Skip to content

Latest commit

 

History

History

Kubernetes

Welcome to our comprehensive collection of learning resources for Kubernetes! Here, you'll discover a curated list of the best learning materials we've assembled just for you.

Take a moment to explore these valuable resources, handpicked to enhance your understanding of Kubernetes. We strive to provide the most up-to-date and informative content available.

Top Resources

TITILE RESOURCE LINK
Run-through of Containers & Kubernetes https://medium.com/technopanti/run-through-of-containers-kubernetes-d10bc65730be
Kubernetes Daemonset: A Comprehensive Guide https://devopscube.com/kubernetes-daemonse
Basics of Kubernetes https://merwin.hashnode.dev/basics-of-kubernetes
Kubernetes Architecture and Components https://subedi-amrit.hashnode.dev/kubernetes-architecture-and-components
Kubernetes: Ingress https://yuminlee2.medium.com/kubernetes-ingress-a7d29927fa15
Power of Persistent💿Volumes in Kubernetes https://blog.devops.dev/power-of-persistent-volumes-in-kubernetes-b1c1991102ae
Kubernetes StatefulSet - Examples & Best Practices https://loft.sh/blog/kubernetes-statefulset-examples-and-best-practices/
How To Create Kubernetes Jobs and Cronjobs – Getting Started Guide https://devopscube.com/create-kubernetes-jobs-cron-jobs/
Plunging into Kubernetes Deployments https://medium.com/@aacedeno1/plunging-into-kubernetes-deployments-56e48cd1fccf
How To Configure Kube-Prometheus https://dev.to/thenjdevopsguy/how-to-configure-kube-prometheus-4njh
Deploying Istio with Kubernetes https://www.linode.com/docs/guides/how-to-deploy-istio-with-kubernetes/
Kubernetes StatefulSet - Examples & Best Practices https://loft.sh/blog/kubernetes-statefulset-examples-and-best-practices/
Horizontal Pod Autoscaling in Kubernetes https://www.giantswarm.io/blog/horizontal-autoscaling-in-kubernetes
Basics on Kubernetes: Basic debugging with kubectl https://www-learnsteps-com.cdn.ampproject.org/c/s/www.learnsteps.com/basics-on-kubernetes-basic-debugging/amp/
Build Your First Kubernetes Application with AWS EKS https://aws.plainenglish.io/building-your-first-kubernetes-application-with-aws-eks-bc2f1e84118
Kubernetes Service Types Tutorial https://faun.pub/kubernetes-service-types-tutorial-39223391316c
How to Deploy Applications using Helm in Kubernetes AWS
How to write YAML files for Kubernetes https://eskala.io/tutorial/how-to-write-yaml-files-for-kubernetes/
Kubernetes Namespaces https://blog.cloudnloud.com/kubernetes-namespaces
Kubernetes ClusterIP https://blog.cloudnloud.com/kubernetes-clusterip
Ingress service types in Kubernetes https://medium.com/avmconsulting-blog/ingress-service-types-in-kubernetes-3e9b68b78307
Practical example of using K8s PV, PVC with Pods https://itnext.io/practical-example-of-using-k8s-pv-pvc-with-pods-5471b91d2477
How to secure applications running on Kubernetes (SSL/TLS Certificates)? https://medium.com/avmconsulting-blog/how-to-secure-applications-on-kubernetes-ssl-tls-certificates-8f7f5751d788
How to Delete a Service in Kubernetes https://linuxhandbook.com/kubectl-delete-service/
How Rolling and Rollback Deployments work in Kubernetes https://yankeexe.medium.com/how-rolling-and-rollback-deployments-work-in-kubernetes-8db4c4dce599
Schedule and Monitor Requests and Limits In Kubernetes https://medium.com/avmconsulting-blog/how-to-schedule-and-monitor-requests-and-limits-in-kubernetes-k8s-3671e98a95ac
How to Delete Pods in Kubernetes [Quick K8s Tips] https://linuxhandbook.com/kubectl-delete-pod/amp/?__twitter_impression=true&s=08
How to Implement RBAC Service type in Kubernetes? https://medium.com/avmconsulting-blog/rbac-service-type-in-kubernetes-eadf754af42f
How to configure and manage Pod in Kubernetes Cluster (K8s) https://medium.com/avmconsulting-blog/pod-in-kubernetes-cluster-k8s-adeb5b901153
Kuberenets(K8s) Architecture https://medium.com/devops-deepdive/chapter-2-kuberenets-k8s-architecture-92885e9ca6b0
Deploying a Java application in Kubernetes(k8s) https://medium.com/avmconsulting-blog/application-deployment-in-kubernetes-956472d635a1
Getting Started with Kubernetes and Container Orchestration https://levelup.gitconnected.com/getting-started-with-kubernetes-and-container-orchestration-8a579232e40b
Build a Federation of Multiple Kubernetes Clusters With Kubefed V2 https://betterprogramming.pub/build-a-federation-of-multiple-kubernetes-clusters-with-kubefed-v2-8d2f7d9e198a
Elastic Kubernetes Service (EKS) https://www.linkedin.com/pulse/elastic-kubernetes-service-eks-ritik-agarwal
Kubernetes NodePort vs LoadBalancer vs Ingress? When should I use what? https://medium.com/google-cloud/kubernetes-nodeport-vs-loadbalancer-vs-ingress-when-should-i-use-what-922f010849e0
Horizontal Pod Autoscaler in Kubernetes https://medium.com/avmconsulting-blog/horizontal-pod-autoscaler-hpa-in-kubernetes-part1-afba286becf
Kubernetes: How to provide storage to kubernetes https://www.thesocialcomment.com/blog/Kubernetes-How-to-provide-storage-to-kubernetes?pid=5ef1f1868296537a33d780fc
Kubernetes: Launching a full EKS cluster in 13 steps, more or less https://medium.com/swlh/kubernetes-launching-a-full-eks-cluster-in-13-steps-more-or-less-59451d3b115c
Build Kubernetes Autoscaling for Cluster Nodes and Application Pods https://betterprogramming.pub/build-kubernetes-autoscaling-for-cluster-nodes-and-application-pods-bb7f2d716b07
Single and Multi-Port Service in Kubernetes (K8s) https://medium.com/avmconsulting-blog/single-and-multi-port-service-in-kubernetes-k8s-8b08529d9ba6
10 most common mistakes using kubernetes https://blog.pipetail.io/posts/2020-05-04-most-common-mistakes-k8s/
How to enable kubernetes ingress https://ashwikatech.blogspot.com/2020/05/how-to-enable-kubernetes-ingress.html
A Basic Guide to Kubernetes Storage: PVS, PVCs, Statefulsets and More https://portworx.com/blog/basic-guide-kubernetes-storage/
Kubernetes’ Architecture: Understanding the components and structure of clusters https://www.padok.fr/en/blog/kubernetes-architecture-clusters
Beyond Kube-scheduler, a Need for a K8s Cluster Balancer https://medium.com/sparsecode/beyond-kube-scheduler-a-need-for-a-k8s-cluster-balancer-89cdfb242e09
An (Opinionated) Guide to Understanding Kubernetes Network Architecture https://blog.getambassador.io/a-guide-to-understanding-kubernetes-network-architecture-e5e6fd7c5a2a
Kubernetes Autoscaling 101: Cluster Autoscaler, Horizontal Pod Autoscaler, and Vertical Pod Autoscaler https://levelup.gitconnected.com/kubernetes-autoscaling-101-cluster-autoscaler-horizontal-pod-autoscaler-and-vertical-pod-2a441d9ad231
Managing secrets deployment in Kubernetes using Sealed Secrets https://aws.amazon.com/blogs/opensource/managing-secrets-deployment-in-kubernetes-using-sealed-secrets/
Spring Boot Microservices , Docker and Kubernetes workshop https://pavithra-3efn.proseful.com/spring-boot-microservices-docker-and-kubernetes-workshop
Why Is Storage On Kubernetes So Hard? https://softwareengineeringdaily.com/2019/01/11/why-is-storage-on-kubernetes-is-so-hard/
Troubleshooting DNS Issues within Kubernetes Clusters https://vexxhost.com/blog/its-always-dns/
Kubernetes Multi-Cloud and Multi-Cluster Connectivity with Submariner — Test CockroachDB Geo-Distribution/Geo-Replication https://itnext.io/kubernetes-multi-cloud-and-multi-cluster-connectivity-with-submariner-test-cockroachdb-b79662209bd7
Build-Test-Deploy with Kubernetes (CI/CD) https://medium.com/@maheshd7878/build-test-and-deploy-on-kubernetis-2c95a08a8a1c
Kubernetes CI/CD using Jenkins on Google Cloud https://medium.com/avmconsulting-blog/kubernetes-ci-cd-using-jenkins-on-google-cloud-5b10da6147a6
Boosting your kubectl productivity https://learnk8s.io/blog/kubectl-productivity
Know Kubernetes — Pictorially https://blog.tarkalabs.com/know-kubernetes-pictorially-f6e6a0052dd0
Kubernetes deployment strategies https://blog.container-solutions.com/kubernetes-deployment-strategies

Kubernetes

Getting started with Kubernetes

Name Comments
kubernetes.io Official Kubernetes site by Google
Kubernetes 101 Great beginner article on Kubernetes fundamental concepts
Kubernetes Tutorial for Beginners Full video of 4 hours on Kubernetes (2020)
Learning Path: Kubernetes From basic to advanced Kubernetes learning series
Kubernetes 101 - Concepts and Why It Matters
kubernetes-workshop
Kubernetes Deployment Tutorial
Katacoda Learn Kubernetes using Interactive Browser-Based Scenarios
Kubernetes Scheduler How does the Kubernetes scheduler work?

Kubernetes - Deep Dive

Name Comments
Kubernetes Networking Kubernetes Networking Resources
Liveness and Readiness Probes

Kubernetes - Troubleshooting

Name Comments
troubleshoot.sh "A kubectl plugin providing diagnostic tools for Kubernetes applications"
Kubernetes Troubleshooting Visual Guide

Kubernetes - Security

Name Comments
Kubescape "Kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by NSA and CISA"
Falco "Falco...is the de facto Kubernetes threat detection engine"

Kubernetes - Misc

Name Comments
confTest "Conftest is a utility to help you write tests against structured configuration data" (Used in the development phase)
datree "Prevent Kubernetes Misconfigurations From Reaching Production" (Used in development phase)
gatekeeper Used in the production
telepresence "FAST, LOCAL DEVELOPMENT FOR KUBERNETES AND OPENSHIFT MICROSERVICES"
Kubernetes CheatSheet
OperatiorHub.io Kubernetes native applications
YAML templates
Kubesort "kubesort helps you sort the results from kubectl get in an easy way"
IngressMonitorController "A Kubernetes controller to watch ingresses and create liveness alerts for your apps/microservices"

Kubernetes - SRE

Name Comments
KubeInvaders "Chaos Engineering Tool for Kubernetes and Openshift"

Kubernetes - Certificates

Name Comments
CKAD-Practice-Questions "a consolidated list for CKAD practice questions"
CKAD Prep Exam Video A video of doing a CKAD prep exam (2020)
CKA Complete Prep Exam CKA prep exam (2021)
CKAD Complete Prep Exam CKAD prep exam (2021)
CKS Complete Prep Exam CKA prep exam (2021)

Kubernetes - Labs

Name Comments
Building a Kubernetes 1.23 Cluster with Kubeadm "Labs CKA - Build a Kubernetes cluster 1.23"

Best Practices

Security Best Practices

  • Secure inter-service communication (one way is to use Istio to provide mutual TLS)
  • Isolate different resources into separate namespaces based on some logical groups
  • Use supported container runtime (if you use Docker then drop it because it's deprecated. You might want to CRI-O as an engine and podman for CLI)
  • Test properly changes to the cluster (e.g. consider using Datree to prevent kubernetes misconfigurations)
  • Limit who can do what (by using for example OPA gatekeeper) in the cluster
  • Use NetworkPolicy to apply network security
  • Consider using tools (e.g. Falco) for monitoring threats

CheatSheet

Minikube

  • Minikube version: minikube version
  • Start cluster: minikube start
  • Delete cluster: minikube delete

Common Kubectl Operations

  • Create objects defined in a YAML: kubectl apply -f rs.yaml

Service Accounts

  • List service accounts: kubectl get serviceaccounts

Cluster

  • Cluster version: kubectl version
  • Cluster information: kubectl cluster-info
  • List nodes: kubectl get nodes

Images

  • List all containers images from all namespaces:
kubectl get pods --all-namespaces -o jsonpath="{.items[*].spec.containers[*].image}" |\
tr -s '[[:space:]]' '\n' |\
sort |\
uniq -c

Pods

  • List of Pods in current namespace: kubectl get po

  • List of Pods in all amespaces: kubectl get po --all-namespaces

  • Get containers names: kubectl get po <POD_NAME> -o jsonpath="{.spec.containers[*].name}"

  • Create a Pod from file: kubectl create -f pod_definition.yaml

  • Delete a Pod using a YAML definition: kubectl delete -f pod_definition.yaml

  • Delete a Pod using the Pod name: kubectl delete <POD_NAME>

  • Delete a Pod instantly: kubectl delete <POD_NAME> --grace-period=0 --force

  • Execute commands inside a container: kubectl exec -it -c <CONTAINER_NAME> <POD_NAME> ls

  • Display logs of a Pod: kubectl logs <POD_NAME>

  • Display logs of a specific container in a Pod: kubectl logs <POD_NAME> -c <CONTAINER_NAME>

  • Get Pod name based on specific labels

POD_NAME=$(kubectl get pod \
--no-headers \
-o=custom-columns=NAME:.metadata.name \
-l type=api,service=some-service \
| tail -1)
  • Get pods sorted by time creation: kubectl get pods --sort-by='{.metadata.creationTimestamp}'
  • Run long/endless running container: kubectl run test --image ubuntu -- sleep 2000000000
  • Get a shell access to a container: kubectl exec --stdin --tty some-shell -- /bin/bash

User

  • Creating a new user
openssl genrsa -out user.key 2048 # create key
openssl req key user.key user.csr -subj "/CN=user /O=sgroup" # create csr
openssl x509 -req -in user.csr -CA ca.crt -CAkey ca.key -CAcreateseral -out user.crt -days 365
kubectl config set-credentials myuser --client-certificates=$PWD/user.crt --client-key=$PWD/user.key
kubectl config set-context myuser-context --cluster=k8s-cluster --user=user

Service

  • Expose a ReplicaSet: kubectl expose rs REPLICASET_NAME --name=SERVICE_NAME --target-port=PORT --type=NodePort/SOME_OTHER_SERVICE_TYPE

Deployment

  • Create and delete a deployment in one step:
$ kubectl create deployment demo --image=cloudnatived/demo:hello

$ kubectl get pods --selector app=demo

$ kubectl delete pods --selector app=demo

$ kubectl delete all --selector app=demo

Aliases

  • Use kubectl aliases to speed up and reduce typo errors, practice these alaises early at your work and study for the exam. some example aliases:
alias k='kubectl'
alias kg='kubectl get'
alias kgpo='kubectl get pod'
alias kcpyd='kubectl create pod -o yaml --dry-run=client'
alias ksysgpo='kubectl --namespace=kube-system get pod'

alias kd='kubectl delete'
alias kdf='kubectl delete -f'
## for quick deletes you can add --force --grace-period=0  **Not sure if it is a good idea if you are in a production cluster**
alias krmgf='kubectl delete --grace-period 0 --force'
alias kgsvcoyaml='kubectl get service -o=yaml'
alias kgsvcwn='watch kubectl get service --namespace'
alias kgsvcslwn='watch kubectl get service --show-labels --namespace'

#example usage of aliases
krmgf nginx-8jk71    # kill pod nginx-8jk71 using grace period 0 and force

Monitoring

  • Install metrics-server using Minikube: minikube addons enable metrics-server

Secrets

  • Install Bitnami Sealed secrets controller
helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets
helm repo update
helm install sealed-secrets-controller sealed-secrets/sealed-secrets
  • sealed-secrets binary: https://github.com/bitnami-labs/sealed-secrets/releases

  • encrypt secret in yaml or json format: kubeseal -n my-namespace <.db-creds.yml> db-creds.json

  • apply secret on the cluser: kubectl apply -f db-creds.json -n my-namespace

Kustomize

  • Generate customized YAML file(s): kustomize build name_of_application
  • Apply generated customized YAML file(s) to the cluster: kustomize build name_of_application

If you have any additional resources or links that you believe would benefit others, please feel free to contribute. Our goal is to create a repository of the best learning materials, ensuring everyone has access to top-notch content.

We appreciate your visit to this repository. If you find our initiatives valuable, kindly star this repository to show your support.

Thank you once again, and happy learning!