Kubernetes Mock Exam 3

-

 Task 1

1. Create service account

#kubectl create serviceaccount pvviewer

2. Create cluster role - list pv

#kubectl create clusterrole pvviewer-role --resource=persistentvolumes --verb=list

3. Create cluster rolebinding 

#kubectl create clusterrolebinding pvviewer-role-binding --clusterrole=pvviewer-role --serviceaccount=default:pvviewer

4. Create pod with service account

#kubectl run --generator=run-pod/v1 pvviewer --image=redis --dry-run -o yaml > pod.yaml

Add yaml file

serviceAccountName: pvviewer

#kubectl create -f pod.yaml

Document: configure service account


Task 2

Document: cheatsheet - get ExternalIP of all nodes

#kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type="InternalIP")].address}'  > /root/node_ips

Task 3

Create pod with two containers with different images

#kubectl run --generator=run-pod/v1 multi-pod --image=nginx --dry-run -o yaml > multi-pod.yaml


Change the yaml file

Add second pod and env


spec:

  containers:

  - image: nginx

    name: alpha

    env:

    - name: name

      value: alpha

  - image: busybox

    name: beta

    command: ["sleep","4800"]

    env: 

    - name: name

      value: beta


#kubectl create -f multi-pod.yaml


Task 4

Create pod with specific cpu and memory limit

#kubectl run --generator=run-pod/v1 lion --image=redis:alpine --dry-run -o yaml > lion.yaml


Kubernetes.io --> Pod with resource limits

Add following to yaml file

resources:

   limits:

      cpu: "2"

      memory: "500Mi"


Task 5

Trouble shooting Pod / service

#kubectl get pod

#kubectl get services


Create test pod to check

#kubectl run --generator=run-pod/v1 test-np --image=busybox:1.28 --rm -it -- sh 

#nc -z -v -w 2 <service name> 80


#kubectl get networkpolicy

#kubectl describe netpol default-deny


Kubernetes.io --> network policies


apiVersion: networking.k8s.io/v1

kind: NetworPolicy

metadate: 

     name: <in the question>

     namespace: default

spec: 

    podSelector: 

        matchLabels: 

             <label in pod>

    policyTypes: 

    - Ingress

    ingress: 

    - ports:

      - port: 80

        protocol: TCP


Task 6: create pod to specific node

#kubectl get node

#kubectl taint node node01 env_type=production:NoSchedule

#kubectl describe node node01|grep -i taint


#kubectl run --generator=run-pod/v1 dev-redis --image=redis:alphine 

#kubectl get pod -o wide


#kubectl get pod dev-redis -o yaml > prod-redis.yaml

vi prod-redis.yaml


Change the name to prod-redis


keep tolerations part

tolerations:

- effect: NoSchedule

  key: env_type

  operator: Equal

  value: production


Task 7: create pod with label in specific namespace

#kubectl get ns

#kubectl create ns hr

#kubectl run --generator=run-pod/v1 hr-pod --image=redis:alpine --labels=environment=production,tier=frontend --namespace=hr

#kubectl -h hr get pods --show-labels


Task 8: configuration file troubleshooting

#kubectl cluster-info --kubeconfig=/root/super.kubeconfig


find the server port is wrong

fix by update the port from 2379 --> 6443


Task 9: deployment trouble shooting

#kubectl get deployments

#kubectl describe deployment


#kubectl scale deployment nginx-deploy --replicas=3

#kubectl get deployments

#kubectl describe deployment nginx-deploy

#kubectl get pod

#kubectl describe pod <pod name>

#kubectl -n kube-system get pods --> find controller manger is broken


cd /etc/kubernetes/manifests


name spell is wrong. need to fix it. 



Comments

Post a Comment

Popular posts from this blog

Nginx Proxy & Load Balance & LNMP

-
Nginx Proxy Service E-commerce website Server 1: provide image request response (  apache / nginx ) Server 2: provide dynamic request response ( php-fpm / apache-php ) Server 3: provide static request response ( apache / nginx ) Server 4: provide data request response ( mysql ) It need one additional nginx server 1. Install nginx 2. proxy to specific server Example location / {      proxy_pass http://192.168.199.187:80/; } location /bbs/ {      proxy_pass http://192.168.199.187:80/bbs/; } location ~* \.(jpg|png|gif)$  {      proxy_pass http://172.16.100.7; } Enhance the log information and specific the hostname location / {      proxy_pass  http://192.168.199.187:80/;      proxy_set_header <parameter name>  $host;  (client requst the hostname )      proxy_set_header <parameter name> $remote_addr; ...
Read more

Snort+barnyard2+Snorby CentOS 6.5_64 Installation

-
#download packages: daq-2.0.2.tar.gz ImageMagicK-6.8.9-8.tar.gz oinkmaster-2.0.tar.gz ruby-1.9.3-p547.tar.gz snort-2.9.6.2.tar.gz snortrules-snapshot-2962.tar.gz MySQL-server-5.5.40-1.rhel5.x86_64.rpm MySQL-client-5.6.21-1.rhel5.x86_64.rpm MySQL-devel-5.6.21-1.rhel5.x86_64.rpm MySQL-shared-5.6.21-1.rhel5.x86_64.rpm epel-release-6-8.noarch.rpm barnyard2-2.1.13.tar.gz #install yum package rpm -ivh epel-release-6-8.noarch.rpm yum install gcc-c++ patch readline readline-devel zlib zlib-devel flex git yum install libyaml-devel libffi-devel openssl-devel make  yum install bzip2 autoconf automake libtool bison iconv-devel libxml2-devel libxslt  yum install gcc g++ build-essential libssl-devel libreadline5-devel zlib1g-devel linux-headers-generic libsqlite3-devel libxslt-devel curl-devel sqlite-devel yum --enablerepo=epel install jasper jasper-libs jasper-devel #Mysql install yum remove mysql mysql-libs rpm -ivh MySQL-server-5.5.40-1.rh...
Read more

ORACLE Error

-
Image
oracle official error explanation  http://docs.oracle.com/cd/E11882_01/server.112/e17766/toc.htm 从服务器下载ALERT日志文件,传输方式需要选择"ASCII" ORA-01078: failure in processing system parameters 发生场景:新建数据库第一次启动时 SQL> startup ORA-01078: failure in processing system parameters LRM-00109: could not open parameter file ‘/home/oracle/oracle/product/10.2.0/db_1/dbs/initorcl.ora’ 原因:oracle_sid没有配置正确 解决方案: 1. 修改oracle用户.bash_profile文件中ORACLE_SID后的内容; 2. 重新已oracle用户登录; ORA-01157: cannot identify/lock data file string - see DBWR trace file  Cause: The background process was either unable to find one of the data files or failed to lock it because the file was already in use. The database will prohibit access to this file but other files will be unaffected. However the first instance to open the database will need to access all online data files. Accompanying error from the operating system describes why the file could not be identified. Action: Have operating system make file ...
Read more