Skip to content

Commit

Permalink
Merge branch 'badtuxx:main' into day-2
Browse files Browse the repository at this point in the history
  • Loading branch information
Rapha-Borges authored Jan 30, 2024
2 parents 0e1711b + 30aca8d commit c07b59f
Show file tree
Hide file tree
Showing 4 changed files with 79 additions and 32 deletions.
30 changes: 13 additions & 17 deletions es/day-1/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -211,8 +211,8 @@ Protocolo|Dirección|Rango de Puertos|Propósito|Utilizado Por
TCP|Entrada|6443*|Servidor de API de Kubernetes|Todos
TCP|Entrada|2379-2380|Cliente API de servidor etcd|kube-apiserver, etcd
TCP|Entrada|10250|API Kubelet|Propio, Control plane
TCP|Entrada|10251|kube-scheduler|Propio
TCP|Entrada|10252|kube-controller-manager|Propio
TCP|Entrada|10259|kube-scheduler|Propio
TCP|Entrada|10257|kube-controller-manager|Propio

- Cualquier puerto marcado con * es personalizable. Asegúrate de que el puerto modificado también esté abierto.

Expand Down Expand Up @@ -247,12 +247,8 @@ Es importante saber que la forma en que k8s gestiona los contenedores es ligeram
Vamos a instalar ``kubectl`` utilizando los siguientes comandos.

```bash
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl

chmod +x ./kubectl

sudo mv ./kubectl /usr/local/bin/kubectl

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
kubectl version --client
```

Expand Down Expand Up @@ -281,12 +277,12 @@ kubectl version --client
Si prefieres el método tradicional, la instalación se puede realizar con los siguientes comandos:

```bash
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/darwin/amd64/kubectl"

chmod +x ./kubectl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/darwin/amd64/kubectl"

sudo mv ./kubectl /usr/local/bin/kubectl

sudo chown root: /usr/local/bin/kubectl

kubectl version --client
```

Expand Down Expand Up @@ -349,7 +345,7 @@ Recuerda, no estás obligado(a) a probar/utilizar todas las opciones a continuac

Es importante enfatizar que Minikube debe ser instalado localmente, no en un *cloud provider*. Por lo tanto, las especificaciones de *hardware* a continuación se refieren a tu máquina local.

- Procesador: 1 núcleo;
- Procesador: 2 núcleo;
- Memoria: 2 GB;
- Disco duro: 20 GB.

Expand Down Expand Up @@ -433,7 +429,7 @@ Hyper-V Requirements: A hypervisor has been detected. Features required for
```

 
Realice el download y la instalación de un *hypervisor* (preferentemente el [Oracle VirtualBox](https://www.virtualbox.org)), si en el paso anterior no se detecta la presencia de uno. Finalmente, descarga el instalador de Minikube [aqui](https://github.com/kubernetes/minikube/releases/latest) y ejecútalo.
Realice el download y la instalación de un *hypervisor* (preferentemente el [Oracle VirtualBox](https://www.virtualbox.org)), si en el paso anterior no se detecta la presencia de uno. Finalmente, descarga el instalador de Minikube [aqui](https://github.com/kubernetes/minikube/releases/latest/download/minikube-windows-amd64.exe) y ejecútalo.

##### Iniciando, deteniendo y eliminando Minikube

Expand Down Expand Up @@ -608,7 +604,7 @@ El Kind (*Kubernetes in Docker*) es otra alternativa para ejecutar Kubernetes en
Para realizar la instalación en GNU/Linux, ejecuta los siguientes comandos.

