Skalirbare Container-Infrastruktuen: p75
https://kubernetes.io/docs/home/
Kubernetes 101 https://www.youtube.com/watch?v=IcslsH7OoYo&list=PL2_OBreMn7FoYmfx27iSwocotjiikS5BD
civo Tutorials: https://www.civo.com/academy/kubernetes-configuration-and-security
https://thenewstack.io/a-security-comparison-of-docker-cri-o-and-containerd/
Container Builder Comparison: https://itnext.io/docker-kaniko-buildah-209abdde5f94
Product overview: https://landscape.cncf.io/
cloud native attributes: https://12factor.net/
https://github.com/christhomas/kubernetes-cluster
dirtypipe vunerabiltiy in kubernetes context: https://www.datadoghq.com/blog/engineering/dirty-pipe-container-escape-poc/
ceph disaster: https://lf-net.org/blog/posts/2021-09-20_post-mortem-ceph/
https://github.com/geerlingguy/kubernetes-101
# https://github.com/geerlingguy/kubernetes-101
# create container-repository secret for default namespace
kubeclt create secret docker-registry regcred --docker-username=xxx --docker-password=<api-token> --docker-email=asdfsa@example.com
# can be referenced in deployment.yaml
# spec: template: spec: imagePullSecret: -name: regcred
kubectl create deployment hello-go --image=geerlingguy/kube101:hello-go # https://hub.docker.com/r/geerlingguy/kube101/tags
kubectl expose deployment hello-go --port=80 --target-port=8180 --type=NodePort # NodePort will take traffic from every node in the cluster
kubeclt get service hello-go # get service info
# kubeclt remove service hello-go # removes exposed port
kubectl edit deployment hello-go # --> increase spec: replicas: 3 # https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
kubectl logs -f -l app=hello-go --prefix=true
kubectl get service hello-go -o yaml # get object definition
kubectl delete pod hello-go-xxxxxxxx-xxxx # destroys pod shoud be automatically be recreated
# update deployment
# 1. change spec: template: spec: containers: -image: <newer image>
# kubectl set image deployment/<deployment-name> <container-name>=<image name>
kubectl set image deployment/hello-go kube101=geerlingguy/kube101:hello-go-v2
kubectl rollout history deployment hello-go # show deployment history
kubectl rollout undo deployment hello-go # revert latest change in deployment
# install Drupal using Helm
# https://artifacthub.io/packages/helm/bitnami/drupal
# helm chart: https://github.com/bitnami/charts/tree/master/bitnami/drupal
# docker image repo: https://github.com/bitnami/bitnami-docker-drupal
helm repo add bitnami https://charts.bitnami.com/bitnami
helm install mysite bitnami/drupal
kubectl get svc --namespace default -w mysite-drupal # -w: watch
kubectl create configmap test --from-env-file=env.prop
use in pod.yml
kubectl get pvc
kubectl delete pvc <name>
kubectl get pv
kubectl delete pv <name>
# Create a namespace for the Drupal site.
kubectl create namespace drupal
# Create the MySQL (MariaDB) Deployment.
kubectl apply -f mariadb.yml
# Create the Drupal (Apache + PHP) Deployment.
kubectl apply -f drupal.yml
kubectl get ns
kubectl config set-context --current --namespace=drupal
kubectl get deployments # -n <namespace>
# kubectl config set-context --current --namespace="" # reset namespace to default
ephermeral docker repository https://ttl.sh/
$ IMAGE_NAME=$(uuidgen)
$ docker build -t ttl.sh/${IMAGE_NAME}:1h .
$ docker push ttl.sh/${IMAGE_NAME}:1h
# image ttl.sh/xxxx-yyyy-nnnn-2a2222-4b44 is available for 1 hour