Update to Kubernetes 1.21.0
parent
ca96371e4d
commit
8b92b87aa3
10
README.md
10
README.md
|
@ -19,11 +19,11 @@ The target audience for this tutorial is someone planning to support a productio
|
|||
|
||||
Kubernetes The Hard Way guides you through bootstrapping a highly available Kubernetes cluster with end-to-end encryption between components and RBAC authentication.
|
||||
|
||||
* [kubernetes](https://github.com/kubernetes/kubernetes) v1.18.6
|
||||
* [containerd](https://github.com/containerd/containerd) v1.3.6
|
||||
* [coredns](https://github.com/coredns/coredns) v1.7.0
|
||||
* [cni](https://github.com/containernetworking/cni) v0.8.6
|
||||
* [etcd](https://github.com/coreos/etcd) v3.4.10
|
||||
* [kubernetes](https://github.com/kubernetes/kubernetes) v1.21.0
|
||||
* [containerd](https://github.com/containerd/containerd) v1.4.4
|
||||
* [coredns](https://github.com/coredns/coredns) v1.8.3
|
||||
* [cni](https://github.com/containernetworking/cni) v0.9.1
|
||||
* [etcd](https://github.com/etcd-io/etcd) v3.4.15
|
||||
|
||||
## Labs
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ This tutorial leverages the [Google Cloud Platform](https://cloud.google.com/) t
|
|||
|
||||
Follow the Google Cloud SDK [documentation](https://cloud.google.com/sdk/) to install and configure the `gcloud` command line utility.
|
||||
|
||||
Verify the Google Cloud SDK version is 301.0.0 or higher:
|
||||
Verify the Google Cloud SDK version is 338.0.0 or higher:
|
||||
|
||||
```
|
||||
gcloud version
|
||||
|
|
|
@ -76,7 +76,7 @@ The `kubectl` command line utility is used to interact with the Kubernetes API S
|
|||
### OS X
|
||||
|
||||
```
|
||||
curl -o kubectl https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/darwin/amd64/kubectl
|
||||
curl -o kubectl https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/darwin/amd64/kubectl
|
||||
```
|
||||
|
||||
```
|
||||
|
@ -90,7 +90,7 @@ sudo mv kubectl /usr/local/bin/
|
|||
### Linux
|
||||
|
||||
```
|
||||
wget https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kubectl
|
||||
wget https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubectl
|
||||
```
|
||||
|
||||
```
|
||||
|
@ -103,7 +103,7 @@ sudo mv kubectl /usr/local/bin/
|
|||
|
||||
### Verification
|
||||
|
||||
Verify `kubectl` version 1.18.6 or higher is installed:
|
||||
Verify `kubectl` version 1.21.0 or higher is installed:
|
||||
|
||||
```
|
||||
kubectl version --client
|
||||
|
@ -112,7 +112,7 @@ kubectl version --client
|
|||
> output
|
||||
|
||||
```
|
||||
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.6", GitCommit:"dff82dc0de47299ab66c83c626e08b245ab19037", GitTreeState:"clean", BuildDate:"2020-07-15T16:58:53Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
|
||||
Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:31:21Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}
|
||||
```
|
||||
|
||||
Next: [Provisioning Compute Resources](03-compute-resources.md)
|
||||
|
|
|
@ -208,7 +208,7 @@ Waiting for SSH key to propagate.
|
|||
After the SSH keys have been updated you'll be logged into the `controller-0` instance:
|
||||
|
||||
```
|
||||
Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-1019-gcp x86_64)
|
||||
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-1042-gcp x86_64)
|
||||
...
