Docs refactoring

docs/CKA/Labs/01.md

@@ -0,0 +1,4 @@
+# 01 - Fix a problem with kube-api
+
+You have problems with k8s cluster.
+Connect to controlPlane  **ssh  k8s1_controlPlane_1** and fix them.

docs/CKA/Labs/02.md

@@ -0,0 +1,7 @@
+# 02 - Create HPA based on the CPU load
+
+We have an enterprise application in namespace  **prod-jobs**.
+The application fetches tasks for processing from a queue (Kafka).
+We need to create **Horizontal Pod Autoscaling** based on **CPU** load.
+When the CPU load rises to **100%** we need to increase the number of pods to **6**.
+The **minimum** amount of pods should be **2**.

docs/CKA/Labs/03.md

@@ -0,0 +1,98 @@
+# 03 - Operations with Nginx ingress. Routing by header
+
+We use the **ingress nginx** controller.
+We have an application (deployment, service, ingress) in namespace  **meg**. You can check the app via command  `curl http://ckad.local:30102/app`
+
+You need create new deployment, service, ingress in namespace  **meg**
+
+- **deployment** : name `meg-app2`, env:  name: `SERVER_NAME` and value: `megApp2` , all other parameters copy from  `meg-app` deployment
+
+- **service**    : name `meg-app2`  -> deployment `meg-app2`
+
+- **ingress**    : name `meg-app2`  -> service `meg-app2`, route to the same address  `curl http://ckad.local:30102/app`  but with header `X-Appversion=v2`
+
+In case of any other header value or unset header, the request should go to the old service.
+
+check `    curl -H "X-Appversion: v2" http://ckad.local:30102/app    `
+
+```text
+Server Name: megApp2
+URL: http://ckad.local:30102/
+Client IP: 10.0.158.196
+Method: GET
+Protocol: HTTP/1.1
+Headers:
+X-Forwarded-For: 10.2.25.129
+X-Forwarded-Proto: http
+X-Scheme: http
+X-Request-Id: 78fa94a9ffcab9268864bf006fa67cfa
+X-Real-Ip: 10.2.25.129
+X-Forwarded-Host: ckad.local:30102
+X-Forwarded-Port: 80
+X-Forwarded-Scheme: http
+User-Agent: curl/7.68.0
+Accept: */*
+X-Appversion: v2
+```
+
+Check `    curl -H "X-Appversion: v3" http://ckad.local:30102/app    `
+
+```text
+Server Name: megApp
+URL: http://ckad.local:30102/
+Client IP: 10.0.158.196
+Method: GET
+Protocol: HTTP/1.1
+Headers:
+X-Forwarded-For: 10.2.25.129
+X-Request-Id: 139e579f92671116b1e12570e564f569
+X-Real-Ip: 10.2.25.129
+X-Forwarded-Scheme: http
+X-Scheme: http
+User-Agent: curl/7.68.0
+Accept: */*
+X-Appversion: v3
+X-Forwarded-Host: ckad.local:30102
+X-Forwarded-Port: 80
+X-Forwarded-Proto: http
+```
+
+check `    curl http://ckad.local:30102/app    `
+
+```sh
+Server Name: megApp
+URL: http://ckad.local:30102/
+Client IP: 10.0.158.196
+Method: GET
+Protocol: HTTP/1.1
+Headers:
+X-Request-Id: 119892e6edf24b4b794a025a9fb5c87e
+X-Real-Ip: 10.2.25.129
+X-Forwarded-For: 10.2.25.129
+X-Forwarded-Host: ckad.local:30102
+X-Forwarded-Port: 80
+X-Scheme: http
+Accept: */*
+X-Forwarded-Proto: http
+X-Forwarded-Scheme: http
+User-Agent: curl/7.68.0
+```
+
+check result via  tests
+
+```sh
+check_result
+```
+
+```sh
+ubuntu@worker:~> check_result
+ ✓ 0  Init
+ ✓ 1.1 Check routing by  header  X-Appversion =  v2
+ ✓ 1.2 Check routing by  header  X-Appversion =  v3
+ ✓ 1.3 Check routing without  header  X-Appversion
+
+4 tests, 0 failures
+ result = 100.00 %   ok_points=3  all_points=3
+time_left=327 minutes
+you  spend 32 minutes
+```

docs/CKA/Labs/04.md

@@ -0,0 +1,37 @@
+# 04 - Nginx ingress. Canary deployment
+
+## Routing 30% of requests to new version of app
+
+We use the **ingress nginx** controller.
+We have an  application (deployment, service , ingress) in namespace  **meg**. You can check the app via command  `curl http://ckad.local:30102/app`
+
+You need create new deployment, service, ingress  in namespace  **meg**
+
+- **deployment** : name `meg-app2` , env:  name: `SERVER_NAME` and  value: `megApp2` , all other parameters  copy from  `meg-app` deployment
+
+- **service**    : name `meg-app2`   -> deployment `meg-app2`
+
+- **ingress**    : name `meg-app2`   -> service `meg-app2`  , route 30% of requests to new version of app .
+
+In case of any other header value or unset header, the request should go to the old service.
+
+Run the command 10 times to test it `    curl  http://ckad.local:30102/app    `
+You are expected to see a response from **megApp2** of about **30%**.
+
+check result via  tests
+
+```sh
+check_result
+```
+
+```sh
+ubuntu@worker:~> check_result
+ ✓ 0  Init
+ ✓ 1.1 Check routing to version 2
+ ✓ 1.2 Check ingress v2 canary-weight
+
+3 tests, 0 failures
+ result = 100.00 %   ok_points=2  all_points=2
+time_left=333 minutes
+you  spend 26 minutes
+```

docs/CKA/Labs/05.md

@@ -0,0 +1,12 @@
+# 05 - PriorityClass
+
+You have a DaemonSet with a specialized monitoring system.
+The problem is that under this system is superseded by other pods and you lose the data of the monitoring system.
+
+You must create a PriorityClass and apply it to the DaemonSet monitoring system in NS `monitoring`
+
+|        **1**        | Create a PriorityClass and apply it to the DaemonSet                                                                                                                                                             |
+| :-----------------: | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+|     Task weight     | 3%                                                                                                                                                                                                               |
+|       Cluster       | cluster1 (`kubectl config use-context cluster1-admin@cluster1`)                                                                                                                                                  |
+| Acceptance criteria | - PriorityClass name `monitoring` with value `1000000000`  <br/> - DaemonSet `monitoring-system` in  `monitoring` NS has PriorityClass `monitoring`   <br/> -  all pods in `monitoring` NS have status `Running` |

