sandbox-kubernetes is a set of Docker and Kubernetes configuration files used as a starting point for learning and testing key features of Kubernetes.
docker build -t sandbox-k8s-app-image .
docker run --name sandbox-k8s-app-container -p 8080:8080 -d sandbox-k8s-app-image
curl localhost:8080
docker exec -it sandbox-k8s-app-container bash
docker logs {container id}
docker stop sandbox-k8s-app-container
docker rm sandbox-k8s-app-container
docker login
docker tag sandbox-k8s-app-image jlotz/sandbox-k8s-app-image
Note: Replace "jlotz" with your Docker Hub ID
docker push jlotz/sandbox-k8s-app-image
docker run -p 8080:8080 -d jlotz/sandbox-k8s-app-image
These instructions assume that you have a working installation of minikube
running locally and the kubectl
tools installed.
minikube start
minikube stop
minikube dashboard
kubectl cluster-info
kubectl create -f sandbox-k8s-app-pod.yaml
Specifying a namespace:
kubectl create -f sandbox-k8s-app-pod.yaml -n sandbox-k8s-custom-namespace
kubectl get po --show-labels
kubectl get po -L creation_method,env
All pods with creation_method=manual:
kubectl get po -l creation_method=manual
All pods with env (with or without it)
kubectl get po -l env
No env:
kubectl get po -l '!env'
Similarly, you could also match pods with the following label selectors:
creation_method!=manual
to select pods with the creation_method label with any value other than manual
env in (prod,devel)
to select pods with the env label set to either prod or devel
env notin (prod,devel)
to select pods with the env label set to any value other than prod or devel
kubectl describe pod sandbox-k8s-app-pod
kubectl get po sandbox-k8s-app-pod -o yaml
kubectl get po sandbox-k8s-app-pod -o json
Single container:
kubectl logs sandbox-k8s-app-pod
Multiple containers (specify pod and container names):
kubectl logs sandbox-k8s-app-pod sandbox-k8s-app-container
Previous iteration (after a failure/restart):
kubectl logs sandbox-k8s-app-pod --previous
kubectl port-forward sandbox-k8s-app-pod 8888:8080
curl localhost:8888
Or, open web browser to http://localhost:8888
kubectl delete po sandbox-k8s-app-pod
You can also delete more than one pod by specifying multiple, space-separated names:
kubectl delete po pod1 pod2
Using label selectors:
kubectl delete po -l creation_method=manual
All pods in a namespace:
kubectl delete ns sandbox-k8s-custom-namespace
All pods in the current namespace:
kubectl delete po --all
All resources in the current namespace:
kubectl delete all --all
kubectl label po sandbox-k8s-app-pod env=test --overwrite
kubectl annotate pod sandbox-k8s-app-pod mycompany.com/someannotation="foo bar"
kubectl get ns
kubectl get po -n kube-system
From a YAML file:
kubectl create -f custom-namespace.yaml
From the command line:
kubectl create namespace custom-namespace
kubectl config set-context $(kubectl config current-context) --namespace custom-namespace
kubectl config get-contexts
kubectl create -f sandbox-k8s-rc.yaml
kubectl get rc
kubectl describe rc sandbox-k8s-rc
kubectl delete rc sandbox-k8s-rc
kubectl create -f sandbox-k8s-rs.yaml
kubectl get rs
kubectl describe rs sandbox-k8s-rs
kubectl delete rs sandbox-k8s-rs
The following section assumes that you have deployed pods via replication sets as instructed above.
ClusterIP (Default):
kubectl create -f sandbox-k8s-clusterip-svc.yaml
NodePort:
kubectl create -f sandbox-k8s-nodeport-svc.yaml
Load Balancer:
kubectl create -f sandbox-k8s-loadbalancer-svc.yaml
Ingress:
kubectl create -f sandbox-k8s-ingress-svc.yaml
Ingress (with TLS):
kubectl create -f sandbox-k8s-ingress-tls-svc.yaml
kubectl get svc
kubectl exec {pod name} -- curl -s http://{service IP}
kubectl exec {pod name} -- curl -s http://sandbox-k8s-clusterip-svc.default.svc.cluster.local
kubectl exec {pod name} -- curl -s http://sandbox-k8s-clusterip-svc.default
kubectl exec {pod name} -- curl -s http://sandbox-k8s-clusterip-svc-svc
Through the kubectl proxy:
curl localhost:8001/api/v1/namespaces/default/services/sandbox-k8s-clusterip-svc/proxy/
minikube service sandbox-k8s-nodeport-svc
minikube service sandbox-k8s-loadbalancer-svc
No TLS:
curl http://sandbox-k8s.example.com
TLS:
curl -k -v https://sandbox-k8s.example.com
Notes:
- Must update
/etc/hosts
to include service IP address mapping forsandbox-k8s.example.com
fromkubectl get ingresses
- Must enable Ingress in Minikube via the following command:
minikube addons enable ingress
- For TLS, must create private key and self-signed certification (see below)
openssl genrsa -out tls.key 2048
openssl req -new -x509 -key tls.key -out tls.cert -days 360 -subj /CN=sandbox-k8s.example.com
kubectl create secret tls tls-secret --cert=tls.cert --key=tls.key
kubectl create -f sandbox-k8s-volume-pod.yaml
kubectl exec sandbox-k8s-volume-pod -c sandbox-k8s-volume-container-1 -i -t -- /bin/sh
echo test1 > demo1/textfile1
exit
kubectl exec sandbox-k8s-volume-pod -c sandbox-k8s-volume-container-2 -i -t -- /bin/sh
cat demo2/textfile1
kubectl create -f sandbox-k8s-test-configmap.yaml
kubectl get configmap sandbox-k8s-test-configmap -o yaml
or
kubectl describe configmap sandbox-k8s-test-configmap
kubectl proxy
curl localhost:8001
minikube start --extra-config=apiserver.Features.Enable-SwaggerUI=true
kubectl proxy
Open browser to http(s)://localhost:8001/swagger-ui
kubectl create -f sandbox-k8s-deployment.yaml --record
kubectl get replicasets
kubectl rollout status deployment sandbox-k8s-deployment
kubectl rollout history deployment sandbox-k8s-deployment
kubectl rollout undo deployment sandbox-k8s-deployment
kubectl rollout pause deployment sandbox-k8s-deployment
kubectl rollout resume deployment sandbox-k8s-deployment
Specifying a revision:
kubectl rollout undo deployment sandbox-k8s-deployment --to-revision=1
Method | Description |
---|---|
kubectl edit | Opens the object’s manifest in your default editor. After making changes, saving the file, and exiting the editor, the object is updated. Example: kubectl edit deployment sandbox-k8s-deployment |
kubectl patch | Modifies individual properties of an object. Example: kubectl patch deployment sandbox-k8s-deployment -p '{"spec": {"template": {"spec": {"containers": [{"name": "sandbox-k8s-app-container", "image": "jlotz/sandbox-k8s-app-image:latest"}]}}}} ' |
kubectl apply | Modifies the object by applying property values from a full YAML or JSON file. If the object specified in the YAML/JSON doesn’t exist yet, it’s created. The file needs to contain the full definition of the resource (it can’t include only the fields you want to update, as is the case with kubectl patch). Example: kubectl apply -f sandbox-k8s-deployment-v2.yaml |
kubectl replace | Replaces the object with a new one from a YAML/JSON file. In contrast to the apply command, this command requires the object to exist; otherwise it prints an error. Example: kubectl replace -f sandbox-k8s-deployment-v2.yaml |
kubectl set image | Changes the container image defined in a Pod, ReplicationController’s template, Deployment, DaemonSet, Job, or ReplicaSet. Example: kubectl set image deployment kubia nodejs=jlotz/sandbox-k8s-app:latest |
- Liveness & Readiness probes
- Jobs
- CronJob
- Volumes
- gitRepo
- hostPath
- Persistent Volumes & Claims
- Sidecar containers
- ConfigMap with files and volumes
- Secrets with volumes
- DownwardAPI
- Ambassador container pattern for accessing API from within a pod
- StatefulSets
- ServiceAccounts
- HorizontalPodAutoscalers
- Requesting compute resources
- Advanced scheduling (node taints, pod tolerations, and node/pod affinities)
- Init Containers
- Container Lifecycle Hooks