CKA Tips

* Network Policy:

- If we put podSelector: {} then it means all pods

- if we do not mention about podSelector at all, then it means none of the pod.

* We can set env, sa, image, selector, and resources (Requests and Limit) with kubectl set command

* We can set subject (user | sa | group) for rolebinding | clusterrolebinding

* now (k8s 1.18) kubectl run is only for pod. Not for deployment and job

* We cannot create pv, pvc , .... cannot be with kubectl create

* With 'kubectl expose' command we cannot specify nodePort value. With kubectl create service we can.

* with 'kubectl create deploy' we can specify replica. Not containerPort

* kubectl auth can-i VERB_ACTION RESOURCE_OBJECT --as USER --namespace NS

* kubectl explain K8s_OBJECT is useful. kubectl explain K8s_OBJECT --recursive is more useful

* kubectl api-resources is useful to know short form

* grep -A N , grep -B N, grep -C N: Here N is number of line. A means after, B is before

* to run on specific node : nodeName

* mount secret : secretName ; mount configMap : name at Volumes section

* securityContext.capabilities is only for container, not for pod

* useful command: kubectl config set-context --current --namespace=default

* verify taint with kubectl describe node | grep -i Taint

* If we edit replicaset, it impacts when new pod is created.

* If replicaset is part of deployment and if we delete replicaset, it will be recreate with same name.

* If pod is part of replicaset and if we delete pod, it will be created with different name.

* Replicaset has name. Pod has genearateName

Life is an exercise to express the InExpressible.