multipass launch -m2G -c2 -d5G -n "k8scp" lts --network "en0" wget https://cm.lf.training/LFS258/LFS258_V2023-09-14_SOLUTIONS.tar.xz --user=LFtraining --password=Penguin2014
tar -xvf LFS258_V2023-09-14_SOLUTIONS.tar.xz
sudo suecho "update apt and install dependencies"
apt-get update && apt-get upgrade -y
apt-get install -y vim curl apt-transport-https vim git wget software-properties-common lsb-release ca-certificates net-tools bash-completion
echo "turn off swap"
swapoff -a
echo "Update kernel networking to allow necessary traffic."
modprobe overlay
modprobe br_netfilter
cat << EOF | tee /etc/sysctl.d/kubernetes.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
echo "Ensure the changes are used by the current kernel as well"
sysctl --systemecho "Install the necessary key for the software to container.d"
mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg \ | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update && apt-get install containerd.io -y
containerd config default | tee /etc/containerd/config.toml
sed -e 's/SystemdCgroup = false/SystemdCgroup = true/g' -i /etc/containerd/config.toml
systemctl restart containerd
echo "Add a new repo for kubernetes."
cat << EOF | tee /etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
echo "Add a GPG key for the k8s packages."
curl -s \
https://packages.cloud.google.com/apt/doc/apt-key.gpg \
| apt-key add -
echo "update Apt (again)"
apt-get update
echo "install K8S v 1.27.1-00 to practise upgrading"
apt-get install -y kubeadm=1.27.1-00 kubelet=1.27.1-00 kubectl=1.27.1-00
echo "add autocompletion to kubectl"
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> $HOME/.bashrc
echo "add ip fron enp0s2 to /etc/hosts as k8scp"
echo "Get the IPv4 address from interface enp0s1"
ip_address=$(ifconfig enp0s1 | awk '/inet / {print $2}' | cut -d':' -f2)
echo "Check if an IP address is obtained"
if [ -z "$ip_address" ]; then
echo "Error: Unable to obtain the IP address from enp0s2."
exit 1
fi
echo "Specify the FQDN"
fqdn="k8scp"
echo "Add the IP address and FQDN to /etc/hosts"
echo "$ip_address $fqdn" | sudo tee -a /etc/hosts
echo "127.0.0.1 localhost" | sudo tee -a /etc/hosts
echo "Display a message"
echo "Successfully added $fqdn with IP address $ip_address to /etc/hosts."
echo "create the kubeadm config that will be used to install kubernetes"
cat << EOF | tee kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: 1.27.1
controlPlaneEndpoint: "k8scp:6443"
networking:
podSubnet: 192.168.0.0/16
EOF
echo "start K8s controlplane remember to save the join token"
kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.out
exit
temp
kubeadm join code: kubeadm join k8scp:6443 --token 2g0o5b.5xl31pw12a870pog --discovery-token-ca-cert-hash sha256:694fa5104d0c5268b24dce17c4ac4272a221c0386cb04f479f8bffcb37872d85
make sure you arent in root
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
less .kube/config
kubeclt get pods --all-namespaces
kubectl apply -f $(find $HOME -name cilium-cni.yaml)
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> $HOME/.bashrc
$SHELL
multipass launch -m2G -c2 -d5G -n "worker" lts --network "en0" wget https://cm.lf.training/LFS258/LFS258_V2023-09-14_SOLUTIONS.tar.xz --user=LFtraining --password=Penguin2014
tar -xvf LFS258_V2023-09-14_SOLUTIONS.tar.xz
sudo suecho "update apt and install dependencies"
apt-get update && apt-get upgrade -y
apt-get install -y vim curl apt-transport-https vim git wget software-properties-common lsb-release ca-certificates net-tools bash-completion
echo "turn off swap"
swapoff -a
echo "Update kernel networking to allow necessary traffic."
modprobe overlay
modprobe br_netfilter
cat << EOF | tee /etc/sysctl.d/kubernetes.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
echo "Ensure the changes are used by the current kernel as well"
sysctl --system
echo "Install the necessary key for the software to container.d"
mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg \ | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update && apt-get install containerd.io -y
containerd config default | tee /etc/containerd/config.toml
sed -e 's/SystemdCgroup = false/SystemdCgroup = true/g' -i /etc/containerd/config.toml
systemctl restart containerd
echo "Add a new repo for kubernetes."
cat << EOF | tee /etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
echo "Add a GPG key for the k8s packages."
curl -s \
https://packages.cloud.google.com/apt/doc/apt-key.gpg \
| apt-key add -
echo "update Apt (again)"
apt-get update
echo "install K8S v 1.27.1-00 to practise upgrading"
apt-get install -y kubeadm=1.27.1-00 kubelet=1.27.1-00 kubectl=1.27.1-00
echo "add autocompletion to kubectl"
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> $HOME/.bashrc
apt-mark hold kubeadm kubelet kubectl
echo "add ip fron enp0s2 to /etc/hosts as worker"
echo "Get the IPv4 address from interface enp0s1"
ip_address=$(ifconfig enp0s1 | awk '/inet / {print $2}' | cut -d':' -f2)
echo "Check if an IP address is obtained"
if [ -z "$ip_address" ]; then
echo "Error: Unable to obtain the IP address from enp0s2."
exit 1
fi
echo "Specify the FQDN"
fqdn="worker"
echo "Add the IP address and FQDN to /etc/hosts"
echo "$ip_address $fqdn" | sudo tee -a /etc/hosts
echo "127.0.0.1 localhost" | sudo tee -a /etc/hosts
echo "192.168.68.9 k8scp" | sudo tee -a /etc/hosts
echo "Display a message"
echo "Successfully added $fqdn with IP address $ip_address to /etc/hosts."
