This documentation lays out a step by step process of getting started on Kubernetes.
To install docker we will switch to the root user just to make our work easier.
Ref: https://docs.docker.com/engine/install/ubuntu/
Uninstall old versions:
sudo apt-get remove docker docker-engine docker.io containerd runc
sudo rm -rf /var/lib/docker
Install repository:
sudo apt-get update
sudo apt-get install \ apt-transport-https \ ca-certificates \ curl \ gnupg-agent \ software-properties-common
Add Docker’s official GPG key:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88
sudo add-apt-repository \ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable"
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
Test docker works
sudo docker run hello-world
Add your user to docker group (Optional)
sudo usermod -aG docker your-user
For mac installation
brew install kubectl
For ubuntu installation
using snap:
snap install kubectl --classic
Using apt package manager:
sudo apt-get update && sudo apt-get install -y apt-transport-https gnupg2
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubectl
--------------------------v1.19.0 /latest
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
kubectl version --client
Check if installed
kubectl version --client
kubectl cluster-info
kubectl get nodes
kubectl apply -f deployment.yaml
Force update (deletes previous deployment and rebuilds resource)
kubectl replace --force -f ./deployments.yml
Incase of inconsistent API versions, you can verify which version of kubernetes your system supports with this command.
kubectl api-versions | grep -i apps
You also have an option to convert and run the current deprecated *apiVersions
kubectl convert -f <URL> | kubectl create -f -
kubectl apply -f service.yaml
kubectl get services --all-namespaces
kubectl get clusterrolebinding
If you have the .yaml
file
kubectl delete -f <pod-name>.yaml
If deleting a pod thats already deployed, you will need to delete its namespace.
kubectl delete deployment < NAMESPACE >
or
kubectl delete pod < POD NAME > --now
To force delete
kubectl delete pod <PODNAME> --grace-period=0 --force --namespace <NAMESPACE>
kubectl describe pod < POD NAME >
kubectl exec -ti <pod-name> /bin/bash
These are the commands
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
kubectl proxy --address='0.0.0.0' --accept-paths='^*.'
Replace the serverIP e.g 192.168.100.22
http://<SERVER_IP>:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login
These are the settings to ensure dashboard does not go down.
Create a service for the dashboard in the default namespace.
kubectl create serviceaccount dashboard -n default
Add cluster binding rules
kubectl create clusterrolebinding dashboard-admin -n default --clusterrole=cluster-admin --serviceaccount=default:dashboard
Create a token.
kubectl get secret $(kubectl get serviceaccount dashboard -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode
Proceed to access the dashboard, Then select Token option.
Paste the token in the vield and Signup
NOTE: If you are accessing the dasboard from a HTTP request,(you have exposed your proxy serve) you will be authenticated but you will not be able to access the dashboard.
The only way to access the dashboard will be through NodePort
Edit kubernetes-dashboard service.
kubectl -n kubernetes-dashboard edit service kubernetes-dashboard
Change type: ClusterIP to type: NodePort and save file
Check port on which Dashboard was exposed.
kubectl -n kubernetes-dashboard get service kubernetes-dashboard
Server IP is inthe format 443:30446/TCP
Now you can access the dashboard from your browser at: https://: e.g https://192.168.100.22:30446
To get the master-ip
run this command.
kubectl cluster-info
Master IP is inthe format https://192.168.100.22:6443
Run the join command that you saved, when you ran kubeadm init
command on the master.
In my case, that will be:
sudo kubeadm join 192.168.100.22:6443 --token bsl2dz.fabydqmoehijf263 \ --discovery-token-ca-cert-hash sha256:9d1301f2c1842fc960d3e79c37883b175a3c8c5469089e03c7e188f69bfb465e
In case you forget the command, you can retrieve the join command with:[run on master node]
kubeadm token create --print-join-command
To add a role to a node, run this command.
- This is run on the master node
- Where <your_node> is the name of the node that has joined your master cluster.
- Where <your_label> is the attribute name the node eg slave
kubectl label nodes <your_node> kubernetes.io/role=<your_label>
To overide the lable of a node,
kubectl label --overwrite nodes <your_node> kubernetes.io/role=<your_new_label>
Reload
systemctl daemon-reload && systemctl restart kubelet
##Dashboard Token Update On trying to access the dashboard and a http:// error is thrown, you will need to update your token.
