From 705e476adfa9439731e5890ccad20b3313aa1b2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my-Christophe=20Schermesser?= Date: Wed, 22 May 2019 18:52:00 +0200 Subject: [PATCH 01/12] fix: add kubectl in installation (#35) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5f40fff..a711702 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ open https://download.docker.com/mac/stable/Docker.dmg Install minikube and the "ingress" and "metrics-server" addons: ```sh -$ brew cask install minikube +$ brew cask install minikube kubectl [...] $ minikube start From 9e1eaae3b48d17e63e43bbaed2e5aebd2cd3d7bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my-Christophe=20Schermesser?= Date: Thu, 23 May 2019 09:54:22 +0200 Subject: [PATCH 02/12] fix: simpleservice endpoints (#37) --- 05-pods/README.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/05-pods/README.md b/05-pods/README.md index 9d87859..405b935 100644 --- a/05-pods/README.md +++ b/05-pods/README.md @@ -10,11 +10,7 @@ But it has a base assumption that a `pod` can be killed whenever it wants to. So ## First pod -Let's start to deploy the docker image [mhausenblas/simpleservice](https://hub.docker.com/r/mhausenblas/simpleservice/). It's a stateless python JSON API that answers on: - -* `/env` -* `/info` -* `/health` +Let's start to deploy the docker image [mhausenblas/simpleservice](https://hub.docker.com/r/mhausenblas/simpleservice/). It's a stateless python JSON API that answers on multiple endpoints. In this hands-on we will only use the `/health`. Here is our first manifest for Kubernetes: From 6f6bb36d3e91db7366c72f1a17c90cd545951d4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my-Christophe=20Schermesser?= Date: Thu, 23 May 2019 10:00:57 +0200 Subject: [PATCH 03/12] fix: readme for kubectl (#39) --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a711702..532e397 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,10 @@ open https://download.docker.com/mac/stable/Docker.dmg Install minikube and the "ingress" and "metrics-server" addons: ```sh -$ brew cask install minikube kubectl +$ brew install kubectl +[...] + +$ brew cask install minikube [...] $ minikube start From bbaa7280b9d7a3dbab9e4ed7766953a5335aa35f Mon Sep 17 00:00:00 2001 From: Jawad Seddar Date: Thu, 23 May 2019 10:04:46 +0200 Subject: [PATCH 04/12] Fix exit not found error in liveness probe manifest (#38) --- 11-probes/01-liveness-probe.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/11-probes/01-liveness-probe.yml b/11-probes/01-liveness-probe.yml index e61906b..f18925c 100644 --- a/11-probes/01-liveness-probe.yml +++ b/11-probes/01-liveness-probe.yml @@ -10,7 +10,8 @@ spec: livenessProbe: exec: command: - - exit - - "1" + - /bin/bash + - -c + - "exit 1" initialDelaySeconds: 5 periodSeconds: 5 From 11e01e919075d5b8d28fb1cec2ffee9ab997700c Mon Sep 17 00:00:00 2001 From: Jawad Seddar Date: Thu, 23 May 2019 10:12:28 +0200 Subject: [PATCH 05/12] Fix exit not found error in readiness probe manifest (#40) --- 11-probes/02-readiness-probe.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/11-probes/02-readiness-probe.yml b/11-probes/02-readiness-probe.yml index 2c23680..e4c5c2a 100644 --- a/11-probes/02-readiness-probe.yml +++ b/11-probes/02-readiness-probe.yml @@ -21,8 +21,9 @@ spec: readinessProbe: exec: command: - - exit - - "1" + - /bin/bash + - -c + - "exit 1" initialDelaySeconds: 5 periodSeconds: 5 --- From 5ebea66c4dc1072e596b31494d847ac9bf2323b7 Mon Sep 17 00:00:00 2001 From: Benjamin Baron <2346055+benjbaron@users.noreply.github.com> Date: Thu, 23 May 2019 10:46:29 +0200 Subject: [PATCH 06/12] Add how to look up the secrets in both cases (#41) * Add how to look up the secrets in both cases * Update README.md * lint --- 10-secrets/README.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/10-secrets/README.md b/10-secrets/README.md index 688a66a..bedb988 100644 --- a/10-secrets/README.md +++ b/10-secrets/README.md @@ -24,6 +24,8 @@ secret "mysecret" created You can reference a secret from a pod, either per env variable or mounting a volume containing a secret. +## Reference the secret by mounting it as a volume + Here we mount the secret `mysecret` to the path `/etc/foo` inside the pod: ```yml @@ -45,6 +47,17 @@ spec: secretName: mysecret ``` +You can look up the secrets in the pod by connecting to the pod: + +```sh +$ kubectl exec -ti redis-with-volume-secrets /bin/bash +root@redis-with-volume-secrets:/data# cd /etc/foo/ +root@redis-with-volume-secrets:/etc/foo# ls +password username +``` + +## Reference the secret by using environmental variables + Here we bind the value `username` from the secret `mysecret` to the env variable `SECRET_USERNAME`, `password` from the secret `mysecret` to the env variable `SECRET_PASSWORD`: @@ -70,6 +83,16 @@ spec: key: password ``` +You can look up the secrets in the pod by connecting to the pod: + +```sh +$ kubectl exec -ti redis-with-env-secrets /bin/bash +root@redis-with-env-secrets:/data# echo $SECRET_USERNAME +admin +root@redis-with-env-secrets:/data# echo $SECRET_PASSWORD +1f2d1e2e67df +``` + Careful, if you change a secret after starting the pods, it won't update the pods. So you need to restart them. ## Clean up From 013692af32ab09b6755f7ea61cb9edb1f54b339d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my-Christophe=20Schermesser?