Bookmarks Bar


** kubectl Autocomplete
JSONPath Support
Kubernetes Release Notes
kubectl Cheat Sheet - Kubernetes
kubectl Usage Conventions


Overview of kubectl - Kubernetes
Installing kubeadm
Creating a cluster with kubeadm
kubeadm upgrade
Upgrading Master Nodes
Install and Set Up kubectl
kubectl config set-cluster
Encrypting Secret Data at Rest
TLS bootstrapping - Kubernetes
Network Addons
PKI Certificates and Requirements

Cluster Upgrades

Safely Drain a Node
Certificate Management with kubeadm
Upgrading kubeadm clusters
Upgrading Worker Nodes


** Installing a Network Add-On
Required Ports
Install Weave Net
Install Weave
Customizing DNS Service
DNS for Services and Pods
Debugging DNS Resolution


** Ingress Example
Ingress Controllers
Ingress | Minimal


Create an External Load Balancer - Kubernetes


** Network Policy Resource
** NetworkPolicy resource | Full
** Brief Example in Use
Network Policies
Declare Network Policy
Configure Default Memory Requests and Limits for a Namespace
to and from selectors
Default deny all ingress traffic
Default allow all ingress traffic
Default deny all egress traffic
Default allow all egress traffic
Default deny all ingress and all egress traffic


kubelet - Kubernetes


Backup etcd
Restore etcd
Operating etcd clusters for Kubernetes


* DaemonSet
* StatefulSets
Create Static Pods
Labels and Selectors


** CronJob Template
** Jobs Template
** Jobs - Parallel/Completions
** Jobs - Deadline/Backoff
Jobs - Run to Completion - Kubernetes
Jobs - Parallelism


** Pod templates
** Define Variables for a Container
** Commands and Arguments
** Resource Requests/Limits Example
** Configure a Pod to Use a ConfigMap
** envFrom Secret
** Init Containers Example
** Configure Service Accounts (scroll for example)
Configure Pod Initialization
NodeSelector- Assigning Pods to Nodes - Kubernetes
Configure Liveness and Readiness Probes - Kubernetes
Static Pods - Kubernetes
Horizontal Pod Autoscaler Walkthrough - Kubernetes
Create HPA
Pod Affinity
Termination message Pod Failure - Kubernetes
Taints and Tolerations
Managing Compute Resources for Containers
Init Containers


Using a sidecar container with the logging agent
Communicate Between Containers in the Same Pod Using a Shared Volume
The Distributed System ToolKit: Patterns for Composite Containers - Kubernetes

Assigning Pods to Nodes - Kubernetes


Taints and Tolerations - Kubernetes
Node Affinity/Anti-affinity
Resource Quotas


** Creating a Deployment
Run a Stateless Application Using a Deployment
Deployments -Strategy
Deployments | Upgrade/Rollback


** Configure a Pod
** Create ConfigMap


** Defining A Service
Services - Kubernetes
Exposing an External IP Address to Access an Application in a Cluster - Kubernetes
Use Port Forwarding to Access Applications in a Cluster - Kubernetes
Debug Services


** Secrets Mount
** Secrets as Files
** Secrets as Env Vars
Environment variables -- Secrets
Distribute Credentials Securely


** Configure a Security Context
Pod Security Policies
Pod Security Standards


** DaemonSet
Perform a Rollback
Perform a Rolling Update
API Example

Persistent Volumes

** Persistent Volumes
** Persistent Volumes claims
** Create PVC - Simple
** Create PVC - hostPath
** Example Pod
** configMap
Storage Classes - Kubernetes
Volumes - Kubernetes
Limit Storage Consumption - Kubernetes
Deploying WordPress and MySQL with Persistent Volumes
Expanding Persistent Volumes Claims
Reclaiming Persistent Volumes
Storage Class Provisioners


* Taints and Tolerations
* Assigning Pods to Nodes
* Node Affinity
Managing Resources for Containers
* Create static Pods
Configure Multiple Schedulers
* Multiple Schedulers | Leader Election
* Specify Scheduler for Pod


Authentication Strategies
Configure Access to Multiple Clusters | kubeconfig
Kubectl config
Using Node Authorization
Using RBAC Authorization
Using ABAC Authorization
Webhook Mode
Image Pull Secrets
Secrets | Docker
Security Context | Capabilities
11 Ways (Not) to Get Hacked
SA Pull Secrets
Pull an Image from a Private Registry


Manage TLS Certificates
Create CertificateSigningRequest
Certificate Signing Requests
Certificates - ca-config, ca-csr
Certificate Signing Request Resource
Certificate Signing Requests | Normal User
Certificate Rotation - Kubernetes


Authorization Overview
** Create Role
** Create ClusterRole
** Create RoleBinding
** Create ClusterRoleBinding
** Checking API Access (can-i)
** Role and ClusterRole
** RoleBinding and ClusterRoleBinding


Debug Pods and ReplicationControllers
Debug Pods
Debug ReplicationControllers
Debug Services
Determine the Reason for Pod Failure
Troubleshooting kubeadm
Troubleshoot Clusters
A general overview of cluster failure modes
Monitoring, Logging, and Debugging
Command line tools reference