``
$ kubectl -n kubernetes-dashboard get secret
``
Read token file:
$ kubectl -n kubernetes-dashboard describe secrets kubernetes-dashboard-token-x9nd8
Copy the tocken to clipboard. Then proceed to update UPATE the token with the command bellow:
$ kubectl config set-credentials cluster-admin --token=bearer_token
These are the commands to remove a node gracefully.
kubectl drain <node-name> --ignore-daemonsets --delete-local-data
Run these commands to completely remove K8s
kubeadm reset
sudo apt-get purge kubeadm kubectl kubelet kubernetes-cni kube* -y
sudo apt-get autoremove -y
sudo rm -rf ~/.kube
Run these commands to completely remove Docker
Step 1
dpkg -l | grep -i docker
To identify what installed package you have:
Step 2
sudo apt-get purge -y docker-engine docker docker.io docker-ce
sudo apt-get autoremove -y --purge docker-engine docker docker.io docker-ce
The above commands will not remove images, containers, volumes, or user created configuration files on your host. If you wish to delete all images, containers, and volumes run the following commands:
sudo rm -rf /var/lib/docker /etc/docker
sudo rm /etc/apparmor.d/docker
sudo groupdel docker
sudo rm -rf /var/run/docker.sock
one line: (Confirm all the directories have been deleted)
sudo rm -rf /var/lib/docker /etc/docker && sudo rm /etc/apparmor.d/docker && sudo groupdel docker && sudo rm -rf /var/run/docker.sock
To gain acces to a bash terminal in the container. First fetch the name of the pod then execute this command.
kubectl exec -it <pods-name> -- /bin/bash
To get logs of a pod you can run this command
kubectl logs <pod-name>
To get events of K8s
kubectl events
These are the most common errors i encountered during setup of a k8s cluster
The connection to the server <SERVER_IP>:6443 was refused - did you specify the right host or port?
Solution:
sudo -i
swapoff -a
exit
strace -eopenat kubectl version
One line set off and comment out:
swapoff -a && sed -i ‘/ swap / s/^/#/’ /etc/fstab
Fist login to docker registry.
sudo docker login registry.gitlab.com
It will generate an auth key located at ~/.docker/docker.config
You can view it cat ~/.docker/config.json
Add the secret key to k8s
``
kubectl create secret generic regcred
--from-file=.dockerconfigjson=<path/to/.docker/config.json>
--type=kubernetes.io/dockerconfigjson
``
Alternatively create it with a single command line:
kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>
kubectl create secret docker-registry regcred --docker-server=registry.gitlab.com --docker-username=geoffreymahugu@gmail.com --docker-password=Gravedigger96 --docker-email=geoffreymahugu@gmail.com
Go to the deployment file and add the cinfigurations for the secret `` containers:
- name: a-web-api
image: registry.gitlab.com/agilion/agilion-server/travel/dev
imagePullSecrets:
- name: regcred ``
journalctl -xeu kubelet
Error: misconfiguration: kubelet cgroup driver: "systemd" is different from docker cgroup driver: "cgr
Helm is K8s package manager. https://helm.sh/docs/intro/quickstart/
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh
Grab the most popular helm repository Check all repos at: https://hub.helm.sh/
helm repo add stable https://kubernetes-charts.storage.googleapis.com/
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
REF: https://github.com/helm/charts/tree/master/stable/hadoop
helm install neo neo4j/neo4j --version 4.0.4-1 --namespace default --set acceptLicenseAgreement=yes
Update a deployed helm chart
helm upgrade <name-of-deployment> --set acceptLicenseAgreement=yes
To view logs of a helm installation
kubectl rollout status --namespace default StatefulSet/neo4j-core --watch
Persistent Volume. ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/
To see all persistent volumes.
kubectl get pv
To view persistent volume claim
kubectl get pvc
https://kubernetes.io/blog/2017/02/postgresql-clusters-kubernetes-statefulsets/
REF: https://severalnines.com/database-blog/using-kubernetes-deploy-postgresql
Test connectionto database
psql -h 192.168.1.119 -U developers --password -p 31310 ag_travel
kubectl exec --stdin --tty <PODSNAME> -- /bin/bash