Skip to content

Instantly share code, notes, and snippets.

@detailyang

detailyang/cilium.md

Last active January 7, 2019 07:48
Show Gist options
  • Save detailyang/c83e0da202139586b57fd0c5dbc6e5ef to your computer and use it in GitHub Desktop.
Save detailyang/c83e0da202139586b57fd0c5dbc6e5ef to your computer and use it in GitHub Desktop.
Download ZIP
Getting Started Using Minikube
Raw
cilium.md
  1. uname -a
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ uname -a                                                                                                                                                               0 < 15:32:41
Darwin detailyangdeMacBook-Pro.local 17.7.0 Darwin Kernel Version 17.7.0: Thu Jun 21 22:53:14 PDT 2018; root:xnu-4570.71.2~1/RELEASE_X86_64 x86_64
  1. minikube start --network-plugin=cni --extra-config=kubelet.network-plugin=cni
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ minikube start --network-plugin=cni --extra-config=kubelet.network-plugin=cni                                                                                          0 < 15:32:44
Starting local Kubernetes v1.12.4 cluster...
Starting VM...
Getting VM IP address...
Moving files into cluster...
Setting up certs...
Connecting to cluster...
Setting up kubeconfig...
Stopping extra container runtimes...
Starting cluster components...
Verifying kubelet health ...
Verifying apiserver health ...Kubectl is now configured to use the cluster.
Loading cached images from config file.


Everything looks great. Please enjoy minikube!
  1. minikube version
╰─λ minikube version                                                                                                                                                       1 < 15:37:48
minikube version: v0.32.0
  1. kubectl create -f https://raw.githubusercontent.com/cilium/cilium/HEAD/examples/kubernetes/1.12/cilium-minikube.yaml
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl create -f https://raw.githubusercontent.com/cilium/cilium/HEAD/examples/kubernetes/1.12/cilium-minikube.yaml                                                   0 < 15:38:25

daemonset.apps "cilium" created
configmap "cilium-config" created
clusterrolebinding.rbac.authorization.k8s.io "cilium" created
clusterrole.rbac.authorization.k8s.io "cilium" created
serviceaccount "cilium" created
  1. kubectl create -f https://raw.githubusercontent.com/cilium/cilium/HEAD/examples/minikube/http-sw-app.yaml
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl create -f https://raw.githubusercontent.com/cilium/cilium/HEAD/examples/minikube/http-sw-app.yaml                                                              0 < 15:39:00
service "deathstar" created
deployment.extensions "deathstar" created
pod "tiefighter" created
pod "xwing" created
  1. kubectl get pods,svc
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl get pods,svc                                                                                                                                                   0 < 15:41:13
NAME                             READY     STATUS    RESTARTS   AGE
pod/deathstar-5b97bbbc4c-5p8jw   1/1       Running   0          2m
pod/deathstar-5b97bbbc4c-b6hnd   1/1       Running   0          2m
pod/tiefighter                   1/1       Running   0          2m
pod/xwing                        1/1       Running   0          2m

NAME                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
service/deathstar    ClusterIP   10.111.222.196   <none>        80/TCP    2m
service/kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP   4m
  1. kubectl -n kube-system get pods -l k8s-app=cilium
$ kubectl -n kube-system get pods -l k8s-app=cilium
NAME           READY     STATUS    RESTARTS   AGE
cilium-zg8d8   1/1       Running   0          26m
  1. kubectl -n kube-system exec cilium-zg8d8 -- cilium endpoint list
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl -n kube-system exec cilium-zg8d8 -- cilium endpoint list                                                                                                       0 < 15:42:44
ENDPOINT   POLICY (ingress)   POLICY (egress)   IDENTITY   LABELS (source:key[=value])   IPv6   IPv4           STATUS
           ENFORCEMENT        ENFORCEMENT
1047       Disabled           Disabled          4          reserved:health                      10.15.199.69   ready
  1. kubectl exec xwing -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl exec xwing -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing                                                                            0 < 15:43:34
Ship landed
  1. kubectl exec tiefighter -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl exec tiefighter -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing                                                                     127 < 15:43:41
Ship landed
  1. kubectl create -f https://raw.githubusercontent.com/cilium/cilium/HEAD/examples/minikube/sw_l3_l4_policy.yaml
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl create -f https://raw.githubusercontent.com/cilium/cilium/HEAD/examples/minikube/sw_l3_l4_policy.yaml                                                        127 < 15:44:39

ciliumnetworkpolicy.cilium.io "rule1" created
  1. kubectl exec tiefighter -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl exec tiefighter -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing                                                                       0 < 15:45:05
Ship landed
  1. kubectl exec xwing -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl exec xwing -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing                                                                            0 < 15:45:10
Ship landed
  1. kubectl -n kube-system exec cilium-zg8d8 -- cilium endpoint list
╭─detailyang at detailyangdeMacBook-Pro in /Users/detailyang
╰─λ kubectl -n kube-system exec cilium-zg8d8 -- cilium endpoint list                                                                                                       0 < 15:45:10
ENDPOINT   POLICY (ingress)   POLICY (egress)   IDENTITY   LABELS (source:key[=value])   IPv6   IPv4           STATUS
           ENFORCEMENT        ENFORCEMENT
1047       Disabled           Disabled          4          reserved:health                      10.15.199.69   ready
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment