~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl get po -A -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
ingress-nginx ingress-nginx-admission-create-r9gm9 0/1 Completed 0 23h <none> minikube <none> <none>
ingress-nginx ingress-nginx-admission-patch-phz96 0/1 Completed 0 23h <none> minikube <none> <none>
ingress-nginx ingress-nginx-controller-596f8778bc-92tbm 1/1 Running 1 (17m ago) 23h 10.244.0.3 minikube <none> <none>
kube-system coredns-7d764666f9-8698l 1/1 Running 5 (19h ago) 3d5h 10.244.0.2 minikube <none> <none>
kube-system etcd-minikube 1/1 Running 5 (17m ago) 3d5h 192.168.49.2 minikube <none> <none>
kube-system kindnet-bg6xj 1/1 Running 5 (19h ago) 3d5h 192.168.49.4 minikube-m03 <none> <none>
kube-system kindnet-ggf67 1/1 Running 1 (19h ago) 23h 192.168.49.3 minikube-m02 <none> <none>
kube-system kindnet-k8ztd 1/1 Running 5 (19h ago) 3d5h 192.168.49.2 minikube <none> <none>
kube-system kube-apiserver-minikube 1/1 Running 5 (17m ago) 3d5h 192.168.49.2 minikube <none> <none>
kube-system kube-controller-manager-minikube 1/1 Running 5 (19h ago) 3d5h 192.168.49.2 minikube <none> <none>
kube-system kube-proxy-2ldz2 1/1 Running 5 (19h ago) 3d5h 192.168.49.4 minikube-m03 <none> <none>
kube-system kube-proxy-l6k6z 1/1 Running 5 (19h ago) 3d5h 192.168.49.2 minikube <none> <none>
kube-system kube-proxy-xgcmh 1/1 Running 1 (19h ago) 23h 192.168.49.3 minikube-m02 <none> <none>
kube-system kube-scheduler-minikube 1/1 Running 5 (19h ago) 3d5h 192.168.49.2 minikube <none> <none>
kube-system storage-provisioner 1/1 Running 10 (15m ago) 3d5h 192.168.49.2 minikube <none> <none>
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl get po
No resources found in default namespace.
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl create ns prod
namespace/prod created
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl get ns
NAME STATUS AGE
default Active 3d5h
ingress-nginx Active 23h
kube-node-lease Active 3d5h
kube-public Active 3d5h
kube-system Active 3d5h
prod Active 6s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl get sa -n prod
NAME AGE
default 50s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl run -it test --image=ubuntu --restart=Never --rm -n prod -- bash
All commands and output from this session will be recorded in container logs, including credentials and sensitive information passed through the command prompt.
If you don't see a command prompt, try pressing enter.
root@test:/# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 1007G 137G 819G 15% /
tmpfs 64M 0 64M 0% /dev
shm 64M 0 64M 0% /dev/shm
/dev/sdd 1007G 137G 819G 15% /etc/hosts
tmpfs 7.7G 12K 7.7G 1% /run/secrets/kubernetes.io/serviceaccount
tmpfs 3.9G 0 3.9G 0% /proc/acpi
tmpfs 3.9G 0 3.9G 0% /proc/scsi
tmpfs 3.9G 0 3.9G 0% /sys/firmware
root@test:/# ls /run/secrets/kubernetes.io/serviceaccount/
ca.crt namespace token
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl config get-clusters
NAME
minikube
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* minikube minikube minikube default
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl config get-users
NAME
minikube
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl apply -f db_credentials.yml
secret/db-credentials created
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl get -f db_credentials.yml
NAME TYPE DATA AGE
db-credentials Opaque 2 8s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl get secret
NAME TYPE DATA AGE
db-credentials Opaque 2 15s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl get secret -o wide
NAME TYPE DATA AGE
db-credentials Opaque 2 19s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ cat reg_secret_env.yml
apiVersion: v1
kind: Pod
metadata:
name: web-apl
spec:
containers:
- name: nginx
image: nginx
env:
- name: DB_USERNAME ## 환경 변수
valueFrom:
secretKeyRef:
name: db-credentials ## 시크릿명
key: username ## 시크릿 키
- name: DB_PASSWORD ## 환경 변수
valueFrom:
secretKeyRef:
name: db-credentials
key: password
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl apply -f reg_secret_env.yml
pod/web-apl created
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl exec -it web-apl -- bash -c 'echo $DB_USERNAME, $DB_PASSWORD'
takara, password
~/.minikube/certs $ kubectl create secret tls www-cert --cert=cert.pem --key=key.pem
secret/www-cert created
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl apply -f secret_volume.yml
pod/web created
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl get secret
NAME TYPE DATA AGE
db-credentials Opaque 2 6m23s
www-cert kubernetes.io/tls 2 68s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl get secret www-cert
NAME TYPE DATA AGE
www-cert kubernetes.io/tls 2 75s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl describe secret www-cert
Name: www-cert
Namespace: default
Labels: <none>
Annotations: <none>
Type: kubernetes.io/tls
Data
====
tls.crt: 1123 bytes
tls.key: 1679 bytes
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ cat secret_volume.yml
apiVersion: v1
kind: Pod
metadata:
name: web
spec:
containers:
- name: nginx
image: nginx
ports:
- protocol: TCP
containerPort: 443
volumeMounts: ## 마운트 정의
- name: cert-vol ## 시크릿의 볼륨 이름
mountPath: /etc/cert ## 컨테이너상의 마운트 경로
volumes: ## 볼륨 정의
- name: cert-vol ## 시크릿의 볼륨 이름
secret:
secretName: www-cert ## 시크릿의 이름
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl exec -it web -- df -h
Filesystem Size Used Avail Use% Mounted on
overlay 1007G 137G 819G 15% /
tmpfs 64M 0 64M 0% /dev
shm 64M 0 64M 0% /dev/shm
tmpfs 7.7G 8.0K 7.7G 1% /etc/cert
/dev/sdd 1007G 137G 819G 15% /etc/hosts
tmpfs 7.7G 12K 7.7G 1% /run/secrets/kubernetes.io/serviceaccount
tmpfs 3.9G 0 3.9G 0% /proc/acpi
tmpfs 3.9G 0 3.9G 0% /proc/scsi
tmpfs 3.9G 0 3.9G 0% /sys/firmware
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/secret $ kubectl exec -it web -- ls /etc/cert
tls.crt tls.key
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ cat tls.conf
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server {
listen 443 ssl;
server_name www.sample.com;
ssl_certificate /etc/cert/tls.crt;
ssl_certificate_key /etc/cert/tls.key;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl create configmap nginx-conf --from-file=tls.conf
configmap/nginx-conf created
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl get configmap nginx-conf
NAME DATA AGE
nginx-conf 1 12s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15 $ kubectl describe configmap !$
kubectl describe configmap nginx-conf
Name: nginx-conf
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
tls.conf:
----
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server {
listen 443 ssl;
server_name www.sample.com;
ssl_certificate /etc/cert/tls.crt;
ssl_certificate_key /etc/cert/tls.key;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
BinaryData
====
Events: <none>
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/config-nginx $ cat cm-env.yml
apiVersion: v1
kind: ConfigMap
metadata:
name: env-config
data:
log_level: INFO
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/config-nginx $ cat cm-env-read.yml
apiVersion: v1
kind: Pod
metadata:
name: web-apl
spec:
containers:
- name: web
image: nginx
env:
- name: LOG_LEVEL ## 컨테이너 환경 변수명
valueFrom:
configMapKeyRef:
name: env-config ## 컨피그맵명
key: log_level ## 키 항목
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/config-nginx $ kubectl apply -f cm-env.yml
configmap/env-config created
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/config-nginx $ kubectl apply -f cm-env-read.yml
pod/web-apl created
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/config-nginx $ kubectl get pod,configmap
NAME READY STATUS RESTARTS AGE
pod/web-apl 1/1 Running 0 10s
NAME DATA AGE
configmap/env-config 1 23s
configmap/kube-root-ca.crt 1 3d6h
configmap/nginx-conf 1 2m24s
~/gitclone/playground/reading/57_15_step_de_shutoku_docker_kara_hairu_kubernetes/15_DandK/step15/config-nginx $ kubectl exec -it web-apl -- env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=web-apl
TERM=xterm
LOG_LEVEL=INFO
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
KUBERNETES_SERVICE_HOST=10.96.0.1
KUBERNETES_SERVICE_PORT=443
KUBERNETES_SERVICE_PORT_HTTPS=443
KUBERNETES_PORT=tcp://10.96.0.1:443
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP_PORT=443
NGINX_VERSION=1.29.7
NJS_VERSION=0.9.6
NJS_RELEASE=1~trixie
ACME_VERSION=0.3.1
PKG_RELEASE=1~trixie
DYNPKG_RELEASE=1~trixie
HOME=/root