Skip to content

pulled from EV #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 18 commits into
base: master
Choose a base branch
from
Open

pulled from EV #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
19df497
persistent volume example
Mar 12, 2020
c9ff013
added jenkins pv
Mar 13, 2020
3f85d96
OC Pv exampl
Mar 13, 2020
645b1d9
made changes in pv,pvc
Mar 31, 2020
e549065
added ingress ex-matthewpalmer.net
Apr 2, 2020
c8639c9
added lookup file
Apr 3, 2020
5114c23
added lookup file
Apr 3, 2020
5db1525
cm example
Apr 3, 2020
aeb98af
added secrets example
Apr 3, 2020
ac94372
added secrets example
Apr 3, 2020
565f4f8
added secrets example
Apr 3, 2020
e527e7f
added dns details
Apr 3, 2020
06efc11
added dns details
Apr 3, 2020
1f0a394
added dns details
Apr 3, 2020
9eba283
added dns details
Apr 3, 2020
65823e8
added dns details
Apr 3, 2020
16c8024
added dns details
Apr 3, 2020
1731b3a
added dns details
Apr 3, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/cm/cm-worknotes.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
worknotes
#https://matthewpalmer.net/kubernetes-app-developer/articles/ultimate-configmap-guide-kubernetes.html

ls -lrt
total 12
-rw-r--r-- 1 root root 310 Apr 3 07:18 config-map.yaml
-rw-r--r-- 1 root root 779 Apr 3 07:59 pod.yaml
-rw-r--r-- 1 root root 209 Apr 3 08:02 pod-env-var.yaml

============
kubectl get cm,pods
NAME DATA AGE
configmap/example-configmap 3 49m
============
kubectl get pods | grep -i pod
pod-env-var 1/1 Running 0 4m31s
pod-using-configmap 1/1 Running 0 9m14s
==================

#pod with config volume

kubectl exec -it pod-using-configmap bash
root@pod-using-configmap:/# cd /etc/config ; ls -lrt
total 0
lrwxrwxrwx 1 root root 11 Apr 3 07:59 keys -> ..data/keys
lrwxrwxrwx 1 root root 19 Apr 3 07:59 database_uri -> ..data/database_uri
lrwxrwxrwx 1 root root 15 Apr 3 07:59 database -> ..data/database
==============
kubectl exec -it pod-env-var bash
root@pod-env-var:/# env
keys=image.public.key=771
rsa.public.key=42
=============================================
13 changes: 13 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/cm/config-map.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: example-configmap
data:
# Configuration values can be set as key-value properties
database: mongodb
database_uri: mongodb://localhost:27017

# Or set as complete file contents (even JSON!)
keys: |
image.public.key=771
rsa.public.key=42
Binary file added 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/cm/original doc.docx
View file
Open in desktop
Binary file not shown.
11 changes: 11 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/cm/pod-env-var.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
kind: Pod
apiVersion: v1
metadata:
name: pod-env-var
spec:
containers:
- name: env-var-configmap
image: nginx:1.7.9
envFrom:
- configMapRef:
name: example-configmap
13 changes: 13 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/cm/pod-using-raw-env-vars.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: nginx
image: nginx
env:
- name: ENVVAR1
value: value1
- name: ENVVAR2
value: value2
27 changes: 27 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/cm/pod.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
kind: Pod
apiVersion: v1
metadata:
name: pod-using-configmap

spec:
# Add the ConfigMap as a volume to the Pod
volumes:
# `name` here must match the name
# specified in the volume mount
- name: example-configmap-volume
# Populate the volume with config map data
configMap:
# `name` here must match the name
# specified in the ConfigMap's YAML
name: example-configmap

containers:
- name: container-configmap
image: nginx:1.7.9
# Mount the volume that contains the configuration data
# into your container filesystem
volumeMounts:
# `name` here must match the name
# from the volumes section of this pod
- name: example-configmap-volume
mountPath: /etc/config
29 changes: 29 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/cm/sample-ammpi-volume.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: oche-umpi
spec:
replicas: 1
template:
metadata:
labels:
name: oche-umpi
microservice: umpi
kubernetes-service: oche-umpi
spec:
dnsPolicy: ClusterFirst
containers:
- name: oche-umpi
image: docker.ochedc.tureanalytics.com/dockadmin/umpi-document-service:latest
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
volumeMounts:
- name: umpi-volume
mountPath: /opt/umpi_config/Document_Type_Config
volumes:
- name: umpi-volume
configMap:
name: umpi-config
imagePullSecrets:
- name: dockadmin
12 changes: 12 additions & 0 deletions ...-secrets-dns-pv/g3-cm-secrets/secrets/abhirockzzkubernetes-secrets/pod-secret-docker.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
kind: Pod
metadata:
name: pod4
spec:
containers:
- name: privateapp
image: abhirockzz/test-private-repo:latest
command: ["/bin/sh"]
args: ["-c", "while true; do date; sleep 5;done"]
imagePullSecrets:
- name: docker-repo-secret
14 changes: 14 additions & 0 deletions ...-cm-secrets-dns-pv/g3-cm-secrets/secrets/abhirockzzkubernetes-secrets/pod-secret-env.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: nginx
image: nginx
env:
- name: API_KEY
valueFrom:
secretKeyRef:
name: service-apikey
key: apikey
11 changes: 11 additions & 0 deletions ...secrets-dns-pv/g3-cm-secrets/secrets/abhirockzzkubernetes-secrets/pod-secret-envFrom.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: v1
kind: Pod
metadata:
name: pod2
spec:
containers:
- name: nginx
image: nginx
envFrom:
- secretRef:
name: plaintext-secret
16 changes: 16 additions & 0 deletions ...-secrets-dns-pv/g3-cm-secrets/secrets/abhirockzzkubernetes-secrets/pod-secret-volume.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
apiVersion: v1
kind: Pod
metadata:
name: pod3
spec:
containers:
- name: nginx
image: nginx
volumeMounts:
- name: apikey-config-volume
mountPath: /secret
readOnly: true
volumes:
- name: apikey-config-volume
secret:
secretName: service-apikey
6 changes: 6 additions & 0 deletions ...ess-cm-secrets-dns-pv/g3-cm-secrets/secrets/abhirockzzkubernetes-secrets/secret-data.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
apiVersion: v1
kind: Secret
metadata:
name: service-apikey
data:
apikey: Zm9vYmFy
8 changes: 8 additions & 0 deletions ...ess-cm-secrets-dns-pv/g3-cm-secrets/secrets/abhirockzzkubernetes-secrets/secret-file.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: secret-in-a-file
stringData:
app-config.yaml: |-
hello: world
john: doe
7 changes: 7 additions & 0 deletions ...m-secrets-dns-pv/g3-cm-secrets/secrets/abhirockzzkubernetes-secrets/secret-plaintext.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: plaintext-secret
stringData:
foo: bar
mac: cheese
20 changes: 20 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/secrets/secret-pod.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
apiVersion: v1
kind: Pod
metadata:
name: consumesec
spec:
containers:
- name: shell
image: centos:7
command:
- "bin/bash"
- "-c"
- "sleep 10000"
volumeMounts:
- name: apikeyvol
mountPath: "/tmp/apikey"
readOnly: true
volumes:
- name: apikeyvol
secret:
secretName: apikey
84 changes: 84 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-cm-secrets/secrets/secrets-wn.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
===============
Config maps ideally stores application configuration in a plain text format whereas Secrets store sensitive data like password in an encrypted format.

Both config maps and secrets can be used as volume and mounted inside a pod through a pod definition file.

Config map:

kubectl create configmap myconfigmap --from-literal=env=dev

Secret:

echo -n ‘admin’ > ./username.txt
echo -n ‘abcd1234’ ./password.txt
kubectl create secret generic mysecret --from-file=./username.txt --from-file=./password.txt

====================

echo -n "A19fh68B001j" > ./apikey.txt

$ kubectl create secret generic apikey --from-file=./apikey.txt
secret "apikey" created

$ kubectl describe secrets/apikey
Name: apikey
Namespace: default
Labels: <none>
Annotations: <none>

Type: Opaque

Data
====
apikey.txt: 12 bytes
===========================
kubectl get pod/consumesec
NAME READY STATUS RESTARTS AGE
consumesec 1/1 Running 0 4s
=========================
kubectl get pod/consumesec -o yaml | grep -i api

######apikey value is not shown in yaml
apiVersion: v1
selfLink: /api/v1/namespaces/default/pods/consumesec
- mountPath: /tmp/apikey
name: apikeyvol
- name: apikeyvol
secretName: apikey
==================================================

kubectl exec -it consumesec bash
[root@consumesec /]# cd /tmp/apikey
[root@consumesec apikey]# ls -lrt
total 0
lrwxrwxrwx 1 root root 17 Apr 3 09:19 apikey.txt -> ..data/apikey.txt
[root@consumesec apikey]# cat apikey.txt


A19fh68B001j



======================

Detail about secrets
https://dev.to/itnext/tutorial-how-to-use-kubernetes-secrets-for-storing-sensitive-config-data-3dl5

#docker image pull

kubectl create secret docker-registry docker-repo-secret --docker-server=DOCKER_REG_SERVER --docker-username=DOCKER_REG_USERNAME --docker-password=DOCKER_REG_PASSWORD --docker-email=DOCKER_REG_EMAIL
===================================

apiVersion: v1
kind: Pod
metadata:
name: pod4
spec:
containers:
- name: privateapp
image: abhirockzz/test-private-repo:latest
command: ["/bin/sh"]
args: ["-c", "while true; do date; sleep 5;done"]
imagePullSecrets:
- name: docker-repo-secret
----------------------------------
10 changes: 10 additions & 0 deletions 111-ingress-cm-secrets-dns-pv/g3-dns/client-pod.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
apiVersion: v1
kind: Pod
metadata:
name: client-pod
spec:
containers:
- name: curl
image: appropriate/curl
command: ["/bin/sh"]
args: ["-c","curl test-service:4000 "]
Loading