fix-redirects.sh: adding forced redirect

Add link to Slack
Prep course
2026-05-01 14:36:39 +00:00 · 2020-04-07 16:49:17 -05:00 · 2019-09-18 11:23:00 -05:00 · 2019-09-17 09:01:56 -05:00
38 changed files with 281 additions and 1054 deletions
--- a/k8s/dockercoins.yaml
+++ b/k8s/dockercoins.yaml
@@ -1,160 +0,0 @@
---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: hasher
-  name: hasher
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: hasher
-  template:
-    metadata:
-      labels:
-        app: hasher
-    spec:
-      containers:
-      - image: dockercoins/hasher:v0.1
-        name: hasher
---
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: hasher
-  name: hasher
-spec:
-  ports:
-  - port: 80
-    protocol: TCP
-    targetPort: 80
-  selector:
-    app: hasher
-  type: ClusterIP
---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: redis
-  name: redis
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: redis
-  template:
-    metadata:
-      labels:
-        app: redis
-    spec:
-      containers:
-      - image: redis
-        name: redis
---
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: redis
-  name: redis
-spec:
-  ports:
-  - port: 6379
-    protocol: TCP
-    targetPort: 6379
-  selector:
-    app: redis
-  type: ClusterIP
---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: rng
-  name: rng
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: rng
-  template:
-    metadata:
-      labels:
-        app: rng
-    spec:
-      containers:
-      - image: dockercoins/rng:v0.1
-        name: rng
---
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: rng
-  name: rng
-spec:
-  ports:
-  - port: 80
-    protocol: TCP
-    targetPort: 80
-  selector:
-    app: rng
-  type: ClusterIP
---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: webui
-  name: webui
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: webui
-  template:
-    metadata:
-      labels:
-        app: webui
-    spec:
-      containers:
-      - image: dockercoins/webui:v0.1
-        name: webui
---
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: webui
-  name: webui
-spec:
-  ports:
-  - port: 80
-    protocol: TCP
-    targetPort: 80
-  selector:
-    app: webui
-  type: NodePort
---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: worker
-  name: worker
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: worker
-  template:
-    metadata:
-      labels:
-        app: worker
-    spec:
-      containers:
-      - image: dockercoins/worker:v0.1
-        name: worker
--- a/k8s/efk.yaml
+++ b/k8s/efk.yaml
@@ -32,16 +32,13 @@ subjects:
  name: fluentd
  namespace: default
 ---
-apiVersion: apps/v1
+apiVersion: extensions/v1beta1
 kind: DaemonSet
 metadata:
  name: fluentd
  labels:
    app: fluentd
 spec:
-  selector:
-    matchLabels:
-      app: fluentd
  template:
    metadata:
      labels:
@@ -89,7 +86,7 @@ spec:
        hostPath:
          path: /var/lib/docker/containers
 ---
-apiVersion: apps/v1
+apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
  labels:
@@ -131,7 +128,7 @@ spec:
    app: elasticsearch
  type: ClusterIP
 ---
-apiVersion: apps/v1
+apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
  labels:
--- a/k8s/ingress.yaml
+++ b/k8s/ingress.yaml
@@ -1,13 +1,13 @@
 apiVersion: networking.k8s.io/v1beta1
 kind: Ingress
 metadata:
-  name: kibana
+  name: cheddar
 spec:
  rules:
-  - host: kibana.185.145.251.54.nip.io
+  - host: cheddar.A.B.C.D.nip.io
    http:
      paths:
      - path: /
        backend:
-          serviceName: kibana
-          servicePort: 5601
+          serviceName: cheddar
+          servicePort: 80
--- a/k8s/insecure-dashboard.yaml
+++ b/k8s/insecure-dashboard.yaml
@@ -162,7 +162,7 @@ spec:
  selector:
    k8s-app: kubernetes-dashboard
 ---
-apiVersion: apps/v1
+apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
  labels:
--- a/k8s/local-path-storage.yaml
+++ b/k8s/local-path-storage.yaml
@@ -45,7 +45,7 @@ subjects:
  name: local-path-provisioner-service-account
  namespace: local-path-storage
 ---
-apiVersion: apps/v1
+apiVersion: apps/v1beta2
 kind: Deployment
 metadata:
  name: local-path-provisioner
--- a/k8s/metrics-server.yaml
+++ b/k8s/metrics-server.yaml
@@ -58,7 +58,7 @@ metadata:
  name: metrics-server
  namespace: kube-system
 ---
-apiVersion: apps/v1
+apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
  name: metrics-server
--- a/k8s/traefik.yaml
+++ b/k8s/traefik.yaml
@@ -6,16 +6,13 @@ metadata:
  namespace: kube-system
 ---
 kind: DaemonSet
-apiVersion: apps/v1
+apiVersion: extensions/v1beta1
 metadata:
  name: traefik-ingress-controller
  namespace: kube-system
  labels:
    k8s-app: traefik-ingress-lb
 spec:
-  selector:
-    matchLabels:
-      k8s-app: traefik-ingress-lb
  template:
    metadata:
      labels:
@@ -29,7 +26,7 @@ spec:
      serviceAccountName: traefik-ingress-controller
      terminationGracePeriodSeconds: 60
      containers:
-      - image: traefik:1.7
+      - image: traefik
        name: traefik-ingress-lb
        ports:
        - name: http
--- a/prepare-local/README.md
+++ b/prepare-local/README.md
@@ -7,8 +7,8 @@ workshop.


 ## 1. Prerequisites
-Virtualbox, Vagrant and Ansible

+Virtualbox, Vagrant and Ansible

 - Virtualbox: https://www.virtualbox.org/wiki/Downloads

@@ -25,7 +25,7 @@ Virtualbox, Vagrant and Ansible

        $ git clone --recursive https://github.com/ansible/ansible.git
        $ cd ansible
-        $ git checkout stable-{{ getStableVersionFromAnsibleProject }}
+        $ git checkout stable-2.0.0.1
        $ git submodule update

  - source the setup script to make Ansible available on this terminal session:
@@ -38,7 +38,6 @@ Virtualbox, Vagrant and Ansible


 ## 2. Preparing the environment
-Change into directory that has your Vagrantfile

 Run the following commands:

@@ -67,14 +66,6 @@ will reflect inside the instance.

 - Depending on the Vagrant version, `sudo apt-get install bsdtar` may be needed

- If you get an error like "no Vagrant file found" or you have a file but  "cannot open base box" when running `vagrant up`, 
-chances are good you not in the correct directory. 
-Make sure you are in sub directory named "prepare-local". It has all the config files required by ansible, vagrant and virtualbox
-
- If you are using Python 3.7, running the ansible-playbook provisioning, see an error like "SyntaxError: invalid syntax" and it mentions
-the word "async", you need to upgrade your Ansible version to 2.6 or higher to resolve the keyword conflict. 
-https://github.com/ansible/ansible/issues/42105
-
 - If you get strange Ansible errors about dependencies, try to check your pip
  version with `pip --version`. The current version is 8.1.1. If your pip is
  older than this, upgrade it with `sudo pip install --upgrade pip`, restart
--- a/prepare-vms/README.md
+++ b/prepare-vms/README.md
@@ -10,21 +10,15 @@ These tools can help you to create VMs on:

 - [Docker](https://docs.docker.com/engine/installation/)
 - [Docker Compose](https://docs.docker.com/compose/install/)
- [Parallel SSH](https://code.google.com/archive/p/parallel-ssh/) (on a Mac: `brew install pssh`) 
+- [Parallel SSH](https://code.google.com/archive/p/parallel-ssh/) (on a Mac: `brew install pssh`) - the configuration scripts require this

 Depending on the infrastructure that you want to use, you also need to install
 the Azure CLI, the AWS CLI, or terraform (for OpenStack deployment).

 And if you want to generate printable cards:

- [pyyaml](https://pypi.python.org/pypi/PyYAML)
- [jinja2](https://pypi.python.org/pypi/Jinja2)
-
-You can install them with pip (perhaps with `pip install --user`, or even use `virtualenv` if that's your thing).
-
-These require Python 3. If you are on a Mac, see below for specific instructions on setting up
-Python 3 to be the default Python on a Mac. In particular, if you installed `mosh`, Homebrew
-may have changed your default Python to Python 2.
+- [pyyaml](https://pypi.python.org/pypi/PyYAML) (on a Mac: `brew install pyyaml`)
+- [jinja2](https://pypi.python.org/pypi/Jinja2) (on a Mac: `brew install jinja2`)

 ## General Workflow

@@ -262,32 +256,3 @@ If you don't have `wkhtmltopdf` installed, you will get a warning that it is a m

  - Don't write to bash history in system() in postprep
  - compose, etc version inconsistent (int vs str)
-
-## Making sure Python3 is the default (Mac only)
-
-Check the `/usr/local/bin/python` symlink. It should be pointing to
-`/usr/local/Cellar/python/3`-something. If it isn't, follow these
-instructions.
-
-1) Verify that Python 3 is installed.
-
-```
-ls -la /usr/local/Cellar/Python
-```
-
-You should see one or more versions of Python 3. If you don't,
-install it with `brew install python`.
-
-2) Verify that `python` points to Python3.
- 
-```
-ls -la /usr/local/bin/python
-```
-
-If this points to `/usr/local/Cellar/python@2`, then we'll need to change it.
-
-```
-rm /usr/local/bin/python
-ln -s /usr/local/Cellar/Python/xxxx /usr/local/bin/python
-# where xxxx is the most recent Python 3 version you saw above
-```
--- a/prepare-vms/lib/commands.sh
+++ b/prepare-vms/lib/commands.sh
@@ -127,11 +127,11 @@ _cmd_kubebins() {
    set -e
    cd /usr/local/bin
    if ! [ -x etcd ]; then
-        curl -L https://github.com/etcd-io/etcd/releases/download/v3.3.15/etcd-v3.3.15-linux-amd64.tar.gz \
+        curl -L https://github.com/etcd-io/etcd/releases/download/v3.3.10/etcd-v3.3.10-linux-amd64.tar.gz \
        | sudo tar --strip-components=1 --wildcards -zx '*/etcd' '*/etcdctl'
    fi
    if ! [ -x hyperkube ]; then
-        curl -L https://dl.k8s.io/v1.16.2/kubernetes-server-linux-amd64.tar.gz \
+        curl -L https://dl.k8s.io/v1.14.1/kubernetes-server-linux-amd64.tar.gz \
        | sudo tar --strip-components=3 -zx kubernetes/server/bin/hyperkube
    fi
    if ! [ -x kubelet ]; then
@@ -143,7 +143,7 @@ _cmd_kubebins() {
    sudo mkdir -p /opt/cni/bin
    cd /opt/cni/bin
    if ! [ -x bridge ]; then
-        curl -L https://github.com/containernetworking/plugins/releases/download/v0.7.6/cni-plugins-amd64-v0.7.6.tgz \
+        curl -L https://github.com/containernetworking/plugins/releases/download/v0.7.5/cni-plugins-amd64-v0.7.5.tgz \
        | sudo tar -zx
    fi
    "
--- a/prepare-vms/lib/postprep.py
+++ b/prepare-vms/lib/postprep.py
@@ -106,7 +106,6 @@ system("sudo sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /e
 system("sudo service ssh restart")
 system("sudo apt-get -q update")
 system("sudo apt-get -qy install git jq")
-system("sudo apt-get -qy install emacs-nox joe")

 #######################
 ### DOCKER INSTALLS ###
--- a/prepare-vms/templates/cards.html
+++ b/prepare-vms/templates/cards.html
@@ -5,9 +5,9 @@
 #}

 {%- set url = url
-    | default("https://intro-2019-11.container.training") -%}
+    | default("http://FIXME.container.training/") -%}
 {%- set pagesize = pagesize
-    | default(12) -%}
+    | default(9) -%}
 {%- set lang = lang
    | default("en") -%}
 {%- set event = event
@@ -15,7 +15,7 @@
 {%- set backside = backside
    | default(False) -%}
 {%- set image = image
-    | default("docker") -%}
+    | default("kube") -%}
 {%- set clusternumber = clusternumber
    | default(None) -%}

--- a/slides/index.yaml
+++ b/slides/index.yaml
@@ -5,7 +5,6 @@
  speaker: jpetazzo
  title: Deploying and scaling applications with Kubernetes
  attend: https://conferences.oreilly.com/velocity/vl-eu/public/schedule/detail/79109
-  slides: https://velocity-2019-11.container.training/

 - date: 2019-11-13
  country: fr
@@ -15,30 +14,6 @@
  title: Déployer ses applications avec Kubernetes (in French)
  lang: fr
  attend: http://2019.devops-dday.com/Workshop.html
-
- date: 2019-10-30
-  country: us
-  city: Portland, OR
-  event: LISA
-  speaker: jpetazzo
-  title: Deep Dive into Kubernetes Internals for Builders and Operators
-  attend: https://www.usenix.org/conference/lisa19/presentation/petazzoni-tutorial
-
- date: [2019-10-22, 2019-10-24]
-  country: us
-  city: Charlotte, NC
-  event: Ardan Labs
-  speaker: jpetazzo
-  title: Kubernetes Training
-  attend: https://www.eventbrite.com/e/containers-docker-and-kubernetes-training-for-devs-and-ops-charlotte-nc-november-2019-tickets-73296659281
-
- date: 2019-10-22
-  country: us
-  city: Charlotte, NC
-  event: Ardan Labs
-  speaker: jpetazzo
-  title: Docker & Containers Training
-  attend: https://www.eventbrite.com/e/containers-docker-and-kubernetes-training-for-devs-and-ops-charlotte-nc-november-2019-tickets-73296659281
  
 - date: 2019-10-22
  country: de
@@ -56,7 +31,6 @@
  title: Déployer ses applications avec Kubernetes (in French)
  lang: fr
  attend: https://enix.io/fr/services/formation/deployer-ses-applications-avec-kubernetes/
-  slides: https://kube-2019-09.container.training/

 - date: 2019-08-27
  country: tr
--- a/slides/intro-fullday.yml
+++ b/slides/intro-fullday.yml
@@ -1,17 +1,14 @@
 title: |
  Docker
-  &
-  Infinity
+  in Practice

-#chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
+chat: "[Slack](https://app.slack.com/client/T54B2S3T9/CNBJ1HSPP)"
 #chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-chat: ""
+#chat: "FIXME"

 gitrepo: github.com/jpetazzo/container.training

-slides: https://intro-2019-11.container.training
-
-#slidenumberprefix: "#SomeHashTag &mdash; "
+slides: http://intro-2019-09.container.training/

 exclude:
 - self-paced
@@ -22,8 +19,7 @@ chapters:
 - containers/intro.md
 - shared/about-slides.md
 - shared/toc.md
- 
-  - containers/Docker_Overview.md
+- - containers/Docker_Overview.md
  #- containers/Docker_History.md
  - containers/Training_Environment.md
  #- containers/Installing_Docker.md
@@ -34,54 +30,47 @@ chapters:
  - containers/Building_Images_Interactively.md
  - containers/Building_Images_With_Dockerfiles.md
  - containers/Cmd_And_Entrypoint.md
-
-  - containers/Copying_Files_During_Build.md
+- - containers/Copying_Files_During_Build.md
  - containers/Exercise_Dockerfile_Basic.md
  - containers/Multi_Stage_Builds.md
-  #- containers/Publishing_To_Docker_Hub.md
+  - containers/Publishing_To_Docker_Hub.md
  - containers/Exercise_Dockerfile_Advanced.md
  - containers/Dockerfile_Tips.md
-
-  - containers/Naming_And_Inspecting.md
+- - containers/Naming_And_Inspecting.md
  #- containers/Labels.md
  - containers/Getting_Inside.md
+  #- containers/Resource_Limits.md
  - containers/Container_Networking_Basics.md
-  #- containers/Network_Drivers.md
+  - containers/Network_Drivers.md
  - containers/Container_Network_Model.md
  #- containers/Connecting_Containers_With_Links.md
  #- containers/Ambassadors.md
-  - containers/Local_Development_Workflow.md
+- - containers/Local_Development_Workflow.md
  #- containers/Windows_Containers.md
-  #- containers/Working_With_Volumes.md
+  - containers/Working_With_Volumes.md
  - containers/Compose_For_Dev_Stacks.md
  - containers/Exercise_Composefile.md
- 
  #- containers/Docker_Machine.md
  #- containers/Advanced_Dockerfiles.md
+  #- containers/Application_Configuration.md
+  #- containers/Logging.md
+  #- containers/Namespaces_Cgroups.md
+  #- containers/Copy_On_Write.md
+  #- containers/Containers_From_Scratch.md
+  #- containers/Container_Engines.md
  #- containers/Ecosystem.md
  - containers/Orchestration_Overview.md
-  - |
-    # (Insert Infinity content here)
-    
  - shared/thankyou.md
  - containers/links.md
- 
-  - |
-    # (Extra material - intermediary)
-
-  - containers/Application_Configuration.md
+- - |
+    # (Everything after this is extra content)
  - containers/Labels.md
-  - containers/Logging.md
  - containers/Resource_Limits.md
-  - containers/Network_Drivers.md
  - containers/Windows_Containers.md
-  - containers/Working_With_Volumes.md
-
-  - |
-     # (Extra material - advanced)
-
-  - containers/Advanced_Dockerfiles.md
+  - containers/Application_Configuration.md
+  - containers/Logging.md
+- - |
+    # (Everything after this is advanced technical content)
  - containers/Namespaces_Cgroups.md
  - containers/Copy_On_Write.md
  - containers/Containers_From_Scratch.md
-  - containers/Container_Engines.md
--- a/slides/intro-selfpaced.yml
+++ b/slides/intro-selfpaced.yml
@@ -1,65 +0,0 @@
-title: |
-  Introduction
-  to Containers
-
-chat: "[Slack](https://dockercommunity.slack.com/messages/C7GKACWDV)"
-#chat: "[Gitter](https://gitter.im/jpetazzo/workshop-yyyymmdd-city)"
-
-gitrepo: github.com/jpetazzo/container.training
-
-slides: http://container.training/
-
-#slidenumberprefix: "#SomeHashTag &mdash; "
-
-exclude:
- in-person
-
-chapters:
- shared/title.md
-# - shared/logistics.md
- containers/intro.md
- shared/about-slides.md
- shared/toc.md
- - containers/Docker_Overview.md
-  - containers/Docker_History.md
-  - containers/Training_Environment.md
-  - containers/Installing_Docker.md
-  - containers/First_Containers.md
-  - containers/Background_Containers.md
-  - containers/Start_And_Attach.md
- - containers/Initial_Images.md
-  - containers/Building_Images_Interactively.md
-  - containers/Building_Images_With_Dockerfiles.md
-  - containers/Cmd_And_Entrypoint.md
-  - containers/Copying_Files_During_Build.md
-  - containers/Exercise_Dockerfile_Basic.md
- - containers/Multi_Stage_Builds.md
-  - containers/Publishing_To_Docker_Hub.md
-  - containers/Dockerfile_Tips.md
-  - containers/Exercise_Dockerfile_Advanced.md
- - containers/Naming_And_Inspecting.md
-  - containers/Labels.md
-  - containers/Getting_Inside.md
- - containers/Container_Networking_Basics.md
-  - containers/Network_Drivers.md
-  - containers/Container_Network_Model.md
-  #- containers/Connecting_Containers_With_Links.md
-  - containers/Ambassadors.md
- - containers/Local_Development_Workflow.md
-  - containers/Windows_Containers.md
-  - containers/Working_With_Volumes.md
-  - containers/Compose_For_Dev_Stacks.md
-  - containers/Exercise_Composefile.md
-  - containers/Docker_Machine.md
- - containers/Advanced_Dockerfiles.md
-  - containers/Application_Configuration.md
-  - containers/Logging.md
-  - containers/Resource_Limits.md
- - containers/Namespaces_Cgroups.md
-  - containers/Copy_On_Write.md
-  #- containers/Containers_From_Scratch.md
- - containers/Container_Engines.md
-  - containers/Ecosystem.md
-  - containers/Orchestration_Overview.md
-  - shared/thankyou.md
-  - containers/links.md
--- a/slides/k8s/authn-authz.md
+++ b/slides/k8s/authn-authz.md
@@ -667,12 +667,17 @@ class: extra-details

 - For auditing purposes, sometimes we want to know who can perform an action

- There are a few tools to help us with that
+- There is a proof-of-concept tool by Aqua Security which does exactly that:

-  - [kubectl-who-can](https://github.com/aquasecurity/kubectl-who-can) by Aqua Security
+  https://github.com/aquasecurity/kubectl-who-can

-  - [Review Access (aka Rakkess)](https://github.com/corneliusweig/rakkess)
+- This is one way to install it:
+  ```bash
+  docker run --rm -v /usr/local/bin:/go/bin golang \
+         go get -v github.com/aquasecurity/kubectl-who-can
+  ```

- Both are available as standalone programs, or as plugins for `kubectl`
-
-  (`kubectl` plugins can be installed and managed with `krew`)
+- This is one way to use it:
+  ```bash
+  kubectl-who-can create pods
+  ```
--- a/slides/k8s/buildshiprun-dockerhub.md
+++ b/slides/k8s/buildshiprun-dockerhub.md
@@ -15,3 +15,26 @@
  - `dockercoins/webui:v0.1`

  - `dockercoins/worker:v0.1`
+
+---
+
+## Setting `$REGISTRY` and `$TAG`
+
+- In the upcoming exercises and labs, we use a couple of environment variables:
+
+  - `$REGISTRY` as a prefix to all image names
+
+  - `$TAG` as the image version tag
+
+- For example, the worker image is `$REGISTRY/worker:$TAG`
+
+- If you copy-paste the commands in these exercises:
+
+  **make sure that you set `$REGISTRY` and `$TAG` first!**
+
+- For example:
+  ```
+  export REGISTRY=dockercoins TAG=v0.1
+  ```
+
+  (this will expand `$REGISTRY/worker:$TAG` to `dockercoins/worker:v0.1`)
--- a/slides/k8s/configuration.md
+++ b/slides/k8s/configuration.md
@@ -193,12 +193,7 @@

 - Best practice: set a memory limit, and pass it to the runtime

- Note: recent versions of the JVM can do this automatically
-
-  (see [JDK-8146115](https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8146115))
-  and
-  [this blog post](https://very-serio.us/2017/12/05/running-jvms-in-kubernetes/)
-  for detailed examples)
+  (see [this blog post](https://very-serio.us/2017/12/05/running-jvms-in-kubernetes/) for a detailed example)

 ---

--- a/slides/k8s/dashboard.md
+++ b/slides/k8s/dashboard.md
@@ -105,22 +105,6 @@ The dashboard will then ask you which authentication you want to use.

 ---

-## Other dashboards
-
- [Kube Web View](https://codeberg.org/hjacobs/kube-web-view)
-
-  - read-only dashboard
-
-  - optimized for "troubleshooting and incident response"
-
-  - see [vision and goals](https://kube-web-view.readthedocs.io/en/latest/vision.html#vision) for details
-
- [Kube Ops View](https://github.com/hjacobs/kube-ops-view)
-
-  - "provides a common operational picture for multiple Kubernetes clusters"
-
---
-
 # Security implications of `kubectl apply`

 - When we do `kubectl apply -f <URL>`, we create arbitrary resources
@@ -172,3 +156,4 @@ The dashboard will then ask you which authentication you want to use.
 - It introduces new failure modes

  (for instance, if you try to apply YAML from a link that's no longer valid)
+
--- a/slides/k8s/dmuc.md
+++ b/slides/k8s/dmuc.md
@@ -481,13 +481,13 @@ docker run alpine echo hello world

 .exercise[

- Create the file `~/.kube/config` with `kubectl`:
+- Create the file `kubeconfig.kubelet` with `kubectl`:
  ```bash
-    kubectl config \
+    kubectl --kubeconfig kubeconfig.kubelet config \
            set-cluster localhost --server http://localhost:8080
-    kubectl config \
+    kubectl --kubeconfig kubeconfig.kubelet config \
            set-context localhost --cluster localhost
-    kubectl config \
+    kubectl --kubeconfig kubeconfig.kubelet config \
            use-context localhost
  ```

@@ -495,7 +495,19 @@ docker run alpine echo hello world

 ---

-## Our `~/.kube/config` file
+## All Kubernetes clients can use `kubeconfig`
+
+- The `kubeconfig.kubelet` file has the same format as e.g. `~/.kubeconfig`
+
+- All Kubernetes clients can use a similar file
+
+- The `kubectl config` commands can be used to manipulate these files
+
+- This highlights that kubelet is a "normal" client of the API server
+
+---
+
+## Our `kubeconfig.kubelet` file

 The file that we generated looks like the one below.

@@ -521,9 +533,9 @@ clusters:

 .exercise[

- Start kubelet with that kubeconfig file:
+- Start kubelet with that `kubeconfig.kubelet` file:
  ```bash
-  kubelet --kubeconfig ~/.kube/config
+  kubelet --kubeconfig kubeconfig.kubelet
  ```

