Familiarity with the Security Authentication kubernetes Command of docker (40) 04/15 Update SLTechnology News&Howtos

Familiarity with the Security Authentication kubernetes Command of docker (40)

2025-04-15 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

Original articles, welcome to reprint. Reprint please indicate: reproduced from IT Story Association, thank you!

Original link address: "Advanced article" docker security authentication kubernetes command familiar (40)

We have deployed the secure version of the kubernetes cluster.

Let's use the new cluster to review the commands we have learned before, and then learn about some new commands, new parameters, and new functions.

Familiar with command kubectl version

Kubectl get node

Kubectl get svc

Run a pod

Check pod's log kubectl logs kubernetes-bootcamp-6b7849c495-bqc5r-f

Kubectl run kubernetes-bootcamp--image=jocatalin/kubernetes-bootcamp:v1-- port=8080kubectl get podskubectl get deploykubectl logs kubernetes-bootcamp-6b7849c495-bqc5r-f

Enter the container

Check the details of pod and find that there is a corresponding mount point in pod. When you enter the container, you will find that there is a certificate in the mount point.

Kubectl describe podskubectl exec-it kubernetes-bootcamp-6b7849c495-bqc5r bash

How did these two files in the container come from, crt,namespace,token

If the value in secrets is copied to serviceaccount enabled in pod,apiserver, a default serviceaccount will be created under the namespace of default. After each pod is started, servicesecret will be mounted on the pod as a file.

Kubectl get serviceaccount-o jsonkubectl get secrets-o yaml

Kubectl apply

Nginx-pod.yaml file

ApiVersion: v1kind: Podmetadata: name: nginxspec: containers:-name: nginx image: nginx:1.7.9 ports:-containerPort: 80kubectl apply-f nginx-pod.yaml kubectl get podkubectl describe pods nginx

This has more Anntations than when create was generated. Create is deleted during creation. Apply is overwritten on the basis of the original application and can be rolled back.

Kubectl pulls image to run local kubectl run busybox-- rm=true-- image=busybox-- restart=Never-- tty-I

PS: basically to test whether the security certification k8s can be used normally, and also use several commands. In fact, I feel that the command of kubernetes is very similar to that of docker. The environment is built with a big head, and the back of the boat can be pushed along the river.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.