RBAC Create a Role developer-role.yaml 1 2 3 4 5 6 7 8 9 10 11 apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: developer rules: - apiGroups: [ "" ] resources: [ "pods" ] verbs: [ "list", "get", "create", "update", "delete" ] - apiGroups: [ "" ] resources: [ "ConfigMap" ] verbs: [ "create" ] 1 kubectl create -f developer-role.yaml Role Binding dev-user-developer-binding.yaml 1 2 3 4 5 6 7 8 9 10 11 12 apiVersion: rbac.

Why Authorization? Admins PODs 1 kubectl get pods 1 2 3 NAME STATUS ROLES AGE VERSION worker-1 Ready <none> 5d21h v1.13.0 worker-2 Ready <none> 5d21h v1.13.0 Nodes 1 kubectl get nodes 1 2 3 NAME STATUS ROLES AGE VERSION worker-1 Ready <none> 5d21h v1.13.0 worker-2 Ready <none> 5d21h v1.13.0 Delete Node 1 kubectl delete node worker-2 1 Node worker-2 Deleted! Developers PODs 1 kubectl get pods 1 2 3 NAME STATUS ROLES AGE VERSION worker-1 Ready <none> 5d21h v1.

URL Scheme Version Version curl https://kube-master:6443/version API Version curl https://kube-master:6443/api/v1/pods Groups /metrics /metrics /healthz /healthz /version /version /api /api /apis /apis /logs /logs Core core The core (also called legacy) group is found at REST path /api/v1. The core group is not specified as part of the apiVersion field, for example, apiVersion: v1. Named named The named groups are at REST path /apis/$GROUP_NAME/$VERSION and use apiVersion: $GROUP_NAME/$VERSION (for example, apiVersion: batch/v1).

KubeConfig Structure KubeConfig File 1 cd ~/.kube/config 1 2 3 4 5 6 7 8 # Cluster Server --server my-kube-playground:6443 # User Key --client-key admin.key # User Certificate --client-certificate admin.crt # Cluster Certificate Authority --certificate-authority ca.crt KubeConfig YAML Clusters Clusters Information of Clusters. 1 2 3 4 5 6 7 8 9 clusters: - name: cluster1 cluster: certificate-authority: ca1.crt server: https://cluster1:6443 - name: cluster2 cluster: certificate-authority: ca2.crt server: https://cluster2:6443 Users Users Information of Users.

Required Knowledge Composer Composer Composer is a tool for dependency management in PHP. Packagist Packagist Packagist is the default Composer package repository. Laravel Laravel Laravel is a web application framework in PHP. GitHub GitHub GitHub is a code hosting platform for version control and collaboration. Install Laravel Note I don’t explain how to set environment up for PHP and Composer in this post. 1 composer create-project laravel/laravel my-project Settings for Package Development Directory Structure Directory Structure <Laravel Project>/<Packages Direcotry>/<Vendor Name>/<Package Name>/src Create a Packages Directory 1 2 cd my-project mkdir packages Create a Vendor Directory 1 2 cd packages mkdir cozyfex Create a Package Directory 1 2 cd cozyfex mkdir my-package Create a Source Directory 1 2 cd my-package mkdir src Initialize git GitHub Initialization Go to GitHub and register Create a repository laravel-my-package git Local Initialization 1 2 3 4 5 6 7 8 9 10 # my-project/packages/cozyfex/my-package # Init git init # Setting ignore vi .

Add New User to the Cluster Create a Key 1 openssl genrsa -out jane.key 2048 1 vi jane.key jane.key 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAvx/5t/OHmC9vHTBGAiyfXJ5W1rQ1Qf5yNMFoLLneh3mDrPVO n7YfOMdDjv0UKvXMZE8H8po00v2bARCV4+m9VOrB3gL/ktpxyCsDd3P6TIDqh2eA ARrNCkASpgMLoxsVhZDZ+oeTAthRF34AotlEPi6gBShi6/Rf+hU0/26s+mJCLRxy jFwOjjJX3nZhO51FBnpTAXjSDQsDK+N3g6VvhIFhmSFz+aha4uI11fvX+9mkK6M/ IZPAZ8oAOqBT4pzqHOctkTqm3d6jmfpKcP3BX134S5ujKnG1WFhK3GKTg1yyA64N 9hM9YIfy5O8m4f9Vmhgzbjr0BI91BOxk9WHyxQIDAQABAoIBACF25M+LqXtBGvB+ alOpIoIiC0xuo0CZ379S+f2S0d7grOiUzx5x0gesBC0+LNDU1uPdXqPg0kz7MK/A Cq6sV4VN0YIg/kTlULTeqy24NeQ9UlNBEQ2gdrRLwbglolz9ugf38+LE6D3ASHqX il75MdS9bzFX//IWiNON8QikhU8Vpb+TBRh2N3zGSvzHzVkWRspTVtG8/VrtwokX MM2PmyX1/9J0jTUCvmR9FkO2LCHQa+eb2Sn3YFkHhzlPKhM1x8xdsSPCnfR7gvI0 LpiVyGqwaIFepHduiu5n8gOeqvMzkaNYQf3uYGDmOaJjXFlU18JH+xmwoO9pLQ3/ aXxYNyECgYEA5pYJ2wrOzRmbS7fkMTm93t1VZwoOWMbv4Djb6gfR5W5DGERoJlOx 0FZ6T3sIxfREnbaYDpuZwO9PucCTmdHvyxOwE3fUMiXLxSNeSBbU1red6dUKuKqw hBMFp9tCRC7rakQLMslTOWd2JH50p4Ca/6mK1c0neul1U5UkTAhIWOkCgYEA1DCL P41B2eVB2nGaJiveBMRTRwJfw112GpB5CvUGJL6+H7x0PbT0v1l8NPSmuzOs5wuA 69CLcrB/zWhOG2R+6xi1lbSROrZj3WBi7InwI6Uqjpz1C0rKwU0cjKj9LqZIs/7c /KJ355yPuxEUDw9EUdqx4K6I35Jo+90hucKEoX0CgYAjZ+BliNhON+NXkgnw4Qvd f6DQbIPdb9Z/WFu0KLU7BF47CK3xTKKd+dlYAO1M7//lM5dPjubh8B0OyZogYVLv nLtJkfm8JX+Paqncad0Ohy0xLWwzBMqLzRvuNUWMkKPHMmGBz9X+l3tViTFCUwX5 wb+2qoSoY9aHGfxzzEXHmQKBgAHk4QlTMHhKdJkHlJGsqJGwUvH6UnKC/g/kpD/1 yfVAAqBz5TG70Md4fARY/rgDERMK5j60oNoIO0vRF4llD0D3+n74mqdEg4WxW5Cy 9oLK8aNOQV21cDPjhVK4G3J0J4f7yWsz5BAcNKg90ckEoN5+LkJMLIqaWveMlMV8 uARdAoGAGmTOlpMYRTvjjPs5ojMCCDLJzKTrssfPa4kcWzjl1EjjDpESICzKPXC0 /rKxy5SBg/Pp/uS6lDdGqyBjLD/vIayxW+gMtCGqTbKa2Gs6zNSLV/qvtoByjoIa zi6EgJ+DU50mTP+hU9AQa8awlA/MaKHDJZZJuMBaZDTzowYWxDI= -----END RSA PRIVATE KEY----- Create a CSR(Certificate Signing Request) 1 openssl req -new -key jane.