redhat-scholars / kubernetes-tutorial Goto Github PK
View Code? Open in Web Editor NEWKubernetes Tutorial for https://dn.dev/master
Home Page: https://redhat-scholars.github.io/kubernetes-tutorial/
License: Apache License 2.0
Kubernetes Tutorial for https://dn.dev/master
Home Page: https://redhat-scholars.github.io/kubernetes-tutorial/
License: Apache License 2.0
This module
https://redhat-developer-demos.github.io/kubernetes-tutorial/kubernetes-tutorial/building-images.html
assumes the following has not been executed:
eval $(minikube docker-env -p devnation)
which is at the bottom of this page
https://redhat-developer-demos.github.io/kubernetes-tutorial/kubernetes-tutorial/installation.html#verify-setup
doesn't redirect to the Verify Setup section
Solves a real interesting problem that Live and Ready alone could not address
I followed these steps in the Operators tutorial:
kubectl create namespace pizzahat
kubectl config set-context --current --namespace=pizzahatkubectl apply -f apps/pizzas/pizza-crd.yaml
kubectl apply -f apps/pizzas/pizza-deployment.yaml
Output of kubectl get pods -n pizzahat
Output of kubectl describe pod
To get more information, I tail
ed the pod.
Output of stern -n pizzahat pod/quarkus-operator-example-...
I believe the URL is incorrect. More specifically, the authorization header should be included (or fixed somewhere in the Pizza Operator code), and v1beta1
should be v1
.
Here are my steps for arriving at that conclusion:
Slightly modify apps/pizzas/pizza-deployment
. I override the container's entrypoint so that I can get a shell:
From inside the container, I curl
the Kubernetes API.
I executed the following commands:
KUBE_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
curl -sSk -H "Authorization: Bearer $KUBE_TOKEN" https://10.152.183.1:443/apis/apiextensions.k8s.io/v1/customresourcedefinitions
This works.
This page forgets to tell the reader that the need to make the profile name "stick"
https://redhat-developer-demos.github.io/kubernetes-tutorial/kubernetes-tutorial/installation.html#start-minikube
using
minikube profile devnation
as subsequent examples refer to:
minikube ip
which needs to know the profile
Describe the pod
PODNAME=$(kubectl get pod -l app=myboot -o name)
kubectl describe pod $PODNAME
$ kubectl describe pod $PODNAME
error: there is no need to specify a resource type as a separate argument when passing arguments in resource/name form (e.g. 'kubectl get resource/<resource_name>' instead of 'kubectl get resource resource/<resource_name>'
$ echo $PODNAME
pod/myboot-66d7d57687-qwnnf
$ kubectl describe $PODNAME
Name: myboot-66d7d57687-qwnnf
Namespace: myspace
Priority: 0
...
Does not use the style of
apps/kubefiles/myboot-pod-volume.yml
as seen in the overall document
"In the next section, you’ll learn the concept of Service. This is an important element in Kubernetes ecosystem."
on this page
https://redhat-developer-demos.github.io/kubernetes-tutorial/kubernetes-tutorial/pod-rs-deployment.html
But the current navigational model has "logs" listed next
https://www.screencast.com/t/zAHN3Pgxj
In addition, the Service module assumes you just left the Pod/RS/Deployment module as it reuses that Deployment
Some links for Linux are in the Windows section
The file has an 'a' while the docs reference .yml in 2 places
https://redhat-developer-demos.github.io/kubernetes-tutorial/kubernetes-tutorial/statefulset.html
on Minikube
Caused by: io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://10.96.0.1/apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. customresourcedefinitions.apiextensions.k8s.io is forbidden: User "system:serviceaccount:pizzahat:quarkus-operator-example" cannot list resource "customresourcedefinitions" in API group "apiextensions.k8s.io" at the cluster scope.
This is also missing the copy feature:
https://www.screencast.com/t/vUnm5VfEnqw
https://www.screencast.com/t/LPImoKrlbf
Organize the Kube III course materials into Intermediate in the overall navigation.
