- Kubernetes clusters have to types of users service accounts and normal users , but normal users are assumed to be managed by an outside service.
- rbac-clusterrole
- kubectl auth can-i COMMAND OBJECTCLASS
kubectl auth can-i create deployments --as bob --namespace developer
https://docs.helm.sh/using_helm/
- curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash
- helm init
- helm repo update
- helm search wordpress
- helm inspect chart stable/wordpress
- helm install stable/wordpress
- kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il
- https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service/
- on all members:
- journalctl -u kubelet | less
- find / -name "kube-proxylog"
- additional on master:
- find / -name "apiserverlog"
- find / -name "schedulerlog"
- find / -name "controller-managerlog"
- first: we need a metric server.
- minikube:
minikube addons enable metrics-server
- minikube:
- deployment-example
- deploy hpa
kubectl -n demo autoscale deployment php --cpu-percent=50 --min=1 --max=10
- hpa.yaml
- generate load
while true; do wget -q -O- http://$(minikube ip):31080 ; done
-
HA Master
-
Volumes, PersistentVolumes, StorageClasses
-
Users, Groups, Login, RBAC advanced
-
Autoscaling
-
Network Policies
-
CustomResources
-
Podtemplate - DNS Policy
-
Podtemplate - Affinity
-
Podtemplate - TerminationMessage
-
Taints and Tolerations
-
PodDisruptionBudget
-
PriorityClasses
-
...