1 git clone https://github.com/sandervanvugt/cka 2 cd cka 3 ls 4 ./setup-container.sh 5 systemctl status containerd 6 history 7 ls 8 ./setup-kubetools.sh 9 sudo kubeadm init 10 mkdir -p $HOME/.kube 11 kubectl get all 12 vim ~/.kube/config 13 kubectl config view 14 history 15 kubectl get pods -n kube-system 16 kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml 17 kubectl get pods -n kube-system 18 kubectl get nodes 19 history 20 kubectl kustomize https://github.com/nginxinc/nginx-gateway-fabric/config/crd/gatway-api/standard?ref=v1.5.1 | kubectl apply -f - 21 kubectl kustomize https://github.com/nginxinc/nginx-gateway-fabric/config/crd/gateway-api/standard?ref=v1.5.1 | kubectl apply -f - 22 helm install ngf oci://ghcr.io/nginxinc/charts/nginx-gateway-fabric --create-namespace -n nginx-gateway 23 helm 24 snap install helm 25 sudo snap install helm 26 sudo snap install helm --classic 27 helm install ngf oci://ghcr.io/nginxinc/charts/nginx-gateway-fabric --create-namespace -n nginx-gateway 28 kubectl get pods,svc -n nginx-gateway 29 kubectl get gc 30 source <(kubectl completion bash) 31 kubectl edit -n nginx-gateway svc ngf-nginx-gateway-fabric 32 kubectl create deploy nginxgw --image=nginx --replicas=3 33 kubectl expose deploy nginxgw --port=80 34 kubectl get endpoints 35 vim http-routing.yaml 36 kubectl apply -f http-routing.yaml 37 sudo vim /etc/hosts 38 kubectl -n nginx-gateway port-forward pods/ngf-nginx-gateway-fabric-cdc5dfc94-62l6x 8080:80 8443:443 39 bg 40 curl whatever.com:8080 41 openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=whatever.com" 42 kubectl create secret tls gateway-tls --cert=tls.crt --key=tls.key 43 vim tls-gateway.yaml 44 kubectl apply -f tls-gateway.yaml 45 vim tls-gateway.yaml 46 kubectl apply -f tls-gateway.yaml 47 vim https-routing.yaml 48 kubectl apply -f https-routing.yaml 49 sudo apt install socat 50 sudo socat TCP4-LISTEN:80,fork TCP4:127.0.0.1:32080 & 51 sudo socat TCP4-LISTEN:443,fork TCP4:127.0.0.1:32443 & 52 curl -k https://whatever.com 53 ./counter.sh 12 54 vim tls-gateway.yaml 55 history 56 kubectl create quota qtest --help | less 57 #kubectl create quota qtest --hard pods=3,cpu=100m,memory=500Mi --namespace limited 58 kubectl create ns limited 59 kubectl create quota qtest --hard pods=3,cpu=100m,memory=500Mi --namespace limited 60 kubectl describe ns limited 61 kubectl create deploy nginx --image=nginx:latest --replicas=3 -n limited 62 kubectl get all -n limited 63 kubectl describe -n limited rs nginx-54c98b4f84 64 kubectl set resources deploy nginx --requests cpu=100m,memory=5Mi --limits cpu=200m,memory=200Mi -n limited 65 kubectl get pods -n limited 66 kubectl describe ns limited 67 kubectl edit quota -n limited 68 kubectl describe ns limited 69 kubectl explain limitrange.spec 70 kubectl explain limitrange.spec.limits 71 kubectl get ns 72 vim limitrange.yaml 73 kubectl get quota -n limited 74 kubectl delete quota -n limited 75 kubectl delete quota qtest -n limited 76 kubectl apply -f limitrange.yaml -n limited 77 kubectl describe ns limited 78 kubectl run limitpod --image=nginx -n limited 79 kubectl describe pod limitpod -n limiteds 80 kubectl describe pod limitpod -n limited 81 kubectl cordon worker1 82 kubectl edit node worker1 83 kubectl uncordon worker1 84 kubectl edit node control 85 kubectl get nodes 86 kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml 87 kubectl get pods -n kube-system 88 kubectl edit deploy -n kube-system metrics-server 89 kubectl get pods -n kube-system 90 kubectl top pods 91 kubectl create deploy webstress --image=nginx 92 kubectl autoscale deploy webstress --min=2 --max=3 --cpu-percent=80 93 kubectl get hpa 94 kubectl autoscale deploy webstress --min=2 --max=5 --cpu-percent=80 95 kubectl get deploy webstress 96 history > /tmp/feb25.txt 97 kubectl edit deploy -n kube-system metrics-server 98 helm 99 helm repo add argo https://argoproj.github.io/argo-helm 