k8s-workloads-overview

kubectl
1. introspection
  1. get
    1. pods
      1. statuses
      2. pending
      3. images pulled
      4. running
      5. succeded
      6. containers terminated
      7. failed
      8. uknonwn
      9. likely communication error
      10. crashloopbackoff
      11. misconfiguration
      12. container exit unexpected
  2. describe
    1. pod
      1. name
      2. namespace
      3. lables
      4. ...
    2. container
      1. state
      2. images
      3. ports
      4. ...
    3. shows events at the end
  3. exec
    1. -it
  4. logs
2. syntax ->
  1. Command
    1. ->
      1. Action
      2. ->
      3. Type
      4. ->
      5. Name
      6. ->
      7. Flags
      8. Optional
cluster
1. commands
  1. top
  2. resize
2. auto-scale
  1. disable by default
Types
1. Deployments
  1. Roll out updates
  2. Stateless applications
  3. Create
    1. declaratively
      1. kubectl apply -f
    2. imperatively
      1. kubectl run
    3. GKE console
2. Jobs/CronJobs
3. Subtopic 3
nodepool
1. same nodes
2. label
  1. name=value
3. nodepool per zone
4. decrease cluser
  1. random select
  2. gracefull pods termination
Networking
Services
1. Types
  1. ClusterIP
    1. Static IP
    2. Traffic distributon in Cluster
    3. Not accesible from outside
    4. Default
    5. Select pods via lable
    6. First Service THEN pods
    7. Container port
    8. Use cases
      1. IntraCluster communication
  2. NodePort
    1. You manage loadbalancer
      1. You check nodeport collisions
    2. Specific port on each node
    3. 30000-30767
  3. LoadBalancer
    1. ExternalTrafficPolicy=local
Ingress
1. 1 layer higher > services
2. Service for Services
3. Set of rules to govern external traffic to services
4. Single public IP address
5. Can route trafic to:
  1. NodePort
  2. LoadBalancer
    1. Does not address double hop
6. Route to services by name
7. Rules in spec
  1. Traffic routing
    1. Based on host address
    2. Based on address path
    3. Can be multiple host-names/paths
  2. If no rule matched
    1. Sent to default
8. Update:
  1. kubeclt edit ingress [name]
  2. kubectl replace -f [name]
9. Security
  1. IP
    1. Blacklist
    2. Whitelist
  2. TLS termination
  3. Manage all SSL certs in one place
  4. HTTP2 support
  5. gRPC support
    1. gRPC needs HTTP2
Container Native LoadBalancing
1. Traffic to PODs
2. Group endpoints
Volumes