run kubeadm init output
untaint CP node
kubectl describe node | grep -i taint
kubectl get pods --all-namespaces
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
on k8scp node:
sudo mkdir /opt/sfw
sudo chmod 1777 /opt/sfw/
sudo bash -c 'echo software > /opt/sfw/hello.txt'Persistent Volume YAML:
apiVersion: v1
kind: PersistentVolume
metadata:
name: example-pv
spec:
capacity:
storage: 1Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
hostPath:
path: "/opt/sfw"Persistent Volume Claim YAML:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: example-pv-claim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 500MiPod with Persisten Volume YAML:
apiVersion: v1
kind: Pod
metadata:
name: example-pod
spec:
volumes:
- name: my-pv-storage
persistentVolumeClaim:
claimName: example-pv-claim
containers:
- name: example-container
image: nginx
volumeMounts:
- mountPath: "/usr/share/nginx/html"
name: my-pv-storagecreate a pod with two containers that share a EmptyDir Volume
apiVersion: v1
kind: Pod
metadata:
name: sharedvol-pod
spec:
containers:
- name: container1
image: nginx
volumeMounts:
- name: shared-volume
mountPath: /data
- name: container2
image: busybox
command: ["/bin/sh", "-c", "while true; do echo Hello from Container 2 >> /data/index.html; sleep 10; done"]
volumeMounts:
- name: shared-volume
mountPath: /data
volumes:
- name: shared-volume
emptyDir: {}check if sharedvol is working :
kubectl exec -it sharedvol-pod -c container1 -- /bin/sh
cd /data
cat index.htmlnginx with ports YAML (nginx-one.yaml)
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-one
labels:
system: secondary
namespace: accounting
spec:
selector:
matchLabels:
system: secondary
replicas: 2
template:
metadata:
labels:
system: secondary
spec:
containers:
- image: nginx:1.20.1
imagePullPolicy: Always
name: nginx
ports:
- containerPort: 80
protocol: TCP
nodeSelector:
system: second0necreate namespace accounting
kubectl create namespace accountinglabel worker node
kubectl label node <worker_node_name> system=secondOnedeploy the yaml file
kubectl apply -f nginx-one.yamlcreate a service to expose the containerPort
kubectl -n accounting expose deployment nginx-oneget the endpoint && test with curl
kubectl -n accounting get ep nginx-one
curl 192.168.1.18:80expose as nodePort and named "service-lab"
kubectl -n accounting expose deployment nginx-one --type=NodePort --name=service-lab
kubectl -n accounting describe services
kubectl -n accounting get svc service-lab
curl http://k8scp:30878use coreDNS
nettools.yaml
apiVersion: v1
kind: Pod
metadata:
name: ubuntu
spec:
containers:
- name: ubuntu
image: ubuntu:latest
command: ["sleep"]
args: ["infinity"]exec into ubuntu and apt get update
kubectl exec -it ubuntu -- /bin/bashapt-get update ; apt-get install curl dnsutils -
digedit the coredns config map to add another FQDN
data:
Corefile: |
.:53 {
rewrite stop { #<- add these lines
name regex (.*)\.test\.io {1}.default.svc.cluster.local #<- add these lines
answer name (.*)\.default\.svc\.cluster\.local {1}.test.io #<- add these lines
} #<- add these lines
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus :9153
forward . /etc/resolv.conf {
max_concurrent 1000
}
cache 30
loop
reload
loadbalance
}
kind: ConfigMap
metadata:
creationTimestamp: "2023-11-26T18:39:44Z"
name: coredns
namespace: kube-system
managing resources with labels
kubectl delete pods -l system=secondary --all-namespaces
kubectl -n accounting get pods
kubectl -n accounting get deploy --show-labels
kubectl -n accounting delete deploy -l system=secondary
kubectl label node worker system-
install helm from apt
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null
sudo apt-get install apt-transport-https --yes
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm
helm search hub database
helm repo add ealenn https://ealenn.github.io/charts
helm repo update
helm upgrade -i tester ealenn/echo-server --debug
helm list
helm uninstall tester
helm repo add bitnami https://charts.bitnami.com/bitnami
helm fetch bitnami/apache --untar
cd apache/linkerd
curl -sL run.linkerd.io/install | sh
export PATH=$PATH:/home/ubuntu/.linkerd2/bin
echo "export PATH=$PATH:/home/ubuntu/.linkerd2/bin" >> $HOME/.bashrc
linkerd check --pre
linkerd install --crds | kubectl apply -f -
linkerd install | kubectl apply -f -
linkerd check
linkerd viz install | kubectl apply -f -
linkerd viz check
linkerd viz dashboard &
didnot work :(
helm repo add nginx-stable https://helm.nginx.com/stable
helm repo update
helm fetch ingress-nginx/ingress-nginx --untar
helm install myingress nginx-stable/nginx-ingress --set controller.service.type=NodePort --set controller.service.httpPort.nodePort=30000 --set controller.service.httpsPort.nodePort=30443 --set controller.kind=daemonset
vim ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-test
annotations:
nginx.ingress.kuberenetes.io/service-upstream: "true"
namespace: default
spec:
ingressClassName: nginx
rules:
- host: www.external.com
http:
paths:
- backend:
service:
name: secondapp
port:
number: 80
path: /
pathType: ImplementationSpecific