Merge branch 'master' into course

2025-06-06 17:01:30 +00:00 · 2025-04-03 14:09:53 +11:00 · 2025-04-03 14:09:53 +11:00 · a58d9e9251
commit a58d9e9251
parent 389a6d0d34 7df717d9cc
6 changed files with 119 additions and 12 deletions
--- a/kubernetes/helm/README.md
+++ b/kubernetes/helm/README.md
@ -7,7 +7,7 @@
 Lets create a Kubernetes cluster to play with using [kind](https://kind.sigs.k8s.io/docs/user/quick-start/)

 ```
-kind create cluster --name helm --image kindest/node:v1.26.0
+kind create cluster --name helm --image kindest/node:v1.31.1
 ```

 # Getting Started with Helm
@ -32,16 +32,16 @@ export KUBE_EDITOR="nano"
 # test cluster access:
 /work # kubectl get nodes
 NAME                    STATUS   ROLES    AGE   VERSION
-helm-control-plane   Ready    master   26m   v1.26.0
+helm-control-plane   Ready    control-plane   26m   v1.31.1

 ```

 ## Install Helm CLI

 ```
-curl -LO https://get.helm.sh/helm-v3.4.0-linux-amd64.tar.gz
-tar -C /tmp/ -zxvf helm-v3.4.0-linux-amd64.tar.gz
-rm helm-v3.4.0-linux-amd64.tar.gz
+curl -LO https://get.helm.sh/helm-v3.17.2-linux-amd64.tar.gz
+tar -C /tmp/ -zxvf helm-v3.17.2-linux-amd64.tar.gz
+rm helm-v3.17.2-linux-amd64.tar.gz
 mv /tmp/linux-amd64/helm /usr/local/bin/helm
 chmod +x /usr/local/bin/helm

--- a/kubernetes/helm/example-app/templates/deployment.yaml
+++ b/kubernetes/helm/example-app/templates/deployment.yaml
@ -9,7 +9,7 @@ spec:
  selector:
    matchLabels:
      app: "{{ .Values.name }}"
-  replicas: 2
+  replicas: {{ .Values.deployment.replicas | default 2 }}
  strategy:
    type: RollingUpdate
    rollingUpdate:
--- a/kubernetes/secrets/README.md
+++ b/kubernetes/secrets/README.md
@ -1,3 +1,70 @@
 # Introduction to Kubernetes: Secrets

-<a href="https://youtu.be/o36yTfGDmZ0" title="k8s-secrets"><img src="https://i.ytimg.com/vi/o36yTfGDmZ0/hqdefault.jpg" width="20%" alt="k8s-secrets" /></a> 
+<a href="https://youtu.be/EkUN4V4Hmws" title="k8s-secrets"><img src="https://i.ytimg.com/vi/EkUN4V4Hmws/hqdefault.jpg" width="20%" alt="k8s-secrets" /></a> 
+
+## Create a cluster with Kind
+
+```
+kind create cluster --name secrets --image kindest/node:v1.31.1
+```
+
+## Our Secret
+
+We have a secret under `kubernetes/secrets/secret.json`
+
+```
+cat kubernetes/secrets/secret.json
+```
+
+## Using our secret in a container
+
+As a file:
+```
+docker run -it -v $PWD/kubernetes/secrets/secret.json:/secrets/secret.json ubuntu:latest bash
+
+cat /secrets/secret.json
+```
+
+As environment variables:
+
+```
+api_key="somesecretgoeshere"
+docker run -it -e API_KEY=$api_key ubuntu:latest bash
+
+echo $API_KEY
+```
+
+## Kubernetes Secret
+
+Read more about [Kubernetes secrets](https://kubernetes.io/docs/concepts/configuration/secret/)
+
+
+## Create our secret
+
+There are two main ways we can create a Kubernetes secret. </br>
+Either by creating the secret object with `kubectl create secret` or apply\create it declaratively using YAML with `kubectl apply -f`
+
+`kubectl create secret`:
+
+```
+kubectl create secret generic mysecret --from-file kubernetes/secrets/secret.json
+```
+
+`kubectl apply -f` or `kubectl create -f` allows us to define things declaratively using YAML files:
+
+```
+kubectl apply -f kubernetes/secrets/secret.yaml
+```
+
+## Use our secret
+
+In order to use our secret we add a `volume` to our pod spec and then mount that using a `volumeMount` </br>
+We can also use a secret references as `env` variable </br>
+
+
+```
+kubectl apply -f kubernetes/secrets/pod.yaml
+```
+
+
+
--- a/kubernetes/secrets/pod.yaml
+++ b/kubernetes/secrets/pod.yaml
@ -0,0 +1,30 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: example-pod
+  namespace: default
+  labels:
+    app: example-app
+    test: test
+spec:
+  nodeSelector:
+    kubernetes.io/os: linux
+  containers:
+  - name: example-app
+    image: aimvector/python:1.0.4
+    imagePullPolicy: Always
+    ports:
+    - containerPort: 5000
+    env:
+    - name: API_KEY
+      valueFrom:
+        secretKeyRef:
+          name: mysecret
+          key: api_key
+    volumeMounts:
+    - name: secret-volume
+      mountPath: /secrets/
+  volumes:
+  - name: secret-volume
+    secret:
+      secretName: mysecret
--- a/kubernetes/secrets/secret.json
+++ b/kubernetes/secrets/secret.json
@ -0,0 +1,3 @@
+{
+  "api_key" : "somesecretgoeshere"
+}
--- a/kubernetes/secrets/secret.yaml
+++ b/kubernetes/secrets/secret.yaml
@ -2,11 +2,18 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: mysecret
+  namespace: default
+  labels:
+    app: example-app
 type: Opaque
-stringData:
-  secret.json: |-
-    {
-      "api_key" : "somesecretgoeshere"
-    }
+data:
+  api_key: c29tZXNlY3JldGdvZXNoZXJlCg==
+  secret.json: ew0KICAiYXBpX2tleSIgOiAic29tZXNlY3JldGdvZXNoZXJlIg0KfQ==
+# stringData:
+#   secret.json: |-
+#     {
+#       "api_key" : "somesecretgoeshere"
+#     }
+

 #kubectl create secret generic mysecret --from-file .\golang\secrets\secret.json