Markdown is a lightweight markup language for creating formatted text using a plain-text editor. John Gruber and Aaron Swartz created Markdown in 2004 as a markup language that is appealing to human readers in its source code form. Markdown is widely used in blogging, instant messaging, online forums, collaborative software, documentation pages, and readme files. .md or .markdown is used for the file type— wikipedia markdown.



# H1

## H2

### H3

#### H4

##### H5

Docker Hub can automatically build images from source code in an external repository and automatically push the built image to your Docker repositories.

When you set up automated builds, you create a list of branches and tags that you want to build into Docker images. When you push code to a source code branch in GitHub for one of those listed image tags, the push uses a webhook to trigger a new build, which produces a Docker image. The built image is then pushed to the Docker Hub registry. — docker docs

Go to Linked Accounts and Authorise Docker Hub…


Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within your organisation.

RBAC authorisation uses the API group to drive authorisation decisions. — k8s doc

I am going to practice RBAC on k8s with Cluster Role Binding.

Generate ssl called kadmin.key, approve the key and save the base64 kadmin.crt

$openssl genrsa -out kadmin.key 2048
$openssl req -new -key kadmin.key -out kadmin.csr -subj "/CN=kadmin"
$kubectl certificate approve kadmin
$kubectl get csr kadmin -o jsonpath='{.status.certificate}' | base64 -d > kadmin.crt

Create crb.yaml

kind: ClusterRoleBinding
name: kadmin-admin


Inter-pod affinity and anti-affinity allow you to constrain which nodes your pod is eligible to be scheduled based on labels on pods that are already running on the node rather than based on labels on nodes.

As with node affinity, there are currently two types of pod affinity and anti-affinity, called requiredDuringSchedulingIgnoredDuringExecution and preferredDuringSchedulingIgnoredDuringExecution.An example of requiredDuringSchedulingIgnoredDuringExecution affinity would be "co-locate the pods of service A and service B in the same zone, since they communicate a lot with each other" and an example preferredDuringSchedulingIgnoredDuringExecution anti-affinity would be "spread the pods from this service across zones" — kubernetes Doc



The Horizontal Pod Autoscaler automatically scales the number of Pods in a replication controller, deployment, replica set or stateful set based on observed CPU utilisation (or, with custom metrics support, on some other application-provided metrics).

The Horizontal Pod Autoscaler is implemented as a Kubernetes API resource and a controller. The resource determines the behavior of the controller. The controller periodically adjusts the number of replicas in a replication controller or deployment to match the observed metrics such as average CPU utilisation, average memory utilisation or any other custom metric to the target specified by the user.

I am going to…


You describe a desired state in a Deployment, and the Deployment Controller changes the actual state to the desired state at a controlled rate. You can define Deployments to create new ReplicaSets, or to remove existing Deployments and adopt all their resources with new Deployments. — k8s official doc

Today, I am going to practice rolling out, updating, rolling back and scaling up to 10 with nginx.


apiVersion: apps/v1
kind: Deployment
name: nginx-deployment
app: nginx
replicas: 3
app: nginx
app: nginx
- name: nginx
image: nginx:1.14.2 …


Dynamic volume provisioning allows storage volumes to be created on-demand. kubernetes docs

The implementation of dynamic volume provisioning is based on the API object StorageClass from the API group

Ceph is an integrated storage clusters from the scalability and performance limitations imposed by centralised data table mapping. It replicates and rebalances data within the cluster dynamically — ceph storage

Vagrantfile to configurate ceph storage

# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.define "k8s-m1" do |ubuntu| = "ubuntu/focal64"
ubuntu.vm.hostname = "k8s-m1" "private_network", ip…


Today, I am going to launch static provisioning Wordpress / Mysql configuration on k8s


ReplicaSet: 2

NFS Storage(Static Provision)

Service: LoadBalancer



hostPath Storage

Service: ClusterIP

nfs configuration with Ansible in kubespray.

$ sudo apt update
$ sudo apt install nfs-kernel-server
$ vi /etc/exports
/nfs-v *(rw,sync,no_subtree_check)
$ sudo mkdir /nfs-v
$ sudo chmod -R 777 /nfs-v
$ sudo exportfs -arv
$ cd
$ ansible all -i kubespray/inventory/mycluster/inventory.ini -m apt -a 'name=nfs-common state=present' -b

Wordpress yaml


apiVersion: v1
kind: PersistentVolumeClaim
name: wp-pvc
- ReadWriteMany
storage: 5Gi
volumeName: wp-pv


apiVersion: v1
kind: PersistentVolume
name: wp-pv
storage: 20Gi…

Today, I am going to practice launching a web application using Persistent Volumes, Persistent Volume Claim, Network File System and ReplicaSet with Kubernetes.


  1. kubernetes environment setup which I used kubespray and some knowledge of k8s api.
  2. git setup
  3. Vagrant
  4. 1 main and 3 clients

Firstly, install NFS, create a nfs directory, give the permission and set up in Client 1,2,3.

git clone the web application I used StartBootstrap for practice purpose.

$ sudo apt update
$ sudo apt install nfs-kernel-server
$ sudo vi /etc/exports
/nfs *(rw,sync,no_subtree_check)
$ sudo mkdir /nfs-volume
$ sudo chmod -R 777 /nfs-volume
$ sudo exportfs -arv
$ ansible all…


Ingres exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource. In other word, Ingress is an API object that manages external access to the services in a cluster, typically HTTP.

An Ingress may be configured to give Services externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. — kubernetes doc


You should already an ingress controller such as ingress-nginx and configure it.

$ kubectl get all -n ingress-nginx


Write about Cloud Engineering, Programming

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store