|
||||
```
|
||||
|
||||
|
|
|
@ -22,15 +22,15 @@ Download the official etcd release binaries from the [etcd](https://github.com/e
|
|||
|
||||
```
|
||||
wget -q --show-progress --https-only --timestamping \
|
||||
"https://github.com/etcd-io/etcd/releases/download/v3.4.10/etcd-v3.4.10-linux-amd64.tar.gz"
|
||||
"https://github.com/etcd-io/etcd/releases/download/v3.4.15/etcd-v3.4.15-linux-amd64.tar.gz"
|
||||
```
|
||||
|
||||
Extract and install the `etcd` server and the `etcdctl` command line utility:
|
||||
|
||||
```
|
||||
{
|
||||
tar -xvf etcd-v3.4.10-linux-amd64.tar.gz
|
||||
sudo mv etcd-v3.4.10-linux-amd64/etcd* /usr/local/bin/
|
||||
tar -xvf etcd-v3.4.15-linux-amd64.tar.gz
|
||||
sudo mv etcd-v3.4.15-linux-amd64/etcd* /usr/local/bin/
|
||||
}
|
||||
```
|
||||
|
||||
|
|
|
@ -28,10 +28,10 @@ Download the official Kubernetes release binaries:
|
|||
|
||||
```
|
||||
wget -q --show-progress --https-only --timestamping \
|
||||
"https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kube-apiserver" \
|
||||
"https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kube-controller-manager" \
|
||||
"https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kube-scheduler" \
|
||||
"https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kubectl"
|
||||
"https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kube-apiserver" \
|
||||
"https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kube-controller-manager" \
|
||||
"https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kube-scheduler" \
|
||||
"https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubectl"
|
||||
```
|
||||
|
||||
Install the Kubernetes binaries:
|
||||
|
@ -62,6 +62,17 @@ INTERNAL_IP=$(curl -s -H "Metadata-Flavor: Google" \
|
|||
http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip)
|
||||
```
|
||||
|
||||
```
|
||||
REGION=$(curl -s -H "Metadata-Flavor: Google" \
|
||||
http://metadata.google.internal/computeMetadata/v1/project/attributes/google-compute-default-region)
|
||||
```
|
||||
|
||||
```
|
||||
KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \
|
||||
--region $REGION \
|
||||
--format 'value(address)')
|
||||
```
|
||||
|
||||
Create the `kube-apiserver.service` systemd unit file:
|
||||
|
||||
```
|
||||
|
@ -92,9 +103,10 @@ ExecStart=/usr/local/bin/kube-apiserver \\
|
|||
--kubelet-certificate-authority=/var/lib/kubernetes/ca.pem \\
|
||||
--kubelet-client-certificate=/var/lib/kubernetes/kubernetes.pem \\
|
||||
--kubelet-client-key=/var/lib/kubernetes/kubernetes-key.pem \\
|
||||
--kubelet-https=true \\
|
||||
--runtime-config='api/all=true' \\
|
||||
--service-account-key-file=/var/lib/kubernetes/service-account.pem \\
|
||||
--service-account-signing-key-file=/var/lib/kubernetes/service-account-key.pem \\
|
||||
--service-account-issuer=https://${KUBERNETES_PUBLIC_ADDRESS}:6443 \\
|
||||
--service-cluster-ip-range=10.32.0.0/24 \\
|
||||
--service-node-port-range=30000-32767 \\
|
||||
--tls-cert-file=/var/lib/kubernetes/kubernetes.pem \\
|
||||
|
@ -158,7 +170,7 @@ Create the `kube-scheduler.yaml` configuration file:
