--- aliases: language: English created: 2025-09-24 summary: My preparation notes for the kubernetes CAD certificate by linux foundation tags: - resource --- - Suggested IDE: vscode - YAML extension by Red Hat, configure in the extension settings the YAML schema and set this in the settings.json: `"yaml.schemas": {         "kubernetes": "*.yaml"     }` - restart the IDE afterwards - kubectl - has very good --help options even on subcommands! with example commands - `kubectl run nginx --image=nginx` will fetch the nginx image from docker hub and create a pod - `kubectl create deployment nginx --image=nginx` creates a deployment - `kubectl create -f pod-definition.yml` create from file (`kubectl apply -f file.yml` works too?) - `kubectl get pods` - `kubectl set image deployment/nginx busybox=buysbox nginx=nginx:1.9.1` (or pod/nginx ...) - maybe also try `kubectl edit ...` - or change the yaml file and do `kubectl apply -f redis.yaml` - `kubectl describe pod myapp-pod` - `kubectl run redis --image=redis123 --dry-run=client -o yaml > redis.yaml` create yaml specification file for a pod - `kubectl get replicaset` and `kubectl get replicacontroller` - `kubectl scale --replicas=6 -f replicaset-definition.yml` better than `kubectl scale --replicas=6 replicaset myapp-replicaset` because latter only modifies deployed definition and not source file - `kubectl apply -f replicaset-definition.yml` - `kubectl get all` (lists deployment, then replicaset, then pods) - scaling: we create additional pods. a pod can contain multiple containers but one pod shall only contain what is necessary for one instance of the application. we do NOT create additional containers in the same pod - deployment: recreate (all down, then all new up) vs rollingUpdate (default, scales down/up replicasets by one at a time). `kubectl rollout undo deployment/myapp-deployment` will roll back - minikube: bundles master node programs and node programs on one machine. requires virtualization (via hypervisor KVM, VirtualBox... or docker but latter is not recommended) - ctr: CLI for containerD, not very user friendly and mostly for debugging - It is advised to use nerdctl instead - nerdctl: provides docker-like CLI for containerd, supports docker compose, supports newest features in containerD (encrypted container images, lazy pulling...) - crictl: provides a CLI for CRI-compatible container runtimes, installed separately, used to inspect and debug container runtimes (not to create containers ideally), works across different runtimes - `crictl pods` shows pods - `crictl --runtime endpoint` enables you to specify a runtime endpoint (or use CONTAINER_RUNTIME_ENDPOINT env var) - other commands are similar to docker Kubernetes definition file: ```yml apiVersion: v1 kind: Pod metadata: //dictionary, can only have name and labels name: myapp-pod labels: // can have any sub-attributes app: myapp spec: //individual for all deployments containers: - name: nginx-container image: nginx ``` ## Glossary - CRI: Container Runtime Interface - Kubernetes originally only worked for Docker but then introduced the CRI to be more abstract and allow all sorts of container runtimes - OCI: Open Container Initiative - imagespec: specification on how an image should be build - runtimespec: standards on how a container runtime shall be deployed