 ]
--- a/slides/k8s/dryrun.md
+++ b/slides/k8s/dryrun.md
@@ -1,209 +0,0 @@
-# Authoring YAML
-
- There are various ways to generate YAML with Kubernetes, e.g.:
-
-  - `kubectl run`
-
-  - `kubectl create deployment` (and a few other `kubectl create` variants)
-
-  - `kubectl expose`
-
- When and why do we need to write our own YAML?
-
- How do we write YAML from scratch?
-
---
-
-## The limits of generated YAML
-
- Many advanced (and even not-so-advanced) features require to write YAML:
-
-  - pods with multiple containers
-
-  - resource limits
-
-  - healthchecks
-
-  - DaemonSets, StatefulSets
-
-  - and more!
-
- How do we access these features?
-
---
-
-## We don't have to start from scratch
-
- Create a resource (e.g. Deployment)
-
- Dump its YAML with `kubectl get -o yaml ...`
-
- Edit the YAML
-
- Use `kubectl apply -f ...` with the YAML file to:
-
-  - update the resource (if it's the same kind)
-
-  - create a new resource (if it's a different kind)
-
- Or: Use The Docs, Luke
-
-  (the documentation almost always has YAML examples)
-
---
-
-## Generating YAML without creating resources
-
- We can use the `--dry-run` option
-
-.exercise[
-
- Generate the YAML for a Deployment without creating it:
-  ```bash
-  kubectl create deployment web --image nginx --dry-run
-  ```
-
-]
-
- We can clean up that YAML even more if we want
-
-  (for instance, we can remove the `creationTimestamp` and empty dicts)
-
---
-
-## Using `--dry-run` with `kubectl apply`
-
- The `--dry-run` option can also be used with `kubectl apply`
-
- However, it can be misleading (it doesn't do a "real" dry run)
-
- Let's see what happens in the following scenario:
-
-  - generate the YAML for a Deployment
-
-  - tweak the YAML to transform it into a DaemonSet
-
-  - apply that YAML to see what would actually be created
-
---
-
-## The limits of `kubectl apply --dry-run`
-
-.exercise[
-
- Generate the YAML for a deployment:
-  ```bash
-  kubectl create deployment web --image=nginx -o yaml > web.yaml
-  ```
-
- Change the `kind` in the YAML to make it a `DaemonSet`:
-  ```bash
-  sed -i s/Deployment/DaemonSet/ web.yaml
-  ```
-
- Ask `kubectl` what would be applied:
-  ```bash
-  kubectl apply -f web.yaml --dry-run --validate=false -o yaml
-  ```
-
-]
-
-The resulting YAML doesn't represent a valid DaemonSet.
-
---
-
-## Server-side dry run
-
- Since Kubernetes 1.13, we can use [server-side dry run and diffs](https://kubernetes.io/blog/2019/01/14/apiserver-dry-run-and-kubectl-diff/)
-
- Server-side dry run will do all the work, but *not* persist to etcd
-
-  (all validation and mutation hooks will be executed)
-
-.exercise[
-
- Try the same YAML file as earlier, with server-side dry run:
-  ```bash
-  kubectl apply -f web.yaml --server-dry-run --validate=false -o yaml
-  ```
-
-]
-
-The resulting YAML doesn't have the `replicas` field anymore.
-
-Instead, it has the fields expected in a DaemonSet.
-
---
-
-## Advantages of server-side dry run
-
- The YAML is verified much more extensively
-
- The only step that is skipped is "write to etcd"
-
- YAML that passes server-side dry run *should* apply successfully
-
-  (unless the cluster state changes by the time the YAML is actually applied)
-
- Validating or mutating hooks that have side effects can also be an issue
-
---
-
-## `kubectl diff`
-
- Kubernetes 1.13 also introduced `kubectl diff`
-
- `kubectl diff` does a server-side dry run, *and* shows differences
-
-.exercise[
-
- Try `kubectl diff` on the YAML that we tweaked earlier:
-  ```bash
-  kubectl diff -f web.yaml
-  ```
-
-]
-
-Note: we don't need to specify `--validate=false` here.
-
---
-
-## Advantage of YAML
-
- Using YAML (instead of `kubectl run`/`create`/etc.) allows to be *declarative*
-
- The YAML describes the desired state of our cluster and applications
-
- YAML can be stored, versioned, archived (e.g. in git repositories)
-
- To change resources, change the YAML files
-
-  (instead of using `kubectl edit`/`scale`/`label`/etc.)
-
- Changes can be reviewed before being applied
-
-  (with code reviews, pull requests ...)
-
- This workflow is sometimes called "GitOps"
-
-  (there are tools like Weave Flux or GitKube to facilitate it)
-
---
-
-## YAML in practice
-
- Get started with `kubectl run`/`create`/`expose`/etc.
-
- Dump the YAML with `kubectl get -o yaml`
-
- Tweak that YAML and `kubectl apply` it back
-
- Store that YAML for reference (for further deployments)
-
- Feel free to clean up the YAML:
-
-  - remove fields you don't know
-
-  - check that it still works!
-
- That YAML will be useful later when using e.g. Kustomize or Helm
--- a/slides/k8s/healthchecks-more.md
+++ b/slides/k8s/healthchecks-more.md
@@ -1,3 +1,41 @@
+## Questions to ask before adding healthchecks
+
+- Do we want liveness, readiness, both?
+
+  (sometimes, we can use the same check, but with different failure thresholds)
+
+- Do we have existing HTTP endpoints that we can use?
+
+- Do we need to add new endpoints, or perhaps use something else?
+
+- Are our healthchecks likely to use resources and/or slow down the app?
+
+- Do they depend on additional services?
+
+  (this can be particularly tricky, see next slide)
+
+---
+
+## Healthchecks and dependencies
+
+- A good healthcheck should always indicate the health of the service itself
+
+- It should not be affected by the state of the service's dependencies
+
+- Example: a web server requiring a database connection to operate
+
+  (make sure that the healthcheck can report "OK" even if the database is down;
+  <br/>
+  because it won't help us to restart the web server if the issue is with the DB!)
+
+- Example: a microservice calling other microservices
+
+- Example: a worker process
+
+  (these will generally require minor code changes to report health)
+
+---
+
 ## Adding healthchecks to an app

 - Let's add healthchecks to DockerCoins!
@@ -332,4 +370,24 @@ class: extra-details

  (and have gcr.io/pause take care of the reaping)

- Discussion of this in [Video - 10 Ways to Shoot Yourself in the Foot with Kubernetes, #9 Will Surprise You](https://www.youtube.com/watch?v=QKI-JRs2RIE)
+---
+
+## Healthchecks for worker
+
+- Readiness isn't useful
+
+  (because worker isn't a backend for a service)
+
+- Liveness may help us restart a broken worker, but how can we check it?
+
+- Embedding an HTTP server is an option
+
+  (but it has a high potential for unwanted side effects and false positives)
+
+- Using a "lease" file can be relatively easy:
+
+  - touch a file during each iteration of the main loop
+
+  - check the timestamp of that file from an exec probe
+
+- Writing logs (and checking them from the probe) also works
--- a/slides/k8s/healthchecks.md
+++ b/slides/k8s/healthchecks.md
@@ -42,11 +42,9 @@

  - internal corruption (causing all requests to error)

- Anything where our incident response would be "just restart/reboot it"
+- If the liveness probe fails *N* consecutive times, the container is killed

-.warning[**Do not** use liveness probes for problems that can't be fixed by a restart]
-
- Otherwise we just restart our pods for no reason, creating useless load
+- *N* is the `failureThreshold` (3 by default)

 ---

@@ -54,7 +52,7 @@

 - Indicates if the container is ready to serve traffic

- If a container becomes "unready" it might be ready again soon
+- If a container becomes "unready" (let's say busy!) it might be ready again soon

 - If the readiness probe fails:

@@ -68,79 +66,19 @@

 ## When to use a readiness probe

- To indicate failure due to an external cause
+- To indicate temporary failures

-  - database is down or unreachable
+  - the application can only service *N* parallel connections

-  - mandatory auth or other backend service unavailable
+  - the runtime is busy doing garbage collection or initial data load

- To indicate temporary failure or unavailability
+- The container is marked as "not ready" after `failureThreshold` failed attempts

-  - application can only service *N* parallel connections
+  (3 by default)

-  - runtime is busy doing garbage collection or initial data load
+- It is marked again as "ready" after `successThreshold` successful attempts

- For processes that take a long time to start
-
-  (more on that later)
-
---
-
-## Dependencies
-
- If a web server depends on a database to function, and the database is down:
-
-  - the web server's liveness probe should succeed
-
-  - the web server's readiness probe should fail
-
- Same thing for any hard dependency (without which the container can't work)
-
-.warning[**Do not** fail liveness probes for problems that are external to the container]
-
---
-
-## Timing and thresholds
-
- Probes are executed at intervals of `periodSeconds` (default: 10)
-
- The timeout for a probe is set with `timeoutSeconds` (default: 1)
-
-.warning[If a probe takes longer than that, it is considered as a FAIL]
-
- A probe is considered successful after `successThreshold` successes (default: 1)
-
- A probe is considered failing after `failureThreshold` failures (default: 3)
-
- A probe can have an `initialDelaySeconds` parameter (default: 0)
-
- Kubernetes will wait that amount of time before running the probe for the first time
-
-  (this is important to avoid killing services that take a long time to start)
-
---
-
-class: extra-details
-
-## Startup probe
-
- Kubernetes 1.16 introduces a third type of probe: `startupProbe`
-
-  (it is in `alpha` in Kubernetes 1.16)
-
- It can be used to indicate "container not ready *yet*"
-
-  - process is still starting
-
-  - loading external data, priming caches
-
- Before Kubernetes 1.16, we had to use the `initialDelaySeconds` parameter
-
-  (available for both liveness and readiness probes)
-
- `initialDelaySeconds` is a rigid delay (always wait X before running probes)
-
- `startupProbe` works better when a container start time can vary a lot
+  (1 by default)