|
|||
|
||||
```
|
||||
cat <<EOF | sudo tee /etc/kubernetes/config/kube-scheduler.yaml
|
||||
apiVersion: kubescheduler.config.k8s.io/v1alpha1
|
||||
apiVersion: kubescheduler.config.k8s.io/v1beta1
|
||||
kind: KubeSchedulerConfiguration
|
||||
clientConnection:
|
||||
kubeconfig: "/var/lib/kubernetes/kube-scheduler.kubeconfig"
|
||||
|
@ -246,16 +258,11 @@ sudo systemctl enable nginx
|
|||
### Verification
|
||||
|
||||
```
|
||||
kubectl get componentstatuses --kubeconfig admin.kubeconfig
|
||||
kubectl cluster-info --kubeconfig admin.kubeconfig
|
||||
```
|
||||
|
||||
```
|
||||
NAME STATUS MESSAGE ERROR
|
||||
scheduler Healthy ok
|
||||
controller-manager Healthy ok
|
||||
etcd-0 Healthy {"health":"true"}
|
||||
etcd-1 Healthy {"health":"true"}
|
||||
etcd-2 Healthy {"health":"true"}
|
||||
Kubernetes control plane is running at https://127.0.0.1:6443
|
||||
```
|
||||
|
||||
Test the nginx HTTP health check proxy:
|
||||
|
@ -267,12 +274,14 @@ curl -H "Host: kubernetes.default.svc.cluster.local" -i http://127.0.0.1/healthz
|
|||
```
|
||||
HTTP/1.1 200 OK
|
||||
Server: nginx/1.18.0 (Ubuntu)
|
||||
Date: Sat, 18 Jul 2020 06:20:48 GMT
|
||||
Date: Sun, 02 May 2021 04:19:29 GMT
|
||||
Content-Type: text/plain; charset=utf-8
|
||||
Content-Length: 2
|
||||
Connection: keep-alive
|
||||
Cache-Control: no-cache, private
|
||||
X-Content-Type-Options: nosniff
|
||||
X-Kubernetes-Pf-Flowschema-Uid: c43f32eb-e038-457f-9474-571d43e5c325
|
||||
X-Kubernetes-Pf-Prioritylevel-Uid: 8ba5908f-5569-4330-80fd-c643e7512366
|
||||
|
||||
ok
|
||||
```
|
||||
|
@ -295,7 +304,7 @@ Create the `system:kube-apiserver-to-kubelet` [ClusterRole](https://kubernetes.i
|
|||
|
||||
```
|
||||
cat <<EOF | kubectl apply --kubeconfig admin.kubeconfig -f -
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
annotations:
|
||||
|
@ -323,7 +332,7 @@ Bind the `system:kube-apiserver-to-kubelet` ClusterRole to the `kubernetes` user
|
|||
|
||||
```
|
||||
cat <<EOF | kubectl apply --kubeconfig admin.kubeconfig -f -
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: system:kube-apiserver
|
||||
|
@ -403,12 +412,12 @@ curl --cacert ca.pem https://${KUBERNETES_PUBLIC_ADDRESS}:6443/version
|
|||
```
|
||||
{
|
||||
"major": "1",
|
||||
"minor": "18",
|
||||
"gitVersion": "v1.18.6",
|
||||
"gitCommit": "dff82dc0de47299ab66c83c626e08b245ab19037",
|
||||
"minor": "21",
|
||||
"gitVersion": "v1.21.0",
|
||||
"gitCommit": "cb303e613a121a29364f75cc67d3d580833a7479",
|
||||
"gitTreeState": "clean",
|
||||
"buildDate": "2020-07-15T16:51:04Z",
|
||||
"goVersion": "go1.13.9",
|
||||
"buildDate": "2021-04-08T16:25:06Z",
|
||||
"goVersion": "go1.16.1",
|
||||
"compiler": "gc",
|
||||
"platform": "linux/amd64"
|
||||
}
|
||||
|
|
|
@ -49,13 +49,13 @@ sudo swapoff -a
|
|||
|
||||
```
|
||||
wget -q --show-progress --https-only --timestamping \
|
||||
https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.18.0/crictl-v1.18.0-linux-amd64.tar.gz \
|
||||
https://github.com/opencontainers/runc/releases/download/v1.0.0-rc91/runc.amd64 \
