Skip to content

Instantly share code, notes, and snippets.

@varunpalekar

varunpalekar/create_deployment.md

Last active November 17, 2017 18:47
Show Gist options
  • Save varunpalekar/739c404ec329e5ec602522cbcc0c0fa4 to your computer and use it in GitHub Desktop.
Save varunpalekar/739c404ec329e5ec602522cbcc0c0fa4 to your computer and use it in GitHub Desktop.
Download ZIP
kubernetes
Raw
create_deployment.md

deployment-example.yml

---

apiVersion: extensions/v1beta1
kind: Deployment 
metadata:
   name: varun-test-deployment 
   namespace: test-varun
spec: 
  replicas: 2
  template: 
    metadata: 
      labels: 
        env: test
    spec: 
      containers: 
      - name: front-end
        image: nginx 
        ports: 
          - containerPort: 80
        # command: command to run 
        # args: other agruments
        # workingDir: working dir in containers when command run 
        # env: some env variables 
        # resources: any other resource of docker 
        # volumeMounts: and volume to mount 
        # livenessProbe: 
        # readinessProbe: 
        # livecycle: 
        # terminationMessagePath: 
        # imagePullPolicy: 
        # securityContext: 
        # stdin: 
        # stdinOnce: 
        # tty: 
      - name: rss-reader 
        image: nickchase/rss-php-nginx:v1
        ports: 
          - containerPort: 88

Run

kubectl.exe describe -f deployment-example.yml || kubectl.exe create -f deployment-example.yml

Raw
create_namespace.md

namespace-example.yml

---

kind: Namespace
apiVersion: v1
metadata: 
  name: test-varun
  labels: 
    env: test

Run

Now run below command to create namespace only if not exists

kubectl describe namespace "test-varun" || kubectl create -f namespace-example.yml

Raw
create_pod.md

pod-example.yml

---
apiVersion: v1
kind: Pod
metadata: 
  name: varun-test-pod 
  namespace: test-varun
  labels: 
    app: web
    env: test 
spec: 
  containers: 
    - name: front-end
      image: nginx 
      ports: 
        - containerPort: 80
      # command: command to run 
      # args: other agruments
      # workingDir: working dir in containers when command run 
      # env: some env variables 
      # resources: any other resource of docker 
      # volumeMounts: and volume to mount 
      # livenessProbe: 
      # readinessProbe: 
      # livecycle: 
      # terminationMessagePath: 
      # imagePullPolicy: 
      # securityContext: 
      # stdin: 
      # stdinOnce: 
      # tty: 
    - name: rss-reader 
      image: nickchase/rss-php-nginx:v1
      ports: 
        - containerPort: 88

Run

Now run below command to create pod only if not exists

kubectl.exe describe pods "varun-test-pod" --namespace "test-varun" || kubectl create -f pod-example.yml

Raw
helm.md

Helm one line deployment if exists

helm ls --all | grep "demo-varuns" && helm install demo --namespace "test-varun" --name "demo-varun"

Raw
user_management.md

Create service account user

kubectl create sa username

Delete service account user

kubectl detele sa username

Create role

kubectl create role admin-resource-role

---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: gitlab
  name: gitlab-admin
rules:
  - apiGroups: [""] # The API group "" indicates the core API Group.
    resources: ["*"]
    verbs: ["*"]

Delete role

kubectl delete role admin-resource-role -n namespace_name

Bind role to user

---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: gitlab-admin
  namespace: gitlab
subjects:
  - kind: ServiceAccount # May be "User", "Group" or "ServiceAccount"
    name: default
    namespace: gitlab
roleRef:
  kind: Role
  name: gitlab-admin
  apiGroup: rbac.authorization.k8s.io

Delete role-user binding

kubectl delete rolebinding admin-resource-binding -n namespace_name

List all service account in namespace

kubectl get sa -n namespace_name

List all role binding in namespace

kubectl get rolebinding -n namespace_name

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment