Comprehensive Cheatsheet on Kubernetes with Business Use Case Example

Byjaganrajagopalme

Basic Concepts

  • Pod: The smallest deployable unit in Kubernetes, which can contain one or more containers.
  • Node: A worker machine in Kubernetes, can be a virtual or physical machine.
  • Cluster: A set of nodes managed by Kubernetes.
  • Namespace: A virtual cluster within a Kubernetes cluster, used for isolating resources.
  • Deployment: Manages a set of identical pods, ensuring that the specified number of pods are running.
  • Service: An abstraction that defines a logical set of pods and a policy by which to access them.

Kubernetescheatsheet

Common Commands

  • kubectl: The command-line tool for interacting with a Kubernetes cluster.

Cluster Management

  • Check Cluster Info:
kubectl cluster-info

Get Nodes:

kubectl get nodes

Working with Pods

  • List All Pods:
kubectl get pods

Describe a Pod:

kubectl describe pod <pod_name>

Create a Pod:

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
  - name: my-container
    image: 11122233345/dotnetwebapptraining:latest

kubectl apply -f pod.yaml

Delete a Pod:

kubectl delete pod <pod_name>

Working with Deployments

  • Create a Deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx

List Deployments:

kubectl get deployments

Update a Deployment:

kubectl set image deployment/my-deployment my-container=nginx:1.16

Scale a Deployment:

kubectl scale deployment/my-deployment --replicas=5

Delete a Deployment:

kubectl delete deployment my-deployment

Working with Services

  • Create a Service:
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
  type: LoadBalancer

List Services:

kubectl get services

Describe a Service:

kubectl describe service my-service

Delete a Service:

kubectl delete service my-service

Namespaces

  • List Namespaces:
kubectl get namespaces

Create a Namespace:

apiVersion: v1
kind: Namespace
metadata:
  name: my-namespace

kubectl apply -f namespace.yaml

Delete a Namespace:

kubectl delete namespace my-namespace

ConfigMaps and Secrets

  • Create a ConfigMap:
kubectl create configmap my-config --from-literal=key1=value1

List ConfigMaps:

kubectl get configmaps

Create a Secret:

kubectl create secret generic my-secret --from-literal=password=my-password

List Secrets:

kubectl get secrets

Logs and Debugging

  • View Pod Logs:
kubectl logs <pod_name>

Execute Command in Pod:

kubectl exec -it <pod_name> -- /bin/bash

Port Forwarding:

kubectl port-forward <pod_name> 8080:80

Apply Changes:

kubectl apply -f <filename>.yaml

Delete Resource:

kubectl delete -f <filename>.yaml

Dry Run: Test commands without making changes.

kubectl apply -f <filename>.yaml --dry-run

Role-Based Access Control (RBAC)

  • Overview: RBAC allows you to control who can access specific resources within your Kubernetes cluster. It helps enforce security by defining roles and binding them to users or groups.
  • Create a Role:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: default
  name: pod-reader
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "watch", "list"]

kubectl apply -f role.yaml

Create a RoleBinding:

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: read-pods
  namespace: default
subjects:
- kind: User
  name: jane
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: Role
  name: pod-reader
  apiGroup: rbac.authorization.k8s.io

Security

  • Pod Security Policies (PSP):
    • Overview: PSPs control the security settings of your pods, such as privilege levels and access controls.
    • Create a PSP:
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
  name: restricted
spec:
  privileged: false
  allowPrivilegeEscalation: false
  requiredDropCapabilities:
  - ALL
  runAsUser:
    rule: MustRunAsNonRoot
  seLinux:
    rule: RunAsAny
  supplementalGroups:
    rule: MustRunAs
    ranges:
    - min: 1
      max: 65535
  fsGroup:
    rule: MustRunAs
    ranges:
    - min: 1
      max: 65535

kubectl apply -f psp.yaml

Network Policies:

  • Overview: Network policies control the traffic between pods, providing an additional layer of security.
  • Create a Network Policy:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-all
  namespace: default
spec:
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - {}
  egress:
  - {}

Rollback

  • Overview: Rolling back to a previous version of a deployment ensures that you can quickly recover from a bad deployment.
  • Rollback a Deployment:
kubectl rollout undo deployment/<deployment_name>

Check Rollout History:

kubectl rollout history deployment/<deployment_name>

Zero Downtime Deployments

  • Overview: Achieving zero downtime during deployments involves strategies such as rolling updates, which ensure new pods are ready before terminating old ones.
  • Rolling Update:
    • Define a Deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: nginx:1.14.2
        ports:
        - containerPort: 80

Update Deployment:

kubectl set image deployment/my-deployment my-container=nginx:1.16

Check Rollout Status:

kubectl rollout status deployment/my-deployment

High-Scale Infrastructure

  • Overview: Scaling Kubernetes applications involves horizontal and vertical scaling of pods and nodes to handle increased traffic and resource demands.
  • Horizontal Pod Autoscaler (HPA):
    • Create HPA:
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: my-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: my-deployment
  minReplicas: 1
  maxReplicas: 10
  targetCPUUtilizationPercentage: 50

kubectl apply -f hpa.yaml

Cluster Autoscaler:

  • Overview: Automatically adjusts the size of the Kubernetes cluster by adding or removing nodes based on resource usage.
  • Install Cluster Autoscaler:
# Example for AWS EKS
kubectl apply -f https://raw.githubusercontent.com/kubernetes/autoscaler/master/cluster-autoscaler/cloudprovider/aws/examples/cluster-autoscaler-one-asg.yaml

Monitoring and Logging

  • Prometheus and Grafana:
    • Overview: Prometheus collects and stores metrics, while Grafana visualizes them.
    • Install Prometheus:
kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/master/bundle.yaml

Install Grafana:

kubectl apply -f https://raw.githubusercontent.com/grafana/grafana/master/deploy/kubernetes/grafana-deployment.yaml

ELK Stack (Elasticsearch, Logstash, Kibana):

  • Overview: The ELK stack provides logging and log analysis capabilities.
  • Install ELK Stack:
# Example for Elasticsearch and Kibana
kubectl apply -f https://download.elastic.co/downloads/eck/2.0.0/all-in-one.yaml

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *