Kubernetes

https://youtu.be/PH-2FfFD2PU https://github.com/kelseyhightower/kubernetes-the-hard-way https://github.com/xuwang/kube-aws-terraform/blob/master/README.md

Prebuild applications

See https://github.com/kubernetes/charts and manage via https://helm.sh/

DNS

https://github.com/kubernetes-incubator/external-dns

Dashboard

Installation

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

Updates

Once installed, the deployment is not automatically updated. In order to update it you need to delete the deployment’s pods and wait for it to be recreated. After recreation, it should automatically use the latest image.

Delete all Dashboard pods (assuming that Dashboard is deployed in kube-system namespace):

$ kubectl -n kube-system delete $(kubectl -n kube-system get pod -o name | grep dashboard)
pod "kubernetes-dashboard-3313488171-7706x" deleted
pod "kubernetes-dashboard-3313488171-ddkqd" deleted
pod "kubernetes-dashboard-3313488171-dpf9t" deleted
pod "kubernetes-dashboard-3313488171-jdz1n" deleted
pod "kubernetes-dashboard-3313488171-sxc9n" deleted

User account creation

Create the service account

apiVersion: v1
kind: ServiceAccount
metadata:
  name: root
  namespace: kube-system

Then install it via kubectl create -f service-account.yaml

Create the cluster role bearing

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: root
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: root
  namespace: kube-system

Then install it via kubectl create -f role-binding.yaml

Login

Now we need to find token we can use to log in. Execute following command:

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep root | awk '{print $1}')

It should print something like:

Name:         root-token-6gl6l
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name=root
              kubernetes.io/service-account.uid=b16afba9-dfec-11e7-bbb9-901b0e532516

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhnopenopenopenope5g_RA

Copy the token into the authentication screen and click the sign-in button.