kbmaster

apt update
apt -y install curl apt-add-repository
apt -y install docker.io
systemctl enable docker
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add
apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"
apt -y install kubeadm
kubeadm init --pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl get pods --all-namespaces
echo “[WARNING] get join command”
echo “Command after join new node: kubectl get nodes”
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard.yaml
kubectl proxy --address 0.0.0.0 -p 80 --accept-hosts='^143.106.16.*$,^xaveco.lab.ic.unicamp.br$' --disable-filter=true
kubectl apply -f https://www.ic.unicamp.br/~william/howto/dashboard-adminuser.yaml
kubectl apply -f https://www.ic.unicamp.br/~william/howto/role-adminuser.yaml
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

kbnode


apt update
apt -y install curl apt-add-repository
apt -y install docker.io
systemctl enable docker
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add
apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"
echo “execute join command”

Get Token


kubectl get secrets -o jsonpath="{.items[?(@.metadata.annotations['kubernetes\.io/service-account\.name']##'default')].data.token}"|base64 --decode
kubectl config set newconfig
kubectl proxy

# URL:
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/node?namespace=default

Create kubeconfig file with kubectl [[http://docs.shippable.com/deploy/tutorial/create-kubeconfig-for-self-hosted-kubernetes-cluster/|http://docs.shippable.com/deploy/tutorial/create-kubeconfig-for-self-hosted-kubernetes-cluster/]]


apiVersion: v1
clusters:
- cluster: insecure-skip-tls-verify: true
server: https://server.x.x:8443
name: minikube contexts:
- context: cluster: minikube
user: minikube
name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: minikube
user: client-certificate: /home/william/.minikube/profiles/minikube/client.crt client-key: /home/william/.minikube/profiles/minikube/client.key

Dashboard: [[https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/|https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/]]


http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

Como eh link [[http://localhost:8001/api/v1/namespaces/istio-system/services/http:kiali:9090/proxy/|http://localhost:8001/api/v1/namespaces/istio-system/services/http:kiali:9090/proxy/]]

Minikube kvm2


curl -LO https://storage.googleapis.com/minikube/releases/latest/docker-machine-driver-kvm2
chmod +x docker-machine-driver-kvm2
sudo mv docker-machine-driver-kvm2 /usr/local/bin/
docker-machine-driver-kvm2 version
minikube config set vm-driver kvm2
cat .minikube/config/
minikube start --nodes 2 # or # minikube start --nodes 2 --vm-driver kvm2

nginx ingress baremetal

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.47.0/deploy/static/provider/baremetal/deploy.yaml
kubectl get all -n ingress-nginx
kubectl edit deployment.apps/ingress-nginx-controller -n ingress-nginx
and redeploy or
kubectl edit replicaset.apps/ingress-nginx-controller-XXXXXXXXXX -n ingress-nginx

Others options: [[https://kubernetes.github.io/ingress-nginx/deploy/baremetal/|https://kubernetes.github.io/ingress-nginx/deploy/baremetal/]]

UI K8S

https://medium.com/geekculture/yakd-yet-another-kubernetes-dashboard-7766bd071f30

https://engineering.indeedblog.com/blog/2020/11/k8dash-indeeds-open-source-kubernetes-dashboard/

https://williamlam.com/2020/04/useful-interactive-terminal-and-graphical-ui-tools-for-kubernetes.html

https://opensource.com/article/20/6/kubernetes-lens

Para configurar e utilizar um container registry privado no Kubernetes (K8s), vocĂŞ precisa:

âś… Passo 1: Autenticar no registry (ex: Docker Hub, ECR, GCR, GitHub Container Registry, etc)

Crie um secret do tipo docker-registry com suas credenciais:

kubectl create secret docker-registry meu-registry-secret \
  --docker-server=<URL-do-registry> \
  --docker-username=<seu-usuario> \
  --docker-password=<sua-senha-ou-token> \
  --docker-email=<seu-email>

Exemplo para Docker Hub:

kubectl create secret docker-registry dockerhub-secret \
  --docker-server=https://index.docker.io/v1/ \
  --docker-username=meuusuario \
  --docker-password=meusenha \
  --docker-email=meu@email.com

âś… Passo 2: Referenciar o secret no seu Deployment

No seu arquivo de Deployment YAML, adicione a chave imagePullSecrets:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: minha-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: minha-app
  template:
    metadata:
      labels:
        app: minha-app
    spec:
      containers:
      - name: minha-app
        image: <seu-registry>/<seu-usuario>/<imagem>:<tag>
        ports:
        - containerPort: 80
      imagePullSecrets:
      - name: meu-registry-secret

âś… Passo 3 (opcional): Tornar o secret padrĂŁo para o namespace

Se quiser que o secret seja usado por padrĂŁo em todos os Pods de um namespace:

kubectl patch serviceaccount default \
  -p '{"imagePullSecrets": [{"name": "meu-registry-secret"}]}' \
  -n <seu-namespace>

đź’ˇ Dicas