Demystifying kubectl command

Transcript

1. Kubernetes 101 - Kubectl

2. KUBERNETES - Kubectl What’s kubectl Is a client for the

   Kubernetes API, which is an HTTP API and every Kubernetes operation is exposed as an API endpoint and can be executed by an HTTP request to this endpoint.

3. KUBERNETES - Kubectl Developer Minikube API SERVER ... 192.168.99.100:8443 $

   kubectl version Kubectl flow

4. KUBERNETES - Kubectl $ kubectl version -o yaml clientVersion: buildDate:

   "2019-10-02T17:01:15Z" compiler: gc gitCommit: d647ddbd755faf07169599a625faf302ffc34458 gitTreeState: clean gitVersion: v1.16.1 goVersion: go1.12.10 major: "1" minor: "16" platform: linux/amd64 serverVersion: buildDate: "2019-09-18T14:27:17Z" compiler: gc gitCommit: 2bd9643cee5b3b3a5ecbd3af49d09018f0773c77 gitTreeState: clean gitVersion: v1.16.0 goVersion: go1.12.9 major: "1" minor: "16" platform: linux/amd64 Kubectl version

5. KUBERNETES - Kubectl $ ifconfig vboxnet0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet

   192.168.99.1 netmask 255.255.255.0 broadcast 192.168.99.255 inet6 fe80::800:27ff:fe00:0 prefixlen 64 scopeid 0x20<link> ether 0a:00:27:00:00:00 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 313 bytes 50712 (50.7 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 $ tcpdump -i vboxnet0 port 8443 -A listening on vboxnet0, link-type EN10MB (Ethernet), capture size 262144 bytes 15:41:46.248509 IP server.42342 > 192.168.99.103.8443: Flags [S], seq 2433516856, win 64240, options [mss 1460,sackOK,TS val 701827968 ecr 0,nop,wscale 7], length 0 E..<].@[email protected] ....8.........Y......... )........... Snife Minikube Network using tcpdump

6. KUBERNETES - Kubectl API Server — The Gateway to Kubernetes

   Kubernetes is all about objects and an API that provides access to those objects. Nodes, labels, pods, deployments, services, secrets, configmaps, ingress, and many more resources are treated as objects. These objects are exposed via simple REST API through which basic CRUD operations are performed. One of the core building blocks of Kubernetes is the API Server which acts as the gateway to the platform. Internal components such as kubelet, scheduler, and controller access the API via the API Server for orchestration and coordination. The distributed key/value database, etcd, is accessible only through the API Server

7. KUBERNETES - Kubectl UI User Interface API CLI Command Line

   Interface Kubernetes Master Node 1 Node 1 Node 1 Node 1 Image Registry

8. KUBERNETES - Kubectl Kubectl, the Swiss Army knife to manage

   Kubernetes is just a nifty tool that talks to the API Server.

9. KUBERNETES - Kubectl $ kubectl cluster-info Kubernetes master is running

   at https://192.168.99.103:8443 KubeDNS is running at https://192.168.99.103:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy Get k8s version using a native curl http request via ssl $ curl https://192.168.99.103:8443/api/ --cacert ~/.minikube/ca.crt --cert ~/.minikube/client.crt --key ~/.minikube/client.key { "versions": [ "v1" ], "serverAddressByClientCIDRs": [ { "clientCIDR": "0.0.0.0/0", "serverAddress": "10.0.1.149:443" } ] }

10. KUBERNETES - Kubectl The configuration file is by default located

    in: $ $HOME/.kube/config Set the KUBECONFIG environment variable: $ export KUBECONFIG=$KUBECONFIG:$HOME/.kube/proxy_config

11. KUBERNETES - Kubectl $ kubectl get secrets default-token-6kmrm -o yaml

    $ echo ‘ZXlKaGJHY2lPaUpTVXpJMU5pSXNJbXRwWkNJNkNB…’ | base64 -d $ eyJhbGciOiJSUzI1NiIsImtpZCI6Ii1tdkpTNGVybVdV... $ curl https://192.168.99.103:8443/api --header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ii1tdkpTNGVybVdV..." --insecure Passing an authentication token directly to the API server { "versions": [ "v1" ], "serverAddressByClientCIDRs": [ { "clientCIDR": "0.0.0.0/0", "serverAddress": "10.0.1.149:443" } ] }