diff --git a/05-SERVICE.md b/05-SERVICE.md index 7c04b94..4feb6ca 100644 --- a/05-SERVICE.md +++ b/05-SERVICE.md @@ -14,7 +14,8 @@ Create it: - `k aplly -f svc-definition.yml` Expose a pod: -- `kubectl expose pod nginx --port=80 --name nginx-service --type=ClusterIP` +- `kubectl expose pod nginx --port=80 --name nginx-service` + - `--type=ClusterIP` is default, and `--target-port=` will the same as `--port=` is you don't set it To see more details of the a POD: - `k get po -o wide` \ No newline at end of file diff --git a/06-COMMANDS-ARGUMENTS.md b/06-COMMANDS-ARGUMENTS.md index 1e48ea1..dd3b76f 100644 --- a/06-COMMANDS-ARGUMENTS.md +++ b/06-COMMANDS-ARGUMENTS.md @@ -29,6 +29,9 @@ Run POD with command and arguments: - "5000" ``` +Or just: +- `k run ubuntu --image=ubuntu --command sleep 5000` + Obs.: - The tag `command` is will overwrite the tag `ENTRYPOINT` from Dockerfile. - The tag `args` is will overwrite the tag `CMD` from Dockerfile. diff --git a/09-SECURITY-CONTEXT.md b/09-SERVICE-ACCOUNT.md similarity index 55% rename from 09-SECURITY-CONTEXT.md rename to 09-SERVICE-ACCOUNT.md index 66118ca..6134cfd 100644 --- a/09-SECURITY-CONTEXT.md +++ b/09-SERVICE-ACCOUNT.md @@ -1,16 +1,15 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` +## Service Account -Get all service accounts: +- Get all service accounts: ``` k get sa -A ``` -Service Account for the POD: +- Service Account for the POD: ``` k create serviceaccount my-sa ``` -To get the name of the token to see the value of the token: +- To get the name of the token to see the value of the token: ``` k describe serviceaccount my-sa k describe secret my-sa-token-kbbdm diff --git a/10-SERVICE-ACCOUNT.md b/10-SECURITY-CONTEXT.md similarity index 88% rename from 10-SERVICE-ACCOUNT.md rename to 10-SECURITY-CONTEXT.md index 1eef50f..273bebe 100644 --- a/10-SERVICE-ACCOUNT.md +++ b/10-SECURITY-CONTEXT.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Security Context for the POD: ``` @@ -52,4 +50,9 @@ Security Context for the Container with capabilities: ``` To see more details of the a POD: -- `k get po -o wide` \ No newline at end of file +- `k get po -o wide` + +--- + +Doc: +- \ No newline at end of file diff --git a/11-RESOURCE-LIMITS.md b/11-RESOURCE-LIMITS.md index aabb67e..9f41eef 100644 --- a/11-RESOURCE-LIMITS.md +++ b/11-RESOURCE-LIMITS.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Limite resorces for all the PODS in default NS: ``` diff --git a/12-TAINTS.md b/12-TAINTS.md index 533537e..5b880d3 100644 --- a/12-TAINTS.md +++ b/12-TAINTS.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Create a taint - `k taint nodes node-name key=value:taint-effect` diff --git a/13-NODE-SELECTORS.md b/13-NODE-SELECTORS.md index 806a7d0..b26d52a 100644 --- a/13-NODE-SELECTORS.md +++ b/13-NODE-SELECTORS.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Create a label - `k label nodes node1 app=ssd` diff --git a/14-NODE-AFFINITY.md b/14-NODE-AFFINITY.md index 331e979..edf3666 100644 --- a/14-NODE-AFFINITY.md +++ b/14-NODE-AFFINITY.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Show all labels on the nodes: - `k get nodes --show-labels` diff --git a/15-MILTI-CONTAINER-PODS.md b/15-MILTI-CONTAINER-PODS.md index 1407673..cf482d3 100644 --- a/15-MILTI-CONTAINER-PODS.md +++ b/15-MILTI-CONTAINER-PODS.md @@ -1,26 +1,75 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` +#### Sidecar containers + +- Here's an example of a Deployment with two containers, one of which is a sidecar: + + ``` + apiVersion: apps/v1 + kind: Deployment + metadata: + name: myapp + labels: + app: myapp + spec: + replicas: 1 + selector: + matchLabels: + app: myapp + template: + metadata: + labels: + app: myapp + spec: + containers: + - name: myapp + image: alpine:latest + command: ['sh', '-c', 'while true; do echo "logging" >> /opt/logs.txt; sleep 1; done'] + volumeMounts: + - name: data + mountPath: /opt + initContainers: + - name: logshipper + image: alpine:latest + restartPolicy: Always + command: ['sh', '-c', 'tail -F /opt/logs.txt'] + volumeMounts: + - name: data + mountPath: /opt + volumes: + - name: data + emptyDir: {} + ``` + +- Two containers in a POD and sharing a volume, different mounthPaths but the same shared folder: -Add a Label on a POD: ``` apiVersion: v1 kind: Pod metadata: - name: nginx-pod + name: two-containers spec: + + volumes: + - name: shared-data + emptyDir: {} + containers: - - image: nginx - name: nginx-container - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: app - operator: In - values: - - ssd + + - name: nginx-container + image: nginx + volumeMounts: + - name: shared-data + mountPath: /usr/share/nginx/html + + - name: debian-container + image: debian + volumeMounts: + - name: shared-data + mountPath: /pod-data + command: ["/bin/sh"] + args: ["-c", "echo Hello from the debian container > /pod-data/index.html"] ``` -To see more details of the a POD: -- `k get po -o wide` +--- + +Doc: +- \ No newline at end of file diff --git a/16-READNESS-LIVENESS.md b/16-READNESS-LIVENESS.md index 4e937a5..7a019b1 100644 --- a/16-READNESS-LIVENESS.md +++ b/16-READNESS-LIVENESS.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Add livenessProbe and readinessProbe on a POD: ``` diff --git a/17-LOGGING.md b/17-LOGGING.md index b706d86..348a603 100644 --- a/17-LOGGING.md +++ b/17-LOGGING.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Show the POD logs: - `k logs pod-name` diff --git a/18-MONITORING.md b/18-MONITORING.md index a00cb45..f8f7624 100644 --- a/18-MONITORING.md +++ b/18-MONITORING.md @@ -1,7 +1,5 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` -Go to github and install metrics-server: +Go to github and install metrics-server(If needed): - `https://github.com/kubernetes-sigs/metrics-server` Get Nodes metrics: diff --git a/19-POD-LABELS.md b/19-POD-LABELS.md index 2fcf88f..64ac011 100644 --- a/19-POD-LABELS.md +++ b/19-POD-LABELS.md @@ -1,8 +1,4 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` - -Documentation: -- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +#### Labels Add two labels on a POD: ``` @@ -23,3 +19,9 @@ Add two labels on a POD: Get Pods by labels: - `k get pods -l environment=production,tier=frontend` + + +--- + +Doc: +- https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ \ No newline at end of file diff --git a/20-LABELS-SELECTORS.md b/20-LABELS-SELECTORS.md index dfe9b83..08bc73e 100644 --- a/20-LABELS-SELECTORS.md +++ b/20-LABELS-SELECTORS.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Get Nodes metrics: - `k get pods --selector app=app1` diff --git a/21-ROLLING-UPDATES-AND-ROLLBACKS.md b/21-ROLLING-UPDATES-AND-ROLLBACKS.md index 7b5339c..c74b5ff 100644 --- a/21-ROLLING-UPDATES-AND-ROLLBACKS.md +++ b/21-ROLLING-UPDATES-AND-ROLLBACKS.md @@ -1,5 +1,3 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` Deployment Strategys: - Recreate diff --git a/22-JOBS-CRONJOBS.md b/22-JOBS-CRONJOBS.md index 18ede77..d8594b2 100644 --- a/22-JOBS-CRONJOBS.md +++ b/22-JOBS-CRONJOBS.md @@ -1,5 +1,4 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` +#### CronJob - Jobs Add a JOB: ``` diff --git a/23-SERVICES.md b/23-SERVICES.md index 9deaa26..fbba98c 100644 --- a/23-SERVICES.md +++ b/23-SERVICES.md @@ -1,5 +1,4 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` +#### Service Service NodePort: ``` diff --git a/24-INGRESS.md b/24-INGRESS.md index c80ec38..ec9cdab 100644 --- a/24-INGRESS.md +++ b/24-INGRESS.md @@ -1,7 +1,5 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` -- `alias kdr='kubectl -o yaml --dry-run=client'` - +#### Ingress + Install Nginx Ingress Controller Steps: - ConfigMap - `kdr create configmap nginx-configuration -n ingress-space > configmap.yml` diff --git a/25-NETWORK-POLICIES.md b/25-NETWORK-POLICIES.md index bd91e6e..17b988d 100644 --- a/25-NETWORK-POLICIES.md +++ b/25-NETWORK-POLICIES.md @@ -1,8 +1,4 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` - -Documentation: -- https://kubernetes.io/docs/concepts/services-networking/network-policies/ +#### Network Policy NetworkPolicy example: ``` @@ -37,4 +33,9 @@ Create it: Obs.: ***Flannel*** does not support NetwotkPolicies. - But ***Kube-router, Calico, Romana, Weave-net*** does. + But ***Kube-router, Calico, Cilium...