This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
curl -L https://github.com/aquasecurity/kube-bench/releases/download/v0.9.0/kube-bench_0.9.0_linux_amd64.deb -o kube-bench_0.9.0_linux_amd64.deb | |
sudo apt install ./kube-bench_0.9.0_linux_amd64.deb -f | |
kube-bench | |
docker run --pid=host -v /etc:/etc:ro -v /var:/var:ro -v $(which kubectl):/usr/local/mount-from-host/bin/kubectl -v ~/.kube:/.kube -e KUBECONFIG=/.kube/config -t aquasec/kube-bench:latest run --targets=master | |
docker run --pid=host -v /etc:/etc:ro -v /var:/var:ro -v $(which kubectl):/usr/local/mount-from-host/bin/kubectl -v ~/.kube:/.kube -e KUBECONFIG=/.kube/config -t aquasec/kube-bench:latest run --targets=node |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Prerequistes | |
Linux | |
- https://www.youtube.com/live/EUu1E_YKGTw?si=oQAfgbMr5PLr5JPr | |
- https://www.youtube.com/watch?v=gd7BXuUQ91w&t=87s | |
=========================================================================================== | |
Networking | |
- https://www.youtube.com/watch?v=rv3QK2UquxM | |
- https://youtube.com/playlist?list=PLw6kwOJVj3MbMZ8B72ZgUryj8OSETC0ds&si=cfRUsVOUtCcDgPOp | |
- https://youtu.be/J4Myf0UNkLI?si=ZU8mDF5wlDphyEWH | |
Kubernetes Networking |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "step1- install kubectl,kubeadm and kubelet 1.32.0" | |
sudo mkdir -m 755 /etc/apt/keyrings | |
sudo apt-get install -y apt-transport-https ca-certificates curl gpg | |
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg | |
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
sudo apt update -y | |
sudo apt -y install vim git curl wget kubelet kubeadm kubectl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Instaling vcluster | |
curl -L -o vcluster "https://github.com/loft-sh/vcluster/releases/download/v0.20.1/vcluster-linux-amd64" && sudo install -c -m 0755 vcluster /usr/local/bin && rm -f vcluster | |
## Installing Falco | |
helm repo add falcosecurity https://falcosecurity.github.io/charts | |
helm repo update | |
helm upgrade --install falco falcosecurity/falco --namespace falco --create-namespace | |
## Create vCluster |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Running Locally | |
## Initialising for base image | |
bsf init | |
## Building OCI artifact using bsf and ko | |
``` | |
bsf oci pkgs --platform=linux/amd64 --tag=prod-v1 --push --dest-creds {Dockerhub username}:{dockerhub password} | |
KO_DOCKER_REPO=saiyam911/devops-project KO_DEFAULTBASEIMAGE=saiyam911/devops-proj:base ko build --bare -t v1 . (change your image names here) | |
``` | |
## Running using Docker | |
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
experimental: | |
multiNamespaceMode: | |
enabled: true | |
genericSync: | |
role: | |
extraRules: | |
- apiGroups: ["longhorn.io"] | |
resources: ["volumes", "engineimages", "engines", "replicas", "settings", "nodes", "instancemanagers", "sharemanagers"] | |
verbs: ["create", "delete", "patch", "update", "get", "list", "watch"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Create SPin app | |
spin new -t http-rust demo --accept-defaults | |
spin build | |
spin up | |
spin registry push ttl.sh/saiyam:10h | |
spin kube scaffold -f ttl.sh/saiyam:10h > spinapp.yaml | |
## install Spinkube | |
Create civo Kubernetes cluster(Talos) | |
kubectl apply -f https://github.com/spinkube/spin-operator/releases/download/v0.4.0/spin-operator.runtime-class.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "step1- install kubectl,kubeadm and kubelet 1.29.0" | |
sudo mkdir -m 755 /etc/apt/keyrings | |
sudo apt-get install -y apt-transport-https ca-certificates curl gpg | |
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg | |
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
sudo apt update -y | |
sudo apt -y install vim git curl wget kubelet kubeadm kubectl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
export GOPATH=$HOME/go | |
export GOROOT=/usr/local/go | |
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin | |
mkdir -p $GOPATH/src/k8s.io | |
cd $GOPATH/src/k8s.io | |
git clone https://github.com/kubernetes/kubernetes.git | |
cd kubernetes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "step1- install kubectl,kubeadm and kubelet 1.28.0" | |
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - | |
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
echo "kubeadm install" | |
sudo apt update -y | |
sudo apt -y install vim git curl wget kubelet=1.28.0-00 kubeadm=1.28.0-00 kubectl=1.28.0-00 | |
echo "memory swapoff" | |
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab |
NewerOlder