Kubernetes Mind Map

Kubernetes-Mind-Map
Cookbooks
- Download docker image and put in in my Google
Cloud Repository (GCR)
- find image on dockerhub
- docker search <search-text>
- pull from dockerhub
- docker pull <tag>
- EG docker pull hello-world
- check the list of images, get a tag
- docker images
- tag the image with my GCR info
- docker tag <current-tag>
<new-repo-specific-tag-and-version>
- push the image to my GCR
- 1. gcloud auth configure-docker
- 2. docker push
<new-repo-specific-tag-and-version>
- EG docker push
gcr.io/my-project/hello-world:v1
- DEPRECATED: gcloud docker -- push
<new-repo-specific-tag-and-version>
- EG gcloud docker -- push
gcr.io/my-project/hello-world:v1
- IMPORTANT: use gcloud to use your
gcloud authentication
- delete all exited and dead containers in
docker
- docker ps -f status=exited -f status=dead
--format ";{{.ID}}"; | xargs docker rm
- create a cluster
- use the gui. Look at command line if you want
it.
- then, add the cluster to your kubectl config
- gcloud container clusters get-credentials
<cluster-name> --zone <zone> --project
<project-name>
- add a container to the cluster, creating a pod
along the way
- make sure the image is in your local repository
first!
- docker images
- use kubectl run to add the container
- kubectl run <image-name>
--image=<image-tag>
- delete all clusters in your kubectrl config (eg,
the clusters have been deleted in GKE)
- kubectl config get-clusters | grep -v NAME |
xargs -n 1 kubectl config delete-cluster
- get to a command line in a container. Replace
"bash" "with" "sh" if bash not supported in
container
- If its the only container in the pod
- kubectl exec -it <pod-name> -- ";bash";
- If there are multiple containers in the pod
- first find the container name for the container
you want
- kubectl describe pod <pod-name>
- then exec the shell
- kubectl exec -it -p <pod-name> -c
<container-name> -- "bash"
- list all the containers in all your clusters (close,
but not working yet)
- kubectl get pods --all-namespaces -o
jsonpath=";{.items[*].spec.containers[*].name}";
- kubectl get pods --all-namespaces
-o=jsonpath='{range
.items[*]}{";\n";}{.metadata.name}{";:\t";}{range
.spec.containers[*]}{.name}{";, ";}{end}{end}' |\
sort
- list all your clusters
- kubectl config view
- and then look in the contexts section
- delete a pod/deployment
- kubectl get pods
- list the pods to see your pod is there
- kubectl get deployments
- get the name of your pod's deployment
- kubectl delete deployment
<deployment-name>
- you need to delete the deployment. If you
delete the pod, kubernetes will recreate it
- kubectl get deployments
- make sure your deployment is gone
- kubectl get pods
- make sure your pod is gone
- show all gke instances by name, zone,
tags, and status
- gcloud compute instances list --filter 'name~gke.*' --format
";table(name:sort=1,zone,tags.items.list():label=TAGS,status)";
- scaling
- scale pods up and down
- kubectl scale deploy <deployment> -n <namespace> --replicas <replica
count>
- scale nodes up and down
- gcloud container clusters resize <cluster> --size <number of
nodes per zone> --project <project> --zone <master zone>
- restart a container without killing a pod
- exec into the container and run
- kill -HUP 1
- eg, exec in to the sidecar to restart nginx
to pick up a new cert
- check a certificate
- in a running pod
- openssl s_client -connect <domain-name>:<port>
| openssl x509 -noout -text
- add
| grep DNS
if you only care about the DNS names
(common name + subject alternative
names)
- in the secret for a pod
- list all the certs first
- kubectl get cert
- then describe the cert
- kubectl describe cert <cert-name>
Docker
- sample Dockerfiles
- Dockerfile commands
- FROM
- MAINTAINER
- RUN
- ENTRYPOINT
- commands
- docker pull
- pull an image from another repo
- docker pull <tag>
- docker push
- push an image to a repo
- docker images
- list all images
- docker ps
- show currently running docker processes
- -a
- show current and finished processes
- docker build
- docker build -t <tag> <Dockerfile location>
- EG docker build -t user/nmap .
- docker run
- docker run <tag> <params>
- -it
- interactive
- -v <from>:<to>:<permissions>
- share a volume or file
- -v $(pwd)/secrets.txt:/etc/secrets.txt:ro
- docker logs
- docker logs <container name>
- docker inspect
- docker inspect <container name>
- docker rm
- docker rm <container name>
- remove container
- docker rmi
- remove image <tag>
- docker cp
- docker cp <from> <to>
- cookbooks
- delete all images with <none> tag (find a better
way)
- docker images | grep '<none>' | cut -c 72-83 |
xargs -n1 docker image rm
- tools
- container diff
- GoogleContainerTools/container-diff
151