100 helm repo update 101 helm search repo argo/argo-cd 102 helm template my-argo-cd argo/argo-cd --version 7.8.3 > argo-cd-template.yaml 103 vim argo-cd-template.yaml 104 helm show values argo/argo-cd > values.yaml 105 vim values.yaml 106 helm template my-argocd argo/argo-cd -f values.yaml > argo-cd-template.yaml 107 kubectl apply -f argo-cd-template.yaml 108 kubectl get svc 109 vim nwpolicy-complete-example.yaml 110 kubectl apply -f nwpolicy-complete-example.yaml 111 kubectl expose pod nginx --port=80 112 kubectl exec -it busybox -- wget --spider --timeout=1 113 kubectl exec -it busybox -- wget --spider --timeout=1 nginx 114 kubectl get svc 115 kubectl get nwp 116 kubectl get netpol 117 kubectl describe netpol access-nginx 118 kubectl label pod busybox access=true 119 kubectl exec -it busybox -- wget --spider --timeout=1 nginx 120 history 121 kubectl create ns nwp-namespace 122 vim nwp-lab10-1.yaml 123 kubectl create -f nwp-lab10-1.yaml 124 kubectl expose pod nwp-nginx --port=80 125 kubectl exec -it nwp-busybox -n nwp-namespace -- wget --spider --timeout=1 nwp-nginx 126 kubectl exec -it nwp-busybox -n nwp-namespace -- nslookup nwp-nginx 127 kubectl exec -it nwp-busybox -n nwp-namespace -- wget --spider --timeout=1 nwp-nginx.default.svc.cluster.local 128 vim nwp-lab10-2.yaml 129 kubectl apply -f nwp-lab10-2.yaml 130 kubectl exec -it nwp-busybox -n nwp-namespace -- wget --spider --timeout=1 nwp-nginx.default.svc.cluster.local 131 kubectl create deploy busybox --image=busybox -- sleep 3600 132 kubectl exec -it busybox-5c684d4858-9ckll -- wget --spider --timeout=1 nwp-nginx 133 kubectl exec -it busybox-5c684d4858-9ckll -- cat /etc/resolv.conf 134 kubectl cluster-info 135 kubectl cluster-info dump | less 136 history 137 kubectl delete netpol access-nginx 138 kubectl delete netpol deny-from-other-namespaces 139 kubectl create ns restricted 140 kubectl run -h | less 141 kubectl run nginx --image=nginx -n restricted 142 kubectl -n restricted expose pod nginx 143 kubectl -n restricted expose pod nginx --port=80 144 kubectl get pods 145 kubectl get pods --show-labels 146 history 147 kubectl delete -f argo-cd-template.yaml 148 vim apiVersion: networking.k8s.io/v1 149 kind: NetworkPolicy 150 metadata: 151 spec: 152 vim netpol.yaml 153 kubectl get pods -n restricted --show-labels 154 vim netpol.yaml 155 kubectl get ns --show-labels 156 vim netpol.yaml 157 kubectl expose -n restricted nginx --port=80 158 kubectl expose -n restricted pod nginx --port=80 159 kubectl get pods 160 history | grep wget 161 kubectl exec -it busybox -- wget --spider --timeout=1 nginx.restricted.svc.cluster.local 162 kubectl get netpol -n restricted 163 kubectl apply -f netpol.yaml 164 vim netpol.yaml 165 kubectl apply -f netpol.yaml 166 kubectl exec -it busybox -- wget --spider --timeout=1 nginx.restricted.svc.cluster.local 167 kubectl label pod busybox access- 168 kubectl label pod busybox access="yes" 169 kubectl get pods --show-labels 170 kubectl exec -it busybox -- wget --spider --timeout=1 nginx.restricted.svc.cluster.local 171 history 172 cat netpol.yaml 173 kubectl describe node worker1 174 kubectl top node 175 kubectl top pods 176 kubectl get pods -n kube-system 177 cd /etc/kubernetes/manifests/ 178 ls 179 vim kube-apiserver.yaml 180 sudo vim kube-apiserver.yaml 181 cd 182 kubectl run staticpod --image=nginx --dry-run=client -o yaml 183 kubectl get pods 184 ps aux | grep kubelet 185 sudo vim /var/lib/kubelet/config.yaml 186 kubectl top pods 187 sudo apt install etcd-client 188 sudo etcdctl --help 189 ls /etc/pki/ 190 ls /etc/kubernetes/pki/etcd/ 191 ps aux | grep etcd 192 sudo etcdctl --endpoint=localhost:2379 --cacert /etc/kubernetes/pki/etc/ca.crt --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etc/server.key get / --prefix --keys-only 193 sudo etcdctl --endpoints=localhost:2379 --cacert /etc/kubernetes/pki/etc/ca.crt --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etc/server.key