= Date: Thu, 23 May 2019 10:47:25 +0200 Subject: [PATCH 07/12] fix(resources): typo (#43) --- 12-resources/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/12-resources/README.md b/12-resources/README.md index 66b4152..1f590b9 100644 --- a/12-resources/README.md +++ b/12-resources/README.md @@ -10,7 +10,7 @@ For each resource you can define the `limits` and the `requests`. ## Resources definition -The CPU resource is measured in a number of CPU the pod will use for a given amount of time. It can be inferior to 0. +The CPU resource is measured in a number of CPU the pod will use for a given amount of time. It cannot be inferior to 0. Specifying `0.5` (or `500m`, which means 500 millicpu), will give half of a CPU to your pod. The RAM resource is measured in the number of bytes of RAM the pod will use. From cad8e32ffe091d5d45954337596cbd0bbf184777 Mon Sep 17 00:00:00 2001 From: Benjamin Baron <2346055+benjbaron@users.noreply.github.com> Date: Thu, 23 May 2019 10:47:53 +0200 Subject: [PATCH 08/12] fix typos (#42) --- 11-probes/README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/11-probes/README.md b/11-probes/README.md index 25e22bb..f4e69b8 100644 --- a/11-probes/README.md +++ b/11-probes/README.md @@ -8,11 +8,11 @@ You can define two probes for Kubernetes to know the state of your container: "l ## Liveness probe -The liveness probe is here to detect if a container is still alive. Meaning, if the container is not in a broken state, in a dead lock, or anything related. This is always usefull. It helps Kubernetes to know if your container is alive or not and so it can take decision based on that, like restarting it. +The liveness probe is here to detect if a container is still alive. Meaning, if the container is not in a broken state, in a dead lock, or anything related. This is always useful. It helps Kubernetes to know if your container is alive or not and so it can take decision based on that, like restarting it. ## Readiness probe -The readiness probe is here to detect if a container is ready to serve traffic. It is usefull to configure when your container will receive external traffic sent by Kubernetes. Most of the time, when it's an API. +The readiness probe is here to detect if a container is ready to serve traffic. It is useful to configure when your container will receive external traffic sent by Kubernetes. Most of the time, when it's an API. ## Defining a probe @@ -24,7 +24,7 @@ Both liveness and readiness probes have the same configuration. You have three w ### Exec probe -The `exec` probe let you configure a command that Kubernetes will run in your container. If the command exits with a non zero status the probe will be considered unhealthy: +The `exec` probe lets you configure a command that Kubernetes will run in your container. If the command exits with a non zero status the probe will be considered unhealthy: ```yml livenessProbe: @@ -41,7 +41,7 @@ We will see later what `initialDelaySeconds` and `periodSeconds` means. ### HTTP probe -The `http` probe let you configure a HTTP endpoint that Kubernetes will call in your container. If this endpoint returns a non 2XX status the probe will be considered unhealthy: +The `http` probe lets you configure a HTTP endpoint that Kubernetes will call in your container. If this endpoint returns a non 2XX status the probe will be considered unhealthy: ```yml livenessProbe: @@ -57,13 +57,13 @@ livenessProbe: The `http` probe has two mandatory fields `path` and `port` and one optional `httpHeaders`. -* `path`: let you configure which http path the probe should call. -* `port`: let you configure which port the probe should connect to. -* `httpHeaders`: let you configure http headers the probe should send with its call. +* `path`: lets you configure which http path the probe should call. +* `port`: lets you configure which port the probe should connect to. +* `httpHeaders`: lets you configure http headers the probe should send with its call. ### TCP probe -The `tcp` probe let you configure a TCP port that Kubernetes will try to connect to. If it does not manage to establish a connection the probe will be considered unhealthy: +The `tcp` probe lets you configure a TCP port that Kubernetes will try to connect to. If it does not manage to establish a connection the probe will be considered unhealthy: ```yml livenessProbe: From 2febb7e51308c09dd999cd930d373ca8829746a8 Mon Sep 17 00:00:00 2001 From: Thomas Paulmyer Date: Thu, 23 May 2019 11:13:32 +0200 Subject: [PATCH 09/12] fix sidecar manifest (#44) --- 16-sidecar-containers/01-sidecar.