**********
kubernetes
**********

* Deployment → ReplicaSet → Pods → Containers
* 1 IP address per pod

Pods
====

Read
----

.. code:: shell

 kubectl \
 get pods \
 -n my-namespace

Execute
-------

.. code:: shell

 kubectl \
 run my-pod \
 --image my-image \
 --restart Never \
 -n my-namespace

Write
-----

.. code:: shell

 kubectl edit \
 pod my-pod \
 -n my-namespace

.. code:: shell

 kubectl delete \
 pod my-pod \
 -n my-namespace \
 --grace-period 0

Deployments
===========

Read
----

.. code:: shell

 kubectl get \
 deploy my-deployment \
 -n my-namespace \
 -o wide

.. code:: shell

 kubectl get \
 deployments \
 -n my-namespace

Execute
-------

.. code:: shell

 kubectl create \
 deploy my-deployment \
 --image my-image \
 -n my-namespace

.. code:: yaml

 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: my-deployment
 spec:
   replicas: 2
   template:
     metadata:
       labels:
         app: my-app
     spec:
       containers:
       - name: my-container
         image: my-image

Write
-----

.. code:: shell

 kubectl \
 set image \
 deployment/my-deployment \
 my-app=my-app:1.0.1 \
 -n my-namespace

.. code:: shell

 kubectl \
 delete deploy my-deployment \
 -n my-namespace

Scale
-----

.. code:: shell

 kubectl \
 scale deploy my-deployment \
 --replicas 3 \
 -n my-namespace

Services
========

* ClusterIP (internal)
* ExternalName (internal alias for external DNS)
* LoadBalancer (external dedicated IP) [if available]
* NodePort (exposed via node)

Read
----

.. code:: shell

 kubectl \
 get services \
 -n my-namespace

.. code:: shell

 kubectl \
 get service my-service \
 -n my-namespace

Write
-----

.. code:: shell

 kubectl \
 expose deployment my-deployment \
 --type LoadBalancer \
 --name my-load-balancer \
 --target-port 8080 \
 -n my-namespace

.. code:: shell

 kubectl \
 delete service my-service \
 -n my-namespace

.. code:: shell

 kubectl \
 edit service my-service \
 -n my-namespace

.. warning::

 ClusterIP is immutable!

NameSpaces
==========

Special:
* default
* kube-node-lease
* kube-public
* kube-system

Outside:
* Nodes
* Pod Security Policies
* Persistent Volumes

.. code:: shell

 kubectl api-resources \
 --namespaced false

Read
----

.. code:: shell

 kubectl \
 get namespaces

Write
-----

.. code:: shell

 kubectl \
 create ns my-namespace

.. code:: shell

 kubectl \
 delete ns my-namespace

Jobs
====

* one-time
* sequential
* parallel

CronJob → Job → Pods

Read
----

.. code:: shell

 kubectl \
 get jobs \
 -n my-namespace

Write
-----

.. code:: shell

 kubectl \
 create job my-job \
 --image my-image \
 -n my-namespace

.. code:: shell

 kubectl \
 create job my-job \
 --from cronjob/my-cronjob \
 -n my-namespace

.. code:: shell

 kubectl \
 apply -f file.yaml \
 -n my-namespace

.. code:: yaml

 apiVersion: batch/v1
 kind: Job
 metadata:
   name: my-job
 spec:
   activeDeadlineSeconds: 60
   backoffLimit: 4
   completions: 1
   parallelism: 1
   template:
     spec:
       containers:
       - name: my-container
         image: my-image
       restartPolicy: OnFailure

.. code:: shell

 kubectl \
 delete job my-job \
 -n my-namespace

.. code:: shell

 kubectl \
 delete job my-job \
 cascade=false \
 -n my-namespace

CronJobs
========

Read
----

.. code:: shell

 kubectl \
 get cronjobs \
 -n my-namespace

Write
-----

.. code:: shell

 kubectl \
 create cronjob my-cronjob \
 --image my-image \
 --schedule '*/4 * * * *' \
 -n my-namespace

.. code:: yaml

 apiVersion: batch/v1
 kind: CronJob
 metadata:
   name: my-cronjob
 spec:
   schedule: '*/4 * * * *'
   jobTemplate:
     spec:
       template:
         spec:
           containers:
           - name: my-container
             image: my-image
             imagePullPolicy: IfNotPresent
             command:
             - /usr/bin/bash
             - -c
             - command
           failedHistoryLimit: 2
           successfulJobsHistoryLimit: 1
           restartPolicy: OnFailure

.. code:: shell

 kubectl \
 patch cronjob my-cronjob \
 -p '{"spec":{"schedule": "*/4 * * * *"}}' \
 -n my-namespace

.. code:: shell

 kubectl \
 delete cronjob my-cronjob \
 -n my-namespace

ConfigMaps
==========

From:
* environment variables file
* file
* key and value

Read
----

.. code:: shell

 kubectl \
 get configmap \
 -n my-namespace

.. code:: shell

 kubectl \
 get configmap my-configmap \
 -o yaml \
 -n my-namespace

Write
-----

.. code:: shell

 kubectl \
 create configmap my-configmap \
 --from-literal 'uid=1000' \
 -n my-namespace

.. code:: shell

 kubectl \
 create configmap my-configmap \
 --from-file 'my-configmap.txt' \
 -n my-namespace

.. code:: shell

 kubectl \
 create configmap my-configmap \
 --from-env-file 'my-configmap.env' \
 -n my-namespace

.. code:: shell

 kubectl \
 delete configmap my-configmap \
 -n my-namespace

Pod YAML configurations
^^^^^^^^^^^^^^^^^^^^^^^

.. code:: yaml

 apiVersion: v1
 kind: Pod
 metadata:
   name: my-pod
 spec:
   containers:
   - name: my-container
     image: my-image
     volumeMounts:
     - name: my-volumemounts
       mountPath: /etc/my-volumemounts.txt
   volumes:
   - name: my-volume
     configMap:
       name: my-configmap

.. code:: yaml

 apiVersion: v1
 kind: Pod
 metadata:
   name: my-pod
 spec:
   containers:
   - name: my-container
     image: my-image
     env:
     - name: my-env
       valueFrom:
         configMapKeyRef:
           name: my-configmap
           key: my-key

.. code:: yaml

 apiVersion: v1
 kind: Pod
 metadata:
   name: my-pod
 spec:
   containers:
   - name: my-container
     image: my-image
     envFrom:
     - configMapRef:
       name: my-configmap