• Complain
LitArk » Books » Detective and thriller

it-ebooks - Kubernetes Handbook

Here you can read online it-ebooks - Kubernetes Handbook full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2017, publisher: iBooker it-ebooks, genre: Detective and thriller. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

it-ebooks Kubernetes Handbook

Kubernetes Handbook: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Kubernetes Handbook" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

it-ebooks: author's other books


Who wrote Kubernetes Handbook? Find out the surname, the name of the author of the book and a list of all author's works by series.


it-ebooks - computer_networks_a_systems_approach_5th_ed
computer_networks_a_systems_approach_5th_ed
it-ebooks
computer_networks_a_systems_approach_5th_ed
it-ebooks - A Guide to Porting C C++ to Rust
A Guide to Porting C C++ to Rust
it-ebooks
A Guide to Porting C C++ to Rust
it-ebooks - Scikit and Tensorflow Workbooks (bjpcjp)
Scikit and Tensorflow Workbooks (bjpcjp)
it-ebooks
Scikit and Tensorflow Workbooks (bjpcjp)
it-ebooks - Modern Java - A Guide to Java 8
Modern Java - A Guide to Java 8
it-ebooks
Modern Java - A Guide to Java 8
it-ebooks - Deep Learning with Keras and Tensorflow
Deep Learning with Keras and Tensorflow
it-ebooks
Deep Learning with Keras and Tensorflow
it-ebooks - Build a Node.js Project from Scratch
Build a Node.js Project from Scratch
it-ebooks
Build a Node.js Project from Scratch

Kubernetes Handbook — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Kubernetes Handbook" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
1234567...17
1.0 Kubernetes
kubernetes

kuberneteskubeadm TLS

kubernetes

docker

  • etc service
  • manifest kubernetesyaml
  • systemd systemd serivce
  • Kubernetes 1.6.0
  • Docker 1.12.5yum
  • Etcd 3.1.5
  • Flanneld 0.7 vxlan
  • TLS ( etcdkubernetes master node)
  • RBAC
  • kublet TLS BootStrapping
  • kubednsdashboardheapster(influxdbgrafana)EFK(elasticsearchfluentdkibana)
  • dockerharbordocker-compose
  1. TLS RBAC
  2. issue

Jimmy Song

Kubernetes

for GitBook update2017-05-12 16:45:40
1.1 TLS
kubernetes TLS

kubernetesTLSCloudFlare PKI cfssl Certificate Authority (CA)

CA

  • ca-key.pem
  • ca.pem
  • kubernetes-key.pem
  • kubernetes.pem
  • kube-proxy.pem
  • kube-proxy-key.pem
  • admin.pem
  • admin-key.pem
  • etcd ca.pemkubernetes-key.pemkubernetes.pem
  • kube-apiserver ca.pemkubernetes-key.pemkubernetes.pem
  • kubelet ca.pem
  • kube-proxy ca.pemkube-proxy-key.pemkube-proxy.pem
  • kubectl ca.pemadmin-key.pemadmin.pem

kube-controllerkube-schedulerkube-apiserver

CFSSL
$ wget https://pkg.cfssl.org/R1.2/cfssl_linux-amd64$ chmod +x cfssl_linux-amd64$ sudo mv cfssl_linux-amd64 /root/ local /bin/cfssl$ wget https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64$ chmod +x cfssljson_linux-amd64$ sudo mv cfssljson_linux-amd64 /root/ local /bin/cfssljson$ wget https://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64$ chmod +x cfssl-certinfo_linux-amd64$ sudo mv cfssl-certinfo_linux-amd64 /root/ local /bin/cfssl-certinfo$ export PATH=/root/ local /bin: $PATH

go

Go1.7.5

$go get -u github.com/cloudflare/cfssl/cmd/...$echo $GOPATH/usr/local$ls /usr/local/bin/cfssl*cfssl cfssl-bundle cfssl-certinfo cfssljson cfssl-newkey cfssl-scan

$GOPATH/bincfssl

cat

CA (Certificate Authority)

CA

$ mkdir /root/ssl$ cd /root/ssl$ cfssl print -defaults config > config.json$ cfssl print -defaults csr > csr.json$ cat ca-config.json{ "signing" : { "default" : { "expiry" : "87600h" }, "profiles" : { "kubernetes" : { "usages" : [ "signing" , "key encipherment" , "server auth" , "client auth" ], "expiry" : "87600h" } } }}
  • ca-config.json profiles profile
  • signing ca.pem CA=TRUE
  • server authclient CA server
  • client authserverCAclient

CA

$ cat ca-csr.json{ "CN" : "kubernetes" , "key" : { "algo" : "rsa" , "size" : 2048 }, "names" : [ { "C" : "CN" , "ST" : "BeiJing" , "L" : "BeiJing" , "O" : "k8s" , "OU" : "System" } ]}
  • "CN"Common Namekube-apiserver (User Name)
  • "O"Organizationkube-apiserver (Group)

CA

$ cfssl gencert -initca ca-csr.json | cfssljson -bare ca$ ls ca*ca-config.json ca.csr ca-csr.json ca-key.pem ca.pem
kubernetes

kubernetes

$ cat kubernetes-csr.json{ "CN" : "kubernetes" , "hosts" : [ "127.0.0.1" , "172.20.0.112" , "172.20.0.113" , "172.20.0.114" , "172.20.0.115" , "10.254.0.1" , "kubernetes" , "kubernetes.default" , "kubernetes.default.svc" , "kubernetes.default.svc.cluster" , "kubernetes.default.svc.cluster.local" ], "key" : { "algo" : "rsa" , "size" : 2048 }, "names" : [ { "C" : "CN" , "ST" : "BeiJing" , "L" : "BeiJing" , "O" : "k8s" , "OU" : "System" } ]}
  • hosts IPetcdkubernetes masteretcdkubernetes master IP kubernetes IPkue-apiserverservice-cluster-ip-range IP 10.254.0.1

kubernetes

$ cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes kubernetes-csr.json | cfssljson -bare kubernetes$ ls kubernetes*kubernetes.csr kubernetes-csr.json kubernetes-key.pem kubernetes.pem$ echo '{"CN":"kubernetes","hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes -hostname= "127.0.0.1,172.20.0.112,172.20.0.113,172.20.0.114,172.20.0.115,kubernetes,kubernetes.default" - | cfssljson -bare kubernetes
admin

admin

$ cat admin-csr.json{ "CN" : "admin" , "hosts" : [], "key" : { "algo" : "rsa" , "size" : 2048 }, "names" : [ { "C" : "CN" , "ST" : "BeiJing" , "L" : "BeiJing" , "O" : "system:masters" , "OU" : "System" } ]}
  • kube-apiserverRBAC ( kubeletkube-proxyPod)
  • kube-apiserverRBACRoleBindingscluster-admin Group system:masters Role cluster-admin Role kube-apiserverAPI
  • OU Group system:masterskubeletkube-apiserver CA system:masters API

admin

$ cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes admin-csr.json | cfssljson -bare admin$ ls admin*admin.csr admin-csr.json admin-key.pem admin.pem
kube-proxy

kube-proxy

$ cat kube-proxy-csr.json{ "CN" : "system:kube-proxy" , "hosts" : [], "key" : { "algo" : "rsa" , "size" : 2048 }, "names" : [ { "C" : "CN" , "ST" : "BeiJing" , "L" : "BeiJing" , "O" : "k8s" , "OU" : "System" } ]}
  • CN User system:kube-proxy
  • kube-apiserver RoleBinding cluster-admin User system:kube-proxy Role system:node-proxier Role kube-apiserver Proxy API

kube-proxy

$ cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes kube-proxy-csr.json | cfssljson -bare kube-proxy$ ls kube-proxy*kube-proxy.csr kube-proxy-csr.json kube-proxy-key.pem kube-proxy.pem

kubernetes

opsnssl
$ openssl x509 -noout -text -in kubernetes.pem... Signature Algorithm: sha256WithRSAEncryption Issuer: C=CN, ST=BeiJing, L=BeiJing, O=k8s, OU=System, CN=Kubernetes Validity Not Before: Apr 5 05:36:00 2017 GMT Not After : Apr 5 05:36:00 2018 GMT Subject: C=CN, ST=BeiJing, L=BeiJing, O=k8s, OU=System, CN=kubernetes... X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: DD:52:04:43:10:13:A9:29:24:17:3A:0E:D7:14:DB:36:F8:6C:E0:E0 X509v3 Authority Key Identifier: keyid:44:04:3B:60:BD:69:78:14:68:AF:A0:41:13:F6:17:07:13:63:58:CD X509v3 Subject Alternative Name: DNS:kubernetes, DNS:kubernetes.default, DNS:kubernetes.default.svc, DNS:kubernetes.default.svc.cluster, DNS:kubernetes.default.svc.cluster.local, IP Address:127.0.0.1, IP Address:172.20.0.112, IP Address:172.20.0.113, IP Address:172.20.0.114, IP Address:172.20.0.115, IP Address:10.254.0.1...
  • Issuerca-csr.json
  • Subjectkubernetes-csr.json
  • X509v3 Subject Alternative Namekubernetes-csr.json
  • X509v3 Key UsageExtended Key Usageca-config.json
Next page
1234567...17
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Kubernetes Handbook»

Look at similar books to Kubernetes Handbook. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


No cover
No cover
Nigel Poulton (Telecommunications engineer)
The Kubernetes Book
Onur Yilmaz - Extending Kubernetes: Elevate Kubernetes with Extension Patterns, Operators, and Plugins
Extending Kubernetes: Elevate Kubernetes with Extension Patterns, Operators, and Plugins
Onur Yilmaz
Extending Kubernetes: Elevate Kubernetes with Extension Patterns, Operators, and Plugins
No cover
No cover
V P
Kubernetes: 7-Day Guide for Easy Understanding of Kubernetes for Developers and IT Professionals
Alexander Raul - Cloud Native with Kubernetes: Deploy, configure, and run modern cloud native applications on Kubernetes
Cloud Native with Kubernetes: Deploy, configure, and run modern cloud native applications on Kubernetes
Alexander Raul
Cloud Native with Kubernetes: Deploy, configure, and run modern cloud native applications on Kubernetes
No cover
No cover
Gigi Sayfan
Hands-On Microservices With Kubernetes: Build, Deploy, And Manage Scalable Microservices On Kubernetes
No cover
No cover
Onur Yilmaz
Serverless Architectures with Kubernetes: Create production-ready Kubernetes clusters and run serverless applications on them
Baier - Getting Started with Kubernetes
Getting Started with Kubernetes
Baier
Getting Started with Kubernetes
Vohra - Kubernetes Microservices with Docker
Kubernetes Microservices with Docker
Vohra
Kubernetes Microservices with Docker
Saito - Kubernetes Cookbook
Kubernetes Cookbook
Saito
Kubernetes Cookbook
No cover
No cover
Reed
Kubernetes: The Ultimate Beginners Guide to Effectively Learn Kubernetes Step-by-Step
Brendan Burns - Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes
Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes
Brendan Burns
Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes
No cover
No cover
Hideto Saito
DevOps with Kubernetes
Reviews about «Kubernetes Handbook»

Discussion, reviews of the book Kubernetes Handbook and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.