Advanced remains the 'catch all' for materials outside of Kube I, II and III
The tag of the quarkus-demo image in the last section of "Elementary/Rolling Updates" is wrong
kubectl set image deployment/myboot myboot=quay.io/rhdevelopers/quarkus-demo:1.0.0
The correct tag is v1:
kubectl set image deployment/myboot myboot=quay.io/rhdevelopers/quarkus-demo:v1
Since the whole concept of service is around labels and selectors, it will be apt to move it as part of the basics session alongside introduction to service to make it more contextual.
The curl command in .devcontainer/Dockerfile that should download krew fails because the file is no longer available under that URL.
Building the docker image fails at that point - see below:
[..]
---> Running in 17ae19ccdb88
++ mktemp -d
Full log file:
remoteContainers-2022-03-30T16-18-32.235Z.log
minikube start --memory=6144 --cpus=3 --kubernetes-version=v1.22.3 --vm-driver=docker
Docker driver is the only option
Nodeports are not available with the docker driver
https://www.screencast.com/t/kf1VoPmMhuPF
minikube service myservice -n mystuff
provides a tunnel
Improve the set env section with examples by adding examples to show variable interpolation in the command
and args
attributes of the deployment YAML. The args in command
and args
need to follow the variable substitution pattern like $(ENV_VAR_NAME)
.
I feel we need to call this out in the tutorial as developers will follow the natural instinct of using $ENV_VAR_NAME
pattern.
With this project projectcontour.io incubating into CNCF, it will be nice for us to show the users about Ingress. This Ingress is based on envoy so the elements are just same as virtual service
@burrsutter @lordofthejars thoughts ??
Avoid too many cat <<EOF on the tutorial, it will not work for windows user. Better to provide YAML files for the same to be able run via kubectl apply -f
kubectl apply -f myboot-pod-volume-hostpath.yaml
in the page : https://github.com/redhat-scholars/kubernetes-tutorial/edit/master/documentation/modules/ROOT/pages/service.adoc
The name of the service should be : the-service (from the metadata) and not myapp
if I do : kubectl get svc -o wide I'll obtain this
vagrant@k8s-master ~ $ kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
the-service LoadBalancer 10.102.11.99 192.168.50.201 80:31203/TCP 4s app=quarkus-demo
vagrant@k8s-master ~ $
PS. Look at the port also, it's 80:(generated nodeport). in your example, it's 8080.
PS2. I'm running on-premise with MetalLB.
vagrant@k8s-master ~ $ kubectl version
Client Version: version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.2", GitCommit:"f5743093fd1c663cb0cbc89748f730662345d44d", GitTreeState:"clean", BuildDate:"2020-09-16T13:41:02Z", GoVersion:"go1.15", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.2", GitCommit:"f5743093fd1c663cb0cbc89748f730662345d44d", GitTreeState:"clean", BuildDate:"2020-09-16T13:32:58Z", GoVersion:"go1.15", Compiler:"gc", Platform:"linux/amd64"}
vagrant@k8s-master ~ $
vagrant@k8s-master ~ $ kubectl describe svc the-service
Name: the-service
Namespace: default
Labels: <none>
Annotations: <none>
Selector: app=quarkus-demo
Type: LoadBalancer
IP: 10.102.11.99
LoadBalancer Ingress: 192.168.50.201
Port: <unset> 80/TCP
TargetPort: 8080/TCP
NodePort: <unset> 31203/TCP
Endpoints: 10.244.126.35:8080,10.244.194.122:8080,10.244.235.239:8080
Session Affinity: None
External Traffic Policy: Cluster
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal IPAllocated 8m4s metallb-controller Assigned IP "192.168.50.201"
Normal nodeAssigned 8m4s metallb-speaker announcing from node "k8s-worker2"
vagrant@k8s-master ~ $
Hi Sebastien, hi Burr,
Your livestream today was incredible again :) .. I finally got the time to play with the kubernetes tutorial.
I found a little inconsistence in it.
In the Section “Talk to the App” on 2. Beginner / kubectl there is a slight error in the command querying the IP address.
The command "IP=$(minikube ip)” should be changed to "IP=$(minikube ip -p devnation)"
It took me quite a while to figure that out.
