Network Policy Commands Network Policy List 1 kubectl get networkplicy Network Policy Detail 1 kubectl describe networkpolicy <networkpolicy-name> YAML 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: internal-policy spec: podSelector: matchLabels: name: internal policyTypes: - Egress egress: - to: - podSelector: matchLabels: name: payroll ports: - protocol: TCP port: 8080 - to: - podSelector: matchLabels: name: mysql ports: - protocol: TCP port: 3306 System Diagram Network Policy Ingress podSelector 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 apiVersion: networking.

Container Security Context 1 docker run --user=1001 ubunut sleep 1 docker run --cap-add MAC_ADMIN ubunut Kubernetes Security Context securityContext In YAML, focus on securityContext. POD Context 1 2 3 4 5 6 7 8 9 10 11 apiVersion: v1 kind: Pod metadata: name: web-pod sepc: securityContext: runAsUser: 1000 containers: - name: ubuntu image: ubunut command: [ "sleep", "3600" ] Containers Security Context 1 2 3 4 5 6 7 8 9 10 11 12 13 apiVersion: v1 kind: Pod metadata: name: web-pod sepc: containers: - name: ubuntu image: ubunut command: [ "sleep", "3600" ] securityContext: runAsUser: 1000 capabilities: add: [ "MAC_ADMIN" ] capabilities Capabilities are only supported at the container level and not at the POD level.

exec exec This function is for executing OS command in PHP. exec Error 1 exec('none-exist-command', $output, $exit); Imporant Above the command none-exist-command occurs an error because it’s not exist command. IMPORTANT!! Maybe you think you can get error messages from the $output. BUT IT’S NOT!! Return Error Messages 1 exec('none-exist-command 2>&1', $output, $exit); 2>&1 If you want to get error messages, you have to append 2>@1 option the command.

What is ngrok? ngrok One command for an instant, secure URL to your localhost server through any NAT or firewall. Go to ngrok Install ngrok Download Download You need to download ngrok from official site. Move ngrok 1 2 3 4 5 6 7 8 9 # Create directories mkdir ~/ngrok mkdir ~/ngrok/bin # Move mv ~/Downloads/ngrok ~/ngrok/bin/ # Create a symbolic link ln -s ~/ngrok/bin/ngrok /usr/local/bin/ngrok Connect Account Sign Up or Login Go to Setup & Installation under Getting Started Check your authtoken Execute below command 1 ngrok authtoken <your-authtoken> Listen Http 1 ngrok http 80 1 2 3 4 5 6 7 8 9 10 11 12 ngrok by @inconshreveable Session Status online Account <your-account> Version 2.

Image nginx-pod.yaml 1 2 3 4 5 6 7 8 apiVersion: v1 kind: Pod metadata: name: nginx-pod spec: containers: - name: nginx image: nginx image image: nginx Image Value Structure Structure image: <repository>/<user/account>/<image/repository> Example 1 image: gcr.io/kubernetes-e2e-test-images/dnsutils Private Repository Login 1 docker login private-repository.io 1 2 3 4 5 Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.

Namespaced 1 kubectl api-resources --namespaced=true Cluster Scoped 1 kubectl api-resources --namespaced=false Cluster Role Cluster Admin Can View Nodes Can Create Nodes Can Delete Nodes Storage Admin Can View PVs Can Create PVs Can Delete PVCs Cluster Role YAML cluster-admin-role.yaml 1 2 3 4 5 6 7 8 apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: cluster-administrator rules: - apiGroups: [ "" ] resources: [ "nodes" ] verbs: [ "list", "get", "create", "delete" ] 1 kubectl create -f cluster-admin-role.