In the initpod.yml file you are using for the init container init-ctr the image busybox. However, the command to check that the service k8sbook is up, does not work. Apparently, it is related to the version of the image. You can see in this issue that there have been some unsolved problems for recent versions ok busybox regarding nslookup that have not been addressed yet. The recommendation in the issue from other users (and what actually worked out for me) is to pin the version to be <=1.28.4. Also, there are some users that suggest using a different image for the same purposes with Kubernetes.

Tried to install kind and use the deployment along with the k3d cluster deployment and was getting errors. In my troubleshooting it appears that with the current version appends "kind-" to the cluster name. Due to this fact it is failing to launch as it causes (I believe) namespace errors.

Multi-container Pod example – sidecar container

My environment: Fedora 38, Docker-Desktop, and K3d. For the mentioned example, svc-sidecar could not get an external IP address. I googled the problem and most of what I found pointed to K3d not supporting the "service:LoadBalancer".

Hi,

Thank you for the videos and writing the book. I watched a video of yours as I am new to Kubernetes and "green as grass" when it comes to experience... meaning I have no experience. So I decided to buy the book !

I started reading it and DOING what you say... the first section talks about "K3d", so I instal some stuff... get it running and you state "You can use this cluster for most of the hands-on examples in the book".

A little bit further in the book, you start talking about KinD, how to install it and get it running, so I do that... Once again, you mention "You can use this cluster for most of the hands-on examples in the book, including dual-stack networking examples".

A little bit further in the book you start talking about Google Kubernetes Engine (GKE), mention it costs $$ to run, so I skip doing that "model" bur you again state "You have a production-grade Kubernetes cluster and can continue with the exercises in the rest of the book".

No surprises by now, you start talking about Linode Kubernetes Engine (LKE) and it too costs $$ to run, so I skip that one as well, yet again you state, "At this point, your LKE cluster is up and running and you can use it to follow the examples in the book".

The reason I bring this up --- is because it is CONFUSING - I am new to Kubernetes - I read the book and now understand there are 4 different Kubernetes "models" to use, but which do I use for the examples in the book?

I don't want to incur server costs to learn Kubernetes and the company I work for will not let me use their "pay for use" servers as a play ground so I am wondering... which "free" models, if any, will work ? Please make it clear which "model" will work with ALL your examples in the book, as I do not know the differences of one "model" over the next.

I would bet there are other people out there, who know nothing about Kubernetes, read those pages and are wondering the very same thing - what do I do now ?

thank you

Discussed in #29

error: Internal error occurred: error executing command in container: failed to exec in container: failed to start exec "fc7ef1a745ffd71b0d28376f80ab706bf896fb8e13c501e66a2889286eda97f9": OCI runtime exec failed: exec failed: unable to start container process: exec: "ps": executable file not found in $PATH: unknown

sh: 1: apk: not found

In the Implementing Storage Classes section of the Kubernetes Storage chapter, my Kindle version has the line:

Notice that the workflow does include creating a PV.

Shouldn't it be "does not include creating a PV"?

Reading through "The Kuberenetes Book" right now and was hoping to find the YAML examples in this repo, but it's empty.

pods/initpod.yml has been updated to pin busybox to version 1.28.4 due to apparent issues with nslookup command in newer busybox image.

This works great but was a little tough to find. Including this in the errata will be helpful for readers who are manually copying code from the book. Thanks!

On page 136 of the book,
the command executed from the services folder shows "deployment.apps/svc-test created".
However, there is no svc-test in the deployment.yml file. Looks like the sample lab files are not properly updated.

Hi folks.
In the Kindle edition of The Kubernetes Book (Feb 2020) location 1648 it mentions a folder called service-discovery containing files such as sd-example.yml in this github repo -
I have what I believe is the latest commit of the repo (f1aabcb) but I don't see the folder or its contents. I must be missing something... any ideas?
Regards
Jerome

On Win 11, using Docker Desktop v4.22.

Issue

1. Attempting to connect to the localhost:31112 (pg 72?), as suggested, and this does not work.
2. And this of course would be applied to (pg. 64?) after running kubectl apply -f sidecar-local.yml

"...If your cluster is on you laptop, point your browser to localhost:30001.."

Resolution

Continuing with the namespace tutorial (point 1), I needed to run kubectl port-forward -n shield svc/the-bus 31112:8080 and I was then able to access the html page.

Not sure if I overlooked anything, but Im guessing it has to do with the host configuration, that should be listening on 0.0.0.0 (like Docker)

In the 2021 book - in section on Namespaces (Creating and Managing Namespaces)

instructions say

shield-ns.yml
contains a
kind: Namespace

so 'kubectl apply shield-ns.yml'
will result in
'namespace/shield created'

Don't think the namespace/shield-ns.yml in GitHub matches instruction in book

kubectl apply -f initpod.yml
kubectl apply -f initsvc.yml

kubectl get pods -w

Output:

initpod     0/1     Init:0/1   0          8s
initpod     0/1     PodInitializing   0          32s
initpod     0/1     Error             0          33s

kubectl logs initpod 

Output:

Defaulted container "web-ctr" out of: web-ctr, init-ctr (init)
exec /bin/sh: exec format error

kubectl describe pod initpod

Output:

Events:
  Type     Reason     Age                 From               Message
  ----     ------     ----                ----               -------
  Normal   Scheduled  24m                 default-scheduler  Successfully assigned default/initpod to minikube
  Normal   Pulled     24m                 kubelet            Container image "busybox:1.28.4" already present on machine
  Normal   Created    24m                 kubelet            Created container init-ctr
  Normal   Started    24m                 kubelet            Started container init-ctr
  Normal   Pulled     22m (x5 over 23m)   kubelet            Container image "nigelpoulton/web-app:1.0" already present on machine
  Normal   Created    22m (x5 over 23m)   kubelet            Created container web-ctr
  Normal   Started    22m (x5 over 23m)   kubelet            Started container web-ctr
  Warning  BackOff    14m (x46 over 23m)  kubelet            Back-off restarting failed container web-ctr in pod initpod_default(6a940216-af2e-43a6-a73c-257fe3d46ecf)

Works:
Changing the image to nigelpoulton/k8sbook:1.0.

Just a heads up:

deployments/deploy.yml line 23:
image: nigelpoulton/k8sbook:edge

Book shows the line repeatedly as:
image: nigelpoulton/k8sbook:latest

I wound up doing the rolling update example backwards because I didn't realize it was using edge instead of latest. Not a big deal, but I thought you should be aware.

On page 85 of the paperback edition the text describes the kubectl describe rs command but the example has the kubectl get rs command. The output of however is from the describe command.

When using latest version of busybox, nslookup fails to find service, specifying an older version works:

i.e.: busybox:1.28.0

Otherwise, the returned exit value is 127.

When I was following the section "kubectl exec: running commands in Pods" I tried to run the command kubectl exec hello-pod -- ps aux after having applied the manifest but I got the error

OCI runtime exec failed: exec failed: unable to start container process: exec: "ps": executable file not found in $PATH: unknown
command terminated with exit code 126

This is because the current image (nigelpoulton/k8sbook:1.0) does not have the ps command installed.

Then I tried to install curl using apk add curl as instructed some lines below but I get the error

sh: 1: apk: not found

After digging a little, I found that the apk command is for Alpine, however, the image is based on Debian. I guess somewhere in time you updated the image to have a different base image but that is causing an error (maybe that caused the above error as well ?).

Finally, I installed both commands using apt-get just to be able to complete the exercise. However, at this moment the instructions for the 2022 version of the book are not compatible with the image available for these exercises.

I was trying to follow the tutorial from the K8s book, but I unfortunately couldn't run the manifest files, because the images pulled from docker hub only supports amd architectures. I'm following up from my raspberry pi, which has an arm architecture. Every time a pod for example tries to run, I keep getting a CrashLoopBackOff.

I am currently in chapter 4 and the sidecar example for local use does not let me access it with localhost:30001.

I figured out that I need to run minikube service svc-sidecar, which solves this problem. Maybe it would be worth mentioning this in the next version of the book.

In the chapter on namespaces I'm running into problems getting the-bus app to accept a curl request. Everything seems to match the output from the examples in the book with the exception of the ServiceAccounts last-applied-configuration warning when applying shield-app.yml. If I go into the pod and install curl I get a response when hitting localhost. Any idea what I'm doing wrong or how I can troubleshoot?

kubectl version
Client: v1.21
Server: v1.21

k3d version
k3d version v4.4.7
k3s version v1.21.2-k3s1 (default)

kubectl apply -f shield-app.yml
Warning: resource serviceaccounts/default is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
serviceaccount/default configured
service/the-bus created
pod/triskelion created

kubectl get pods -n shield
NAME         READY   STATUS    RESTARTS   AGE
triskelion   1/1     Running   0          117s

kubectl get svc -n shield
NAME      TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
the-bus   NodePort   10.43.196.219   <none>        8080:31112/TCP   2m51s

kubectl describe svc -n shield
Name:                     the-bus
Namespace:                shield
Labels:                   <none>
Annotations:              <none>
Selector:                 env=marvel
Type:                     NodePort
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       10.43.196.219
IPs:                      10.43.196.219
Port:                     <unset>  8080/TCP
TargetPort:               8080/TCP
NodePort:                 <unset>  31112/TCP
Endpoints:                10.42.1.3:8080
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

curl localhost:31112
curl: (7) Failed to connect to localhost port 31112: Connection refused

kubectl exec -it triskelion -n shield -- sh
/usr/src/app # curl localhost:8080
<!DOCTYPE html>
<html>
<head>
    <title>AOS</title>
    <link rel="stylesheet" type="text/css" href="/css/main.css">
    <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Ubuntu:300" >
</head>
<body>

  <div class="main">
    <img src="/images/image.png"/>
    <div class="content">
      <div id="message">
  Agents of S.H.I.E.L.D
</div>
<div id="info">
  <table>
    <tr>
      <th>Pod/container/host that serviced this request:</th>
      <td>triskelion</td>
    </tr>
  </table>

</div>
    </div>
  </div>

</body>
</html>

Hi @nigelpoulton, while enjoying your K8s book, I noticed that a port definition in one of the examples does not match another file.

In the Service definition it says the target port is 9090:

The Pods that this Service refers to are defined like this, with port 8080:

And sure enough, following this chapter and applying both files to K8s will show this error message (please note that I'm using the "KinD" setup, and because of my local Docker setup have to explicitly create a port forwarding):

$ kubectl port-forward service/svc-test 30001:8080
Forwarding from 127.0.0.1:30001 -> 9090
Forwarding from [::1]:30001 -> 9090
Handling connection for 30001
E0625 13:52:21.097232   41027 portforward.go:409] an error occurred forwarding 30001 -> 9090: error forwarding port 9090 to pod ..., uid : failed to execute portforward in network namespace "/var/run/netns/cni-...": failed to connect to localhost:9090 inside namespace "...", IPv4: dial tcp4 127.0.0.1:9090: connect: connection refused IPv6 dial tcp6 [::1]:9090: connect: connection refused

After updating the services/svc.yml file and changing the targetPortfrom 9090 to 8080, it works as expected.

For reference, in the printed book (2023 edition) the services/svc.yml file is shown, and there it also says targetPort: 8080.

In chapter 15: "Threat modeling Kubernetes", section "PSA examples" mentions folder psa, but it isn't present in the repository.

The book’s GitHub repo can be found here.

https://github.com/nigelpoulton/TheK8sBook

Be sure to run the following commands from the psa directory.

In the section "Create a Deployment" the file showed is not the same as the one in the book 2022 version.

The book shows this yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: hello-deploy
spec:
  replicas: 10
  selector:
    matchLabels:
      app: hello-world
  revisionHistoryLimit: 5
  progressDeadlineSeconds: 300
  minReadySeconds: 10
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
      maxSurge: 1
  template:
    metadata:
      labels:
        app: hello-world
    spec:
      containers:
      - name: hello-pod
         image: nigelpoulton/k8sbook:1.0
         ports:
         - containerPort: 8080

However, the repo contains this as the deploy.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: svc-test
spec:
  replicas: 10
  selector:
    matchLabels:
      chapter: services
  template:
    metadata:
      labels:
        chapter: services
    spec:
      containers:
      - name: hello-ctr
        image: nigelpoulton/k8sbook:1.0
        ports:
        - containerPort: 8080

While attached to the 'jump' Pod, running curl ent:8080 or curl ent.prod.svc.cluster.local:8080 returns expected output, but with a minor typo.

Should read "Hello from the <foo> Namespace!"

Actual output:

➜  service-discovery git:(master) ✗ kubectl exec -it jump --namespace dev -- bash
root@jump:/# curl ent:8080
Hello form the DEV Namespace!
Hostname: enterprise-584b544bb6-gw8dk
root@jump:/# curl ent.prod.svc.cluster.local:8080
Hello form the PROD Namespace!
Hostname: enterprise-8b6fdc8c4-cddp8
root@jump:/# 

Expected output:

➜  service-discovery git:(master) ✗ kubectl exec -it jump --namespace dev -- bash
root@jump:/# curl ent:8080
Hello from the DEV Namespace!
Hostname: enterprise-584b544bb6-gw8dk
root@jump:/# curl ent.prod.svc.cluster.local:8080
Hello from the PROD Namespace!
Hostname: enterprise-8b6fdc8c4-cddp8
root@jump:/#

When following the book (version year 2022) and using a GKE K8 cluster deployed like in the beginning of the book, it is not possible to access any of the deployed replica to see the deployed static webpage.
This is, because the Service located under ``deployments/svc.yml` is not suited for GKE, because it creates a service of type ClusterIP which does not expose the cluster to the internet.
Instead, the type LoadBalancer would be needed to expose the cluster and make the website available via port 8080.

This problem might apply to any part of the book where this pattern repeats. In the Pods chapter, this has been accounted for by providing a file for both local environments and cloud environments.

Hi

I am running through the examples and tried this as directed in the book

I am in the chapter dealing with namespaces and was told to do this:

kubectl apply -f shield-app.yml

After I ran the command, I got this:

Error from server (NotFound): error when creating "shield-app.yml": namespaces "shield" not found

I asked a colleague and they said the namespace MUST be created first... so I did this:

kubectl create namespace shield

then ran the original yml command again... this time with success and a warning

Warning: resource serviceaccounts/default is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
serviceaccount/default configured
service/the-bus created
pod/triskelion created

Does it mean that the Service can be accessed by its internal port only? (without specifying the IP).