Introduction This post is a review and notes of some Istio tutorials around with the latest version, again the base cluster is created by kind and is being used as a CNI. NAMESPACE NAME READY STATUS RESTARTS AGE kube-system calico-kube-controllers-5c6f6b67db-8rx2s 1/1 Running 0 4h26m kube-system calico-node-9fccq 1/1 Running 0 4h26m kube-system calico-node-b77sb 1/1 Running 0 4h26m kube-system calico-node-jf4z2 1/1 Running 0 4h26m kube-system calico-node-sl9qd 1/1 Running 0 4h26m kube-system coredns-74ff55c5b-dbwpl 1/1 Running 0 4h27m kube-system coredns-74ff55c5b-gpvz7 1/1 Running 0 4h27m kube-system etcd-calico-control-plane 1/1 Running 0 4h27m kube-system kube-apiserver-calico-control-plane 1/1 Running 0 4h27m kube-system kube-controller-manager-calico-control-plane 1/1 Running 0 4h27m kube-system kube-proxy-cc8sr 1/1 Running 0 4h27m kube-system kube-proxy-gbkl6 1/1 Running 0 4h27m kube-system kube-proxy-j2blv 1/1 Running 0 4h27m kube-system kube-proxy-jp9xm 1/1 Running 0 4h27m kube-system kube-scheduler-calico-control-plane 1/1 Running 0 4h27m local-path-storage local-path-provisioner-78776bfc44-m7kpq 1/1 Running 0 4h27m Installation This workshop one is made for GCP, but we are using a local cluster with Kind, Bypass old installation methods, and use the latest installation on v1.

Introduction This post is a walkthrough on using a Windows node to run network policies with agnhost:2.26 mappings in order to understand how suitable the netpol suite is ready for it. https://github.com/kubernetes/kubernetes/tree/master/test/e2e/network/netpol Setting up the cluster Our master needs to be on Linux, so a GCP Vm with COS is being used, following up the quickstart on this node: https://docs.projectcalico.org/getting-started/kubernetes/quickstart Start the cluster in the following subnet with Kubeadm: sudo kubeadm init --pod-network-cidr=192.

Network policy This post documents a few steps to test the E2E framework using the Kind cluster with different CNIs, giving the developer some good tooling for debugging and quick test replication. Use this script to bring a Kind cluster with a specific CNI setup. Finding the config parameters In the ~/.kube/config you can find the Cluster sections host, use the IP and Port to start the tests. apiVersion: v1 clusters: - cluster: certificate-authority-data: .

Introduction On Kubernetes 1.10+ a new way to configure Kubelet via YAML became v1beta1, the struct KubeletConfiguration become available via the –config flag. So most of the regular ones can be configured via this file. This approach is extensively used by kubeadm for setting up the installation as was noted in last post. The idea of this post now is to do a code walkthrough and take a look in some KEPs and designs for the subsystem that reload this configuration at flight giving Kubelet a Dynamic Configuration capacity, this feature became beta on 1.

Introduction This post reflects some work on setting up a development environment for Kubernetes. We must have Goland, Virtualbox, Delve and MacOS installed. If you're using Linux probably the vm part is not necessary. Installing the tools VirtualBox Since we are on MacOSX, and Kubelet nodes works only on Linux and Windows the setup of a vm is necessary for this step a Debian Buster image is going to be used, the Virtualbox is 6.

Networking The first and easiest way to access the Pod container port is via port-forward command: $ kubectl port-forward <pod_name> <local_port>:<remote_port> Take a look on the dynamic port-forwarder. Service An abstract way to expose an application running on a set of Pods as a network service. a Service is an abstraction which defines a logical set of Pods and a policy by which to access them .

ReplicaSets A ReplicaSet’s purpose is to maintain a stable set of replica Pods running at any given time. So, starting with the ReplicaSetSpec. // ReplicaSetSpec is the specification of a ReplicaSet. type ReplicaSetSpec struct { // Replicas is the number of desired replicas. // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller Replicas *int32 `json:"replicas,omitempty"` // Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available.

Container from PodSpec The abstraction of the container is find inside a list of Container objects inside the PodSpec, it means the possibility to create multiple containers in a unique Pod. // A single application container that you want to run within a pod. type Container struct { // Name of the container specified as a DNS_LABEL. Name string `json:"name"` // Docker image name. // More info: https://kubernetes.

Introduction Lets take a look in the default Kind definition of the Pod, with this we can enumerate all the fields and attached capabilities of the Pod. For this post only the main Spec of the Pod object is going to be detailed with examples and tasks, we let the container configuration for other posts. Get after it. POD diagram Pod struct PS: The detailing and lab section above extracts text, insights and possible examples from the links in the Spec struct.

Introduction This is swiss-knife of the Kubernetes operator, the kubectl is a tools for translating declarative resources in Kubernetes objects via the API, so the operator can load, remove or update workloads, configurations and more. The main source of truth is the Kubectl book but this post will try to summarize and organize the main capabilities of the tool. Kubectl debugging and API server Kubectl is a client for the master API server, you can confirm this fact settings the verbose to 8, and you can fetch both the request and the response.