 ---

@@ -174,12 +112,10 @@ class: extra-details

  (instead of serving errors or timeouts)

- Unavailable backends get removed from load balancer rotation
+- Overloaded backends get removed from load balancer rotation

  (thus improving response times across the board)

- If a probe is not defined, it's as if there was an "always successful" probe
-
 ---

 ## Example: HTTP probe
@@ -229,56 +165,14 @@ If the Redis process becomes unresponsive, it will be killed.

 ---

-## Questions to ask before adding healthchecks
+## Details about liveness and readiness probes

- Do we want liveness, readiness, both?
+- Probes are executed at intervals of `periodSeconds` (default: 10)

-  (sometimes, we can use the same check, but with different failure thresholds)
+- The timeout for a probe is set with `timeoutSeconds` (default: 1)

- Do we have existing HTTP endpoints that we can use?
+- A probe is considered successful after `successThreshold` successes (default: 1)

- Do we need to add new endpoints, or perhaps use something else?
+- A probe is considered failing after `failureThreshold` failures (default: 3)

- Are our healthchecks likely to use resources and/or slow down the app?
-
- Do they depend on additional services?
-
-  (this can be particularly tricky, see next slide)
-
---
-
-## Healthchecks and dependencies
-
- Liveness checks should not be influenced by the state of external services
-
- All checks should reply quickly (by default, less than 1 second)
-
- Otherwise, they are considered to fail
-
- This might require to check the health of dependencies asynchronously
-
-  (e.g. if a database or API might be healthy but still take more than
-  1 second to reply, we should check the status asynchronously and report
-  a cached status)
-
---
-
-## Healthchecks for workers
-
-(In that context, worker = process that doesn't accept connections)
-
- Readiness isn't useful
-
-  (because workers aren't backends for a service)
-
- Liveness may help us restart a broken worker, but how can we check it?
-
- Embedding an HTTP server is a (potentially expensive) option
-
- Using a "lease" file can be relatively easy:
-
-  - touch a file during each iteration of the main loop
-
-  - check the timestamp of that file from an exec probe
-
- Writing logs (and checking them from the probe) also works
+- If a probe is not defined, it's as if there was an "always successful" probe
--- a/slides/k8s/kubectlrun.md
+++ b/slides/k8s/kubectlrun.md
@@ -153,7 +153,10 @@ pod/pingpong-7c8bbcd9bc-6c9qz   1/1       Running   0          10m
  kubectl logs deploy/pingpong --tail 1 --follow
  ```

- Leave that command running, so that we can keep an eye on these logs
+<!--
+```wait seq=3```
+```keys ^C```
+-->

 ]

@@ -183,44 +186,6 @@ We could! But the *deployment* would notice it right away, and scale back to the

 ---

-## Log streaming
-
- Let's look again at the output of `kubectl logs`
-
-  (the one we started before scaling up)
-
- `kubectl logs` shows us one line per second
-
- We could expect 3 lines per second
-
-  (since we should now have 3 pods running `ping`)
-
- Let's try to figure out what's happening!
-
---
-
-## Streaming logs of multiple pods
-
- What happens if we restart `kubectl logs`?
-
-.exercise[
-
- Interrupt `kubectl logs` (with Ctrl-C)
-
- Restart it:
-  ```bash
-  kubectl logs deploy/pingpong --tail 1 --follow
-  ```
-
-]
-
-`kubectl logs` will warn us that multiple pods were found, and that it's showing us only one of them.
-
-Let's leave `kubectl logs` running while we keep exploring.
-
---
-
-
 ## Resilience

 - The *deployment* `pingpong` watches its *replica set*
@@ -231,12 +196,20 @@ Let's leave `kubectl logs` running while we keep exploring.

 .exercise[

- In a separate window, watch the list of pods:
+- In a separate window, list pods, and keep watching them:
  ```bash
-  watch kubectl get pods
+  kubectl get pods -w
  ```

- Destroy the pod currently shown by `kubectl logs`:
+<!--
+```wait Running```
+```keys ^C```
+```hide kubectl wait deploy pingpong --for condition=available```
+```keys kubectl delete pod ping```
+```copypaste pong-..........-.....```
+-->
+
+- Destroy a pod:
  ```
  kubectl delete pod pingpong-xxxxxxxxxx-yyyyy
  ```
@@ -244,23 +217,6 @@ Let's leave `kubectl logs` running while we keep exploring.

 ---

-## What happened?
-
- `kubectl delete pod` terminates the pod gracefully
-
-  (sending it the TERM signal and waiting for it to shutdown)
-
- As soon as the pod is in "Terminating" state, the Replica Set replaces it
-
- But we can still see the output of the "Terminating" pod in `kubectl logs`
-
- Until 30 seconds later, when the grace period expires
-
- The pod is then killed, and `kubectl logs` exits
-
---
-
-
 ## What if we wanted something different?

 - What if we wanted to start a "one-shot" container that *doesn't* get restarted?
@@ -278,72 +234,6 @@ Let's leave `kubectl logs` running while we keep exploring.

 ---

-## Scheduling periodic background work
-
- A Cron Job is a job that will be executed at specific intervals
-
-  (the name comes from the traditional cronjobs executed by the UNIX crond)
-
- It requires a *schedule*, represented as five space-separated fields:
-
-  - minute [0,59]
-  - hour [0,23]
-  - day of the month [1,31]
-  - month of the year [1,12]
-  - day of the week ([0,6] with 0=Sunday)
-
- `*` means "all valid values"; `/N` means "every N"
-
- Example: `*/3 * * * *` means "every three minutes"
-
---
-
-## Creating a Cron Job
-
- Let's create a simple job to be executed every three minutes
-
- Cron Jobs need to terminate, otherwise they'd run forever
-
-.exercise[
-
- Create the Cron Job:
-  ```bash
-  kubectl run --schedule="*/3 * * * *" --restart=OnFailure --image=alpine sleep 10
-  ```
-
- Check the resource that was created:
-  ```bash
-  kubectl get cronjobs
-  ```
-
-]
-
---
-
-## Cron Jobs in action
-
- At the specified schedule, the Cron Job will create a Job
-
- The Job will create a Pod
-
- The Job will make sure that the Pod completes
-
-  (re-creating another one if it fails, for instance if its node fails)
-
-.exercise[
-
- Check the Jobs that are created:
-  ```bash
-  kubectl get jobs
-  ```
-
-]
-
-(It will take a few minutes before the first job is scheduled.)
-
---
-
-
 ## What about that deprecation warning?

 - As we can see from the previous slide, `kubectl run` can do many things
--- a/slides/k8s/logs-cli.md
+++ b/slides/k8s/logs-cli.md
@@ -66,8 +66,6 @@ Exactly what we need!
  sudo chmod +x /usr/local/bin/stern
  ```

- On OS X, just `brew install stern`
-
 <!-- ##VERSION## -->

 ---
--- a/slides/k8s/multinode.md
+++ b/slides/k8s/multinode.md
@@ -218,18 +218,6 @@ class: extra-details

 ## What's going on?

- Without the `--network-plugin` flag, kubelet defaults to "no-op" networking
-
- It lets the container engine use a default network
-
-  (in that case, we end up with the default Docker bridge)
-
- Our pods are running on independent, disconnected, host-local networks
-
---
-
-## What do we need to do?
-
 - On a normal cluster, kubelet is configured to set up pod networking with CNI plugins

 - This requires:
@@ -240,6 +228,14 @@ class: extra-details

  - running kubelet with `--network-plugin=cni`

+- Without the `--network-plugin` flag, kubelet defaults to "no-op" networking
+
+- It lets the container engine use a default network
+
+  (in that case, we end up with the default Docker bridge)
+
+- Our pods are running on independent, disconnected, host-local networks
+
 ---

 ## Using network plugins
@@ -398,7 +394,7 @@ class: extra-details

 - Start kube-proxy:
  ```bash
-  sudo kube-proxy --kubeconfig ~/.kube/config
+  sudo kube-proxy --kubeconfig ~/kubeconfig
  ```

 - Expose our Deployment:
--- a/slides/k8s/ourapponkube.md
+++ b/slides/k8s/ourapponkube.md
@@ -11,36 +11,16 @@

 - Deploy everything else:
  ```bash
-  kubectl create deployment hasher --image=dockercoins/hasher:v0.1
-  kubectl create deployment rng --image=dockercoins/rng:v0.1
-  kubectl create deployment webui --image=dockercoins/webui:v0.1
-  kubectl create deployment worker --image=dockercoins/worker:v0.1
+    set -u
+    for SERVICE in hasher rng webui worker; do
+      kubectl create deployment $SERVICE --image=$REGISTRY/$SERVICE:$TAG
+    done
  ```

 ]

 ---

-class: extra-details
-
-## Deploying other images
-
- If we wanted to deploy images from another registry ...
-
- ... Or with a different tag ...
-
- ... We could use the following snippet:
-
-```bash
-  REGISTRY=dockercoins
-  TAG=v0.1
-  for SERVICE in hasher rng webui worker; do
-    kubectl create deployment $SERVICE --image=$REGISTRY/$SERVICE:$TAG
-  done
-```
-
---
-
 ## Is this working?

 - After waiting for the deployment to complete, let's look at the logs!
--- a/slides/k8s/prometheus.md
+++ b/slides/k8s/prometheus.md
@@ -60,11 +60,9 @@

  (by default: every minute; can be more/less frequent)

- The list of URLs to scrape (the *scrape targets*) is defined in configuration
+- If you're worried about parsing overhead: exporters can also use protobuf

-.footnote[Worried about the overhead of parsing a text format?
-<br/>
-Check this [comparison](https://github.com/RichiH/OpenMetrics/blob/master/markdown/protobuf_vs_text.md) of the text format with the (now deprecated) protobuf format!]
+- The list of URLs to scrape (the *scrape targets*) is defined in configuration

 ---

--- a/slides/k8s/resource-limits.md
+++ b/slides/k8s/resource-limits.md
@@ -515,24 +515,3 @@ services.nodeports               0     0
  (with `kubectl describe resourcequota ...`)

 - Rinse and repeat regularly
-
---
-
-## Additional resources
-
- [A Practical Guide to Setting Kubernetes Requests and Limits](http://blog.kubecost.com/blog/requests-and-limits/)
-
-  - explains what requests and limits are
-
-  - provides guidelines to set requests and limits
-
-  - gives PromQL expressions to compute good values
-    <br/>(our app needs to be running for a while)
-
- [Kube Resource Report](https://github.com/hjacobs/kube-resource-report/)
-
-  - generates web reports on resource usage
-
-  - [static demo](https://hjacobs.github.io/kube-resource-report/sample-report/output/index.html)
-    |
-    [live demo](https://kube-resource-report.demo.j-serv.de/applications.html)
--- a/slides/k8s/rollout.md
+++ b/slides/k8s/rollout.md
@@ -61,6 +61,32 @@

 ---

+## Building a new version of the `worker` service
+
+.warning[
+Only run these commands if you have built and pushed DockerCoins to a local registry.
+<br/>
+If you are using images from the Docker Hub (`dockercoins/worker:v0.1`), skip this.
+]
+
+.exercise[
+
+- Go to the `stacks` directory (`~/container.training/stacks`)
+
+- Edit `dockercoins/worker/worker.py`; update the first `sleep` line to sleep 1 second
+
+- Build a new tag and push it to the registry:
+  ```bash
+  #export REGISTRY=localhost:3xxxx
+  export TAG=v0.2
+  docker-compose -f dockercoins.yml build
+  docker-compose -f dockercoins.yml push
+  ```
+
+]
+
+---
+
 ## Rolling out the new `worker` service

 .exercise[
@@ -79,7 +105,7 @@

 - Update `worker` either with `kubectl edit`, or by running:
  ```bash
-  kubectl set image deploy worker worker=dockercoins/worker:v0.2
+  kubectl set image deploy worker worker=$REGISTRY/worker:$TAG
  ```

 ]
@@ -120,7 +146,8 @@ That rollout should be pretty quick. What shows in the web UI?

 - Update `worker` by specifying a non-existent image:
  ```bash
-  kubectl set image deploy worker worker=dockercoins/worker:v0.3
+  export TAG=v0.3
+  kubectl set image deploy worker worker=$REGISTRY/worker:$TAG
  ```

 - Check what's going on:
@@ -189,14 +216,27 @@ If you didn't deploy the Kubernetes dashboard earlier, just skip this slide.

 .exercise[

- Connect to the dashboard that we deployed earlier
-
- Check that we have failures in Deployments, Pods, and Replica Sets
-
- Can we see the reason for the failure?
+- Check which port the dashboard is on:
+  ```bash
+  kubectl -n kube-system get svc socat
+  ```

 ]

+Note the `3xxxx` port.
+
+.exercise[
+
+- Connect to http://oneofournodes:3xxxx/
+
+<!-- ```open https://node1:3xxxx/``` -->
+
+]
+
+--
+
+- We have failures in Deployments, Pods, and Replica Sets
+
 ---

 ## Recovering from a bad rollout
@@ -245,7 +285,7 @@ spec:
    spec:
      containers:
      - name: worker
-        image: dockercoins/worker:v0.1
+        image: $REGISTRY/worker:v0.1
  strategy:
    rollingUpdate:
      maxUnavailable: 0
@@ -276,7 +316,7 @@ class: extra-details
        spec:
          containers:
          - name: worker
-            image: dockercoins/worker:v0.1
+            image: $REGISTRY/worker:v0.1
      strategy:
        rollingUpdate:
          maxUnavailable: 0
--- a/slides/k8s/setup-k8s.md
+++ b/slides/k8s/setup-k8s.md
@@ -61,8 +61,7 @@

