Kubernetes Cheat Sheet Github

Kubernetes is an open-source platform for automating deployment, scaling and operations of application containers across clusters of hosts, providing container-centric infrastructure.

Kubernetes Commands Pdf
Kubernetes Cheat Sheet Github Free

Learn how to

Kubernetes is an open source container orchestration engine for automating deployment, scaling, and management of containerized applications. The open source project is hosted by the Cloud Native Computing Foundation. $ git clone project url Downloads a project with the entire history from the remote repository. 01 02 Git Cheat Sheet Day-To-Day Work $ git status Displays the status of your working directory. Options include new, staged, and modified files. It will retrieve branch name, current commit identifier, and changes pending commit. $ git add file. Kubernetes Security Cheat Sheet¶ Kubernetes¶ Kubernetes is an open source container orchestration engine for automating deployment, scaling, and management of containerized applications. The open source project is hosted by the Cloud Native Computing Foundation (CNCF). When you deploy Kubernetes, you get a cluster.

Install Minikube
Run locally on Minikube
Install Kubectl
Use the Kubectl CLI

A cheat sheet for Kubernetes commands. Contribute to RehanSaeed/Kubernetes-Cheat-Sheet development by creating an account on GitHub. The Kubernetes Cheat Sheet by A Cloud Guru which is a nice resource that summarizes many of the common kubectl commands which you can print out and hang on your office wall. The only Kubernetes cheat sheet you'll need!

Also, see why you’ll need more than Kubernetes for DevOps. Created by Red Hat’s own Daniel Oh for your ease.

Kubernetes is an open-source platform for automating deployment, scaling and operations of application containers across clusters of hosts, providing container-centric infrastructure.

Learn how to

Install Minikube
Run locally on Minikube
Install Kubectl
Use the Kubectl CLI

Also, see why you’ll need more than Kubernetes for DevOps. Created by Red Hat’s own Daniel Oh for your ease.

DownloadEmail link True

Unofficial AKS Cheat Sheet

Official AKS FAQ is here

AKS Cheat Sheet
- Azure CLI Commands
- AKS Features

Azure CLI Commands

AKS

Kubernetes Commands Pdf

Reference: az aks

Get k8s available versions
To configure kubectl to connect to your Kubernetes cluster
Open k8s Dashboard
If you're using RBAC enabled kubernetes cluster, you need to configure Service Account and RoleBinding in order to make Dashbaord work.
If you want to configure more granular privilege to the Dashboard's service account instead of giving full privilege(role: cluster-admin), please follow 'Option 1: Access to Dashboard with your Service Account' in this article.
In addition, please see Kubernetes dashboard with Azure Container Service (AKS) to know about basic dashboard operations.
Get AKS Cluster info
Get Node Resource Group
Scale AKS Cluster nodes
Upgrade AKS Cluster version
Enable Add-on
- Enable Azure Monitor for Containers
- Enable HTTP Application Routing
Check egress IP

ACR

Reference: az acr

Create an Azure Container Registry
SKU: Basic, Standard, Premium, Classic
Get ACR list
Get ACR Detail
Show ACR Repositories
Login to ACR
ACR Task - Build
You can queues a quick build, providing streamed logs for an Azure Container Registry by using az acr build

Reference Architecture

AKS Features

Service Principal

About Service Principal
Update Service Principal in AKS cluster

Authn and Authz

3 options to manage access and identity for AKS clusters
- Azure RBAC (integration with Azure AD) to control the access to AKSfrom Bast pracitses for authn & authz in AKS
- Kubernetes RBAC
  - Roles, ClusterRoles, RoleBindings, ClusterRoleBindings
- Pod Identities
  - Use managed identities for Pods in AKS to access to Azure resources
    - Managed Identities let you automatically request access to services through Azure AD. You don't manually define credentials for pods, instead they request an access token in real time (See azure doc)

Cluster Security

cluster security and upgrades
- Securing access to the API server, limiting container access, and managing upgrades and node reboots.
Container image management and security
- Securing the image and runtimes, using trusted registries, and automated builds on base image updates.
Pod security
- Securing access to resources, limiting credential exposure, and using pod identities and Azure Key Vault

Data Volume

Data Volume Options
- Azure Disk (Dynamic / Static)
- Azure Files (Dynamic / Static)

Network Plugin

kubenet (default policy)
- az aks create --network-plugin option: kubenet
- see also @k8s.io
Azure CNI
- az aks create --network-plugin option: azure

Network Policiy

Kubernetes version: 1.12+
Network policy Options in AKS
- 1. Azure Network Policies - the Azure CNI sets up a bridge in the VM host for intra-node networking. The filtering rules are applied when the packets pass through the bridge
  - az aks create --network-plugin azure
- 1. Calico Network Policies - the Azure CNI sets up local kernel routes for the intra-node traffic. The policies are applied on the pod’s network interface.
  - see [the difference between the two](the Azure CNI sets up local kernel routes for the intra-node traffic. The policies are applied on the pod’s network interface.)
  - az aks create --network-plugin azure && --network-policy calico

Load Balancer

Service: type=LoadBalancer (NOT ClusterIP nor NodePort)
Default: External Load balancer
Static IP to LB (see azure doc)
Internal Load balancer - Only accessible from the same VNET
- Annotation for Internal LB
- You can specify IP address for LB: loadBalancerIP:XX.XX.XX.XX
- You can specify a subnet for LB with special annotation