Differences

This shows you the differences between two versions of the page.

--- система_kubernetes [2026/03/20 14:44]
val [Работа с публичными репозиториями]
+++ система_kubernetes [2026/03/23 19:38] (current)
val [Deployment, Replica Sets, Pods]
@@ Line 697: / Line 697: @@
 </code>
   * [[#Настройка автодополнения]]
+  * [[https://stackoverflow.com/questions/76258905/redirect-manual-process-logs-to-kubernetes-pod-log]]
 <code>
 $ kubectl attach my-debian-NNNNNNNNN-NNNNN
 $ kubectl exec -ti my-debian-NNNNNNNNN-NNNNN -- bash
+$ echo Hello >/proc/1/fd/1
 Ctrl-D
 </code>
@@ Line 932: / Line 935: @@
 ...
 N+1        revert to ver1.1
+</code>
+=== Horizontal Pod Autoscaler ===
+  * [[#Metrics Server]]
+  * Пакет OpenSSL [[Пакет OpenSSL#Проверка производительности CPU]]
+<code>
+kube1:~/webd-k8s# cat my-webd-deployment.yaml
+</code><code>
+...
+        resources:
+          requests:
+            memory: "64Mi"
+            cpu: "250m"
+</code><code>
+kube1:~/webd-k8s# cat my-webd-hpa.yaml
+</code><code>
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: my-webd-hpa
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: my-webd
+  minReplicas: 2
+  maxReplicas: 10
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      target:
+        type: Utilization
+        averageUtilization: 50
+  - type: Resource
+    resource:
+      name: memory
+      target:
+        type: Utilization
+        averageUtilization: 80
+</code><code>
+kube1:~/webd-k8s# kubectl -n my-ns get hpa
 </code>
@@ Line 953: / Line 1000: @@
 <code>
+$ ### kubectl -n my-ns expose pod my-debian --port=80
 $ ### kubectl expose deployment my-webd --type=NodePort --port=80 -n my-ns
 $ ### kubectl delete svc my-webd -n my-ns
@@ Line 1457: / Line 1504: @@
 === HTTPRoute ===
+  * [[https://gateway-api.sigs.k8s.io/guides/http-request-mirroring/]]
 <code>
 kube1:~/webd-k8s# cat my-httproute.yaml
@@ Line 1474: / Line 1524: @@
   - matches:
     - path:
-        type: Exact
+        type: PathPrefix
         value: /
-#    filters:
-#    - type: RequestHeaderModifier
-#      requestHeaderModifier:
-#        add:
-#        - name: X-Gateway-ID
-#          value: "external-gw-prod"
     backendRefs:
     - name: my-webd
@@ Line 1489: / Line 1533: @@
 #      port: 80
 #      weight: 30
+#    filters:
+#    - type: RequestHeaderModifier
+#      requestHeaderModifier:
+#        add:
+#        - name: X-Gateway-ID
+#          value: "external-gw-prod"
+#    - type: RequestMirror  # not work in traefic
+#      requestMirror:
+#        backendRef:
+#          name: my-ubuntu  # service in same ns
+#          port: 80
 </code>
 ==== Volumes ====
@@ Line 2580: / Line 2634: @@
 kube1:~/users# kubectl apply -f user1-cluster-admin.yaml
+kube1:~/users# cat freeipa-kube-admin.yaml
+</code><code>
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: freeipa-kube-admin
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+  kind: Group
+  name: /freeipa-kube-admin
+roleRef:
+  kind: ClusterRole
+  name: cluster-admin
+  apiGroup: rbac.authorization.k8s.io
+</code><code>
 student@client1:~$ kubectl get nodes
 </code>
-=== Поиск предоставленных кластерных ролей для учетной записи ===
+=== Поиск предоставленных кластерных ролей для учетной записи или ServiceAccount ===
 <code>
 kube1:~/users# kubectl get clusterrolebindings -o=json | jq '.items[] | select(.subjects[]?.name == "kubeadm:cluster-admins")'
@@ Line 2590: / Line 2659: @@
 kube1:~/users# kubectl get clusterrolebindings -o=json | jq '.items[] | select(.subjects[]?.name == "default")'
+kube1:~/users# kubectl get clusterrolebindings -o=json | jq '.items[] | select(.subjects[]?.name == "admin-user")'
 kube1:~/users# kubectl delete -f user1-cluster-admin.yaml
@@ Line 2596: / Line 2667: @@
 </code>
-===== Horizontal Pod Autoscaler =====
-  * [[#Metrics Server]]
+===== Использование SecurityContext =====
+  * [[https://gitlab.com/k11s-os/k8s-lessons/-/tree/main/SecurityContext]]
+===== Использование NetworkPolicy =====
+  * [[https://gitlab.com/k11s-os/k8s-lessons/-/tree/main/NetworkPolicy]]
 <code>
-kube1:~/webd-k8s# cat my-webd-deployment.yaml
+kube1:~/my-pgcluster# cat my-pgcluster-policy.yaml
 </code><code>
-...
+apiVersion: networking.k8s.io/v1
-        resources:
+kind: NetworkPolicy
-          requests:
-            memory: "64Mi"
-            cpu: "250m"
-</code><code>
-kube1:~/webd-k8s# cat my-webd-hpa.yaml
-</code><code>
-apiVersion: autoscaling/v2
-kind: HorizontalPodAutoscaler
 metadata:
-  name: my-webd-hpa
+  name: my-pgcluster-policy
 spec:
-  scaleTargetRef:
+  podSelector:
-    apiVersion: apps/v1
+    matchLabels:
-    kind: Deployment
+      cnpg.io/cluster: my-pgcluster
-    name: my-webd
+  policyTypes:
-  minReplicas: 2
+  - Ingress
-  maxReplicas: 10
+  ingress:
-  metrics:
+  - from:
-  - type: Resource
+    - namespaceSelector:
-    resource:
+        matchLabels:
-      name: cpu
+          kubernetes.io/metadata.name: my-keycloak-ns
-      target:
+    ports:
-        type: Utilization
+    - protocol: TCP
-        averageUtilization: 50
+      port: 5432
-  - type: Resource
+  - from:
-    resource:
+    - namespaceSelector:
-      name: memory
+        matchLabels:
-      target:
+          kubernetes.io/metadata.name: cnpg-system
-        type: Utilization
+    ports:
-        averageUtilization: 80
+    - protocol: TCP
+      port: 5432
 </code><code>
-kube1:~/webd-k8s# kubectl -n my-ns get hpa
+kube1:~/my-pgcluster# kubectl -n my-pgcluster-ns apply -f my-pgcluster-policy.yaml
 </code>
@@ Line 3045: / Line 3117: @@
 </code>
-==== NetworkPolicy ====
-  * [[https://gitlab.com/k11s-os/k8s-lessons/-/tree/main/NetworkPolicy]]
-==== SecurityContext ====
-  * [[https://gitlab.com/k11s-os/k8s-lessons/-/tree/main/SecurityContext]]
 ==== Установка kubelet kubeadm kubectl в ubuntu20 ====

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools