From f61d61223dfddb7c162d5953136e1c4d0d193b05 Mon Sep 17 00:00:00 2001 From: Bridget Kromhout Date: Tue, 27 Feb 2018 16:31:36 -0600 Subject: [PATCH 1/2] Clarify kube-public; define kube-system --- slides/kube/kubectlget.md | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/slides/kube/kubectlget.md b/slides/kube/kubectlget.md index 11424db9..cdcb40b5 100644 --- a/slides/kube/kubectlget.md +++ b/slides/kube/kubectlget.md @@ -212,6 +212,8 @@ The error that we see is expected: the Kubernetes API requires authentication. *Ding ding ding ding ding!* +`kube-system`: "The namespace for objects created by the Kubernetes system" + --- ## What are all these pods? @@ -233,3 +235,34 @@ The error that we see is expected: the Kubernetes API requires authentication. - the pods with a name ending with `-node1` are the master components
(they have been specifically "pinned" to the master node) + +--- + +## What about `kube-public`? + +.exercise[ + +- List the pods in the `kube-system` namespace: + ```bash + kubectl -n kube-public get pods + ``` + +] + +-- + +* Maybe it doesn't have pods, but what secrets is `kube-public` keeping? + +-- + +.exercise[ + +- List the secrets in the `kube-public` namespace: + ```bash + kubectl -n kube-public get secrets + ``` + +] +-- + +- `kube-public` is created by kubeadm & [used for security bootstrapping](http://blog.kubernetes.io/2017/01/stronger-foundation-for-creating-and-managing-kubernetes-clusters.html) From 1fc951037daa3abaa0d7b59228978c4703ccbe86 Mon Sep 17 00:00:00 2001 From: Bridget Kromhout Date: Tue, 27 Feb 2018 17:39:52 -0600 Subject: [PATCH 2/2] Slight clarification per request --- slides/kube/kubectlget.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/slides/kube/kubectlget.md b/slides/kube/kubectlget.md index cdcb40b5..ff0f8e57 100644 --- a/slides/kube/kubectlget.md +++ b/slides/kube/kubectlget.md @@ -212,11 +212,11 @@ The error that we see is expected: the Kubernetes API requires authentication. *Ding ding ding ding ding!* -`kube-system`: "The namespace for objects created by the Kubernetes system" +The `kube-system` namespace is used for the control plane --- -## What are all these pods? +## What are all these control plane pods? - `etcd` is our etcd server