CKA考试官方培训文档（付费的那个版本）.pdf-资料库

icyyyer-10828532-4744300845133480891.pdf-第1页.png

第1页 / 共103页

icyyyer-10828532-4744300845133480891.pdf-第2页.png

第2页 / 共103页

icyyyer-10828532-4744300845133480891.pdf-第3页.png

第3页 / 共103页

icyyyer-10828532-4744300845133480891.pdf-第4页.png

第4页 / 共103页

icyyyer-10828532-4744300845133480891.pdf-第5页.png

第5页 / 共103页

icyyyer-10828532-4744300845133480891.pdf-第6页.png

第6页 / 共103页

icyyyer-10828532-4744300845133480891.pdf-第7页.png

第7页 / 共103页

icyyyer-10828532-4744300845133480891.pdf-第8页.png

第8页 / 共103页

ii c Copyright the Linux Foundation 2018. All rights reserved. The training materials provided or developed by The Linux Foundation in connection with the training services are protected by copyright and other intellectual property rights. Open source code incorporated herein may have other copyright holders and is used pursuant to the applicable open source license. The training materials are provided for individual use by participants in the form in which they are provided. They may not be copied, modiﬁed, distributed to non-participants or used to provide training to others without the prior written consent of The Linux Foundation. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without express prior written consent. Published by: the Linux Foundation http://www.linuxfoundation.org No representations or warranties are made with respect to the contents or use of this material, and any express or implied warranties of merchantability or ﬁtness for any particular purpose or speciﬁcally disclaimed. Although third-party application software packages may be referenced herein, this is for demonstration purposes only and shall not constitute an endorsement of any of these software applications. Linux is a registered trademark of Linus Torvalds. Other trademarks within this course material are the property of their respective owners. If there are any questions about proper and fair use of the material herein, please contact: training@linuxfoundation.org LFS258: V 2018-02-15 c Copyright the Linux Foundation 2018. All rights reserved.

Contents 1 Introduction 1.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Basics of Kubernetes 2.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Installation and Conﬁguration 3.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Kubernetes Architecture 4.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 APIs and Access 5.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 API Objects 6.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Managing State With Deployments 7.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Services 8.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Volumes and Data 9.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Ingress 10.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Scheduling 11.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Logging and Troubleshooting 12.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Custom Resource Deﬁnition 13.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Kubernetes Federation iii 1 1 3 3 5 5 17 17 27 27 33 33 37 37 45 45 51 51 67 67 69 69 77 77 81 81 85

iv CONTENTS 14.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Helm 15.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Security 16.1 Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 87 87 91 91 LFS258: V 2018-02-15 c Copyright the Linux Foundation 2018. All rights reserved.

List of Figures 3.1 External Access via Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 v

Chapter 1 Introduction 1.1 Labs Exercise 1.1: Conﬁguring the System for sudo It is very dangerous to run a root shell unless absolutely necessary: a single typo or other mistake can cause serious (even fatal) damage. Thus, the sensible procedure is to conﬁgure things such that single commands may be run with superuser privilege, by using the sudo mechanism. With sudo the user only needs to know their own password and never needs to know the root password. If you are using a distribution such as Ubuntu, you may not need to do this lab to get sudo conﬁgured properly for the course. However, you should still make sure you understand the procedure. To check if your system is already conﬁgured to let the user account you are using run sudo, just do a simple command like: $ sudo ls You should be prompted for your user password and then the command should execute. If instead, you get an error message you need to execute the following procedure. Launch a root shell by typing su and then giving the root password, not your user password. On all recent Linux distributions you should navigate to the /etc/sudoers.d subdirectory and create a ﬁle, usually with the name of the user to whom root wishes to grant sudo access. However, this convention is not actually necessary as sudo will scan all ﬁles in this directory as needed. The ﬁle can simply contain: student ALL=(ALL) ALL if the user is student. An older practice (which certainly still works) is to add such a line at the end of the ﬁle /etc/sudoers. It is best to do so using the visudo program, which is careful about making sure you use the right syntax in your edit. You probably also need to set proper permissions on the ﬁle by typing: $ chmod 440 /etc/sudoers.d/student 1

2 CHAPTER 1. INTRODUCTION (Note some Linux distributions may require 400 instead of 440 for the permissions.) After you have done these steps, exit the root shell by typing exit and then try to do sudo ls again. There are many other ways an administrator can conﬁgure sudo, including specifying only certain permissions for certain users, limiting searched paths etc. The /etc/sudoers ﬁle is very well self-documented. However, there is one more setting we highly recommend you do, even if your system already has sudo conﬁgured. Most distributions establish a different path for ﬁnding executables for normal users as compared to root users. In particular the directories /sbin and /usr/sbin are not searched, since sudo inherits the PATH of the user, not the full root user. Thus, in this course we would have to be constantly reminding you of the full path to many system administration utilities; any enhancement to security is probably not worth the extra typing and ﬁguring out which directories these programs are in. Consequently, we suggest you add the following line to the .bashrc ﬁle in your home directory: PATH=$PATH:/usr/sbin:/sbin If you log out and then log in again (you don’t have to reboot) this will be fully effective. LFS258: V 2018-02-15 c Copyright the Linux Foundation 2018. All rights reserved.

资料库

CKA考试官方培训文档（付费的那个版本）.pdf

相关推荐

云计算

热门标签

最新资料