Difference between revisions of "Kubernetes"
| (One intermediate revision by the same user not shown) | |||
| Line 253: | Line 253: | ||
matchLabels: | matchLabels: | ||
app: monitoring-agent</nowiki> | app: monitoring-agent</nowiki> | ||
=== Priority Classes === | |||
System range: 2'147'483'648 - 2'000'000'000</br> | |||
Usable range: 1'000'000'000 - -2'147'483'648</br> | |||
<nowiki>apiVersion: scheduling.k8s.io/v1 | |||
kind: PriorityClass | |||
metadata: | |||
name: high-priority | |||
value: 1000000000 | |||
description: "Priority class for mission critical pods" (optional) | |||
globalDefault: true (optional) | |||
preemptionPolicy: PreemtLowerPriority (default)/ never (optional)</nowiki> | |||
Assign by setting priorityClassName in pod definition under spec. | |||
=== Admission Controllers === | |||
<code>ps -ef | grep admission</code> Show info about admission plugins | |||
=== Performance and Monitoring === | |||
<nowiki>kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml | |||
serviceaccount/metrics-server created</nowiki> | |||
<code>kubectl top <pod/node></code> | |||
=== Logs === | |||
<code>kubectl logs <pod/node></code> | |||
Latest revision as of 15:23, 28 January 2026
k8s
kubectl
api-resources
kubectl api-resources List available resources
explain
kubectl explain <pods> --recursive Explain something
get
kubectl get <all/pods/replicationcontroller/replicaset/deployment/ns/svc/nodes Show all/replicationcontroller/replicaset/deployment/namespace/service objects
kubectl get pods -o wide Show all pods with more info
run/create
kubectl run <pod-name> --image=nginx Run new nginx pod
kubectl create -f <defintion.yaml> Create new object from <definition.yaml> file
kubectl run <pod-name> --image=nginx --dry-run=client -o yaml > sample.yaml Write a defintion file without starting the pod
describe/edit/delete
kubectl describe pod <pod-name> Describe pod
kubectl edit pod <pod-name> Edit pod with editor
kubectl delete pod <pod-name> Delete pod from default namespace
scale
kubectl scale --replicas=5 replicaset <replicaset-name> Edit the current replicas without editing the file (fleeting?).
explain
kubectl explain <something> Explain <something>
label
kubectl label <something> Edit labels <something>
Kubernetes Definition Files
“Can I have more than one of these?”
Yes → use -
No → don’t use -
Example .yaml for Pod
This configuration defines a pod named "myapp-pod" that runs a single container using the nginx image.
apiVersion: v1
kind: Pod
metadata:
name: myapp-pod
labels:
app: myapp
type: front-end
spec:
tolerations:
- key: "spray"
operator: "Equal"
value: "mortein"
effect: "NoSchedule"
containers:
- name: nginx-container
image: nginx
Example .yaml for Replication Controller
This configuration defines a replication controller for the example "myapp-pod" nginx pod.
apiVersion: v1
kind: ReplicationController
metadata:
name: myapp-rc
labels:
app: myapp
type: front-end
spec:
template:
metadata:
name: myapp-pod
labels:
app: myapp
type: front-end
spec:
containers:
- name: nginx-container
image: nginx
replicas: 3
Example .yaml for ReplicaSet
This configuration defines a replica set for the example "myapp-pod" nginx pod.
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: myapp-replicaset
labels:
app: myapp
type: front-end
spec:
template:
metadata:
name: myapp-pod
labels:
app: myapp
type: front-end
spec:
containers:
- name: nginx-container
image: nginx
replicas: 3
selector:
matchLabels:
type: front-end
Example .yaml for Deployment
This configuration defines a deployment for the example "myapp-pod" nginx pod.
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-replicaset
labels:
app: myapp
type: front-end
spec:
template:
metadata:
name: myapp-pod
labels:
app: myapp
type: front-end
spec:
containers:
- name: nginx-container
image: nginx
replicas: 3
selector:
matchLabels:
type: front-end
Example .yaml for Namespace
This configuration defines a new namespace dev.
apiVersion: v1 kind: Namespace metadata: name: dev
Command: kubectl create namespace dev
Example .yaml for Resource Quota
This configuration defines a resource quota compute-quota for namespace dev.
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-quota
namespace: dev
spec:
hard:
pods: "10"
requests.cpu: "4"
requests.memory: 5Gi
limit.cpu: "10"
limit.memory: 10Gi
Imperative Commands
Can be tested with: --dry-run=client
kubectl run --image=nginx nginx
kubectl create deployment --image=nginx nginx
kubectl expose deployment nginx --port 80
kubectl edit deployment nginx
kubectl scale deployment nginx --replicas=5
kubectl set image deployment nginx nginx=nginx:1.18
Taint
kubectl taint node node01 key=value:NoSchedule Add some taint to node01
Node Affinity
requiredDuringSchedulingIgnoredDuringExecution
preferredDuringSchedulingIgnoredDuringExecution
Deployment:
spec:
template:
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: color
operator: In/NotIn/Exists
values:
- blue
Resource Requests & Limits
By default, a container has no limit to the resources it can consume on a node and may suffocate other pods or services on the same node.
Usual best practice: Set Requests with no limits.
spec:
containers:
resources:
requests:
cpu: 2
memory: "4Gi"
limits:
cpu: 5
memory: "8Gi"
LimitRange (CPU), applies to namespaces:
apVersion: v1
kind: LimitRange
metadata:
name: cpu-resource-constraint
spec:
limits:
- default: (Limit)
cpu: 500m
defaultRequest: (Request)
cpu: 500m
max: (Limit)
cpu: "1"
min: (Request)
cpu: 100m
type:
Container
LimitRange (CPU), applies to namespaces:
apVersion: v1
kind: LimitRange
metadata:
name: memory-resource-constraint
spec:
limits:
- default: (Limit)
memory: 1Gi
defaultRequest: (Request)
memory: 1Gi
max: (Limit)
memory: 1Gi
min: (Request)
memory: 500Mi
type:
Container
ResourceQuota, applies to namespaces:
apVersion: v1
kind: ResourceQuota
metadata:
name: my-resource-quota
spec:
hard:
requests.cpu: 4
requests.memory: 4Gi
limits.cpu: 10
limits.memory: 10Gi
DaemonSets
For monitoring or logs (kubeproxy).
Creation is similar to ReplicaSet.
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: monitoring-daemon
spec:
template:
metadata:
labels:
app: monitoring-agent
spec:
containers:
- name: monitoring-agent
image: monitoring-agent
selector:
matchLabels:
app: monitoring-agent
Priority Classes
System range: 2'147'483'648 - 2'000'000'000
Usable range: 1'000'000'000 - -2'147'483'648
apiVersion: scheduling.k8s.io/v1 kind: PriorityClass metadata: name: high-priority value: 1000000000 description: "Priority class for mission critical pods" (optional) globalDefault: true (optional) preemptionPolicy: PreemtLowerPriority (default)/ never (optional)
Assign by setting priorityClassName in pod definition under spec.
Admission Controllers
ps -ef | grep admission Show info about admission plugins
Performance and Monitoring
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml serviceaccount/metrics-server created
kubectl top <pod/node>
Logs
kubectl logs <pod/node>