kubectl describe role <role-name> -n <name-namespace>
10. To get Role Binding
kubectl get rolebinding
11. To describe Role Binding
kubectl describe rolebinding <rolebinding-name>
12. To see all the cluster roles
kubectl get clusterroles
1.2.14. RBAC (Role Base Access Control): Service Accounts
Description
Command
1. To get the services accounts
kubectl get serviceaccount
2. To get the service account of a namespace
kubectl get sa -n <namespace-name>
3. To describe a service account
kubectl describe serviceaccount <sa-name>
4. Service accounts kube system
kubectl get sa -n kube-system
1.2.15. YAML file
Description
Command
1. To apply a yaml manifesto (-f = file)
kubectl apply -f pod.yaml
2. To delete all resources running from a yaml file
kubectl delete -f pod.yaml
3. To see command run in the history (CHANGE-CAUSE)
kubectl rollout history deployment <deployment-name>
4. To output in yaml and using grep
`kubectl get pod podtest3 -o yaml -n dev
1.2.16. Generics
Description
Command
1. To edit the configuration of any object
kubectl edit <object> <object-name>
1.3. YAML Notes
1.3.1. Pods
1.3.1.1. Labels (Very important)
Metadata to indicate pod metadata in case we have several equal pods but for
different purposes (different app, environment...). Be careful the pod name is
not inside the labels medatadata. Also used by replicaset and deployment for
managing the pods.
1.3.1.2. Owner references
Indicates the parent owner of the replicaSet.
1.3.1.3. Image policy
To check for images locally before looking to remote images:
apiVersion: apps/v1. apps = to understand the prefix run kubectl api-resources
and look for NAME = replicaset and you will find the the its GROUP is apps.
kind: to find the KIND field just do the same as the previous step and find the
KIND field.
ownerReferences: indicates the parent owner of the replicaSet.
1.3.3. Deployment
By default it has .spec.revisionHistoryLimit = 10 (ReplicaSet history limit)
1.3.3.1. CHANGE-CAUSE
It is the cause of the deployment.
To see the deployment CHANGE-CAUSE: kubectl rollout history deployment <deployment-name>.
To save command the in the history (CHANGE-CAUSE):
kubectl rollout history deployment <deployment-name>.
Add to YAML, after metadata:
annotations:
kubernetes.io/change-cause: "Changes port to 110"
1.3.3.2. Rollback
The idea is that, for example a pod is not able to start due to a issue, you can
rollback to a previous version by executing:
Remember that by default we have 10 old ReplicaSet old version to rollback to,
in case it is necessary.
1.3.4. Services
By default TYPE = ClusterIp. It is a virtual Ip that works as the entrance of our pods.
name: my-service ➡️ It is also the DNS of the service.
1.3.4.1. ClusterIp
Exposes the Service on a cluster-internal IP. Choosing this value makes the
Service only reachable from within the cluster. This is the default ServiceType.
[...]spec:
type: ClusterIp
1.3.4.2. NodePort
Exposes the Service on each Node's IP at a static port (the NodePort). A
ClusterIP Service, to which the NodePort Service routes, is automatically
created. You'll be able to contact the NodePort Service, from outside the
cluster, by requesting <NodeIP>:<NodePort>.
[...]spec:
type: NodePort
For checking the NodePort execute:
kubectl get svc -l <label-key>=<label-value>
And check the PORTs field and see the mapped port: 8080:32358/TCP.