docs/CKA/Labs/Solutions/01.md

@@ -0,0 +1,192 @@
+# 01
+<div style={{ position: 'relative', paddingBottom: '56.25%', height: '0', overflow: 'hidden', maxWidth: '100%', height: 'auto' }}>
+  <iframe src="https://www.youtube.com/embed/OFHiI_XAXNU" title="YouTube video player" frameborder="0" style={{ position: 'absolute', top: '0', left: '0', width: '100%', height: '100%' }} allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; fullscreen" allowfullscreen></iframe>
+</div>
+
+```sh
+ssh k8s1_controlPlane_1
+```
+
+```sh
+sudo su
+```
+
+```sh
+service kubelet status
+
+● kubelet.service - kubelet: The Kubernetes Node Agent
+     Loaded: loaded (/lib/systemd/system/kubelet.service; disabled; vendor preset: enabled)
+    Drop-In: /usr/lib/systemd/system/kubelet.service.d
+             └─10-kubeadm.conf
+     Active: inactive (dead)
+       Docs: https://kubernetes.io/docs/
+
+Feb 03 18:20:40 ip-10-2-4-149 kubelet[5330]: W0203 18:20:40.973916    5330 reflector.go:539] vendor/k8s.io/client-go/informers/factory.go:159: failed to list *v1.Node: Get "htt>
+Feb 03 18:20:40 ip-10-2-4-149 kubelet[5330]: E0203 18:20:40.973966    5330 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:159: Failed to watch *v1.Node: failed >
+Feb 03 18:20:41 ip-10-2-4-149 kubelet[5330]: E0203 18:20:41.373569    5330 eviction_manager.go:282] "Eviction manager: failed to get summary stats" err="failed to get node info>
+Feb 03 18:20:41 ip-10-2-4-149 kubelet[5330]: W0203 18:20:41.466839    5330 reflector.go:539] vendor/k8s.io/client-go/informers/factory.go:159: failed to list *v1.RuntimeClass: >
+Feb 03 18:20:41 ip-10-2-4-149 kubelet[5330]: E0203 18:20:41.466881    5330 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:159: Failed to watch *v1.RuntimeClass:>
+Feb 03 18:20:41 ip-10-2-4-149 kubelet[5330]: E0203 18:20:41.613869    5330 event.go:355] "Unable to write event (may retry after sleeping)" err="Post \"https://10.2.4.149:6443/>
+Feb 03 18:20:42 ip-10-2-4-149 kubelet[5330]: I0203 18:20:42.243248    5330 dynamic_cafile_content.go:171] "Shutting down controller" name="client-ca-bundle::/etc/kubernetes/pki>
+Feb 03 18:20:42 ip-10-2-4-149 systemd[1]: Stopping kubelet: The Kubernetes Node Agent...
+Feb 03 18:20:42 ip-10-2-4-149 systemd[1]: kubelet.service: Succeeded.
+Feb 03 18:20:42 ip-10-2-4-149 systemd[1]: Stopped kubelet: The Kubernetes Node Agent.
+```
+
+```sh
+status is **inactive (dead)**
+
+start kubelet
+```
+
+```sh
+systemctl enable  kubelet
+systemctl start  kubelet
+systemctl status kubelet
+```
+
+```
+● kubelet.service - kubelet: The Kubernetes Node Agent
+     Loaded: loaded (/lib/systemd/system/kubelet.service; enabled; vendor preset: enabled)
+    Drop-In: /usr/lib/systemd/system/kubelet.service.d
+             └─10-kubeadm.conf
+     Active: active (running) since Sat 2024-02-03 18:41:35 UTC; 1s ago
+       Docs: https://kubernetes.io/docs/
+   Main PID: 5761 (kubelet)
+      Tasks: 11 (limit: 4597)
+     Memory: 25.3M
+     CGroup: /system.slice/kubelet.service
+             └─5761 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var
+```
+
+now status is **active (running)**
+check  connection to k8s
+
+```sh
+# k get ns
+
+E0203 18:48:25.894982    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+E0203 18:48:25.895314    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+E0203 18:48:25.896459    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+E0203 18:48:25.896778    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+E0203 18:48:25.898099    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+The connection to the server 10.2.4.149:6443 was refused - did you specify the right host or port?
+```
+
+kube api don't work .
+
+check kube-api  container
+
+```sh
+# crictl  | grep api
+```
+
+kube-api is a static pod with starts by kubelet from manifest **/etc/kubernetes/manifests/kube-apiserver.yaml**
+
+check kubelet logs
+
+```sh
+journalctl -u kubelet  | grep 'kube-apiserver'
+
+Feb 03 18:20:31 ip-10-2-4-149 kubelet[4732]: E0203 18:20:31.063086    4732 file.go:108] "Unable to process watch event" err="can't process config file \"/etc/kubernetes/manifests/kube-apiserver.yaml\": /etc/kubernetes/manifests/kube-apiserver.yaml: couldn't parse as pod(no kind \"PoD\" is registered for version \"v1\" in scheme \"pkg/api/legacyscheme/scheme.go:30\"), please check config file"
+```
+
+error `pod(no kind \"PoD\"`
+
+replace **PoD** to Pod  in `/etc/kubernetes/manifests/kube-apiserver.yaml`  and restart kubelet .
+
+```sh
+service kubelet restart
+```
+
+check  connection to k8s
+
+```sh
+#  k get ns
+
+E0203 18:48:25.894982    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+E0203 18:48:25.895314    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+E0203 18:48:25.896459    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+E0203 18:48:25.896778    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+E0203 18:48:25.898099    5900 memcache.go:265] couldn't get current server API group list: Get "https://10.2.4.149:6443/api?timeout=32s": dial tcp 10.2.4.149:6443: connect: connection refused
+The connection to the server 10.2.4.149:6443 was refused - did you specify the right host or port?
+```
+
+check kubelet logs
+
+```sh
+journalctl -u kubelet  | grep 'kube-apiserver'
+```
+
+```log
+Feb 03 19:11:55 ip-10-2-4-149 kubelet[6661]: E0203 19:11:55.449778    6661 pod_workers.go:1298] "Error syncing pod, skipping" err="failed to \"StartContainer\" for \"kube-apiserver\" with CrashLoopBackOff: \"back-off 10s restarting failed container=kube-apiserver pod=kube-apiserver-ip-10-2-4-149_kube-system(b1982a51593e867c8f49a556991190ef)\"" pod="kube-system/kube-apiserver-ip-10-2-4-149" podUID="b1982a51593e867c8f49a556991190ef"
+```
+
+don't work it .
+
+check container logs
+
+```sh
+rm -rf /var/log/containers/*
+service kubelet restart
+ls /var/log/containers/
+```
+
+```sh
+kube-apiserver-ip-10-2-4-149_kube-system_kube-apiserver-a686706a02ecb891bd5f38eb467a231eb3ec82fc3043fca9ae292a8f4248d09a.log
+```
+
+```sh
+# cat  /var/log/containers/kube-apiserver-ip-10-2-4-149_kube-system_kube-apiserver-80029fa2ce0099c1537c155f9f9e05ad9f95bfd7b98a10fb9ab1f7afe0ad3a91.log
+
+2024-02-03T19:15:16.153152153Z stderr F Error: unknown flag: --new-option2
+```
+
+Error: unknown flag:**--new-option2**
+
+```sh
+vim /etc/kubernetes/manifests/kube-apiserver.yaml
+
+# delete line with `--new-option2`
+and restart kubelet
+```
+
+```sh
+service kubelet restart
+```
+
+check connection to kube-api
+
+```sh
+k get ns
+```
+
+```txt
+NAME              STATUS   AGE
+default           Active   60m
+kube-node-lease   Active   60m
+kube-public       Active   60m
+kube-system       Active   60m
+```
+
+exit to work pc
+```sh
+exit
+exit
+```
+
+check connection from work pc
+
+```sh
+k get ns
+```
+
+```txt
+NAME              STATUS   AGE
+default           Active   60m
+kube-node-lease   Active   60m
+kube-public       Active   60m
+kube-system       Active   60m
+```
+
+It is done .