|
||||
https://github.com/containernetworking/plugins/releases/download/v0.8.6/cni-plugins-linux-amd64-v0.8.6.tgz \
|
||||
https://github.com/containerd/containerd/releases/download/v1.3.6/containerd-1.3.6-linux-amd64.tar.gz \
|
||||
https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kubectl \
|
||||
https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kube-proxy \
|
||||
https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kubelet
|
||||
https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.21.0/crictl-v1.21.0-linux-amd64.tar.gz \
|
||||
https://github.com/opencontainers/runc/releases/download/v1.0.0-rc93/runc.amd64 \
|
||||
https://github.com/containernetworking/plugins/releases/download/v0.9.1/cni-plugins-linux-amd64-v0.9.1.tgz \
|
||||
https://github.com/containerd/containerd/releases/download/v1.4.4/containerd-1.4.4-linux-amd64.tar.gz \
|
||||
https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubectl \
|
||||
https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kube-proxy \
|
||||
https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubelet
|
||||
```
|
||||
|
||||
Create the installation directories:
|
||||
|
@ -75,9 +75,9 @@ Install the worker binaries:
|
|||
```
|
||||
{
|
||||
mkdir containerd
|
||||
tar -xvf crictl-v1.18.0-linux-amd64.tar.gz
|
||||
tar -xvf containerd-1.3.6-linux-amd64.tar.gz -C containerd
|
||||
sudo tar -xvf cni-plugins-linux-amd64-v0.8.6.tgz -C /opt/cni/bin/
|
||||
tar -xvf crictl-v1.21.0-linux-amd64.tar.gz
|
||||
tar -xvf containerd-1.4.4-linux-amd64.tar.gz -C containerd
|
||||
sudo tar -xvf cni-plugins-linux-amd64-v0.9.1.tgz -C /opt/cni/bin/
|
||||
sudo mv runc.amd64 runc
|
||||
chmod +x crictl kubectl kube-proxy kubelet runc
|
||||
sudo mv crictl kubectl kube-proxy kubelet runc /usr/local/bin/
|
||||
|
@ -99,7 +99,7 @@ Create the `bridge` network configuration file:
|
|||
```
|
||||
cat <<EOF | sudo tee /etc/cni/net.d/10-bridge.conf
|
||||
{
|
||||
"cniVersion": "0.3.1",
|
||||
"cniVersion": "0.4.0",
|
||||
"name": "bridge",
|
||||
"type": "bridge",
|
||||
"bridge": "cnio0",
|
||||
|
@ -121,7 +121,7 @@ Create the `loopback` network configuration file:
|
|||
```
|
||||
cat <<EOF | sudo tee /etc/cni/net.d/99-loopback.conf
|
||||
{
|
||||
"cniVersion": "0.3.1",
|
||||
"cniVersion": "0.4.0",
|
||||
"name": "lo",
|
||||
"type": "loopback"
|
||||
}
|
||||
|
@ -305,9 +305,9 @@ gcloud compute ssh controller-0 \
|
|||
|
||||
```
|
||||
NAME STATUS ROLES AGE VERSION
|
||||
worker-0 Ready <none> 24s v1.18.6
|
||||
worker-1 Ready <none> 24s v1.18.6
|
||||
worker-2 Ready <none> 24s v1.18.6
|
||||
worker-0 Ready <none> 22s v1.21.0
|
||||
worker-1 Ready <none> 22s v1.21.0
|
||||
worker-2 Ready <none> 22s v1.21.0
|
||||
```
|
||||
|
||||
Next: [Configuring kubectl for Remote Access](10-configuring-kubectl.md)
|
||||
|
|
|
@ -35,21 +35,17 @@ Generate a kubeconfig file suitable for authenticating as the `admin` user:
|
|||
|
||||
## Verification
|
||||
|
||||
Check the health of the remote Kubernetes cluster:
|
||||
Check the version of the remote Kubernetes cluster:
|
||||
|
||||
```
|
||||
kubectl get componentstatuses
|
||||
kubectl version
|
||||
```
|
||||
|
||||
> output
|
||||
|
||||
```
|
||||
NAME STATUS MESSAGE ERROR
|
||||
scheduler Healthy ok
|
||||
controller-manager Healthy ok
|
||||
etcd-0 Healthy {"health":"true"}
|
||||
etcd-1 Healthy {"health":"true"}
|
||||
etcd-2 Healthy {"health":"true"}
|
||||
Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:31:21Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}
|
||||
Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:25:06Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}
|
||||
```
|
||||
|
||||
List the nodes in the remote Kubernetes cluster:
|
||||
|
@ -62,9 +58,9 @@ kubectl get nodes
|
|||
|
||||
```
|
||||
NAME STATUS ROLES AGE VERSION
|
||||
worker-0 Ready <none> 2m30s v1.18.6
|
||||
worker-1 Ready <none> 2m30s v1.18.6
|
||||
worker-2 Ready <none> 2m30s v1.18.6
|
||||
worker-0 Ready <none> 2m35s v1.21.0
|
||||
worker-1 Ready <none> 2m35s v1.21.0
|
||||
worker-2 Ready <none> 2m35s v1.21.0
|
||||
```
|
||||
|
||||
Next: [Provisioning Pod Network Routes](11-pod-network-routes.md)
|
||||
|
|
|
@ -50,8 +50,8 @@ gcloud compute routes list --filter "network: kubernetes-the-hard-way"
|
|||
|
||||
```
|
||||
NAME NETWORK DEST_RANGE NEXT_HOP PRIORITY
|
||||
default-route-6be823b741087623 kubernetes-the-hard-way 0.0.0.0/0 default-internet-gateway 1000
|
||||
default-route-cebc434ce276fafa kubernetes-the-hard-way 10.240.0.0/24 kubernetes-the-hard-way 0
|
||||
default-route-1606ba68df692422 kubernetes-the-hard-way 10.240.0.0/24 kubernetes-the-hard-way 0
|
||||
default-route-615e3652a8b74e4d kubernetes-the-hard-way 0.0.0.0/0 default-internet-gateway 1000
|
||||
kubernetes-route-10-200-0-0-24 kubernetes-the-hard-way 10.200.0.0/24 10.240.0.20 1000
|
||||
kubernetes-route-10-200-1-0-24 kubernetes-the-hard-way 10.200.1.0/24 10.240.0.21 1000
|
||||
kubernetes-route-10-200-2-0-24 kubernetes-the-hard-way 10.200.2.0/24 10.240.0.22 1000
|
||||
|
|
|
@ -7,7 +7,7 @@ In this lab you will deploy the [DNS add-on](https://kubernetes.io/docs/concepts
|
|||
Deploy the `coredns` cluster add-on:
|
||||
|
||||
```
|
||||
kubectl apply -f https://storage.googleapis.com/kubernetes-the-hard-way/coredns-1.7.0.yaml
|
||||
kubectl apply -f https://storage.googleapis.com/kubernetes-the-hard-way/coredns-1.8.yaml
|
||||
```
|
||||
|
||||
> output
|
||||
|
@ -31,8 +31,8 @@ kubectl get pods -l k8s-app=kube-dns -n kube-system
|
|||
|
||||
```
|
||||
NAME READY STATUS RESTARTS AGE
|
||||
coredns-5677dc4cdb-d8rtv 1/1 Running 0 30s
|
||||
coredns-5677dc4cdb-m8n69 1/1 Running 0 30s
|
||||
coredns-8494f9c688-hh7r2 1/1 Running 0 10s
|
||||
coredns-8494f9c688-zqrj2 1/1 Running 0 10s
|
||||
```
|
||||
|
||||
## Verification
|
||||
|
|
|
@ -32,24 +32,25 @@ gcloud compute ssh controller-0 \
|
|||
00000010 73 2f 64 65 66 61 75 6c 74 2f 6b 75 62 65 72 6e |s/default/kubern|
|
||||
00000020 65 74 65 73 2d 74 68 65 2d 68 61 72 64 2d 77 61 |etes-the-hard-wa|
|
||||
00000030 79 0a 6b 38 73 3a 65 6e 63 3a 61 65 73 63 62 63 |y.k8s:enc:aescbc|
|
||||
