Killerkoda Flashcards
(34 cards)
What is what and which is not possible?: ClusterRole + RoleBinding or Role + ClusterRoleBinding?
- ClusterRole + RoleBinding (available cluster-wide, applied in single Namespace)
- Role + ClusterRoleBinding (NOT POSSIBLE: available in single Namespace, applied cluster-wide)
Hur ger man access att managera Deployments i både Namespaces?
k create clusterrole pipeline-deployment-manager –verb create,delete –resource deployments
how do i see if my serviceaccount can delete pods in another ns?
k auth can-i delete deployments –as system:serviceaccount:ns2:pipeline -n ns2
hur skapar ut pod defintion utan att applicera ?
k -n lion run important –image=nginx:1.21.6-alpine -oyaml –dry-run=client > pod.yaml
whats matchLabelKeys for?
used within affinity topology. The keys are used to lookup values from the pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod
what is the initial letterS of the required manifest addition for podAffinity?
spec:
template:
spec:
affinity:
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
Whats the name of the grouping thing for node affinity or anitaffinity?
topologyKey
how many node affinity types are there? and what are they?
2 types: requiredDuringSchedulingIgnoredDuringExecution
and
preferredDuringSchedulingIgnoredDuringExecution
https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#types-of-inter-pod-affinity-and-anti-affinity
- name 2 things that were missing in preferredDuringSchedulingIgnoredDuringExecution block in official doc. 2. And how do i get to know which ones?
- preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
- weight: 100
- kubectl explain pod.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution
how would you verify if u can reach a service from a pod using wget?
wget -O- apache-svc
There are cases where the Kubelet did stop the kube-apiserver container but did not start it again. How can you force it to?
You can force it to do so with systemctl restart kubelet.service
How can you change Change the IP address associated with the cluster’s DNS Service?
kubectl -n kube-system edit svc kube-dns
where is kubelet config?
/var/lib/kubelet/config.yaml
How to Determine If Your Kubelet Uses Dynamic Config
ps aux | grep kubelet | grep – –config
If i dont know if my kubelet uses dynamic config and need to change ip adress using both ways, what are those 2 ways?
1) vim /var/lib/kubelet/config.yaml
2) k -n kube-system edit cm kubelet-config
How do i apply the update to the kubelet configuration immediately on the node?
kubeadm upgrade node phase kubelet-config
systemctl daemon-reload
systemctl restart kubelet
how do i verify a pods dns update?
Get a shell to the pod and cat the /etc/resolv.conf to check that the DNS server used is 100.96.0.10
Howto make the node unavailable?
mark the node01 unschedulable
kubectl cordon node01
list the nodes to verify that node01 is unschedulable
kubectl get no
howto evict:a poddar på en nod?
cordon the node
kubectl cordon <node-name></node-name>
evict the pods that are running on node01
kubectl drain node01 –ignore-daemonsets
kubectl get po -o wide | grep node01
mark the node scheduleable once again
kubectl uncordon node01
whats the most straightforward way to make sure a pod runs on a certain node=
just put these in the pod yaml:
nodeName: node01
how do you change the image used for the deployment?
kubectl set image deploy apache httpd=httpd:latest
how do you scale replicas?
kubectl scale deploy apache –replicas 5
Whats important to remember about PVC
That its like a link between pod and PV, and also these fields:
accessModes: Must match the PV’s accessModes.
resources.requests.storage: Requests a specific amount of storage.
storageClassName: Matches the PV’s storageClassName.
etcdctl and etcdutl are 2 different tools. which one is for what?
etcdctl: This is the primary command-line client for interacting with etcd over a network. It is used for day-to-day operations such as managing keys and values, administering the cluster, checking health, and more.
etcdutl: This is an administration utility designed to operate directly on etcd data files, including migrating data between etcd versions, defragmenting the database, restoring snapshots, and validating data consistency. For network operations, etcdctl should be used.
p.s. see e.g. https://everythingdevops.dev/backup-kubernetes-etcd-data/
