From bd3c91f342da3296f2802f98a09361bc789f3d52 Mon Sep 17 00:00:00 2001 From: Jerome Petazzoni Date: Mon, 23 Nov 2020 12:26:04 +0100 Subject: [PATCH 1/3] Update udemy promo codes --- slides/_redirects | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/slides/_redirects b/slides/_redirects index af711fed..d708d6aa 100644 --- a/slides/_redirects +++ b/slides/_redirects @@ -6,10 +6,10 @@ # And this allows to do "git clone https://container.training". /info/refs service=git-upload-pack https://github.com/jpetazzo/container.training/info/refs?service=git-upload-pack -#/dockermastery https://www.udemy.com/course/docker-mastery/?referralCode=1410924A733D33635CCB -#/kubernetesmastery https://www.udemy.com/course/kubernetesmastery/?referralCode=7E09090AF9B79E6C283F -/dockermastery https://www.udemy.com/course/docker-mastery/?couponCode=DOCKERALLDAY -/kubernetesmastery https://www.udemy.com/course/kubernetesmastery/?couponCode=DOCKERALLDAY +/dockermastery https://www.udemy.com/course/docker-mastery/?referralCode=1410924A733D33635CCB +/kubernetesmastery https://www.udemy.com/course/kubernetesmastery/?referralCode=7E09090AF9B79E6C283F +#/dockermastery https://www.udemy.com/course/docker-mastery/?couponCode=DOCKERALLDAY +#/kubernetesmastery https://www.udemy.com/course/kubernetesmastery/?couponCode=DOCKERALLDAY # Shortlink for the QRCode /q /qrcode.html 200 From 29edb1aefedf1a54a2fc36ea6a11d0fa34f69831 Mon Sep 17 00:00:00 2001 From: Jerome Petazzoni Date: Mon, 30 Nov 2020 00:29:05 +0100 Subject: [PATCH 2/3] Minor tweaks after 1st NR session --- prepare-vms/lib/commands.sh | 2 +- slides/k8s/kubebuilder.md | 19 ++++++++++++++++ slides/k8s/kyverno.md | 40 +++++++++++++++++++++++++++++++++- slides/k8s/operators-design.md | 10 +++++++-- 4 files changed, 67 insertions(+), 4 deletions(-) diff --git a/prepare-vms/lib/commands.sh b/prepare-vms/lib/commands.sh index f6a4913e..cd965e11 100644 --- a/prepare-vms/lib/commands.sh +++ b/prepare-vms/lib/commands.sh @@ -319,7 +319,7 @@ EOF" curl -fsSL https://github.com/kubernetes-sigs/krew/releases/latest/download/krew.tar.gz | tar -zxf- && sudo -u docker -H ./krew-linux_amd64 install krew && - echo export PATH=\"/home/docker/.krew/bin:\$PATH\" | sudo -u docker tee -a /home/docker/.bashrc + echo export PATH=/home/docker/.krew/bin:\\\$PATH | sudo -u docker tee -a /home/docker/.bashrc fi" # Install k9s and popeye diff --git a/slides/k8s/kubebuilder.md b/slides/k8s/kubebuilder.md index 1f25c430..531aa86d 100644 --- a/slides/k8s/kubebuilder.md +++ b/slides/k8s/kubebuilder.md @@ -92,10 +92,29 @@ Highly recommend!💯) --- +class: extra-details + +## Local vs remote + +- Building Go code can be a little bit slow on our modest lab VMs + +- It will typically be *much* faster on a local machine + +- All the demos and labs in this section will run fine either way! + +--- + + ## Preparation +- Install Go + + (on our VMs: `sudo snap install go --classic`) + - Install kubebuilder + ([get a release](https://github.com/kubernetes-sigs/kubebuilder/releases/), untar, move the `kubebuilder` binary to the `$PATH`) + - Initialize our workspace: ```bash mkdir useless diff --git a/slides/k8s/kyverno.md b/slides/k8s/kyverno.md index a24916b6..83403caa 100644 --- a/slides/k8s/kyverno.md +++ b/slides/k8s/kyverno.md @@ -146,6 +146,22 @@ --- +class: extra-details + +## Kyverno versions + +- We're going to use version 1.2 + +- Version 1.3.0-rc came out in November 2020 + +- It introduces a few changes + + (e.g. PolicyViolations are now PolicyReports) + +- Expect this to change in the near future! + +--- + ## Installing Kyverno - Kyverno can be installed with a (big) YAML manifest @@ -157,7 +173,7 @@ - Install Kyverno: ```bash kubectl apply -f https://raw.githubusercontent.com/kyverno/kyverno\ - /master/definitions/release/install.yaml + /v1.2.1/definitions/release/install.yaml ``` ] @@ -593,6 +609,28 @@ Note: the `apiVersion` field appears to be optional. - Policy validation is difficult +--- + +class: extra-details + +## Pods created by controllers + +- When e.g. a ReplicaSet or DaemonSet creates a pod, it "owns" it + + (the ReplicaSet or DaemonSet is listed in the Pod's `.metadata.ownerReferences`) + +- Kyverno treats these Pods differently + +- If my understanding of the code is correct (big *if*): + + - it skips validation for "owned" Pods + + - instead, it validates their controllers + + - this way, Kyverno can report errors on the controller instead of the pod + +- This can be a bit confusing when testing policies on such pods! + ??? :EN:- Policy Management with Kyverno diff --git a/slides/k8s/operators-design.md b/slides/k8s/operators-design.md index 3e481556..4cf5bd34 100644 --- a/slides/k8s/operators-design.md +++ b/slides/k8s/operators-design.md @@ -222,9 +222,9 @@ class: extra-details | [Simple example](https://medium.com/faun/writing-your-first-kubernetes-operator-8f3df4453234) -- Zalando Kubernetes Operator Pythonic Framework (KOPF) +- Kubernetes Operator Pythonic Framework (KOPF) - [GitHub](https://github.com/zalando-incubator/kopf) + [GitHub](https://github.com/nolar/kopf) | [Docs](https://kopf.readthedocs.io/) | @@ -240,6 +240,12 @@ class: extra-details | [Zookeeper example](https://github.com/kudobuilder/frameworks/tree/master/repo/stable/zookeeper) +- Kubebuilder (Go, very close to the Kubernetes API codebase) + + [GitHub](https://github.com/kubernetes-sigs/kubebuilder) + | + [Book](https://book.kubebuilder.io/) + --- ## Validation From ecbbcf8b5112d21376f9ee837736ff0b523ffc3f Mon Sep 17 00:00:00 2001 From: hvariant <1478163+hvariant@users.noreply.github.com> Date: Sat, 5 Dec 2020 12:26:43 +1100 Subject: [PATCH 3/3] fix typo --- slides/k8s/batch-jobs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slides/k8s/batch-jobs.md b/slides/k8s/batch-jobs.md index b5538cc6..abc6890f 100644 --- a/slides/k8s/batch-jobs.md +++ b/slides/k8s/batch-jobs.md @@ -10,7 +10,7 @@ - Jobs are great for "long" background work - ("long" being at least minutes our hours) + ("long" being at least minutes or hours) - CronJobs are great to schedule Jobs at regular intervals