Backup Candidate Resource Configuration Resource Configuration YAML Files Imperative Create Resource 1 2 3 kubectl create namespace new-namespace kubectl create secret kubectl create configmap Backup 1 2 # Backup All Resources kubectl get all --all-namespaces -o yaml > all-deploy-services.yaml Declarative Recommendation Save to GitHub and manage with a team! VELERO VELERO Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.

Kubernetes Core Components Versioning Rule Component Versioning Rule Example kube-apiserver X v1.10 kube-scheduler X-1 v1.9 or v1.10 kubelet X-2 v1.8 or v1.9 or v.110 kube-proxy X-2 v1.8 or v1.9 or v.110 kubectl X+1 > X-1 v1.10 Kubernetes Supported Versions Versions Kubernetes support recent 3 minor versions. Version Whether to Support v1.10 Un-Supported v1.11 Un-Supported v1.12 Supported v1.13 Supported v1.14 Supported Upgrade Recommendation Process Recommendation Kubernetes recommend upgrading to one minor up version at a time.

Kubernetes Software Version Structure v1.10.1 v<Major>.<Minor>.<Patch> Major Big change of the application. Minor Features Functionalities Patch Bug Fixes

What is Firewalld? firewalld Firewalld provides a dynamically managed firewall with support for network/firewall zones that define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings, ethernet bridges and IP sets. There is a separation of runtime and permanent configuration options. It also provides an interface for services or applications to add firewall rules directly. You can check more details this link Firewalld

When the Node is Offline Note Kubernetes wait 5 minutes that is configured in Controller Manager. If the Node is still offline after 5 minutes, Kubernetes will create the PODs to other Nodes. After then the Node comes to online, the Node is empty. Configure Eviction Time 1 kube-controller-manager --pod-eviction-timeout=5m0s cordon Node cordon The cordon makes the Node is not possible to schedule any POD. Mark the Node unscheduled. After cordon, you cannot use describe 1 2 3 4 5 # Structure kubectl cordon <node-name> # Example kubectl cordon node01 uncordon Node uncordon The uncordon makes the Node is possible to schedule the PODs.

What is initContainers? initContainers initContainers is just executing on starting the POD. The initContainers runs one at a time in sequential order. If any of the initContainers fail to complete, Kubernetes restarts the POD repeatedly until the Init Container succeeds. initContainers YAML pod-definition.yaml 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 apiVersion: v1 kind: Pod metadata: name: myapp-pod labels: app: myapp spec: containers: - name: myapp-container image: nginx command: [ "echo", "This is main conatiner.