get / --prefix --keys-only 194 sudo etcdctl --endpoints=localhost:2379 --cacert /etc/kubernetes/pki/etcd/ca.crt --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etcd/server.key get / --prefix --keys-only 195 sudo etcdctl --endpoints=localhost:2379 --cacert /etc/kubernetes/pki/etcd/ca.crt --cert /etc/kubernetes/pki/etcd/server.crt --key /etc/kubernetes/pki/etcd/server.key snapshot save /tmp/etcdbackup.db 196 ls -l /tmp/etcdbackup.db 197 sudo etcdctl --write-out=table snapshot status /tmp/etcdbackup.db 198 cp /tmp/etcdbackup.db /tmp/etcdbackup.db.bak 199 sudo cp /tmp/etcdbackup.db /tmp/etcdbackup.db.bak 200 kubectl get deploy 201 kubectl delete deploy busybox nginxgw webstress 202 cd /etc/kubernetes/manifests/ 203 ls 204 sudo mv * .. 205 ls 206 sudo crictl ps 207 sudo mv /var/lib/etcd /var/lib/etcd-backup 208 sudo etcdctl snapshot restore /tmp/etcdbackup.db --data-dir /var/lib/etcd 209 sudo ls -l /var/lib/etcd 210 sudo ls -l /var/lib/etcd/member 211 cd .. 212 cd manifests/ 213 ls 214 sudo mv ../*.yaml . 215 sudo crictl ps 216 kubectl get deploy 217 sudo apt update 218 sudo apt-cache madison kubeadm 219 kubectl get nodes 220 cd 221 cd cka/ 222 vim selector-pod.yaml 223 kubectl apply -f selector-pod.yaml 224 vim selector-pod.yaml 225 kubectl apply -f selector-pod.yaml 226 kubectl get pods 227 kubectl describe pod nginxabc 228 kubectl label nodes worker2 disktype=ssd 229 kubectl get pods 230 history 231 kubectl get nodes 232 kubectl get pods -o wide 233 kubectl describe node worker1 234 kubectl create deploy taintet --image=nginx --replicas=10 235 kubectl get pods -o wide 236 kubectl get nodes 237 kubectl describe node worker1 | less 238 kubectl edit node worker1 239 kubectl describe node worker1 | less 240 kubectl taint nodes worker1 storage=ssd:NoSchedule 241 kubectl describe nodes worker1 | less 242 kubectl create deploy nginx-taint --image=nginx --replicas=3 243 kubectl get pods -o wide 244 kubectl delete deploy taintet 245 kubectl delete deploy nginx-taint 246 vim taint-toleration.yaml 247 kubectl get pods -o wide 248 kubectl create -f taint-toleration.yaml 249 kubectl get pods -o wide 250 kubectl delete -f taint-toleration.yaml 251 kubectl create deploy taintet --image=nginx --replicas=10 252 kubectl get pods -o wide 253* kubectl create -f taint-toleration.yaml 254 kubectl get pods -o wide | grep toler 255 vim taint-toleration2.yaml 256 kubectl apply -f taint-toleration2.yaml 257 kubectl get pods -o wide | grep toler 258 kubectl get pods -o wide | grep hdd 259 kubectl edit node worker1 260 kubectl get pod -o wide 261 kubectl create role --help | less 262 kubectl create ns roles 263 kubectl create role --help | less 264 kubectl create role viewer --verb=get --verb=list --verb=watch --resource=pods -n roles 265 kubectl get pods nginx -o yaml | less 266 kubectl create sa viewers -n roles 267 kubectl create rolebinding --help | less 268 # kubectl create rolebinding admin-binding --role=admin --serviceaccount=monitoring:sa-dev 269 kubectl create rolebinding viewers --role-viewer --serviceaccount=roles:viewers -n roles 270 kubectl create rolebinding viewers --role=viewer --serviceaccount=roles:viewers -n roles 271 kubectl run viewpod --image=nginx --dry-run=client -o yaml 272 vim viewoid.yaml 273 kubectl apply -f viewoid.yaml 274 vim viewoid.yaml 275 kubectl apply -f viewoid.yaml 276 kubectl get pods viewpod -n roles -o yaml | less 277 kubectl describe -n roles rolebindings.rbac.authorization.k8s.io 278 kubectl run mypod --image=alpine -- sleep 3600 279 kubectl get pods mypod -o yaml 280 kubectl exec -it mypod -- sh 281 kubectl create sa mysa 282 kubectl create role list-pods --resource=pods --verb=list 283 kubectl create rolebinding list-pods --role=list-pods --serviceaccount=default:mysa 284 cat mysapod.yaml 285 kubectl apply -f mysapod.yaml 286 kubectl exec -it mysapod -- sh 287 history 288 history > /tmp/feb25.txt