Skip to content

Instantly share code, notes, and snippets.

@ilhnctn

ilhnctn/kube-tutorial.md

Last active November 12, 2020 09:52
Show Gist options
  • Save ilhnctn/080e1596190ddeabe7dfd2e68e6ac6c4 to your computer and use it in GitHub Desktop.
Save ilhnctn/080e1596190ddeabe7dfd2e68e6ac6c4 to your computer and use it in GitHub Desktop.
Download ZIP
A basic outline of kubernetes installation on local
Raw
kube-tutorial.md

Local Installation

You can refer to oficial documentations to install related component (or all of them)

Minikube

minikube start # Experimental: --nodes 2 -p multinode-demo 
minikube dashboard # This will open a minikube dashboard (identical with kubernetes dashboard)
kubectl cluster-info
kubectl get nodes

Context

Kubernetes keeps process runtim-specific configurations under $HOME/.kube/config (by default). A context is a group of access parameters. Each context contains a Kubernetes cluster, a user, and a namespace. The current context is the cluster that is currently the default for kubectl: all kubectl commands run against that cluster.

# dev env
kubectl config set-context dev --namespace=<namespace_name> \
  --cluster=<cluster-name> \
  --user=<user-name>

# prod env
kubectl config set-context prod --namespace=<namespace_name> \
  --cluster=<cluster-name> \
  --user=<user-name>

Helm Chart

Sample installation for airflow. The following commands assume that you have one running cluster (can get by kubectl config current-context)

kubectl create namespace airflow

helm install airflow --namespace airflow --set executor=KubernetesExecutor astronomer/airflow

Dashboard

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml
kubectl proxy

Dashboard User / Service Account

service-account.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

cluster-role-binding.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

Get Bearer Token

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

kubectl apply -f {service-account,cluster-role-binding}.yaml

Basic Objects & Components:

Kubernetes objects & component are defined using .yaml files. Depending on declerative or imperative definition, kubectl can consume those files (like kubectl apply -f file.yaml or kubectl {create/patch/delete} -f file.yaml). All the kubernetes objects has to define following objects:

  • apiVersion - Which version of the Kubernetes API you're using to create this object
  • kind - What kind of object you want to create
  • metadata - Data that helps uniquely identify the object, including a name string, UID, and optional namespace
  • spec - What state you desire for the object

###Components

  • Control plane: The collection of processes that control Kubernetes nodes. This is where all task assignments originate.
  • Cluster: A Kubernetes cluster is a set of node machines for running containerized applications. If you’re running Kubernetes, you’re running a cluster.

At a minimum, a cluster contains a control plane and one or more compute machines, or nodes. The control plane is responsible for maintaining the desired state of the cluster, such as which applications are running and which container images they use. Nodes actually run the applications and workloads.

  • Node: The machines perform the requested tasks assigned by the control plane.
    • Kubelet
    • Kube-proxy
  • Namespace: A virtual cluster. Namespaces allow Kubernetes to manage multiple clusters (for multiple teams or projects) within the same physical cluster.
  • Service Accounts are required for workers that require access to secrets or cluster resources.
  • Deployment: A Deployment provides declarative updates for Pods and ReplicaSets.

You describe a desired state in a Deployment, and the Deployment Controller changes the actual state to the desired state at a controlled rate. You can define Deployments to create new ReplicaSets, or to remove existing Deployments and adopt all their resources with new Deployments.

  • Service: A way to expose an application running on a set of pods as a network service. This decouples work definitions from the pods.
  • Pod: A set of 1 or more containers deployed to a single node. A pod is the smallest and simplest Kubernetes object and also the smllest piece tha scale.
  • Service: An abstract way to expose an application running on a set of Pods as a network service.
  • DeamonSet
  • ReplicaSet
  • Storage Classes
  • ConfigMap: A ConfigMap is an API object used to store non-confidential data in key-value pairs. Pods can consume ConfigMaps as environment variables, command-line arguments, or as configuration files in a volume.
  • Secrets: Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys.
  • PersistentVolume: A directory containing data, accessible to the containers in a pod. A Kubernetes volume has the same lifetime as the pod that encloses it. A volume outlives any containers that run within the pod, and data is preserved when a container restarts.
  • CDR (Custom Resource Definitions)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment