–dry-run: By default as soon as the command is run, the resource will be created. If you simply want to test your command , use the –dry-run=client option. This will not create the resource, instead, tell you whether the resource can be created and if your command is right.

-o yaml: This will output the resource definition in YAML format on screen.

example:

kubectl run nginx –image=nginx –dry-run=client -o yaml kubectl create deployment –image=nginx nginx –dry-run=client -o yaml

kubectl scale deployment nginx –replicas=4 kubectl create deployment nginx –image=nginx –dry-run=client -o yaml > nginx-deployment.yaml

Create a Service named redis-service of type ClusterIP to expose pod redis on port 6379

kubectl expose pod redis –port=6379 –name redis-service –dry-run=client -o yaml

kubectl create service clusterip redis –tcp=6379:6379 –dry-run=client -o yaml (This will not use the pods labels as selectors, instead it will assume selectors as app=redis. You cannot pass in selectors as an option. So it does not work very well if your pod has a different label set. So generate the file and modify the selectors before creating the service)

kubectl expose pod nginx –type=NodePort –port=80 –name=nginx-service –dry-run=client -o yaml

Create a pod called httpd using the image httpd:alpine in the default namespace. Next, create a service of type ClusterIP by the same name (httpd). The target port for the service should be 80. kubectl run httpd –image=httpd:alpine –port=80 –expose

journalctl -fu kubelet

grep apiserver

There are normally three classes of error we will see here

Could not process manifest file

This is indicative of an error in the YAML of /etc/kubernetes/manifests/kube-apiserver.yaml. You should go directly to edit that file and correct the issue. Note that YAML parsers only report the first error they find. If you have more than one error - i.e. the apiserver doesn’t come up after fixing whatever you’ve found, then repeat this diagnostic process from the top.

Structure or argument error

The YAML has been parsed successfully, however you get some cryptic message about something or other. This means that although there’s no syntax issues, what you’ve put in the manifest does not correctly represent the spec for the API server pod, or an argument for something like a volume mount is an invalid path. You need to find and fix this in the manifest file. See also YAML - Dealing with errors.

CrashLoopBackOff

This means that the YAML was successfully parsed, the pod started and then exited with an error. To fix this, continue reading.

cd /var/log/pods && ls -ld apiserver

watch crictl ps

ls -l /etc/kubernetes/pki/*.crt

edit the config /etc/kubernetes/manifests/kube-apiserver.yaml

systemctl restart kubelet to trigger kube-apiserver

CKA FAQ Tips:

While testing the Network Namespaces, if you come across issues where you can’t ping one namespace from the other, make sure you set the NETMASK while setting IP Address. ie: 192.168.1.10/24

ip -n red addr add 192.168.1.10/24 dev veth-red

Another thing to check is FirewallD/IP Table rules. Either add rules to IP Tables to allow traffic from one namespace to another. Or disable IP Tables all together (Only in a learning environment).