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/16-sidecar-containers/01-sidecar.yml b/16-sidecar-containers/01-sidecar.yml index 63b9ea2..11c0aff 100644 --- a/16-sidecar-containers/01-sidecar.yml +++ b/16-sidecar-containers/01-sidecar.yml @@ -11,12 +11,12 @@ spec: - name: nginx image: nginx volumeMounts: - - name: data + - name: shared-data mountPath: /usr/share/nginx/html - name: debian image: debian volumeMounts: - - name: data + - name: shared-data mountPath: /pod-data command: ["/bin/sh"] args: ["-c", "echo Hello from the debian container > /pod-data/index.html"] From 88e0969d44f26a4ffe74bd2440003aa91f324e71 Mon Sep 17 00:00:00 2001 From: Matthieu Dumont <5095856+Jerska@users.noreply.github.com> Date: Thu, 23 May 2019 11:41:31 +0200 Subject: [PATCH 10/12] chore(affinity): fix typo (#46) --- 13-affinity-anti-affinity/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/13-affinity-anti-affinity/README.md b/13-affinity-anti-affinity/README.md index 4aedbb6..fa991ef 100644 --- a/13-affinity-anti-affinity/README.md +++ b/13-affinity-anti-affinity/README.md @@ -54,7 +54,7 @@ spec: In english words, this configuration means that we want to ensure that pods with the label `run=nginx` will not run on node with the same hostname (`kubernetes.io/hostname`). -You also have `preferredDuringSchedulingIgnoredDuringExecution` to not require but only hints the scheduler. Carefull the configuration for this is different: +You also have `preferredDuringSchedulingIgnoredDuringExecution` to not require but only hints the scheduler. Be careful the configuration for this is different: ```yml apiVersion: v1 From 11046b6c63ffc7b8f94061415d6d598ab695a4ab Mon Sep 17 00:00:00 2001 From: Thomas Paulmyer Date: Thu, 23 May 2019 11:42:47 +0200 Subject: [PATCH 11/12] remove wrong directory in kubectl apply examples in volumes (#47) --- 17-volumes/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/17-volumes/README.md b/17-volumes/README.md index 0b07541..4bd7ab7 100644 --- a/17-volumes/README.md +++ b/17-volumes/README.md @@ -47,7 +47,7 @@ Let's review some parameters: Apply it: ```sh -kubectl apply -f 10-volumes/01-simple-mysql-pv.yml +kubectl apply -f 01-simple-mysql-pv.yml ``` Now that we have a storage, we need to claim it, make it available for our pods. So we need a `PersistentVolumeClaim`. It is a request for storage by a user. It is similar to a pod. Pods consume node resources and `PersistentVolumeClaim` consume `PersistentVolume` resources. @@ -68,7 +68,7 @@ spec: The manifest is pretty similar to the `PersistentVolume`: ```sh -kubectl apply -f 10-volumes/02-simple-mysql-pvc.yml +kubectl apply -f 02-simple-mysql-pvc.yml ``` ## Stateful application @@ -76,7 +76,7 @@ kubectl apply -f 10-volumes/02-simple-mysql-pvc.yml Now let's create the `deployment` of mysql: ```sh -kubectl apply -f 10-volumes/03-simple-mysql-deployment.yml +kubectl apply -f 03-simple-mysql-deployment.yml ``` There is a bunch of parameters we haven't seen yet: @@ -97,7 +97,7 @@ There is a bunch of parameters we haven't seen yet: Let's finish by creating a `service` to have stable DNS entry inside our cluster. ```sh -kubectl apply -f 10-volumes/04-simple-mysql-service.yml +kubectl apply -f 04-simple-mysql-service.yml ``` Finally let's access the mysql: From 2d64230e0e23b02f6314bdf01501c2d4dd501d55 Mon Sep 17 00:00:00 2001 From: Benjamin Baron <2346055+benjbaron@users.noreply.github.com> Date: Thu, 23 May 2019 11:43:02 +0200 Subject: [PATCH 12/12] Update README.md (#45) --- 14-pdb/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/14-pdb/README.md b/14-pdb/README.md index 8e6b028..1d82471 100644 --- a/14-pdb/README.md +++ b/14-pdb/README.md @@ -34,7 +34,7 @@ If you want to see the effect of a PDB, you will need a multi-node Kubernetes. A Use the [configuration file](kind.yml) provided to create your cluster: ```sh -kind create cluster --config kind.yml +kind create cluster --config 14-pdb/kind.yml ``` Review and apply the manifests in [01-pdb.yml](01-pdb.yml). Why did we specify a soft anti-affinity?