```bash
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.14.0/kind-linux-amd64
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64

chmod +x ./kind

Expand All @@ -629,7 +625,7 @@ sudo brew install kind
ou

```bash
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.14.0/kind-darwin-amd64
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-darwin-amd64
chmod +x ./kind
mv ./kind /usr/bin/kind
```
Expand All @@ -641,7 +637,7 @@ mv ./kind /usr/bin/kind
Para realizar la instalación en Windows, ejecuta los siguientes comandos.

```bash
curl.exe -Lo kind-windows-amd64.exe https://kind.sigs.k8s.io/dl/v0.14.0/kind-windows-amd64
curl.exe -Lo kind-windows-amd64.exe https://kind.sigs.k8s.io/dl/v0.20.0/kind-windows-amd64

Move-Item .\kind-windows-amd64.exe c:\kind.exe
```
Expand Down Expand Up @@ -950,4 +946,4 @@ kubectl delete service nginx
```
Luego, vuelve a listar los recursos para verificar si todavía están presentes.
 
 
8 changes: 4 additions & 4 deletions local-cluster-vm/content.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,12 +24,12 @@ Dentro do kubernetes para para fazer o deploy de uma app temos que os seguintes
Antes de instalar o minikube, precisamos realizar a instalação do kubectl:
### LINUX
```bash
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/darwin/amd64/kubectl"
```
```bash
chmod +x kubectl && mv kubectl /usr/local/bin/
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
```
```ash
```bash
curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 \ && chmod +x minikube
```
```bash
Expand Down Expand Up @@ -151,4 +151,4 @@ kubeadm init
### Join node in cluster
```bash
sudo kubeadm join <hosts>:<port> --token 4ipu0m.5q0or83aao7j2aru --discovery-token-ca-cert-hash sha256:739d75755ed9dba30415af83e64774aad1e701cf9d0dd3393dd05908af6068c9
```
```
14 changes: 5 additions & 9 deletions pt/day-1/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -229,12 +229,8 @@ TCP|Inbound|30000-32767|NodePort|Services All
Vamos instalar o ``kubectl`` com os seguintes comandos.

```
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
kubectl version --client
```
&nbsp;
Expand All @@ -259,12 +255,12 @@ kubectl version --client
Já com o método tradicional, a instalação pode ser realizada com os seguintes comandos.

```
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/darwin/amd64/kubectl"
chmod +x ./kubectl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/darwin/amd64/kubectl"
sudo mv ./kubectl /usr/local/bin/kubectl
sudo chown root: /usr/local/bin/kubectl
kubectl version --client
```
&nbsp;
Expand Down
59 changes: 57 additions & 2 deletions pt/day-14/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -478,8 +478,8 @@ spec:
app: giropops-senhas
ports:
- protocol: TCP
port: 6379
targetPort: 6379
port: 5000
targetPort: 5000
type: ClusterIP
```
Expand Down Expand Up @@ -916,6 +916,61 @@ spec:

Pronto, agora o nosso Ingress Controller consegue acessar a nossa aplicação, e com isso, nossos clientes também conseguem acessar a nossa aplicação!


Mas ainda temos um problema, os nossos Pods não conseguem acessar o DNS do cluster, então vamos criar uma Network Policy para permitir o acesso ao DNS do cluster e com isso o Pod de nossa App conseguirá acessar o Redis tranquilamente

```yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-dns-access
namespace: giropops
spec:
podSelector:
matchLabels: {}
policyTypes:
- Egress
egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- protocol: UDP
port: 53
```

Pronto, um problema a menos! :D
Mas ainda temos outro!

Quando criamos a regra de Egress bloqueando tudo, bloqueamos também o tráfego de saída de todos os Pods do Namespace `giropops`, e com isso, o nosso Pod de App não consegue acessar o Redis.

```yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-ns
namespace: giropops
spec:
podSelector:
matchLabels: {}
policyTypes:
- Egress
egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: giropops
podSelector:
matchLabels:
app: redis
```

Pronto, agora acredito que todos os problemas foram resolvidos e podemos acessar a nossa App e o Redis normalmente! :D

Outra opção bem interessante de utilizar é o `ipBlock`, com ele você pode especificar um endereço IP ou um CIDR para permitir o acesso, veja:

```yaml
Expand Down

0 comments on commit c07b59f

Please sign in to comment.