00000040 3a 76 31 3a 6b 65 79 31 3a 8c 7b 16 f3 26 59 d5 |:v1:key1:.{..&Y.|
|
||||
00000050 c9 65 1c f0 3a 04 e7 66 2a f6 50 93 4e d4 d7 8c |.e..:..f*.P.N...|
|
||||
00000060 ca 24 ab 68 54 5f 31 f6 5c e5 5c c6 29 1d cc da |.$.hT_1.\.\.)...|
|
||||
00000070 22 fc c9 be 23 8a 26 b4 9b 38 1d 57 65 87 2a ac |"...#.&..8.We.*.|
|
||||
00000080 70 11 ea 06 93 b7 de ba 12 83 42 94 9d 27 8f ee |p.........B..'..|
|
||||
00000090 95 05 b0 77 31 ab 66 3d d9 e2 38 85 f9 a5 59 3a |...w1.f=..8...Y:|
|
||||
000000a0 90 c1 46 ae b4 9d 13 05 82 58 71 4e 5b cb ac e2 |..F......XqN[...|
|
||||
000000b0 3b 6e d7 10 ab 7c fc fe dd f0 e6 0a 7b 24 2e 68 |;n...|......{$.h|
|
||||
000000c0 5e 78 98 5f 33 40 f8 d2 10 30 1f de 17 3f 06 a1 |^x._3@...0...?..|
|
||||
000000d0 81 bd 1f 2e be e9 35 26 2c be 39 16 cf ac c2 6d |......5&,.9....m|
|
||||
000000e0 32 56 05 7d 80 39 5d c0 a4 43 46 75 96 0c 87 49 |2V.}.9]..CFu...I|
|
||||
000000f0 3c 17 1a 1c 8e 52 b1 e8 42 6b a5 e8 b2 b3 27 bc |<....R..Bk....'.|
|
||||
00000100 80 a6 53 2a 9f 57 d2 de a3 f8 7f 84 2c 01 c9 d9 |..S*.W......,...|
|
||||
00000110 4f e0 3f e7 a7 1e 46 b7 47 dc f0 53 d2 d2 e1 99 |O.?...F.G..S....|
|
||||
00000120 0b b7 b3 49 d0 3c a5 e8 26 ce 2c 51 42 2c 0f 48 |...I.<..&.,QB,.H|
|
||||
00000130 b1 9a 1a dd 24 d1 06 d8 34 bf 09 2e 20 cc 3d 3d |....$...4... .==|
|
||||
00000140 e2 5a e5 e4 44 b7 ae 57 49 0a |.Z..D..WI.|
|
||||
0000014a
|
||||
00000040 3a 76 31 3a 6b 65 79 31 3a 97 d1 2c cd 89 0d 08 |:v1:key1:..,....|
|
||||
00000050 29 3c 7d 19 41 cb ea d7 3d 50 45 88 82 a3 1f 11 |)<}.A...=PE.....|
|
||||
00000060 26 cb 43 2e c8 cf 73 7d 34 7e b1 7f 9f 71 d2 51 |&.C...s}4~...q.Q|
|
||||
00000070 45 05 16 e9 07 d4 62 af f8 2e 6d 4a cf c8 e8 75 |E.....b...mJ...u|
|
||||
00000080 6b 75 1e b7 64 db 7d 7f fd f3 96 62 e2 a7 ce 22 |ku..d.}....b..."|
|
||||
00000090 2b 2a 82 01 c3 f5 83 ae 12 8b d5 1d 2e e6 a9 90 |+*..............|
|
||||
000000a0 bd f0 23 6c 0c 55 e2 52 18 78 fe bf 6d 76 ea 98 |..#l.U.R.x..mv..|
|
||||
000000b0 fc 2c 17 36 e3 40 87 15 25 13 be d6 04 88 68 5b |.,.6.@..%.....h[|
|
||||
000000c0 a4 16 81 f6 8e 3b 10 46 cb 2c ba 21 35 0c 5b 49 |.....;.F.,.!5.[I|
|
||||
000000d0 e5 27 20 4c b3 8e 6b d0 91 c2 28 f1 cc fa 6a 1b |.' L..k...(...j.|
|
||||
000000e0 31 19 74 e7 a5 66 6a 99 1c 84 c7 e0 b0 fc 32 86 |1.t..fj.......2.|
|
||||
000000f0 f3 29 5a a4 1c d5 a4 e3 63 26 90 95 1e 27 d0 14 |.)Z.....c&...'..|
|
||||
00000100 94 f0 ac 1a cd 0d b9 4b ae 32 02 a0 f8 b7 3f 0b |.......K.2....?.|
|
||||
00000110 6f ad 1f 4d 15 8a d6 68 95 63 cf 7d 04 9a 52 71 |o..M...h.c.}..Rq|
|
||||
00000120 75 ff 87 6b c5 42 e1 72 27 b5 e9 1a fe e8 c0 3f |u..k.B.r'......?|
|
||||
00000130 d9 04 5e eb 5d 43 0d 90 ce fa 04 a8 4a b0 aa 01 |..^.]C......J...|
|
||||
00000140 cf 6d 5b 80 70 5b 99 3c d6 5c c0 dc d1 f5 52 4a |.m[.p[.<.\....RJ|
|
||||
00000150 2c 2d 28 5a 63 57 8e 4f df 0a |,-(ZcW.O..|
|
||||
0000015a
|
||||
```
|
||||
|
||||
The etcd key should be prefixed with `k8s:enc:aescbc:v1:key1`, which indicates the `aescbc` provider was used to encrypt the data with the `key1` encryption key.
