michaljemala · September 14, 2019 22:29 · Aug 30, 2017 · Aug 30, 2017 · Aug 30, 2017 · Aug 30, 2017
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -199,6 +199,7 @@ $ kubectl describe
 $ kubectl logs
 $ kubectl exec
 $ kubectl get nodes --show-labels
+$ kubectl get events
 ```
 
 Docs Cluster: 

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -201,7 +201,9 @@ $ kubectl exec
 $ kubectl get nodes --show-labels
 ```
 
-Docs Cluster: https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/
+Docs Cluster: 
+- https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/
+- https://github.com/kubernetes/kubernetes/wiki/Debugging-FAQ
 
 ## Role Based Access Control
 

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -201,6 +201,8 @@ $ kubectl exec
 $ kubectl get nodes --show-labels
 ```
 
+Docs Cluster: https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/
+
 ## Role Based Access Control
 
 - Role

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -233,3 +233,7 @@ Network isolation at Pod level by using annotations
 ```
 $ kubectl annotate ns <namespace> "net.beta.kubernetes.io/network-policy={\"ingress\": {\"isolation\": \"DefaultDeny\"}}"
 ```
+
+More about Network Policies as a resource: 
+
+https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy/
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -21,6 +21,8 @@ List of general purpose commands for Kubernetes management:
 - [Troubleshooting](#troubleshooting)
 - [Role Based Access Control (RBAC)](#role_based_access_control)
 - [Security Contexts](#security_contexts)
+- [Pod Security Policies](#pod_security_policies)
+- [Network Policies](#network_policies)
 
 ## VIM Setup for Yaml files
 
@@ -220,3 +222,14 @@ Docs: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
  - securityCOntext
    - runAsNonRoot: true
 
+## Pod Security Policies
+
+Docs: https://github.com/kubernetes/kubernetes/blob/master/examples/podsecuritypolicy/rbac/README.md
+
+## Network Policies
+
+Network isolation at Pod level by using annotations
+
+```
+$ kubectl annotate ns <namespace> "net.beta.kubernetes.io/network-policy={\"ingress\": {\"isolation\": \"DefaultDeny\"}}"
+```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -20,6 +20,7 @@ List of general purpose commands for Kubernetes management:
 - [Taints and Tolerations](#tains_and_tolerations)
 - [Troubleshooting](#troubleshooting)
 - [Role Based Access Control (RBAC)](#role_based_access_control)
+- [Security Contexts](#security_contexts)
 
 ## VIM Setup for Yaml files
 
@@ -211,4 +212,11 @@ $ kubectl create rolebinding foo --role=fluent-reader --user=minikube
 $ kubectl get rolebinding foo -o yaml
 ```
 
-## Security Contexts
+## Security Contexts
+
+Docs: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+
+- spec
+ - securityCOntext
+   - runAsNonRoot: true
+
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -203,4 +203,12 @@ $ kubectl get nodes --show-labels
 - Role
 - ClusterRule
 - Binding
-- ClusterRoleBinding
+- ClusterRoleBinding
+
+```
+$ kubectl create role fluent-reader --verb=get --verb=list --verb=watch --resource=pods
+$ kubectl create rolebinding foo --role=fluent-reader --user=minikube
+$ kubectl get rolebinding foo -o yaml
+```
+
+## Security Contexts
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -18,7 +18,7 @@ List of general purpose commands for Kubernetes management:
 - [Horizontal Pod Autoscalers](#horizontal-pod-autoscalers)
 - [Scheduler](#scheduler)
 - [Taints and Tolerations](#tains_and_tolerations)
-- [Troubleshooting](#troubleshooting
+- [Troubleshooting](#troubleshooting)
 - [Role Based Access Control (RBAC)](#role_based_access_control)
 
 ## VIM Setup for Yaml files
@@ -198,4 +198,9 @@ $ kubectl exec
 $ kubectl get nodes --show-labels
 ```
 
-## Role Based Access Control
+## Role Based Access Control
+
+- Role
+- ClusterRule
+- Binding
+- ClusterRoleBinding
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -19,6 +19,7 @@ List of general purpose commands for Kubernetes management:
 - [Scheduler](#scheduler)
 - [Taints and Tolerations](#tains_and_tolerations)
 - [Troubleshooting](#troubleshooting
+- [Role Based Access Control (RBAC)](#role_based_access_control)
 
 ## VIM Setup for Yaml files
 
@@ -195,4 +196,6 @@ $ kubectl describe
 $ kubectl logs
 $ kubectl exec
 $ kubectl get nodes --show-labels
-```
+```
+
+## Role Based Access Control
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -194,4 +194,5 @@ $ kubectl taint node master foo=bar:NoSchedule
 $ kubectl describe
 $ kubectl logs
 $ kubectl exec
+$ kubectl get nodes --show-labels
 ```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -18,6 +18,7 @@ List of general purpose commands for Kubernetes management:
 - [Horizontal Pod Autoscalers](#horizontal-pod-autoscalers)
 - [Scheduler](#scheduler)
 - [Taints and Tolerations](#tains_and_tolerations)
+- [Troubleshooting](#troubleshooting
 
 ## VIM Setup for Yaml files
 
@@ -186,3 +187,11 @@ $ curl -H "Content-Type: application/json" -X POST --data @binding.json http://l
 ```
 $ kubectl taint node master foo=bar:NoSchedule
 ```
+
+## Troubleshooting
+
+```
+$ kubectl describe
+$ kubectl logs
+$ kubectl exec
+```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -174,6 +174,13 @@ NodeSelector based policy:
 $ kubectl label node minikube foo=bar
 ```
 
+Node Binding through API Server:
+
+```
+$ kubectl proxy 
+$ curl -H "Content-Type: application/json" -X POST --data @binding.json http://localhost:8001/api/v1/namespaces/default/pods/foobar-sched/binding
+```
+
 ## Tains and Tolerations
 
 ```

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -52,6 +52,7 @@ $ kubectl get pods
 $ kubectl get pods --all-namespaces
 $ kubectl get pod monkey -o wide
 $ kubectl get pod monkey -o yaml
+$ kubectl describe pod monkey
 ```
 
 ## Create Deployments

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -17,6 +17,7 @@ List of general purpose commands for Kubernetes management:
 - [Ingress](#ingress)
 - [Horizontal Pod Autoscalers](#horizontal-pod-autoscalers)
 - [Scheduler](#scheduler)
+- [Taints and Tolerations](#tains_and_tolerations)
 
 ## VIM Setup for Yaml files
 
@@ -170,4 +171,10 @@ NodeSelector based policy:
 
 ```
 $ kubectl label node minikube foo=bar
-```
+```
+
+## Tains and Tolerations
+
+```
+$ kubectl taint node master foo=bar:NoSchedule
+```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -16,6 +16,7 @@ List of general purpose commands for Kubernetes management:
 - [ConfigMaps](#configmaps)
 - [Ingress](#ingress)
 - [Horizontal Pod Autoscalers](#horizontal-pod-autoscalers)
+- [Scheduler](#scheduler)
 
 ## VIM Setup for Yaml files
 
@@ -161,4 +162,12 @@ $ kubectl autoscale --help
 ```
 $ kubectl get daemonsets
 $ kubectl get ds
+```
+
+## Scheduler
+
+NodeSelector based policy:
+
+```
+$ kubectl label node minikube foo=bar
 ```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -154,4 +154,11 @@ When heapster runs:
 ```
 $ kubectl get hpa
 $ kubectl autoscale --help
+```
+
+## DaemonSets
+
+```
+$ kubectl get daemonsets
+$ kubectl get ds
 ```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -15,6 +15,7 @@ List of general purpose commands for Kubernetes management:
 - [Secrets](#secrets)
 - [ConfigMaps](#configmaps)
 - [Ingress](#ingress)
+- [Horizontal Pod Autoscalers](#horizontal-pod-autoscalers)
 
 ## VIM Setup for Yaml files
 
@@ -145,4 +146,12 @@ $ kubectl expose deployment ghost --port=2368
 Spec for ingress:
 
 - [backend](https://github.com/kubernetes/ingress/tree/master/examples/deployment/nginx)
-
+
+## Horizontal Pod Autoscaler
+
+When heapster runs:
+
+```
+$ kubectl get hpa
+$ kubectl autoscale --help
+```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -14,6 +14,7 @@ List of general purpose commands for Kubernetes management:
 - [Volumes](#volumes)
 - [Secrets](#secrets)
 - [ConfigMaps](#configmaps)
+- [Ingress](#ingress)
 
 ## VIM Setup for Yaml files
 
@@ -130,4 +131,18 @@ Check DNS for pod nginx (assuming a busybox POD/container is running)
 $ kubectl exec -ti busybox -- nslookup nginx
 ```
 
-> Note: kube-proxy running in the worker nodes manage services and set iptables rules to direct traffic.
+> Note: kube-proxy running in the worker nodes manage services and set iptables rules to direct traffic.
+
+## Ingress
+
+Commands to manage Ingress for ClusterIP service type:
+
+```
+$ kubectl get ingress
+$ kubectl expose deployment ghost --port=2368
+```
+
+Spec for ingress:
+
+- [backend](https://github.com/kubernetes/ingress/tree/master/examples/deployment/nginx)
+
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -129,3 +129,5 @@ Check DNS for pod nginx (assuming a busybox POD/container is running)
 ```
 $ kubectl exec -ti busybox -- nslookup nginx
 ```
+
+> Note: kube-proxy running in the worker nodes manage services and set iptables rules to direct traffic.
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -122,4 +122,10 @@ List DNS-PODs:
 
 ```
 $ kubectl get pods --all-namespaces |grep dns
-```
+```
+
+Check DNS for pod nginx (assuming a busybox POD/container is running)
+
+```
+$ kubectl exec -ti busybox -- nslookup nginx
+```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -114,5 +114,12 @@ $ kubectl get secrets mysql -o yaml
 ```
 $ kubectl create configmap foobar --from-file=config.js
 $ kubectl get configmap foobar -o yaml
+```
+
+## DNS
 
+List DNS-PODs:
+
+```
+$ kubectl get pods --all-namespaces |grep dns
 ```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -13,6 +13,7 @@ List of general purpose commands for Kubernetes management:
 - [Services](#services)
 - [Volumes](#volumes)
 - [Secrets](#secrets)
+- [ConfigMaps](#configmaps)
 
 ## VIM Setup for Yaml files
 
@@ -108,3 +109,10 @@ $ kubectl create secret generic --help
 $ kubectl create secret generic mysql --from-literal=password=root
 $ kubectl get secrets mysql -o yaml
 ```
+## ConfigMaps
+
+```
+$ kubectl create configmap foobar --from-file=config.js
+$ kubectl get configmap foobar -o yaml
+
+```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -12,6 +12,7 @@ List of general purpose commands for Kubernetes management:
 - [POD Upgrade / History](#pod-upgrade-and-history)
 - [Services](#services)
 - [Volumes](#volumes)
+- [Secrets](#secrets)
 
 ## VIM Setup for Yaml files
 
@@ -98,3 +99,12 @@ Lits Persistent Volumes and Persistent Volumes Claims:
 $ kubectl get pv
 $ kubectl get pvc
 ```
+
+## Secrets
+
+```
+$ kubectl get secrets
+$ kubectl create secret generic --help
+$ kubectl create secret generic mysql --from-literal=password=root
+$ kubectl get secrets mysql -o yaml
+```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -92,7 +92,7 @@ $ kubectl expose deployment/monkey --port=2001 --type=NodePort
 
 ## Volumes
 
-Lits Persisten Volumes and Persistent Volumes Claims:
+Lits Persistent Volumes and Persistent Volumes Claims:
 
 ```
 $ kubectl get pv

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -11,6 +11,7 @@ List of general purpose commands for Kubernetes management:
 - [Scaling PODs](#scaling-pods)
 - [POD Upgrade / History](#pod-upgrade-and-history)
 - [Services](#services)
+- [Volumes](#volumes)
 
 ## VIM Setup for Yaml files
 
@@ -88,3 +89,12 @@ Expose PODs as services (creates endpoints)
 ```
 $ kubectl expose deployment/monkey --port=2001 --type=NodePort
 ```
+
+## Volumes
+
+Lits Persisten Volumes and Persistent Volumes Claims:
+
+```
+$ kubectl get pv
+$ kubectl get pvc
+```
diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -17,9 +17,21 @@ List of general purpose commands for Kubernetes management:
 Put the following lines in ~/.vimrc:
 
 ```
+" Yaml file handling
 autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
 filetype plugin indent on
 autocmd FileType yaml setl indentkeys-=<:>
+
+" Copy paste with ctr+c, ctr+v, etc
+:behave mswin
+:set clipboard=unnamedplus
+:smap <Del> <C-g>"_d
+:smap <C-c> <C-g>y
+:smap <C-x> <C-g>x
+:imap <C-v> <Esc>pi
+:smap <C-v> <C-g>p
+:smap <Tab> <C-g>1> 
+:smap <S-Tab> <C-g>1<
 ```
 
 Keyboard hints:

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -14,15 +14,18 @@ List of general purpose commands for Kubernetes management:
 
 ## VIM Setup for Yaml files
 
-Plase the following lines in ~/.vimrc:
+Put the following lines in ~/.vimrc:
 
 ```
 autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
 filetype plugin indent on
 autocmd FileType yaml setl indentkeys-=<:>
-
 ```
 
+Keyboard hints:
+
+- ctrl + f: auto indent line (requires INSERT mode)
+
 ## PODS
 
 ```

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -1,5 +1,9 @@
 # Kubernetes Commands
 
+Helper setup to edit .yaml files with Vim:
+
+- [VIM Setup for Yaml files](#vim-setup-for-yaml-files)
+
 List of general purpose commands for Kubernetes management:
 
 - [PODS](#pods)
@@ -8,6 +12,17 @@ List of general purpose commands for Kubernetes management:
 - [POD Upgrade / History](#pod-upgrade-and-history)
 - [Services](#services)
 
+## VIM Setup for Yaml files
+
+Plase the following lines in ~/.vimrc:
+
+```
+autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
+filetype plugin indent on
+autocmd FileType yaml setl indentkeys-=<:>
+
+```
+
 ## PODS
 
 ```

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -47,6 +47,12 @@ $ kubectl rollout undo deployment/DEPLOYMENT_NAME --to-revision=N
 
 ## Services
 
+List services
+
+```
+$ kubectl get services
+```
+
 Expose PODs as services (creates endpoints)
 
 ```

diff --git a/kubernetes_commands.md b/kubernetes_commands.md
@@ -6,22 +6,23 @@ List of general purpose commands for Kubernetes management:
 - [Create Deployments](#create-deployments)
 - [Scaling PODs](#scaling-pods)
 - [POD Upgrade / History](#pod-upgrade-and-history)
+- [Services](#services)
 
 ## PODS
 
 ```
 $ kubectl get pods
 $ kubectl get pods --all-namespaces
-$ kubectl get pod fluent-bit -o wide
-$ kubectl get pod fluent-bit -o yaml
+$ kubectl get pod monkey -o wide
+$ kubectl get pod monkey -o yaml
 ```
 
 ## Create Deployments
 
 Create single deployment
 
 ```
-$ kubectl run ghost --image=ghost --record
+$ kubectl run monkey --image=monkey --record
 ```
 
 ## Scaling PODs
@@ -43,12 +44,11 @@ $ kubectl rollout history deployment/DEPLOYMENT_NAME
 ```
 $ kubectl rollout undo deployment/DEPLOYMENT_NAME --to-revision=N
 ```
-- $ kubectl scale
-- $ kubectl label
-- $ kubectl get 
-  - pods
-  - deployments
-  - rs | replicasets
-  - logs
-  - run 
 
+## Services
+
+Expose PODs as services (creates endpoints)
+
+```
+$ kubectl expose deployment/monkey --port=2001 --type=NodePort
+```