 - [minikube](https://kubernetes.io/docs/setup/minikube/),
  [kubespawn](https://github.com/kinvolk/kube-spawn),
-  [Docker Desktop](https://docs.docker.com/docker-for-mac/kubernetes/),
-  [kind](https://kind.sigs.k8s.io):
+  [Docker Desktop](https://docs.docker.com/docker-for-mac/kubernetes/):
  for local development

 - [kubicorn](https://github.com/kubicorn/kubicorn),
--- a/slides/k8s/yamldeploy.md
+++ b/slides/k8s/yamldeploy.md
@@ -1,93 +0,0 @@
-# Deploying with YAML
-
- So far, we created resources with the following commands:
-
-  - `kubectl run`
-
-  - `kubectl create deployment`
-
-  - `kubectl expose`
-
- We can also create resources directly with YAML manifests
-
---
-
-## `kubectl apply` vs `create`
-
- `kubectl create -f whatever.yaml`
-
-  - creates resources if they don't exist
-
-  - if resources already exist, don't alter them
-    <br/>(and display error message)
-
- `kubectl apply -f whatever.yaml`
-
-  - creates resources if they don't exist
-
-  - if resources already exist, update them
-    <br/>(to match the definition provided by the YAML file)
-
-  - stores the manifest as an *annotation* in the resource
-
---
-
-## Creating multiple resources
-
- The manifest can contain multiple resources separated by `---`
-
-```yaml
- kind: ...
- apiVersion: ...
- metadata: ...
-   name: ...
- ...
- ---
- kind: ...
- apiVersion: ...
- metadata: ...
-   name: ...
- ...
-```
-
---
-
-## Creating multiple resources
-
- The manifest can also contain a list of resources
-
-```yaml
- apiVersion: v1
- kind: List
- items:
- - kind: ...
-   apiVersion: ...
-   ...
- - kind: ...
-   apiVersion: ...
-   ...
-```
-
---
-
-## Deploying dockercoins with YAML
-
- We provide a YAML manifest with all the resources for Dockercoins
-
-  (Deployments and Services)
-
- We can use it if we need to deploy or redeploy Dockercoins
-
-.exercise[
-
- Deploy or redeploy Dockercoins:
-  ```bash
-  kubectl apply -f ~/container.training/k8s/dockercoins.yaml
-  ```
-
-]
-
-(If we deployed Dockercoins earlier, we will see warning messages,
-because the resources that we created lack the necessary annotation.
-We can safely ignore them.)
-
--- a/slides/logistics.md
+++ b/slides/logistics.md
@@ -1,13 +1,13 @@
 ## Intros

- Hello! I'm Jérôme ([@jpetazzo](https://twitter.com/jpetazzo))
+- Hello! I'm .emoji[🐳] Jérôme ([@jpetazzo](https://twitter.com/jpetazzo), Tiny Shell Script LLC)

- The workshop will run from 9:30 to 17:30
+- The workshop will run from 9:00 to 18:00

- There will be a lunch break at 12:30
-
-  (And coffee breaks at 11:00 and 15:00)
+- There will be a lunch break (and coffee breaks!)

 - Feel free to interrupt for questions at any time

 - *Especially when you see full screen container pictures!*
+
+- Live feedback, questions, help: @@CHAT@@
--- a/slides/markmaker.py
+++ b/slides/markmaker.py
@@ -80,7 +80,7 @@ def flatten(titles):


 def generatefromyaml(manifest, filename):
-    manifest = yaml.safe_load(manifest)
+    manifest = yaml.load(manifest)

    markdown, titles = processchapter(manifest["chapters"], filename)
    logging.debug("Found {} titles.".format(len(titles)))
@@ -111,7 +111,6 @@ def generatefromyaml(manifest, filename):
    html = html.replace("@@GITREPO@@", manifest["gitrepo"])
    html = html.replace("@@SLIDES@@", manifest["slides"])
    html = html.replace("@@TITLE@@", manifest["title"].replace("\n", " "))
-    html = html.replace("@@SLIDENUMBERPREFIX@@", manifest.get("slidenumberprefix", ""))
    return html


--- a/slides/shared/connecting.md
+++ b/slides/shared/connecting.md
@@ -4,12 +4,7 @@ class: in-person

 .exercise[

- Log into the first VM (`node1`) with your SSH client:
-  ```bash
-  ssh `user`@`A.B.C.D`
-  ```
-
-  (Replace `user` and `A.B.C.D` with the user and IP address provided to you)
+- Log into the first VM (`node1`) with your SSH client

 <!--
 ```bash
@@ -23,13 +18,16 @@ done
 ```
 -->

+- Check that you can SSH (without password) to `node2`:
+  ```bash
+  ssh node2
+  ```
+- Type `exit` or `^D` to come back to `node1`
+
+<!-- ```bash exit``` -->
+
 ]

-You should see a prompt looking like this:
-```
-[A.B.C.D] (...) user@node1 ~
-$
-```
 If anything goes wrong — ask for help!

 ---
@@ -54,20 +52,6 @@ If anything goes wrong — ask for help!

 ---

-## For a consistent Kubernetes experience ...
-
- If you are using your own Kubernetes cluster, you can use [shpod](https://github.com/jpetazzo/shpod)
-
- `shpod` provides a shell running in a pod on your own cluster
-
- It comes with many tools pre-installed (helm, stern...)
-
- These tools are used in many exercises in these slides
-
- `shpod` also gives you completion and a fancy prompt
-
---
-
 class: self-paced

 ## Get your own Docker nodes
--- a/slides/shared/prereqs.md
+++ b/slides/shared/prereqs.md
@@ -50,6 +50,8 @@ Misattributed to Benjamin Franklin

 - Go to @@SLIDES@@ to view these slides

+- Join the chat room: @@CHAT@@
+
 <!-- ```open @@SLIDES@@``` -->

 ]
--- a/slides/shared/title.md
+++ b/slides/shared/title.md
@@ -11,5 +11,11 @@ class: title, in-person
@@TITLE@@<br/></br>

 .footnote[
+**Be kind to the WiFi!**<br/>
+<!-- *Use the 5G network.* -->
+*Don't use your hotspot.*<br/>
+*Don't stream videos or download big files during the workshop[.](https://www.youtube.com/watch?v=h16zyxiwDLY)*<br/>
+*Thank you!*
+
 **Slides: @@SLIDES@@**
 ]
--- a/slides/workshop.html
+++ b/slides/workshop.html
@@ -28,7 +28,6 @@
      var slideshow = remark.create({
        ratio: '16:9',
        highlightSpans: true,
-        slideNumberFormat: '@@SLIDENUMBERPREFIX@@%current%/%total%',
        excludedClasses: [@@EXCLUDE@@]
      });
    </script>
Author	SHA1	Message	Date
Jerome Petazzoni	e27a6057f2	fix-redirects.sh: adding forced redirect	2020-04-07 16:49:17 -05:00
Jerome Petazzoni	98ca02c497	Add link to Slack	2019-09-18 11:23:00 -05:00
Jerome Petazzoni	7f7c25443d	Prep course	2019-09-17 09:01:56 -05:00