|
||||
|
@ -110,13 +111,13 @@ curl --head http://127.0.0.1:8080
|
|||
|
||||
```
|
||||
HTTP/1.1 200 OK
|
||||
Server: nginx/1.19.1
|
||||
Date: Sat, 18 Jul 2020 07:14:00 GMT
|
||||
Server: nginx/1.19.10
|
||||
Date: Sun, 02 May 2021 05:29:25 GMT
|
||||
Content-Type: text/html
|
||||
Content-Length: 612
|
||||
Last-Modified: Tue, 07 Jul 2020 15:52:25 GMT
|
||||
Last-Modified: Tue, 13 Apr 2021 15:13:59 GMT
|
||||
Connection: keep-alive
|
||||
ETag: "5f049a39-264"
|
||||
ETag: "6075b537-264"
|
||||
Accept-Ranges: bytes
|
||||
```
|
||||
|
||||
|
@ -143,7 +144,7 @@ kubectl logs $POD_NAME
|
|||
|
||||
```
|
||||
...
|
||||
127.0.0.1 - - [18/Jul/2020:07:14:00 +0000] "HEAD / HTTP/1.1" 200 0 "-" "curl/7.64.0" "-"
|
||||
127.0.0.1 - - [02/May/2021:05:29:25 +0000] "HEAD / HTTP/1.1" 200 0 "-" "curl/7.64.0" "-"
|
||||
```
|
||||
|
||||
### Exec
|
||||
|
@ -159,7 +160,7 @@ kubectl exec -ti $POD_NAME -- nginx -v
|
|||
> output
|
||||
|
||||
```
|
||||
nginx version: nginx/1.19.1
|
||||
nginx version: nginx/1.19.10
|
||||
```
|
||||
|
||||
## Services
|
||||
|
@ -206,13 +207,13 @@ curl -I http://${EXTERNAL_IP}:${NODE_PORT}
|
|||
|
||||
```
|
||||
HTTP/1.1 200 OK
|
||||
Server: nginx/1.19.1
|
||||
Date: Sat, 18 Jul 2020 07:16:41 GMT
|
||||
Server: nginx/1.19.10
|
||||
Date: Sun, 02 May 2021 05:31:52 GMT
|
||||
Content-Type: text/html
|
||||
Content-Length: 612
|
||||
Last-Modified: Tue, 07 Jul 2020 15:52:25 GMT
|
||||
Last-Modified: Tue, 13 Apr 2021 15:13:59 GMT
|
||||
Connection: keep-alive
|
||||
ETag: "5f049a39-264"
|
||||
ETag: "6075b537-264"
|
||||
Accept-Ranges: bytes
|
||||
```
|
||||
|
||||
|
|
|
@ -54,3 +54,10 @@ Delete the `kubernetes-the-hard-way` network VPC:
|
|||
gcloud -q compute networks delete kubernetes-the-hard-way
|
||||
}
|
||||
```
|
||||
|
||||
Delete the `kubernetes-the-hard-way` compute address:
|
||||
|
||||
```
|
||||
gcloud -q compute addresses delete kubernetes-the-hard-way \
|
||||
--region $(gcloud config get-value compute/region)
|
||||
```
|
||||
|
|
Loading…
Reference in New Issue