With regards
Wolfgang “DJ Madie” Kremser
for minikube or baremetal you could specify that it's possible to install MetalLB (https://metallb.universe.tf/) as another option than ingress.
in this page : https://redhat-developer-demos.github.io/kubernetes-tutorial/kubernetes-tutorial/installation.html
there are few sections were the copy icon is not present
this instructs the reader to
cd $TUTORIAL_HOME
and then to
mkdir bin && cd bin
There is already a bin directory therefore mkdir fails. Also, it seems inappropriate to put the minikube and kubectl binaries in a bin folder IN the kubernetes-tutorial directory. I think it would be better if the bin for minikube/kubectl and other executables were a sibling/peer of the main tutorial directories.
Whenever you hit the copy button in the tutorial you get 2 additional LF copied before the block and 1 additional LF after the block. Any chance we can remove this annoyance?
I believe it would be much easier to read the tutorial if we could have different background colors for input/output. Having something like this would probably allow us to automatically create the copy button on the section.
I google a lot to try to find how to add a css style to a section in Antora, but had no success. @lordofthejars, any tips? I can do it, but I just need some light on this subject.
getting the IP from AWS is different
IP=$(kubectl get service fedora-vm-ssh -o jsonpath="{.status.loadBalancer.ingress[0].hostname}")
instead of
IP=$(kubectl get service fedora-vm-ssh -o jsonpath="{.status.loadBalancer.ingress[0].ip}")
In https://raw.githubusercontent.com/redhat-developer-demos/rhd-tutorial-common/master/prerequisites-kubernetes.adoc
there are two pairs of links swapped around.
This:
| `VirtualBox`
| https://download.virtualbox.org/virtualbox/6.1.6/VirtualBox-6.1.6-137129-OSX.dmg[Download]
| https://download.virtualbox.org/virtualbox/6.1.6/VirtualBox-6.1.6-137129-Win.exe[Download]
| https://www.virtualbox.org/wiki/Linux_Downloads[Download]
| https://kubernetes.io/docs/tasks/tools/install-minikube[Minikube] {minikube-version}
| https://github.com/kubernetes/minikube/releases/download/{minikube-version}/minikube-darwin-amd64[Download]
| https://github.com/kubernetes/minikube/releases/download/{minikube-version}/minikube-windows-amd64.exe[Download]
| https://github.com/kubernetes/minikube/releases/download/{minikube-version}/minikube-linux-amd64[Download]
Should be:
| `VirtualBox`
| https://download.virtualbox.org/virtualbox/6.1.6/VirtualBox-6.1.6-137129-OSX.dmg[Download]
| https://www.virtualbox.org/wiki/Linux_Downloads[Download]
| https://download.virtualbox.org/virtualbox/6.1.6/VirtualBox-6.1.6-137129-Win.exe[Download]
| https://kubernetes.io/docs/tasks/tools/install-minikube[Minikube] {minikube-version}
| https://github.com/kubernetes/minikube/releases/download/{minikube-version}/minikube-darwin-amd64[Download]
| https://github.com/kubernetes/minikube/releases/download/{minikube-version}/minikube-linux-amd64[Download]
| https://github.com/kubernetes/minikube/releases/download/{minikube-version}/minikube-windows-amd64.exe[Download]
I forgot to copy over the 9Steps Databases materials to cover PV/PVC.
https://github.com/burrsutter/9stepsawesome/blob/master/9_databases.adoc
Readers/students would love to have some PV/PVC instruction
error execution phase certs/apiserver-kubelet-client: [certs] certificate apiserver-kubelet-client not signed by CA certificate ca: crypto/rsa: verification error
To see the stack trace of this error execute with --v=5 or higher
On Windows 11,
I get the above error. Logs attached.
minikube starts only if I do
/mnt/c/kubernetes-tutorial$ minikube start driver=docker
Joining these commands reduces learnability. It is better for the reader to see, use and attempt to understand the commands individually. Especially commands that need to be repeated if a new terminal window is opened or the laptop rebooted.
As an example:
git clone https://github.com/redhat-developer-demos/kubernetes-tutorial kubernetes-tutorial &&
export TUTORIAL_HOME="$(pwd)/kubernetes-tutorial" &&
cd $TUTORIAL_HOME
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.