrets
root@master:~# cat .vimrc

set noautoindent
------------------------------------------------
Kubernetes Day - 15
1.Daemon set
2. scheduling Topologies
3. Affinity and AntiAffinity
4.Static pods
5. RBAC ( ROle Based access control)
6. Probes (livenessprobe and Readiness Probe)
7.HPA (Horizontal pod Autoscaler)
8. Kubernetes Volumes
9.Configmap and secrets
10.HELM,ISITO, Promotheus & Grafana with Kubernetes
11.Kubernetes in AWS(EKS),Azure(AKS) and GCP (GKE)
12.Troubleshooting
13.Intregration of Kubernetes with Jenkins
13. CKA
kubeadm join 172.31.82.252:6443 --token k7vkan.uljmi5opn8pgcvm3 --discovery-token-

ca-cert-hash
sha256:2a656b1d615b558805356f8207a2f8b954c42fa52ac17ea578c99c02e5b44582
-----------------------------------------------------------------------------------
-------------
Kubernetes Day - 16
1.Kubernetes Volumes
2.RBAC - Role Based Access Controllers
cat << EOF | sudo tee /etc/docker/daemon.json

{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo systemctl enable docker

sudo systemctl daemon-reload
sudo systemctl restart docker

root:
kubeadm join 172.31.81.134:6443 --token 77krti.x7wa59ykesxxmpmj \

--discovery-token-ca-cert-hash
sha256:858e9e022c0e2c324905b59bf55011fc3a67cbc6c37202bd142cfdc20ae3c3ab
-------------------------------------------------
Kubernetes Day - 17
Configmap and Secrets -- 30 to 40 mins

Kubernetes Probes - 20 mins
Secrets is basically its Namespace oriented
Secrets stores the sensitive information like key/value pairs or it stores some
password or even you want encrpt the tls certificates or sometime
even you want encrypt files
mysql
value: redhat
secret always stores the information by encoding into base64
configmap -- basically it is used to store non-senstive information
Integration of promtheus and Grafana with Kubernetes --->
installing the kubernetes using kops ---In AWS --->
Kuberetes PASS in GKE - 2 sessions
Troubeshooting of Kubernetes
Terraform - only weekend i will take , in weekday - any day call u to continue with
left out topics of kubernetes
----------------------------------------------------------------------
Kubernetes Day-18
Kubernetes Probes,Introduction to Helm
Probe is health check,that can be configured to check the health of the container
running in the pod.
A probe may return the following results
1.success
2.failure
3.unknown
Types of Probes:
1.Liveness Probe:
This probe is used to determine if the particular container is running or
not ,if a container fails the liveness probe,then controller
will try to restart the pod in the same node,it is all based on Restart Policy
-- , the default restart policy is Always
2.Readiness Probe:
This Probe is used to determine wheather a particular container is ready to
receieve the request or not ,if this fails then
kubernetes controller will ensure the pod doesn't recieve any request
Implementation of the probes:

1.Command probes: in this probe the controller will get the contaienr to execute
specific command in order to perform probe in the container
2.HTTP Request probes: In this probe ,the conttoller will send GET Http request to
the given address to either port or hostname to perform the probe on the container,
we can set the follwoing fields to configure the http probe
* port number
*path
* hostname
*http header
* TCP socket probe
Restart Policy:
1.Always: Always restart the pod whenever it terminates
2.On Failure:
3.Never
rajeshsingh.com/home
rajeshsingh.com/inventories
Helm --- > Package Manager in Kubernetes
Ubuntu
Redhat
Centos
Helm is basically used to manage all the manifest files or Yaml files - APplication
very easyily ..

k8s Notes

Uploaded by

k8s Notes

Uploaded by

Day -1 Kubernetes.

Docker Swarm -- it is basically an Orchestration system ,meaning of orchestration -

Orchestration is nothing but a managemnet of many containers.

Kubernetes is a portable extensible open source platform for managing containerzied

Kubernetes also facilitaties both declartive configuration and automation .

