Kubernetes

→ K3s

→ Install

sudo apt -y install open-iscsi
curl -sfL https://get.k3s.io | sh -
sudo cp /etc/rancher/k3s/k3s.yaml .kube/config
sudo kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/v1.1.2/deploy/longhorn.yaml

→ Stop/Start

/usr/local/bin/k3s-killall.sh
systemctl start k3s

→ Run together with other remote

export KUBECONFIG=~/.kube/config-k3s

# use tools
kubectl ...
helm ...
k9s ...

→ Helm

→ Pass variables

helm install  airflow apache-airflow/airflow --namespace airflow  --values custom-values.yml

→ Kubectl

→ Volumes

# List the pvc
kubectl get pvc -n airflow
NAME                        STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
logs-airflow-worker-0       Bound    pvc-4e9fdfef-7a16-4299-b68a-89ee92a12589   100Gi      RWO            local-path     8m15s
data-airflow-postgresql-0   Bound    pvc-94c585fd-451f-4728-a790-f6b61a2f2b6e   8Gi        RWO            local-path     8m15s
redis-db-airflow-redis-0    Bound    pvc-95d2ca98-0fe3-424b-a939-6ffd23edacc7   1Gi        RWO            local-path     8m15s

# Delete one pvc
kubectl delete pvc logs-airflow-worker-0 -n airflow

# Delete ALL the pvc
kubectl delete pvc -n airflow  --all

→ service account

pod using a service account get access to services
secrets are mounted in the pod
it can also be environment variables
a given service account is bounded to a namespace

→ call kubernetes api within a pod

curl -v --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" https://kubernetes.default/api/v1/namespaces/dev-data-streams/pods?labelSelector=app%3Ddev-flink-cluster-session%2Ccomponent%3Dtaskmanager%2Ctype%3Dflink-native-kubernetes&resourceVersion=0&allowWatchBookmarks=true&watch=true

React ?

This page was last modified: 2024-09-07 14:01