skyrocknroll · December 22, 2022 12:56 · Dec 22, 2022 · Nov 5, 2022 · Nov 5, 2022 · Nov 5, 2022
diff --git a/kubeadm.md b/kubeadm.md
@@ -44,3 +44,8 @@ kubeadm init --control-plane-endpoint=k8s-cluster1.zipyoda.com --pod-network-cid
 * CoreDNS did not come up 
 * install CNI 
 * kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.24.4/manifests/tigera-operator.yaml
+
+```
+By adding the flag --upload-certs to kubeadm init you can temporary upload the control-plane certificates to a Secret in the cluster. Please note that this Secret will expire automatically after 2 hours. The certificates are encrypted using a 32byte key that can be specified using --certificate-key. The same key can be used to download the certificates when additional control-plane nodes are joining, by passing --control-plane and --certificate-key to kubeadm join.
+
+```
diff --git a/kubeadm.md b/kubeadm.md
@@ -39,4 +39,8 @@ sudo sysctl --system
 ### kubeadm master 
 ```
 kubeadm init --control-plane-endpoint=k8s-cluster1.zipyoda.com --pod-network-cidr=172.16.0.0/16 --apiserver-advertise-address=192.168.0.124 --apiserver-cert-extra-sans=192.168.0.124 --node-name=k8s-node1.zipyoda.com
-```
+
+```
+* CoreDNS did not come up 
+* install CNI 
+* kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.24.4/manifests/tigera-operator.yaml
diff --git a/kubeadm.md b/kubeadm.md
@@ -38,5 +38,5 @@ sudo sysctl --system
 ```
 ### kubeadm master 
 ```
-kubeadm init --control-plane-endpoint=k8s-cluster1.zipyoda.com --pod-network-cidr=172.16.0.0/16 -apiserver-advertise-address=192.168.0.124 --apiserver-cert-extra-sans=192.168.0.124 --node-name=k8s-node1.zipyoda.com
+kubeadm init --control-plane-endpoint=k8s-cluster1.zipyoda.com --pod-network-cidr=172.16.0.0/16 --apiserver-advertise-address=192.168.0.124 --apiserver-cert-extra-sans=192.168.0.124 --node-name=k8s-node1.zipyoda.com
 ```
diff --git a/kubeadm.md b/kubeadm.md
@@ -38,4 +38,5 @@ sudo sysctl --system
 ```
 ### kubeadm master 
 ```
+kubeadm init --control-plane-endpoint=k8s-cluster1.zipyoda.com --pod-network-cidr=172.16.0.0/16 -apiserver-advertise-address=192.168.0.124 --apiserver-cert-extra-sans=192.168.0.124 --node-name=k8s-node1.zipyoda.com
 ```
diff --git a/kubeadm.md b/kubeadm.md
@@ -0,0 +1,41 @@
+```wget https://github.com/containerd/containerd/releases/download/v1.6.8/containerd-1.6.8-linux-amd64.tar.gz
+tar Cxzvf /usr/local containerd-1.6.8-linux-amd64.tar.gz
+wget -O /etc/systemd/system/containerd.service https://raw.githubusercontent.com/containerd/containerd/main/containerd.service
+systemctl daemon-reload
+systemctl enable --now containerd
+systemctl status containerd.service
+wget https://github.com/opencontainers/runc/releases/download/v1.1.4/runc.amd64
+install -m 755 runc.amd64 /usr/local/sbin/runc
+wget https://github.com/containernetworking/plugins/releases/download/v1.1.1/cni-plugins-linux-amd64-v1.1.1.tgz
+systemctl status containerd.service
+mkdir -p /opt/cni/bin
+tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.1.1.tgz
+wget https://github.com/containerd/nerdctl/releases/download/v1.0.0/nerdctl-1.0.0-linux-amd64.tar.gz
+tar -xvf nerdctl-1.0.0-linux-amd64.tar.gz
+install -m 755 nerdctl /usr/local/bin/nerdctl
+sudo apt-get update
+sudo apt-get install -y apt-transport-https ca-certificates curl
+sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
+echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
+sudo apt-get update
+sudo apt-get install -y kubelet kubeadm kubectl
+sudo apt-mark hold kubelet kubeadm kubectl
+cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
+overlay
+br_netfilter
+EOF
+sudo modprobe overlay
+sudo modprobe br_netfilter
+
+
+cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
+net.bridge.bridge-nf-call-iptables  = 1
+net.bridge.bridge-nf-call-ip6tables = 1
+net.ipv4.ip_forward                 = 1
+EOF
+
+sudo sysctl --system
+```
+### kubeadm master 
+```
+```
diff --git a/kube-dev-setup.sh b/kube-dev-setup.sh
@@ -34,6 +34,23 @@ tar -xvf kubens.tar.gz
 tar -xvf kubectx.tar.gz
 sudo mv kubens /usr/local/bin 
 sudo mv kubectx /usr/local/bin
+
+wget -O ~/.complete_alias https://raw.githubusercontent.com/cykerway/complete-alias/master/complete_alias
+
+echo ". ~/.complete_alias" >> ~/.bash_completion
+
+cat >>~/.bashrc <<EOF
+alias k=kubectl
+alias kns=kubens
+alias kctx=kubectx
+EOF
+
+cat >>~/.complete_alias <<EOF
+complete -F _complete_alias kns
+complete -F _complete_alias kctx
+complete -F _complete_alias k
+EOF
+
 # create registry container unless it already exists
 reg_name='kind-registry'
 reg_port='5000'

diff --git a/kube-dev-setup.sh b/kube-dev-setup.sh
@@ -48,7 +48,7 @@ fi
 cat <<EOF | kind create cluster --config=-
 kind: Cluster
 apiVersion: kind.x-k8s.io/v1alpha4
-name: era
+name: yuva
 networking:
   # WARNING: It is _strongly_ recommended that you keep this the default
   # (127.0.0.1) for security reasons. However it is possible to change this.

diff --git a/k8s-homelab.md b/k8s-homelab.md
@@ -0,0 +1,21 @@
+* Need to schedule ingress container in digital ocean and rest all the pods in uva-rig
+* using nodeSelector and taints were able to do it.  https://kubernetes.io/docs/reference/labels-annotations-taints/
+```
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-ingress
+  labels:
+    env: test
+spec:
+  containers:
+  - name: nginx
+    image: nginx
+    imagePullPolicy: IfNotPresent
+  tolerations:
+  - key: "node-role.kubernetes.io/master"
+    operator: "Exists"
+    effect: "NoSchedule"
+  nodeSelector:
+    kubernetes.io/hostname: do-master-1.k8s.mfapi.in
+```
diff --git a/kube.md b/kube.md
@@ -1,6 +1,6 @@
 ### Dev Cluster
 * minikube - old guy works well no load balancer support 
-	* minikube service list to get the NodePort IP
+	* `minikube service list` to get the NodePort IP
 * kind - works well used by k8s teams natively
 * K3d 
 * kubens and kubectx to switch seamlessly -- enable alias and autocompletion for alias completion https://github.com/cykerway/complete-alias

diff --git a/kube-dev-setup.sh b/kube-dev-setup.sh
@@ -0,0 +1,121 @@
+#bin/bash
+#echo "cleaning up all kind k8s clusters "
+#kind delete clusters --all
+set -x 
+echo "##### Installing kubectl ####"
+curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256"
+echo "$(<kubectl.sha256)  kubectl" | sha256sum --check
+sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
+kubectl completion bash > /etc/bash_completion.d/kubectl
+echo "##### Installing kind ####"
+curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.11.1/kind-linux-amd64
+chmod +x ./kind
+sudo install -o root -g root -m 0755 kind /usr/local/bin/kind
+
+echo "##### Installing docker ####"
+sudo apt-get remove docker docker-engine docker.io containerd runc -y 
+sudo apt-get update
+sudo apt-get install \
+    ca-certificates \
+    curl \
+    gnupg \
+    lsb-release -y
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --batch --yes --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
+  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io -y
+echo "##### Installing kubens kubectx ####"
+wget -O kubens.tar.gz https://github.com/ahmetb/kubectx/releases/download/v0.9.4/kubens_v0.9.4_linux_x86_64.tar.gz 
+wget -O kubectx.tar.gz https://github.com/ahmetb/kubectx/releases/download/v0.9.4/kubectx_v0.9.4_linux_x86_64.tar.gz
+tar -xvf kubens.tar.gz
+tar -xvf kubectx.tar.gz
+sudo mv kubens /usr/local/bin 
+sudo mv kubectx /usr/local/bin
+# create registry container unless it already exists
+reg_name='kind-registry'
+reg_port='5000'
+running="$(docker inspect -f '{{.State.Running}}' "${reg_name}" 2>/dev/null || true)"
+if [ "${running}" != 'true' ]; then
+  docker run \
+    -d --restart=always -p "0.0.0.0:${reg_port}:5000" --name "${reg_name}" \
+    registry:2
+fi
+
+# create a cluster with the local registry enabled in containerd
+cat <<EOF | kind create cluster --config=-
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+name: era
+networking:
+  # WARNING: It is _strongly_ recommended that you keep this the default
+  # (127.0.0.1) for security reasons. However it is possible to change this.
+  apiServerAddress: "127.0.0.1"
+  # By default the API server listens on a random open port.
+  # You may choose a specific port but probably don't need to in most cases.
+  # Using a random port makes it easier to spin up multiple clusters.
+  # apiServerPort: 6443
+featureGates:
+  # any feature gate can be enabled here with "Name": true
+  # or disabled here with "Name": false
+  # not all feature gates are tested, however
+  "EphemeralContainers": true
+nodes:
+- role: control-plane
+  extraPortMappings:
+  - containerPort: 30100
+    hostPort: 4222
+    listenAddress: "0.0.0.0"
+    protocol: TCP
+  - containerPort: 30101
+    hostPort: 6222
+    listenAddress: "0.0.0.0"
+    protocol: TCP
+  - containerPort: 30102
+    hostPort: 8222
+    listenAddress: "0.0.0.0"
+    protocol: TCP
+  - containerPort: 30103
+    hostPort: 7777
+    listenAddress: "0.0.0.0"
+    protocol: TCP
+  - containerPort: 30104
+    hostPort: 7422
+    listenAddress: "0.0.0.0"
+    protocol: TCP
+  - containerPort: 30105
+    hostPort: 7522
+    listenAddress: "0.0.0.0"
+    protocol: TCP
+  - containerPort: 30200
+    hostPort: 5432
+    listenAddress: "0.0.0.0"
+    protocol: TCP
+- role: worker
+- role: worker
+- role: worker
+containerdConfigPatches:
+- |-
+  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:${reg_port}"]
+    endpoint = ["http://${reg_name}:5000"]
+EOF
+
+# connect the registry to the cluster network
+# (the network may already be connected)
+docker network connect "kind" "${reg_name}" || true
+
+# Document the local registry
+# https://github.com/kubernetes/enhancements/tree/master/keps/sig-cluster-lifecycle/generic/1755-communicating-a-local-registry
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: local-registry-hosting
+  namespace: kube-public
+data:
+  localRegistryHosting.v1: |
+    host: "localhost:${reg_port}"
+    help: "https://kind.sigs.k8s.io/docs/user/local-registry/"
+EOF
diff --git a/kind-config.yaml b/kind-config.yaml
@@ -0,0 +1,12 @@
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+nodes:
+- role: control-plane
+  extraPortMappings:
+  - containerPort: 30010
+    hostPort: 30010
+    listenAddress: "127.0.0.1"
+    protocol: TCP
+- role: worker
+- role: worker
+- role: worker
diff --git a/cpaas-bootcamp.md b/cpaas-bootcamp.md
@@ -9,3 +9,4 @@ nodes:
 ```
 
 `kind create cluster --name cpaas --config kind-config.yaml`
+* kubectl get replicaset
diff --git a/cpaas-bootcamp.md b/cpaas-bootcamp.md
@@ -0,0 +1,11 @@
+* Create multi node cluster
+```
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+nodes:
+- role: control-plane
+- role: worker
+- role: worker
+```
+
+`kind create cluster --name cpaas --config kind-config.yaml`
diff --git a/kube.md b/kube.md
@@ -8,5 +8,5 @@
 * Using kind for local cluster
 * to debug an container https://github.com/aylei/kubectl-debug#quick-start
 * `k debug  --image aylei/debug-agent:latest echoserver-6944fb9c86-rvcst` to attach a debugging container
-* `kubectl exec -ti echoserver-6944fb9c86-rvcst -c debugger-h92xm /bin/bash`
+* `kubectl exec -ti echoserver-6944fb9c86-rvcst -c debugger-h92xm sh`
 
diff --git a/kube.md b/kube.md
@@ -7,4 +7,6 @@
 * Setup kubenetes-dashboard - Faced permission issued followed this https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
 * Using kind for local cluster
 * to debug an container https://github.com/aylei/kubectl-debug#quick-start
+* `k debug  --image aylei/debug-agent:latest echoserver-6944fb9c86-rvcst` to attach a debugging container
+* `kubectl exec -ti echoserver-6944fb9c86-rvcst -c debugger-h92xm /bin/bash`
 
