Pinter Computing – Page 34 – Knowledge Base for IT Professionals, Teachers and Astronauts

Kubernetes overview

Kubernetes Hierarchy

image
container
pod ( one or more containers that would be deployed together on the same host to share volumes )
deployment
service

Kubelet

Kubelets run on every host to start and stop pods and communicate with the Docker engine on the host level.

Kube-proxy

Kube-proxies also run on every host to redirect the traffic to specific services and pods.

Container Linux

Container Linux by CoreOS (formerly known as CoreOS Linux, or just CoreOS) an OS specifically designed to run containers, a lightweight Linux distribution that uses containers to run applications. It does not even have a package manager, but contains the basic GNU Core Utilities for administration. It also include include Kubelet, Docker, etcd and flannel.

Kubernetes Networking

Flannel

Flannel gives each host a separate IP subnet range to prevent IP address collisions, providing a unique IP address to each container. Flannel is the standard SDN ( software-defined network ) tool for CoreOS (Container Linux), it is shipped with the distribution.

Calico

Calico provides security in the Kubernetes cluster. By default in the Kubernetes cluster any pod can communicate to any other pod on any host. Calico restricts the inter pod communication using namespaces and selectors. It allows the communication from the host to the pods to enable health checks. Calico has tight integration with Flannel.

Canal

As Calico and Flannel nicely fit together, Canal is the combination of the two to provide a comprehensive inter-pod networking solution in the Kubernetes cluster.

Kubernetes commands

kubectl get – list resources
kubectl describe – show detailed information about a resource
kubectl logs – print the logs from a container in a pod
kubectl exec – execute a command on a container in a pod

List existing pods

kubectl get pods

Get detailed information on the pods

kubectl describe pods

Start a proxy to access the containers within the pod

kubectl proxy

Get the pod name and store it in the POD_NAME environment variable

export POD_NAME=$(kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
echo Name of the Pod: $POD_NAME

Access an API running in the pod. The name of the pod is in the POD_NAME environment variable

curl http://localhost:8001/api/v1/namespaces/default/pods/POD_NAME/proxy/

View the STDOUT of the only container of the pod

kubectl logs POD_NAME

View the STDOUT of a specific container of the pod

kubectl logs POD_NAME -c CONTAINER_NAME

View the STDOUT of all containers of the pod

kubectl logs POD_NAME --all-containers=true

Execute a command in the only container of the pod

kubectl exec POD_NAME MY_COMMAND

Execute a command in a container of the pod

kubectl exec POD_NAME -c CONTAINER_NAME MY_COMMAND

Start a Bash session in the container (container name is optional if the pod has only one container)

kubectl exec -ti POD_NAME -c CONTAINER_NAME bash

To check an API from the Bash console within the container (use localhost to address it within the container)

curl localhost:8080

Force the deletion of all pods of a deployment

Make sure the MY_DEPLOYMENT_NAME only returns the pods you really want to delete

# IMPORTANT!!!
# First make sure the query only returns the list of pods you really want to delete

kubectl get pods | grep MY_DEPLOYMENT_NAME | awk '{print $1}')

Execute the command to delete the pods

while IFS= read -r result
do
    kubectl delete pod $result --grace-period=0 --force
done < <(kubectl get pods | grep MY_DEPLOYMENT_NAME | awk '{print $1}')

warning: Insecure world writable dir … in PATH, mode 040777

When you test your Chef cookbook in Test Kitchen you may get the following warning:

warning: Insecure world writable dir MY_DIRECTORY/PATH in PATH, mode 040777

To stop this warning message, execute

chmod 755 MY_DIRECTORY/PATH

Install missing commands on Linux distributions

On some lean systems, mostly in Docker containers, some important commands are not readily available. The table below shows the command to install them.

To get the name of the Linux distribution execute

cat /etc/os-release

To find the package that contains the command, install apt-file

sudo apt-get install apt-file

Update the file package mapping database

sudo apt-file update

Search for the command at the end of the path

apt-file search --regexp '/MY_COMMAND$'

Select the package that contains the command in the standard path (/usr/bin/)

To get more information on the package

apt-cache show MY_PACKAGE

Application install commands

Application	RHEL, CentOS	Ubuntu, Debian
free, kill, pkill, pgrep, pmap, ps, pwdx, skill, slabtop, snice, sysctl, tload, top, uptime, vmstat, w, watch		apt-get install procps
telnet	yum install telnet -y	apt-get install telnet

The advancement of computer programming and personal computer technology

If you really know one programming language, you can learn others too. The most important part is to understand the concept of computer programming. All languages are built on similar type of instructions, some of them require a semicolon at the end of the line, others don’t. Some of them use curly braces {} to group instructions, others use indentation.

All of them allow you to make decisions, usually with the keyword IF, assign values to variables with =, read the keyboard, write to the screen, read and write the disk, and the network. Loop through items with FOR, FOREACH, and WHILE, address array elements with [0..]. You only have to learn a few English words and the syntax to use them.

The internet, and especially Stack Overflow is a great resource to find sample code that does what you need. Avoid assembling your program by copy pasting code from the internet. Try to understand the examples, and write your own lines to be able to really understand and maintain it.

The list below shows the advancement of personal computer technology. I have added the usual hardware specifications, the most popular operating systems, and important programming languages. The dates are not when the technology was announced, but when the average user started to use it.

1981

IBM Mainframe, magnetic tape and large format magnetic disk storage

Fortran

Homemade personal computer with no permanent storage

Basic

“Midrange” computer (16 KB solid state or magnetic-core RAM, large format magnetic disk storage )

Basic

1984

ZX 81 (3.25 MHz processor, first 1 KB, later 16 KB RAM, compact audio cassette storage)

ZX Spectrum (3.5 MHz processor, 16 KB RAM, compact audio cassette storage)

Commodore 64 (1 MHz processor, 64 KB RAM, 5.4″ floppy disk)

Basic for data processing
Simon Basic for graphical user interface

IBM PC( 4.7 MHz processor, first 128 KB, later 256 KB RAM, 5.4″ floppy disk, later 10 or 20 MB 5.4″ hard drive)

DOS

dBase
Clipper
FoxPro

1987

IBM XT ( 4.7-12 MHz processor, 16 MB RAM)

DOS

Lotus 123 spreadsheet for engineering calculations

LISP for AutoCAD menus

1994

IBM 386 ( 40 MHz processor, 256 MB RAM)

DOS, Windows 3.1

FoxPro
Visual FoxPro
Visual Basic
SQL

1998

IBM clone( 40 MHz processor, 256 MB RAM)

Windows 95

PowerBuilder
Jaguar for web application server
ASP for web UI
SQL databases

2000

IBM clone ( 150 MHz processor, 512 MB RAM)

Windows 98, Windows ME, Windows 2000

ASP for web UI
Visual Basic
SQL databases

Linux Debian

Bash

2003

( 1 GHz processor, first 1 GB, later 4 GB RAM)

Windows Server 2003

C#
C++
Java
SQL databases

2008

( 1 GHz processor, first 4 G, later 32 GB RAM)

Windows Server 2008

2015

Windows 7 laptop (2 GHz processor, 6 GB RAM, 500 GB HD)

Windows Server 2012 R2 virtual machines in the cloud ( 2 GHz processor, 4 – 32 GB RAM)

PowerShell

Linux RedHat 7 ( virtual machines in the cloud 2 GHz processor, 4 – 32 GB RAM)

Bash

MacBook Pro laptop (2.5 GHz i7 processor, 16 GB RAM, 1TB SSD storage)

Packer
Terraform
Ruby
PowerShell ( on Windows 10 virtual machine )
Chef
ServerSpec
InSpec
Chocolatey

2019

MacBook Pro (5 GHz i9 processor, 32 GB RAM, 1TB SSD storage)

Docker
Kubernetes
Golang

Install Windows from a USB drive

Modern computers don’t have DVD drives anymore. To install Windows on a new system you need to place the Windows installation media on a bootable USB drive. To prepare the bootable USB drive you need a working computer with Windows.

Create the bootable USB media

Insert an at least 8 GB USB or 8 GB writeable DVD disk into your old computer (all files will be deleted from the USB drive)
Browse to the download page:
- for Windows 10: https://www.microsoft.com/en-us/software-download/windows10
- for Windows 11: https://www.microsoft.com/en-us/software-download/windows11
click the Download tool now button to download the media creator tool
Follow the instructions on the page to prepare the bootable USB drive

Install Windows

Restart the computer and enter into the BIOS settings
- On Toshiba laptops press the F2 key while the Toshiba logo is shown
Set the USB drive as the first item in the boot order and save the new BIOS settings
When the computer boots from the USB drive follow the instructions to install the Operating system
When the computer automatically reboots during the OS installation, remove the USB drive to let the machine boot from the hard drive and complete the Windows configuration.

Using MSSQL

Assign a database security role to a Windows security group

EXEC sp_grantlogin 'BUILTIN\Administrators'
EXEC sp_addsrvrolemember 'BUILTIN\Administrators','sysadmin'

List the members of a database server group

EXEC master..xp_logininfo
  @acctname = 'Builtin\Administrators',
  @option = 'members'     -- show group members

Microsoft SQL Server clients

To connect to an MSSQL database

on Macintosh

Install the Azure Data Studio
- Download it from Download and install Azure Data Studio

on Windows

Install SSMS (SQL Server Management Studio
- Download it from Download SQL Server Management Studio (SSMS)
Install the Azure Data Studio
- Download it from Download and install Azure Data Studio

Docker Compose commands

To view the final configuration values of the docker-config.yml file after reading the environment variables from .env file, and all variable substitutions are done

Make sure the config file in the current directory is named docker-compose.yml
Execute

docker-compose config

Connect the Portainer Server to an existing Portainer Agent

With Portainer we can monitor multiple Docker Swarms from one Portainer Server. To connect an existing Portainer server to an agent

Configure the Agent

For security reasons, by default, the Portainer Agent only accepts connection from the first Portainer Server it encounters. To enable the Portainer Agent to connect to multiple Portainer Servers, add the AGENT_SECRET environment variable to the docker-compose.yml file of the Agent. This is necessary if you launch a Portainer Server on the Docker host and connect to the local Agent to test it. Without specifying the AGENT_SECRET, another Portainer Server cannot connect to the same agent.
Publish the Agent port on the host network

    environment:
      # REQUIRED: Should be equal to the service name prefixed by "tasks." when
      # deployed inside an overlay network
      AGENT_CLUSTER_ADDR: tasks.agent
      # AGENT_PORT: 9001
      # LOG_LEVEL: debug
      AGENT_SECRET: my_secret_token
    ports:
      - target: 9001
        published: 9001
        protocol: tcp
        mode: host

Configure the Server

Add the AGENT_SECRET environment variable to the docker-compose.yml file of the Server

    environment:
      AGENT_SECRET: my_secret_token

Add the endpoint to the Portainer Server

Log into the Portainer Server
Navigate to the Endpoints page
Click the Add Endpoint button
Select the Agent endpoint type
Enter the IP address and the port number ( by default 9001 ) of the Portainer Agent