K8s and Kubectl Notes

Photo by Growtika on Unsplash

K8s and Kubectl Notes

memo of K8 and Kubectl stuffs

Pod

kubectl get pods
kubectl get pods --show-labels
kubectl run nginx --image=nginx
k run nginx --image=nginx --labels app=nginx
kubectl describe pod nginx
kubectl delete pod nginx
kubectl delete pod -lapp=nginx
k delete pod nginx --force --grace-period=0
k delete pod nginx --now #similar to --grace-period=1
kubectl run nginx --image=nginx --dry-run=client -o yaml > nginx-pod.yaml
kubectl edit pod nginx
kubectl get pods -o json
k run static-busybox --image=busybox -- sh -c "sleep 1000"
k run busybox --image=busybox --restart=Never -- sh -c "echo sleeping.... && sleep 5"
kubectl run busybox-pod --image=busybox --restart=Never --command -- /bin/sh -c "echo 'sleeping...'; sleep 5"
kubectl replace nginx --force -f nginx.yaml

You cannot edit pod spec other than
- spec.containers[*].image
- spec.initContainers[*].image
- spec.activeDeadlineSeconds
- spec.tolerations

Replicaset

k get rs nginx
kubectl describe rs nginx
k explain rs nginx
k edit rs nginx
k scale rs nginx --replicas 2
k scale --replicas 2 -f manifest.yaml
k delete rs nginx
k delete rs nginx --force --grace-period=0

Deployments

k get deploy
k create deploy nginx --image=nginx --replicas=3
# With Deployments you can easily edit any field/property of the POD template. Since the pod template is a child of the deployment specification, since it deletes the pod and recreats it

Namespace

k get ns
k create ns myns
k get pods -n myns
k run nginx --image=nginx -n myns
k get pods -A
k get pods --all-namespaces

Domain Names

<service-name>.<namespace>.svc.<cluster-endpoint>

Service

k get svc
k get svc --show-labels
k describe svc
k get ep
k run nginx --image=nginx --expose --port 8080
k expose pod nginx-pod --name nginx-service --port 80
k expose deployment webapp --type NodePort --port 30082 --target-port 8080
#port range => (30000 - 32767)

kube-proxy --proxy-mode iptables/ipvs/userspace #default is iptables
kube-api-server --service-cluster-ip-range ## is the option to specify the ip range of the service
iptables -L -t nat | grep <service-name> to list the iptables rules
tail -f /var/log/kube-proxy.log

DNS

  • before k8s 1.12 DNS was called kube-dns and now the recommended is core-dns

  • configuration file for core-dns can be found in /etc/coredns/corefile

  • Service FQDN: <service-name>.<namespace>.svc.<cluster-endpoint>

    • eg: web-service.default.svc.cluster.local
  • By default pod DNS is disabled.

  • FQDN: <pod-ip>.<namespace>.pod.<cluster-endpoint>

    • eg: 10-122-5-1.default.pod.cluster.local
  • core-dns is accessible using the service with name kube-dns

  • pod's DNS configurations are automatically set by the Kubernetes using kubelet process. kubelet gets the cluster domain and the DNS IP using its config.

Sample Core File

Corefile: |
    .:53 {
        errors
        health {
           lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           fallthrough in-addr.arpa ip6.arpa
           ttl 30
        }
        prometheus :9153
        forward . /etc/resolv.conf {
           max_concurrent 1000
        }
        cache 30
        loop
        reload
        loadbalance
    }
## core file
kubectl get cm coredns -n kube-system -o yaml | less

##

Nodes

k get nodes
k get nodes -o jsonpath='{.items[*].status.nodeInfo.osImage}'
k taint node node01 color=blue:NoExecute
k taint node node01 color=blue:NoSchedule
k taint node node01 color=blue:PreferNoSchedule
k taint node controlplane node-role.kubernetes.io/control-plane:NoSchedule-
k label node node01 color=blue
kubectl label node node01 color-

Ip Commands

#see the list of interfaces
ip link

#see ip address
ip addr
ip addr show

## add ip address
ip addr add 192.168.1.5/24 dev eth0

# list the routes
ip route
#ip route add <network-addr> via <gateway-ip>
ip route add 192.168.1.0/24 via 192.168.2.1
#if gateway is directly linked with interface then you can 
ip route add 192.168.1.0/24 dev eth0

#verify if the forward is enabled or not. if 0 disabled/if 1 enabled
cat /proc/sys/net/ipv4/ip_forward
#Modify /etc/systcl.conf to forward the request from one interface to others

## modify /etc/nsswitch.conf to update the priority of the dns server
cat /etc/nsswitch.conf

#you can add extra nameservers in resolv.conf by adding
nameserver 8.8.8.8
#you can append domain alias as well by using
search mycompany.com, prod.mycompany.com