diff --git a/kube.md b/kube.md
@@ -6,5 +6,5 @@
 * kubens and kubectx to switch seamlessly -- enable alias and autocompletion for alias completion https://github.com/cykerway/complete-alias
 * Setup kubenetes-dashboard - Faced permission issued followed this https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
 * Using kind for local cluster
-* 
+* to debug an container https://github.com/aylei/kubectl-debug#quick-start
 
diff --git a/istio.md b/istio.md
@@ -4,4 +4,5 @@
 If you disabled automatic sidecar injection during installation and rely on manual sidecar injection, use the istioctl kube-inject command to modify the bookinfo.yaml file before deploying your application.
 
 $ kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml)
-```
+```
+* Good Place to start https://istio.io/latest/docs/setup/getting-started/
diff --git a/istio.md b/istio.md
@@ -1 +1,7 @@
-* 
+* https://istio.io/latest/docs/setup/install/istioctl/
+* https://istio.io/latest/docs/examples/bookinfo/ 
+```
+If you disabled automatic sidecar injection during installation and rely on manual sidecar injection, use the istioctl kube-inject command to modify the bookinfo.yaml file before deploying your application.
+
+$ kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml)
+```
diff --git a/istio.md b/istio.md
@@ -0,0 +1 @@
+* 
diff --git a/kube.md b/kube.md
@@ -4,7 +4,7 @@
 * kind - works well used by k8s teams natively
 * K3d 
 * kubens and kubectx to switch seamlessly -- enable alias and autocompletion for alias completion https://github.com/cykerway/complete-alias
-* Setup kubenetes-dashboard
-* Using kind 
+* Setup kubenetes-dashboard - Faced permission issued followed this https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
+* Using kind for local cluster
 * 
 
diff --git a/kube.md b/kube.md
@@ -4,5 +4,7 @@
 * kind - works well used by k8s teams natively
 * K3d 
 * kubens and kubectx to switch seamlessly -- enable alias and autocompletion for alias completion https://github.com/cykerway/complete-alias
+* Setup kubenetes-dashboard
+* Using kind 
 * 
 
diff --git a/kube.md b/kube.md
@@ -3,5 +3,6 @@
 	* minikube service list to get the NodePort IP
 * kind - works well used by k8s teams natively
 * K3d 
-* kubens and kubectx to switch seamlessly -- enable alias and autocompletion 
+* kubens and kubectx to switch seamlessly -- enable alias and autocompletion for alias completion https://github.com/cykerway/complete-alias
+* 
 
diff --git a/kube.md b/kube.md
@@ -3,5 +3,5 @@
 	* minikube service list to get the NodePort IP
 * kind - works well used by k8s teams natively
 * K3d 
-* kubens and kubectx to switch seamlessly 
+* kubens and kubectx to switch seamlessly -- enable alias and autocompletion 
 
diff --git a/kube.md b/kube.md
@@ -3,4 +3,5 @@
 	* minikube service list to get the NodePort IP
 * kind - works well used by k8s teams natively
 * K3d 
+* kubens and kubectx to switch seamlessly 
 
diff --git a/kube.md b/kube.md
@@ -1,6 +1,6 @@
 ### Dev Cluster
 * minikube - old guy works well no load balancer support 
-	** minikube service list to get the NodePort IP
+	* minikube service list to get the NodePort IP
 * kind - works well used by k8s teams natively
 * K3d 
 
diff --git a/kube.md b/kube.md
@@ -0,0 +1,6 @@
+### Dev Cluster
+* minikube - old guy works well no load balancer support 
+	** minikube service list to get the NodePort IP
+* kind - works well used by k8s teams natively
+* K3d 
+
No results found