*** does support. + +--- + +Doc: +- diff --git a/26-VOLUMES-PV-PVC.md b/26-VOLUMES-PV-PVC.md index c3e3837..5f3854a 100644 --- a/26-VOLUMES-PV-PVC.md +++ b/26-VOLUMES-PV-PVC.md @@ -1,9 +1,4 @@ -How to create kubectl alias (optional): -- `alias k=kubectl` - -Documentation: -- https://kubernetes.io/docs/concepts/storage/volumes/ -- https://kubernetes.io/docs/concepts/storage/persistent-volumes/ +#### Persistent Volumes and PV. Claims Persistent Volumes: ``` @@ -60,10 +55,8 @@ POD: claimName: my-pvc ``` +--- - - volumes: - - name: default-token-qq6ns - secret: - defaultMode: 420 - secretName: default-token-qq6ns \ No newline at end of file +Doc: +- +- \ No newline at end of file diff --git a/27 - HELM.md b/27 - HELM.md new file mode 100644 index 0000000..673d645 --- /dev/null +++ b/27 - HELM.md @@ -0,0 +1,43 @@ +## Helm + +#### Install + +Go to + +#### Some commands + +- `helm search hub` searches the Artifact Hub, which lists helm charts from dozens of different repositories. +- `helm search repo` searches the repositories that you have added to your local helm + ``` + helm search repo wordpress + helm search hub wordpress + ``` + +- Add a Repo: + ``` + helm repo add bitname https://charts.bitnami.com/bitnami + helm repo update + ``` + +- Search for a repo: + `helm search repo joomla` + +- List repositories: + `helm repo ls` + +- Env prints out all the environment info in use by Helm + `helm env` + +- Install App: + - `helm install ` + - Ex.: `helm install my-nginx stable/nginx-ingress` +- Uninstall App: + - `helm uninstall ` + - Ex.: `helm uninstall my-nginx` +- You can pass `--namespace my-namespace` as well + +- Pull and download: + - `helm pull --untar=true` + +Some Cheats: + \ No newline at end of file diff --git a/README.md b/README.md index d3bde41..c7a62f7 100644 --- a/README.md +++ b/README.md @@ -8,37 +8,45 @@ CNCF Certified Kubernetes Application Developer (CKAD) * [CKAD Exam Tips](https://docs.linuxfoundation.org/tc-docs/certification/tips-cka-and-ckad) * [FAQs](https://www.cncf.io/certification/expert/cka/faq/) * [More Details](https://www.cncf.io/certification/ckad/) +* [killercoda](https://killercoda.com/killer-shell-ckad) -# CKAD Curriculum until 2021-09-20 +# CKAD Curriculum until 2024-09-20 -## Core Concepts - 13% -* kubernetes API Primitives -* Create and configure basic Pods +## Application Design and Build 20% -## Configuration - 18% -* ConfigMaps -* SecurityContexts -* Secrets -* ServiceAccounts +- Define, build and modify container images +- Choose and use the right workload resource (Deployment, DaemonSet, CronJob, etc.) +- Understand multi-container Pod design patterns (e.g. sidecar, init and others) +- Utilize persistent and ephemeral volumes -## Multi-Container Pods - 10% -* Multi-Container Pod design patterns +## Application Deployment 20% -## Observability - 18% -* LivenessProbes and ReadinessProbes -* Logging -* How to monitor applications in Kubernetes -* Debugging in Kubernetes +- Use Kubernetes primitives to implement common deployment strategies (e.g. blue/green or canary) +- Understand Deployments and how to perform rolling updates +- Use the Helm package manager to deploy existing packages +- Kustomize -## Pod Design - 20% -* How to use Labels, Selectors, and Annotations. -* Deployments and how to perform rolling updates. -* How to perform rollbacks -* Jobs and CronJobs. +## Application Observability and Maintenance 15% -## Services & Networking - 13% +- Understand API deprecations +- Implement probes and health checks +- Use built-in CLI tools to monitor Kubernetes applications +- Utilize container logs +- Debugging in Kubernetes -## State Persistence - 8% -* Volumes -* Persistent Volumes -* Persistent Volumes Claim +## Application Environment, Configuration and Security 25% + +- Discover and use resources that extend Kubernetes (CRD, Operators) +- Understand authentication, authorization and admission control +- Understand requests, limits, quotas +- Understand ConfigMaps +- Define resource requirements +- Create & consume Secrets +- Understand ServiceAccounts +- Understand Application Security (SecurityContexts, Capabilities, etc.) + +## Services and Networking 20% + +- Demonstrate basic understanding of NetworkPolicies +- Provide and troubleshoot access to applications via services +- Use Ingress rules to expose applications diff --git a/TIME-MANAGEMENT.md b/TIME-MANAGEMENT.md index 5738585..3121ab5 100644 --- a/TIME-MANAGEMENT.md +++ b/TIME-MANAGEMENT.md @@ -1,6 +1,7 @@ -#### CKAD +#### Time management + - 2 horas -- 19 exercises +- 15-20 exercises - Do not get stuck :D - Know yaml files :D - Use k8s aliases such as