Kubernetes_getting_started

Kubernetes Getting Started Guide

This guide provides an introduction to common kubectl commands for interacting with a Kubernetes cluster. It also covers creating deployments and introduces some popular management tools.

A very good official reference is the kubectl Cheat Sheet.

Note on Examples: Many examples use specific names like app-routable-demo for namespaces or echoserver-1-deployment-7f49577554-9x8xq for pods. If you are working in your own environment, you'll need to replace these with names relevant to your setup, or deploy sample applications to have these resources available.

Exploring Your Cluster

Namespaces

Namespaces are a way to divide cluster resources between multiple users or teams. A good way to start exploring is to list all namespaces:

kubectl get ns

Pods

Pods are the smallest deployable units in Kubernetes. Here are some commands to inspect pods:(Assuming a namespace app-routable-demo and a pod with label app=echoserver-1 and name containing echoserver-1-deployment exist for these examples.)

List pods in a specific namespace:

kubectl get po -n app-routable-demo

Get more details about pods, including the node they are running on:

kubectl get po -n app-routable-demo -o wide

Show pod labels:

kubectl get po -n app-routable-demo -o wide --show-labels

View a pod's full YAML definition:

# Replace 'pod-name-xyz' with an actual pod name from the previous command's output
kubectl get po -n app-routable-demo pod-name-xyz -o yaml

List pods matching a specific selector:

kubectl get pods -n app-routable-demo --selector=app=echoserver-1

Logs

View logs from a specific pod (and optionally a container within it):

# Replace 'echoserver-1-deployment-7f49577554-9x8xq' with an actual pod name
kubectl logs -n app-routable-demo echoserver-1-deployment-7f49577554-9x8xq
# If the pod has multiple containers, specify one with -c <container-name>

Exec and Attach (Interacting with Containers)

Execute a command inside a container or attach to a running process.

Execute a shell (sh) inside a pod:

# Replace 'echoserver-1-deployment-7f49577554-6rbqp' with an actual pod name
kubectl exec -n app-routable-demo -it echoserver-1-deployment-7f49577554-6rbqp -- sh

Attach to a running process in a pod (less common for general interaction than exec):

# Replace 'echoserver-1-deployment-7f49577554-6rbqp' with an actual pod name
kubectl attach -n app-routable-demo -it echoserver-1-deployment-7f49577554-6rbqp

Deployments

Deployments manage stateless applications.

List deployments in a namespace:

kubectl get deploy -n app-routable-demo

Describe a specific deployment to see its details, status, and events:

# Replace 'echoserver-1-deployment' with an actual deployment name
kubectl describe deploy -n app-routable-demo echoserver-1-deployment

Scaling a Deployment

Change the number of replicas (pods) managed by a deployment.

First, check the current pods for a deployment:

kubectl get pods -n app-routable-demo --selector=app=echoserver-1

Scale the deployment (e.g., to 4 replicas):

# Replace 'echoserver-1-deployment' with an actual deployment name
kubectl scale deployment -n app-routable-demo --replicas=4 echoserver-1-deployment

Verify the new number of pods:

kubectl get pods -n app-routable-demo --selector=app=echoserver-1

Creating a New Deployment

This section walks through creating a new deployment, highlighting good practices.

Unadvisable Direct Apply (Example Only)

Applying YAML directly from a URL can be risky as you might not know its exact contents. While convenient for trusted sources, it's generally not recommended for production or sensitive environments.

# Example of what NOT to do without inspection:
# kubectl apply -f https://raw.githubusercontent.com/xxradar/kuberneteslearning/master/radarhack-deploy.yaml

The original document notes: "What you should not do, but happens all of the time ..."

Corrected Approach: Local Manifest and Cleanup

Let's assume the above command was run for demonstration. Here's how you might find and clean it up:

List all deployments across all namespaces to find it:

kubectl get deploy -A

List deployments in the default namespace (if it was deployed there):

kubectl get deploy

Delete the example deployment (assuming it was named radarhack-deployment and in the default namespace):

kubectl delete deploy radarhack-deployment # Add -n <namespace> if it was deployed elsewhere

Modifying the Manifest Locally

Obtain the deployment manifest: Download the manifest to your local machine for inspection and modification.
```
wget https://raw.githubusercontent.com/xxradar/kuberneteslearning/master/radarhack-deploy.yaml
```
Edit radarhack-deploy.yaml: Use a text editor (e.g., vi, nano, VS Code) to modify the radarhack-deploy.yaml file.
```
vi radarhack-deploy.yaml
```
Make the following changes as an example:
- Under the main metadata section of the Deployment, add a label like deployment: brucon.
- Under spec.template.metadata (this is metadata for the Pods created by the Deployment), add a label like version: v1.
- Change the spec.replicas count (e.g., to 2 or 3).
- In the main metadata section of the Deployment, specify a namespace, for example, namespace: my-radarhack.