Kubernetes (k8s) provides:

1.VMware --> 3 images Centos 8 VM's

2.Choose any cloud AWS,AZUre,GCP

choose 3 VM's ,install of Kubernetes in these machine

3.Many of the cloud ,they are providing

GCP - GKE (Google Kubernetes Engine)

Lets us understand the History of Kubernetes

2014 - Google gave this Omega as well Borg - Linux Foundations

Kubernetes 2015 V1.0

1--> Major release

Installation of Kubernetes cluster

1.Kubernetes cluster in a single node or in your own laptop --> minikube

2. Kubernetes Multi -Node - 2 VM (1 - Master ,1 -Node ,2-Node)

3. IOT/ Arm processor - k3s

Installation of Kubernetes - we will be kubeadm

1.Hardware requirement - Master - 2 CPU core,min 2GB Ram

AWS - t2.micro 1 CPU ,1GB RAM --> Dead slow

Kubernetes - 2 node t2.medium --> i have installed,setup 30 mins ,do

tomorrow - 2 node again 20 mins

We will use 2 VM's in AWS -> we will prefer Ubuntu 20

sudo apt-get update

Alternatively, if you are the root user, you can run:

You should now deploy a pod network to the cluster.

kubeadm join 172.31.80.79:6443 --token j1xu5c.easj27u24hy88z78 --discovery-token-

kubetcl get nodes

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version |

root@ip-172-31-92-69:~# hostnamectl set-hostname master

root@ip-172-31-85-91:~# hostnamectl set-hostname worker-1

Alternatively, if you are the root user, you can run:

kubeadm join 172.31.92.69:6443 --token h5ji2w.fjk5futv6sr1u64f --discovery-token-

Network pod,there are many networking model which is support by kubernetes

root@master:~# kubectl get node

Worker-node-1 : Installation steps

root@worker-1:~# sudo apt-get update

This node has joined the cluster:

kubeadm join 172.31.92.69:6443 --token bolnab.np6higdx1jf4zzs3 --discovery-token-

kubeadm join 172.31.92.69:6443 --token n7l6d4.r0zy92bdjcqr4acm --discovery-token-

Kubernetes cluster upgraded

kubeadm join 172.31.84.0:6443 --token lk687r.klk9m5knhlvw18s7 --discovery-token-ca-

apt-mark unhold kubeadm && \

Kubernetes Token and CA-certificates.

kubeadm join 172.31.84.0:6443 --token jhnz6p.0ifgqwtymcm1fa2a --discovery-token-ca-

kubeadm join 172.31.84.0:6443 --token lk687r.klk9m5knhlvw18s7 --discovery-token-

kubernetes object is "record of intent", once you create object,kubernetes will

Every Kubernetes has a spec and the status

kubectl ---> API Server

kubectl ---> API server

Kubernetes provides a lot of resources,,, kubectl api-resources --List of all the

API groups and Versioning :

Kubernetes supports mulitple apiVersion ( Core Apiversion)

There are several apigroups:

Core api group,Rest path /api/v1---> v1

Named groupd --> /api/$GROUP_NAME/$version

/api/batch/v1 ---> batch/v1

Kubectl has 2 ways of managing the cluster

How kubectl communicates with kuberentes:

Pod - resources ,limits

Health Check - Liveness ,Readness

A pod is nothing but ,it is smallest deployable unit in Kubernetes system

each pod will be assgined a unique IP address

kubectl port-forward web-server 8081:80 --address 0.0.0.0

To remove the taint in the master,execut the command

To set the taint in worker-1 node

To set the taint in worker-2 node with new ways

root@master:~# kubectl edit namespace project-1

sat,sun - end 0f january

kubernetes - Helm,Servicemesh,isitio , integration of kubernetes with

Feb - 2nd week - 35 to 40 hours only on kubernetes

/var/lib/kubelet -> config.yaml

LimitRange- we can set to pod,containers,volumes

AWS- Autoscaler -- VMmachine in aws ,