77 lines
3.1 KiB
Markdown
77 lines
3.1 KiB
Markdown
# MicroK8s Cheatsheet
|
|
|
|
MicroK8s is a lightweight, single-package Kubernetes distribution developed by Canonical for development, IoT, and edge computing. It runs on Linux and is easy to install via snap.
|
|
|
|
## Installation
|
|
- Install MicroK8s: `sudo snap install microk8s --classic`
|
|
- Add user to group: `sudo usermod -a -G microk8s $USER` (then relogin)
|
|
- Alias kubectl: `alias kubectl='microk8s kubectl'`
|
|
- Verify: `microk8s status`
|
|
|
|
## Basic Operations
|
|
- Start MicroK8s: `microk8s start`
|
|
- Stop MicroK8s: `microk8s stop`
|
|
- Check status: `microk8s status --wait-ready`
|
|
- Reset cluster: `microk8s reset` (caution: deletes all data)
|
|
|
|
## Add-ons
|
|
- List available add-ons: `microk8s status`
|
|
- Enable add-on: `microk8s enable <add-on>` (e.g., `dns`, `dashboard`, `registry`, `istio`, `storage`)
|
|
- Disable add-on: `microk8s disable <add-on>`
|
|
- Common add-ons: dns (required for pods), dashboard (Kubernetes Dashboard), helm3, ingress, metrics-server
|
|
|
|
## Kubectl Commands
|
|
- Use `microk8s kubectl` for all kubectl commands
|
|
- Get nodes: `microk8s kubectl get nodes`
|
|
- Get pods: `microk8s kubectl get pods -A`
|
|
- Describe pod: `microk8s kubectl describe pod <pod-name> -n <namespace>`
|
|
- Logs: `microk8s kubectl logs <pod-name> -n <namespace>`
|
|
- Exec: `microk8s kubectl exec -it <pod-name> -n <namespace> -- /bin/bash`
|
|
- Apply YAML: `microk8s kubectl apply -f <file.yaml>`
|
|
- Delete: `microk8s kubectl delete -f <file.yaml>`
|
|
|
|
## Clustering
|
|
- Generate join token on master: `microk8s add-node`
|
|
- Join from worker: `microk8s join <master-ip>:<port>/<token>`
|
|
- Remove node: `microk8s remove-node <node-name>`
|
|
- Leave cluster: `microk8s leave` (on worker)
|
|
|
|
## Dashboard Access
|
|
- Enable dashboard: `microk8s enable dashboard`
|
|
- Get token: `microk8s kubectl -n kube-system describe secret $(microk8s kubectl -n kube-system get secret | grep default-token | cut -d " " -f1)`
|
|
- Proxy: `microk8s dashboard-proxy` (access at https://127.0.0.1:10443)
|
|
|
|
## Helm
|
|
- Enable Helm: `microk8s enable helm3`
|
|
- Alias: `alias helm='microk8s helm3'`
|
|
- Install chart: `microk8s helm3 install <name> <chart>`
|
|
|
|
## Networking and Ingress
|
|
- Enable ingress: `microk8s enable ingress`
|
|
- Create ingress resource for services
|
|
|
|
## Storage
|
|
- Enable storage: `microk8s enable storage` (provides hostpath storage class)
|
|
|
|
## Troubleshooting
|
|
- Inspect: `microk8s inspect`
|
|
- Refresh certs: `microk8s refresh-certs`
|
|
- Debug pod issues: Check logs and describe
|
|
|
|
## Security Best Practices
|
|
- Run with least privilege: Use snap's confinement.
|
|
- Enable RBAC if not default.
|
|
- Secure add-ons: Use HTTPS for dashboard, authenticate properly.
|
|
- Scan images: Integrate with tools like Trivy for vulnerability scanning.
|
|
- Network policies: Use Kubernetes network policies for isolation.
|
|
- Secrets management: Use Kubernetes secrets, avoid plaintext.
|
|
|
|
## Advanced
|
|
- High availability: `microk8s enable ha-cluster`
|
|
- Upgrade: `sudo snap refresh microk8s --classic`
|
|
- Switch channel: `sudo snap switch microk8s --channel=1.28/stable`
|
|
- Export config: `microk8s kubectl config view --raw > kubeconfig.yaml`
|
|
|
|
For more details, refer to official docs: https://microk8s.io/docs
|
|
|
|
This cheatsheet is compiled from official MicroK8s documentation and community sources. |