Kubernetes namespaces help different projects, teams, or customers to share a Kubernetes cluster. It does this by providing the following: A scope for Names. A mechanism to attach authorization and policy to a subsection of the cluster. Use of multiple namespaces is optional. This example demonstrates how to use Kubernetes namespaces to subdivide your cluster. Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster.

Production-Grade Container Orchestration

Synopsis Set the latest last-applied-configuration annotations by setting it to match the contents of a file. This results in the last-applied-configuration being updated as though 'kubectl apply -f<file> ' was run, without updating any other parts of the object. kubectl apply set-last-applied -f FILENAME Examples # Set the last-applied-configuration of a resource to match the contents of a file kubectl apply set-last-applied -f deploy.yaml # Execute set-last-applied against each configuration file in a directory kubectl apply set-last-applied -f path/ # Set the last-applied-configuration of a resource to match the contents of a file; will create the annotation if it does not already exist kubectl apply set-last-applied -f deploy.

Kubernetes nodes come pre-populated with a standard set of labels. You can also set your own labels on nodes, either through the kubelet configuration or using the Kubernetes API. Preset labels The preset labels that Kubernetes sets on nodes are: kubernetes.io/arch kubernetes.io/hostname kubernetes.io/os node.kubernetes.io/instance-type (if known to the kubelet – Kubernetes may not have this information to set the label) topology.kubernetes.io/region (if known to the kubelet – Kubernetes may not have this information to set the label) topology.

This command initializes a Kubernetes control plane node. Run this command in order to set up the Kubernetes control plane Synopsis Run this command in order to set up the Kubernetes control plane The "init" command executes the following phases: preflight Run pre-flight checks certs Certificate generation /ca Generate the self-signed Kubernetes CA to provision identities for other Kubernetes components /apiserver Generate the certificate for serving the Kubernetes API /apiserver-kubelet-client Generate the certificate for the API server to connect to kubelet /front-proxy-ca Generate the self-signed CA to provision identities for front proxy /front-proxy-client Generate the certificate for the front proxy client /etcd-ca Generate the self-signed CA to provision identities for etcd /etcd-server Generate the certificate for serving etcd /etcd-peer Generate the certificate for etcd nodes to communicate with each other /etcd-healthcheck-client Generate the certificate for liveness probes to healthcheck etcd /apiserver-etcd-client Generate the certificate the apiserver uses to access etcd /sa Generate a private key for signing service account tokens along with its public key kubeconfig Generate all kubeconfig files necessary to establish the control plane and the admin kubeconfig file /admin Generate a kubeconfig file for the admin to use and for kubeadm itself /super-admin Generate a kubeconfig file for the super-admin /kubelet Generate a kubeconfig file for the kubelet to use *only* for cluster bootstrapping purposes /controller-manager Generate a kubeconfig file for the controller manager to use /scheduler Generate a kubeconfig file for the scheduler to use etcd Generate static Pod manifest file for local etcd /local Generate the static Pod manifest file for a local, single-node local etcd instance control-plane Generate all static Pod manifest files necessary to establish the control plane /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest kubelet-start Write kubelet settings and (re)start the kubelet upload-config Upload the kubeadm and kubelet configuration to a ConfigMap /kubeadm Upload the kubeadm ClusterConfiguration to a ConfigMap /kubelet Upload the kubelet component config to a ConfigMap upload-certs Upload certificates to kubeadm-certs mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster kubelet-finalize Updates settings relevant to the kubelet after TLS bootstrap /enable-client-cert-rotation Enable kubelet client certificate rotation addon Install required addons for passing conformance tests /coredns Install the CoreDNS addon to a Kubernetes cluster /kube-proxy Install the kube-proxy addon to a Kubernetes cluster show-join-command Show the join command for control-plane and worker node kubeadm init [flags] Options --apiserver-advertise-address string The IP address the API Server will advertise it's listening on.

Production-Grade Container Orchestration

Every node in a Kubernetes cluster runs a kube-proxy (unless you have deployed your own alternative component in place of kube-proxy). The kube-proxy component is responsible for implementing a virtual IP mechanism for Services of type other than ExternalName. Each instance of kube-proxy watches the Kubernetes control plane for the addition and removal of Service and EndpointSlice objects. For each Service, kube-proxy calls appropriate APIs (depending on the kube-proxy mode) to configure the node to capture traffic to the Service's clusterIP and port, and redirect that traffic to one of the Service's endpoints (usually a Pod, but possibly an arbitrary user-provided IP address).

Synopsis kubectl controls the Kubernetes cluster manager. Find more information at: https://kubernetes.io/docs/reference/kubectl/ kubectl [flags] Options --as string Username to impersonate for the operation. User could be a regular user or a service account in a namespace. --as-group strings Group to impersonate for the operation, this flag can be repeated to specify multiple groups. --as-uid string UID to impersonate for the operation. --cache-dir string     Default: "$HOME/.kube/cache" Default cache directory --certificate-authority string Path to a cert file for the certificate authority

Synopsis Delete the specified context from the kubeconfig. kubectl config delete-context NAME Examples # Delete the context for the minikube cluster kubectl config delete-context minikube Options -h, --help help for delete-context Parent Options Inherited --as string Username to impersonate for the operation. User could be a regular user or a service account in a namespace. --as-group strings Group to impersonate for the operation, this flag can be repeated to specify multiple groups.

Production-Grade Container Orchestration