Bookmarks

Bookmarks Bar

CKA

** kubectl Autocomplete

JSONPath Support

Kubernetes Release Notes

kubectl Cheat Sheet - Kubernetes

kubectl Usage Conventions

Installation

Overview of kubectl - Kubernetes

Installing kubeadm

Creating a cluster with kubeadm

kubeadm upgrade

Upgrading Master Nodes

Install and Set Up kubectl

kubectl config set-cluster

Encrypting Secret Data at Rest

TLS bootstrapping - Kubernetes

Network Addons

PKI Certificates and Requirements

Cluster Upgrades

Safely Drain a Node

Certificate Management with kubeadm

Upgrading kubeadm clusters

Upgrading Worker Nodes

Networking

** Installing a Network Add-On

Required Ports

Install Weave Net

Install Weave

Customizing DNS Service

DNS for Services and Pods

Debugging DNS Resolution

Ingress

** Ingress Example

Ingress

Ingress Controllers

Ingress | Minimal

LoadBalancer

Create an External Load Balancer - Kubernetes

NetworkPolicy

** Network Policy Resource

** NetworkPolicy resource | Full

** Brief Example in Use

Network Policies

Declare Network Policy

Configure Default Memory Requests and Limits for a Namespace

to and from selectors

Default deny all ingress traffic

Default allow all ingress traffic

Default deny all egress traffic

Default allow all egress traffic

Default deny all ingress and all egress traffic

Components

kubelet - Kubernetes

etcd

Backup etcd

Restore etcd

Operating etcd clusters for Kubernetes

Workloads

* DaemonSet

* StatefulSets

Create Static Pods

Labels and Selectors

Jobs

** CronJob Template

** Jobs Template

** Jobs - Parallel/Completions

** Jobs - Deadline/Backoff

Jobs - Run to Completion - Kubernetes

Jobs - Parallelism

Pods

** Pod templates

** Define Variables for a Container

** Commands and Arguments

** Resource Requests/Limits Example

** Configure a Pod to Use a ConfigMap

** envFrom Secret

** Init Containers Example

** Configure Service Accounts (scroll for example)

Configure Pod Initialization

NodeSelector- Assigning Pods to Nodes - Kubernetes

Configure Liveness and Readiness Probes - Kubernetes

Static Pods - Kubernetes

Horizontal Pod Autoscaler Walkthrough - Kubernetes

Create HPA

Pod Affinity

Termination message Pod Failure - Kubernetes

Taints and Tolerations

Managing Compute Resources for Containers

Init Containers

Multi-Container

Using a sidecar container with the logging agent

Communicate Between Containers in the Same Pod Using a Shared Volume

The Distributed System ToolKit: Patterns for Composite Containers - Kubernetes

Assigning Pods to Nodes - Kubernetes

Nodes

Taints and Tolerations - Kubernetes

Node Affinity/Anti-affinity

Resource Quotas

Deployments

** Creating a Deployment

Run a Stateless Application Using a Deployment

ReplicaSet

Deployments -Strategy

Deployments | Upgrade/Rollback

ConfigMaps

** Configure a Pod

** Create ConfigMap

ConfigMaps

Services

** Defining A Service

Services - Kubernetes

Exposing an External IP Address to Access an Application in a Cluster - Kubernetes

Use Port Forwarding to Access Applications in a Cluster - Kubernetes

Debug Services

Secrets

** Secrets Mount

** Secrets as Files

** Secrets as Env Vars

Environment variables -- Secrets

Distribute Credentials Securely

SecurityContext

** Configure a Security Context

Pod Security Policies

Pod Security Standards

DaemonSets

** DaemonSet

Perform a Rollback

Perform a Rolling Update

API Example

Persistent Volumes

** Persistent Volumes

** Persistent Volumes claims

** Create PVC - Simple

** Create PVC - hostPath

** Example Pod

** configMap

Storage Classes - Kubernetes

Volumes - Kubernetes

Limit Storage Consumption - Kubernetes

Deploying WordPress and MySQL with Persistent Volumes

emptyDir

Expanding Persistent Volumes Claims

Reclaiming Persistent Volumes

Storage Class Provisioners

Scheduling

* Taints and Tolerations

* Assigning Pods to Nodes

* Node Affinity

Managing Resources for Containers

* Create static Pods

Configure Multiple Schedulers

* Multiple Schedulers | Leader Election

* Specify Scheduler for Pod

Security

Authentication Strategies

Configure Access to Multiple Clusters | kubeconfig

Kubectl config

Using Node Authorization

Using RBAC Authorization

Using ABAC Authorization

Webhook Mode

Image Pull Secrets

Secrets | Docker

Security Context | Capabilities

11 Ways (Not) to Get Hacked

SA Pull Secrets

Pull an Image from a Private Registry

Certificates

Manage TLS Certificates

Create CertificateSigningRequest

Certificate Signing Requests

Certificates - ca-config, ca-csr

Certificate Signing Request Resource

Certificate Signing Requests | Normal User

Certificate Rotation - Kubernetes

RBAC

Authorization Overview

** Create Role

** Create ClusterRole

** Create RoleBinding

** Create ClusterRoleBinding

** Checking API Access (can-i)

** Role and ClusterRole

** RoleBinding and ClusterRoleBinding

Troubleshooting

Debug Pods and ReplicationControllers

Debug Pods

Debug ReplicationControllers

Debug Services

Determine the Reason for Pod Failure

Troubleshooting kubeadm

Troubleshoot Clusters

A general overview of cluster failure modes

Monitoring, Logging, and Debugging

Command line tools reference