Applying the Modified Manifest

Create the new namespace: If you added a namespace to your manifest, create it first.
```
kubectl create ns my-radarhack
```

Apply the local manifest:

kubectl apply -f ./radarhack-deploy.yaml

Verify the deployment: Check the pods in your new namespace.
```
kubectl get po -n my-radarhack
```

Example Solution YAML

After the modifications described above, your radarhack-deploy.yaml (combined with a Namespace object for completeness if creating the namespace via YAML too) might look like this:

apiVersion: v1
kind: Namespace
metadata:
  name: my-radarhack
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: radarhack-deployment
  namespace: my-radarhack # As modified
  labels:
    app: radarhack
    deployment: brucon # As modified
spec:
  replicas: 2 # As modified (example)
  selector:
    matchLabels:
      app: radarhack
  template:
    metadata:
      labels:
        app: radarhack
        version: v1 # As modified
    spec:
      containers:
      - name: radarhack
        image: docker.io/xxradar/naxsi5 # Original image
        ports:
        - containerPort: 80

Verifying the Deployment Details

See your deployment and pods with their labels:

kubectl get po -n my-radarhack -o wide --show-labels
kubectl get deploy -n my-radarhack -o wide --show-labels

You can continue to edit ./radarhack-deploy.yaml and re-apply the changes with kubectl apply -f ./radarhack-deploy.yaml.

Cleanup

An easy way to clean up everything related to this deployment (if you used a dedicated namespace):

kubectl delete ns my-radarhack

Managing Your Kubernetes Cluster in Style

Here are a couple of popular command-line tools that offer enhanced UIs for managing Kubernetes.

K9s

K9s provides a terminal-based UI to navigate, observe, and manage your deployed applications in K8s. Project Link: https://github.com/derailed/k9s

Installation (Example for Linux x86_64, version v0.20.5):Note: Always check the K9s GitHub releases page for the latest version and installation instructions.

# Create a directory for K9s binaries (optional)
mkdir -p $HOME/K9S
cd $HOME/K9S
# Download a specific version (check for latest)
wget https://github.com/derailed/k9s/releases/download/v0.20.5/k9s_Linux_x86_64.tar.gz
tar -zxvf k9s_Linux_x86_64.tar.gz
# Move k9s binary to a location in your $PATH, e.g., /usr/local/bin
# sudo mv k9s /usr/local/bin/
# Then run:
# k9s

Octant

Octant is a tool for developers to understand the complexity of Kubernetes clusters through a visual interface. It runs as a web application on your local machine. Project Link: https://github.com/vmware-tanzu/octant

Installation (Example for Linux x86_64, version v0.13.1):Note: Always check the Octant GitHub releases page for the latest version and installation instructions.

# Create a directory for Octant binaries (optional)
mkdir -p $HOME/octant
cd $HOME/octant
# Download a specific version (check for latest)
wget https://github.com/vmware-tanzu/octant/releases/download/v0.13.1/octant_0.13.1_Linux-64bit.tar.gz
tar -zxvf octant_0.13.1_Linux-64bit.tar.gz
# The binary is typically in a subdirectory, e.g., ./octant_0.13.1_Linux-64bit/octant
# Consider moving the 'octant' binary to a location in your $PATH
# cd ./octant_0.13.1_Linux-64bit
# sudo mv octant /usr/local/bin/

Running Octant:

The original document mentions: "You could do it like this ... but this is not very smart" referring to:

# OCTANT_LISTENER_ADDR=0.0.0.0:8900 ./octant

Binding to 0.0.0.0 makes Octant accessible on all network interfaces, which might be a security risk if your machine is exposed.

A common way to run Octant is to let it bind to 127.0.0.1 (localhost) by default, and if you are running it on a remote machine (e.g., studentx-1.training.dockerhack.me), use SSH local port forwarding to access its web interface:

On your local machine, run:

# Replace with your actual SSH key, user, and remote host
ssh -i training_key.pem user@remote-k8s-management-host -L 8900:127.0.0.1:7777

(This forwards local port 8900 to port 7777 on the remote host where Octant will run.)

On the remote host (e.g., studentx-1.training.dockerhack.me via the SSH session or another terminal): Start Octant. It will typically listen on 127.0.0.1:7777 by default.
```
# Assuming 'octant' binary is in your PATH on the remote host
octant
```
Access Octant: Open your local web browser and navigate to http://127.0.0.1:8900.

Home

PreviousAppendix_B_tcpdump_lab Nextapi_access_via_host

Last updated 6 months ago